CISCO Documentation CISCO Documentation

 

 

 CD ROM Annuaire d'Entreprises France prospect (avec ou sans emails) : REMISE DE 10 % Avec le code réduction AUDEN872

10% de réduction sur vos envois d'emailing --> CLIQUEZ ICI

Retour à l'accueil, cliquez ici

Documentation CISCO

http://www.cisco.com/cisco/web/psa/default.html

Guide d'utilisation de Cisco IP Communicator Ver sion 7.0 Juin 200

http://www.cisco.com/en/US/docs/voice_ip_comm/cipc/7_0/localization/ipcugfra.pdf Command Reference, Cisco ACE Application Control Engine For the Cisco ACE Application Control Engine Module and Cisco ACE 4700 Series Application Control Engine Appliance Software Version A5(1.0) September 201

http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA5_1_0/command/reference/ACE_cr.pdf

Cisco Aironet Antennas and Accessorie

http://www.cisco.com/en/US/prod/collateral/wireless/ps7183/ps469/product_data_sheet09186a008008883b.pdf Cisco SAFE Reference Guide Cisco Validated Design Revised: July 8, 2010, OL-19523-0 17 Mo

http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/SAFE_RG/SAFE_rg.pdf Cisco IOS Quick Reference Guide for IBN

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6638/whitepaper_c27-574041.pdf Medianet Reference Guide Last Updated: October 26, 2010 6 Mo

http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/Medianet_Ref_Gd/medianet_DG.pdf Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2

http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/cli_ref/7_1_2/cli_ref_712.pdf Common Phone Task

http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7962g_7961g_7961g-ge_7942g_7941g_7941g-ge/8_5/english/quick_reference/7962qrcrd85.pdf Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 November 2009 51 Mo

http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.8.2/error/messages/em382sems.pdf

http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.8.2/error/messages/em382sems.pdf Siège social en Amérique Cisco Systems 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tél : 408 526-4000 800 553-NETS (6387) Fax : 408 527-0883 Guide d'utilisation de Cisco IP Communicator Ver sion 7.0 Juin 2009 Référence texte : OL-19177-01LES SPÉCIFICATIONS ET INFORMATIONS RELATIVES AUX PRODUITS PRÉSENTÉS DANS CE MANUEL SONT SUSCEPTIBLES DE MODIFICATIONS SANS PRÉAVIS. TOUTES LES DÉCLARATIONS, INFORMATIONS ET RECOMMANDATIONS FOURNIES DANS CE MANUEL SONT EXACTES À NOTRE CONNAISSANCE MAIS SONT PRÉSENTÉES SANS GARANTIE D'AUCUNE SORTE, EXPRESSE OU IMPLICITE. LES UTILISATEURS ASSUMENT L'ENTIÈRE RESPONSABILITÉ DE L'APPLICATION DE TOUT PRODUIT. LA LICENCE DE LOGICIEL ET LA GARANTIE LIMITÉE DU PRODUIT CI-JOINT SONT DÉFINIES DANS LES INFORMATIONS FOURNIES AVEC LE PRODUIT ET SONT INTÉGRÉES AUX PRÉSENTES PAR CETTE RÉFÉRENCE. SI VOUS NE TROUVEZ PAS LA LICENCE DE LOGICIEL OU LA GARANTIE LIMITÉE, CONTACTEZ VOTRE REPRÉSENTANT CISCO POUR EN AVOIR UNE COPIE. L'implémentation par Cisco de la compression d'en-tête TCP est une adaptation d'un programme développé par l'Université de Californie, Berkeley (UCB) dans le cadre de la version du système d'exploitation UNIX diffusée dans le domaine public par UCB. Tous droits réservés. Copyright © 1981, Regents of the University of California. PAR DÉROGATION À TOUTE AUTRE GARANTIE DÉFINIE ICI, TOUS LES FICHIERS DE DOCUMENTATION ET LOGICIELS DE CES FOURNISSEURS SONT FOURNIS «EN L'ÉTAT» AVEC TOUS LEURS DÉFAUTS. CISCO ET LES FOURNISSEURS SUS-MENTIONNÉS EXCLUENT TOUTES GARANTIES, EXPRESSES OU IMPLICITES Y COMPRIS DE MANIÈRE NON LIMITATIVE LES GARANTIES DE QUALITÉ MARCHANDE, D'ADÉQUATION À UN USAGE PARTICULIER ET DE NON-INFRACTION OU DES GARANTIES ÉMANANT D'UNE CONDUITE, D'UN USAGE OU D'UNE PRATIQUE COMMERCIALE. EN AUCUN CAS, CISCO OU SES FOURNISSEURS NE POURRONT ÊTRE TENUS RESPONSABLES DE TOUT DOMMAGE INDIRECT, PARTICULIER, CONSÉCUTIF OU ACCIDENTEL Y COMPRIS DE MANIÈRE NON LIMITATIVE LE MANQUE A GAGNER, LA PERTE OU LA DÉTÉRIORATION DE DONNÉES RÉSULTANT DE L'UTILISATION OU DE L'IMPOSSIBILITÉ D'UTILISER CE MANUEL, MÊME SI CISCO OU SES FOURNISSEURS ONT ÉTÉ AVERTIS DE L'ÉVENTUALITÉ DE TELS DOMMAGES. CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, le logo Cisco, DCE et Welcome to the Human Network sont des marques de commerce ; Changing the Way We Work, Live, Play, and Learn et Cisco Store sont des marques de service ; et Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, le logo Cisco Certified Internetwork Expert, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, le logo Cisco Systems, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, le logo IronPort, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx et le logo WebEx sont des marques déposées de Cisco Systems, Inc. et/ou de ses société affiliées aux États-Unis et dans certains autres pays. Toutes les autres marques mentionnées dans ce document ou sur le site Web sont la propriété de leurs détenteurs respectifs. L'utilisation du mot « partenaire » n'implique nullement une relation de partenariat entre Cisco et toute autre entreprise. (0809R) Les adresse IP (Internet Protocol) utilisées dans ce document sont fictives. Tous les exemples, tous les écrans de commandes et toutes les figures que contient ce document sont fournis uniquement à titre d'illustration. L'utilisation d'une adresse IP réelle dans un exemple serait fortuite et involontaire. Guide d'utilisation de Cisco IP Communicator version 7.0 © 2009 Cisco Systems, Inc. Tous droits réservés. iii Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 TABLE D E S M A T I È R E S C H A P I T R E 1 Mise en route de Cisco IP Communicator 1-1 Généralités sur la sécurité des produits Cisco 1-2 Liste de contrôle pour la mise en route 1-2 Installation de périphériques audio avant le lancement initial 1-3 Installation de Cisco IP Communicator sur votre ordinateur 1-4 Lancement de Cisco IP Communicator 1-5 Utilisation de l'Assistant de réglage audio 1-6 Configuration et enregistrement Cisco IP Communicator 1-9 Test de Cisco IP Communicator 1-10 C H A P I T R E 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator 2-1 Fonctionnalités de Cisco IP Communicator 2-1 À propos de l'interface de Cisco IP Communicator 2-4 Boutons et autres composants 2-4 Fonctions de l'écran du téléphone 2-8 Navigation dans l'interface 2-10 À l'aide des raccourcis clavier 2-10 À l'aide du menu 2-11 Utilisation des boutons de contrôle de la fenêtre 2-13 Utilisation de la notification d'appel entrant 2-14 Choix des éléments apparaissant sur l'écran du téléphone 2-14 Utilisation des menus de fonctions 2-15Sommaire iv Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Saisie et modification d'un texte 2-16 Combiné décroché et raccroché 2-16 États et icônes d'appel et de ligne 2-17 Accès à l'aide en ligne 2-19 Fonctionnement et disponibilité des fonctions 2-20 C H A P I T R E 3 Traitement des appels avec Cisco IP Communicator 3-1 Comment traiter les appels simples 3-1 Passer un appel 3-3 Établissement d'un appel vidéo 3-8 Réponse à un appel 3-9 Fin d'un appel 3-11 Utilisation des fonctions Attente et Reprise 3-12 Utilisation de la fonction Secret 3-13 Transfert d'un appel connecté 3-14 Sélection des appels 3-15 Passage d'un appel à l'autre 3-15 Transfert d'un appel en cours vers un autre téléphone 3-17 Renvoi de vos appels vers un autre numéro 3-17 Utilisation de la fonction Ne pas déranger 3-19 Établissement de conférences téléphoniques 3-21 Utilisation de la fonction Conférence. 3-21 Utilisation de la fonction Joindre (uniquement sur les téléphones SCCP) 3-22 Utilisation de la fonction InsConf 3-23 Utilisation de la fonction Meet-Me 3-23 Affichage ou exclusion des participants à une conférence 3-24 Traitement des fonctions d'appel avancées 3-25 Utilisation de la fonction de mobilité de poste de Cisco 3-26 Traitement des appels professionnels à l'aide d'un seul numéro de téléphone 3-27v Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Sommaire Stockage et récupération des appels parqués 3-29 Déconnexion de groupes de recherche 3-29 Emission et réception d'appels sécurisés 3-30 Suivi des appels suspects 3-31 Donner la priorité aux appels critiques 3-32 Redirection d'un appel entrant vers Cisco IP Communicator 3-33 Rappel d'une ligne occupée dès qu'elle devient disponible 3-34 Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne 3-34 Utilisation de lignes partagées 3-35 Établissement ou prise d'appels intercom 3-38 C H A P I T R E 4 Personnalisation des paramètres sur Cisco IP Communicator 4-1 Accès aux paramètres 4-1 Réglage du volume d'un appel 4-2 Personnalisation des sonneries et des indicateurs de message 4-3 Personnalisation de l'écran du téléphone 4-4 Affichage et personnalisation des préférences 4-5 Paramètres utilisateur 4-5 Paramètres réseau 4-7 Paramètres audio 4-8 Affectation de modes audio 4-9 Paramètres audio du réseau 4-13 Paramètres audio avancés 4-13 Paramètres de répertoire 4-15Sommaire vi Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 C H A P I T R E 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator 5-1 Obtention de périphériques audio 5-1 Utilisation d'un casque 5-2 Utilisation de votre ordinateur comme poste téléphonique à haut-parleur 5-4 Utilisation d'un combiné USB 5-5 Suppression et réinstallation de périphériques audio 5-6 C H A P I T R E 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Cisco IP Communicator 6-1 Accès aux messages vocaux 6-1 Utilisation des journaux d'appels 6-3 Composition à partir d'un répertoire 6-5 Utilisation du répertoire d’entreprise 6-6 Utilisation du répertoire personnel 6-7 Utilisation de la fonction Recherche rapide 6-10 Saisie d'informations de mot de passe pour la fonction Recherche rapide 6-11 C H A P I T R E 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM 7-1 Connexion aux pages Web Options utilisateur Cisco Unified CM 7-2 Utilisation de votre Carnet d'adresses personnel 7-3 Configuration de numéros abrégés 7-4 Configuration de la numérotation abrégée 7-5 Configuration de services téléphoniques 7-7 Contrôle des paramètres utilisateur 7-9 Contrôle des paramètres de ligne 7-10 Configuration de téléphones et de listes d'accès pour la connexion mobile 7-12 Utilisation de Cisco WebDialer 7-15vii Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Sommaire C H A P I T R E 8 Dépannage Cisco IP Communicator 8-1 Problèmes d'ordre général 8-1 Problèmes de qualité vocale 8-5 Utilisation de l'outil de génération de rapports sur la qualité pour résoudre les problèmes de performance 8-10 Activation de journaux détaillés 8-11 Capture d'informations sur les problèmes 8-11Sommaire viii Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01C H A P I T R E 1-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 1 Mise en route de Cisco IP Communicator Cisco IP Communicator est une application bureautique qui fournit à votre ordinateur toutes les fonctions d'un téléphone IP Cisco Unified permettant de passer, de prendre et de traiter des appels. Si vous installez Cisco IP Communicator sur un ordinateur portable, vous pouvez utiliser Cisco IP Communicator (ainsi que tous vos paramètres et services téléphoniques) où que vous soyez à condition de disposer d'une connexion au réseau de votre entreprise. Si, par exemple, vous êtes en déplacement professionnel, Cisco IP Communicator vous permet de recevoir des appels ou de consulter vos messages vocaux lorsque vous êtes en ligne. Si vous travaillez à domicile, vos collègues peuvent vous contacter en composant votre numéro de téléphone professionnel. Cisco IP Communicator fonctionne avec Cisco Unified Video Advantage, une autre application bureautique, pour améliorer vos communications grâce à la vidéo. Par exemple, si vous passez un appel par le biais de Cisco IP Communicator et, la vidéo disponible sera automatiquement affichée par le biais de Cisco Unified Video Advantage. • Généralités sur la sécurité des produits Cisco, page 1-2 • Liste de contrôle pour la mise en route, page 1-2 • Installation de périphériques audio avant le lancement initial, page 1-3 • Installation de Cisco IP Communicator sur votre ordinateur, page 1-4 • Lancement de Cisco IP Communicator, page 1-5 • Utilisation de l'Assistant de réglage audio, page 1-6 • Configuration et enregistrement Cisco IP Communicator, page 1-9 • Test de Cisco IP Communicator, page 1-10Chapitre 1 Mise en route de Cisco IP Communicator Généralités sur la sécurité des produits Cisco 1-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Généralités sur la sécurité des produits Cisco Ce produit contient des fonctions cryptographiques et est soumis aux lois des États-Unis et d'autres pays, qui en régissent l'importation, l'exportation, le transfert et l'utilisation. La fourniture de produits cryptographiques Cisco n'implique pas le droit d'un tiers à importer, exporter, distribuer ou utiliser le cryptage. Les importateurs, exportateurs, distributeurs et utilisateurs ont la responsabilité de respecter les lois américaines et celles d'autres pays. En utilisant ce produit, vous vous engagez à respecter les lois et réglementations applicables. Si vous n'êtes pas en mesure de respecter les lois américaines et celles d'autres pays, renvoyez-nous ce produit immédiatement. Vous trouverez un récapitulatif des lois américaines régissant les produits cryptographiques Cisco à l'adresse suivante : http://www.cisco.com/wwl/export/crypto/tool/stqrg.html. Si vous avez besoin d'aide supplémentaire, envoyez-nous un e-mail à l'adresse export@cisco.com. Liste de contrôle pour la mise en route Référez-vous à cette liste de contrôle pour configurer Cisco IP Communicator sur votre bureau afin de pouvoir passer des appels. Tâche de démarrage rapide Pour plus d'informations, consultez... 1. Installer les cartes son ou les périphériques audio USB que vous souhaitez utiliser, notamment un combiné ou un casque USB. Installation de périphériques audio avant le lancement initial, page 1-3 2. Installer l'application Cisco IP Communicator. Installation de Cisco IP Communicator sur votre ordinateur, page 1-4 3. Lancer Cisco IP Communicator. Lancement de Cisco IP Communicator, page 1-5 4. Utiliser l'Assistant de réglage audio pour sélectionner des modes audio et régler les périphériques audio. • Utilisation de l'Assistant de réglage audio, page 1-6 • Affectation de modes audio, page 4-9 5. Réaliser les étapes de configuration réseau ou d'enregistrement définies par votre administrateur système. Configuration et enregistrement Cisco IP Communicator, page 1-9 6. Passer des appels de test. Test de Cisco IP Communicator, page 1-101-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 1 Mise en route de Cisco IP Communicator Installation de périphériques audio avant le lancement initial Installation de périphériques audio avant le lancement initial Avant d'installer et de lancer Cisco IP Communicator pour la première fois, vous devez installer et configurer tous les périphériques audio (cartes son, combinés USB ou casques USB) qui nécessitent des pilotes. Pour une expérience audio optimale, nous vous recommandons d'utiliser un combiné ou un casque USB certifié. Vous pouvez utiliser plusieurs périphériques audio avec Cisco IP Communicator comme indiqué dans le tableau suivant. Pour obtenir la liste des marques de périphériques audio que vous pouvez utiliser avec Cisco IP Communicator, consultez votre administrateur système. Périphérique audio Description Remarques Périphériques USB : • un combiné USB ; • un casque USB. Les périphériques USB nécessitent un pilote et sont dotés de fiches rectangulaires. Suivez les instructions du fabricant du périphérique pour installer des périphériques USB. Le cas échéant, suivez les étapes de l'Assistant Nouveau matériel détecté de Microsoft Windows. Périphériques analogiques externes : • casque analogique • haut-parleurs ou microphones externes Les périphériques audio analogiques ne nécessitent pas de logiciels. Ils fonctionnent comme des extensions de la carte son de l'ordinateur. Branchez les périphériques analogiques aux prises jacks audio de l'ordinateur. Cisco IP Communicator reconnaît les périphériques analogiques comme des extensions de la carte son. Pour afficher ou modifier les paramètres des périphériques analogiques, sélectionnez la carte son. Périphériques audio internes : • microphone intégré • haut-parleurs intégrés Ces périphériques audio sont des composants internes de l'ordinateur et fonctionnent avec la carte son de celui-ci. Il est toujours possible de sélectionner ou d'utiliser les périphériques audio internes.Chapitre 1 Mise en route de Cisco IP Communicator Installation de Cisco IP Communicator sur votre ordinateur 1-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Remarque Si vous installez ou insérez un périphérique audio qui nécessite un pilote de périphérique (un combiné USB, un casque USB ou une carte son) après le lancement de Cisco IP Communicator, l'application ne reconnaîtra pas le périphérique tant que vous n'aurez pas redémarré Cisco IP Communicator. L'Assistant de réglage audio est alors automatiquement lancé afin que vous puissiez régler le périphérique. Rubriques connexes • Installation de Cisco IP Communicator sur votre ordinateur, page 1-4 • Utilisation d'un casque, page 5-2 • Suppression et réinstallation de périphériques audio, page 5-6 Installation de Cisco IP Communicator sur votre ordinateur Avant de commencer • Si vous utilisez un ordinateur portable, vérifiez que vous n'êtes pas connecté à une station d'accueil lorsque vous lancez Cisco IP Communicator pour la première fois après l'installation. La station d'accueil peut interférer avec la capacité de Cisco IP Communicator à localiser la carte réseau de l'ordinateur. • Si Cisco Unified Personal Communicator est en cours d'exécution, quittez-le avant de démarrer Cisco IP Communicator. • Si vous installez Cisco IP Communicator sur un ordinateur tournant sous Microsoft Vista, le message de sécurité Windows ne peut pas vérifier l'éditeur de ce pilote risque de s'afficher. Cliquez sur Installer ce pilote quand même pour poursuivre l'installation.1-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 1 Mise en route de Cisco IP Communicator Lancement de Cisco IP Communicator Procédure Étape 1 Effectuez un double clic sur le fichier exécutable (CiscoIPcommunicatorSetup.exe) pour l'ouvrir, ou cliquez sur le lien d'installation que vous a fourni votre administrateur système. Étape 2 Cliquez sur Suivant pour lancer l'Assistant InstallShield. Étape 3 Lisez attentivement l'accord de licence, puis cliquez sur J'accepte et sur Suivant. Étape 4 Sélectionnez le dossier cible par défaut de l'application ou parcourez la liste pour en sélectionner un autre. Étape 5 Cliquez sur Installer dans la fenêtre Prêt à installer. L'installation peut durer plusieurs minutes. Étape 6 Cliquez sur Lancer le programme puis sur Terminer pour lancer Cisco IP Communicator. Dans certains cas, vous serez invité à redémarrer l'ordinateur à ce stade et la case à cocher Lancer le programme ne sera pas affichée. Rubriques connexes • Lancement de Cisco IP Communicator, page 1-5 Lancement de Cisco IP Communicator Remarque Si vous utilisez un ordinateur portable, vérifiez que vous n'êtes pas connecté à une station d'accueil lors du premier lancement de Cisco IP Communicator après l'installation. Si Cisco Unified Personal Communicator est en cours d'exécution, quittez-le avant de démarrer Cisco IP Communicator. Si vous avez activé la case à cocher Lancer le programme lors de l'étape d'installation finale, Cisco IP Communicator est automatiquement lancé. Pour lancer le programme manuellement, choisissez Démarrer > Programmes > Cisco IP Communicator, ou double cliquez sur le raccourci de bureau Cisco IP Communicator.Chapitre 1 Mise en route de Cisco IP Communicator Utilisation de l'Assistant de réglage audio 1-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 La première fois que vous lancez Cisco IP Communicator : • Le message de sécurité Windows ne peut pas vérifier l'éditeur de ce pilote risque de s'afficher si vous installez Cisco IP Communicator sur un ordinateur tournant sous Microsoft Vista. Cliquez sur Installer ce pilote quand même pour poursuivre l'installation. • L'Assistant de réglage audio s'ouvre. Votre périphérique audio doit être disponible pour le réglage. Lors des lancements suivants, vous pourrez être invité à l'utiliser pour rétablir des paramètres de volume précédents. • Des invites de LocaleDownloader peuvent s'afficher. En règle générale, il est conseillé d'accepter ces invites dès que possible afin de disposer en permanence de la dernière version du produit sur l'ordinateur. Toutefois, si vous utilisez Cisco IP Communicator avec une connexion à distance, vous pouvez choisir de retarder l'exécution de LocaleDownloader jusqu'à ce que vous soyez connecté localement. Si vous travaillez à domicile, par exemple, vous pouvez attendre d'être revenu au bureau. Les sessions LocaleDownloader risquent de durer plus longtemps sur une connexion à distance. Rubriques connexes • Utilisation de l'Assistant de réglage audio, page 1-6 Utilisation de l'Assistant de réglage audio L'Assistant de réglage audio vous guide lors de la sélection et du réglage des périphériques audio installés. • La sélection d'un périphérique audio consiste à associer celui-ci à un ou plusieurs modes audio et/ou à la sonnerie. • Le réglage consiste à tester et, le cas échéant, à modifier le volume du haut-parleur et du microphone pour chaque périphérique sélectionné. L'Assistant de réglage audio apparaît automatiquement lors du premier lancement de Cisco IP Communicator après l'installation. Vous pouvez y accéder manuellement à partir du menu lors des lancements suivants. Le tableau suivant fournit des informations complémentaires sur l'Assistant de réglage audio et d'autres options de paramétrage audio.1-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 1 Mise en route de Cisco IP Communicator Utilisation de l'Assistant de réglage audio Remarque Avant d'utiliser l'Assistant de réglage audio pour régler un périphérique audio doté d'un dispositif de réglage du volume, tel qu'un casque avec des commandes de volume sur le cordon, augmentez le volume du périphérique à son maximum. Si... Procédez comme suit... Remarques Vous venez d'installer Cisco IP Communicator et vous utilisez l'Assistant de réglage audio pour la première fois Réglez tous les périphériques audio lorsque l'Assistant de réglage audio apparaît. L'Assistant de réglage audio vous permet de sélectionner des périphériques audio pour des modes audio ou d'utiliser le périphérique audio Windows par défaut. Le réglage d'un périphérique et la modification du paramètre de volume pour un appel sont des opérations distinctes. Il est préférable de ne régler chaque périphérique qu'une seule fois et de modifier le réglage uniquement si vous rencontrez des problèmes de qualité vocale. Pour plus d'informations, voir Affectation de modes audio, page 4-9 et Sélection d'un mode audio, page 4-9. La fenêtre Vérifier les paramètres audio apparaît lors d'un lancement postérieur à l'installation Cliquez sur l'un de ces boutons : • Rétablir : rétablir les paramètres précédemment associés à ce périphérique audio. • Régler : recommencer le réglage de ce périphérique. • Ignorer : conserver les paramètres modifiés (pour maintenir le volume de la carte son coupé, par exemple). La fenêtre Vérifier les paramètres audio apparaît lors de lancements ultérieurs si vous avez modifié (ou coupé) le volume d'un périphérique depuis son dernier réglage (si, par exemple, vous avez coupé le volume de la carte son de l'ordinateur ou modifié les commandes de volume d'un casque ou d'un combiné USB).Chapitre 1 Mise en route de Cisco IP Communicator Utilisation de l'Assistant de réglage audio 1-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Configuration et enregistrement Cisco IP Communicator, page 1-9 Vous souhaitez changer le volume lors d'un appel Cliquez sur le bouton Volume de Cisco IP Communicator. Cliquez sur Enregistrer pour enregistrer vos paramètres. Il s'agit de la méthode la plus adaptée pour modifier les paramètres de volume pour un appel donné. Voir Réglage du volume d'un appel, page 4-2. Vous souhaitez régler à nouveau un périphérique audio pour résoudre des problèmes de qualité vocale Accéder à l'Assistant de réglage audio (cliquez avec le bouton droit de la souris sur > Assistant de réglage audio). Vo ir Problèmes de qualité vocale, page 8-5. Vous souhaitez modifier vos sélections de mode audio sans recommencer le réglage des périphériques audio Cliquez avec le bouton droit de la souris sur > Préférences > onglet Audio). Vo ir Affectation de modes audio, page 4-9. Si... Procédez comme suit... Remarques1-9 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 1 Mise en route de Cisco IP Communicator Configuration et enregistrement de Cisco IP Communicator Configuration et enregistrement de Cisco IP Communicator Après avoir installé l'application Cisco IP Communicator, exécuté l'Assistant de réglage audio, et visualisé l'interface Cisco IP Communicator sur votre bureau, vous devrez peut-être effectuer d'autres tâches de configuration et d'enregistrement avant de pouvoir passer des appels. Remarque Les tâches suivantes peuvent varier en fonction des sociétés et des systèmes téléphoniques. Votre administrateur système vous fournira des instructions. Réalisez ces opérations uniquement si vous y avez été invité. Tâche Remarques Choix d'un nom de périphérique Cisco IP Communicator utilise la carte réseau ou le nom du périphérique pour s'identifier auprès du réseau. Dans les deux cas, votre administrateur système vous indiquera quelle carte choisir, ou quel nom de périphérique saisir : • Sélectionnez la carte réseau spécifiée par votre administrateur système dans Cisco IP Communicator (cliquez avec le bouton droit de la souris sur > Préférences > onglet Réseau). En général, la carte sélectionnée est celle qui fournit une connectivité permanente ou celle qui est toujours activée, même si elle n'est pas branchée. Les cartes sans fil sont à éviter. La carte réseau adéquate doit être sélectionnée afin que Cisco IP Communicator fonctionne correctement. Remarque Ce paramètre est utilisé pour l'identification sur le réseau, et non pour les transmissions audio. Une fois ce paramètre défini, vous n'aurez pas à le modifier, à moins que vous ne supprimiez ou désactiviez définitivement la carte réseau sélectionnée. Dans ce cas, contactez votre administrateur système avant de sélectionner une autre carte. • Entrez le nom du périphérique que vous a fourni votre administrateur système dans Cisco IP Communicator (cliquez avec le bouton droit de la souris sur > Préférences > onglet Réseau> Utiliser ce nom de périphérique).Chapitre 1 Mise en route de Cisco IP Communicator Test de Cisco IP Communicator 1-10 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Test de Cisco IP Communicator, page 1-10 Test de Cisco IP Communicator Avant de tester Cisco IP Communicator, vérifiez que votre numéro de poste est affiché à l'écran et que vous entendez une tonalité lorsque vous décrochez le combiné. Remarque Si votre numéro de poste n'apparaît pas ou si vous n'entendez pas de tonalité, consultez Problèmes d'ordre général, page 8-1. Recherche d'un nom de périphérique Si votre administrateur système vous demande le nom de périphérique de votre carte réseau, vous trouverez ce dernier dans Cisco IP Communicator (cliquez avec le bouton droit de la souris sur > Préférences > onglet Réseau> section Nom du périphérique). Spécification des adresses de serveurs TFTP Sur les conseils de votre administrateur système, entrez les adresses des serveurs TFTP dans Cisco IP Communicator (cliquez avec le bouton droit de la souris sur > Préférences > onglet Réseau> Utiliser les serveurs TFTP suivants). Enregistrement à l'aide de l'outil TAPS Après avoir installé et démarré Cisco IP Communicator et sur les directives de votre administrateur système, enregistrez automatiquement Cisco IP Communicator à l'aide de l'outil TAPS (Tool for Auto-Registered Phones Support). Votre administrateur système vous communiquera le numéro à composer dans Cisco IP Communicator pour effectuer l'enregistrement à l'aide de TAPS. Il se peut que vous ayez à entrer la totalité de votre numéro de poste, y compris l'indicatif régional. Suivez les indications vocales. Lorsque Cisco IP Communicator affiche un message de confirmation, vous pouvez mettre fin à l'appel. Cisco IP Communicator sera redémarré. Tâche Remarques1-11 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 1 Mise en route de Cisco IP Communicator Test de Cisco IP Communicator Passez quelques appels de test et demandez à vos interlocuteurs s'ils vous entendent correctement. Le tableau suivant énumère les éventuelles actions à effectuer lors des appels de test. Rubriques connexes • Fonctionnalités de Cisco IP Communicator, page 2-1 • Réglage du volume d'un appel, page 4-2 • Paramètres audio, page 4-8 • Problèmes de qualité vocale, page 8-5. Pour... Procédez comme suit : Régler le volume Réglez le volume du mode audio dans Cisco IP Communicator. Cliquez sur le bouton Volume ou appuyez sur les touches Page préc./Page suiv. du clavier. Utiliser une connexion à distance Si vous utiliser Cisco IP Communicator sur une connexion à distance (par exemple, sur une connexion VPN à votre domicile ou dans un hôtel), activez l'option Optimiser pour une bande passante étroite (cliquez avec le bouton droit de la souris sur > Préférences > onglet Audio). Une fois cette fonction activée, appelez une personne et demandez-lui si elle vous entend correctement. Chapitre 1 Mise en route de Cisco IP Communicator Test de Cisco IP Communicator 1-12 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01C H A P I T R E 2-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator • Fonctionnalités de Cisco IP Communicator, page 2-1 • À propos de l'interface de Cisco IP Communicator, page 2-4 • Navigation dans l'interface, page 2-10 • Accès à l'aide en ligne, page 2-19 Fonctionnalités de Cisco IP Communicator Cisco IP Communicator fonctionne de façon très similaire à un téléphone classique ; il permet de passer et de prendre des appels téléphoniques, de mettre des appels en attente, d'utiliser la numérotation abrégée, de transférer des appels, etc. Cisco IP Communicator prend également en charge des fonctions téléphoniques spéciales (telles que le parcage d'appels et les conférences Meet-Me) qui offrent des capacités de traitement d'appels supplémentaires et personnalisées. Le fonctionnement de Cisco IP Communicator et les fonctionnalités dont vous disposez sont variables d'un système à l'autre. Les fonctionnalités disponibles peuvent varier selon l'agent de traitement des appels utilisé par votre société et selon la façon dont l'assistance technique de votre société a configuré votre système téléphonique. Pour tout renseignement sur le fonctionnement ou la disponibilité des fonctions, contactez l'assistance technique ou votre administrateur système.Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Fonctionnalités de Cisco IP Communicator 2-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Vous pouvez accéder à de nombreuses fonctionnalité en appuyant sur une touche de fonction ou sur un bouton de ligne. Voir le Tableau 2-1 pour prendre connaissance des fonctionnalités et des touches de fonction. Vous pouvez configurer certaines fonctionnalités, mais votre administrateur système contrôle la plupart d'entre elles. Outre les fonctions de traitement des appels, Cisco IP Communicator prend en charge les éléments suivants : • L'Assistant de réglage audio • La composition de numéros à partir de répertoires avec la fonction Recherche rapide • L'accès rapide à vos pages Web Options utilisateur Cisco Unified CM et à vos services téléphoniques • Un système d'aide en ligne complet • La modification de l'apparence de Cisco IP Communicator • La composition de numéros par glisser-déplacer • La composition de numéros par copier-coller • Des messages intempestifs de notification d'appel entrant • La composition alphanumérique • Des raccourcis clavier • L'interfonctionnement vidéo avec Cisco Unified Video Advantage version 2.0. Remarque Lorsque Cisco IP Communicator utilise le protocole de contrôle d'appels SIP, il ne prend pas en charge la vidéo avec Cisco Unified Video Advantage. Votre administrateur système vous indiquera si votre déploiement prend en charge la vidéo.2-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Fonctionnalités de Cisco IP Communicator Ta b l e a u 2-1 Fonctionnalités et touches de fonction Rubriques connexes • À propos de l'interface de Cisco IP Communicator, page 2-4 Fonctionnalité Touche de fonction Rappel Rappel Renvoi d'appels RenvTt Parcage d'appel Parquer Interception d'appel Intrcpt Conférence Conf. Liste de conférence ListConf Ne pas déranger NPD Mettre fin à un appel FinApp. Interception d'appels de groupe GrpIntr Mise en attente Attente Identification d'appels malveillants IDAM Conférences Meet-Me MeetMe Mobilité Mobilité Nouvel appel NvAppel Autre groupe de prise d'appel AGrpIntr Outil de génération de rapports sur la qualité QRT Bis Bis Suppression du dernier participant à une conférence SupDerA Transférer TrnsferChapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator À propos de l'interface de Cisco IP Communicator 2-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 À propos de l'interface de Cisco IP Communicator Utilisez la souris pour cliquer sur les boutons et les éléments de menu, et le clavier de l'ordinateur pour entrer des lettres et des nombres et utiliser des raccourcis clavier. Cisco IP Communicator propose deux présentations de bureau appelées apparences : • Boutons et autres composants, page 2-4 • Fonctions de l'écran du téléphone, page 2-8 Boutons et autres composants Le Tableau 2-2 présente les boutons et autres composants communs aux deux apparences. Figure 2-1 Cisco IP Communicator en mode compact 1 4 8 7 5 6 14 9 12 11 10 2 3 16 1412092-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator À propos de l'interface de Cisco IP Communicator Figure 2-2 Cisco IP Communicator en mode par défaut Ta b l e a u 2-2 Boutons et autres composants 1 Écran du téléphone Permet d'afficher l'état des appels et les menus de fonctions et d'activer des éléments de menu. Voir Fonctions de l'écran du téléphone, page 2-8. 2 Boutons de contrôle de la fenêtre Permettent d'afficher le menu, de masquer Cisco IP Communicator, de passer d'une apparence à l'autre ou de quitter l'application. Voir Fonctionnement et disponibilité des fonctions, page 2-20. 2 14 13 12 11 10 16 17 5 7 9 8 6 4 3 15 105031 1Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator À propos de l'interface de Cisco IP Communicator 2-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 3 Touches programmables Selon la configuration de votre téléphone, les touches programmables permettent l'accès aux : • Lignes téléphoniques et lignes intercom (boutons de ligne) • Numéros abrégés (boutons de numérotation abrégée, y compris la fonctionnalité de numérotation abrégée FLO) • Services Web (bouton du carnet d'adresses personnel, par exemple) • Fonctionnalités d'appel (par exemple, bouton de confidentialité, de mise en attente ou de transfert). Les boutons s'allument et leur couleur indique l'état de l'appel : • Vert fixe : appel actif ou appel intercom bidirectionnel • Vert clignotant : appel en attente • Orange fixe : fonction de confidentialité en cours d'utilisation, appel intercom unidirectionnel ou activation de NPD • Orange clignotant : appel entrant ou à reprendre • Rouge fixe : ligne distante en cours d'utilisation (ligne partagée ou état FLO) Vous pouvez transformer les boutons de ligne supplémentaires en boutons de numérotation abrégée. Voir Configuration de la numérotation abrégée, page 7-5 4 Bouton Messages Compose automatiquement le numéro de votre service de messagerie vocale (varie selon le service). (Raccourci clavier : Ctrl + M.) Voir Accès aux messages vocaux, page 6-1. 5 Bouton Répertoires Ouvre ou ferme le menu Répertoires. Permet d'afficher les journaux d'appels et un répertoire d'entreprise, et de composer des numéros à partir de ceux-ci. (Raccourci clavier : Ctrl + D.) Vous pouvez également utiliser la fonction Recherche rapide (Alt + K) pour effectuer une recherche dans des répertoires. Vo ir Utilisation des journaux d'appels, page 6-3. 6 Bouton Aide Active le menu Aide. (Raccourci clavier : Ctrl + I.) Voir Accès à l'aide en ligne, page 2-19. 7 Bouton Paramètres Ouvre ou ferme le menu Paramètres. Permet de modifier les paramètres de l'écran tactile et des sonneries. (Raccourci clavier : Ctrl + S.) Voir Personnalisation des sonneries et des indicateurs de message, page 4-3. Tableau 2-2 Boutons et autres composants (suite)2-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator À propos de l'interface de Cisco IP Communicator 8 Bouton Services Ouvre ou ferme le menu Services. (Raccourci clavier : Ctrl + R.) Voir Configuration de services téléphoniques, page 7-7. 9 Bouton Volume Permet de définir le volume des modes audio et d'autres paramètres. (Raccourci clavier : Page préc./Page suiv.). Voir Réglage du volume d'un appel, page 4-2. 1 10 Bouton Haut-parleur Active/Désactive le mode haut-parleur. Lorsque le mode haut-parleur est activé, le bouton est allumé. (Raccourci clavier : Ctrl + P.) Vo ir Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator, page 5-1. 11 Bouton Secret Active/Désactive la fonction Secret. Lorsque la fonctionnalité est activée, le bouton est allumé. (Raccourci clavier : Ctrl + T.) Voir Utilisation de la fonction Secret, page 3-13. 12 Bouton Casque Permet d'activer/de désactiver le mode Casque. (Raccourci clavier : Ctrl + H.) Voir Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator, page 5-1. 13 Bouton Navigation Permet de faire défiler les menus et de mettre les éléments de menu en surbrillance. À utiliser avec les touches de fonction pour activer les éléments mis en surbrillance. Par ailleurs, lorsque Cisco IP Communicator est raccroché, appuyez sur le bouton Navigation pour accéder aux numéros de téléphone du journal des appels composés. 14 Bouton Cisco Unified Video Advantage Permet de lancer Cisco Unified Video Advantage. Vous devez exécuter Cisco Unified Video Advantage version 2.1.1 et Cisco IP Communicator 2.0 (ou version ultérieure) sur le même PC pour pouvoir utiliser cette fonctionnalité. 2 15 Clavier Permet d'entrer des chiffres et des lettres et de sélectionner des éléments de menu. (Non disponible avec l'apparence facultative.) Vous pouvez également utiliser le clavier de l'ordinateur. 16 Touches de fonction Chaque bouton permet d'activer une touche de fonction. Vous pouvez également cliquer sur les libellés de touche de fonction (au lieu des boutons). (Raccourcis clavier : F2 à F6.) Voir Traitement des appels avec Cisco IP Communicator, page 3-1. 17 Indicateur de message vocal et de sonnerie Indique un appel entrant et un nouveau message vocal. Voir Personnalisation des sonneries et des indicateurs de message, page 4-3. 1. Raccourci clavier dans toutes les versions antérieures à la version 2.0 : Ctrl + V 2. Lorsque Cisco IP Communicator utilise le protocole de contrôle d'appels SIP, il ne prend pas en charge la vidéo avec Cisco Unified Video Advantage. Votre administrateur système vous indiquera si votre déploiement prend en charge la vidéo. Tableau 2-2 Boutons et autres composants (suite)Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator À propos de l'interface de Cisco IP Communicator 2-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Conseils • Vous pouvez cliquer sur l'icône de menu en haut de l'une ou l'autre des apparences, cliquer avec le bouton droit sur Cisco IP Communicator ou appuyer sur Maj + F10 pour afficher et configurer les paramètres, sélectionner des apparences et activer le mode Écran uniquement. Voir À l'aide du menu, page 2-11. • Le mode par défaut (Figure 2-2) et le mode compact (Figure 2-1) présentent les mêmes icônes de bouton. La forme et l'emplacement des boutons peuvent toutefois varier selon l'apparence utilisée. • Pour obtenir la liste complète des raccourcis, voir À l'aide des raccourcis clavier, page 2-10. • Vo ir Fonctions de l'écran du téléphone, page 2-8 pour plus d'informations sur l'affichage des appels et des lignes à l'écran de Cisco IP Communicator. Fonctions de l'écran du téléphone Lorsque des appels sont actifs et que plusieurs menus de fonctions sont ouverts, l'écran du téléphone Cisco IP Communicator peut présenter l'aspect suivant.2-9 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator À propos de l'interface de Cisco IP Communicator Rubriques connexes • À propos de l'interface de Cisco IP Communicator, page 2-4 • Navigation dans l'interface, page 2-10 1 Ligne téléphonique principale Affiche le numéro de téléphone (numéro de répertoire) de votre ligne téléphonique principale. 2 Indicateurs des boutons programmables Les boutons programmables peuvent servir de boutons de ligne téléphonique, de boutons de ligne intercom, de boutons de la numérotation abrégée, de boutons de service téléphonique ou des boutons de fonction téléphonique. Les icônes et les étiquettes indiquent comment ces boutons sont configurés. Icône de ligne téléphonique : correspond à une ligne téléphonique. Les icônes de ligne peuvent varier. Icône de numéro abrégé : correspond à un bouton de numérotation abrégée, le cas échéant. Icône de service téléphonique : le cas échéant, correspond à un service téléphonique disponible via le Web, tel que le carnet d'adresses personnel. Icône de fonction : le cas échéant, correspond à une fonction, telle que la fonction Confidentialité. Pour plus d'information sur les autres icônes, voir États et icônes d'appel et de ligne, page 2-17. 3 Libellés des touches de fonction Chaque étiquette décrit la fonction d'une touche de fonction. 4 Ligne d'état Affiche les icônes de mode audio, les informations d'état et les invites. 5 Zone d'activité des appels Affiche les appels en cours par ligne, y compris l'ID de l'appelant, la durée et l'état de l'appel de la ligne mise en surbrillance (en mode d'affichage standard). 6 Onglet Téléphone Indique l'activité des appels. Cliquez sur cet onglet pour revenir à la zone d'activité des appels, si nécessaire. 7 Onglets de fonctions Chaque onglet correspond à un menu de fonctions activé.Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface 2-10 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Navigation dans l'interface • À l'aide des raccourcis clavier, page 2-10 • À l'aide du menu, page 2-11 • Utilisation des boutons de contrôle de la fenêtre, page 2-13 • Utilisation de la notification d'appel entrant, page 2-14 • Choix des éléments apparaissant sur l'écran du téléphone, page 2-14 • Utilisation des menus de fonctions, page 2-15 • Saisie et modification d'un texte, page 2-16 • Combiné décroché et raccroché, page 2-16 • États et icônes d'appel et de ligne, page 2-17 À l'aide des raccourcis clavier Cisco IP Communicator vous permet d'accéder aux boutons de la fenêtre sans utiliser la souris. Ces raccourcis de navigation sont particulièrement utiles si vous êtes mal-voyant et dans l'impossibilité de parcourir l'interface. Consultez le Tableau 2-3 pour obtenir une liste des raccourcis clavier permettant de naviguer dans l'interface. Ta b l e a u 2-3 Raccourcis clavier pour Cisco IP Communicator Frappe de touche Action Ctrl + D Ouvrir ou fermer le menu Répertoires Ctrl + S Ouvrir ou fermer le menu Paramètres Ctrl + R Ouvre ou ferme le menu Services Ctrl + M Ouvrir le système de messagerie vocale Ctrl + I Ouvrir ou fermer le système d'aide en ligne Ctrl + H Permet d'activer/de désactiver le mode Casque Ctrl + P Permet d'activer/de désactiver le mode Haut-parleur Ctrl + T Active/Désactive la fonction Secret2-11 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface À l'aide du menu Vous pouvez accéder aux éléments de menu suivants en cliquant sur l'icône de menu affichée dans le coin supérieur droit de l'interface, en cliquant avec le bouton droit dans l'interface, ou en appuyant sur Maj + F10. Ctrl + (touches numériques de 1 à 8) Ouvrir ou fermer les boutons de ligne ou les boutons de numérotation abrégée 1 à 8 Ctrl + V Coller un nom ou un numéro de téléphone Ctrl + Maj + A ou F2 Répondre à un appel Alt + S Ouvrir la boîte de dialogue Préférences Alt + K Accéder à la fonction de recherche rapide dans le répertoire Alt + X Quitter Cisco IP Communicator Alt + F4 Fermer Cisco IP Communicator Entrée Composer un appel Échap Raccrocher Page préc. Augmenter le volume du mode audio actuellement sélectionné Page suiv. Diminuer le volume du mode audio actuellement sélectionné F2 à F6 Activer les touches de fonction 1 à 5 / (avec fonction Verr. num activée) Activer la touche # Maj + F10 Ouvrir le menu Tableau 2-3 Raccourcis clavier pour Cisco IP Communicator (suite) Frappe de touche Action Élément Description Apparences Permet de modifier l'apparence de l'interface. Cisco IP Communicator est proposé avec deux apparences : l'apparence par défaut (clic droit > Apparences > Mode par défaut) et l'apparence compacte (clic droit > Apparences > Mode compact). La Figure 2-2 et la Figure 2-1 illustrent ces deux apparences.Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface 2-12 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Écran uniquement Permet d'activer/de désactiver l'affichage Écran uniquement. Les raccourcis clavier s'avèrent particulièrement utiles lorsque vous utilisez Cisco IP Communicator en affichage Écran uniquement. Voir À l'aide des raccourcis clavier, page 2-10. Toujours au-dessus Permet d'activer/de désactiver cette fonction. Lorsqu'elle est activée, cette fonctionnalité permet de toujours afficher Cisco IP Communicator sur votre bureau même si d'autres applications sont actives. Vous pouvez cependant réduire l'interface. Voir Fonctionnement et disponibilité des fonctions, page 2-20. Assistant de réglage audio Permet de lancer l'Assistant de réglage audio, qui permet de sélectionner et de régler les périphériques audio. Voir Utilisation de l'Assistant de réglage audio, page 1-6 et Dépannage Cisco IP Communicator, page 8-1. Coller Permet de copier un numéro à partir d'un programme Windows, de le coller dans la boîte de composition et de cliquer sur Compos. ou d'appuyer sur Entrée pour passer l'appel. Le raccourci clavier de cette fonction est Ctrl + V. Cis c o IP Communicator applique ensuite les règles de numérotation appropriées au numéro, avant de le composer automatiquement. Recherche rapide Permet d'ouvrir la boîte de dialogue Recherche rapide. Le raccourci clavier correspondant à cette boîte de dialogue est Alt + K. La fonction Recherche rapide permet de lancer une recherche dans un ou plusieurs répertoires à l'aide d'une même commande. Voir Utilisation du répertoire personnel, page 6-7. Options utilisateur Cisco Unified CM Permet d'ouvrir la page Web Options utilisateur Cisco Unified CM, où vous pouvez configurer des fonctions, des paramètres et des services téléphoniques IP (notamment les boutons de numérotation abrégée). Voir Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM, page 7-1. Préférences Permet d'ouvrir la boîte de dialogue Préférences, qui regroupe les onglets Utilisateur, Réseau, Audio et Répertoires. Le raccourci clavier correspondant à la boîte de dialogue Préférences est Alt + S. Aide Lance l'aide en ligne de Cisco IP Communicator. À propos de Cisco IP Communicator Affiche les informations sur la version du logiciel Cisco IP Communicator et d'importantes notices sur Cisco IP Communicator. Quitter Permet de quitter Cisco IP Communicator. Élément Description2-13 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface Utilisation des boutons de contrôle de la fenêtre Pour... Procédez comme suit : Accéder au menu Effectuez l'une des opérations suivantes : • Cliquez sur le bouton de menu dans l'angle supérieur droit de l'interface. • Cliquez avec le bouton droit dans l'interface. • Appuyez sur Maj + F10 Réduire l'interface Effectuez l'une des opérations suivantes : • Cliquez sur le bouton de réduction dans le coin supérieur droit de l'interface. • Cliquez une ou plusieurs fois sur le bouton Cisco IP Communicator dans la barre des tâches Basculer entre des modes Effectuez l'une des opérations suivantes : • Cliquez sur le bouton de mode dans le coin supérieur droit de l'interface. • Choisissez Apparences dans le menu. Masquer l'interface Cliquez avec le bouton droit sur l'icône de la barre d'état système et choisissez MasquerCisco IP Communicator. L'icône Cisco IP Communicator disparaît de la barre des tâches mais l'application n'est pas fermée. Récupérer l'interface Effectuez l'une des opérations suivantes : • Double-cliquez sur l'icône de la barre d'état système. • Cliquez sur l'icône de bouton dans la barre des tâches. Quitter Effectuez l'une des opérations suivantes : • Choisissez Quitter dans le menu. • Cliquez avec le bouton droit sur l'icône de la barre d'état système et choisissez Quitter.Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface 2-14 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Conseils • Si vous recevez un appel alors que Cisco IP Communicator est masqué ou réduit, la fenêtre de notification d'appel entrant apparaît si cette option est activée. Si vous avez activé l'option Ramener au premier plan lors d'un appel actif (clic droit > Préférences > onglet Utilisateur), Cisco IP Communicator est automatiquement affiché au premier plan de votre bureau. • Pour que Cisco IP Communicator reste visible sur le bureau même lorsque d'autres applications sont actives, choisissez Toujours au-dessus dans le menu. (Vous pouvez réduire l'interface même lorsque l'option Toujours au-dessus est sélectionnée.) Utilisation de la notification d'appel entrant Choix des éléments apparaissant sur l'écran du téléphone Pour... Procédez comme suit : Répondre à un appel Cliquez n'importe où dans la fenêtre contextuelle (sauf sur l'icône Secret). Couper la sonnerie Cliquez sur l'icône Secret de la fenêtre contextuelle. La fonction Secret s'applique à l'appel qui sonne actuellement. Masquer la notification d'appel entrant Choisissez Préférences > onglet Utilisateur > Masquer la notification d'appel entrant. Pour sélectionner un élément de l'écran du téléphone... Procédez comme suit : En cliquant Cliquez sur un élément de l'écran du téléphone. Sur certains écrans de téléphone (comme l'écran de pré-numérotation) lorsque vous cliquez sur un numéro de téléphone, Cisco IP Communicator risque de composer ce numéro. Un clic sur un élément ou la saisie d'un numéro peuvent déclencher une action. Si l'élément mène à un menu, ce dernier est ouvert.2-15 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface Utilisation des menus de fonctions Par le numéro de l'élément Cliquez sur le numéro correspondant sur votre clavier. Par exemple, cliquez sur 4 pour sélectionner le quatrième élément d'un menu. Par défilement Cliquez sur le bouton Navigation ou utilisez les touches fléchées du clavier pour faire défiler une liste et mettre un élément en surbrillance. Cliquez sur la touche de fonction correspondante, par exemple Sélect. ou Compos. pour achever l'opération. Pour... Procédez comme suit : Ouvrir ou fermer un menu de fonctions Cliquez sur bouton de fonction : • Messages • Services • Aide • Répertoires • Paramètres Faire défiler une liste ou un menu Cliquez sur le bouton Navigation. Remonter d'un niveau au sein d'un menu de fonctions Cliquez sur Quitter. (Notez que si vous cliquez sur Quitter alors que vous êtes dans le niveau supérieur d'un menu, ce dernier est fermé.) Basculer d'un menu de fonctions actif à un autre Cliquez sur un onglet de fonction sur l'écran du téléphone. (À chaque menu d'options correspond un onglet en haut de l'écran du téléphone. Celui-ci est visible lorsque le menu de fonctions est ouvert.) Pour sélectionner un élément de l'écran du téléphone... Procédez comme suit :Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface 2-16 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Saisie et modification d'un texte Combiné décroché et raccroché Certaines tâches et instructions de Cisco IP Communicator varient selon que Cisco IP Communicator est raccroché ou décroché. • Raccroché : aucun appel n'est actif, aucune tonalité. Sur votre Cisco IP Communicator, vous pouvez composer votre numéro le combiné raccroché (pré-numérotation), ce qui vous permet d'entrer ou de sélectionner des numéros de téléphone avant d'activer l'appel. Lorsque votre Cisco IP Communicator est raccroché, l'icône suivante apparaît en regard de chaque numéro de téléphone : • Décroché : le haut-parleur est actif ou une autre méthode est utilisée pour obtenir une tonalité et répondre à un appel entrant. Lorsque le téléphone est décroché, l'une des icônes suivantes apparaît, selon l'état de l'appel ou de la ligne : , , , , ou Rubriques connexes • États et icônes d'appel et de ligne, page 2-17 Pour... Procédez comme suit : Entrer une lettre sur l'écran du téléphone Cliquez pour mettre en surbrillance une fonction d'appel et utilisez le clavier pour entrer des lettres ou des chiffres. Supprimer des caractères dans une entrée ou déplacer le curseur Utilisez la touche Retour arrière du clavier ou cliquez sur << ou sur Suppr. sur l'écran du téléphone pour supprimer une lettre ou un chiffre. Pour déplacer le curseur vers la droite, cliquez sur >> sur l'écran du téléphone. Vous pouvez peut-être utiliser le bouton Navigation ou les touches fléchées gauche et droite de votre clavier.2-17 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface États et icônes d'appel et de ligne • Lignes : chaque ligne est associée à un numéro de répertoire ou intercom que vos interlocuteurs peuvent utiliser pour vous appeler. Votre Cisco IP Communicator prend en charge un maximum de huit lignes, selon sa configuration. Le nombre de lignes dont vous disposez figure dans la partie droite de l'écran du téléphone. Vous disposez d'autant de lignes que de numéros de téléphone et d'icônes de ligne téléphonique : . • Appels : chaque ligne peut prendre en charge plusieurs appels. Par défaut, Cisco IP Communicator prend en charge quatre appels connectés par ligne, mais votre administrateur système peut ajuster ce nombre en fonction de vos besoins. Un seul appel à la fois peut être actif à un moment donné ; les autres appels sont automatiquement mis en attente. Le Tableau 2-4 décrit les icônes qui vous permettront de déterminer l'état des appels et des lignes. Ta b l e a u 2-4 Icônes d'état d'appel et de ligne Icône État de l'appel ou de la ligne Description Ligne raccrochée Aucune activité d'appel sur cette ligne. Si vous composez un numéro avec le téléphone raccroché (pré-numérotation), l'appel ne débute que lorsque vous décrochez. Ligne décrochée Vous êtes en train de composer un numéro ou un appel sortant est en sonnerie. Voir Passer un appel, page 3-3. Appel connecté La communication avec votre interlocuteur est établie. Appel en sonnerie Un appel est en sonnerie sur l'une de vos lignes. Voir Réponse à un appel, page 3-9. Appel en attente Vous avez mis cet appel en attente. Voir Utilisation des fonctions Attente et Reprise, page 3-12. Utilisé à distance Un autre téléphone qui partage votre ligne est associé à un appel connecté. Vo ir Utilisation de lignes partagées, page 3-35. Appel authentifié L'appel connecté est sécurisé. Voir Déconnexion de groupes de recherche, page 3-29. Appel chiffré L'appel connecté est chiffré. Les appels chiffrés sont également authentifiés. Voir Déconnexion de groupes de recherche, page 3-29.Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Navigation dans l'interface 2-18 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Le Tableau 2-5 décrit les icônes indiquant comment les boutons de ligne sont configurés. Ta b l e a u 2-5 Icônes de bouton de ligne Icôn e État de l'appel ou de la ligne Description Ligne inactive (FLO) Vo ir Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34. Ligne occupée (FLO) Vo ir Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34. Ligne en mode Ne pas déranger (FLO) Vo ir Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34. Ligne intercom inactive La ligne intercom n'est pas en cours d'utilisation. Voir Établissement ou prise d'appels intercom, page 3-38. Appel intercom unidirectionnel La ligne intercom envoie ou reçoit de l'audio unidirectionnelle. Voir Établissement ou prise d'appels intercom, page 3-38. Appel intercom bidirectionnel Le destinataire a appuyé sur le bouton de ligne intercom pour utiliser la fonction audio bidirectionnelle avec l'appelant. Voir Établissement ou prise d'appels intercom, page 3-38.2-19 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Accès à l'aide en ligne Accès à l'aide en ligne Cisco IP Communicator comprend un système complet d’aide en ligne. Les rubriques d'aide apparaissent sur l'écran du téléphone. Pour... Procédez comme suit : Afficher le menu principal Cliquez sur le bouton Aide de Cisco IP Communicator et attendez quelques secondes que le menu s'affiche. Si l'aide est déjà ouverte, cliquez sur Princ. Les éléments du menu principal sont les suivants : • À propos de Cisco IP Communicator : description détaillée de Cisco IP Communicator • Comment... ? Procédures et informations relatives aux tâches courantes dans Cisco IP Communicator • Fonctions d'appel : description et procédures d'utilisation des fonctions d'appel • Aide : conseils sur l'utilisation et l'accès à l'Aide Obtenir des informations sur un bouton ou une touche de fonction Cliquez sur le bouton Aide, puis cliquez rapidement sur un bouton ou une touche de fonction. Obtenir des informations sur un élément de menu Cliquez sur le bouton Aide, puis cliquez rapidement sur un élément de menu sur l'écran du téléphone. Vous pouvez également cliquer rapidement deux fois sur le bouton Aide après avoir sélectionné l'élément de menu. Apprendre à utiliser l'Aide Cliquez sur le bouton Aide. Attendez une secondes ou deux, puis cliquez de nouveau sur le bouton Aide ou sélectionnez Aide dans le menu principal. Accéder au Guide de l'utilisateur Sélectionnez menu > Aide ou effectuez un clic droit sur > Aide.Chapitre 2 Généralités sur les fonctionnalités et l'interface de Cisco IP Communicator Fonctionnement et disponibilité des fonctions 2-20 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Fonctionnement et disponibilité des fonctions Le fonctionnement de Cisco IP Communicator et les fonctionnalités dont vous disposez peuvent varier selon l'agent de traitement des appels utilisé par votre société et selon la façon dont l'assistance technique de votre société a configuré votre système téléphonique. Pour tout renseignement sur le fonctionnement ou la disponibilité des fonctions, contactez l'assistance technique ou votre administrateur système. Vous pouvez accéder à de nombreuses fonctionnalité en appuyant sur une touche de fonction ou sur un bouton de ligne. Vous pouvez configurer certaines fonctionnalités, mais votre administrateur système contrôle la plupart d'entre elles. Voici quelques informations sur l'accès aux fonctionnalités à l'aide des touches de fonction : Fonctionnalité Touche de fonction Rappel Rappel Renvoi d'appels RenvTt Parcage d'appel Parquer Interception d'appel Intrcpt Conférence Conf. Liste de conférence ListConf Ne pas déranger NPD Mettre fin à un appel FinApp. Interception d'appels de groupe GrpIntr Mise en attente Attente Identification d'appels malveillants IDAM Conférences Meet-Me MeetMe Mobilité Mobilité NvAppel NvAppel Autre groupe de prise d'appel AGrpIntr Outil de génération de rapports sur la qualité QRT Bis Bis Suppression du dernier participant à une conférence SupDerA Trnsfer TrnsferC H A P I T R E 3-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 3 Traitement des appels avec Cisco IP Communicator • Comment traiter les appels simples, page 3-1 • Établissement de conférences téléphoniques, page 3-21 • Traitement des fonctions d'appel avancées, page 3-25 Comment traiter les appels simples Cette section décrit les principales tâches de gestion des appels telles que l'établissement, la prise et le transfert d'appels. Les fonctions nécessaires pour réaliser ces tâches sont standard et disponibles sur la plupart des systèmes téléphoniques. Remarque Le protocole utilisé par votre téléphone peut déterminer les fonctionnalités dont vous disposez. Demandez à votre administrateur quelles fonctionnalités sont prises en charge par votre téléphone. • Passer un appel, page 3-3 • Établissement d'un appel vidéo, page 3-8 • Réponse à un appel, page 3-9 • Fin d'un appel, page 3-11 • Utilisation des fonctions Attente et Reprise, page 3-12Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 • Utilisation de la fonction Secret, page 3-13 • Transfert d'un appel connecté, page 3-14 • Sélection des appels, page 3-15 • Passage d'un appel à l'autre, page 3-15 • Renvoi de vos appels vers un autre numéro, page 3-17 • Utilisation de la fonction Ne pas déranger, page 3-193-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples Passer un appel Pour... Procédez comme suit : Pré-numéroter (composer le numéro avec le combiné raccroché, sans entendre de tonalité au départ) • Entrez un numéro de téléphone (la fonction de numérotation automatique peut vous proposer des numéros de téléphone de votre journal Appels composés correspondant aux chiffres saisis). ou • Cliquez sur le bouton Navigation pour afficher les numéros de téléphone de votre journal Appels composés. Cliquez ensuite sur le numéro affiché sur l'écran du téléphone pour le composer. Vous pouvez également effectuer l'une des opérations suivantes pour décrocher le téléphone et composer le numéro en surbrillance : • Cliquez sur le bouton Haut-parleur ou Casque. • Cliquez sur Compos. ou appuyez sur la touche Entrée du clavier. • Cliquez sur un bouton de ligne. • Appuyez sur la touche Entrée du clavier. ou • Faites glisser un numéro à partir d'un programme Windows prenant en charge le glisser-déplacer, déposez-le n'importe où dans l'interface de Cisco IP Communicator, puis cliquez sur Compos. ou appuyez sur la touche Entrée du clavier. • Faites glisser une vCard et déposez-la n'importe où dans l'interface de Cisco IP Communicator. Si la vCard contient plusieurs numéros, sélectionnez celui à composer dans la fenêtre contextuelle et cliquez sur Compos. ou appuyez sur la touche Entrée du clavier. ou • Copiez un numéro à partir d'une autre source, puis cliquez sur Menu > Coller. (Vous pouvez également coller un numéro de téléphone à l'aide du raccourci clavier Ctrl + V.) Le numéro est automatiquement saisi. Cliquez sur Compos. ou appuyez sur la touche Entrée du clavier. Composer le numéro après avoir décroché (après la tonalité) Cliquez sur NvAppel, sur les boutons Haut-parleur ou Casque, ou sur un bouton de ligne, et entrez un numéro. Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rappeler le dernier numéro composé Cliquez sur Bis. Par défaut, la fonction Bis utilise votre ligne principale. Toutefois, vous pouvez ouvrir une ligne secondaire, puis cliquer sur Bis. Pour ouvrir une ligne, cliquez sur un bouton de ligne. Composer un numéro abrégé • Cliquez sur un bouton de numérotation abrégée avant ou après avoir décroché. ou • Entrez un code de numérotation abrégée (de 1 à 99 sur le clavier) avec le téléphone raccroché, puis cliquez sur NumAbr. Passer un appel lorsqu'un autre appel est actif (en utilisant une autre ligne) Cliquez sur un bouton de ligne pour la nouvelle ligne. L'appel de la première ligne est automatiquement mis en attente. Passer un appel lorsqu'un autre appel est actif (en utilisant la même ligne) Cliquez sur Attente, puis sur NvAppel. Vous pouvez à présent composer le numéro ou utiliser la fonction Bis ou la numérotation abrégée. Vous avez également la possibilité de poursuivre l'appel actif tout en vous préparant à composer un numéro à partir d'un journal d'appels ou d'un répertoire Pour récupérer l'appel en attente, cliquez sur Reprend. (voir les deux lignes suivantes de ce tableau pour plus de détails). Composer un numéro à partir d'un journal d'appels Cliquez sur le bouton Répertoires. Sélectionnez Appels en absence, Appels reçus, ou Appels composés. Pour composer un numéro, cliquez dessus ou recherchez-le en faisant défiler la liste et décrochez le téléphone. Si vous souhaitez composer un numéro à partir d'un journal d'appels tout en poursuivant un appel actif, faites défiler la liste pour afficher l'enregistrement souhaité et cliquez sur Compos. ou appuyez sur la touche Entrée du clavier. Choisissez ensuite un élément de menu pour traiter l'appel initial : • Attente : met le premier appel en attente et compose le second. • Transfert : transfère le premier interlocuteur vers le second (cliquez de nouveau sur Transfert pour terminer l'opération). • Conférence : établit une conférence téléphonique entre tous les interlocuteurs (cliquez sur Conf. pour terminer l'opération). • Fin app. : déconnecte le premier appel et compose le second. Pour... Procédez comme suit :3-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples Composer une entrée d'un annuaire d'entreprise sur le téléphone Cliquez sur le bouton Répertoires. Sélectionnez Répertoire d'entreprise (le nom exact de ce service peut varier). Entrez les lettres à l'aide du clavier, puis cliquez sur Recher. Pour composer un numéro, cliquez dessus ou recherchez-le en faisant défiler la liste et décrochez le téléphone. Si vous souhaitez composer un numéro à partir d'un répertoire tout en poursuivant un appel actif, faites défiler la liste pour afficher l'enregistrement souhaité et cliquez sur Compos. ou appuyez sur la touche Entrée du clavier. Choisissez ensuite un élément de menu pour traiter l'appel initial : • Attente : met le premier appel en attente et compose le second. • Transfert : transfère le premier interlocuteur vers le second (cliquez de nouveau sur Transfert pour terminer l'opération). • Conférence : établit une conférence téléphonique entre tous les interlocuteurs (cliquez sur Conf. pour terminer l'opération). • Fin app. : déconnecte le premier appel et compose le second. Composer un numéro à partir d'un répertoire d'entreprise de votre ordinateur personnel à l'aide Cisco WebDialer • Ouvrez un navigateur Web et accédez à un répertoire d'entreprise compatible avec WebDialer. • Cliquez sur le numéro à composer. Voir le guide Customizing Your Cisco Unified IP Phone on the Web (Personnalisation de votre téléphone IP Cisco Unified) pour plus de détails : http://www.cisco.com/en/US/products/hw/phones/ps379/products_user_ guide_list.html Utiliser la fonction de rappel de Cisco pour recevoir une notification lorsqu'un poste occupé ou qui ne répond pas se libère • Appuyez sur Rappel lorsque vous entendez la tonalité occupé ou la sonnerie. • Raccrochez. Votre téléphone vous avertit lorsque la ligne se libère. • Passez à nouveau l'appel. Pour... Procédez comme suit :Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Voir si une ligne associée à la numérotation abrégée, à l'enregistrement d'appel, ou à l'inscription à un répertoire est occupée avant de passer un appel sur cette ligne Recherchez des indicateurs de fonction de ligne occupée. Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34 Composer un numéro en mode Casque • Si le bouton Casque n'est pas allumé, cliquez dessus avant ou après la numérotation, la recomposition du dernier numéro (bis) ou la composition d'un numéro abrégé. ou • Si le bouton Casque est allumé, cliquez sur NvAppel, Bis, un bouton de numérotation abrégée ou un bouton de ligne. Le cas échéant, entrez un numéro de téléphone et cliquez sur Compos. ou appuyez sur la touche Entrée du clavier. Voir Utilisation d'un casque, page 5-2. Composer un numéro en mode Haut-parleur Vérifiez tout d'abord qu'aucun casque analogique n'est branché sur les prises jacks audio de l'ordinateur. Cliquez sur NvAppel ou sur appuyez sur le bouton Haut-parleur et saisissez un numéro de téléphone. Vous pouvez également utiliser une autre méthode pour passer l'appel, puis cliquer sur le bouton Haut-parleur pour basculer en mode Haut-parleur. Un grand nombre d'opérations réalisées lorsque vous composez un numéro entraînent le déclenchement automatique du mode Haut-parleur. Voir Utilisation de votre ordinateur comme poste téléphonique à haut-parleur, page 5-4. Composer un numéro en mode Combiné Décrochez le combiné avant ou après la numérotation, la recomposition du dernier numéro (bis) ou la composition d'un numéro abrégé. Voir Utilisation d'un combiné USB, page 5-5. Pour... Procédez comme suit :3-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples Composer un numéro à partir de votre carnet d'adresses personnel Uniquement disponible si activé sur Cisco Unified Communications Manager (anciennement Cisco Unified CallManager). Renseignez-vous auprès de votre administrateur système. • Si vous utilisez une autre version de Cisco Unified Communications Manager que la version 4.x, cliquez sur le bouton Répertoires et sélectionnez Répertoire personnel. • Si vous utilisez Cisco Unified Communications Manager 4.x, cliquez sur le bouton Services et sélectionnez Service PAB (le nom exact peut varier). (Selon la configuration, vous pourrez également utiliser la fonction Recherche rapide. Consultez la Utilisation du répertoire personnel, page 6-7.) Avant d'utiliser ce service, vous devez vous y abonner. Voir Utilisation de votre Carnet d'adresses personnel. Composer un numéro à l'aide d'un code de numérotation abrégée Uniquement disponible si activé sur Cisco Unified Communications Manager (anciennement Cisco Unified CallManager). Renseignez-vous auprès de votre administrateur système. • Si vous utilisez une autre version de Cisco Unified Communications Manager que la version 4.x, cliquez sur le bouton Répertoires et sélectionnez Répertoire personnel. • Si vous utilisez Cisco Unified Communications Manager 4.x, cliquez sur le bouton Services et sélectionnez Fast Dials (Numérotation abrégée) (le nom exact peut varier). Pour composer un numéro à partir d'une liste, cliquez dessus ou sélectionnez-le et décrochez. Pour plus d'informations sur le service de numérotation abrégée, consultez la Configuration de numéros abrégés, page 7-4. Passer un appel en utilisant un code de facturation ou de suivi Composez un numéro ou entrez un code d'affaire client ou un code d'autorisation forcée lorsque vous entendez une tonalité différente. L'administrateur système vous indiquera si vous avez besoin d'entrer ces types de code et peut vous fournir des instructions détaillées si nécessaire. Pour... Procédez comme suit :Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Conseils • Pour ajouter un préfixe à un numéro figurant dans l'un de vos journaux d'appels, sélectionnez le numéro et cliquez sur ModNum. • Si vous composez le numéro avant de décrocher, le numéro ne peut pas commencer par un astérisque (*) ou le signe dièse (#). Si vous avez besoin d'utiliser ces caractères, décrochez le combiné pour obtenir la tonalité et composez le numéro. Rubriques connexes • Réponse à un appel, page 3-9 • Fin d'un appel, page 3-11 Établissement d'un appel vidéo Lorsque vous utilisez Cisco IP Communicator avec Cisco Unified Video Advantage, vous pouvez passer des appels vidéo. Pour passer un appel vidéo, vous devez remplir les critères suivants : • Cisco Unified Video Advantage doit être installé sur votre système. • Cisco IP Communicator doit être activé pour les appels vidéo sur le serveur de traitement des appels. Après l'activation, Cisco IP Communicator affiche l'icône dans le coin inférieur droit de l'écran du téléphone. Passer un appel prioritaire Entrez le numéro d'accès MLPP (Multilevel Precedence and Preemption) (fourni par votre administrateur système), puis le numéro de téléphone. Passer un appel en utilisant votre profil de mobilité de poste Cisco Vérifiez que vous êtes connecté à la fonction de mobilité de poste. Appuyez sur le bouton Services et sélectionnez Service EM (le nom exact de ce service peut varier), puis entrez vos informations de connexion à l'aide du clavier. Si vous partagez un téléphone, il se peut que vous deviez vous connecter au service de mobilité de poste pour accéder à certaines fonctions ou passer un appel. Le service de mobilité de poste est une fonction spéciale qui n'est pas disponible par défaut et que votre administrateur système peut affecter aux téléphones et à leurs utilisateurs. Pour... Procédez comme suit :3-9 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples • Vous devez lancer Cisco Unified Video Advantage avant d'établir l'appel vidéo. • Votre correspondant doit également satisfaire aux mêmes critères et utiliser un périphérique qui soit un point d'accès vidéo. Si vous souhaitez activer votre téléphone pour les appels vidéo, contactez votre administrateur système pour obtenir de l'aide et consultez le guide d'utilisation de Cisco Unified Video Advantage : http://www.cisco.com/en/US/products/sw/voicesw/ps5662/products_user_ guide_list.html Réponse à un appel Pour... Procédez comme suit : Répondre en mode Casque Cliquez sur le bouton Casque, s'il n'est pas allumé. Ou, si le bouton Casque est allumé, cliquez sur Répond. ou sur un bouton de ligne clignotant. Voir Utilisation d'un casque, page 5-2. Répondre en mode Haut-parleur Cliquez sur le bouton Haut-parleur ou Répond. ou sur un bouton de ligne clignotant. Voir Utilisation de votre ordinateur comme poste téléphonique à haut-parleur, page 5-4. Répondre en mode Combiné Soulevez le combiné (ou activez-le comme il convient). Voir Utilisation d'un combiné USB, page 5-5. Prendre un appel à l'aide du raccourci clavier Appuyez sur F2 ou sur Ctrl + Maj + A sur votre clavier. Répondre avec la notification d'appel entrant Cliquez sur l'icône de sonnerie ou sur les informations d'ID de l'appelant. Si vous cliquez sur l'icône Secret dans la fenêtre de notification d'appel entrant qui apparaît au cours d'un appel actif, la sonnerie est coupée et la fenêtre de notification disparaît. Vous devez revenir dans l'interface de l'application pour afficher les détails de l'appel placé en mode Secret et désactiver cette fonction pour les futurs appels entrants. Répondre à un appel en sonnerie à partir d'un appel déjà connecté Voir Passage d'un appel à l'autre, page 3-15 et Utilisation des fonctions Attente et Reprise, page 3-12.Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-10 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Fin d'un appel, page 3-11 • Utilisation des fonctions Attente et Reprise, page 3-12 • Transfert d'un appel connecté, page 3-14 • Passage d'un appel à l'autre, page 3-15 • Utilisation de la fonction de mobilité de poste de Cisco, page 3-26 Paramétrer Cisco IP Communicator pour qu'il se connecte automatiquement à l'appel entrant après une ou deux sonneries Demandez à votre administrateur de configurer la fonction Réponse automatique pour vos lignes. Vous pouvez utiliser cette fonction en mode Haut-parleur ou Casque. Voir Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator, page 5-1. Récupérer ou permettre à une autre personne de récupérer un appel en attente sur un autre téléphone (celui d'une salle de conférence, par exemple) Utilisez la fonction de parcage d'appel. Voir Utilisation de la fonction de mobilité de poste de Cisco, page 3-26. Utiliser votre téléphone pour répondre à un appel en sonnerie sur un autre téléphone Utilisez la fonction d'interception d'appels. Voir Redirection d'un appel entrant vers Cisco IP Communicator, page 3-33. Répondre à un appel prioritaire Mettez fin à l'appel en cours en raccrochant, puis cliquez sur Répond. Envoyer un appel entrant directement vers votre système de messagerie vocale Cliquez sur Rvoi Im. L'appel entrant est automatiquement transféré vers l'annonce d'accueil de votre messagerie vocale. Prendre un appel sur votre téléphone portable ou à sur un autre périphérique cible distant Configurez Mobile Connect et répondez au téléphone. Lorsque vous activez Mobile Connect : Les appels sont simultanément reçus sur votre Bureau et sur les périphériques cibles à distance. Lorsque vous prenez l'appel sur votre téléphone de bureau, les périphériques cibles distants cessent de sonner, sont déconnectés, et affichent un message indiquant un appel en absence. Lorsque vous prenez l'appel sur un périphérique cible distant, les autres périphériques cibles distants cessent de sonner, sont déconnectés, et un message indiquant un appel en absence s'affiche sur les autres périphériques cibles distants. Pour... Procédez comme suit :3-11 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples Fin d'un appel Conseil Vous devez conserver le mode Casque activé pour utiliser la fonction Réponse automatique avec le casque (cette fonction doit être configurée par l'administrateur système). Si vous utilisez un casque sans la fonction Réponse automatique, il peut également être préférable de maintenir le mode Casque activé. Voir Obtention de périphériques audio, page 5-1. Rubriques connexes • Passer un appel, page 3-3 • Réponse à un appel, page 3-9 • Transfert d'un appel connecté, page 3-14 Pour... Procédez comme suit : Raccrocher lorsque vous utilisez le mode Combiné Désactivez le combiné, cliquez sur FinApp ou appuyez sur la touche Échap du clavier. Voir Utilisation d'un combiné USB, page 5-5. Raccrocher lorsque vous utilisez le mode Casque Cliquez sur le bouton Casque, s'il est allumé. Pour que le mode Casque reste actif, maintenez le bouton allumé en cliquant sur FinApp ou en appuyant sur la touche Échap du clavier. Vo ir Utilisation d'un casque, page 5-2. Raccrocher lorsque vous utilisez le mode Haut-parleur Cliquez sur FinApp ou appuyez sur la touche Échap du clavier. Vo ir Utilisation de votre ordinateur comme poste téléphonique à haut-parleur, page 5-4. Mettre fin à un appel sans pour autant mettre fin à un autre appel sur la même ligne Cliquez sur FinApp ou appuyez sur la touche Échap. Si nécessaire, commencez par cliquer sur Reprend pour récupérer un appel en attente.Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-12 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Utilisation des fonctions Attente et Reprise Vous pouvez mettre en attente ou reprendre des appels. Lorsque vous mettez un appel en attente, l'icône Attente apparaît en regard de l'ID de l'appelant et le bouton de ligne correspondant clignote en vert. Si la fonction d'inversion de la mise en attente est activée pour votre téléphone, les appels mis en attente sonnent à nouveau après un certain temps. L'appel « inversé » reste en attente jusqu'à ce que vous le repreniez ou jusqu'à l'expiration du délai d'inversion. Votre téléphone indique la présence d'un appel inversé : • En vous avertissant à intervalles réguliers à l'aide d'une simple sonnerie (ou d'un clignotement ou d'un bip, selon la configuration de votre ligne téléphonique). • En affichant brièvement un message d'inversion de mise en attente dans la barre d'état au bas de l'écran du téléphone. • En affichant l'icône animée d'inversion de mise en attente en regard de l'ID de l'appelant correspondant à l'appel en attente. • En affichant un bouton de ligne clignotant de couleur orange (selon l'état de la ligne). Pour... Procédez comme suit : Mettre un appel en attente 1. Vérifiez que l'appel à mettre en attente est sélectionné. 2. Cliquez sur Attente. Reprendre sur la ligne active un appel mis en attente 1. Vérifiez que l'appel adéquat et mis en surbrillance. 2. Cliquez sur Reprendre. Reprendre sur une autre ligne un appel mis en attente 1. Cliquez sur un bouton de ligne vert clignotant. Si cette ligne ne comporte qu'un seul appel en attente, la reprise de ce dernier est automatique. 2. Si elle en comporte plusieurs, assurez-vous que l'appel concerné est mis en surbrillance, puis cliquez sur Reprend.3-13 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples Conseils • Habituellement, l’activation de la fonction de mise en attente génère de la musique ou un bip. • Si un message vous alerte simultanément d'un appel entrant et d'un appel inversé, l'écran de votre téléphone affiche par défaut l'appel entrant. Votre administrateur système peut changer cette priorité d'affichage. • Si vous utilisez une ligne partagée, l'inversion de mise en attente ne sonne que sur le téléphone sur lequel l'appel a été mis en attente, et non sur les autres téléphones qui partagent la ligne. • L'intervalle entre les alertes d'inversion est déterminé par votre administrateur système. Utilisation de la fonction Secret La fonction Secret coupe le son du casque, du haut-parleur ou du microphone. Lorsque la fonction Secret est activée, vous pouvez entendre vos interlocuteurs, mais ces derniers ne peuvent pas vous entendre. Remarque Si vous lancez Cisco IP Communicator alors que votre périphérique audio ou ordinateur est mis en sourdine, la fenêtre Vérifier les paramètres audio vous invite à rétablir, régler ou annuler vos paramètres audio. Si les paramètres audio que vous aviez définis auparavant fonctionnaient correctement, choisissez Rétablir. Si vous souhaitez les afficher ou les modifier, choisissez Régler. Pour conserver la fonction Secret activée, choisissez Annuler. Pour... Procédez comme suit : Activer la fonction Secret Cliquez sur le bouton Secret qui n'est pas allumé. Désactiver la fonction Secret Cliquez sur le bouton Secret qui est allumé.Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-14 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Transfert d'un appel connecté Le transfert permet de rediriger un appel connecté. La cible est le numéro vers lequel vous souhaitez transférer l'appel. Conseils • Si le transfert en mode téléphone raccroché est activé, vous pouvez raccrocher directement ou cliquer sur Trnsfer avant de raccrocher. • S'il n'est pas activé sur votre téléphone, sachez que le fait de raccrocher plutôt que de cliquer surCisco IP Communicator Trnsfer a pour effet d'annuler le transfert et de mettre en attente la personne dont l'appel doit être transféré. • Vous ne pouvez pas utiliser la touche Trnsfer pour rediriger un appel en attente. Cliquez sur Reprend. pour le reprendre avant de le transférer. Pour... Procédez comme suit : Transférer un appel sans en informer le destinataire du transfert Au cours de l'appel, cliquez sur Transférer et entrez le numéro cible. Quand vous entendez la sonnerie d'appel, cliquez de nouveau sur Transférer. Informer le destinataire du transfert avant de lui transférer un appel (transférer en consultant) Au cours de l'appel, cliquez sur Transférer et entrez le numéro cible. Patientez quelques instants pour laisser le temps au destinataire du transfert de répondre. Si le destinataire accepte l'appel transféré, cliquez de nouveau sur Transférer. Si le destinataire refuse l'appel, appuyez sur Reprend. pour récupérer l'appel initial. Transférer deux appels en cours l'un vers l'autre (transfert direct) Sélectionnez un appel sur la ligne, puis cliquez sur Sélect. Renouvelez cette procédure pour le second appel. Lorsque l'un des appels sélectionnés est mis en surbrillance, cliquez sur TrnsDir (il se peut que vous deviez au préalable cliquer sur autres pour afficher cette option.) Les deux appels se connectent l'un à l'autre et vous ne participez plus à l'appel. Pour rester en ligne avec ces interlocuteurs, utilisez l'option Joindre pour créer une conférence téléphonique. Transférer un appel vers votre système de messagerie vocale Cliquez sur Rvoi Im. L'appel est automatiquement transféré vers le message d'accueil de votre messagerie vocale. Cette fonction est disponible lorsqu'un appel est actif, en sonnerie ou en attente.3-15 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples Sélection des appels De nombreuses fonctions de Cisco IP Communicator nécessitent que vous sélectionniez les appels à utiliser avec une fonction particulière. Par exemple, si vous avez quatre appels en attente mais que vous souhaitiez ne joindre que deux d'entre eux à une conférence téléphonique, vous pouvez sélectionner les appels à ajouter avant d'activer la fonction de conférence. Passage d'un appel à l'autre Vous pouvez passer d'un appel à l'autre sur une ou plusieurs lignes. Si l'appel vers lequel vous souhaitez basculer n'est pas sélectionné (mis en surbrillance) automatiquement, cliquez sur l'image qui lui est associée sur l'écran du téléphone. Pour... Procédez comme suit : Mettre un appel en surbrillance Cliquez sur un appel dans la liste des appels. Les appels mis en surbrillance apparaissent sur un fond plus clair et plus lumineux. Sélectionner un appel Mettez en surbrillance un appel connecté ou en attente, puis cliquez sur Sélect. Les appels sélectionnés sont signalés par une coche. Vérifier les appels sélectionnés Cliquez sur le bouton Navigation pour faire défiler la liste des appels. Les appels sélectionnés sont signalés par une coche et regroupés au sein de la liste des appels. Pour... Procédez comme suit : Basculer entre des appels connectés sur une ligne Sélectionnez l'appel vers lequel vous souhaitez basculer et cliquez sur Reprend. L'autre appel est automatiquement mis en attente. Basculer entre des appels connectés sur des lignes différentes Cliquez sur le bouton de ligne vert clignotant qui correspond à la ligne (et à l'appel) vers laquelle vous souhaitez basculer. Si cette ligne ne comporte qu'un seul appel en attente, la reprise de ce dernier est automatique. Si elle en comporte plusieurs, mettez en surbrillance l'appel concerné (si nécessaire) et cliquez sur Reprend. Répondre à un appel en sonnerie à partir d'un appel déjà connecté Cliquez sur Répond. ou sur un bouton de ligne jaune clignotant. Cette procédure permet de répondre au nouvel appel et de placer automatiquement le premier appel en attente. Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-16 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Conseils • Un seul appel à la fois peut être actif à un moment donné ; les autres appels connectés sont automatiquement mis en attente. • Lorsque vous avez plusieurs appels sur une même ligne, les appels avec le niveau de priorité le plus élevé et dont la durée est la plus longue apparaissent en haut de la liste des appels. • Les appels d'un même type sont regroupés au sein de la liste des appels. Par exemple, les appels auxquels vous avez participé sont regroupés vers le haut ; ensuite viennent les appels sélectionnés. Ceux auxquels vous n'avez pas encore répondu sont regroupés en bas (en dernier). Passer d'un appel entrant à l'autre à l'aide de la notification d'appel entrant Cliquez dans la fenêtre de notification de l'appel entrant (sauf sur l'icône Secret). L'appel actif est ainsi mis en attente et vous pouvez répondre à l'appel entrant. Afficher la liste des appels actifs Cliquez sur un bouton de ligne vert pendant un appel actif afin de revenir à l'écran principal en masquant les informations associées à l'appel actif. Vous obtenez ainsi la liste de tous les appels actifs sur chacune de vos lignes. Il s'agit de l'appel actif ou, si tous les appels sont en attente, de l'appel qui est en attente depuis la plus longue durée. Cliquez de nouveau sur le bouton de ligne vert pour revenir à l'affichage initial. Consulter tous les appels sur une ligne donnée Cliquez sur le bouton Aide puis cliquez immédiatement sur le bouton de ligne. Cette action permet d'afficher les détails sur l'appel sans affecter l'état de l'appel. Utilisez cette procédure lorsque vous êtes sur une ligne et que vous voulez afficher les appels en attente sur une autre ligne. Pour... Procédez comme suit :3-17 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples Transfert d'un appel en cours vers un autre téléphone Si vous utilisez la configuration Mobile Connect, vous pouvez transférer les appels en cours du téléphone logiciel Cisco IP Communicator vers votre téléphone portable ou vers une autre destination distante. Renvoi de vos appels vers un autre numéro Vous pouvez utiliser les fonctions de renvoi d'appel pour rediriger des appels entrants de votre téléphone vers un autre numéro. Remarque Entrez le numéro cible pour le renvoi de tous les appels exactement comme vous le composeriez sur votre téléphone. Par exemple, si nécessaire, entrez un code d'accès, tel que le 9 ou l'indicatif régional. Pour... Procédez comme suit : Transférer un appel en cours de votre téléphone logiciel Cisco IP Communicator vers un téléphone portable Appuyez sur la touche de fonction Mobilité et sélectionez Transférer l'appel vers le téléphone portable. Prenez l'appel en cours sur votre téléphone portable. Le bouton de la ligne téléphonique devient rouge et des icônes de combiné et le numéro de l'appelant sont affichés à l'écran du téléphone. Bien que vous ne puissiez pas utiliser la même ligne téléphonique pour d'autres appels, vous pouvez prendre ou passer des appels sur une autre ligne si votre téléphone prend en charge plusieurs lignes. Transférer un appel en cours d'un téléphone portable vers le téléphone logiciel Cisco IP Communicator Raccrochez votre téléphone portable pour déconnecter le téléphone portable mais pas l'appel. Appuyez sur Reprend. sur votre téléphone dans les 4 secondes et commencez à parler au téléphone de bureau.Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-18 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Votre administrateur système peut vous proposer de choisir entre deux types de fonctions de renvoi d'appels : • Le renvoi d'appels sans condition (Renvoi de tous les appels) : s'applique à tous les appels que vous recevez. • Le renvoi d'appel conditionnel (Renvoi si sans réponse, Renvoi si occupé, Pas de couverture) : s'applique à certains appels que vous recevez, sous certaines conditions. Vous pouvez accéder à la fonction de renvoi de tous les appels sur votre téléphone; les autres fonctions de renvoi d'appels ne sont accessibles que sur les pages Web Options utilisateur Cisco Unified CM. Votre administrateur système détermine quelles fonctions de renvoi d'appels sont disponibles sur votre téléphone. Conseils • Entrez le numéro cible du renvoi d'appels exactement comme si vous le composiez sur votre téléphone. Par exemple, le cas échéant, entrez un code d'accès ou l'indicatif régional. Pour... Procédez comme suit : Configurer le renvoi de tous vos appels sur votre ligne principale Appuyez sur RenvTt ou Renvoyer tout, puis entrez un numéro de téléphone cible. Annuler le renvoi de tous les appels sur votre ligne principale Appuyez surRenvTt ou Renvoyer tout. Vérifier que le renvoi de tous les appels est activé sur votre ligne principale Recherchez : • L'icône de renvoi d'appel au-dessus du numéro de téléphone principal : . • Le numéro cible du renvoi d'appel sur la ligne d'état. Configurer ou annuler le renvoi d'appels à distance, ou pour une ligne secondaire 1. Accédez aux pages Web Options utilisateur Cisco Unified CM. 2. Allez aux paramètres de renvoi d'appel. Voir Contrôle des paramètres de ligne, page 7-10. Remarque Lorsque la fonction de renvoi d'appels est activée pour toute autre ligne que la ligne principale, aucun signal sur votre téléphone ne vous confirme que les appels sont bien renvoyés. Vous devez vérifier vos paramètres dans les pages Web Options utilisateur Cisco Unified CM. 3-19 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples • Le renvoi d'appel dépend de la ligne téléphonique. Si le renvoi d'appels n'est pas activé sur la ligne sur laquelle il arrive, l'appel déclenche la sonnerie normale. • Votre administrateur système peut activer une fonction d'annulation du renvoi d'appel pour que la personne qui reçoit vos appels transférés puisse vous joindre. Lorsque l'annulation est activée, les appels passés à partir du téléphone cible vers votre téléphone ne sont pas transférés ; ils déclenchent une sonnerie sur votre poste. Rubriques connexes • Réponse à un appel, page 3-9 • Transfert d'un appel connecté, page 3-14 • Traitement des fonctions d'appel avancées, page 3-25 Utilisation de la fonction Ne pas déranger Vous pouvez utiliser la fonction Ne pas déranger (NPD) pour bloquer les appels entrants sur votre téléphone à l'aide de la tonalité occupé. Lorsque la fonction NDP et le renvoi d'appels sont activés sur votre téléphone, les appels sont renvoyés et l'appelant n'entend pas de tonalité occupé.Chapitre 3 Traitement des appels avec Cisco IP Communicator Comment traiter les appels simples 3-20 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Conseils • Lorsque vous activez la fonction NPD : – Cisco IP Communicator ne bloque ni les appels à destination de lignes intercom, ni les appels critiques tels que les appels provenant de Cisco Emergency Responder et les appels MLPP. – Cisco IP Communicator n'enregistre pas les appels entrants dans le journal des Appels en absence de votre téléphone. – Si vous avez également activé Renvoyer tout, cette fonction est prioritaire sur les appels entrants. C'est-à-dire que Cisco IP Communicator transfère tous vos appels, et que l'appelant n'entend pas de tonalité occupé. – Si la fonction Renvoi si occupé est activée sur votre ligne, Cisco IP Communicator transfère les appels au numéro Renvoi si occupé. Les appelants n'entendent pas de tonalité occupé. • Si la fonction NPD est désactivée sur votre téléphone, contactez votre administrateur système. Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Pour... Procédez comme suit : Activer la fonction Ne pas déranger 1. Cliquez sur Paramètres> Configuration du périphérique> Préférences d'appel> Ne pas déranger. 2. Sélectionnez Oui, puis cliquez sur Enregistrer. Ne pas déranger s'affiche sur la ligne d'état et la touche de fonction NPD est ajoutée. Désactiver la fonction NPD Cliquez sur la touche de fonction NPD. La touche de fonction NPD est supprimée. Personnaliser les options Ne pas déranger 1. Sélectionnez Options utilisateur Cisco Unified CM. 2. Accédez aux pages Web Options utilisateur Cisco Unified CM. 3. À partir du menu déroulant, choisissez Options utilisateur> Périphérique 4. Sélectionnez le Nom de votre périphérique Cisco IP Communicator. 5. Il est possible d'utiliser les caractères génériques suivants : – Ne pas déranger : Activer/désactiver NPD. – Alerte d’appel entrant avec la fonction NPD : configurez l'alerte afin qu'elle émette unbip seulement ou qu'elle clignote seulement, ou désactivez toutes les notifications visuelles et sonores. 3-21 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Établissement de conférences téléphoniques Établissement de conférences téléphoniques Vous pouvez créer une conférence de différentes manières, en fonction de vos besoins et des fonctions disponibles sur votre téléphone. • Conférence : Permet de créer une conférence standard (ad hoc) en appelant chaque participant. Utilisez la touche de fonction Conf. • Joindre : permet de créer une conférence standard (ad hoc) en associant des appels existants. Utilisez la touche de fonction Joindre. La fonction Joindre n'est disponible que sur les téléphones SCCP. • InsConf : permet de créer une conférence standard (ad hoc) en vous ajoutant à un appel sur une ligne partagée. Appuyez sur un bouton de ligne ou sur la touche de fonction InsConf. La fonction InsConf est disponible uniquement sur les téléphones qui utilisent des lignes partagées. • Meet-Me : permet de créer ou de rejoindre une conférence en appelant un numéro de conférence. Utilisez la touche de fonction MeetMe. Utilisation de la fonction Conférence. Pour... Procédez comme suit : Créer une conférence 1. Au cours d'un appel, appuyez sur Conf. (Il se peut que vous deviez appuyer sur la touche autres pour accéder à la touche Conf.) 2. Entrez le numéro de téléphone du participant. 3. Attendez que l'appel soit établi. 4. Appuyez de nouveau sur Conf. pour ajouter ce participant à votre appel. 5. Répétez cette procédure pour ajouter d'autres participants. Ajouter de nouveaux participants à une conférence existante Répétez les étapes ci-dessus. Votre administrateur système détermine si vous pouvez ajouter ou supprimer des participants si vous n'êtes pas l'organisateur de la conférence.Chapitre 3 Traitement des appels avec Cisco IP Communicator Établissement de conférences téléphoniques 3-22 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Utilisation de la fonction Joindre (uniquement sur les téléphones SCCP) La fonction Joindre permet de combiner plusieurs appels existants afin de créer une conférence à laquelle vous participez. Pour... Procédez comme suit : Créer une conférence en joignant des appels existants passés sur une même ligne téléphonique 1. À partir d'un appel actif, mettez en surbrillance un autre appel à inclure dans la conférence, puis appuyez sur Sélect. 2. Répétez cette étape pour chacun des appels à ajouter. 3. Appuyez sur Joindre. (Il se peut que vous deviez appuyer sur la touche de fonction autres pour accéder à la touche Joindre.) Créer une conférence en joignant des appels existants passés sur plusieurs lignes téléphoniques 1. À partir d'un appel en cours, appuyez sur Joindre. (Il se peut que vous deviez appuyer sur la touche de fonction autres pour accéder à la touche Joindre.) 2. Appuyez sur le bouton de ligne vert clignotant correspondant aux appels à inclure à la conférence. L'un des événements suivants se produit : • Les appels sont joints. • Une fenêtre s'ouvre sur l'écran du téléphone ; un message vous y invite à sélectionner les appels à joindre. Mettez les appels en surbrillance et appuyez ensuite sur Sélect, puis sur Joindre pour terminer l'opération. Remarque Si votre téléphone ne prend pas en charge la fonction Joindre pour les appels sur plusieurs lignes, transférez les appels vers une ligne unique. Vous pourrez alors utiliser la fonction Joindre. Combiner deux conférences existantes Utilisez les touches de fonction Joindre ou TrnsDir. Demandez à votre administrateur système si votre système est équipé de cette fonction.3-23 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Établissement de conférences téléphoniques Utilisation de la fonction InsConf Vous pouvez créer une conférence en utilisant la fonction InsConf pour vous ajouter à un appel sur une ligne partagée. Utilisation de la fonction Meet-Me Le mode de conférence téléphonique Meet-Me permet de démarrer une conférence ou de s'y joindre en composant son numéro. Pour... Procédez comme suit : Créer une conférence en vous connectant par insertion à un appel sur une ligne partagée Appuyez sur le bouton de ligne correspondant à la ligne partagée. Dans certains cas, vous devez mettre l'appel en surbrillance et appuyer sur InsConf pour terminer l'opération. Pour plus d'informations, consultez Procédure pour se connecter personnellement à un appel sur une ligne partagée, page 3-36. Pour... Procédez comme suit : Lancer une conférence Meet-Me 1. Demandez à votre administrateur système un numéro de téléphone Meet-Me. 2. Communiquez ce numéro à tous les participants. 3. Lorsque vous êtes prêt à lancer la conférence, décrochez pour obtenir une tonalité, puis appuyez sur MeetMe. 4. Composez le numéro de la conférence Meet-Me. Les participants peuvent à présent se joindre à la conférence en composant le numéro correspondant. Remarque Les participants entendront une tonalité occupé s'ils composent le numéro de la conférence avant que l'organisateur ne soit lui-même connecté. Dans ce cas, ils doivent rappeler.Chapitre 3 Traitement des appels avec Cisco IP Communicator Établissement de conférences téléphoniques 3-24 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Affichage ou exclusion des participants à une conférence Rejoindre une conférence Meet-Me Composez le numéro de la conférence Meet-Me (que vous a communiqué l'organisateur de la conférence). Remarque Vous entendrez une tonalité occupé si vous composez le numéro de la conférence avant que l'organisateur ne soit connecté. Dans ce cas, rappelez ultérieurement. Mettre fin à une conférence Meet-Me Tous les participants doivent raccrocher. La conférence ne s'arrête pas automatiquement lorsque l'organisateur se déconnecte. Pour... Procédez comme suit : Afficher la liste des participants à une conférence Appuyez sur ListConf. Les participants sont répertoriés dans l'ordre dans lequel ils rejoignent la conférence, les derniers à la rejoindre apparaissant en tête de liste. Mettre à jour la liste des participants à une conférence Lorsque la liste des participants à la conférence est affichée, appuyez sur MàJ. Savoir qui a organisé la conférence La liste des participants à la conférence étant affichée, recherchez le participant qui apparaît au bas de la liste, avec un astérisque (*) en regard de son nom. Exclure un participant de la conférence La liste étant affichée, mettez en surbrillance le nom du participant, puis appuyez sur Suppr. Abandonner le dernier interlocuteur à avoir rejoint la conférence Alors que la liste des participants à la conférence est affichée, appuyez sur SupDerA ou sur Supprimer dernier participant. Pour... Procédez comme suit :3-25 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées Traitement des fonctions d'appel avancées Les tâches avancées de traitement des appels font intervenir des fonctions spéciales (non standard) que votre administrateur système peut configurer sur Cisco IP Communicator en fonction de vos besoins et de votre environnement de travail. Par défaut, vous ne pouvez pas accéder à ces fonctions. • Utilisation de la fonction de mobilité de poste de Cisco, page 3-26 • Traitement des appels professionnels à l'aide d'un seul numéro de téléphone, page 3-27 • Utilisation de la fonction de mobilité de poste de Cisco, page 3-26 • Déconnexion de groupes de recherche, page 3-29 • Suivi des appels suspects, page 3-31 • Donner la priorité aux appels critiques, page 3-32 • Redirection d'un appel entrant vers Cisco IP Communicator, page 3-33 • Rappel d'une ligne occupée dès qu'elle devient disponible, page 3-34 • Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34 • Utilisation de lignes partagées, page 3-35 • Établissement ou prise d'appels intercom, page 3-38Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-26 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Utilisation de la fonction de mobilité de poste de Cisco La fonctionnalité de mobilité de poste de Cisco (EM, Cisco Extension Mobility) permet de configurer temporairement un téléphone Cisco Unified IP comme étant le vôtre. Lorsque vous vous connectez à EM, le téléphone adopte votre profil utilisateur, vos lignes téléphoniques, vos fonctions, vos services établis et vos paramètres Web. Seul l'administrateur système peut configurer la mobilité de poste. Conseils • Vous êtes automatiquement déconnecté de la mobilité de poste au bout d'un certain temps. Ce délai est déterminé par l'administrateur système. • Les modifications que vous apportez à votre profil de mobilité de poste dans les pages Web Options utilisateur sont prises en compte immédiatement si vous êtes connecté à la fonction de mobilité de poste par téléphone. Sinon, elles ne seront prises en compte qu'à votre prochaine connexion. • Les modifications que vous apportez à votre téléphone dans les pages Web Options utilisateur sont prises en compte immédiatement si vous êtes déconnecté d'EM. Sinon, elles prendront effet après votre déconnexion. • Les paramètres locaux réglables sur le téléphone ne sont pas enregistrés dans votre profil de mobilité de poste. Pour... Procédez comme suit : Vous connecter au service EM 1. Cliquez sur le bouton Services et sélectionnez Service EM (le nom de la fonction peut varier). 2. Saisissez votre ID utilisateur et votre numéro d'identification personnel (fournis par votre administrateur système). 3. Si vous y êtes invité, sélectionnez un profil de périphérique. Vous déconnecter du service EM 1. Cliquez sur le bouton Services et sélectionnez Service EM (le nom de la fonction peut varier). 2. Lorsque vous êtes invité à vous déconnecter, appuyez sur Oui.3-27 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées Traitement des appels professionnels à l'aide d'un seul numéro de téléphone Lorsque Mobile Connect et Mobile Voice Access sont installés, vous pouvez utiliser votre téléphone portable pour traiter les appels associés au numéro de votre téléphone de bureau. Un smartphone est un téléphone portable doté de fonctionnalités d'ordinateur personnel telles que la navigation Web, la messagerie électronique, le carnet d'adresses et le calendrier. Pour... Procédez comme suit : Configurer Mobile Connect Utilisez les pages Web Options utilisateur Cisco Unified CM pour configurer des destinations distantes et créer des listes d'accès pour autoriser ou bloquer le transfert d'appels provenant de numéros spécifiques vers ces destinations distantes. Voir Configuration de téléphones et de listes d'accès pour la connexion mobile, page 7-12. Répondre à un appel sur votre téléphone portable Vo ir Réponse à un appel, page 3-9. Passer un appel en cours de votre téléphone de bureau à un téléphone portable Vo ir Transfert d'un appel en cours vers un autre téléphone, page 3-17. Mettre en attente un appel pris sur votre smartphone 1. Appuyez sur la touche de mise en attente d'appel professionnel (le nom de la fonction peut varier) du smartphone. Votre interlocuteur est mis en attente. 2. Sur votre smartphone, appuyez sur la touche de fonction Reprend. (le nom de la fonction peut varier) du smartphone. Voir Transfert d'un appel en cours vers un autre téléphone, page 3-17. Transférer un appel pris sur un smartphone vers un autre numéro 1. Appuyez sur la touche de fonction de transfert d'appel professionnel (le nom de la fonction peut varier) du smartphone. 2. Composez le code d'accès de transfert d'appel de votre société pour initier un nouvel appel. Votre interlocuteur est mis en attente. 3. Appuyez sur la touche de fonction de transfert d'appel professionnel pour terminer le transfert d'appel.Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-28 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Initier une conférence téléphonique lors d'un appel pris sur un smartphone 1. Appuyez sur la touche de fonction de conférence professionnelle (le nom de la fonction peut varier) du smartphone. 2. Composez le code d'accès de conférence de votre société pour initier un nouvel appel. Votre interlocuteur est mis en attente. 3. Appuyez sur la touche de fonction de conférence professionnelle pour finir de configurer la conférence et inclure les deux interlocuteurs dans la conférence. Obtenir la fonction d'accès vocal mobile (Mobile Voice Access) 1. À partir de n'importe quel téléphone, composez le numéro d'accès vocal mobile qui vous a été attribué. 2. Saisissez le numéro depuis lequel vous appelez, si vous y êtes invité, et votre numéro d'identification personnel. Activer la connexion mobile (Mobile Connect) à partir de votre téléphone portable 1. Composez le numéro d'accès vocal mobile qui vous a été attribué. 2. Saisissez votre numéro de téléphone portable (si vous y êtes invité), et votre numéro d'identification personnel. 3. Appuyez sur 2 pour activer la connexion mobile. 4. Choisissez d'activer la connexion mobile pour tous les téléphones configurés ou pour un seul : – Tous les téléphones : saisissez 2. – Un seul téléphone : saisissez 1, puis le numéro à ajouter en tant que destination distante, suivi de #. Désctiver la connexion mobile (Mobile Connect) à partir de votre téléphone portable 1. Composez le numéro d'accès vocal mobile qui vous a été attribué. 2. Saisissez votre numéro de téléphone portable (si vous y êtes invité), et votre numéro d'identification personnel. 3. Appuyez sur 3 pour désactiver la connexion mobile. 4. Choisissez de désactiver la connexion mobile pour tous les téléphones configurés ou pour un seul : – Tous les téléphones : saisissez 2. – Un seul téléphone : saisissez 1, puis le numéro à supprimer en tant que destination distante, suivi de #. Pour... Procédez comme suit :3-29 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées Stockage et récupération des appels parqués Lorsque vous souhaitez stocker un appel, vous pouvez le parquer pour qu'une autre personne ou vous-même puissiez le récupérer sur un autre téléphone (par exemple, le téléphone du bureau d'un collègue ou celui d'une salle de conférence) du système de traitement des appels. Le parcage d'appel est une fonction spéciale que votre administrateur système peut paramétrer pour vous. Remarque Vous disposez d'undélai limité pour récupérer l'appel avant qu'il recommence à sonner sur le poste auquel il était destiné à l'origine. Consultez votre administrateur système pour connaître ce délai. Rubriques connexes • Comment traiter les appels simples, page 3-1 • Utilisation des fonctions Attente et Reprise, page 3-12 • Transfert d'un appel connecté, page 3-14 Déconnexion de groupes de recherche Si votre entreprise reçoit un volume importantd 'appels entrants, vous pouvez être membre d'un groupe de recherche. Un groupe de recherche inclut une série de numéros de répertoire partageant la charge des appels entrants. Lorsque le premier numéro de répertoire du groupe de recherche est occupé, le système recherche le prochain numéro de répertoire disponible dans le groupe et dirige les appels vers ce téléphone. Pour... Procédez comme suit : Stocker un appel actif à l'aide de la fonction de parcage d'appel Au cours d'un appel, cliquez sur Parquer (vous devrez peut-être cliquer au préalable sur la touche de fonction autres). Cette opération indique à Cisco IP Communicator qu'il doit stocker l'appel. Notez le numéro de parcage d'appels affiché sur l'écran du téléphone et raccrochez. Récupérer un appel parqué Entrez le numéro de parcage sur n'importe quel téléphone Cisco IP Communicator ou téléphone IP Cisco du réseau pour vous connecter à l'appel.Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-30 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Lorsque vous n'êtes pas à votre poste, vous pouvez vous déconnecter des groupes de recherche pour que votre téléphone ne sonne pas. Conseil La déconnexion des groupes de recherche n'empêche pas votre téléphone de sonner lorsque d'autres appels arrivent. Emission et réception d'appels sécurisés Selon la configuration que votre administrateur système a choisie pour votre système téléphonique, Cisco IP Communicator peut prendre en charge l'établissement et la réception d'appels sécurisés. Cisco IP Communicator prend en charge les types d'appel suivants : • Appel authentifié : l'identité de tous les téléphones participant à l'appel a été vérifiée. • Appel chiffré : le téléphone reçoit et transmet des données audio chiffrées (votre conversation) sur le réseau IP Cisco. Les appels chiffrés sont également authentifiés. • Appel non sécurisé : au moins un des téléphones participant à l'appel ou la connexion ne prennent pas en charge cette fonction de sécurité ou il n'est pas possible de vérifier l'identité des téléphones. Pour... Procédez comme suit : Vous déconnecter des groupes de recherche pour bloquer temporairement les appels de groupes de recherche Appuyez sur Groupmt ou sur Groupe de recherche. L'écran du téléphone affiche le texte « Déconnecté du grpe rech. » Vous connecter pour recevoir des appels des groupes de recherche Appuyez sur Groupmt ou sur Groupe de recherche. Lorsque vous êtes connecté, le bouton Groupe de recherche est allumé.3-31 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées Remarque Des interactions, des restrictions et des limites affectent le fonctionnement des fonctions de sécurité sur Cisco IP Communicator. Pour en savoir plus, contactez votre administrateur système. Suivi des appels suspects Si vous recevez des appels suspects ou malveillants, votre administrateur système peut ajouter la fonction d'identification des appels malveillants (IDAM) sur votre téléphone. Cette fonction vous permet d'identifier un appel actif comme suspect, ce qui lance une série de messages automatisés de suivi et de notification. Le système de traitement des appels peut alors identifier et enregistrer la source de l'appel entrant sur le réseau. Pour... Procédez comme suit : Contrôler le niveau de sécurité d’un appel Regardez si l'une des icônes de sécurité suivantes apparaît en haut à droite de la zone d'activité des appels, en regard de l'indicateur de durée d'appel : Appel authentifié ou conférence Appel chiffré ou conférence Si ces icônes ne sont pas affichées, l'appel n'est pas sécurisé. Déterminer s'il est possible de passer des appels sécurisés au sein de votre société Contactez votre administrateur système. Pour... Procédez comme suit : Informer votre administrateur système d'un appel suspect ou malveillant Appuyez sur IDAM. Vous entendez une tonalité et le message IDAM réussie s'affiche sur votre téléphone.Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-32 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Donner la priorité aux appels critiques Dans certains environnements spécialisés, tels que des bureaux de l’Armée ou de l’État, il se peut que vous ayez besoin de passer et de recevoir des appels urgents ou critiques. Si vous avez besoin de ce traitement spécialisé des appels, votre administrateur système peut ajouter une fonction de préséance et préemption à plusieurs niveaux (MLPP) sur votre téléphone. Il est utile de se souvenir des termes suivants : • La préséance indique la priorité associée à un appel. • La préemption est le processus qui permet de mettre fin à un appel existant dont la priorité est inférieure, tout en acceptant un appel de priorité supérieure qui est envoyé vers votre téléphone. Si... Procédez comme suit : Souhaitez pouvoir choisir le niveau de priorité (préséance) d’un appel sortant Contactez votre administrateur système pour obtenir la liste des numéros de priorité correspondant aux appels. Souhaitez passer un appel prioritaire (qui a la préséance) Entrez le numéro d'accès MLPP (que vous a fourni votre administrateur système), puis le numéro de téléphone. Entendez une sonnerie différente (plus rapide que d'habitude) ou une tonalité d'attente spéciale Vous recevez un appel prioritaire (qui a la préséance). Une icône MLPP s'affiche sur l'écran de votre téléphone pour indiquer le niveau de priorité de l'appel. Souhaitez afficher le niveau de priorité d’un appel Recherchez une icône MLPP sur l'écran de votre téléphone : Appel prioritaire Appel d’importance moyenne (immédiat) Appel très important (rapide) Appel de la plus haute importance (suppression rapide) ou appel prioritaire Les appels les plus importants s’affichent en haut de la liste des appels. Si aucune icône MLPP n'apparaît, l'appel est un appel normal (routine). Vous entendez une tonalité continue qui interrompt votre appel Cela signifie que vous ou votre interlocuteur recevez un appel qui est prioritaire sur l'appel en cours. Raccrochez immédiatement pour permettre à l'appel plus important de sonner sur votre téléphone.3-33 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées Conseils • Lorsque vous passez ou recevez un appel compatible MLPP, vous entendez une sonnerie et une tonalité d'attente spéciales, différentes des sonnerie et tonalité standard. • Si vous entrez un numéro d’accès MLPP incorrect, un message vocal vous en avertit. • Un appel MLPP garde son statut prioritaire lorsque vous : – le mettez en attente – le transférez – l'ajoutez à une conférence – y répondez par interception. • La fonction MLPP est prioritaire sur la fonction NPD (Ne pas déranger). Redirection d'un appel entrant vers Cisco IP Communicator La fonction d'interception d'appels vous permet de réacheminer un appel en sonnerie sur le téléphone d'un collègue vers votre Cisco IP Communicator pour que vous puissiez répondre à cet appel. L'interception d'appels est une fonction spéciale que votre administrateur système peut configurer pour vous, en fonction de vos besoins en matière de gestion d'appels et de votre environnement de travail. Par exemple, vous pouvez avoir besoin de cette fonction si vous partagez avec vos collègues des responsabilités au niveau de la gestion des appels. Pour... Procédez comme suit : Répondre à un appel en sonnerie sur un autre poste de votre groupe Cliquez sur un bouton de ligne disponible et sur Intrcpt. L'appel sonne sur votre ligne. Répondre à un appel en sonnerie sur un autre poste en dehors du groupe Cliquez sur un bouton de ligne disponible et sur GrpIntr. Entrez le code d'interception du groupe fourni par votre administrateur système. L'appel sonne sur votre ligne. Répondre à un appel en sonnerie, que ce soit sur un autre poste de votre groupe ou sur celui d'un groupe associé Cliquez sur un bouton de ligne disponible et sur AGrpIntr. Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-34 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Conseils • Pour prendre l'appel qui sonne depuis plus longtemps, appuyez sur Intrcpt ou sur GrpIntr. • Pour prendre l'appel du groupe d'interception qui a la plus haute priorité, appuyez sur AGrpIntr. Rubriques connexes • Transfert d'un appel connecté, page 3-14 Rappel d'une ligne occupée dès qu'elle devient disponible Si le numéro que vous appelez est occupé ou ne répond pas, vous pouvez configurer Cisco IP Communicator pour vous avertir dès que la ligne devient disponible. Pour configurer la notification, composez le numéro et cliquez sur Rappel lorsque vous entendez la tonalité occupé ou la sonnerie. Ensuite, raccrochez. Lorsque le poste se libère, vous recevez un signal sonore et visuel sur votre téléphone. Le rappel du numéro n'est pas automatique ; vous devrez passer l'appel. Le rappel d'un numéro est une fonction spéciale que votre administrateur système peut configurer pour vous sur votre téléphone. Conseil Le rappel ne fonctionne pas si le renvoi d'appels est activé sur le poste de votre interlocuteur. Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne Selon la configuration, vous pouvez utiliser les indicateurs de fonction de ligne occupée (FLO) pour déterminer l'état d'une ligne téléphonique associée à un bouton de numérotation abrégée, un journal d'appels, ou une liste de répertoire de votre Cisco IP Communicator. Vous pouvez appeler cette ligne quel que soit l'état de l'indicateur FLO. Cette fonction n'empêche pas de composer un numéro.3-35 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées Utilisation de lignes partagées Votre administrateur système peut vous affecter une ligne partagée. Une ligne partagée est utilisée principalement dans les cas suivants: • Vous souhaitez utiliser une même ligne pour plusieurs téléphones, afin que votre téléphone de bureau et votre téléphone Cisco IP Communicatorsoient associés au même numéro de poste, par exemple 23456. Dans ce cas, tous les appels entrants destinés au numéro de poste 23456 sonneront sur le téléphone Cisco IP Communicator et sur le téléphone de bureau et vous pourrez prendre l'appel sur l'un ou l'autre. • Plusieurs personnes partagent une même ligne. Par exemple, vous êtes directeur et vous partagez une ligne et un poste avec votre assistant. Tous les appels entrants destinés au numéro de poste partagé sonneront alors simultanément sur votre téléphone et celui de votre assistant. Si votre assistant répond, vous pourrez utiliser la fonction de ligne partagée intitulée « Insertion » afin de participer à la conversation engagée. Pour... Procédez comme suit : Afficher l'état d'une ligne de numérotation abrégée Recherchez l'un des indicateurs suivant près du numéro de ligne : + La ligne est en cours d'utilisation. + La ligne est inactive. L'indicateur FLO n'est pas disponible ou n'est pas configuré pour cette ligne. + La ligne est en mode Ne pas déranger. Afficher l'état d'une ligne figurant dans un journal d'appels ou un répertoire Recherchez l'un des indicateurs suivant près du numéro de ligne : La ligne est en cours d'utilisation. La ligne est inactive. L'indicateur FLO n'est pas disponible pour cette ligne. La ligne est en mode Ne pas déranger.Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-36 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 • Pour plus d'informations sur les lignes partagées, consultez votre administrateur système. Les fonctions de ligne partagée telles que la fonction Insertion ne s'appliquent pas aux lignes standard, non partagées. Rubriques connexes • Procédure pour se connecter personnellement à un appel sur une ligne partagée, page 3-36 • Procédures pour empêcher d'autres personnes d'afficher ou de se joindre à un appel sur une ligne partagée, page 3-37 Procédure pour se connecter personnellement à un appel sur une ligne partagée Si vous utilisez une ligne partagée, vous pouvez rejoindre une conversation en cours à l'aide de l'option Insertion. Quand vous utilisez cette fonction, tous les autres interlocuteurs de l'appel entendent un bip signalant votre présence. Lorsque vous raccrochez, les autres interlocuteurs entendent une tonalité de déconnexion et l'appel initial continue. La fonction Insertion s'applique aux lignes partagées uniquement. Pour... Procédez comme suit : Intégrer un appel en cours sur une ligne partagée Sélectionnez l'appel sur l'écran du téléphone et cliquez sur Insert (vous devrez peut-être cliquer auparavant sur la touche de fonction autres). Terminer un appel en insertion sur une ligne partagée Raccrochez.3-37 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées Conseils • Vous serez déconnecté de l'appel en cours que vous avez intégré sur une ligne partagée si cet appel est mis en attente, transféré ou transformé en conférence téléphonique. • Vous ne pouvez pas répondre à un appel sur une autre ligne lorsque vous intervenez dans un appel en cours sur une ligne partagée. • Cliquez sur un bouton de ligne vert lorsque l'appel est actif pour revenir à l'écran principal. Vous obtiendrez ainsi la liste de tous les appels actifs. Rubriques connexes • Comment traiter les appels simples, page 3-1 • Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34 • Procédures pour empêcher d'autres personnes d'afficher ou de se joindre à un appel sur une ligne partagée, page 3-37 Procédures pour empêcher d'autres personnes d'afficher ou de se joindre à un appel sur une ligne partagée Si vous partagez une ligne téléphonique, vous pouvez utiliser la fonctionnalité de confidentialité pour empêcher les personnes qui partagent votre ligne d'afficher vos appels ou de s'y joindre. Pour... Procédez comme suit : Empêcher d'autres personnes d’afficher des appels sur une ligne partagée ou de s'y connecter 1. Appuyez sur Confidentiel. 2. Pour vérifier que la fonction de confidentialité est désactivée, vérifiez la présence de l'icône de la fonction désactivée en regard d'un bouton de ligne de couleur orange. Autoriser d'autres personnes à afficher ou à se joindre aux appels sur une ligne partagée 1. Appuyez sur Confidentiel. 2. Pour vérifier que la fonction de confidentialité est désactivée, vérifiez la présence de l'icône de la fonction désactivée en regard d'un bouton de ligne de couleur éteint.Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-38 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Conseils • Si vous partagez la ligne avec un téléphone dont la fonction de confidentialité est activée, vous pouvez passer et recevoir des appels normalement sur la ligne partagée. • La fonction de confidentialité s’applique à toutes les lignes partagées de votre téléphone. Par conséquent, si vous avez plusieurs lignes partagées et que la fonction de confidentialité est activée, vos collègues ne pourront pas afficher les appels sur vos lignes partagées, ni s'y joindre. Rubriques connexes • Comment traiter les appels simples, page 3-1 • Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34 • Procédure pour se connecter personnellement à un appel sur une ligne partagée, page 3-36 Établissement ou prise d'appels intercom Vous pouvez passer un appel intercom vers un téléphone cible qui réponde automatiquement à l'appel en mode Haut-parleur et coupure du microphone. Les appels intercom unidirectionnels permettent d'envoyer un bref message à leur destinataire. Si le destinataire utilise un combiné ou un casque, il entend le message dans ce périphérique. Si le destinataire a déjà un appel en cours, celui-ci se poursuit simultanément. Le destinataire de l'appel reçoit une tonalité d'alerte intercom et peut alors choisir de : • Écouter l'appelant, son microphone étant coupé (il peut écouter l'appelant, mais ce dernier ne peut pas l'entendre). • Mettre fin à l'appel intercom en appuyant sur la touche de fonction FinApp. après avoir sélectionné l'appel intercom. Utilisez cette option si vous ne souhaitez pas écouter le message. • Parler à l'appelant en appuyant sur le bouton intercom actif, en utilisant le combiné, le casque ou le haut-parleur. L'appel intercom devient une connexion bidirectionnelle au cours de laquelle vous pouvez parler avec l'appelant. Lorsque vous utilisez la fonction intercom, souvenez-vous que :3-39 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées • À partir d'une ligne intercom, vous ne pouvez appeler que d'autres lignes intercom. • Vous ne pouvez utiliser qu'une ligne intercom à la fois. • Vous ne pouvez pas prendre ou passer d'appel intercom si votre appel actif est surveillé ou enregistré. • Vous ne pouvez pas mettre un appel intercom en attente. Remarque Si vous vous connectez à votre téléphone de bureau tous les jours à l'aide de votre profil de mobilité de poste, vérifiez que votre administrateur système a configuré votre profil de mobilité de poste en y incluant la fonction intercom. Pour... Procédez comme suit : Passer un appel intercom vers une cible intercom préconfigurée 1. Appuyez sur une ligne intercom cible. 2. Attendez jusqu'à ce que vous entendiez la tonalité d'alerte intercom. 3. Commencez à parler. Passer un appel intercom vers un numéro intercom 1. Appuyez sur une ligne intercom cible. 2. Procédez comme suit : – Entrez le numéro intercom cible. – Appuyez sur le numéro abrégé de votre cible. 3. Attendez jusqu'à ce que vous entendiez la tonalité d'alerte intercom. 4. Commencez à parler. Recevoir un appel intercom Lorsque vous entendez la tonalité d'alerte intercom, vous pouvez traiter l'appel de l'une des manières suivantes : • Écouter le message en audio unidirectionnel. • Appuyer sur une ligne intercomme orange active pour parler à l'appelant. (La ligne devient verte lorsque l'appel devient bidirectionnel.) • Appuyez sur Fin app. après avoir sélectionné l'appel intercom pour déconnecter ce dernier.Chapitre 3 Traitement des appels avec Cisco IP Communicator Traitement des fonctions d'appel avancées 3-40 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01C H A P I T R E 4-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 4 Personnalisation des paramètres sur Cisco IP Communicator • Accès aux paramètres, page 4-1 • Réglage du volume d'un appel, page 4-2 • Personnalisation des sonneries et des indicateurs de message, page 4-3 • Personnalisation de l'écran du téléphone, page 4-4 • Affichage et personnalisation des préférences, page 4-5 Accès aux paramètres Voici des informations utiles concernant les paramètres de Cisco IP Communicator : • Vous pouvez accéder à la plupart des paramètres en choisissant Préférences dans le menu. Vous pouvez accéder au menu à partir de l'icône de menu dans la barre de boutons de contrôle de la fenêtre, en cliquant avec le bouton droit dans l'interface, ou en appuyant sur Maj+ F10 • Les paramètres associés aux sonneries et aux images d'arrière-plan peuvent être définis en choisissant bouton Paramètres > Préférences utilisateur. • La plupart des paramètres sont accessibles dans IP Communicator, mais quelques-uns d'entre eux sont accessibles en ligne via vos pages Web Options utilisateur. Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Réglage du volume d'un appel 4-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Remarque Si vous n'obtenez pas de réponse lorsque vous appuyez sur le bouton Paramètres, il est possible que votre administrateur système ait désactivé cette touche sur votre téléphone. Pour plus d'informations, contactez votre administrateur système. Rubriques connexes • Affichage et personnalisation des préférences, page 4-5 • Personnalisation des sonneries et des indicateurs de message, page 4-3 • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Réglage du volume d'un appel . Conseils • Vous pouvez régler le volume uniquement pour le mode audio actif. Si vous augmentez le volume en mode Haut-parleur, par exemple, le volume du mode Casque demeure inchangé. • Si vous réglez le volume d'un mode audio sans enregistrer la modification, le niveau précédent sera rétabli lorsque vous réutiliserez ce mode. • Si vous réglez le volume d'un périphérique audio directement sur celui-ci (par exemple, si vous réglez les contrôles de volume de l'ordinateur), il est possible que la fenêtre Vérifier les paramètres audio apparaisse au prochain démarrage de Cisco IP Communicator. Voir Utilisation de l'Assistant de réglage audio, page 1-6. Pour... Procédez comme suit : Régler le volume au cours d'un appel Cliquez sur le bouton Volume ou appuyez sur les touches Page préc./Page suiv au cours d'un appel ou après avoir déclenché la tonalité. Cliquez sur Enreg. pour adopter le nouveau volume comme niveau par défaut du mode audio actif. Vous pouvez également régler le niveau du volume à l'aide des options de réglage de l'ordinateur ou des réglages disponibles sur le périphérique audio (voir la section Conseils pour plus d'informations sur la procédure à suivre). Régler le volume de la sonnerie Cliquez sur le bouton Vo lume alors que Cisco IP Communicator est raccroché (aucun appel et aucune tonalité en cours). Le nouveau volume de la sonnerie est automatiquement enregistré.4-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Personnalisation des sonneries et des indicateurs de message Personnalisation des sonneries et des indicateurs de message Vous pouvez personnaliser la manière dont Cisco IP Communicator signale la présence d'un appel entrant ou d'un nouveau message vocal sur chacune de vos lignes. La personnalisation des sonneries et autres indicateurs peut vous aider à différencier rapidement plusieurs lignes. Par exemple, vous pouvez sélectionner un pépiement d'oiseau pour indiquer que l'appel entrant est sur la ligne1 et un battement de tambour pour les appels entrants sur la ligne 2. Les options des pages Web Options utilisateur Cisco Unified CM peuvent varier. Si vous ne parvenez pas à trouver une option, contactez votre administrateur système. Pour... Procédez comme suit : Utiliser une mélodie différente pour chaque ligne 1. Cliquez sur le bouton Paramètres et sélectionnez Préférences utilisateur> Sonneries. 2. Choisissez une ligne téléphonique ou la sonnerie par défaut. 3. Sélectionnez une sonnerie pour en entendre un échantillon. 4. Appuyez sur Sélect. et sur Enreg. pour utiliser cette sonnerie, ou appuyez sur Annuler. Modifier la séquence de la sonnerie (clignotement seulement, une sonnerie, bip seulement, etc.) 1. Sélectionnez Options utilisateur Cisco Unified CM dans le menu contextuel. 2. Accédez aux pages Web Options utilisateur Cisco Unified CM. 3. Sélectionnez votre périphérique. 4. Cliquez sur Paramètres de ligne, et effectuez des sélections dans la section Paramètres de sonnerie.Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Personnalisation de l'écran du téléphone 4-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Réglage du volume d'un appel, page 4-2 • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Personnalisation de l'écran du téléphone Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Modifier le comportement de l'indicateur de message vocal 1. Sélectionnez Options utilisateur Cisco Unified CM dans le menu contextuel. 2. Accédez aux pages Web Options utilisateur Cisco Unified CM. 3. Sélectionnez votre périphérique. 4. Cliquez sur Paramètres de ligne, et effectuez vos modifications dans la section Indicateur de messages en attente. En général, la stratégie par défaut est de toujours allumer l'indicateur lorsque vous recevez un nouveau message vocal. Notez l'emplacement de l'indicateur de messages en attente : • Si vous utilisez le mode par défaut (clic droit > Apparences > Mode par défaut), l'indicateur est la bande lumineuse qui apparaît sur le côté gauche de l'interface. • Si vous utilisez le mode compact (clic droit > Apparences > Mode compact), l'indicateur est l'icône d'enveloppe clignotante à côté du bouton de ligne. Pour... Procédez comme suit : Pour... Procédez comme suit : Modifier l'image d'arrière-plan de l'écran du téléphone Cliquez sur le bouton Paramètres et sélectionnez >Préférences utilisateur > Images d'arrière-plan. Cliquez sur le bouton affiché à gauche de l'image à utiliser, cliquez sur Sélect., puis sur Aperçu pour afficher l'arrière-plan. Cliquez sur Quitter pour revenir au menu de sélection. Cliquez sur Enreg. pour accepter l'image ou sur Annuler pour revenir au paramètre précédemment enregistré. Modifier la langue de l'écran de votre téléphone Connectez-vous à vos pages Web Options utilisateur Cisco Unified CM et sélectionnez votre périphérique. Sélectionnez Options utilisateur > Paramètres utilisateur, modifiez les informations sur la langue de l'utilisateur, puis cliquez sur Enreg.4-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences Affichage et personnalisation des préférences Vous pouvez accéder à la plupart des paramètres de Cisco IP Communicator par le biais de la fenêtre Préférences (clic droit > Préférences). • Paramètres utilisateur, page 4-5 • Paramètres réseau, page 4-7 • Paramètres audio, page 4-8 • Affectation de modes audio, page 4-9 • Paramètres audio du réseau, page 4-13 • Paramètres audio avancés, page 4-13 • Paramètres de répertoire, page 4-15 Paramètres utilisateur Vous pouvez accéder à l'onglet Utilisateur de la fenêtre Préférences (clic droit > Préférences > onglet Utilisateur). Élément Description Pour plus d'informations, consultez... Activer la journalisation Lorsque cette option est activée, votre administrateur système peut extraire des journaux Cisco IP Communicator détaillés pour procéder à la résolution de problèmes. Votre administrateur système peut vous demander d'activer ce paramètre. Dépannage Cisco IP Communicator, page 8-1 Fermer masque l'application Lorsque vous activez cette fonctionnalité puis fermez l'application, CIPC n'est pas fermé : il est caché dans l'icône de la barre d'état système . Double-cliquez sur l'icône de la barre d'état système pour restaurer l'application. Cette fonctionnalité est activée par défaut. Passer un appel, page 3-3Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences 4-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Paramètres réseau, page 4-7 • Paramètres audio, page 4-8 • Paramètres de répertoire, page 4-15 Ramener au premier plan lors d'un appel actif Lorsque cette option est activée, l'application est affichée au-dessus de toutes les autres lorsqu'un appel entrant arrive. Lorsque l'option est désactivée, l'application n'est pas affichée au-dessus des autres lorsqu'un appel entrant arrive. Les seuls éléments indiquant l'arrivée de l'appel sont la sonnerie et la fenêtre intempestive de notification. Réponse à un appel, page 3-9 Masquer la notification d'appel entrant Lorsque cette option, le message de notification d'appel entrant ne s'affiche plus lorsqu'un appel arrive. Réponse à un appel, page 3-9 Utiliser la valeur par défaut (Serveur TFTP) Lorsque cette option est sélectionnée, l'adresse du serveur TFTP spécifiée dans l'onglet Paramètres réseau est utilisée. Il s'agit de la valeur par défaut. Le format est le suivant : http:///utilisateurccm Votre administrateur système vous indiquera si vous devez modifier ce paramètre. Chapitre 7, “Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM” Utiliser une URL spécifique Saisissez une autre URL à utiliser lors de l'ouverture de la page Options utilisateur Cisco Unified CM. Utilisez le format suivant : http:///utilisateurccm Votre administrateur système vous indiquera si vous devez modifier ce paramètre. Chapitre 7, “Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM” Élément Description Pour plus d'informations, consultez...4-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences Paramètres réseau Vous pouvez accéder à l'onglet Réseau de la fenêtre Préférences (clic droit > Préférences > onglet Réseau). Attention La modification de ces paramètres risque d'entraîner une panne sur votre téléphone. Ne modifiez pas ces paramètres avant d'avoir consulté votre administrateur système. Rubriques connexes • Paramètres audio, page 4-8 • Paramètres de répertoire, page 4-15 Élément Description Pour plus d'informations, consultez... Utiliser l'adaptateur réseau pour générer le nom de périphérique Ce paramètre, défini immédiatement après l'installation, permet à Cisco IP Communicator de s'identifier sur le réseau ; il n'est pas utilisé pour les transmissions audio. C'est pourquoi vous n'avez pas besoin de modifier ce paramètre une fois qu'il a été défini, à moins que vous ne supprimiez ou désactiviez définitivement la carte réseau sélectionnée. Dans ce cas, contactez votre administrateur système avant de sélectionner une autre carte. Si vous disposez de plusieurs cartes réseau et si vous êtes invité à en choisir une immédiatement après l'installation de Cisco IP Communicator, votre administrateur système vous indiquera quelle carte utiliser. Configuration et enregistrement Cisco IP Communicator, page 1-9 Utiliser ce nom de périphérique Ce paramètre permet de saisir un nom de périphérique en texte libre que Cisco IP Communicator pourra utiliser pour s'identifier auprès du réseau. Votre administrateur système vous fournira le nom du périphérique. Configuration et enregistrement Cisco IP Communicator, page 1-9 Zone Serveurs TFTP Cette zone permet d'indiquer les serveurs TFTP ou de rétablir l'utilisation du serveur TFTP par défaut. Votre administrateur vous indiquera si vous devez modifier ce paramètre. Configuration et enregistrement Cisco IP Communicator, page 1-9Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences 4-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Paramètres audio Vous pouvez accéder à l'onglet Audio de la fenêtre Préférences (clic droit > Préférences > onglet Audio). Rubriques connexes • Affectation de modes audio, page 4-9 • Paramètres audio du réseau, page 4-13 • Paramètres audio avancés, page 4-13 Élément Description Pour plus d'informations, voir... Zone Périphériques pour les modes audio Cette zone permet d'associer un périphérique à un mode audio. La liste déroulante affiche les périphériques audio actuellement disponibles, installés avant le démarrage de Cisco IP Communicator. Pour des informations sur le paramètre Périphérique audio Windows par défaut, voir Sélection d'un mode audio, page 4-9. • Installation de périphériques audio avant le lancement initial, page 1-3 • Affectation de modes audio, page 4-9 • Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator, page 5-1 Zone Périphérique pour la sonnerie Cette zone permet d'associer un périphérique à la sonnerie. Installation de périphériques audio avant le lancement initial, page 1-3 Optimiser pour une bande passante étroite Si vous utilisez Cisco IP Communicator sur une connexion à distance (par exemple, la connexion VPN de votre domicile ou d'un hôtel), vous risquez de rencontrer des problèmes de qualité vocale en raison d'une bande passante insuffisante. Lorsque vous utilisez Cisco IP Communicator sur une connexion à distance, vous pouvez éviter les éventuels problèmes de son robotisé.et d'autres problèmes en activant l'option Optimiser pour une bande passante étroite. Dépannage Cisco IP Communicator, page 8-1 Bouton Réseau Ce bouton permet d'ouvrir la fenêtre Paramètres audio réseau. Paramètres audio du réseau, page 4-13 Bouton Avancés Ce bouton permet d'ouvrir la fenêtre Paramètres audio avancés. Paramètres audio avancés, page 4-134-9 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences Affectation de modes audio Vous devez affecter un mode audio à chaque périphérique audio utilisé avec Cisco IP Communicator : • mode Casque • mode Haut-parleur • mode Combiné • mode de sonnerie La sélection d'un mode audio indique à Cisco IP Communicator quels périphériques audio utiliser pour les entrées et les sorties audio. Au démarrage initial de Cisco IP Communicator, vous pouvez affecter des périphériques audio à des modes audio à l'aide de l'Assistant de réglage audio. Vous pouvez ensuite affecter des périphériques audio aux modes en cliquant avec le bouton droit dans Cisco IP Communicator et en sélectionnant Préférences > onglet Audio. Rubriques connexes • Installation de périphériques audio avant le lancement initial, page 1-3 • Sélection d'un mode audio, page 4-9 • Activation d'un mode audio, page 4-11 • À propos des périphériques audio des listes déroulantes Audio, page 4-12 Sélection d'un mode audio Par défaut, Cisco IP Communicator sélectionne un périphérique audio pour tous les modes audio et pour la sonnerie. Il peut s'agir d'une carte son, par exemple. Si vous disposez de plusieurs périphériques audio, vous bénéficiez d'options de configuration supplémentaires. Par exemple, si vous utilisez un casque USB, vous pouvez le sélectionner pour le mode Casque et l'activer en cliquant sur le bouton Casque.Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences 4-10 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Vous pouvez conserver la configuration par défaut ou la personnaliser. Si vous décidez de personnaliser la configuration, suivez les recommandations ci-après : • Si vous utilisez un casque USB, associez-le au mode Casque. • Si vous utilisez un haut-parleur USB externe, associez-le au mode Haut-parleur. • Si vous utilisez un combiné USB, associez-le au mode Combiné. • Si vous utilisez un casque analogique, associez la carte son de l'ordinateur au mode Casque. • Si vous ne disposez pas d'un haut-parleur externe, sélectionnez la carte son de l'ordinateur pour le mode Haut-parleur. • Associez la sonnerie au périphérique qui doit vous signaler les appels entrants. Notez toutefois que si vous associez la sonnerie à une carte son et branchez un casque analogique sur l'ordinateur, vous n'entendrez pas le téléphone sonner si vous ne portez pas le casque. Conseil Vous pouvez utiliser les paramètres de lecture et d'enregistrement du son du Panneau de configuration de Windows (Sons et multimédia > onglet Audio ou Sons et périphériques audio > onglet Audio pour Windows XP) comme périphériques audio de Cisco IP Communicator. Dans la fenêtre Préférences de Cisco IP Communicator (clic droit > Préférences > onglet Audio), sélectionnez Périphérique audio Windows par défaut dans le liste déroulante pour un ou plusieurs paramètres et cliquez sur OK. Utilisez cette méthode pour utiliser un périphérique pour la lecture du son et un autre (par exemple, un microphone de caméra VT) pour l'enregistrement du son. Rubriques connexes • Activation d'un mode audio, page 4-11 • À propos des périphériques audio des listes déroulantes Audio, page 4-124-11 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences Activation d'un mode audio Rubriques connexes • Sélection d'un mode audio, page 4-9 • À propos des périphériques audio des listes déroulantes Audio, page 4-12 • Utilisation d'un casque, page 5-2 • Utilisation de votre ordinateur comme poste téléphonique à haut-parleur, page 5-4 • Utilisation d'un combiné USB, page 5-5 Pour... Procédez comme suit : Activer le mode Casque Cliquez sur le bouton Casque (éteint). Cette action active le périphérique que vous avez sélectionné pour ce mode. Si vous souhaitez adopter le mode Casque comme mode par défaut, cliquez sur le bouton Casque (éteint) et sur FinApp. Le mode Casque restera le mode audio par défaut tant que le bouton Casque sera allumé (sauf si un combiné USB est activé). Activer le mode Haut-parleur Cliquez sur le bouton Haut-parleur. Cette action active le périphérique que vous avez sélectionné pour ce mode. Par défaut, le mode Haut-parleur est activé lorsque vous cliquez sur les touches de fonction, les boutons de ligne et les boutons de numérotation abrégée (sauf si un combiné USB est activé). Activer le mode Combiné Décrochez à l'aide du combiné USB (à condition que ce périphérique soit disponible et associé au mode Combiné). La méthode employée pour décrocher le combiné USB dépend de la façon dont le combiné est conçu. Vous devrez peut-être appuyer sur un interrupteur ou sur un bouton de mise en route. Activer la sonnerie La sonnerie est activée quand vous recevez un appel.Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences 4-12 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 À propos des périphériques audio des listes déroulantes Audio Les listes déroulantes Audio de l'onglet Audio (clic droit > Préférences > onglet Audio) contiennent un ou plusieurs périphériques audio. Voici quelques informations sur le contenu de ces listes : • Si un seul périphérique audio est installé au démarrage de Cisco IP Communicator, un seul périphérique audio apparaît dans chaque liste. • Tous les périphériques audio installés ne figurent pas dans les listes des modes audio. Les périphériques présentés dans ces menus sont ceux nécessitant des pilotes (combinés USB, casques USB et cartes son). • Les périphériques audio analogiques, qui se branchent dans les prises audio de l'ordinateur, ne figurent pas dans les listes de modes audio. Cisco IP Communicator ne fait aucune distinction entre les périphériques audio analogiques et votre carte son. Pour sélectionner un périphérique analogique, sélectionnez votre carte son • Si aucun périphérique audio USB installé et aucune carte son ne figurent dans la liste, vérifiez que le périphérique est inséré et relancez Cisco IP Communicator. Cisco IP Communicator ne reconnaît que les périphériques audio qui sont installés et branchés lors du lancement de l'application.) Remarque Si le système d'exploitation Windows trouve des périphériques audio et si Périphérique audio Windows par défaut apparaît dans la liste déroulante, consultez Sélection d'un mode audio, page 4-9. Rubriques connexes • Installation de périphériques audio avant le lancement initial, page 1-3 • Utilisation de l'Assistant de réglage audio, page 1-6 • Affichage et personnalisation des préférences, page 4-5 • Suppression et réinstallation de périphériques audio, page 5-64-13 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences Paramètres audio du réseau Vous pouvez accéder à l'onglet Audio du réseau de la fenêtre Préférences (clic droit > Préférences > onglet Audio> bouton Réseau). Attention La modification de ces paramètres risque d'entraîner une panne sur votre téléphone. Ne modifiez pas ces paramètres avant d'avoir consulté votre administrateur système. Rubriques connexes • Paramètres audio, page 4-8 • Paramètres audio avancés, page 4-13 • Dépannage Cisco IP Communicator, page 8-1 Paramètres audio avancés Vous pouvez accéder aux paramètres audio avancés dans la fenêtre Préférences (clic droit > Préférences > onglet Audio> bouton Avancés). Élément Description Zone Adresse IP audio Le paramètre par défaut de cette zone est Détecter automatiquement. Ne le modifiez que si l'administrateur système vous le demande. Zone Plage de ports audio Le paramètre par défaut de cette zone est Utiliser la plage de ports par défaut. Ne le modifiez que si l'administrateur système vous le demande.Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences 4-14 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Élément Description Pour plus d'informations, voir... Mode Sélectionne le mode audio (haut-parleur, casque ou combiné) auquel appliquer les modifications. • Affectation de modes audio, page 4-9 • Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator, page 5-1 Noise Suppression Enabled (Annulation du bruit active) Tente de supprimer les bruits de fond entendus dans le microphone et qui interfèrent avec votre voix. L'annulation du bruit est activée par défaut. Dépannage Cisco IP Communicator, page 8-1 Levels of Aggressiveness (Niveaux d'agressivité) Définit le degré d'annulation du bruit. L'annulation de bruit minimale est la valeur par défaut. Vous devez augmenter le niveau d'agressivité d'un cran si votre interlocuteur se plaint de ne pas bien vous entendre à cause des bruits de fond. Ne passez pas directement d'un extrême à l'autre ; par exemple, passez toujours du niveau minimum au niveau moyen, et du niveau moyen au niveau maximum. Tentez de sélectionner le mode le moins agressif pour réduire ou éliminer le bruit. Remarque En changeant le niveau d'agressivité, vous risquez de modifier également la manière dont votre voix est transmise. Votre interlocuteur risque d'entendre une voix robotisée ou métallique. Dépannage Cisco IP Communicator, page 8-14-15 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences Rubriques connexes • Paramètres audio, page 4-8 • Paramètres audio du réseau, page 4-13 Paramètres de répertoire Vous pouvez accéder à l'onglet Répertoires de la fenêtre Préférences (clic droit > Préférences > onglet Répertoires). Avant d'utiliser la fonction Recherche rapide pour consulter les répertoires d'entreprise, vous devrez peut-être entrer un nom d'utilisateur et un mot de passe dans la fenêtre Répertoires. Essayez tout d'abord d'utiliser la fonction Recherche rapide sans entrer ces informations. Si la fonction ne répond pas, demandez vos nom d'utilisateur et mot de passe pour la fenêtre Répertoires à votre administrateur système et entrez ces informations ici. Vous devez également indiquer vos nom d'utilisateur et mot de passe pour les répertoires dans cette fenêtre si vous souhaitez utiliser la fonction Recherche rapide pour consulter votre Carnet d'adresses personnel. Rubriques connexes • Utilisation du répertoire personnel, page 6-7 • Saisie d'informations de mot de passe pour la fonction Recherche rapide, page 6-11 Bouton OK Enregistre toutes les modifications effectuées (y compris les changements apportés aux modes qui ne sont pas actuellement sélectionnés). Affectation de modes audio, page 4-9 Bouton Appliquer à tous Applique les paramètres du mode audio actuellement sélectionné à tous les autres modes audio. Affectation de modes audio, page 4-9 Élément Description Pour plus d'informations, voir...Chapitre 4 Personnalisation des paramètres sur Cisco IP Communicator Affichage et personnalisation des préférences 4-16 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01C H A P I T R E 5-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Ce chapitre décrit comment utiliser des périphériques tels qu'un combiné, un casque d'écoute et les haut-parleurs et le microphone de l'ordinateur avec les modes audio de Cisco IP Communicator (mode Combiné, mode Casque et mode Haut-parleur). • Obtention de périphériques audio, page 5-1 • Utilisation d'un casque, page 5-2 • Utilisation de votre ordinateur comme poste téléphonique à haut-parleur, page 5-4 • Utilisation d'un combiné USB, page 5-5 • Suppression et réinstallation de périphériques audio, page 5-6 Obtention de périphériques audio Votre administrateur système vous fournira peut-être des périphériques audio. Si vous prévoyez d'en acheter, demandez à votre administrator système de vous fournir la plus récente liste de périphériques pris en charge.Chapitre 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Utilisation d'un casque 5-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Utilisation d'un casque Vous pouvez utiliser un casque USB ou un casque analogique avec Cisco IP Communicator. • Les casques USB sont dotés de fiches plates et rectangulaires qui se branchent dans un port USB de votre ordinateur. • Les casques analogiques sont dotés de fiches rondes qui se branchent dans les connecteurs audio de l'ordinateur. Les casques analogiques fonctionnent avec la carte son de l'ordinateur et ne nécessitent pas de pilote de périphérique. Le tableau suivant indique comment utiliser un casque pour passer et prendre des appels. Pour... Procédez comme suit : Utiliser un casque pour passer et prendre des appels Vérifiez que le bouton Casque est activé (allumé) pour indiquer que Cisco IP Communicator fonctionne en mode Casque. Vous pouvez activer et désactiver le mode Casque en cliquant sur le bouton Casque ou à l'aide du raccourci clavier Ctrl + H. Si vous utilisez un casque en tant que périphérique audio principal, il est utile de garder le bouton Casque allumé même après la fin d'un appel, en cliquant sur FinApp. au lieu d'appuyer sur le bouton Casque pour raccrocher. Lorsque le bouton Casque n'est pas allumé, Cisco IP Communicator utilise le mode Haut-parleur comme mode audio par défaut. Cisco IP Communicator répond à l'activation de touches de fonctions et de boutons de numérotation abrégée, ainsi qu'à d'autres fonctionnalités, en acheminant l'audio par le biais du mode actif. Vous pouvez utiliser un casque avec tous les contrôles de Cisco IP Communicator, y compris le bouton Volume et le bouton Secret. Remarque Bien que les casques analogiques fonctionnent en mode Haut-parleur, leur utilisation en mode Casque permet d'améliorer la qualité du son.5-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Utilisation d'un casque Conseil La fonction Réponse automatique est une fonction spéciale que votre administrateur système peut activer pour vous si vous recevez un volume important d'appels entrants, ou si vous gérez les appels d'autres personnes. Lorsque la fonction Réponse automatique est activée, Cisco IP Communicator répond automatiquement aux appels téléphoniques et les achemine par le biais du mode Haut-parleur ou du mode Casque, selon votre configuration. Rubriques connexes • Comment traiter les appels simples, page 3-1 • Affectation de modes audio, page 4-9 • Utilisation de votre ordinateur comme poste téléphonique à haut-parleur, page 5-4 Utiliser un casque analogique comme périphérique audio unique Suivez les directives décrites à la ligne précédente. Souvenez-vous que la sonnerie n'est audible que par le biais des haut-parleurs de votre casque lorsque ce dernier est branché dans votre ordinateur. Vous devez porter votre casque pour pouvoir entendre la sonnerie du téléphone. Utiliser la fonction Réponse automatique avec un casque Gardez le bouton Casque activé (allumé) en cliquant sur FinApp pour raccrocher. (Cliquez d'abord sur le bouton Casque si nécessaire). Lorsque le bouton Casque est allumé, Cisco IP Communicator fonctionne en mode Casque. Passer au mode Casque pendant un appel Cliquez sur le bouton Casque ou utilisez le raccourci clavier Ctrl + H. Si vous utilisiez un combiné USB avant le changement de mode, vous pouvez l'éteindre ou le raccrocher. Pour... Procédez comme suit :Chapitre 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Utilisation de votre ordinateur comme poste téléphonique à haut-parleur 5-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Utilisation de votre ordinateur comme poste téléphonique à haut-parleur Vous pouvez utiliser la carte son de l'ordinateur pour passer et prendre des appels en mode Haut-parleur. Conseil La fonction Réponse automatique est une fonction spéciale que votre administrateur système peut activer pour vous si vous recevez un volume important d'appels entrants, ou si vous gérez les appels d'autres personnes. Lorsque la fonction Réponse automatique est activée, Cisco IP Communicator répond automatiquement aux appels téléphoniques et les achemine par le biais du mode Haut-parleur ou du mode Casque, selon votre configuration. Pour... Procédez comme suit : Utiliser votre ordinateur comme un téléphone à haut-parleur pour passer et prendre des appels Vérifiez que le bouton Haut-parleur est allumé pour vous assurer que Cisco IP Communicator fonctionne en mode Haut-parleur. À l'encontre des autres modes, le mode Haut-parleur permet la suppression de l'écho. Vous pouvez activer et désactiver le mode Haut-parleur en cliquant sur le bouton Haut-parleur ou à l'aide du raccourci clavier Ctrl + P. Le mode Haut-parleur est activé par défaut. Cela signifie que de nombreuses actions nécessaires pour passer ou prendre un appel (telles que l'utilisation d'un bouton de numérotation abrégée ou d'une touche de fonction) déclenchent automatiquement le mode Haut-parleur. Remarque Lorsqu'un casque analogique est branché sur votre ordinateur, vous ne pouvez pas entendre de son par le biais des haut-parleurs de l'ordinateur en mode Haut-parleur. Passer au mode Haut-parleur pendant un appel Cliquez sur le bouton Haut-parleur ou utilisez le raccourci clavier Ctrl + P. Si vous utilisiez un combiné avant le changement de mode, éteignez-le ou raccrochez-le. Utiliser le haut-parleur de l'ordinateur comme sonnerie pour vous avertir des appels entrants Vérifiez que votre carte son est affectée au mode Sonnerie et que vous n'avez pas coupé le son du haut-parleur de l'ordinateur. Si vous branchez un casque analogique sur votre ordinateur, la sonnerie n'est audible que par le biais des haut-parleurs du casque. Utiliser la fonction Réponse automatique en mode Haut-parleur Cliquez sur le bouton Haut-parleur pour passer, prendre ou mettre fin à des appels, pour ouvrir et fermer des lignes et pour passer d'un autre périphérique audio au mode Haut-parleur. Comme le mode Haut-parleur est activé par défaut, il n'est pas nécessaire de garder le bouton correspondant allumé comme pour le mode Casque.5-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Utilisation d'un combiné USB Rubriques connexes • Comment traiter les appels simples, page 3-1 • Affectation de modes audio, page 4-9 • Utilisation d'un casque, page 5-2 • Utilisation d'un combiné USB, page 5-5 Utilisation d'un combiné USB Vous devez affecter un combiné USB au mode Combiné. Cette configuration permet à Cisco IP Communicator de savoir si le combiné est raccroché ou décroché, pour que vous puissiez, par exemple, mettre fin à un appel en raccrochant le combiné USB. Pour plus d'informations sur cette affectation, voir Affectation de modes audio, page 4-9. Rubriques connexes • Installation de périphériques audio avant le lancement initial, page 1-3 • Comment traiter les appels simples, page 3-1 • Utilisation d'un casque, page 5-2 • Utilisation de votre ordinateur comme poste téléphonique à haut-parleur, page 5-4 • Suppression et réinstallation de périphériques audio, page 5-6 Pour... Procédez comme suit : Passer ou mettre fin à un appel à l'aide du combiné Activer ou désactiver le combiné USB. De nombreux combinés sont dotés d'un crochet commutateur ou d'un interrupteur. Soulevez le combiné ou activez-le pour le décrocher. Vous pouvez utiliser un combiné USB avec tous les contrôles de Cisco IP Communicator, y compris le bouton Volume et le bouton Secret. Passer au mode Combiné pendant un appel Soulevez le combiné (ou activez-le comme il convient). Chapitre 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Suppression et réinstallation de périphériques audio 5-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Suppression et réinstallation de périphériques audio Si vous utilisez Cisco IP Communicator sur un ordinateur portable, vous devrez sans doute souvent supprimer et réinstaller les périphériques audio lorsque vous vous déplacez. Le tableau suivant contient des informations sur la réinstallation d'un périphérique audio lorsque vous êtes prêt à l'utiliser de nouveau. Pour... Procédez comme suit : Réinstaller un combiné USB, un casque USB ou une carte son préalablement réglés 1. Installer le périphérique audio (par exémple, branchez le combiné USB) lorsque Cisco IP Communicator n'est pas en cours d'exécution. 2. Lancez Cisco IP Communicator. 3. Sélectionnez le périphérique et réglez-le si nécessaire. Vous pouvez accéder manuellement à l'Assistant de réglage audio par le biais de Cisco IP Communicator (cliquez avec le bouton droit de la souris sur> Préférences > onglet Audio). 4. Si nécessaire, affectez le périphérique aux modes audio souhaités. Installer un nouveau périphérique lorsque l'application est en cours d'exécution et l'utiliser comme périphérique audio de Cisco IP Communica tor 1. Cliquez avec le bouton droit de la souris sur > Préférences > onglet Audio, et sélectionnez le périphérique dans la liste déroulante pour le mode audio. 2. Cliquez sur OK. 3. Réglez le périphérique lorsque l'Assistant de réglage audio est automatiquement lancé. Définissez un périphérique spécifique à utiliser lors du prochain appel 1. Vérifiez que Cisco IP Communicator est en cours d'exécution. 2. Configurez-le pour utiliser le périphérique Windows par défaut (cliquez avec le bouton droit de la souris sur > Préférences > onglet Audio et sélectionnez Périphérique audio Windows par défaut). 3. Connectez un nouveau périphérique et définissez-le comme périphérique audio Windows par défaut dans le Panneau de configuration de Windows. 4. Lancez manuellement l'Assistant de réglage audio (cliquez avec le bouton droit de la souris sur > Assistant de réglage audio) pour régler ce périphérique avant de l'utiliser. Si vous redémarrez l'application sans avoir réglé le périphérique, l'Assistant de réglage audio est automatiquement lancé afin que vous puissiez régler le périphérique, et Cisco IP Communicator utilise ce périphérique lors du prochain appel.5-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Suppression et réinstallation de périphériques audio Conseils • Chaque fois que vous le lancez, Cisco IP Communicator vérifie que le périphérique audio que vous avez utilisé lors de votre session pécédente est présent. Si le périphérique est introuvable, Cisco IP Communicator vous invite à le brancher. • Si vous installez un périphérique audio qui nécessite des pilotes de périphérique (un combiné USB, un casque USB ou une carte son) après le lancement de Cisco IP Communicator, ce dernier ne reconnaîtra pas le périphérique tant que vous n'aurez pas lancé à nouveau l'application. L'Assistant de réglage audio est automatiquement lancé afin que vous puissiez régler le périphérique. • Si vous utilisez Cisco IP Communicator sur une connexion à distance, établissez la connectivité VPN avant de lancer Cisco IP Communicator. • Si vous réinstallez un combiné ou un casque USB sur un poste de travail Microsoft Vista, assurez-vous que le système d'exploitation détecte le périphérique USB. Sinon, Cisco IP Communicator ne pourra pas le trouver. Rubriques connexes • Installation de périphériques audio avant le lancement initial, page 1-3 • Utilisation de l'Assistant de réglage audio, page 1-6 • Affectation de modes audio, page 4-9 • Suppression et réinstallation de périphériques audio, page 5-6Chapitre 5 Utilisation de casques d'écoute et d'autres périphériques audio avec Cisco IP Communicator Suppression et réinstallation de périphériques audio 5-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01C H A P I T R E 6-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Cisco IP Communicator • Accès aux messages vocaux, page 6-1 • Utilisation des journaux d'appels, page 6-3 • Composition à partir d'un répertoire, page 6-5 • Utilisation du répertoire personnel, page 6-7 Accès aux messages vocaux Votre société détermine le service de messagerie vocale utilisé par votre système téléphonique. Pour obtenir des informations précises et détaillées sur ce service, consultez la documentation correspondante. Le tableau suivant fournit une vue d'ensemble des fonctionnalités du service de messagerie vocale.Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Accès aux messages vocaux 6-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Contrôle des paramètres de ligne, page 7-10 • Personnalisation des sonneries et des indicateurs de message, page 4-3 Pour... Procédez comme suit : Configurer et personnaliser votre service de messagerie vocale Cliquez sur le bouton Messages et suivez les invites vocales. Si un menu apparaît à l'écran de votre téléphone, sélectionnez l'élément de menu approprié. Consulter vos nouveaux messages vocaux Recherchez : • Un témoin lumineux rouge fixe sur votre combiné. (Cet indicateur peut varier.) • Une icône d'enveloppe clignotante et un message texte sur l'écran du téléphone. Remarque Le témoin lumineux rouge et l'icône de message en attente ne s'affichent que lorsque vous avez un message sur votre ligne principale, même si des messages vocaux arrivent sur d'autres lignes. Vé r if iez s i : Une tonalité accélérée se fait entendre dans le combiné, le casque ou le haut-parleur lorsque vous passez un appel. Remarque La tonalité accélérée est propre à la ligne. Vous ne l'entendez que lorsque vous utilisez la ligne associée au message en attente. Écouter vos messages vocaux ou accéder au menu des messages vocaux Cliquez sur le bouton Messages. Selon le service de messagerie vocale dont vous disposez, cette opération compose automatiquement le numéro du service de messagerie ou affiche un menu à l'écran. Transférer un appel vers votre système de messagerie vocale Cliquez sur Rvoi Im. La fonction Rvoi Im transfère automatiquement un appel (y compris un appel en sonnerie ou en attente) vers votre système de messagerie vocale. Les appelants entendent le message d'accueil de votre messagerie vocale et peuvent vous laisser un message.6-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Cisco IP Communicator Utilisation des journaux d'appels Utilisation des journaux d'appels Cisco IP Communicator tient à jour des journaux d'appels. Les journaux contiennent les enregistrement de vos appels en absence, passés et reçus. Pour... Procédez comme suit : Afficher les journaux d’appels Cliquez sur le bouton Répertoires et choisissez Appels en absence, Appels composés ou Appels reçus. Chaque journal peut contenir un nmaximum de 100 enregistrements. Afficher les détails d'un enregistrement d'appel 1. Cliquez sur le bouton Répertoires et choisissez Appels en absence, Appels composés ou Appels reçus. 2. Mettre un enregistrement d'appel en surbrillance 3. Appuyez sur Détails. Cette action permet d'afficher des informations comme le numéro appelé, le numéro de l'appelant, l'heure et la durée de l'appel (uniquement pour les appels passés et reçus). Effacer les enregistrements d'appels de tous les journaux Cliquez sur le bouton Répertoires puis sur Effacer. Effacer tous les enregistrements d'appels d'un journal 1. Cliquez sur le bouton Répertoires et choisissez Appels en absence, Appels composés ou Appels reçus. 2. Mettre un enregistrement d'appel en surbrillance 3. Appuyez sur Effacer. (Vous devrez peut-être appuyer d'abord sur la touche de fonction autres pour afficher le bouton Effacer). Effacer un seul enregistrement d'appel 1. Cliquez sur le bouton Répertoires et choisissez Appels en absence, Appels composés ou Appels reçus. 2. Mettre un enregistrement d'appel en surbrillance 3. Cliquez sur Supprimer. Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Utilisation des journaux d'appels 6-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34 Composer un numéro à partir d'un journal d'appel (sans être déjà en ligne) 1. Cliquez sur le bouton Répertoires et choisissez Appels en absence, Appels composés ou Appels reçus. 2. Mettre un enregistrement d'appel en surbrillance Remarque Si la touche de fonction Détails apparaît, l'appel est l'entrée principale d'un appel à plusieurs interlocuteurs. 3. Pour afficher le numéro, appuyez sur ModNum puis sur << ou >>. Pour supprimer le numéro, appuyez sur ModNum puis sur Supprimer. (Vous devrez peut-être appuyer d'abord sur la touche de fonction autres pour afficher le bouton Supprimer). 4. Décrochez pour passer l'appel. Composer un numéro à partir d'un journal d'appel (en étant déjà en ligne) 1. Cliquez sur le bouton Répertoires et choisissez Appels en absence, Appels composés ou Appels reçus. 2. Mettre un enregistrement d'appel en surbrillance 3. Pour afficher le numéro, appuyez sur ModNum puis sur << ou >>. Pour supprimer le numéro, appuyez sur ModNum puis sur Supprimer. (Vous devrez peut-être appuyer d'abord sur la touche de fonction autres pour afficher le bouton Supprimer). 4. Appuyez sur Compos. 5. Choisissez ensuite un élément de menu pour traiter l'appel initial : – Attente : met le premier appel en attente et compose le second. – Transfert : transfère le premier interlocuteur vers le second et vous déconnecte de l'appel. Sélectionnez à nouveau cette option après avoir composé le numéro pour terminer l'opération. – Conférence : établit une conférence téléphonique entre tous les interlocuteurs, vous y compris. (Appuyez à nouveau sur Conf. ou Conférence après avoir composé le numéro pour terminer l'opération.) – FinApp. : déconnecte le premier appel et compose le second. Voir si la ligne figurant dans le journal d'appels est occupée avant d'appeler cette ligne Recherchez des indicateurs de fonction de ligne occupée. Afficher l'historique des appels intercom Cliquez sur le bouton Répertoires et sélectionnez Historique intercom. Les détails des 25 plus récents appels intercom sont enregistrés. Il est impossible de composer des numéros intercom à partir de cette liste. Pour... Procédez comme suit :6-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Cisco IP Communicator Composition à partir d'un répertoire Composition à partir d'un répertoire Selon sa configuration, Cisco IP Communicator peut proposer des fonctionnalités de répertoire d'entreprise et personnel : • Répertoire d'entreprise : contacts professionnels auxquels vous pouvez accéder sur Cisco IP Communicator. Il est configuré et géré par votre administrateur système. • Répertoire personnel : il s'agit, le cas échéant, de contacts personnels et des codes de numérotation abrégée associés que vous pouvez configurer et auxquels vous pouvez accéder à partir de Cisco IP Communicator et de vos pages Web Options utilisateur Cisco Unified CM. Le répertoire personnel comprend le carnet d'adresses personnel et les numéros abrégés : – Le carnet d'adresses personnel est un répertoire contenant vos contacts personnels. – Les numéros abrégés sont des codes affectés aux entrées du carnet d'adresses personnel pour permettre leur composition rapide.Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Composition à partir d'un répertoire 6-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Utilisation du répertoire d’entreprise Rubriques connexes • Utilisation des indicateurs de fonction de ligne occupée pour déterminer l'état d'une ligne, page 3-34 Pour... Procédez comme suit : Composer un numéro à partir d'un répertoire d'entreprise (sans être déjà en ligne) 1. Appuyez sur le bouton Répertoires, puis sélectionnez Répertoire d'entreprise (le nom exact de ce service peut varier). 2. Saisissez un nom complet ou partiel à l'aide du clavier, puis appuyez sur Recher. 3. Pour composer un numéro, appuyez dessus dans la liste ou recherchez-le en faisant défiler la liste et décrochez le combiné. Composer un numéro à partir d'un répertoire d'entreprise (lorsque vous êtes déjà en ligne) 1. Appuyez sur le bouton Répertoires, puis sélectionnez Répertoire d'entreprise (le nom exact de ce service peut varier). 2. Saisissez un nom complet ou partiel à l'aide du clavier, puis appuyez sur Recher. 3. Faites défiler la liste jusqu'au numéro souhaité et appuyez sur Sélect. 4. Choisissez ensuite un élément de menu pour traiter l'appel initial : – Attente : met le premier appel en attente et compose le second. – Transfert : transfère le premier interlocuteur vers le second et vous déconnecte de l'appel. Sélectionnez à nouveau cette option après avoir composé le numéro pour terminer l'opération. – Conférence : établit une conférence téléphonique entre tous les interlocuteurs, vous y compris. (Appuyez à nouveau sur Conf. ou Conférence après avoir composé le numéro pour terminer l'opération.) – FinApp. : déconnecte le premier appel et compose le second. Vérifier si la ligne de téléphone du répertoire est occupée Vérifiez la présence d'indicateurs d'affichage de ligne occupé (FLO). 6-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Cisco IP Communicator Composition à partir d'un répertoire Utilisation du répertoire personnel Les fonctions du répertoire personnel comprennent le carnet d'adresses personnel et les numéros abrégés. Pour... Procédez comme suit : Accéder au répertoire personnel (pour le carnet d'adresses personnel et les codes de numérotation abrégée) 1. Cliquez sur le bouton Répertoires, puis sélectionnez Répertoire personnel (le nom exact de ce service peut varier). 2. Saisissez votre ID utilisateur et votre PIN Cisco Unified Communications Manager, puis appuyez sur Soum. Rechercher une entrée dans le carnet d'adresses personnel 1. Accédez au répertoire personnel, puis sélectionnez Carnet d'adresses personnel. 2. Saisissez des critères de recherche, puis appuyez sur Soum. 3. Vous pouvez cliquer sur Préc. ou sur Suivant pour passer d'une entrée à l'autre. 4. Mettez en surbrillance l'entrée de carnet d'adresses personnel de votre choix et appuyez sur Sélect. Composer un numéro à partir d’une entrée du carnet d’adresses personnel 1. Recherchez une entrée. 2. Mettez l'entrée en surbrillance, puis appuyez sur Sélect. 3. Appuyez sur Compos. (Vous devrez peut-être d'abord cliquer sur la touche de fonction autres pour afficher le bouton Compos.) 4. Entrez le numéro de téléphone du participant. 5. Mettez en surbrillance le numéro à composer et cliquez sur OK. 6. Appuyez de nouveau sur OK pour composer le numéro. Supprimer une entrée du carnet d'adresses personnel 1. Recherchez une entrée. 2. Mettez l'entrée en surbrillance, puis appuyez sur Sélect. 3. Cliquez sur Supprimer. 4. Cliquez sur OK pour confirmer la suppression.Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Composition à partir d'un répertoire 6-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Modifier une entrée du carnet d'adresses personnel 1. Recherchez une entrée. 2. Mettez l'entrée en surbrillance et appuyez surModif. pour changer un nom ou une adresse électronique. 3. Si nécessaire, sélectionnez Téléph. pour modifier un numéro de téléphone. 4. Cliquez sur MàJ. Ajouter une nouvelle entrée au carnet d'adresses personnel 1. Accédez au répertoire personnel, puis sélectionnez Carnet d'adresses personnel. 2. Accéder à la page Recherche en sélectionnant Soum. (Il n'est pas nécessaire d'entrer les critères de recherche au préalable.) 3. Cliquez sur Nouveau. 4. Utilisez le clavier de votre téléphone pour saisir un nom et les informations de l'adresse électronique. 5. Sélectionnez Téléph. et utilisez le clavier pour saisir des numéros de téléphone. Prenez soin d'inclure tous les codes d'accès nécessaires, comme 9 ou 1. 6. Sélectionnez Soum. pour ajouter l'entrée à la base de données. Affecter un code de numérotation abrégée à une entrée du carnet d'adresses personnel 1. Rechercher l'entrée dans le carnet d'adresses personnel. 2. Mettez l'entrée en surbrillance, puis appuyez sur Sélect. 3. Appuyez sur Numéro abrégé. 4. Mettez en surbrillance le numéro à composer et appuyez sur Sélect. 5. Mettez en surbrillance le code de numérotation abrégée à affecter au numéro, puis appuyez sur Sélect. Ajouter un code de numérotation abrégée (sans utiliser une entrée du carnet d’adresses personnel) 1. Cliquez sur le bouton Répertoires et sélectionnez Répertoire personnel> Numéros abrégés personnels. 2. Appuyez sur Numéro abrégé. 3. Mettez en surbrillance un code de numérotation abrégée non affecté, puis appuyez sur Sélect. 4. Appuyez sur Affecter. 5. Entrez un numéro de téléphone 6. Cliquez sur MàJ. Pour... Procédez comme suit :6-9 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Cisco IP Communicator Composition à partir d'un répertoire Conseils • L’administrateur système peut vous fournir l’ID utilisateur et le code PIN nécessaires pour vous connecter au répertoire personnel. • Vous êtes automatiquement déconnecté du répertoire personnel au bout d'un certain temps. Ce délai est variable. Pour plus d'informations, contactez votre administrateur système. Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 • Utilisation de votre Carnet d'adresses personnel, page 7-3 • Configuration de numéros abrégés, page 7-4 Rechercher des codes de numérotation abrégée 1. Cliquez sur le bouton Répertoires et sélectionnez Numéros abrégés personnels. 2. Vous pouvez cliquer sur Préc. ou sur Suivant pour passer d'une entrée à l'autre. 3. Mettez en surbrillance l'entrée de votre choix et appuyez sur Sélect. Passer un appel à l’aide d’un code de numérotation abrégée 1. Recherchez un code de numérotation abrégée. 2. Mettez en surbrillance l'entrée de votre choix et appuyez sur Sélect. 3. Appuyez sur Compos. 4. Appuyez sur OK pour terminer l'opération. Supprimer un code de numérotation abrégée 1. Recherchez un code de numérotation abrégée. 2. Mettez en surbrillance l'entrée de votre choix et appuyez sur Sélect. 3. Appuyez sur Suppr. Vous déconnecter du répertoire personnel 1. Cliquez sur le bouton Répertoires, puis sélectionnez Répertoire personnel (le nom exact de ce service peut varier). 2. Choisissez Déconn. Pour... Procédez comme suit :Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Utilisation de la fonction Recherche rapide 6-10 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Utilisation de la fonction Recherche rapide La fonction Recherche rapide permet de lancer une recherche dans un ou plusieurs répertoires à l'aide d'une même commande. La recherche peut porter sur plusieurs répertoires d'entreprise et votre carnet d'adresses personnel, selon les paramètres configurés par votre administrateur système. Remarque La Recherche rapide dans le carnet d'adresses personnel n'est pas prise en charge dans toutes les versions de Cisco Unified Communications Manager. Demandez à votre administrateur système si cete fonctionnalité est disponible sur votre système. Pour accéder à la Recherche rapide, cliquez avec le bouton droit de la souris sur Cisco IP Communicator, et sélectionnez Recherche rapide. Dans la fenêtre Recherche rapide, entrez un nom ou un numéro de poste, puis cliquez sur Numérotation rapide ou sur Rechercher : • Numérotation rapide : permet de composer automatiquement le numéro lorsque le résultat fournit une seule correspondance. Vous devez toutefois cliquer sur la touche de fonction Compos. pour établir l'appel. Si la recherche renvoie plusieurs correspondances, celles-ci sont affichées. • Rechercher : affiche les résultats de la recherche sans composer automatiquement de numéro. Remarque Seuls les numéros de téléphone saisis dans le champ Professionnel du carnet d'adresses sont affichés dans les résultats de la Recherche rapide. Les numéros de téléphone personnels et de téléphone portable ne sont pas affichés. Pour passer un appel à partir des résultats de la recherche, cliquez sur une entrée de la fenêtre Recherche rapide, puis cliquez sur Compos. Rubriques connexes • Saisie d'informations de mot de passe pour la fonction Recherche rapide, page 6-116-11 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Cisco IP Communicator Utilisation de la fonction Recherche rapide Saisie d'informations de mot de passe pour la fonction Recherche rapide Selon la manière dont vous souhaitez utiliser la Recherche rapide, vous derez peut-être saisir vos informations d'ouverture de session (nom d'utilisateur et mot de passe) comme décrit dans le tableau suivant. Pour... Procédez comme suit : Effectuer une recherche dans un répertoire d'entreprise Si vous n'utilisez pas le service Carnet d'adresses personnel et si vous faites appel à la fonction Recherche rapide uniquement pour trouver des collègues dans le répertoire de l'entreprise, il ne sera peut-être pas nécessaire d'effectuer de configuration. Effectuez un test en sélectionnant Recherche rapide dans le menu contextuel : • Si la fenêtre Recherche rapide apparaît, aucune configuration n'est nécessaire. • Si la fenêtre Recherche rapide ne s'ouvre pas, entrez un nom d'utilisateur et un mot de passe (clic droit > Préférences > onglet Répertoire). Demandez les informations correspondantes à votre administrateur système.Chapitre 6 Utilisation de la messagerie vocale, des journaux d'appels et des répertoires sur Utilisation de la fonction Recherche rapide 6-12 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Traitement des appels avec Cisco IP Communicator, page 3-1 • Personnalisation des paramètres sur Cisco IP Communicator, page 4-1 • Utilisation des journaux d'appels, page 6-3 • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Effectuer une recherche dans votre carnet d'adresses personnel Si vous utilisez le service Carnet d'adresses personnel, la fonction Recherche rapide peut essayer d'établir des correspondances dans un premier temps avec votre carnet d'adresses et dans un deuxième temps avec le répertoire de l'entreprise. Les conditions suivantes doivent être remplies pour que la Recherche rapide puisse accéder à votre carnet d'adresses personnel : • Votre administrateur système doit configurer la fonction Recherche rapide afin de l'intégrer dans les répertoires personnels. • Vous devez vous abonner au service Carnet d'adresses personnel (clic droit > Options utilisateur Cisco Unified CM). • Vous devez entrer votre nom d'utilisateur et votre mot de passe dans la fenêtre Répertoires (clic droit >Préférences > onglet Répertoires). Utiliser une autre méthode de recherche Si vous souhaitez utiliser une autre méthode de recherche que la fonction Recherche rapide, vous disposez des options suivantes : • Pour effectuer une recherche dans des répertoires d'entreprise, cliquez sur le bouton Répertoires, puis sélectionnez Répertoire d'entreprise (le nom exact de ce service peut varier). • Pour effectuer une recherche dans votre carnet d'adresses personenl, cliquez sur le bouton Services et sélectionnez Service Carnet d'adresses personnel (le nom exact de ce service peut varier). Entrez les informations concernant la recherche et cliquez sur Rechercher. Pour... Procédez comme suit :C H A P I T R E 7-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Comme votre téléphone Cisco IP Communicator est un périphérique réseau, il peut partager des données avec d’autres périphériques réseau de votre société, notamment votre ordinateur et vos services Web accessibles via un navigateur Web sur votre ordinateur. Vous pouvez établir des services téléphoniques et contrôler les fonctions à partir de votre ordinateur à l'aide des pages Web Options utilisateur de votre serveur de traitement d'appels Cisco Unified Communications Manager. Une fois les fonctions et services configurés sur les pages Web, vous pouvez y accéder à partir de votre Cisco IP Communicator. Vous pouvez, par exemple, configurer des boutons de numérotation abrégée à partir des pages Web, puis y accéder sur votre téléphone. • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 • Utilisation de votre Carnet d'adresses personnel, page 7-3 • Configuration de la numérotation abrégée, page 7-5 • Configuration de services téléphoniques, page 7-7 • Contrôle des paramètres utilisateur, page 7-9 • Contrôle des paramètres de ligne, page 7-10 • Configuration de téléphones et de listes d'accès pour la connexion mobile, page 7-12 • Utilisation de Cisco WebDialer, page 7-15Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Connexion aux pages Web Options utilisateur Cisco Unified CM 7-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Connexion aux pages Web Options utilisateur Cisco Unified CM Procédure Étape 1 Cliquez sur le bouton Menu (ou cliquez avec le bouton droit de la souris sur Cisco IP Communicator), et choisissez Options utilisateur Cisco Unified CM. Étape 2 Entrez l'ID d'utilisateur et le mot de passe par défaut fournis par votre administrateur système. Étape 3 À partir du menu principal, choisissez Options utilisateur > Périphérique. a. Sélectionnez le nom de périphérique qui correspond à Cisco IP Communicator. b. Une fois votre sélection effectuée, utilisez les boutons situés au bas de la fenêtre pour accéder aux paramètres appropriés pour votre périphérique. c. Cliquez sur Déconnecter pour quitter l'application. Étape 3 Si vous utilisez Cisco Unified Communications Manager 4.x : a. Dans le menu général, choisissez un type de périphérique dans la liste déroulante Sélectionner un périphérique. b. Une fois votre sélection effectuée, un menu contextuel apparaît et propose les options appropriées pour ce type de périphérique. (Si le type de périphérique ne figure pas dans la liste, contactez votre administrateur.) c. Cliquez sur Déconnecter pour quitter l'application. Conseil • Sélectionnez votre périphérique dans la page de menu pour afficher l'ensemble de vos options. • Cliquez sur MàJ pour appliquer et enregistrer vos modifications. • Cliquez sur Retour au menu pour revenir au menu contextuel.7-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Utilisation de votre Carnet d'adresses personnel Utilisation de votre Carnet d'adresses personnel Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 • Configuration de numéros abrégés, page 7-4 • Configuration de la numérotation abrégée, page 7-5 Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM Ajouter une nouvelle entrée au carnet d'adresses personnel 1. Choisissez Options utilisateur> Carnet d'adresses personnel. 2. Cliquez sur Ajouter nouveau. 3. Saisissez les informations correspondant à l'entrée. 4. Cliquez sur Enregistrer. Rechercher une entrée dans le carnet d'adresses personnel 1. Choisissez Options utilisateur> Carnet d'adresses personnel. 2. Indiquez les informations recherchées et cliquez sur Rechercher. Modifier une entrée du carnet d'adresses personnel 1. Recherchez l'entrée dans le carnet d'adresses personnel. 2. Cliquez sur un nom ou un pseudonyme. 3. Modifiez l'entrée et cliquez sur Enreg. Supprimer une entrée du carnet d'adresses personnel 1. Recherchez l'entrée dans le carnet d'adresses personnel. 2. Sélectionnez une ou plusieurs entrées. 3. Cliquez sur Supprimer la sélection.Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Utilisation de votre Carnet d'adresses personnel 7-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Configuration de numéros abrégés Rubriques connexes • Utilisation de votre Carnet d'adresses personnel, page 7-3 • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM Affecter un code de numérotation abrégée à une entrée du carnet d'adresses personnel 1. Créez une entrée dans le carnet d'adresses personnel. 2. Sélectionnez Options utilisateur> Numéros abrégés. 3. Cliquez sur Ajouter nouveau. 4. Utilisez la zone des options de recherche pour trouver l'entrée du carnet d'adresses personnel. 5. Cliquez sur un numéro de téléphone dans la zone des résultats de recherche. 6. Modifiez le code de numérotation abrégée, le cas échéant. 7. Cliquez sur Enregistrer. Affecter un code de numérotation abrégée à un numéro de téléphone (sans utiliser d'entrée du carnet d'adresses personnel) 1. Sélectionnez Options utilisateur> Numéros abrégés. 2. Cliquez sur Ajouter nouveau. 3. Modifiez le code de numérotation abrégée, le cas échéant. 4. Entrez un numéro de téléphone 5. Cliquez sur Enregistrer. Rechercher une entrée de numérotation abrégée 1. Sélectionnez Options utilisateur> Numéros abrégés. 2. Indiquez les informations recherchées et cliquez sur Rechercher. Modifier le numéro de téléphone correspondant à un numéro abrégé 1. Sélectionnez Options utilisateur> Numéros abrégés. 2. Recherchez le numéro abrégé à modifier. 3. Cliquez sur un composant de l’entrée. 4. Modifiez le numéro de téléphone. 5. Cliquez sur Enregistrer. Supprimer un numéro abrégé 1. Recherchez le numéro abrégé. 2. Sélectionnez une ou plusieurs entrées. 3. Cliquez sur Supprimer la sélection.7-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Configuration de la numérotation abrégée Conseil Vous pouvez créer jusqu'à 500 entrées de numéros abrégés et de carnet d'adresses personnel. Conseil Vous pouvez créer de nouveaux numéros abrégés sans utiliser d'entrée du carnet d'adresses personnel. Ces entrées de numérotation abrégée sont étiquetées brut dans les pages Web Options utilisateur et n’affichent pas d’étiquette de texte configurable. Configuration de la numérotation abrégée Selon sa configuration, votre Cisco IP Communicator peut prendre en charge plusieurs fonctions de numérotation abrégée : • Les boutons de numérotation abrégée • La numérotation abrégée • Les numéros abrégés. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM Configurer les boutons de numérotation abrégée 1. Sélectionnez Options utilisateur > Périphérique. 2. Sélectionnez un téléphone dans le menu déroulant Nom. 3. Cliquez sur Numérotations abrégées. 4. Saisissez le numéro et l'intitulé correspondant à un bouton de numérotation abrégée (bouton programmable) de votre téléphone. 5. Cliquez sur Enregistrer. Remarque Votre téléphone utilise le champ Nom sans caract. accentués.Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Configuration de la numérotation abrégée 7-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 • Configuration de numéros abrégés, page 7-4 • Utilisation du répertoire personnel, page 6-7 Configurer les boutons de numérotation abrégée Cisco Unified Communications Manager version 4.x Accédez à vos pages Web Options utilisateur Cisco Unified CM, sélectionnez votre périphérique, puis sélectionnez Ajouter/mettre à jour vos numéros abrégés dans le menu principal. Dans la section Paramètres de numérotation abrégée du téléphone, entrez un numéro de téléphone et un intitulé pour chaque bouton de numérotation abrégée disponible. Entrez le numéro exactement comme si vous le composiez sur votre téléphone fixe. Par exemple, si nécessaire, entrez un code d'accès, tel que le 9 ou l'indicatif régional. L'intitulé que vous entrez apparaît en regard du bouton de numérotation abrégée sur l'écran de votre téléphone. Configurer la numérotation abrégée 1. Sélectionnez Options utilisateur > Périphérique. 2. Sélectionnez un téléphone dans le menu déroulant Nom. 3. Cliquez sur Numérotations abrégées. 4. Saisissez le numéro et le libellé correspondant à un code de numérotation abrégée. 5. Cliquez sur Enregistrer. Configuration de la numérotation abrégée Cisco Unified Communications Manager version 4.x Accédez à vos pages Web Options utilisateur Cisco Unified CM, sélectionnez votre périphérique, puis sélectionnez Ajouter/mettre à jour vos numéros abrégés dans le menu principal. 1. Dans la section Paramètres de numérotation abrégée non associés à un bouton du téléphone, entrez un numéro de téléphone et un intitulé pour chaque bouton de numérotation abrégée disponible. Entrez le numéro exactement comme si vous le composiez sur votre téléphone. Par exemple, si nécessaire, entrez un code d'accès, tel que le 9 ou l'indicatif régional. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM7-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Configuration de services téléphoniques Configuration de services téléphoniques Les services téléphoniques peuvent inclure des fonctions téléphoniques spéciales, des données réseau et des informations basées sur le Web (par exemple les cours de la bourse ou les programmes de cinéma). Vous devez vous abonner à un service téléphonique pour pouvoir y accéder sur votre téléphone. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM S'abonner à un service 1. Sélectionnez Options utilisateur > Périphérique. 2. Sélectionnez un nom Cisco IP Communicator dans le menu déroulant. 3. Cliquez sur Services téléphoniques. 4. Cliquez sur Ajouter nouveau. 5. Choisissez un service dans la liste déroulante et cliquez sur Suivant. 6. Changez l'intitulé du service et/ou saisissez des informations supplémentaires sur le service, le cas échéant (facultatif). 7. Cliquez sur Enregistrer. Cisco Unified Communications Manager 4.x Dans le menu principal, sélectionnez Configurer vos services téléphoniques IP Cisco. Sélectionnez un service dans la liste déroulante Services disponibles, puis cliquez sur Continuer. Saisissez les renseignements supplémentaires qui vous sont demandés (par exemple, un code postal ou un code PIN), puis cliquez sur S'abonner. Rechercher des services 1. Sélectionnez un Nom de périphérique Cisco IP Communicator. 2. Cliquez sur Services téléphoniques. 3. Cliquez sur Rechercher. Modifier un service ou vous désabonner 1. Recherchez les services. 2. Sélectionnez une ou plusieurs entrées. 3. Cliquez sur Supprimer la sélection. Cisco Unified Communications Manager 4.x Dans le menu principal, sélectionnez Configurer vos services téléphoniques IP Cisco. Cliquez sur un service dans le volet Vos abonnements. Cliquez sur MàJ après avoir effectué vos modifications ou sur Se désabonner. Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Configuration de services téléphoniques 7-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Changer le nom d’un service 1. Recherchez les services. 2. Cliquez sur le nom du service. 3. Modifiez les informations et cliquez sur Enreg. Associer un service à un bouton programmable disponible 1. Sélectionnez Options utilisateur > Périphérique. 2. Sélectionnez un nom Cisco IP Communicator dans le menu déroulant. 3. Cliquez sur URL de service. Remarque Si cette option n'apparaît pas à l'écran, demandez à votre administrateur système de configurer un bouton d'URL de service pour votre téléphone. 4. Sélectionnez un service dans la liste déroulante Bouton de service. 5. Si vous souhaitez renommer le service, modifiez les champs d’étiquettes. Remarque Votre téléphone utilise le champ Nom sans caract. accentués s'il ne prend pas en charge les jeux de caractères à deux octets. 6. Cliquez sur Enregistrer. 7. Cliquez sur Réinitialiser pour réinitialiser votre téléphone (nécessaire pour afficher le nouveau libellé du bouton sur votre téléphone). Cisco Unified Communications Manager version 4.x Après vous être abonné à un service, sélectionnez Ajouter/mettre à jour vos boutons URL de service dans le menu principal. Pour chaque touche disponible, sélectionnez un service dans la liste déroulante, puis saisissez une description. Une fois vos modifications effectuées, cliquez sur MàJ. L'administrateur du système détermine le nombre de touches pouvant être associées à des services ; il peut également affecter des touches de service à votre téléphone. Accéder à un service sur le téléphone Cliquez sur le bouton Services. Ou bien, si vous avez ajouté un service à un bouton programmable, appuyez sur le bouton. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM7-9 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Contrôle des paramètres utilisateur Contrôle des paramètres utilisateur Les paramètres utilisateur incluent votre mot de passe, votre nuémro d'identification personnel et vos paramètres de langue. Conseil Votre code PIN et votre mot de passe permettent d'accéder à plusieurs fonctions et services. Par exemple, utilisez votre code PIN pour vous connecter au service de mobilité de poste de Cisco ou au répertoire personnel de votre téléphone. Utilisez votre mot de passe pour vous accéder à vos pages Web Options utilisateur et à Cisco WebDialer sur votre ordinateur. Pour en savoir plus, contactez votre administrateur système. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM Changement de mot de passe 1. Sélectionnez Options utilisateur > Paramètres utilisateur. 2. Remplissez les champs de la zone Mot de passe du navigateur. 3. Cliquez sur Sauvegarder. Modification de votre numéro d'identification personnel 1. Sélectionnez Options utilisateur > Paramètres utilisateur. 2. Remplissez les champs de la zone PIN du téléphone, 3. Cliquez sur Enregistrer. Modifier la langue des pages Web Options utilisateur 1. Sélectionnez Options utilisateur > Paramètres utilisateur. 2. Dans la zone Langue utilisateur, choisissez une option dans la liste déroulante Langue. 3. Cliquez sur Enregistrer. Modifier la langue de l'écran de votre téléphone 1. Sélectionnez Options utilisateur > Paramètres utilisateur. 2. Sélectionnez une option dans la liste déroulante Langue utilisateur. 3. Cliquez sur Enregistrer.Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Contrôle des paramètres de ligne 7-10 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Contrôle des paramètres de ligne Les paramètres de ligne affectent une ligne précise (numéro d'annuaire) de votre Cisco IP Communicator. Les paramètres de ligne peuvent inclure le transfert d'appels, les indicateurs de message vocal, la mélodie de sonneries et les libellés de ligne. Vous pouvez configurer d'autres paramètres de ligne directement sur votre Cisco IP Communicator : Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM... Configurer le renvoi d'appels par ligne 1. Sélectionnez Options utilisateur > Périphérique. 2. Sélectionnez un nom de Cisco IP Communicator dans le menu déroulant Nom. 3. Cliquez sur Paramètres de ligne. 4. Si plusieurs numéros de répertoire (lignes) sont affectés à votre téléphone, sélectionnez une ligne dans le menu déroulant Ligne. 5. Dans la zone Renvoi des appels entrants, choisissez les paramètres de transfert d'appels correspondant à diverses circonstances. 6. Cliquez sur Enregistrer. Modifier le paramètre d'indicateur de message vocal selon la ligne (témoin lumineux) 1. Sélectionnez Options utilisateur> Périphérique. 2. Sélectionnez un nom de Cisco IP Communicator dans le menu déroulant Nom. 3. Cliquez sur Paramètres de ligne. 4. Si plusieurs numéros de répertoire (lignes) sont affectés à votre téléphone, sélectionnez une ligne dans le menu déroulant Ligne. 5. Dans la zone Indicateur de messages en attente, choisissez un ou plusieurs paramètres. Remarque En général, le paramètre par défaut pour les messages en attente demande à votre téléphone d'afficher un témoin lumineux rouge fixe sur la bande lumineuse du combiné pour signaler la présence d'un nouveau message vocal. 6. Cliquez sur Enregistrer.7-11 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Contrôle des paramètres de ligne Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 • Personnalisation des sonneries et des indicateurs de message, page 4-3 • Accès aux paramètres, page 4-1 Modifier le paramètre d'indicateur sonore de message vocal selon la ligne 1. Sélectionnez Options utilisateur > Périphérique. 2. Sélectionnez un nom de Cisco IP Communicator dans le menu déroulant Nom. 3. Cliquez sur Paramètres de ligne. 4. Si plusieurs numéros de répertoire (lignes) sont affectés à votre téléphone, sélectionnez une ligne dans le menu déroulant Ligne. 5. Dans la zone Indicateur de messages en attente, choisissez un ou plusieurs paramètres. Remarque En général, le paramètre par défaut pour les messages en attente demande à votre téléphone d'afficher un témoin lumineux rouge fixe sur la bande lumineuse du combiné pour signaler la présence d'un nouveau message vocal. 6. Cliquez sur Enregistrer. Modifier ou créer un libellé de ligne affiché à l'écran de votre téléphone 1. Sélectionnez Options utilisateur > Périphérique. 2. Sélectionnez un téléphone dans le menu déroulant Nom. 3. Cliquez sur Paramètres de ligne. 4. Si plusieurs numéros de répertoire (lignes) sont affectés à votre téléphone, sélectionnez une ligne dans le menu déroulant Ligne. 5. Dans la zone Libellé de ligne, saisissez un libellé. 6. Cliquez sur Enregistrer. Remarque Votre téléphone utilise le champ Nom sans caract. accentués s'il ne prend pas en charge les jeux de caractères à deux octets. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM...Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Configuration de téléphones et de listes d'accès pour la connexion mobile 7-12 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Configuration de téléphones et de listes d'accès pour la connexion mobile Lorsque vous utilisez la fonction de connexion mobile Cisco Mobile Connect, vous devez indiquer les téléphones portables et les autres téléphones à utiliser pour passer et prendre des appels en utilisant les mêmes numéros de répertoire que ceux de votre téléphone de bureau. Ces téléphones sont appelés destinations distantes. Vous pouvez également définir des listes d'accès pour interdire ou autoriser l'envoi vers votre téléphone portable d'appels en provenance de certains numéros. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM Créer une liste d'accès 1. Sélectionnez Options utilisateur > Paramètres de mobilité > Listes d'accès. 2. Cliquez sur Ajouter nouveau. 3. Saisissez les informations suivantes : – Nom : identifie la liste d'accès – Description : décrit la liste d'accès. 4. Sélectionnez l'une des options suivantes : – Liste d'accès bloqué : crée la liste des numéros à bloquer – Liste d'accès autorisé : crée la liste des numéros autorisés 5. Cliquez sur Enregistrer. 7-13 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Configuration de téléphones et de listes d'accès pour la connexion mobile Ajouter des membres à une liste d'accès. 1. Créez une liste d'accès. 2. Cliquez sur Ajouter un membre pour ajouter des numéros de téléphone ou des filtres à la liste. 3. Sélectionnez une option dans la liste déroulante Masque de filtre. Vous pouvez filtrer un numéro de répertoire ou les appels dont l'ID d'appelant est restreint (Non disponible) ou anonyme (Confidentiel). 4. Si vous sélectionnez un numéro de répertoire dans la liste déroulante Masque de filtre, saisissez un numéro de téléphone ou un filtre dans le champ Masque NR. Vous pouvez utiliser les caractères génériques suivants pour définir un filtre : – X (majuscule ou minuscule) : correspond à un chiffre. Par exemple, 408555123X correspond à n'importe quel numéro compris entre 4085551230 et 4085551239. – ! : correspond à un nombre indéfini de chiffres. Par exemple, 408! correspond à tout numéro commençant par 408. – # : remplace un chiffre pour créer une correspondance exacte. 5. Cliquez sur Enreg. pour ajouter ce membre à la liste d'accès. 6. Cliquez de nouveau sur Enreg. pour enregistrer la liste d'accès. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CMChapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Configuration de téléphones et de listes d'accès pour la connexion mobile 7-14 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Ajouter une nouvelle destination distante 1. Sélectionnez Options utilisateur > Paramètres de mobilité > Destinations distantes. 2. Sélectionnez le périphérique dans la zone de liste déroulante Nom. 3. Cliquez sur Destinations distantes. 4. Cliquez sur Ajouter nouveau. 5. Sisissez les informations suivantes : – Nom : saisissez un nom pour le téléphone portable (ou tout autre téléphone). – Numéro de destination : saisissez le numéro de votre téléphone portable. – Minuteur de réponse précoce : Saisissez le délai (en millisecondes) à observer avant la prise d'un appel sur le périphérique de destination distante. – Minuteur de réponse tardive : Saisissez le délai (en millisecondes) à observer avant la prise d'un appel sur le périphérique de destination distante. – Indicateur de délai avant sonnerie : Saisissez le délai (en millisecondes) à observer avant que la sonnerie ne retentisse sur le périphérique de destination distante. – Profil de destination distante : Sélectionnez un profil de destination distante (contient les paramètres applicables à toutes vos destinations distantes). – Liste d'accès autorisé : Sélectionnez un numéro de téléphone ou une règle qui autorise votre téléphone portable à sonner lorsqu'un appel arrive sur votre téléphone de bureau. Vous pouvez sélectionner une liste d'accès autorisé ou une liste d'accès bloqué, mais pas les deux. – Liste d'accès bloqué : Sélectionnez un numéro de téléphone ou une règle qui empêche votre téléphone portable de sonner lorsqu'un appel arrive sur votre téléphone de bureau. Vous pouvez sélectionner une liste d'accès autorisé ou une liste d'accès bloqué, mais pas les deux. – Téléphone portable : Sélectionnez cette option pour que votre téléphone portable accepte un appel composé à partir de votre téléphone de bureau. – Activer la connexion mobile : Sélectionnez cette option pour que votre téléphone portable sonne en même temps que votre téléphone de bureau. Vous pouvez également configurer un calendrier de sonnerie. 6. Cliquez sur Enregistrer. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM7-15 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Utilisation de Cisco WebDialer Utilisation de CiscoWebDialer Cisco WebDialer permet d'appeler des contacts du répertoire Cisco IP Communicator en cliquant sur les éléments d'un navigateur Web. Votre administrateur système doit configurer cette fonction à votre place. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CM Utiliser WebDialer avec votre répertoire Options utilisateur 1. Sélectionnez Options utilisateur > Répertoire et recherchez un collègue. 2. Cliquez sur le numéro à composer. 3. Si vous utilisez WebDialer pour la première fois, configurez vos préférences et cliquez sur Soum. (voir la dernière ligne de ce tableau pour plus de détails). 4. Si la page Passer un appel s'affiche, cliquez sur Compos. (Voir à la dernière ligne de ce tableau la procédure permettant de ne plus afficher cette page à l'avenir.) L'appel est passé sur votre téléphone. 5. Cliquez sur Raccrocher ou raccrochez le combiné de votre téléphone pour mettre fin à un appel. Utiliser WebDialer avec un autre répertoire d'entreprise en ligne (et non votre répertoire Options utilisateur) 1. Connectez-vous à un répertoire d'entreprise compatible avec WebDialer et recherchez des collègues. 2. Cliquez sur le numéro à composer. 3. Lorsque vous y êtes invité, entrez votre ID utilisateur et votre mot de passe. 4. Si vous utilisez WebDialer pour la première fois, configurez vos préférences et cliquez sur Soum. (voir la dernière ligne de ce tableau pour plus de détails). 5. Si la page Passer un appel s'affiche, cliquez surCompos. (Voir à la dernière ligne de ce tableau la procédure permettant de ne plus afficher cette page à l'avenir.) L'appel est passé sur votre téléphone. 6. Cliquez sur Raccrocher ou raccrochez le combiné de votre téléphone pour mettre fin à un appel.Chapitre 7 Personnalisation de Cisco IP Communicator à l'aide des options utilisateur Cisco Unified CM Utilisation de Cisco WebDialer 7-16 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Rubriques connexes • Connexion aux pages Web Options utilisateur Cisco Unified CM, page 7-2 Vous déconnecter de WebDialer Cliquez sur l'icône de déconnexion à la page Passer un appel ou Raccrocher. Configurer, afficher ou modifier des préférences de WebDialer Accédez à la page Préférences. La page Préférences s'affiche la première fois que vous utilisez WebDialer (après avoir cliqué sur le numéro à composer). Pour revenir aux préférences par la suite, cliquez sur l'icône Préférences des pages Passer un appel ou Raccrocher. La page Préférences contient les options suivantes : • Langue souhaitée : détermine la langue utilisée pour les paramètres et les invites de WebDialer. • Utiliser un périphérique permanent : identifie le téléphone IP Cisco Unified et le numéro de répertoire (ligne) à utiliser pour passer des appels WebDialer. Si votre téléphone dispose d'une seule ligne, ce téléphone et cette ligne sont sélectionnés automatiquement. Sinon, choisissez un téléphone et/ou une ligne. Les téléphones sont indiqués par leur nom d'hôte. (Pour afficher le nom système de votre téléphone, cliquez sur le bouton Paramètres et sélectionnez Configuration réseau > Nom d'hôte.) • Utiliser la mobilité de poste : lorsque qu'elle est sélectionnée, cette option invite WebDialer à utiliser le téléphone IP Cisco Unified associé à votre profil de mobilité de poste (le cas échéant). • Ne pas afficher la boîte de dialogue de confirmation d'appel : lorsque qu'elle est sélectionnée, cette option invite WebDialer à supprimer la page Passer un appel. Cette page s'affiche par défaut lorsque vous cliquez sur un numéro de téléphone dans un répertoire en ligne compatible avec WebDialer. Pour... Effectuez l'action suivante après avoir accédé à la page Web Options utilisateur Cisco Unified CMC H A P I T R E 8-1 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 8 Dépannage Cisco IP Communicator • Problèmes d'ordre général, page 8-1 • Problèmes de qualité vocale, page 8-5 • Utilisation de l'outil de génération de rapports sur la qualité pour résoudre les problèmes de performance, page 8-10 • Activation de journaux détaillés, page 8-11 • Capture d'informations sur les problèmes, page 8-11 Problèmes d'ordre général Problème La qualité audio est mauvaise lorsque je participe à des téléconférences MeetingPlace et que j'utilise Cisco IP Communicator. Solution Fermez les applications inutilisées lorsque vous participez à une téléconférence. Si vous utilisez une connexion VPN, envisagez d'utiliser l'option de connectivité de la console Cisco Unified MeetingPlace. Vous pouvez également optimiser la bande passante de la session de téléconférence en utilisant différentes connexions. Les utilisateurs de Cisco Unified MeetingPlace disposent d'une option permettant de vérifier que leur connexion est adéquate. Les détails sur l'optimisation de la bande passante dans MeetingPlace sont fournis dans le Guide d'utilisation de Cisco Unified MeetingPlace.Chapitre 8 Dépannage Cisco IP Communicator Problèmes d'ordre général 8-2 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Problème Après le démarrage initial, aucun numéro de poste n'apparaît et la ligne d'état affiche le libellé Enregistrement en cours. Solution Vérifiez que vous avez sélectionné un serveur TFTP, le cas échéant. Si vous devez définir une adresse TFTP, votre administrateur doit vous la fournir. Si vous êtes un utilisateur distant, veillez à établir la connexion réseau avant de lancer Cisco IP Communicator. Rubriques connexes • Configuration et enregistrement Cisco IP Communicator, page 1-9 • Paramètres réseau, page 4-7 Problème Après son démarrage, Cisco IP Communicator ne trouve pas votre carte réseau et vous demande de l'insérer. Solution Si possible, sélectionnez un autre périphérique d'interface réseau. Vous pouvez par exemple remplacer une carte sans fil ou un adaptateur Ethernet USB par un autre adaptateur. Si vous avez lancé Cisco IP Communicator pour la première fois sur un ordinateur portable connecté à une station d'accueil, essayez de connecter l'ordinateur à la station. Si cela résoud le problème, demandez à votre administrateur système de vous aider à configurer le nom du périphérique afin que Cisco IP Communicator fonctionne sans qu'il ne soit nécessaire de connecter l'ordinateur à la station d'accueil. Si vous avez retiré ou désactivé définitivement l'adaptateur réseau qui avait été sélectionné, contactez votre administrateur système avant de sélectionner un autre adaptateur. Rubriques connexes • Configuration et enregistrement Cisco IP Communicator, page 1-9 • Paramètres réseau, page 4-7 Problème Votre périphérique audio n'apparaît pas dans le menu déroulant d'un mode audio. Solution Si le périphérique est un combiné USB, un casque USB ou une carte son, vérifiez qu'il est correctement installé et redémarrez Cisco IP Communicator. Les périphériques qui sont installés lorsque l'application est ouverte ne sont reconnus qu'au lancement suivant de celle-ci.8-3 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 8 Dépannage Cisco IP Communicator Problèmes d'ordre général S'il s'agit d'un périphérique analogique, il n'apparaît pas dans les listes des modes audio car ce type de périphérique est considéré comme une extension de votre carte son. Dans ce cas, sélectionnez cette dernière. Pour utiliser un périphérique pour la lecture du son et un autre (par exemple, un microphone de caméra VT) pour l'enregistrement du son dans Cisco IP Communicator, cliquez avec le bouton droit sur > Préférences > onglet Audio. Sélectionnez Périphérique audio Windows par défaut dans la liste déroulante pour un ou plusieurs paramètres, puis cliquez sur OK. Rubriques connexes • Installation de périphériques audio avant le lancement initial, page 1-3 • Affectation de modes audio, page 4-9 • Sélection d'un mode audio, page 4-9 • Suppression et réinstallation de périphériques audio, page 5-6 Problème Après son démarrage, Cisco IP Communicator n'affiche aucun numéro de poste ou affiche un numéro de poste incorrect. Solution Contactez votre administrateur système pour obtenir de l'aide. Il se peut que vous ayez sélectionné une carte réseau incorrecte. Si vous disposez de plusieurs cartes et si vous êtes invité à en sélectionner une immédiatement après l'installation de Cisco IP Communicator, sélectionnez une carte susceptible d'offrir une connexion ininterrompue ou une carte activée en permanence (même si elle est débranchée). Contactez votre administrateur système pour savoir quelle carte sélectionner. Le paramètre de carte réseau permet à Cisco IP Communicator de s'identifier auprès du réseau ; il n'est pas utilisé pour la transmission audio. C'est pourquoi vous ne devez pas modifier ce paramètre une fois qu'il a été défini, à moins que vous ne supprimiez ou désactiviez définitivement la carte réseau sélectionnée. Dans ce cas, contactez votre administrateur système avant de sélectionner une autre carte. Rubriques connexes • Configuration et enregistrement Cisco IP Communicator, page 1-9 • Paramètres réseau, page 4-7Chapitre 8 Dépannage Cisco IP Communicator Problèmes d'ordre général 8-4 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Problème Rien ne se passe lorsque vous sélectionnez l'option Recherche rapide. Solution Cliquez avec le bouton droit de la souris sur > Préférences > onglet Répertoires, et saisissez le nom d'utilisateur et le mot de passe fournis par votre administrateur système. Rubriques connexes • Paramètres de répertoire, page 4-15 • Utilisation du répertoire personnel, page 6-7 Problème La sonnerie de votre téléphone n'est pas audible ou est difficile à entendre. Solution Réglez le volume de votre sonnerie en cliquant sur le bouton Vo lume lorsqu'aucun appel n'est actif. • Si vous utilisez un combiné USB, ne le sélectionnez pas pour la sonnerie. De manière générale, il est conseillé de sélectionner la carte son pour la sonnerie. • Si votre carte son est sélectionnée pour le mode Sonnerie et qu'un casque est connecté aux prises jack audio de l'ordinateur, vous devez porter le casque pour entendre la sonnerie. Rubriques connexes • Installation de périphériques audio avant le lancement initial, page 1-3 • Affectation de modes audio, page 4-9 • Utilisation de l'Assistant de réglage audio, page 1-6 • Accès aux paramètres, page 4-1 • Problèmes de qualité vocale, page 8-58-5 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 8 Dépannage Cisco IP Communicator Problèmes de qualité vocale Problèmes de qualité vocale Avant de commencer • Si le problème concerne le volume, commencez par essayer de régler celui-ci en cliquant sur Volume dans Cisco IP Communicator. • Appelez d'autres personnes afin de déterminer si le problème est lié à Cisco IP Communicator ou au téléphone de votre interlocuteur. Si vous pensez que le problème provient du téléphone de votre interlocuteur, réglez le volume dans Cisco IP Communicator. Évitez dans ce cas de modifier les paramètres à l'aide de l'Assistant de réglage audio (ces modifications risqueraient en effet de ne pas convenir à tous les appels). • Votre administrateur système peut vous demander d'activer la journalisation afin d'enregistrer des informations détaillées en vue du dépannage. En cas de problème concernant le niveau du volume, procédez comme suit : • Dans l'Assistant de réglage audio, commencez par régler le curseur de volume principal. Ce paramètre s'applique à toutes les applications qui lisent des données audio. Vous devez donc tester ce paramètre dans les autres applications (telles que le Lecteur Microsoft Windows Media et RealPlayer) afin de vérifier que les niveaux de volume sont corrects. • Dans l'Assistant de réglage audio, réglez ensuite le curseur de volume Wave afin d'atteindre un niveau d'écoute confortable pour les appels téléphoniques. • Si vous avez modifié les paramètres de volume dans Microsoft Windows, exécutez de nouveau l'Assistant de réglage audio (voir procédure ci-dessus) afin de régler de nouveau les paramètres de volume principal et de volume Wave. Rubriques connexes • Activation de journaux détaillés, page 8-11 Problème La voix de votre interlocuteur est trop forte. Solution • Essayez de régler le volume en cliquant sur le bouton Vo lume. • Lancez l'Assistant de réglage audio et réglez le volume du haut-parleur du périphérique audio en cours d'utilisation. Chapitre 8 Dépannage Cisco IP Communicator Problèmes de qualité vocale 8-6 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Problème Votre interlocuteur vous indique que votre voix est trop forte. Solution • Essayez d'éloigner légèrement le microphone de votre bouche, en le déplaçant vers votre menton si vous utilisez un casque. • Si le problème persiste, lancez l'Assistant de réglage audio et diminuez le volume du microphone pour le périphérique audio en cours d'utilisation. • Si votre voix reste trop forte, désactivez la fonction Amplificateur de microphone pour ce périphérique de l'Assistant de réglage audio. Problème La voix de votre interlocuteur est trop faible. Solution • Essayez de régler le volume en cliquant sur le bouton Vo lume. • Lancez l'Assistant de réglage audio et réglez le volume du haut-parleur du périphérique audio en cours d'utilisation. Problème Votre interlocuteur vous indique que votre voix est trop faible. Solution • Si vous utilisez un casque, vérifiez que Cisco IP Communicator fonctionne en mode Casque et non en mode Haut-parleur. Le mode Casque est activé lorsque le bouton Casque best allumé. Si ce bouton n'est pas allumé, cliquez dessus. • Si vous utilisez un casque, vérifiez que le microphone est correctement positionné. • Si le problème persiste, lancez l'Assistant de réglage audio et augmentez le volume du microphone pour le périphérique audio en cours d'utilisation. Avant de régler un périphérique audio disposant de sa propre commande de volume (un casque USB avec des commandes de volume sur le cordon, par exemple), augmentez au maximum le volume du périphérique. • Si votre voix reste trop faible, activez la fonction Amplificateur de microphone pour le périphérique audio dans l'Assistant de réglage audio. Problème La voix de votre interlocuteur est assourdie. 8-7 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 8 Dépannage Cisco IP Communicator Problèmes de qualité vocale Solution • Si vous utilisez Cisco IP Communicator à distance, activez l'option Optimiser pour une bande passante étroite (clic droit > Préférences > onglet Audio). • Si vous n'utilisez pas Cisco IP Communicator sur une connexion à distance, désactivez l'option Optimiser pour une bande passante étroite. • Demandez à votre interlocuteur de diminuer le volume de son microphone, si cela est possible. Rubriques connexes • Paramètres audio, page 4-8 Problème Votre interlocuteur vous indique que votre voix est assourdie. Solution • Lancez l'Assistant de réglage audio et réglez le volume du microphone du périphérique audio en cours d'utilisation. • Si vous n'utilisez pas Cisco IP Communicator sur une connexion à distance, désactivez l'option Optimiser pour une bande passante étroite. Problème La voix de votre interlocuteur semble lointaine ou étrange. Solution Si vous utilisez un casque, vérifiez que Cisco IP Communicator fonctionne en mode Casque et non en mode Haut-parleur. (Le bouton Casque devrait être allumé.) Problème Votre interlocuteur vous indique que votre voix semble lointaine ou étrange. Solution Activez l'option Optimiser pour une bande passante étroite (clic droit > Préférences > onglet Audio). Rubriques connexes • Paramètres audio, page 4-8 Problème La voix de votre interlocuteur est entrecoupée de silences ou hachée.Chapitre 8 Dépannage Cisco IP Communicator Problèmes de qualité vocale 8-8 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Solution • Fermez toutes les applications inutiles. Tenez compte du fait que le lancement d'applications et les opérations qui sollicitent le réseau (envoi de courriers électroniques, par exemple) peuvent avoir une incidence sur la qualité audio. • Vérifiez que le mode Haut-parleur n'est pas activé. • Sélectionnez un autre paramètre audio en choisissant Préférences > onglet Audio > onglet Avancés. • Si vous utilisez Cisco IP Communicator sur une connexion à distance (par exemple, la connexion VPN de votre domicile ou d'un hôtel), vous risquez de rencontrer des problèmes de qualité vocale en raison d'une bande passante insuffisante. Activez l'option Optimiser pour une bande passante étroite (clic droit > Préférences > onglet Audio. • Vérifiez que votre carte son et vos pilotes audio sont correctement installés. Remarque La transmission peut être interrompue par des bruits secs, des craquements ou des silences en cas d'encombrement du réseau ou de problèmes de trafic de données. Problème Les bruits de fond vous empêchent d'entendre la voix de l'intervenant. Solution Demandez à l'intervenant de : • Se déplacer vers un endroit plus calme. • Activer l'annulation du bruit ou augmenter le niveau d'agressivité de l'annulation du bruit (clic droit > Préférences > onglet Audio > bouton Avancés). L'annulation du bruit est appliquée au microphone (périphérique d'entrée) pour empêcher la transmission du bruit vers la destination distante. Lors d'une conférence téléphonique, demandez aux autres participants de couper le son sur leur téléphone lorsqu'ils ne prennent pas la parole. Problème Vous entendez un écho. Solution • Demandez à votre interlocuteur de diminuer le volume de son microphone ou de son haut-parleur, si possible. • Si votre interlocuteur utilise Cisco IP Communicator comme téléphone à haut-parleur, demandez-lui de vérifier que le bouton Haut-parleur est allumé.8-9 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 8 Dépannage Cisco IP Communicator Problèmes de qualité vocale • Vérifiez que votre carte son n'envoie pas les données audio du haut-parleur vers le microphone. Procédez comme suit : a. Réglez le volume (Panneau de configuration > Sons et multimédia > onglet Audio). b. Cliquez sur Lecture des sons bouton Volume. c. Choisissez Options > Propriétés > Lecture et vérifiez que toutes les cases à cocher figurant dans la partie inférieure de la fenêtre sont sélectionnées, puis cliquez sur OK. d. Dans la fenêtre Contrôle du volume, vérifiez que l'option Muet est sélectionnée pour la colonne Balance du microphone. Certains périphériques audio sont dotés de plusieurs entrées de microphone (par exemple, interne et externe) pouvant capter le son provenant du haut-parleur et créer un signal en retour. Problème Votre interlocuteur entend un écho. Solution • Lancez l'Assistant de réglage audio et réduisez le volume du microphone du périphérique audio en cours d'utilisation. Vérifiez que la fonction Amplificateur de microphone est désactivée. Ensuite, vérifiez le nouveau paramètre de volume en appelant un interlocuteur. • Si vous utilisez votre ordinateur en tant que haut-parleur, laissez le bouton Haut-parleur allumé. • En dernier ressort, changez de périphérique audio. • Si vous utilisez un ordinateur portable sans casque ni combiné, les trois modes sont mappés sur la carte son et agissent comme des haut-parleurs. Mettez le périphérique en mode Haut-parleur. Problème Votre interlocuteur ne vous entend pas du tout (mais vous l'entendez). Solution • Vérifiez que vous n'avez pas activé l'option Muet à partir des commandes du cordon du casque ou du combiné USB. • Vérifiez que les fiches du haut-parleur et du microphone sont insérées dans les prises jacks audio correctes de l'ordinateur. • Vérifiez qu'aucune autre application n'utilise le microphone (un enregistreur audio ou un autre téléphone logiciel, par exemple).Chapitre 8 Dépannage Cisco IP Communicator Utilisation de l'outil de génération de rapports sur la qualité pour résoudre les problèmes de performance 8-10 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Problème Votre interlocuteur vous entend, mais vous ne l'entendez pas. Solution • Vérifiez que les fiches du haut-parleur et du microphone sont insérées dans les prises jacks audio correctes de l'ordinateur. • Vérifiez les paramètres de volume et de coupure du son des périphériques audio système dans le Panneau de configuration. • Vérifiez le réglage du volume de Cisco IP Communicator (le bouton Vo lume et l'Assistant de réglage audio). Problème Vous ne pouvez pas parler en même temps que votre interlocuteur. Solution Vérifiez que vous utilisez une carte son duplex intégral. Problème Vous n'entendez aucun son, pas même une tonalité. Solution • Si vous utilisez une station d'accueil et si votre périphérique audio est connecté à celle-ci, vérifiez que l'ordinateur est connecté à la station d'accueil. • Redémarrez Cisco IP Communicator. Utilisation de l'outil de génération de rapports sur la qualité pour résoudre les problèmes de performance L'administrateur système peut configurer temporairement votre téléphone à l'aide de l'Outil de génération de rapports sur la qualité pour régler les problèmes de performance. Vous pouvez cliquer sur QRT (vous devrez peut-être cliquer plusieurs fois sur autres pour afficher la touche de fonction QRT) pour envoyer des informations à votre administrateur système. Selon la configuration de votre système, l'outil QRT permet de : • signaler immédiatement un problème audio lors d'un appel en cours ; • sélectionner un problème général dans une liste de types de problèmes et choisir des codes de raison. L'administrateur système peut également vous demander de capturer des informations (journaux détaillés) pour aider à résoudre un problème.8-11 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 8 Dépannage Cisco IP Communicator Activation de journaux détaillés Rubriques connexes • Utilisation de l'Assistant de réglage audio, page 1-6 • Accès aux paramètres, page 4-1 • Problèmes d'ordre général, page 8-1 • Capture d'informations sur les problèmes, page 8-11 Activation de journaux détaillés Si vous rencontrez des problèmes lors de l'utilisation de Cisco IP Communicator et si votre administrateur système vous y invite, activez la journalisation détaillée (clic droit > Préférences > onglet Utilisateur et activez l'option Activer la journalisation). Remarque Votre paramétrage est conservé jusqu'à ce que vous le changiez, même après un redémarrage. La journalisation détaillée pouvant affecter la performance, désactivez-la dès que vous n'en avez plus besoin. Désactivez Activer la journalisation pour désactiver cette fonctionnalité. Rubriques connexes • Capture d'informations sur les problèmes, page 8-11 Capture d'informations sur les problèmes En cas de fermeture inopinée de Cisco IP Communicator, l'Outil de génération de rapports de problèmes démarre automatiquement et capture les données pertinentes en vue d'un dépannage. Utilisez cette procédure pour envoyer le rapport à votre administrateur système. Chapitre 8 Dépannage Cisco IP Communicator Capture d'informations sur les problèmes 8-12 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Étape 1 Suivez les instructions de l'Outil de génération de rapports de problèmes pour décrire le problème. N'oubliez pas d'inclure les informations suivantes : • Une description du problème. • Une explication de l'action que vous accomplissiez lorsque le problème s'est produit. • Le périphérique audio utilisé quand le problème s'est produit. • Tout autre détail pertinent. Étape 2 Recherchez sur votre bureau un fichier appelé CIPC-ProblemReportxxx.zip, xxx correspondant à un nombre. Étape 3 Envoyez ce fichier par email à votre administrateur système avec les informations suivantes : Si vous rencontrez d'autres problèmes et si le rapport de problèmes n'est pas créé automatiquement, votre administrateur système pourra vous demander de lui fournir des fichiers journaux. Contrairement à QRT (qui signale la nature du problème), ces journaux fournissent des informations détaillées qui aident à résoudre le problème. Utilisez cette procédure pour collecter ces fichiers : Étape 1 Activez la journalisation détaillée (clic droit > Préférences > onglet Utilisateur, et activez l'option Activer la journalisation). Étape 2 Tentez de reproduire le problème. Si vous ne parvenez pas à reproduire le problème, les journaux ne contiendront pas d'informations détaillées. Étape 3 Créez le rapport en sélectionnant Démarrer > Tous les programmes > Cisco IP Communicator > Create CIPC Problem Report. Étape 4 Suivez les instructions affichées pour décrire le problème. N'oubliez pas d'inclure les informations suivantes : • Une description du problème. • Une explication de l'action que vous accomplissiez lorsque le problème s'est produit. • Le périphérique audio utilisé quand le problème s'est produit. • Tout autre détail pertinent. Étape 5 Avant de cliquer sur Terminer, notez le nom du fichier qui a été créé sur votre bureau. Étape 6 Envoyez ce fichier par email à votre administrateur système.8-13 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Chapitre 8 Dépannage Cisco IP Communicator Capture d'informations sur les problèmes Conseil À l'aide de l'Assistant de réglage audio, vous pouvez lancer l'Outil de génération de rapports de problèmes pour signaler des problèmes audio. Cliquez dans le coin supérieur gauche de la barre de titres de l'Assistant de réglage audio, et sélectionnez Infos de dépannage... Un message intempestif vous invite à lancer l'Outil de génération de rapports de problèmes. Rubriques connexes • Utilisation de l'outil de génération de rapports sur la qualité pour résoudre les problèmes de performance, page 8-10 • Activation de journaux détaillés, page 8-11Chapitre 8 Dépannage Cisco IP Communicator Capture d'informations sur les problèmes 8-14 Guide d'utilisation de Cisco IP Communicator version 7.0 OL-19177-01 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Command Reference, Cisco ACE Application Control Engine For the Cisco ACE Application Control Engine Module and Cisco ACE 4700 Series Application Control Engine Appliance Software Version A5(1.0) September 2011 Text Part Number: OL-25339-01THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R) Command Reference, Cisco ACE Application Control Engine Copyright © 2007-2011 Cisco Systems, Inc. All rights reserved.iii Command Reference, Cisco ACE Application Control Engine OL-25339-01 C O N T E N T S Preface xxxi Audience xxxi How to Use This Guide xxxii Related Documentation xxxii Symbols and Conventions xxxv Obtaining Documentation, Obtaining Support, and Security Guidelines xxxvi C H A P T E R 2 CLI Commands 2-1 Exec Mode Commands 2-2 backup 2-3 capture 2-5 changeto 2-6 checkpoint 2-8 clear access-list 2-9 clear accounting log 2-10 clear acl-merge statistics 2-10 clear arp 2-11 clear buffer stats 2-12 clear capture 2-13 clear cde 2-14 clear cfgmgr internal history 2-14 clear conn 2-16 clear cores 2-17 clear crypto session-cache 2-19 clear dc 2-20 clear debug-logfile 2-20 clear fifo stats 2-21 clear ft 2-23 clear icmp statistics 2-24 clear interface 2-25 clear ip 2-26 clear ipv6 2-27 clear line 2-27 clear logging 2-29Contents iv Command Reference, Cisco ACE Application Control Engine OL-25339-01 clear netio stats 2-29 clear np 2-31 clear ntp statistics 2-32 clear probe 2-32 clear processes log 2-34 clear rserver 2-34 clear rtcache 2-35 clear screen 2-37 clear serverfarm 2-37 clear service-policy 2-38 clear ssh 2-40 clear startup-config 2-41 clear stats 2-42 clear sticky database 2-44 clear syn-cookie 2-46 clear tcp statistics 2-46 clear telnet 2-47 clear udp statistics 2-48 clear user 2-48 clear vnet stats 2-49 clear xlate 2-51 clock set 2-53 compare 2-54 configure 2-55 copy capture 2-56 copy checkpoint 2-57 copy core: 2-59 copy disk0: 2-60 copy ftp: 2-62 copy image: 2-63 copy licenses 2-65 copy probe: 2-66 copy running-config 2-68 copy startup-config 2-69 copy sftp: 2-70 copy tftp: 2-72 crypto crlparams 2-73 crypto delete 2-74 crypto export 2-75 crypto generate csr 2-76Contents v Command Reference, Cisco ACE Application Control Engine OL-25339-01 crypto generate key 2-77 crypto import 2-78 crypto verify 2-82 debug 2-83 delete 2-86 dir 2-87 dm 2-89 exit 2-90 format flash: 2-91 ft switchover 2-93 gunzip 2-94 invoke context 2-95 license 2-96 mkdir disk0: 2-97 move disk0: 2-98 np session 2-99 ping 2-101 reload 2-103 reprogram bootflash 2-104 restore 2-105 rmdir disk0: 2-107 setup 2-108 set dc 2-110 set sticky-ixp 2-111 show 2-112 show aaa 2-113 show access-list 2-114 show accounting log 2-115 show acl-merge 2-117 show action-list 2-118 show arp 2-119 show backup 2-121 show banner motd 2-122 show bootvar 2-123 show buffer 2-125 show capture 2-127 show cde 2-129 show cfgmgr 2-130 show checkpoint 2-132 show clock 2-134Contents vi Command Reference, Cisco ACE Application Control Engine OL-25339-01 show conn 2-135 show context 2-136 show copyright 2-137 show crypto 2-138 show dc 2-141 show debug 2-145 show domain 2-148 show download information 2-149 show eobc 2-150 show fifo 2-152 show file 2-153 show fragment 2-155 show ft 2-156 show hardware 2-158 show hyp 2-159 show icmp statistics 2-159 show interface 2-161 show inventory 2-163 show ip 2-164 show ipcp 2-167 show ipv6 2-168 show kalap udp load 2-170 show lcp event-history 2-172 show ldap-server 2-173 show license 2-174 show line 2-176 show logging 2-177 show login timeout 2-179 show nat-fabric 2-180 show netio 2-181 show nexus-device 2-182 show np 2-184 show ntp 2-188 show optimization-global 2-189 show parameter-map 2-190 show probe 2-191 show processes 2-192 show pvlans 2-193 show radius-server 2-194 show resource allocation 2-195Contents vii Command Reference, Cisco ACE Application Control Engine OL-25339-01 show resource internal 2-196 show resource usage 2-198 show restore 2-201 show role 2-203 show rserver 2-204 show running-config 2-206 show scp 2-208 show script 2-209 show security internal event-history 2-211 show serverfarm 2-212 show service-policy 2-214 show snmp 2-216 show ssh 2-218 show startup-config 2-220 show stats 2-221 show sticky cookie-insert group 2-223 show sticky database 2-224 show sticky hash 2-227 show conn sticky 2-228 show syn-cookie 2-229 show system 2-230 show tacacs-server 2-232 show tcp statistics 2-233 show tech-support 2-234 show telnet 2-235 show terminal 2-236 show udp statistics 2-237 show user-account 2-238 show users 2-239 show version 2-240 show vlans 2-242 show vm-controller 2-243 show vnet 2-244 show xlate 2-245 ssh 2-246 system internal 2-248 system watchdog 2-249 tac-pac 2-251 telnet 2-253 terminal 2-254Contents viii Command Reference, Cisco ACE Application Control Engine OL-25339-01 traceroute 2-255 undebug all 2-256 untar disk0: 2-258 write 2-259 xml-show 2-260 Configuration Mode Commands 2-262 (config) aaa accounting default 2-263 (config) aaa authentication login 2-265 (config) aaa group server 2-266 (config) access-group 2-267 (config) access-list ethertype 2-270 (config) access-list extended 2-272 (config) access-list remark 2-281 (config) access-list resequence 2-282 (config) action-list type modify http 2-283 (config) action-list type optimization http 2-285 (config) arp 2-287 (config) banner 2-289 (config) boot system image: 2-290 (config) buffer threshold 2-292 (config) class-map 2-294 (config) clock timezone 2-297 (config) clock summer-time 2-300 (config) config-register 2-301 (config) context 2-303 (config) crypto authgroup 2-304 (config) crypto chaingroup 2-305 (config) crypto crl 2-306 (config) crypto crlparams 2-307 (config) crypto csr-params 2-309 (config) crypto ocspserver 2-310 (config) crypto rehandshake enabled 2-312 (config) domain 2-313 (config) end 2-314 (config) exit 2-314 (config) ft auto-sync 2-315 (config) ft connection-sync disable 2-317 (config) ft group 2-318 (config) ft interface vlan 2-320 (config) ft peer 2-321Contents ix Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config) ft track host 2-322 (config) ft track hsrp 2-323 (config) ft track interface 2-324 (config) hostname 2-325 (config) hw-module 2-326 (config) interface 2-327 (config) ip dhcp relay 2-330 (config) ip domain-list 2-332 (config) ip domain-lookup 2-333 (config) ip domain-name 2-335 (config) ip name-server 2-337 (config) ip route 2-338 (config) ipv6 nd interval 2-340 (config) ipv6 nd learned-interval 2-341 (config) ipv6 nd retries 2-342 (config) ipv6 nd sync disable 2-343 (config) ipv6 nd sync-interval 2-344 (config) kalap udp 2-345 (config) ldap-server host 2-346 (config) ldap-server port 2-347 (config) ldap-server timeout 2-348 (config) line console 2-349 (config) line vty 2-350 (config) login timeout 2-352 (config) logging buffered 2-353 (config) logging console 2-355 (config) logging device-id 2-357 (config) logging enable 2-359 (config) logging facility 2-360 (config) logging fastpath 2-361 (config) logging history 2-362 (config) logging host 2-364 (config) logging message 2-366 (config) logging monitor 2-368 (config) logging persistent 2-369 (config) logging queue 2-370 (config) logging rate-limit 2-371 (config) logging standby 2-373 (config) logging supervisor 2-374 (config) logging timestamp 2-375Contents x Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config) logging trap 2-376 (config) nexus-device 2-377 (config) ntp 2-379 (config) object-group 2-380 (config) optimize 2-382 (config) parameter-map type 2-382 (config) peer hostname 2-385 (config) peer shared-vlan-hostid 2-386 (config) policy-map 2-388 (config) probe 2-392 (config) radius-server attribute nas-ipaddr 2-395 (config) radius-server deadtime 2-396 (config) radius-server host 2-397 (config) radius-server key 2-400 (config) radius-server retransmit 2-401 (config) radius-server timeout 2-402 (config) regex compilation-timeout 2-403 (config) resource-class 2-404 (config) role 2-405 (config) rserver 2-406 (config) script file name 2-407 (config) serverfarm 2-408 (config) service-policy 2-409 (config) shared-vlan-hostid 2-411 (config) snmp-server community 2-412 (config) snmp-server contact 2-414 (config) snmp-server enable traps 2-415 (config) snmp-server engineid 2-418 (config) snmp-server host 2-420 (config) snmp-server location 2-421 (config) snmp-server trap link ietf 2-422 (config) snmp-server trap-source vlan 2-423 (config) snmp-server unmask-community 2-424 (config) snmp-server user 2-425 (config) ssh key 2-428 (config) ssh maxsessions 2-429 (config) ssl-proxy service 2-430 (config) static 2-431 (config) sticky http-content 2-433 (config) sticky http-cookie 2-434Contents xi Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config) sticky http-header 2-436 (config) sticky ip-netmask 2-438 (config) sticky layer4-payload 2-439 (config) sticky radius framed-ip 2-440 (config) sticky rtsp-header 2-441 (config) sticky sip-header 2-442 (config) switch-mode 2-443 (config) tacacs-server deadtime 2-445 (config) tacacs-server host 2-446 (config) tacacs-server key 2-448 (config) tacacs-server timeout 2-449 (config) telnet maxsessions 2-451 (config) timeout xlate 2-452 (config) udp 2-453 (config) username 2-454 (config) vm-controller 2-456 Action List Modify Configuration Mode Commands 2-457 (config-actlist-modify) description 2-458 (config-actlist-modify) header delete 2-459 (config-actlist-modify) header insert 2-461 (config-actlist-modify) header rewrite 2-462 (config-actlist-modify) ssl header-insert 2-464 (config-actlist-modify) ssl url rewrite location 2-473 Action List Optimization Configuration Mode Commands 2-474 (config-actlist-optm) appscope 2-475 (config-actlist-optm) cache 2-476 (config-actlist-optm) delta 2-478 (config-actlist-optm) description 2-479 (config-actlist-optm) dynamic etag 2-480 (config-actlist-optm) flashforward 2-481 (config-actlist-optm) flashforward-object 2-481 Authentication Group Configuration Mode Commands 2-483 (config-authgroup) cert 2-484 Chaingroup Configuration Mode Commands 2-485 (config-chaingroup) cert 2-486 Class Map Configuration Mode Commands 2-488 (config-cmap) description 2-490 (config-cmap) match access-list 2-491 (config-cmap) match any 2-493Contents xii Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-cmap) match anyv6 2-494 (config-cmap) match destination-address 2-495 (config-cmap) match port 2-497 (config-cmap) match port-v6 2-500 (config-cmap) match source-address 2-502 (config-cmap) match virtual-address 2-504 Class Map FTP Inspection Configuration Mode Commands 2-507 (config-cmap-ftp-insp) description 2-508 (config-cmap-ftp-insp) match request-method 2-509 Class Map Generic Configuration Mode Commands 2-510 (config-cmap-generic) description 2-511 (config-cmap-generic) match class-map 2-513 (config-cmap-generic) match layer4-payload 2-514 (config-cmap-generic) match source-address 2-516 Class Map HTTP Inspection Configuration Mode Commands 2-517 (config-cmap-http-insp) description 2-519 (config-cmap-http-insp) match content 2-520 (config-cmap-http-insp) match content length 2-522 (config-cmap-http-insp) match cookie secondary 2-523 (config-cmap-http-insp) match header 2-524 (config-cmap-http-insp) match header length 2-528 (config-cmap-http-insp) match header mime-type 2-530 (config-cmap-http-insp) match port-misuse 2-533 (config-cmap-http-insp) match request-method 2-534 (config-cmap-http-insp) match transfer-encoding 2-535 (config-cmap-http-insp) match url 2-537 (config-cmap-http-insp) match url length 2-538 Class Map HTTP Load Balancing Configuration Mode Commands 2-539 (config-cmap-http-lb) description 2-541 (config-cmap-http-lb) match class-map 2-542 (config-cmap-http-lb) match cipher 2-544 (config-cmap-http-lb) match http content 2-545 (config-cmap-http-lb) match http cookie 2-546 (config-cmap-http-lb) match http header 2-547 (config-cmap-http-lb) match http url 2-550 (config-cmap-http-lb) match source-address 2-552 Class Map Management Configuration Mode Commands 2-553 (config-cmap-mgmt) description 2-554 (config-cmap-mgmt) match protocol 2-556Contents xiii Command Reference, Cisco ACE Application Control Engine OL-25339-01 Class Map RADIUS Load Balancing Configuration Mode Commands 2-558 (config-cmap-radius-lb) description 2-560 (config-cmap-radius-lb) match radius attribute 2-561 Class Map RTSP Load Balancing Configuration Mode Commands 2-562 (config-cmap-rtsp-lb) description 2-564 (config-cmap-rtsp-lb) match class-map 2-565 (config-cmap-rtsp-lb) match rtsp header 2-566 (config-cmap-rtsp-lb) match rtsp url 2-567 (config-cmap-rtsp-lb) match source-address 2-570 Class Map SIP Inspection Configuration Mode Commands 2-571 (config-cmap-sip-insp) description 2-572 (config-cmap-sip-insp) match called-party 2-573 (config-cmap-sip-insp) match calling-party 2-575 (config-cmap-sip-insp) match content 2-577 (config-cmap-sip-insp) match im-subscriber 2-578 (config-cmap-sip-insp) match message-path 2-579 (config-cmap-sip-insp) match request-method 2-582 (config-cmap-sip-insp) match third-party registration 2-583 (config-cmap-sip-insp) match uri 2-585 Class Map SIP Load Balancing Configuration Mode Commands 2-586 (config-cmap-sip-lb) description 2-588 (config-cmap-sip-lb) match class-map 2-589 (config-cmap-sip-lb) match sip header 2-590 (config-cmap-sip-lb) match source-address 2-593 Console Configuration Mode Commands 2-595 (config-console) databits 2-596 (config-console) parity 2-597 (config-console) speed 2-598 (config-console) stopbits 2-599 Context Configuration Mode Commands 2-600 (config-context) allocate-interface 2-601 (config-context) description 2-603 (config-context) member 2-604 CSR Parameters Configuration Mode Commands 2-605 (config-csr-params) common-name 2-606 (config-csr-params) country 2-607 (config-csr-params) email 2-608 (config-csr-params) locality 2-609 (config-csr-params) organization-name 2-611Contents xiv Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-csr-params) organization-unit 2-612 (config-csr-params) serial-number 2-613 (config-csr-params) state 2-614 DCI Configuration Mode Commands 2-615 (config-dci) credentials 2-616 (config-dci) ip-address 2-617 Domain Configuration Mode Commands 2-618 (config-domain) add-object 2-620 FT Group Configuration Mode Commands 2-622 (config-ft-group) associate-context 2-623 (config-ft-group) inservice 2-624 (config-ft-group) peer 2-625 (config-ft-group) peer priority 2-626 (config-ft-group) preempt 2-627 (config-ft-group) priority 2-628 FT Interface Configuration Mode Commands 2-629 (config-ft-intf) ip 2-630 (config-ft-intf) peer ip 2-632 (config-ft-intf) shutdown 2-633 FT Peer Configuration Mode Commands 2-634 (config-ft-peer) ft-interface vlan 2-635 (config-ft-peer) heartbeat 2-636 (config-ft-peer) query-interface 2-637 FT Track Host Configuration Mode Commands 2-638 (config-ft-track-host) peer priority 2-640 (config-ft-track-host) peer probe 2-641 (config-ft-track-host) peer track-host 2-643 (config-ft-track-host) priority 2-645 (config-ft-track-host) probe 2-646 (config-ft-track-host) track-host 2-647 FT Track HSRP Configuration Mode Commands 2-648 (config-ft-track-hsrp) peer priority 2-649 (config-ft-track-hsrp) peer track-hsrp 2-650 (config-ft-track-hsrp) priority 2-651 (config-ft-track-hsrp) track-hsrp 2-652 FT Track Interface Configuration Mode Commands 2-653 (config-ft-track-interface) peer priority 2-654 (config-ft-track-interface) peer track-interface vlan 2-655 (config-ft-track-interface) priority 2-656Contents xv Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-ft-track-interface) track-interface vlan 2-657 Interface Configuration Mode Commands 2-658 (config-if) access-group 2-660 (config-if) alias 2-661 (config-if) arp 2-663 (config-if) arp inspection 2-664 (config-if) bridge-group 2-666 (config-if) carrier-delay 2-667 (config-if) channel-group 2-668 (config-if) description 2-669 (config-if) duplex 2-670 (config-if) fragment chain 2-671 (config-if) fragment min-mtu 2-672 (config-if) fragment timeout 2-673 (config-if) ft-port vlan 2-674 (config-if) icmp-guard 2-675 (config-if) ip address 2-677 (config-if) ip df 2-680 (config-if) ip dhcp relay enable 2-681 (config-if) ip dhcp relay server 2-682 (config-if) ip options 2-683 (config-if) ip route inject vlan 2-684 (config-if) ip ttl minimum 2-685 (config-if) ip verify reverse-path 2-686 (config-if) ipv6 dhcp relay enable 2-687 (config-if) ipv6 dhcp relay fwd-interface 2-688 (config-if) ipv6 dhcp relay server 2-689 (config-if) ipv6 enable 2-691 (config-if) ipv6 extension-header 2-692 (config-if) ipv6 fragment chain 2-693 (config-if) ipv6 fragment min-mtu 2-694 (config-if) ipv6 fragment timeout 2-695 (config-if) ipv6 icmp-guard 2-696 (config-if) ipv6 mtu 2-698 (config-if) ipv6 nd dad-attempts 2-699 (config-if) ipv6 nd managed-config-flag 2-700 (config-if) ipv6 nd ns-interval 2-701 (config-if) ipv6 nd other-config-flag 2-702 (config-if) ipv6 nd prefix 2-703 (config-if) ipv6 nd ra hop-limit 2-705Contents xvi Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-if) ipv6 nd ra interval 2-706 (config-if) ipv6 nd ra lifetime 2-707 (config-if) ipv6 nd ra suppress 2-708 (config-if) ipv6 nd reachable-time 2-709 (config-if) ipv6 nd retransmission-time 2-710 (config-if) ipv6 neighbor 2-711 (config-if) ipv6 normalization 2-712 (config-if) ipv6 route inject vlan 2-714 (config-if) ipv6 verify reverse-path 2-715 (config-if) mac-address autogenerate 2-716 (config-if) mac-sticky enable 2-717 (config-if) mtu 2-719 (config-if) nat-pool 2-720 (config-if) normalization 2-721 (config-if) normalization send-reset 2-723 (config-if) peer ip address 2-723 (config-if) port-channel load-balance 2-726 (config-if) qos trust cos 2-727 (config-if) remove-eth-pad 2-728 (config-if) service-policy input 2-729 (config-if) shutdown 2-730 (config-if) speed 2-732 (config-if) switchport access vlan 2-734 (config-if) switchport trunk allowed vlan 2-736 (config-if) switchport trunk native vlan 2-738 (config-if) syn-cookie 2-739 (config-if) udp 2-741 KAL-AP UDP Configuration Mode Commands 2-743 (config-kalap-udp) ip address 2-744 LDAP Configuration Mode Commands 2-745 (config-ldap) attribute user-profile 2-746 (config-ldap) baseDN 2-748 (config-ldap) filter search-user 2-749 (config-ldap) server 2-750 Line Configuration Mode Commands 2-751 (config-line) session-limit 2-752 Object Group Configuration Mode Commands 2-753 (config-objgrp-netw) description 2-754 (config-objgrp-netw) host 2-755Contents xvii Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-objgrp-netw) ip_address 2-757 (config-objgrp-serv) description 2-759 (config-objgrp-serv) protocol 2-760 Optimize Configuration Mode Commands 2-767 (config-optimize) appscope-log 2-768 (config-optimize) concurrent-connections 2-769 (config-optimize) debug-level 2-770 Parameter Map Connection Configuration Mode Commands 2-772 (config-parammap-conn) description 2-774 (config-parammap-conn) exceed-mss 2-775 (config-parammap-conn) nagle 2-776 (config-parammap-conn) random-sequence-number 2-777 (config-parammap-conn) rate-limit 2-778 (config-parammap-conn) reserved-bits 2-779 (config-parammap-conn) set ip tos 2-780 (config-parammap-conn) set tcp ack-delay 2-781 (config-parammap-conn) set tcp buffer-share 2-782 (config-parammap-conn) set tcp mss 2-784 (config-parammap-conn) set tcp reassembly-timout 2-786 (config-parammap-conn) set tcp syn-retry 2-786 (config-parammap-conn) set tcp timeout 2-787 (config-parammap-conn) set tcp wan-optimization 2-788 (config-parammap-conn) set tcp window-scale 2-790 (config-parammap-conn) set timeout inactivity 2-791 (config-parammap-conn) slowstart 2-792 (config-parammap-conn) syn-data 2-793 (config-parammap-conn) tcp-options 2-794 (config-parammap-conn) urgent-flag 2-798 Parameter Map DNS Configuration Mode Commands 2-799 (config-parammap-dns) description 2-800 (config-parammap-dns) timeout query 2-801 Parameter Map Generic Configuration Mode Commands 2-801 (config-parammap-generi) case-insensitive 2-803 (config-parammap-generi) description 2-804 (config-parammap-generi) set max-parse-length 2-805 Parameter Map HTTP Configuration Mode Commands 2-806 (config-parammap-http) case-insensitive 2-808 (config-parammap-http) cookie-error-ignore 2-809 (config-parammap-http) description 2-810Contents xviii Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-parammap-http) compress 2-811 (config-parammap-http) header modify per-request 2-813 (config-parammap-http) length-exceed 2-815 (config-parammap-http) parsing non-strict 2-816 (config-parammap-http) persistence-rebalance 2-817 (config-parammap-http) server-conn reuse 2-819 (config-parammap-http) set content-maxparse-length 2-820 (config-parammap-http) set header-maxparse-length 2-822 (config-parammap-http) set secondary-cookie-delimiters 2-823 (config-parammap-http) set secondary-cookie-start 2-824 Parameter Map Optimization Configuration Mode Commands 2-825 (config-parammap-optmz) appscope optimize-rate-percent 2-826 (config-parammap-optmz) basefile anonymous-level 2-827 (config-parammap-optmz) cache key-modifier 2-828 (config-parammap-optmz) cache parameter 2-831 (config-parammap-optmz) cache ttl 2-833 (config-parammap-optmz) cache-policy request 2-834 (config-parammap-optmz) cache-policy response 2-835 (config-parammap-optmz) canonical-url 2-836 (config-parammap-optmz) clientscript-default 2-837 (config-parammap-optmz) description 2-838 (config-parammap-optmz) delta 2-839 (config-parammap-optmz) expires-setting 2-841 (config-parammap-optmz) extract meta 2-842 (config-parammap-optmz) flashforward refresh-policy 2-843 (config-parammap-optmz) ignore-server-content 2-844 (config-parammap-optmz) parameter-summary parameter-value-limit 2-845 (config-parammap-optmz) post-content-buffer-limit 2-846 (config-parammap-optmz) rebase 2-847 (config-parammap-optmz) request-grouping-string 2-848 (config-parammap-optmz) server-header 2-849 (config-parammap-optmz) server-load 2-850 (config-parammap-optmz) utf8 threshold 2-852 Parameter Map RTSP Configuration Mode Commands 2-852 (config-parammap-rtsp) case-insensitive 2-854 (config-parammap-rtsp) description 2-855 (config-parammap-rtsp) set header-maxparse-length 2-856 Parameter Map SCCP Configuration Mode Commands 2-857 (config-parammap-skinny) description 2-859Contents xix Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-parammap-skinny) enforce-registration 2-860 (config-parammap-skinny) message-id max 2-861 (config-parammap-skinny) sccp-prefix-len 2-862 Parameter Map SIP Configuration Mode Commands 2-863 (config-parammap-sip) description 2-865 (config-parammap-sip) im 2-865 (config-parammap-sip) max-forward-validation 2-866 (config-parammap-sip) software-version 2-867 (config-parammap-sip) strict-header-validation 2-868 (config-parammap-sip) timeout 2-870 (config-parammap-sip) uri-non-sip 2-871 Parameter Map SSL Configuration Mode Commands 2-872 (config-parammap-ssl) authentication-failure 2-873 (config-parammap-ssl) cdp-errors ignore 2-876 (config-parammap-ssl) cipher 2-877 (config-parammap-ssl) close-protocol 2-879 (config-parammap-ssl) description 2-880 (config-parammap-ssl) expired-crl reject 2-881 (config-parammap-ssl) purpose-check disabled 2-882 (config-parammap-ssl) queue-delay timeout 2-883 (config-parammap-ssl) rehandshake enabled 2-884 (config-parammap-ssl) session-cache timeout 2-885 (config-parammap-ssl) version 2-887 Policy Map Configuration Mode Commands 2-888 (config-pmap) class 2-890 (config-pmap) description 2-891 Policy Map Class Configuration Mode Commands 2-892 (config-pmap-c) appl-parameter dns advanced-options 2-893 (config-pmap-c) appl-parameter generic advanced-options 2-894 (config-pmap-c) appl-parameter http advanced-options 2-895 (config-pmap-c) appl-parameter rtsp advanced-options 2-896 (config-pmap-c) appl-parameter sip advanced-options 2-897 (config-pmap-c) appl-parameter skinny advanced-options 2-898 (config-pmap-c) connection advanced-options 2-899 (config-pmap-c) inspect 2-900 (config-pmap-c) kal-ap primary-oos 2-904 (config-pmap-c) kal-ap-tag 2-906 (config-pmap-c) loadbalance policy 2-907 (config-pmap-c) loadbalance vip advertise 2-908Contents xx Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-pmap-c) loadbalance vip icmp-reply 2-909 (config-pmap-c) loadbalance vip inservice 2-910 (config-pmap-c) loadbalance vip udp-fast-age 2-911 (config-pmap-c) nat dynamic 2-912 (config-pmap-c) nat static 2-913 (config-pmap-c) ssl-proxy 2-916 Policy Map FTP Inspection Configuration Mode Commands 2-917 (config-pmap-ftp-ins) class 2-919 (config-pmap-ftp-ins) description 2-920 (config-pmap-ftp-ins) match request-method 2-921 Policy Map FTP Inspection Class Configuration Mode Commands 2-922 (config-pmap-ftp-ins-c) deny 2-923 (config-pmap-ftp-ins-c) mask-reply 2-924 Policy Map FTP Inspection Match Configuration Mode Commands 2-924 (config-pmap-ftp-ins-m) deny 2-926 (config-pmap-ftp-ins-m) mask-reply 2-927 Policy Map Inspection HTTP Configuration Mode Commands 2-927 (config-pmap-ins-http) class 2-929 (config-pmap-ins-http) description 2-931 (config-pmap-ins-http) match content 2-932 (config-pmap-ins-http) match content length 2-934 (config-pmap-ins-http) match content-type-verification 2-935 (config-pmap-ins-http) match cookie secondary 2-936 (config-pmap-ins-http) match header 2-939 (config-pmap-ins-http) match header length 2-942 (config-pmap-ins-http) match header mime-type 2-944 (config-pmap-ins-http) match port-misuse 2-947 (config-pmap-ins-http) match request-method 2-948 (config-pmap-ins-http) match strict-http 2-950 (config-pmap-ins-http) match transfer-encoding 2-952 (config-pmap-ins-http) match url 2-953 (config-pmap-ins-http) match url length 2-955 Policy Map Inspection HTTP Class Configuration Mode Commands 2-956 (config-pmap-ins-http-c) passthrough log 2-957 (config-pmap-ins-http-c) permit 2-958 (config-pmap-ins-http-c) reset 2-959 Policy Map Inspection HTTP Match Configuration Mode Commands 2-959 (config-pmap-ins-http-m) passthrough log 2-961 (config-pmap-ins-http-m) permit 2-962Contents xxi Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-pmap-ins-http-m) reset 2-963 Policy Map Inspection SIP Configuration Mode Commands 2-964 (config-pmap-ins-sip) class 2-966 (config-pmap-ins-sip) description 2-967 (config-pmap-ins-sip) match called-party 2-968 (config-pmap-ins-sip) match calling-party 2-969 (config-pmap-ins-sip) match content 2-970 (config-pmap-ins-sip) match im-subscriber 2-972 (config-pmap-ins-sip) match message-path 2-973 (config-pmap-ins-sip) match request-method 2-974 (config-pmap-ins-sip) match third-party registration 2-976 (config-pmap-ins-sip) match uri 2-978 Policy Map Inspection SIP Class Configuration Mode Commands 2-979 (config-pmap-ins-sip-c) drop 2-980 (config-pmap-ins-sip-c) log 2-980 (config-pmap-ins-sip-c) permit 2-981 (config-pmap-ins-sip-c) reset 2-982 Policy Map Inspection SIP Match Configuration Mode Commands 2-983 (config-pmap-ins-sip-m) drop 2-984 (config-pmap-ins-sip-m) permit 2-985 (config-pmap-ins-sip-m) reset 2-986 Policy Map Inspection Skinny Configuration Mode Commands 2-986 (config-pmap-ins-skinny) description 2-988 (config-pmap-ins-skinny) match message-id 2-989 Policy Map Inspection Skinny Match Configuration Mode Commands 2-990 (config-pmap-ins-skinny-m) reset 2-991 Policy Map Load Balancing Generic Configuration Mode Commands 2-992 (config-pmap-lb-generic) class 2-994 (config-pmap-lb-generic) description 2-996 (config-pmap-lb-generic) match layer4-payload 2-997 (config-pmap-lb-generic) match source-address 2-998 Policy Map Load Balancing Generic Class Configuration Mode Commands 2-999 (config-pmap-lb-generic-c) drop 2-1000 (config-pmap-lb-generic-c) forward 2-1001 (config-pmap-lb-generic-c) serverfarm 2-1002 (config-pmap-lb-generic-c) set ip tos 2-1003 (config-pmap-lb-generic-c) sticky-serverfarm 2-1004 Policy Map Load Balancing Generic Match Configuration Mode Commands 2-1004 (config-pmap-lb-generic-m) drop 2-1006Contents xxii Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-pmap-lb-generic-m) forward 2-1006 (config-pmap-lb-generic-m) serverfarm 2-1007 (config-pmap-lb-generic-m) set ip tos 2-1009 (config-pmap-lb-generic-m) sticky-serverfarm 2-1010 Policy Map Load Balancing HTTP Configuration Mode Commands 2-1011 (config-pmap-lb) class 2-1012 (config-pmap-lb) description 2-1013 (config-pmap-lb) match cipher 2-1014 (config-pmap-lb) match http content 2-1016 (config-pmap-lb) match http cookie 2-1017 (config-pmap-lb) match http header 2-1019 (config-pmap-lb) match http url 2-1023 (config-pmap-lb) match source-address 2-1024 Policy Map Load Balancing HTTP Class Configuration Mode Commands 2-1025 (config-pmap-lb-c) action 2-1026 (config-pmap-lb-c) compress 2-1027 (config-pmap-lb-c) drop 2-1029 (config-pmap-lb-c) forward 2-1030 (config-pmap-lb-c) insert-http 2-1031 (config-pmap-lb-c) nat dynamic 2-1032 (config-pmap-lb-c) serverfarm 2-1033 (config-pmap-lb-c) set ip tos 2-1035 (config-pmap-lb-c) ssl-proxy client 2-1036 (config-pmap-lb-c) sticky-serverfarm 2-1037 Policy Map Load Balancing HTTP Match Configuration Mode Commands 2-1038 (config-pmap-lb-m) action 2-1038 (config-pmap-lb-m) compress 2-1040 (config-pmap-lb-m) drop 2-1041 (config-pmap-lb-m) forward 2-1043 (config-pmap-lb-m) insert-http 2-1044 (config-pmap-lb-m) serverfarm 2-1045 (config-pmap-lb-m) set ip tos 2-1046 (config-pmap-lb-m) ssl-proxy client 2-1047 (config-pmap-lb-m) sticky-serverfarm 2-1048 Policy Map Load Balancing RADIUS Configuration Mode Commands 2-1049 (config-pmap-lb-radius) class 2-1051 (config-pmap-lb-radius) description 2-1053 (config-pmap-lb-radius) match radius attribute 2-1054 Policy Map Load Balancing RADIUS Class Configuration Mode Commands 2-1055Contents xxiii Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-pmap-lb-radius-c) drop 2-1056 (config-pmap-lb-radius-c) forward 2-1057 (config-pmap-lb-radius-c) serverfarm 2-1058 (config-pmap-lb-radius-c) set ip tos 2-1059 (config-pmap-lb-radius-c) sticky-serverfarm 2-1060 Policy Map Load Balancing RADIUS Match Configuration Mode Commands 2-1060 (config-pmap-lb-radius-m) drop 2-1062 (config-pmap-lb-radius-m) forward 2-1063 (config-pmap-lb-radius-m) serverfarm 2-1064 (config-pmap-lb-radius-m) set ip tos 2-1065 (config-pmap-lb-radius-m) sticky-serverfarm 2-1066 Policy Map Load Balancing RDP Configuration Mode Commands 2-1066 (config-pmap-lb-rdp) class 2-1068 (config-pmap-lb-rdp) description 2-1069 Policy Map Load Balancing RDP Class Configuration Mode Commands 2-1069 (config-pmap-lb-rdp-c) drop 2-1071 (config-pmap-lb-rdp-c) forward 2-1072 (config-pmap-lb-rdp-c) serverfarm 2-1073 (config-pmap-lb-rdp-c) set ip tos 2-1074 (config-pmap-lb-rdp-c) sticky-serverfarm 2-1075 Policy Map Load Balancing RTSP Configuration Mode Commands 2-1076 (config-pmap-lb-rtsp) class 2-1078 (config-pmap-lb-rtsp) description 2-1079 (config-pmap-lb-rtsp) match rtsp header 2-1080 (config-pmap-lb-rtsp) match rtsp source-address 2-1082 (config-pmap-lb-rtsp) match rtsp url 2-1083 Policy Map Load Balancing RTSP Class Configuration Mode Commands 2-1084 (config-pmap-lb-rtsp-c) drop 2-1085 (config-pmap-lb-rtsp-c) forward 2-1086 (config-pmap-lb-rtsp-c) serverfarm 2-1087 (config-pmap-lb-rtsp-c) set ip tos 2-1088 (config-pmap-lb-rtsp-c) sticky-serverfarm 2-1089 Policy Map Load Balancing RTSP Match Configuration Mode Commands 2-1090 (config-pmap-lb-rtsp-m) drop 2-1091 (config-pmap-lb-rtsp-m) forward 2-1092 (config-pmap-lb-rtsp-m) serverfarm 2-1093 (config-pmap-lb-rtsp-m) set ip tos 2-1094 (config-pmap-lb-rtsp-m) sticky-serverfarm 2-1095 Policy Map Load Balancing SIP Configuration Mode Commands 2-1095Contents xxiv Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-pmap-lb-sip) class 2-1097 (config-pmap-lb-sip) description 2-1099 (config-pmap-lb-sip) match sip header 2-1100 (config-pmap-lb-sip) match source-address 2-1101 Policy Map Load Balancing SIP Class Configuration Mode Commands 2-1102 (config-pmap-lb-sip-c) drop 2-1103 (config-pmap-lb-sip-c) forward 2-1104 (config-pmap-lb-sip-c) serverfarm 2-1105 (config-pmap-lb-sip-c) set ip tos 2-1106 (config-pmap-lb-sip-c) sticky-serverfarm 2-1107 Policy Map Load Balancing SIP Match Configuration Mode Commands 2-1108 (config-pmap-lb-sip-m) drop 2-1109 (config-pmap-lb-sip-m) forward 2-1110 (config-pmap-lb-sip-m) serverfarm 2-1111 (config-pmap-lb-sip-m) set ip tos 2-1112 (config-pmap-lb-sip-m) sticky-serverfarm 2-1113 Policy Map Management Configuration Mode Commands 2-1113 (config-pmap-mgmt) class 2-1115 (config-pmap-mgmt) description 2-1117 Policy Map Management Class Configuration Mode Commands 2-1117 (config-pmap-mgmt-c) deny 2-1118 (config-pmap-mgmt-c) permit 2-1119 Policy Map Optimization Configuration Mode Commands 2-1119 (config-pmap-optmz) class 2-1121 (config-pmap-optmz) description 2-1122 (config-pmap-optmz) match http cookie 2-1123 (config-pmap-optmz) match http header 2-1124 (config-pmap-optmz) match http url 2-1127 Policy Map Optimization Class Configuration Mode Commands 2-1128 (config-pmap-optmz-c) action 2-1128 Policy Map Optimization Match Configuration Mode Commands 2-1129 (config-pmap-optmz-m) action 2-1130 Probe Configuration Mode Commands 2-1132 (config-probe-probe_type) append-port-hosttag 2-1135 (config-probe-probe_type) community 2-1137 (config-probe-probe_type) connection term 2-1138 (config-probe-probe_type) credentials 2-1139 (config-probe-probe_type) description 2-1140 (config-probe-probe_type) domain 2-1142Contents xxv Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-probe-probe_type) expect address 2-1143 (config-probe-probe_type) expect regex 2-1145 (config-probe-probe_type) expect status 2-1147 (config-probe-probe_type) faildetect 2-1148 (config-probe-probe_type) hash 2-1149 (config-probe-probe_type) header 2-1150 (config-probe-probe_type) interval 2-1153 (config-probe-probe_type) ip address 2-1154 (config-probe-probe_type) nas ip address 2-1156 (config-probe-probe_type) oid 2-1157 (config-probe-probe_type) open 2-1159 (config-probe-probe_type) passdetect 2-1160 (config-probe-probe_type) port 2-1162 (config-probe-probe_type) receive 2-1164 (config-probe-probe_type) request command 2-1165 (config-probe-probe_type) request method 2-1166 (config-probe-probe_type) script 2-1167 (config-probe-probe_type) send-data 2-1168 (config-probe-probe_type) ssl cipher 2-1169 (config-probe-probe_type) ssl version 2-1171 (config-probe-probe_type) version 2-1171 (config-probe-sip-udp) rport enable 2-1173 Probe SNMP OID Configuration Mode Commands 2-1174 (config-probe-snmp-oid) threshold 2-1176 (config-probe-snmp-oid) type absolute max 2-1178 (config-probe-snmp-oid) weight 2-1180 Probe VM Configuration Mode Commands 2-1181 (config-probe-vm) interval 2-1182 (config-probe-vm) load 2-1183 (config-probe-vm) vm-controller 2-1185 RADIUS Configuration Mode Commands 2-1186 (config-radius) deadtime 2-1188 (config-radius) server 2-1189 Real Server Host Configuration Mode Commands 2-1190 (config-rserver-host) conn-limit 2-1191 (config-rserver-host) description 2-1193 (config-rserver-host) fail-on-all 2-1194 (config-rserver-host) inservice 2-1195 (config-rserver-host) ip address 2-1196Contents xxvi Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-rserver-host) probe 2-1198 (config-rserver-host) rate-limit 2-1199 (config-rserver-host) weight 2-1201 Real Server Redirect Configuration Mode Commands 2-1202 (config-rserver-redir) conn-limit 2-1204 (config-rserver-redir) description 2-1206 (config-rserver-redir) inservice 2-1207 (config-rserver-redir) probe 2-1208 (config-rserver-redir) rate-limit 2-1209 (config-rserver-redir) webhost-redirection 2-1210 Resource Configuration Mode Commands 2-1212 (config-resource) limit-resource 2-1213 Role Configuration Mode Commands 2-1216 (config-role) description 2-1217 (config-role) rule 2-1218 Server Farm Host Configuration Mode Commands 2-1221 (config-sfarm-host) description 2-1223 (config-sfarm-host) dws 2-1224 (config-sfarm-host) failaction 2-1225 (config-sfarm-host) fail-on-all 2-1228 (config-sfarm-host) inband-health check 2-1230 (config-sfarm-host) partial-threshold 2-1233 (config-sfarm-host) predictor 2-1234 (config-sfarm-host) probe 2-1240 (config-sfarm-host) retcode 2-1242 (config-sfarm-host) rserver 2-1244 (config-sfarm-host) transparent 2-1245 Serverfarm Host Predictor Configuration Mode Commands 2-1246 (config-sfarm-host-predictor) autoadjust 2-1248 (config-sfarm-host-predictor) weight connection 2-1250 Server Farm Host Real Server Configuration Mode Commands 2-1251 (config-sfarm-host-rs) backup-rserver 2-1253 (config-sfarm-host-rs) conn-limit 2-1254 (config-sfarm-host-rs) cookie-string 2-1255 (config-sfarm-host-rs) description 2-1257 (config-sfarm-host-rs) fail-on-all 2-1258 (config-sfarm-host-rs) inservice 2-1260 (config-sfarm-host-rs) probe 2-1262 (config-sfarm-host-rs) rate-limit 2-1263Contents xxvii Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-sfarm-host-rs) weight 2-1264 Server Farm Redirect Configuration Mode Commands 2-1265 (config-sfarm-redirect) description 2-1267 (config-sfarm-redirect) failaction 2-1268 (config-sfarm-redirect) predictor 2-1270 (config-sfarm-redirect) probe 2-1276 (config-sfarm-redirect) rserver 2-1277 Serverfarm Redirect Predictor Configuration Mode Commands 2-1279 (config-sfarm-redirect-predictor) autoadjust 2-1281 (config-sfarm-redirect-predictor) weight connection 2-1283 Server Farm Redirect Real Server Configuration Mode Commands 2-1284 (config-sfarm-redirect-rs) backup-rserver 2-1286 (config-sfarm-redirect-rs) conn-limit 2-1287 (config-sfarm-redirect-rs) inservice 2-1288 (config-sfarm-host-rs) probe 2-1290 (config-sfarm-redirect-rs) rate-limit 2-1291 (config-sfarm-redirect-rs) weight 2-1292 SSL Proxy Configuration Mode Commands 2-1294 (config-ssl-proxy) authgroup 2-1295 (config-ssl-proxy) cert 2-1297 (config-ssl-proxy) chaingroup 2-1299 (config-ssl-proxy) crl 2-1300 (config-ssl-proxy) key 2-1302 (config-ssl-proxy) ocspserver 2-1304 (config-ssl-proxy) revcheckprio 2-1306 (config-ssl-proxy) ssl advanced-options 2-1308 Sticky HTTP Cookie Configuration Mode Commands 2-1309 (config-sticky-cookie) cookie insert 2-1310 (config-sticky-cookie) cookie 2-1311 (config-sticky-cookie) cookie secondary 2-1312 (config-sticky-cookie) replicate sticky 2-1313 (config-sticky-cookie) serverfarm 2-1314 (config-sticky-cookie) static cookie-value 2-1315 (config-sticky-cookie) timeout 2-1316 Sticky HTTP Content Configuration Mode Commands 2-1317 (config-sticky-content) content 2-1318 (config-sticky-content) replicate sticky 2-1320 (config-sticky-content) serverfarm 2-1321 (config-sticky-content) static content 2-1323Contents xxviii Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-sticky-content) timeout 2-1324 Sticky HTTP Header Configuration Mode Commands 2-1325 (config-sticky-header) header 2-1327 (config-sticky-header) replicate sticky 2-1329 (config-sticky-header) serverfarm 2-1330 (config-sticky-header) static header-value 2-1332 (config-sticky-header) timeout 2-1333 Sticky IP Configuration Mode Commands 2-1334 (config-sticky-ip) replicate sticky 2-1336 (config-sticky-ip) serverfarm 2-1337 (config-sticky-ip) static client source 2-1338 (config-sticky-ip) timeout 2-1341 Sticky Layer 4 Payload Configuration Mode Commands 2-1342 (config-sticky-l4payloa) layer4-payload 2-1344 (config-sticky-l4payloa) replicate sticky 2-1346 (config-sticky-l4payloa) response sticky 2-1347 (config-sticky-l4payloa) serverfarm 2-1348 (config-sticky-l4payloa) static layer4-payload 2-1349 (config-sticky-l4payloa) timeout 2-1350 Sticky RADIUS Configuration Mode Commands 2-1351 (config-sticky-radius) replicate sticky 2-1353 (config-sticky-radius) serverfarm 2-1354 (config-sticky-radius) timeout 2-1355 Sticky RTSP Header Configuration Mode Commands 2-1356 (config-sticky-header) header 2-1358 (config-sticky-header) replicate sticky 2-1360 (config-sticky-header) serverfarm 2-1361 (config-sticky-header) static header-value 2-1362 (config-sticky-header) timeout 2-1363 Sticky SIP Header Configuration Mode Commands 2-1364 (config-sticky-header) replicate sticky 2-1366 (config-sticky-header) serverfarm 2-1367 (config-sticky-header) static header-value 2-1368 (config-sticky-header) timeout 2-1369 TACACS+ Configuration Mode Commands 2-1371 (config-tacacs+) deadtime 2-1372 (config-tacacs+) server 2-1374 VM Configuration Mode Commands 2-1376 (config-vm) credentials 2-1377Contents xxix Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-vm) url 2-1378 C L I C O M M A N D SU M M A R Y B Y MO D EContents xxx Command Reference, Cisco ACE Application Control Engine OL-25339-01xxxi Command Reference, Cisco ACE Application Control Engine OL-25339-01 Preface This guide provides the command-line interface (CLI) information of the following products: • Cisco ACE Application Control Engine Module (ACE module) in the Catalyst 6500 series switch or Cisco 7600 series router, hereinafter referred to as the switch or router, respectively • Cisco ACE 4700 Series Application Control Engine Appliance (ACE appliance) The information in this guide applies to both the ACE module and the ACE appliance unless otherwise noted. This information includes the following: • How to use the CLI. • The CLI commands, including syntax, options, and related commands. This preface contains the following major sections: • Audience • How to Use This Guide • Related Documentation • Symbols and Conventions • Obtaining Documentation, Obtaining Support, and Security Guidelines Audience This guide is intended for the following trained and qualified service personnel who are responsible for configuring the ACE: • Web master • System administrator • System operatorxxxii Command Reference, Cisco ACE Application Control Engine OL-25339-01 Preface How to Use This Guide This guide is organized alphabetically by command mode, as follows: Related Documentation In addition to this document, the ACE documentation set includes the following: Chapter Description Chapter 1, Using the Command-Line Interface Describes how to use the command-line interface (CLI) on the ACE. Chapter 1, CLI Commands Provides detailed information for the following types of CLI commands for the ACE: • Commands that you can enter after you log in to the ACE. • Configuration mode commands that allow you to access global configuration mode and its subset of modes after you log in to the ACE. Document Title Description Administration Guide, Cisco ACE Application Control Engine Describes how to perform the following administration tasks on the ACE: • Setting up the ACE • Establishing remote access • Managing software licenses • Configuring class maps and policy maps • Managing the ACE software • Configuring SNMP • Configuring redundancy • Configuring the XML interface • Upgrading the ACE software Application Acceleration and Optimization Guide, Cisco ACE 4700 Series Application Control Engine Appliance (ACE appliance only) Describes how to configure the web optimization features of the ACE appliance. This guide also provides an overview and description of those features. Cisco Application Control Engine (ACE) Configuration Examples Wiki Provides examples of common configurations for load balancing, security, SSL, routing and bridging, virtualization, and so on. Cisco Application Control Engine (ACE) Troubleshooting Wiki Describes the procedures and methodology in wiki format to troubleshoot the most common problems that you may encounter during the operation of your ACE. Command Reference, Cisco ACE Application Control Engine Provides an alphabetical list and descriptions of all CLI commands by mode, including syntax, options, and related commands.xxxiii Command Reference, Cisco ACE Application Control Engine OL-25339-01 Preface CSM-to-ACE Conversion Tool Guide, Cisco ACE Application Control Engine Module (ACE module only) Describes how to use the CSM-to-ACE module conversion tool to migrate Cisco Content Switching Module (CSM) running- or startup-configuration files to the ACE. CSS-to-ACE Conversion Tool Guide, Cisco ACE Application Control Engine Describes how to use the CSS-to-ACE conversion tool to migrate Cisco Content Services Switches (CSS) running-configuration or startup-configuration files to the ACE. Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance (ACE appliance only) Describes how to use the Device Manager GUI, which resides in flash memory on the ACE appliance, to provide a browser-based interface for configuring and managing the appliance. Getting Started Guide, Cisco ACE Application Control Engine Module (ACE module only) Describes how to perform the initial setup and configuration tasks for the ACE module. Getting Started Guide, Cisco ACE 4700 Series Application Control Engine Appliance (ACE appliance only) Describes how to use the ACE appliance Device Manager GUI and CLI to perform the initial setup and configuration tasks. Hardware Installation Guide, Cisco ACE 4710 Application Control Engine Appliance (ACE appliance only) Provides information for installing the ACE appliance. Installation Note, Cisco ACE Application Control Engine ACE30 Module (ACE module only) Provides information for installing the ACE module into the Catalyst 6500 series switch or a Cisco 7600 series router. Regulatory Compliance and Safety Information, Cisco ACE 4710 Application Control Engine Appliance (ACE appliance only) Regulatory compliance and safety information for the ACE appliance. Release Note, Cisco ACE 4700 Series Application Control Engine Appliance (ACE appliance only) Provides information about operating considerations, caveats, and command-line interface (CLI) commands for the ACE appliance. Release Note, Cisco ACE Application Control Engine Module (ACE module only) Provides information about operating considerations, caveats, and command-line interface (CLI) commands for the ACE module. Routing and Bridging Guide, Cisco ACE Application Control Engine Describes how to perform the following routing and bridging tasks on the ACE: • (ACE appliance only) Ethernet ports • VLAN interfaces • IPv6, including transitioning IPv4 networks to IPv6, IPv6 header format, IPv6 addressing, and suported protocols. • Routing • Bridging • Dynamic Host Configuration Protocol (DHCP) Document Title Descriptionxxxiv Command Reference, Cisco ACE Application Control Engine OL-25339-01 Preface Security Guide, Cisco ACE Application Control Engine Describes how to perform the following ACE security configuration tasks: • Security access control lists (ACLs) • User authentication and accounting using a Terminal Access Controller Access Control System Plus (TACACS+), Remote Authentication Dial-In User Service (RADIUS), or Lightweight Directory Access Protocol (LDAP) server • Application protocol and HTTP deep packet inspection • TCP/IP normalization and termination parameters • Network Translation (NAT) Server Load-Balancing Guide, Cisco ACE Application Control Engine Describes how to configure the following server load-balancing features on the ACE: • Real servers and server farms • Class maps and policy maps to load balance traffic to real servers in server farms • Server health monitoring (probes) • Stickiness • Dynamic workload scaling (DWS) • Firewall load balancing • TCL scripts SSL Guide, Cisco ACE Application Control Engine Describes how to configure the following Secure Sockets Layer (SSL) features on the ACE: • SSL certificates and keys • SSL initiation • SSL termination • End-to-end SSL System Message Guide, Cisco ACE Application Control Engine Describes how to configure system message logging on the ACE. This guide also lists and describes the system log (syslog) messages generated by the ACE. Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance (ACE appliance only) Describes how to perform an ACE appliance software upgrade or downgrade. User Guide, Cisco Application Networking Manager Describes how to use Cisco Application Networking Manager (ANM), a networking management application for monitoring and configuring network devices, including the ACE. Virtualization Guide, Cisco ACE Application Control Engine Describes how to operate your ACE in a single context or in multiple contexts. Document Title Descriptionxxxv Command Reference, Cisco ACE Application Control Engine OL-25339-01 Preface Symbols and Conventions This publication uses the following conventions: Notes use the following conventions: Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication. Cautions use the following conventions: Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. For additional information about CLI syntax formatting, see Chapter 1, Using the Command-Line Interface. Convention Description boldface font Commands, command options, and keywords are in boldface. Bold text also indicates a command in a paragraph. italic font Arguments for which you supply values are in italics. Italic text also indicates the first occurrence of a new term, book title, emphasized text. { } Encloses required arguments and keywords. [ ] Encloses optional arguments and keywords. { x | y | z } Required alternative keywords are grouped in braces and separated by vertical bars. [ x | y | z ] Optional alternative keywords are grouped in brackets and separated by vertical bars. string A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks. screen font Terminal sessions and information the system displays are in screen font. boldface screen font Information you must enter in a command line is in boldface screen font. italic screen font Arguments for which you supply values are in italic screen font. ^ The symbol ^ represents the key labeled Control—for example, the key combination ^D in a screen display means hold down the Control key while you press the D key. < > Nonprinting characters, such as passwords are in angle brackets.xxxvi Command Reference, Cisco ACE Application Control Engine OL-25339-01 Preface Obtaining Documentation, Obtaining Support, and Security Guidelines For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.htmlC H A P T E R 1-1 Command Reference, Cisco ACE Application Control Engine OL-25339-01 1 CLI Commands This chapter provides detailed information for the following types of CLI commands for the ACE: • Commands that you can enter after you log in to the ACE. • Configuration mode commands that allow you to access configuration mode and its subset of modes after you log in to the ACE. The description of each command includes the following: • The syntax of the command • Any related commands, when appropriate1-2 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Exec Mode Commands You can access Exec mode commands immediately after you log in to an ACE. Many of these commands are followed by keywords that make them distinct commands (for example, show aaa, show access-list, show accounting, and so on). To increase readability of command syntax, these commands are presented separately in this command reference. You can also execute Exec mode commands from any of the configuration modes using the do command. For example, to display the ACE running configuration from the Exec mode, use the show running-config command. To execute the same command from the configuration mode, use the do show running-config command.1-3 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands backup To backup the configuration files and dependent files in a context or in all contexts, use the backup command. backup [all] [pass-phrase text_string] [exclude component] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The backup command has the following configuration guidelines and limitations: • Use the Admin context for an ACE-wide backup and the corresponding context for a user context backup. • When you back up the running-configuration file, the ACE uses the output of the show running-configuration command as the basis for the archive file. • The ACE backs up only exportable certificates and keys. • License files are backed up only when you back up the Admin context. all (Optional) Specifies that the ACE should back up the configuration files and dependencies in all contexts. You can specify this keyword only in the Admin context. exclude component (Optional) Specifies the components that you do not wish to back up.You can enter any of the following components in any order separated by a comma if you enter more than one: • checkpoints—Excludes all checkpoints • ssl-files—Excludes SSL certificate files and key files pass-phrase text_string (Optional) Passphrase that you specify to encrypt the backed up SSL keys. Enter the passphrase as an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. You must enter the pass-phrase keyword before the exclude keyword. If you enter a passphrase and then exclude the SSL files from the archive, the ACE does not use the passphrase. ACE Module Release Modification A2(3.0) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.1-4 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands • Use a passphrase to back up SSL keys in encrypted form. Remember the passphrase or write it down and store it in a safe location. When you restore the encrypted keys, you must enter the passphrase to decrypt the keys. If you use a passphrase when you back up the SSL keys, the ACE encrypts the keys with AES-256 encryption using OpenSSL software. • If you imported SSL certificates or keys with a crypto passphrase, you must use the pass-phrase option to encrypt the crypto passphrase when you back up these files. • Only probe scripts that reside in disk0: need to be backed up. The prepackaged probe scripts in the probe: directory are always available. When you perform a backup, the ACE automatically identifies and backs up the scripts in disk0: that are required by the configuration. • The ACE does not resolve any other dependencies required by the configuration during a backup except for scripts that reside in disk0:. For example, if you configured SSL certificates in an SSL proxy in the running-configuration file, but you later deleted the certificates, the backup proceeds as if the certificates still existed. • To perform a backup or a restore operation, you must have the admin RBAC feature in your user role. Examples To back up all contexts in the ACE, enter: host1/Admin# backup all pass-phrase MY_PASS_PHRASE Related Commands restore show backup1-5 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands capture To enable the context packet capture function for packet sniffing and network fault isolation, use the capture command. As part of the packet capture process, you specify whether to capture packets from all interfaces or an individual VLAN interface. capture buffer_name {{all | {interface vlan number}} access-list name [bufsize buf_size [circular-buffer]]} | remove | start | stop Syntax Description Command Modes Exec Admin and user contexts Command History buffer_name Name of the packet capture buffer. The buffer_name argument associates the packet capture with a name. Specify an unquoted text string with no spaces from 1 to 80 alphanumeric characters. all Specifies that packets from all input interfaces are captured. interface Specifies a particular input interface from which to capture packets. vlan number Specifies the VLAN identifier associated with the interface. access-list name Selects packets to capture based on a specific access list. A packet must pass the access list filters before the packet is stored in the capture buffer. Specify a previously created access list identifier. Enter an unquoted text string with a maximum of 64 characters. Note Ensure that the access list is for an input interface; input is considered with regards to the direction of the session that you wish to capture. If you configure the packet capture on the output interface, the ACE will fail to match any packets. bufsize buf_size (Optional) Specifies the buffer size, in kilobytes (KB), used to store the packet capture. The range is from 1 to 5000 KB. circular-buffer (Optional) Enables the packet capture buffer to overwrite itself, starting from the beginning, when the buffer is full. remove Clears the packet capture configuration. start Starts the packet capture function and displays the messages on the session console as the ACE receives the packets. The CLI prompt returns and you can type other commands at the same time that the ACE is capturing packets. To stop the capture process, use the stop option. The packet capture function automatically stops when the buffer is full unless you enable the circular buffer function. stop Stops the packet capture process after a brief delay. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(5) The buffer size was limited to 5000 KB. A2(1.0) The stop option was introduced.1-6 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The packet capture function enables access control lists (ACLs) to control which packets are captured by the ACE on the input interface. If the ACLs are selecting an excessive amount of traffic for the packet capture operation, the ACE will see a heavy load, which can cause a degradation in performance. We recommend that you avoid using the packet capture function when high network performance is critical. To capture packets for both IPv6 and IPv4 in the same buffer, configure the capture command twice: once with an IPv6 ACL and once with an IPv4 ACL. Under high traffic conditions, you may observe up to 64 packets printing on the console after you enter the stop keyword. These additional messages can occur because the packets were in transit or buffered before you entered the stop keyword. The capture packet function works on an individual context basis. The ACE traces only the packets that belong to the context where you execute the capture command. You can use the context ID, which is passed with the packet, to isolate packets that belong to a specific context. To trace the packets for a single specific context, use the changeto command and enter the capture command for the new context. The ACE does not automatically save the packet capture in a configuration file. To copy the capture buffer information as a file in flash memory, use the copy capture command. Examples To start the packet capture function for CAPTURE1, enter: host1/Admin# capture CAPTURE1 interface vlan50 access-list ACL1 host1/Admin# capture CAPTURE1 start To stop the packet capture function for CAPTURE1, enter: host1/Admin# capture CAPTURE1 stop Related Commands clear icmp statistics copy capture show capture changeto To move from one context on the ACE to another context, use the changeto command. changeto context_name Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) The stop option was introduced. context_name Name of an existing context. This argument is case sensitive.1-7 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the changeto feature in your user role, and as found in all of the predefined user roles. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Only users authorized in the admin context or configured with the changeto feature can use the changeto command to navigate between the various contexts. Context administrators without the changeto feature, who have access to multiple contexts, must explicitly log in to the other contexts to which they have access. The command prompt indicates the context that you are currently in (see the following example). The predefined user role that is enforced after you enter the changeto command is that of the Admin context and not that of the non-Admin context. You cannot add, modify, or delete objects in a custom domain after you change to a non-Admin context. • If you originally had access to the default-domain in the Admin context prior to moving to a non-Admin context, the ACE allows you to configure any object in the non-Admin context. • If you originally had access to a custom domain in the Admin context prior to moving to a non-Admin context, any created objects in the non-Admin context will be added to the default-domain. However, an error message will appear when you attempt to modify existing objects in the non-Admin context. User-defined roles configured with the changeto feature retain their privileges when accessing different contexts. Examples To change from the Admin context to the context CTX1, enter: host1/Admin# changeto CTX1 host1/CTX1# Related Commands exit show context (config) context (config-role) rule ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.3) You can apply the changeto feature to a rule for a user-defined role. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) You can apply the changeto feature to a rule for a user-defined role.1-8 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands checkpoint To create or modify a checkpoint (snapshot) of the running configuration, use the checkpoint command. checkpoint {create | delete | rollback} name Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If the running-configuration file has the no ft auto-sync command configured and the checkpoint has the ft auto-sync command configured, a checkpoint rollback will fail with the following message: Warning : 'no ft auto-sync' & 'ft auto-sync' conflict detected - Rollback will fail Failing Scenario - running config has 'no ft auto-sync' / checkpoint has 'ft auto-sync' Examples To create the checkpoint CP102305, enter: host1/Admin# checkpoint create CP102305 Related Commands compare copy checkpoint show checkpoint create Creates a new checkpoint with the value of name. delete Deletes the existing checkpoint with the value of name. rollback Reverts back to the checkpoint with the value of name. name Name of a new or existing checkpoint. Enter a text string from 1 to 50 alphanumeric characters (no spaces). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-9 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear access-list To clear access control list (ACL) statistics, use the clear access-list command. clear access-list name Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the access-list feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the access control list ACL1, enter: host1/Admin# clear access-list ACL1 Related Commands show access-list (config) access-list ethertype (config) access-list extended name Name of an existing ACL. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-10 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear accounting log To clear the accounting log, use the clear accounting log command. clear accounting log Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the accounting log, enter: host1/Admin# clear accounting log Related Commands show accounting log (config) aaa accounting default clear acl-merge statistics To clear the ACL-merge statistics, use the clear acl-merge statistics command. clear acl-merge statistics Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-11 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the ACL-merge statistics, enter: host1/Admin# clear acl-merge statistics Related Commands show acl-merge (config) access-list extended clear arp To clear the Address Resolution Protocol (ARP) entries in the ARP table or statistics with ARP processes, use the clear arp command. clear arp [no-refresh | {statistics [vlan number] [interface_name]}] Syntax Description Command Modes Exec Admin and user contexts Command History ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.5) This command was introduced. no-refresh (Optional) Removes the learned ARP entries from the ARP table without refreshing the ARP entries. statistics [vlan number] (Optional) Clears ARP statistics counters globally or for the specified VLAN, vlan number. [interface_name] (Optional, ACE appliance only) Clears ARP statistics counters globally or for the specified interface, interface_name. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised with the vlan option.1-12 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you enter the clear arp command with no option, it clears all learned ARP entries and then refreshes the ARP entries. Examples To clear the ARP statistics, enter: host1/Admin# clear arp statistics To clear the ARP learned entries and then refresh the ARP entries, enter: host1/Admin# clear arp Related Commands show arp (config) arp clear buffer stats To clear the control plane buffer statistics, use the clear buffer stats command. clear buffer stats Syntax Description This command has no keywords or arguments. Command Modes Exec Admin context only Command History ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised with the vlan option. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-13 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To clear the control plane buffer statistics, enter: host1/Admin# clear buffer stats Related Commands show buffer clear capture To clear an existing capture buffer, use the clear capture command. clear capture name Syntax Description Command Modes Exec Admin and user context Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the dir command to view the capture files that you copied to the disk0: file system using the copy capture command. Examples To clear the capture buffer CAPTURE1, enter: host1/Admin# clear capture CAPTURE1 Related Commands capture copy capture name Name of an existing capture buffer. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-14 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands dir show capture clear cde (ACE module only) To clear the classification and distribution engine (CDE) statistics and interrupt counts, use the clear cde command. clear cde {interrupt | stats} Syntax Description Command Modes Exec Admin context Command History Usage Guidelines This command requires the Admin role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To clear the CDE interrupt counts, enter: host1/Admin# clear cde interrupt Related Commands show cde clear cfgmgr internal history To clear the Configuration Manager internal history, use the clear cfgmgr internal history command. clear cfgmgr internal history Syntax Description This command has no keywords or arguments. interrupt Clears the CDE interrupt counts. stats Clears the CDE statistics. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-15 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To clear the Configuration Manager internal history, enter: host1/Admin# clear cfgmgr internal history Related Commands show cfgmgr ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-16 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear conn To clear a connection that passes through, terminates, or originates with the ACE, use the clear conn command. clear conn [all | flow {prot_number | icmp | tcp | udp {source_ip | source_port | dest_ip | dest_port}} | id number np number | rserver name [port_number] serverfarm sfarm_name] Syntax Description Command Modes Exec Admin and user contexts Command History all (Optional) Clears all connections that go through the ACE, originate with the ACE, or terminate with the ACE. flow (Optional) Clears the connection that matches the specified flow descriptor. prot_number Protocol number of the flow. icmp Specifies the flow types using ICMP. tcp Specifies the flow types using TCP. udp Specifies the flow types using UDP. source_ip Source IP address of the flow. source_port Source port of the flow. dest_ip Destination IP address of the flow. dest_port Destination port of the flow. id number (Optional) Clears the connection with the specified connection ID number as displayed in the output of the show conn command. np number Clears all the connections to the specified network processor with the specified connection ID. rserver name (Optional) Clears all connections to the specified real server. port_number (Optional) Port number associated with the specified real server. Enter an integer from 1 to 65535. serverfarm sfarm_name (Optional) Clears all connections to the specified real server associated with this server farm. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.1-17 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the loadbalance, inspect, NAT, connection, or SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To clear only the connections that go through the ACE (flows that pass through the ACE between the originating network host and the terminating network host), use the clear conn command without any keywords. When you do not include any keywords, the connections that terminate or originate with the ACE are not cleared. Examples To clear the connections for the real server RSERVER1, enter: host1/Admin# clear conn rserver RSERVER1 Related Commands show conn clear cores To clear all of the core dumps stored in the core: file system, use the clear cores command. clear cores Syntax Description This command has no keywords or arguments. Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Note The ACE creates a core dump when it experiences a fatal error. Core dump information is for Cisco Technical Assistance Center (TAC) use only. We recommend that you contact TAC for assistance in interpreting the information in the core dump. To view the list of core files in the core: file system, use the dir core: command. To save a copy of a core dump to a remote server before clearing it, use the copy capture command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-18 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands To delete a specific core dump file from the core: file system, use the delete core: command. Examples To clear all core dumps, enter: host1/Admin# clear cores Related Commands copy capture delete dir1-19 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear crypto session-cache To clear the session cache information in the context, use the clear crypto session-cache command. clear crypto session-cache [all] Syntax Description Command Modes Exec Admin and user context. The all option is available in the Admin context only. Command History Usage Guidelines This command has no usage guidelines. Examples To clear the session cache information in the context, enter: host1/Admin# clear crypto session-cache Related Commands This command has no related commands. all (Optional) Clears the session cache information for all contexts. This option is available in the Admin context only. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.1-20 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear dc (ACE module only) To clear the daughter card interrupt and register statistics on the ACE module, use the clear dc command. clear dc dc_number {controller {interrupts | stats} | interrupt} Syntax Description Command Modes Exec Admin context only. Command History Usage Guidelines This command requires the Admin user role in the Admin context. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To clear the daughter card 1 controller interrupt statistics, enter: host1/Admin# clear dc 1 controller interrupts Related Commands set dc show dc clear debug-logfile To remove a debug log file, use the clear debug-logfile command. clear debug-logfile filename Syntax Description Command Modes Exec Admin and user contexts dc_number Number of the daughter card (1 or 2). controller Specifies the daughter card controller. interrupts Clears the specified daughter card controller interrupt statistics. stats Clears the specified daughter card cumulative controller statistics. interrupt Clears the specified daughter card interrupt count. ACE Module Release Modification A4(1.0) This command was introduced. filename Name of an existing debug log file.1-21 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE debug commands are intended for use by trained Cisco personnel only. Entering these commands may cause unexpected results. Do not attempt to use these commands without guidance from Cisco support personnel. Examples To clear the debug log file DEBUG1, enter: host1/Admin# clear debug-logfile DEBUG1 Related Commands debug show debug clear fifo stats To clear the control plane packet first in, first out (FIFO) statistics, use the clear fifo stats command. clear fifo stats Syntax Description This command has no keywords or arguments. Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-22 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To clear the control plane FIFO statistics, enter: host1/Admin# clear fifo stats Related Commands show fifo1-23 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear ft To clear the various fault-tolerant (FT) statistics, use the clear ft command. clear ft {all | ha-stats | hb-stats | history {cfg_cntlr | ha_dp_mgr | ha_mgr} | track-stats [all]} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear all fault-tolerant statistics, enter: host1/Admin# clear ft all Related Commands show ft all Clears all redundancy statistics, including all TL, heartbeat, and tracking counters. ha-stats Clears all transport layer-related counters that the ACE displays as part of the show ft peer detail command output. hb-stats Clears all heartbeat-related statistics. When you enter this command for the first time, the ACE sets the heartbeat statistics counters to zero and stores a copy of the latest statistics locally. From that point on, when you enter the show ft hb-stats command, the ACE displays the difference between the statistics that are stored locally and the current statistics. history Clears the redundancy history statistics. track-stats Clears tracking-related statistics for the Admin FT group only, a user context FT group only, or for all FT groups that are configured in the ACE. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was extensively revised. This version of software introduced the all, ha-stats, hb-stats, history, and track-stats keywords, and removed the original stats keyword. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was extensively revised. This version of software introduced the all, ha-stats, hb-stats, history, and track-stats keywords, and removed the original stats keyword.1-24 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands (config) ft auto-sync (config) ft group (config) ft interface vlan (config) ft peer (config) ft track host (ACE module only) (config) ft track hsrp (config) ft track interface clear icmp statistics To clear the Internet Control Message Protocol (ICMP) statistics, use the clear icmp statistics command. clear icmp statistics Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the ICMP statistics, enter: host1/Admin# clear icmp statistics Related Commands show icmp statistics ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-25 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear interface To clear the interface statistics, use the clear interface command. clear interface [bvi number | vlan number | gigabitEthernet slot_number/port_number] Syntax Description Command Modes Exec BVI and VLAN—Admin and user contexts (ACE appliance only) Ethernet data port—Admin context only Command History Usage Guidelines This command requires the interface feature in your user role. In addition, the Ethernet data port interface command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To clear all of the interface statistics, enter the clear interface command without using the optional VLAN and BVI keywords. Examples ACE Module Example To clear all of the interface statistics for VLAN 212, enter: host1/Admin# clear interface vlan 212 bvi number (Optional) Clears the statistics for the specified Bridge Group Virtual Interface (BVI). vlan number (Optional) Clears the statistics for the specified VLAN. gigabitEthernet slot_number/ port_number (Optional, ACE appliance only) Clears the statistics for the specified Gigabit Ethernet slot and port. • The slot_number represents the physical slot on the ACE containing the Ethernet ports. This selection is always 1. • The port_number represents the physical Ethernet port on the ACE. Valid selections are 1 through 4. This keyword is available in the Admin context only. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-26 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands ACE Appliance Example To clear the statistics for Ethernet port 3, enter: host1/Admin# clear interface gigabitEthernet 1/3 Related Commands show interface (config) interface clear ip To clear the IP and Dynamic Host Configuration Protocol (DHCP) relay statistics, use the clear ip command. clear ip [dhcp relay statistics | statistics] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the DHCP feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To clear the IP and DHCP relay statistics, execute the clear ip command without using the optional keywords. Examples To clear all of the IP normalization, fragmentation, and reassembly statistics, enter: host1/Admin# clear ip statistics Related Commands show ip dhcp relay statistics (Optional) Clears all of the DHCP relay statistics. statistics (Optional) Clears all of the statistics associated with IP normalization, fragmentation, and reassembly. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-27 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear ipv6 To clear the Dynamic Host Configuration Protocol (DHCP) relay and neighbor discovery statistics, use the clear ipv6 command. clear ipv6 {dhcp relay statistics | {neighbors [no-refresh | vlan vlan_id ipv6_address [no-refresh] | ipv6_address [no-refresh]]}} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the DHCP feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear all the DHCPv6 statistics, enter: host1/Admin# clear ipv6 dhcp relay statistics Related Commands show ipv6 clear line To close a specified virtual terminal (VTY) session, use the clear line command. clear line vty_name dhcp relay statistics Clears all the DHCPv6 relay statistics. neighbors Clears all the statistics associated with neighbor discovery. no-refresh (Optional) The ACE deletes the neighbor information from the cache and does not perform a refresh vlan vlan_id (Optional) Deletes the neighbor information associated with the specified VLAN interface ipv6_address (Optional) Deletes the neighbor information associated with the specified IPv6 address. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.1-28 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To terminate the VTY session VTY1, enter: host1/Admin# clear line VTY1 Related Commands (ACE module only) (config) line console (config) line vty vty_name Name of a VTY session. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-29 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear logging To clear information stored in the logging buffer, use the clear logging command. clear logging [disabled | rate-limit] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To clear all of the information stored in the logging buffer, enter the clear logging command without using either of the optional keywords. Examples To clear all of the information stored in the logging buffer, enter: host1/Admin# clear logging Related Commands show logging (config) logging buffered clear netio stats To clear the control plane network I/O statistics, use the clear netio stats command. clear netio stats Syntax Description This command has no keywords or arguments. disabled (Optional) Clears the logging buffer of “disabled” messages. rate-limit (Optional) Clears the logging buffer of “rate-limit configuration” messages. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-30 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To clear the control plane network I/O statistics, enter: host1/Admin# clear netio stats Related Commands show netio ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-31 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear np To clear the network processor interrupt error statistics that appear when you enter the show np number interrupts command, use the clear np command. clear np number interrupts Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the network processor interrupt error statistics, enter: host1/Admin# clear np 1 interrupts Related Commands show np number Specifies the number of the network processor whose interrupt statistics you want to clear. Enter an integer from 1 to 4. interrupts Clears the interrupt statistics. of the network processor that you specify. Release Modification A4(1.0) This command was introduced.1-32 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear ntp statistics (ACE appliance only) To clear the NTP statistics that display when you enter the show ntp command, use the clear ntp command. clear ntp statistics {all-peers | io | local | memory} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the NTP memory statistics, enter: host1/Admin# clear ntp statistics memory Related Commands (config) ntp clear probe To clear the probe statistics displayed through the show probe command, use the clear probe command. clear probe name Syntax Description Command Modes Exec Admin and user contexts all-peers Clears all peer statistics. io Clears the I/O statistics. local Clears the local statistics. memory Clears the memory statistics. ACE Appliance Release Modification A1(7) This command was introduced. name Name of an existing probe.1-33 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear all the statistics for the probe HTTP1, enter: host1/Admin# clear probe HTTP1 Related Commands show probe (config) probe ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-34 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear processes log To clear the statistics for the processes log, use the clear processes log command. clear processes log {all | pid id} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To display the list of process identifiers assigned to each of the processes running on the ACE, use the show processes command. Examples To clear all the statistics for the processes log, enter: host1/Admin# clear processes log all Related Commands show processes clear rserver To clear the real server statistics of all instances of a particular real server regardless of the server farms that it is associated with, use the clear rserver command. clear rserver name Syntax Description all Clears all statistics for the processes logs. pid id Specifies the processes log to clear. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. name Name of the real server.1-35 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the rserver feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you have redundancy configured, then you need to explicitly clear real-server statistics on both the active and the standby ACEs. Clearing statistics on the active ACE only will leave the standby ACE’s statistics at the old values. Examples To clear the statistics for the real server RS1, enter: host1/Admin# clear rserver RS1 Related Commands show rserver (config) rserver clear rtcache To clear the route cache, use the clear rtcache command. clear rtcache Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-36 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the route cache, enter: host1/Admin# clear rtcache Related Commands This command has no related commands. ACE Appliance Release Modification A1(7) This command was introduced.1-37 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear screen To clear the display screen, use the clear screen command. clear screen Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the display screen, enter: host1/Admin# clear screen Related Commands This command has no related commands. clear serverfarm To clear the statistics for all real servers in a specific server farm, use the clear serverfarm command. clear serverfarm name [inband | predictor | retcode] Syntax Description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. name Name of an existing server farm. inband (Optional) Resets the inband health monitoring Total failure counters for the specified server farm, as displayed by the show serverfarm name inband command. 1-38 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the serverfarm feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the statistics for the server farm SFARM1, enter: host1/Admin# clear serverfarm SFARM1 Related Commands show serverfarm (config) serverfarm clear service-policy To clear the service policy statistics, use the clear service-policy command. clear service-policy policy_name Syntax Description predictor (Optional) Resets the average bandwidth field for each real server in the specified server farm, as displayed by the show serverfarm name detail command. retcode (Optional) Clears the return-code statistics for the server farm. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A2(1.3) The predictor option was added. A4(1.0) The inband option was added. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. The predictor option was added. A4(1.0) The inband option was added. policy_name Name of an existing policy map that is currently in service (applied to an interface).1-39 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the statistics for the service policy HTTP1, enter: host1/Admin# clear service-policy HTTP1 Related Commands show service-policy ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-40 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear ssh To clear a Secure Shell (SSH) session or clear the public keys of all SSH hosts, use the clear ssh command. clear ssh {session_id | hosts} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To obtain the specific SSH session ID value, use the show ssh session-info command. Examples To clear the SSH session with the identifier 345, enter: host1/Admin# clear ssh 345 Related Commands clear telnet show ssh (config) ssh key (config) ssh maxsessions session_id Identifier of the SSH session to clear, terminating the session. hosts Clears the public keys of all trusted SSH hosts. This keyword is available to all users in all contexts. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-41 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear startup-config To clear the startup configuration of the current context, use the clear startup-config command. clear startup-config Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Clearing the startup configuration does not affect the context running-configuration. The clear startup-config command does not remove license files or crypto files (certs and keys) from the ACE. To remove license files, see the license uninstall command. To remove crypto files, see the crypto delete command. To clear the startup configuration, you can also use the write erase command. Before you clear a startup configuration, we recommend that you back up your current startup configuration to a file on a remote server using the copy startup-config command. Once you clear the startup configuration, you can perform one of the following processes to recover a copy of an existing configuration: • Use the copy running-config startup-config command to copy the contents of the running configuration to the startup configuration. • Upload a backup of a previously saved startup-configuration file from a remote server using the copy startup-config command. Examples To clear the startup configuration, enter: host1/Admin# clear startup-config Related Commands copy capture show startup-config write ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-42 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear stats To clear the statistical information stored in the ACE buffer, use the clear stats command. clear stats {all | connection | {crypto [client | server [alert | authentication | cipher | termination]]} | http | inspect | kalap | loadbalance [radius | rdp | rtsp | sip] | optimization | probe | resource-usage | sticky} Syntax Description Command Modes Exec Admin and user contexts all Clears all statistical information in a context. The all keyword also clears the resource usage counters. connection Clears connection statistical information. crypto Clears TLS and SSL statistics from the context. If you do not enter the client or server option, the ACE clears both the client and server statistics. client (Optional) Clears the complete TLS and SSL client statistics for the current context. server (Optional) Clears the complete TLS and SSL server statistics for the current context. alert (Optional) Clears the back-end SSL alert statistics. authentication (Optional) Clears the back-end SSL authentication statistics. cipher (Optional) Clears the back-end SSL cipher statistics. termination (Optional) Clears the back-end SSL termination statistics. http Clears HTTP statistical information. inspect Clears HTTP inspect statistical information. kalap Clears the global server load-balancing (GSLB) statistics. loadbalance Clears load-balancing statistical information. radius (Optional) Clears Remote Authentication Dial-In User Service (RADIUS) load-balancing statistical information. rdp (Optional) Clears Reliable Datagram Protocol (RDP) load-balancing statistical information. rtsp (Optional) Clears Real-Time Streaming Protocol (RTSP) load-balancing statistical information. sip (Optional) Clears Session Initiation Protocol (SIP) load-balancing statistical information. optimization (ACE appliance only) Clears HTTP optimization statistics probe Clears probe statistical information. resource-usage Clears resource usage-related context statistics sticky Clears sticky statistical information.1-43 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command requires the loadbalance, inspect, NAT, connection, sticky, or SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you have redundancy configured, then you need to explicitly clear sticky statistics on both the active and the standby ACEs. Clearing statistics on the active ACE only will leave the standby ACE’s statistics at the old values. Examples To clear sticky statistics, enter: host1/Admin# clear stats sticky Related Commands show stats ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The crypto keyword and client | server [alert | authentication | cipher | termination] options were added. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) The resource-usage keyword was added. A3(2.1) The crypto keyword and client | server [alert | authentication | cipher | termination] options were added.1-44 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear sticky database To clear dynamic sticky database entries, use the clear sticky database command. clear sticky database {active-conn-count min value1 max value2 | all | group group_name | time-to-expire min value3 max value4 | type {hash-key value5 | http-cookie value6 | ip-netmask {both {source ip_address2 destination ip_address3} | destination ip_address4 | source ip_address5}} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. active-conn-cou nt min value1 max value2 Clears the sticky database entries within the specified connection count range. all Clears all dynamic sticky database entries in a context. group name Clears all dynamic sticky database entries for the specified sticky group. time-to-expire min value3 max value4 Clears the sticky database entries within the specified time to expire range. type {hash-key value5 | http-cookie value6 | ip-netmask {both {source ip_address1 destination ip_address2} | destination ip_address3 | source ip_address4}} Clears sticky database entries for one of the following sticky group types: – hash-key value – http-cookie value – ip-netmask {both {source ip_address2 destination ip_address3} | destination ip_address4 | source ip_address5} ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-45 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands This command does not clear static sticky database entries. To clear static sticky database entries, use the no form of the appropriate sticky configuration mode command. For example, enter (config-sticky-cookie) static cookie-value or (config-sticky-header) static header-value. Examples To clear all dynamic sticky database entries in the Admin context, enter: host1/Admin# clear sticky database all Related Commands show sticky database1-46 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear syn-cookie To clear the SYN cookie statistics, use the clear syn-cookie command. To clear SYN cookie statistics for all VLANs that are configured in the current context, enter the command with no arguments. clear syn-cookie [vlan number] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To clear SYN cookie statistics for VLAN 100, enter: host1/C1# clear syn-cookie vlan 100 Related Commands show syn-cookie clear tcp statistics To clear all of the TCP connections and normalization statistics, use the clear tcp statistics command. clear tcp statistics Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts vlan number (Optional) Instructs the ACE to clear SYN cookie statistics for the specified interface. Enter an integer from 2 to 2024. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.1-47 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the TCP statistics, enter: host1/Admin# clear tcp statistics Related Commands show tcp statistics clear telnet To clear a Telnet session, use the clear telnet command. clear telnet session_id Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To obtain the specific Telnet session identification number, use the show telnet command. Examples To clear the Telnet session with the identification number of 236, enter: ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. session_id Identifier of the Telnet session to clear, terminating the session. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-48 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands host1/Admin# clear telnet 236 Related Commands clear ssh show telnet telnet clear udp statistics To clear the User Datagram Protocol (UDP) connection statistics, use the clear udp statistics command. clear udp statistics Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To clear the UDP statistics, enter: host1/Admin# clear udp statistics Related Commands show udp statistics clear user To clear a user session, use the clear user command. clear user name ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-49 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To display the list of users that are currently logged in to the ACE, use the show users command. Examples To log out the user USER1, enter: host1/Admin# clear user USER1 Related Commands show users (config) username clear vnet stats To clear control plane virtual network (VNET) device statistics, use the clear vnet stats command. clear vnet stats Syntax Description This command has no keywords or arguments. Command Modes Exec Admin context only Command History name Name of the user to log out. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-50 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To clear the VNET statistics, enter: host1/Admin# clear vnet stats Related Commands show vnet ACE Appliance Release Modification A1(7) This command was introduced.1-51 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clear xlate To clear the global address to the local address mapping information based on the global address, global port, local address, local port, interface address as global address, and NAT type, use the clear xlate command. clear xlate [{global | local} start_ip [end_ip [netmask netmask]]] [{gport | lport} start_port [end_port]] [interface vlan number] [state static] [portmap] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the NAT feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you enter this command, the ACE releases sessions that are using the translations (Xlates). If you configure redundancy, then you need to explicitly clear Xlates on both the active and the standby ACEs. Clearing Xlates on the active ACE does not clear Xlates in the standby ACE. global (Optional) Clears the active translation by the global IP address. local (Optional) Clears the active translation by the local IP address. start_ip Global or local IP address or the first IP address in a range of addresses. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). end_ip (Optional) Last IP address in a global or local range of IP addresses. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). netmask netmask (Optional) Specifies the network mask for global or local IP addresses. Enter a mask in dotted-decimal notation (for example, 255.255.255.0). gport (Optional) Clears active translations by the global port. lport (Optional) Clears active translations by the local port. start_port Global or local port number. end_port (Optional) Last port number in a global or local range of ports. interface vlan number (Optional) Clears active translations by the VLAN number. state static (Optional) Clears active translations by the state. portmap (Optional) Clears active translations by the port map. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-52 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To clear all static translations, enter: host1/Admin# clear xlate state static Related Commands show xlate1-53 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands clock set (ACE appliance only) To set the time and the date for an ACE, use the clock set command in Exec mode. clock set hh:mm:ss DD MONTH YYYY Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you enter this command, the ACE displays the current configured date and time. If you want to use the Network Time Protocol (NTP) to automatically synchronize the ACE system clock to an authoritative time server (such as a radio clock or an atomic clock), see Chapter 1, Setting Up the ACE, in the Administration Guide, Cisco ACE Application Control Engine. In this case, the NTP time server automatically sets the ACE system clock. hh:mm:ss Current time to which the ACE clock is being reset. Specify one or two digits for the hour, minutes, and seconds. DD MONTH YYYY Current date to which the ACE clock is being reset. Specify the full name of the month, one or two digits for the day, and four digits for the year. The following month names are recognized: • January • February • March • April • May • June • July • August • September • October • November • December ACE Appliance Release Modification A1(7) This command was introduced.1-54 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands If you previously configured NTP on an ACE, the ACE prevents you from using the clock set command and displays an error message. To manually set the ACE system clock, remove the NTP peer and NTP server from the configuration before setting the clock on an ACE. Examples For example, to specify a time of 1:38:30 and a date of October 7, 2008, enter: host1/Admin# clock set 01:38:30 7 Oct 2008 Wed Oct 7 01:38:30 PST 2008 Related Commands show clock (config) clock timezone (config) clock summer-time compare To compare an existing checkpoint with the running-configuration file, use the compare command. compare checkpoint_name Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If the checkpoint configuration is the same as the running-config, the output of this command is: Checkpoint config is same as running config If the checkpoint configuration is different from the running-config, the output will be the difference between the two configurations. Examples To compare the CHECKPOINT_1 checkpoint with the running-config, enter the following command: host1/Admin# compare CHECKPOINT_1 checkpoint_name Specifies the name of an existing checkpoint. The compare function defaults to comparing the specified checkpoint with the running-config. ACE Module/Appliance Release Modification A4(1.0) This command was introduced.1-55 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands checkpoint copy checkpoint show checkpoint configure To change from the Exec mode to the configuration mode, use the configure command. configure [terminal] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires one or more features assigned to your user role, such as the AAA, interface, or fault-tolerant features. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To return to the Exec mode from the configuration mode, use the exit command. To execute an Exec mode command from any of the configuration modes, use the do version of the command. Examples To change to the configuration mode from the Exec mode, enter: host1/Admin# configure host1/Admin(config)# Related Commands exit terminal (Optional) Enables you to configure the system from the terminal. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-56 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy capture To copy an existing context packet capture buffer as the source file in the ACE compact flash to another file system, use the copy capture command. copy capture capture_name disk0: [path/]destination_name Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you copy a capture file to a remote server, you can use the delete disk0:filename command to delete the file from the ACE and free memory. Examples To copy the packet capture buffer to a file in disk0: called MYCAPTURE1, enter: host1/Admin# copy capture CAPTURE1 disk0:MYCAPTURE1 Related Commands clear capture show capture capture_name Name of the packet capture buffer on the disk0: file system. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. disk0: Specifies that the buffer is copied to the disk0: file system. [path/]destination_name Destination path (optional) and name for the packet capture buffer. Specify a text string from 1 to 80 alphanumeric characters. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-57 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy checkpoint To copy a checkpoint file to a remote server, use the copy checkpoint command. copy checkpoint:filename disk0:[path/]filename | image:image_name | startup-config | {ftp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename]} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you select a destination file system using ftp:, sftp:, or tftp:, the ACE does the following: • Prompts you for your username and password if the destination file system requires user authentication. • Prompts you for the server information if you do not provide the information with the command. filename Filename of the checkpoint file residing on the ACE in flash memory. disk0:[path/]filename Specifies that the file destination is the disk0: directory of the current context and the filename for the checkpoint. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. image:image_name Specifies that the file destination is an image in the image: directory. startup-config Specifies that the destination file is the startup-configuration file. ftp://server/path[/filename] Specifies the File Transfer Protocol (FTP) network server and optional renamed checkpoint file. sftp://[username@]server/path[/filename] Specifies the Secure File Transfer Protocol (SFTP) network server and optional renamed checkpoint file. tftp://server[:port]/path[/filename] Specifies the Trivial File Transfer Protocol (TFTP) network server and optional renamed checkpoint file. ACE Module Release Modification A2(1.6) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.1-58 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands • Copies the file to the root directory of the destination file system if you do not provide the path information. Examples To copy a checkpoint file from the ACE to a remote FTP server, enter: host1/Admin# copy checkpoint:CHECKPOINT1.txt ftp://192.168.1.2 Enter the destination filename[]? [CHECKPOINT1.txt] Enter username[]? user1 Enter the file transfer mode[bin/ascii]: [bin] Password: Passive mode on. Hash mark printing on (1024 bytes/hash mark). Note The bin (binary) file transfer mode is intended for transferring compiled files (executables). The ascii file transfer mode is intended for transferring text files, such as config files. The default selection of bin should be sufficient in all cases when copying files to a remote FTP server. Related Commands checkpoint compare show checkpoint1-59 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy core: To copy a core file to a remote server, use the copy core: command. copy core:filename disk0:[path/]filename | {ftp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename]} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To display the list of available core files, use the dir core: command. Copy the complete filename (for example, 0x401_vsh_log.25256.tar.gz) into the copy core: command. When you select a destination file system using ftp:, sftp:, or tftp:, the ACE does the following: • Prompts you for your username and password if the destination file system requires user authentication. • Prompts you for the server information if you do not provide the information with the command. • Copies the file to the root directory of the destination file system if you do not provide the path information. filename1 Filename of the core dump residing on the ACE in flash memory. Use the dir core: command to view the core dump files available in the core: file system. disk0:[path/]filename2 Specifies that the file destination is the disk0: directory of the current context and the filename for the core. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. ftp://server/path[/filename] Specifies the File Transfer Protocol (FTP) network server and optional renamed core dump. sftp://[username@]server/path[/filename] Specifies the Secure File Transfer Protocol (SFTP) network server and optional renamed core dump. tftp://server[:port]/path[/filename] Specifies the Trivial File Transfer Protocol (TFTP) network server and optional renamed core dump. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-60 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To copy a core file from the ACE to a remote FTP server, enter: host1/Admin# copy core:np0_crash.txt ftp://192.168.1.2 Enter the destination filename[]? [np0_crash.txt] Enter username[]? user1 Enter the file transfer mode[bin/ascii]: [bin] Password: Passive mode on. Hash mark printing on (1024 bytes/hash mark). Note The bin (binary) file transfer mode is intended for transferring compiled files (executables). The ascii file transfer mode is intended for transferring text files, such as config files. The default selection of bin should be sufficient in all cases when copying files to a remote FTP server. Related Commands dir copy disk0: To copy a file from one directory in the disk0: file system of flash memory to another directory in disk0: or a network server, use the copy disk0: command. copy disk0:[path/]filename1 {disk0:[path/]filename2 | ftp://server/path[/filename] | image:image_filename | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename] | running-config | startup-config} Syntax Description disk0:[path/]filename1 Specifies the name of the file to copy in the disk0: file system. Use the dir disk0: command to view the files available in disk0:. If you do not provide the optional path, the ACE copies the file from the root directory on the disk0: file system. disk0:[path/]filename2 Specifies that the file destination is the disk0: directory of the current context and the filename for the core. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. ftp://server/path[/filename] Specifies the File Transfer Protocol (FTP) network server and optional renamed file. image:image_filename Specifies the image: filesystem and the image filename. sftp://[username@]server/path[/filename] Specifies the Secure File Transfer Protocol (SFTP) network server and optional renamed file. ftp://server[:port]/path[/filename] Specifies the Trivial File Transfer Protocol (TFTP) network server and optional renamed file. running-config Specifies to replace the running-configuration file that currently resides on the ACE in volatile memory. startup-config Specifies to replace the startup-configuration file that currently resides on the ACE in flash memory.1-61 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you select a destination file system using ftp:, sftp:, or tftp:, the ACE does the following: • Prompts you for your username and password if the destination file system requires user authentication. • Prompts you for the server information if you do not provide the information with the command. • Copies the file to the root directory of the destination file system if you do not provide the path information. Examples To copy the file called SAMPLEFILE to the MYSTORAGE directory in flash memory, enter: host1/Admin# copy disk0:samplefile disk0:MYSTORAGE/SAMPLEFILE Related Commands dir ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-62 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy ftp: To copy a file, software image, running-configuration file, or startup-configuration file from a remote File Transfer Protocol (FTP) server to a location on the ACE, use the copy ftp: command. copy ftp://server/path[/filename] {disk0:[path/]filename | image:[image_name] | running-config | startup-config} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To copy a startup-configuration file from a remote FTP server to the ACE, enter: host1/Admin# copy ftp://192.168.1.2/startup_config_Adminctx startup-config Related Commands show running-config show startup-config ftp://server/path[/filename] Specifies the FTP network server and optional file to copy. disk0:[path/]filename Specifies that the file destination is the disk0: directory of the current context and the filename. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. image: [image_name] Specifies to copy a system software image to flash memory. Use the boot system command in configuration mode to specify the BOOT environment variable. The BOOT environment variable specifies a list of image files on various devices from which the ACE can boot at startup. The image: keyword is available only in the Admin context. The image_name argument is optional. If you do not enter a name, the ACE uses the source filename. running-config Specifies to replace the running-configuration file that currently resides on the ACE in RAM (volatile memory). startup-config Specifies to replace the startup-configuration file that currently resides on the ACE in flash memory (nonvolatile memory). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-63 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy image: To copy an ACE software system image from flash memory to a remote server using File Transfer Protocol (FTP), Secure File Transfer Protocol (SFTP), or Trivial File Transfer Protocol (TFTP), use the copy image: command. copy image:image_filename {ftp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename]} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you select a destination file system using ftp:, sftp:, or tftp:, the ACE does the following: • Prompts you for your username and password if the destination file system requires user authentication. • Prompts you for the server information if you do not provide the information with the command. • Copies the file to the root directory of the destination file system if you do not provide the path information. Examples ACE Module Example To save a software system image to a remote FTP server, enter: host1/Admin# copy image:sb-ace.NOV_11 ftp://192.168.1.2 image_filename Name of the ACE system software image. Use the dir image: command or the show version command to view the software system images available in flash memory. ftp://server/path[/filename] Specifies the FTP network server and optional renamed image. sftp://[username@]server/path[/filename] Specifies the SFTP network server and optional renamed image. tftp://server[:port]/path[/filename] Specifies the TFTP network server and optional renamed image. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-64 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands ACE Appliance Example To save a software system image to a remote FTP server, enter: host1/Admin# copy image:c4710ace-mz.A3_1_0.bin ftp://192.168.1.2 Related Commands dir show version1-65 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy licenses To create a backup license file for the ACE licenses in the .tar format and copy it to the disk0: file system, use the copy licenses command. copy licenses disk0:[path/]filename.tar Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To copy the installed software licenses to the disk0: file system, enter: host1/Admin# copy licenses disk0:mylicenses.tar Related Commands show license untar disk0: disk0: Specifies that the backup license file is copied to the disk0: file system. [path/]filename.tar Specifies the destination filename for the backup licenses. The destination filename must have a .tar file extension. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-66 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy probe: To copy scripted probe files from the probe: directory to the disk0: file system on the ACE or a remote server using File Transfer Protocol (FTP), Secure File Transfer Protocol (SFTP), or Trivial File Transfer Protocol (TFTP), use the copy probe: command. copy probe:probe_filename {disk0:[path/]filename | ftp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename]} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you select a destination file system using ftp:, sftp:, or tftp:, the ACE does the following: • Prompts you for your username and password if the destination file system requires user authentication. • Prompts you for the server information if you do not provide the information with the command. • Copies the file to the root directory of the destination file system if you do not provide the path information. Examples To copy a probe file to a remote FTP server, enter: host1/Admin# copy probe:IMAP_PROBE ftp://192.168.1.2 probe_filename Name of the scripted probe file. Use the dir probe: command to view the files available in flash memory. disk0: Specifies that the probe file is copied to the disk0: file system. ftp://server/path[/filename] Specifies the FTP network server and optional renamed image. sftp://[username@]server/path[/filename] Specifies the SFTP network server and optional renamed image. tftp://server[:port]/path[/filename] Specifies the TFTP network server and optional renamed image. ACE Module/Appliance Release Modification A4(1.0) This command was introduced.1-67 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands dir1-68 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy running-config To copy the contents of the running configuration file in RAM (volatile memory) to the startup configuration file in flash memory (nonvolatile memory) or a network server, use the copy running-config command. copy running-config {disk0:[path/]filename | startup-config | ftp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename]} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you select a destination file system using ftp:, sftp:, or tftp:, the ACE does the following: • Prompts you for your username and password if the destination file system requires user authentication. • Prompts you for the server information if you do not provide the information with the command. • Copies the file to the root directory of the destination file system if you do not provide the path information. To copy the running configuration to the startup configuration, you can also use the write memory command. disk0:[path/]filename Specifies that the running configuration is copied to a file on the disk0: file system. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. startup-config Copies the running configuration file to the startup configuration file. ftp://server/path[/filename] Specifies the File Transfer Protocol (FTP) network server and optional renamed file. sftp://[username@]server/path[/filename] Specifies the Secure File Transfer Protocol (SFTP) network server and optional renamed file. tftp://server[:port]/path[/filename] Specifies the Trivial File Transfer Protocol (TFTP) network server and optional renamed file. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-69 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To save the running-configuration file to the startup-configuration file in flash memory on the ACE, enter: host1/Admin# copy running-config startup-config Related Commands show running-config show startup-config write copy startup-config To merge the contents of the startup configuration file into the running configuration file or copy the startup configuration file to a network server, use the copy startup-config command. copy startup-config {disk0:[path/]filename | running-config | ftp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename]} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. disk0:[path/]filename Specifies that the startup configuration is copied to a file on the disk0: file system. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. running-config Merges contents of the startup configuration file into the running configuration file. ftp://server/pat[/filename] Specifies the File Transfer Protocol (FTP) network server and optional renamed file. sftp://[username@]server/path[/filename] Specifies the Secure File Transfer Protocol (SFTP) network server and optional renamed file. tftp://server[:port]/path[/filename] Specifies the Trivial File Transfer Protocol (TFTP) network server and optional renamed file. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-70 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands When you select a destination file system using ftp:, sftp:, or tftp:, the ACE does the following: • Prompts you for your username and password if the destination file system requires user authentication. • Prompts you for the server information if you do not provide the information with the command. • Copies the file to the root directory of the destination file system if you do not provide the path information. Examples To merge the contents of the startup-configuration file into the running-configuration file in flash memory, enter: host1/Admin# copy startup-config running-config Related Commands show startup-config copy sftp: To copy a file, software image, running-configuration file, or startup-configuration file from a remote Secure File Transfer Protocol (SFTP) server to a location on the ACE, use the copy sftp: command. copy sftp://[username@]server/path[/filename] {disk0:[path/]filename| image:[image_name] | running-config | startup-config} Syntax Description Command Modes Exec sftp://[username@]server/path[/filename] Specifies the SFTP network server and optional renamed file. disk0:[path/]filename Specifies that the file destination is the disk0: directory of the current context and the filename. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. image: [image_name] Specifies to copy a system software image to flash memory. Use the boot system command in configuration mode to specify the BOOT environment variable. The BOOT environment variable specifies a list of image files on various devices from which the ACE can boot at startup. The image: keyword is available only in the Admin context. The image_name argument is optional. If you do not enter a name, the ACE uses the source filename. running-config Specifies to replace the running-configuration file that currently resides on the ACE in RAM (volatile memory). startup-config Specifies to replace the startup-configuration file that currently resides on the ACE in flash memory (nonvolatile memory).1-71 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To copy a startup-configuration file from a remote SFTP server to the ACE, enter: host1/Admin# copy sftp://192.168.1.2/startup_config_Adminctx startup-config Related Commands show running-config show startup-config ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-72 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands copy tftp: To copy a file, software image, running-configuration file, or startup-configuration file from a remote Trivial File Transfer Protocol (TFTP) server to a location on the ACE, use the copy tftp: command. copy tftp://server[:port]/path[/filename] {disk0:[path/]filename | image:[image_name] | running-config | startup-config} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the config-copy feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To copy a startup-configuration file from a remote TFTP server to the ACE, enter: host1/Admin# copy tftp://192.168.1.2/startup_config_Adminctx startup-config tftp://server[:port]/path[/filename] Specifies the TFTP network server and optional renamed file. disk0:[path/]filename Specifies that the file destination is the disk0: directory of the current context and the filename. If you do not provide the optional path, the ACE copies the file to the root directory on the disk0: file system. image: [image_name] Specifies to copy a system software image to flash memory. Use the boot system command in configuration mode to specify the BOOT environment variable. The BOOT environment variable specifies a list of image files on various devices from which the ACE can boot at startup. The image: keyword is available only in the Admin context. The image_name argument is optional. If you do not enter a name, the ACE uses the source filename. running-config Specifies to replace the running-configuration file that currently resides on the ACE in RAM (volatile memory). startup-config Specifies to replace the startup-configuration file that currently resides on the ACE in flash memory (nonvolatile memory). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-73 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands show running-config show startup-config crypto crlparams To configure signature verification on a Certificate Revocation List (CRL) to determine that it is from a trusted certificate authority, use the crypto crlparams command. crypto crlparams crl_name cacert ca_cert_filename no crypto crlparams crl_name Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure signature verification on a CRL, enter: host1/Admin(config)# crypto crlparams CRL1 cacert MYCERT.PEM To remove signature verification from a CRL, enter: host1/Admin(config)# no crypto crlparams CRL1 Related Commands (config-ssl-proxy) crl crl_name Name of an existing CRL. ca_cert_filename Name of the CA certificate file used for signature verification. ACE Module Release Modification A2(1.4) and A2(2.1) This command was introduced. ACE Appliance Release Modification A3(2.2) This command was introduced.1-74 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands crypto delete To delete a certificate and key pair file from the ACE that is no longer valid, use the crypto delete command. crypto delete {filename | all} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The all option does not delete the preinstalled sample certificate and key files. When you use the all keyword, the ACE prompts you with the following message to verify the deletion: This operation will delete all crypto files for this context from the disk, but will not interrupt existing SSL services. If new SSL files are not applied SSL services will be disabled upon next vip inservice or device reload. Do you wish to proceed? (y/n) [n] To view the list of the certificate and key pair files stored on the ACE for the current context, use the show crypto files command. You cannot delete the ACE cisco-sample-key and cisco-sample-cert files. Examples To delete the key pair file MYRSAKEY.PEM, enter: host1/Admin# crypto delete MYRSAKEY.PEM Related Commands crypto export crypto import show crypto filename Name of a specific certificate or key pair file to delete. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. all Deletes all of the certificate and key pair files. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-75 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands crypto export To export a copy of a certificate or key pair file from the ACE to a remote server or the terminal screen, use the crypto export command. crypto export local_filename {ftp | sftp | tftp | terminal} ip_addr username remote_filename Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You cannot export a certificate or key pair file that you marked as nonexportable when you imported the file to the ACE. The remote server variables listed after the terminal keyword in the “Syntax Description” are used by the ACE only when you select a transport type of ftp, sftp, or tftp (the variables are not used for terminal). We recommend using SFTP as it provides the most security. To view the list of the certificate and key pair files stored on the ACE for the current context, use the show crypto files command. local_filename Name of the file stored on the ACE to export. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. ftp Specifies the File Transfer Protocol (FTP) file transfer process. sftp Specifies the Secure File Transfer Protocol (SFTP) file transfer process. tftp Specifies the Trivial File Transfer Protocol (TFTP) file transfer process. terminal Displays the file content on the terminal for copy and paste purposes. Use the terminal keyword when you need to cut and paste certificate or private key information from the console. You can only use the terminal method to display PEM files, which are in ASCII format. ip_addr IP address or name of the remote server. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). username Username required to access the remote server. The ACE prompts you for your password when you enter the command. remote_filename Name to save the file to on the remote server. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-76 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To use SFTP to export the key file MYKEY.PEM from the ACE to a remote SFTP server, enter: host1/Admin# crypto export MYKEY.PEM sftp 192.168.1.2 JOESMITH /USR/KEYS/MYKEY.PEM User password: **** Writing remote file /usr/keys/mykey.pem host1/Admin# Related Commands crypto delete crypto import show crypto crypto generate csr To generate a Certificate Signing Request (CSR) file, use the crypto generate csr command. crypto generate csr csr_params key_filename Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The crypto generate csr command generates the CSR in PKCS10 encoded in PEM format and outputs it to the screen. Most major certificate authorities have web-based applications that require you to cut and paste the certificate request to the screen. If necessary, you can also cut and paste the CSR to a file. csr_params CSR parameters file that contains the distinguished name attributes. The ACE applies the distinguished name attributes contained in the CSR parameters file to the CSR. To create a CSR parameters file, use the (config) crypto csr-params command in the configuration mode. key_filename RSA key pair filename that contains the key on which the CSR is built. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. It is the public key that the ACE embeds in the CSR. Ensure that the RSA key pair file is loaded on the ACE for the current context. If the appropriate key pair does not exist, the ACE logs an error message. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-77 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Note The ACE does not save a copy of the CSR locally. After submitting your CSR to the CA, you will receive your signed certificate in one to seven business days. When you receive your certificate, use the crypto import command to import the certificate to the ACE. Examples To generate a CSR that is based on the CSR parameter set CSR_PARAMS_1 and the RSA key pair in the file MYRSAKEY_1.PEM, enter: host1/Admin# crypto generate csr CSR_PARAMS_1 MYRSAKEY_1.PEM Related Commands crypto import (config) crypto csr-params crypto generate key To generate an RSA key pair file, use the crypto generate key command. crypto generate key [non-exportable] bitsize filename Syntax Description Command Modes Exec Admin and user contexts Command History non-exportable (Optional) Marks the key pair file as nonexportable, which means that you cannot export the key pair file from the ACE. bitsize Key pair security strength. The number of bits in the key pair file defines the size of the RSA key pair used to secure web transactions. Longer keys produce a more secure implementation by increasing the strength of the RSA security policy. Available entries (in bits) are as follows: • 512 (least security) • 768 (normal security) • 1024 (high security, level 1) • 1536 (high security, level 2) • 2048 (high security, level 3 filename Name that you assign to the generated RSA key pair file. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters.The key pair filename is used only for identification purposes by the ACE. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-78 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To generate the RSA key pair file MYRSAKEYS.PEM with a bit size of 1536, enter: host1/Admin# crypto generate key 1536 MYRSAKEYS.PEM Related Commands crypto delete crypto export crypto generate csr crypto import crypto verify show crypto crypto import To import certificate or key pair files to the ACE or terminal screen from a remote server, use the crypto import command. crypto import [non-exportable] {bulk sftp [passphrase passphrase] ip_addr username remote_url} | {{ftp | sftp} [passphrase passphrase] ip_addr username remote_filename local_filename} | {tftp [passphrase passphrase] ip_addr remote_filename local_filename} | terminal local_filename [passphrase passphrase] Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. non-exportable (Optional) Specifies that the ACE marks the imported file as nonexportable, which means that you cannot export the file from the ACE. bulk Specifies the importing of multiple certificate or key pair files simultaneously. sftp Specifies the Secure File Transfer Protocol (SFTP) file transfer process. ftp Specifies the File Transfer Protocol (FTP) file transfer process. passphrase passphrase (Optional) Indicates that the file was created with a passphrase, which you must submit with the file transfer request in order to use the file. The passphrase pertains only to encrypted PEM files and PKCS files. ip_addr IP address or name of the remote server. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). username Username required to access the remote server. The ACE prompts you for your password when you enter the command.1-79 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Because a device uses its certificate and corresponding public key together to prove its identity during the SSL handshake, be sure to import both corresponding file types: the certificate file and its corresponding key pair file. The remote server variables listed after the passphrase variable in the Syntax Description table are only used by the ACE when you select a transport type of ftp, sftp, or tftp (the variables are not used for terminal). If you select one of these transport types and do not define the remote server variables, the ACE prompts you for the variable information. We recommend using SFTP because it provides the most security. The ACE supports the importation of PEM-encoded SSL certificates and keys with a maximum line width of 130 characters using the terminal. If an SSL certificate or key is not wrapped or it exceeds 130 characters per line, use a text editor such as the visual (vi) editor or Notepad to manually wrap the remote_url Path to the certificate or key pair files that reside on the remote server to import. The ACE matches only files specified by the URL. Enter a file path including wildcards (for example, /remote/path/*.pem). To fetch all files from a remote directory, specify a remote URL that ends with a wildcard character (for example, /remote/path/*). The ACE module fetches all files on the remote server that matches the wildcard criteria. However, it imports only files with names that have a maximum of 40 characters. If the name of a file exceeds 40 characters, the ACE module does not import the file and discards it. remote_filename Name of the certificate or key pair file that resides on the remote server to import. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. local_filename Name to save the file to when imported to the ACE. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. tftp Specifies the Trivial File Transfer Protocol (TFTP) file transfer process. terminal Allows you to import a file using cut and paste by pasting the certificate and key pair information to the terminal display. You can only use the terminal method to display PEM files, which are in ASCII format. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(2.0) The bulk keyword was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The bulk keyword was introduced.1-80 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands certificate or key to less than 130 characters per line. Alternatively, you can import the certificate or key by using SFTP, FTP, or TFTP with no regard to line width. Of these methods, we recommend SFTP because it is secure. This bulk keyword imports files with the names that they have on the remote server and does not allow you to rename the files. If you attempt to import a file that has the same filename of an existing local file, the ACE module does not overwrite the existing file. Before importing the updated file, you must either delete the local file or rename the imported file. The ACE supports 4096 certificates and 4096 keys. The ACE allows a maximum public key size of 4096 bits. The maximum private key size is 2048 bits. To view the list of the certificate and key pair files stored on the ACE for the current context, use the show crypto files command. Examples To import the RSA key file MYRSAKEY.PEM from an SFTP server, enter: host1/Admin# crypto import non-exportable sftp 1.1.1.1 JOESMITH /USR/KEYS/MYRSAKEY.PEM MYKEY.PEM Password: ******** Passive mode on. Hash mark printing on (1024 bytes/hash mark). # Successfully imported file from remote server. host1/Admin# This example shows how to use the terminal keyword to allow pasting of the certificate information to the file MYCERT.PEM: host1/Admin# crypto import terminal MYCERT.PEM Enter PEM formatted data ending with a blank line or “quit” on a line by itself --------BEGIN CERTIFICATE----------------------- MIIC1DCCAj2gAwIBAgIDCCQAMA0GCSqGSIb3DQEBAgUAMIHEMQswCQYDVQQGEwJa QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAb BgNVBAoTFFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0 aW9uIFNlcnZpY2VzIERpdmlzaW9uMRkwFwYDVQQDExBUaGF3dGUgU2VydmVyIENB MSYwJAYJKoZIhvcNAQkBFhdzZXJ2ZXItY2VydHNAdGhhd3RlLmNvbTAeFw0wMTA3 -----------END CERTIFICATE------------------------ QUIT host1/Admin# This example shows how to use the bulk keyword to import all of the RSA key files from an SFTP server: host1/Admin# crypto import bulk sftp 1.1.1.1 JOESMITH /USR/KEYS/*.PEM Initiating bulk import. Please wait, it might take a while... Connecting to 1.1.1.1... Password: password ... Bulk import complete. Summary: Network errors: 0 Bad file URL: 0 Specified local files already exists: 0 Invalid file names: 1 Failed reading remote files: 5 Failed reading local files: 0 Failed writing local files: 0 Unknown errors: 0 Successfully imported: 10 host1/Admin#1-81 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands crypto delete crypto export crypto verify show crypto1-82 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands crypto verify To compare the public key in a certificate with the public key in a key pair file, and to verify that they are identical, use the crypto verify command. crypto verify key_filename cert_filename Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If the public key in the certificate does not match the public key in the key pair file, the ACE logs an error message. To view the list of the certificate and key pair files stored on the ACE for the current context, use the show crypto files command. Examples To verify that the public keys in the Admin context files MYRSAKEY.PEM and MYCERT.PEM match, enter: host1/Admin# crypto verify MYRSAKEY.PEM MYCERT.PEM keypair in myrsakey.pem matches certificate in mycert.pem This example shows what happens when the public keys do not match: host1/Admin# crypto verify MYRSAKEY2.PEM MYCERT.PEM Keypair in myrsakey2.pem does not match certificate in mycert.pem host1/Admin# Related Commands crypto import key_filename Name of the key pair file (stored on the ACE) that the ACE uses to verify against the specified certificate. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. cert_filename Name of the certificate file (stored on the ACE) that the ACE uses to verify against the specified key pair. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-83 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show crypto debug To enable the ACE debugging functions, use the debug command. debug {aaa | access-list | accmgr | arpmgr | bpdu | buffer | cfg_cntlr | cfgmgr [rhi-info] | clock | fifo | fm | gslb | ha_dp_mgr | ha_mgr | hm | ifmgr | ip | ipcp | lcp | ldap | license | logfile | mtsmon | nat-download | netio | ntp | pfmgr | pktcap | portmgr | radius | routemgr | scp | scripted_hm | security | sme | snmp | ssl | syslogd | system | tacacs+ | time | tl | virtualization | vnet} Syntax Description aaa Enables debugging for authentication, authorization, and accounting (AAA). access-list Enables access-list debugging. accmgr Loglevel options for application acceleration CM. arpmgr Enables Address Resolution Protocol (ARP) manager debugging. bpdu Enables bridge protocol data unit (BPDU) debugging. buffer Configures debugging of CP buffer manager. cfg_cntlr Enables configuration controller debugging. cfgmgr Enables configuration manager debugging. rhi-info (Optional, ACE module only) Enables route health injection (RHI) debugging. clock (ACE module only) Enables clock module debugging. fifo Configures debugging of the packet first in, first out (FIFO) driver. fm Enables ACE feature manager debugging. gslb Enables GSLB protocol debugging. ha_dp_mgr Enables HA-DP debugging. ha_mgr Enables HA debugging. hm Enables HM debugging. ifmgr Enables interface manager debugging. ip Enables IP service debugging. ipcp Enables interprocess control protocol debugging. lcp (ACE module only) Enables the debugging of the line card processor. ldap Configures debugging for Lightweight Directory Access Protocol (LDAP). license Enables the debugging of licensing. logfile Directs the debug output to a log file. mtsmon Enables MTS monitor debugging. nat-download Enables Network Address Translation (NAT) download debugging. netio Enables the debugging of the CP network I/O. ntp (ACE appliance only) Debugs the Network Time Protocol (NTP) module.1-84 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command is available to roles that allow debugging and to network monitor or technician users. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. pfmgr Enables the debugging of the platform manager. pktcap Enables packet capture debugging. portmgr (ACE appliance only) Debugs the port manager. radius Configures debugging for the Remote Authentication Dial-In User Service (RADIUS) daemon. routemgr Enables route manager debugging. ipcp Enables the debugging of the kernel IPCP component. scp (ACE module only) Configures debugging for the Switch Module Control protocol. scripted_hm Enables scripted health monitoring debugging. security Enables the debugging for security and accounting. sme Enables the debugging for the System Manager Extension. snmp Configures Simple Network Management Protocol (SNMP) server debugging. ssl Enables ACE SSL manager debugging. syslogd Enables syslogd debugging. system Enables debugging of the system components. tacacs+ Configures debugging for Terminal Access Controller Access Control System Plus (TACACS+). tl Configures debugging of TL driver. virtualization Enables virtualization debugging. vnet Configures debugging of virtual net-device driver. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A4(1.0) The rhi-info option was added. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A4(1.0) The hardware and optimize options was removed.1-85 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands The ACE debug commands are intended for use by trained Cisco personnel only. Entering these commands may cause unexpected results. Do not attempt to use these commands without guidance from Cisco support personnel. Examples To enable access-list debugging, enter: host1/Admin# debug access-list Related Commands clear debug-logfile show debug1-86 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands delete To delete a specified file in an ACE file system, use the delete command. delete {core:filename | disk0:[path/]filename | image:filename | volatile:filename} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you do not specify a filename with the file system keyword, the ACE prompts you for a filename. To display the list of files that reside in a file system, use the dir command. Examples To delete the file 0x401_VSH_LOG.25256.TAR.GZ from the core: file system, enter: host1/Admin# delete core:0x401_VSH_LOG.25256.TAR.GZ Related Commands dir core:filename Deletes the specified file from the core: file system. disk0:[path/]filename Deletes the specified file from the disk0: file system. If you do not specify the optional path, the ACE looks for the file in the root directory of the disk0: file system. image:filename Deletes the specified file from the image: file system. volatile:filename Deletes the specified file from the volatile: file system. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-87 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands dir To display the contents of a specified ACE file system, use the dir command. dir {core: | disk0:[path/][filename] | image:[filename] | probe:[filename] | volatile:[filename]} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To delete a file from a file system, use the delete command. To delete all core dumps, use the clear cores command. Examples ACE Module Example To display the contents of the disk0: file system, enter: host1/Admin# dir disk0: core: Displays the contents of the core: file system. disk0:[path/] Displays the contents of the disk0: file system. Specify the optional path to display the contents of a specific directory on the disk0: file system. image: Displays the contents of the image: file system. probe: Displays the contents of the probe: file system. This directory contains the Cisco-supplied scripts. For more information about these scripts, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. volatile: Displays the contents of the volatile: file system. filename (Optional) Specified file to display. Displays information, such as the file size and the date that it was created. You can use wildcards in the filename. A wildcard character (*) matches all patterns. Strings after a wildcard are ignored. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) The probe: option was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) The probe: option was introduced.1-88 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands ACE Appliance Example To display the contents of the image: file system, enter: switch/Admin# dir image: 176876624 Aug 08 2008 14:15:31 c4710ace-mz.A3_1_0.bin 176876624 Jun 9 14:15:31 2008 c4710ace-mz.A1_8_0A.bin Usage for image: filesystem 896978944 bytes total used 11849728 bytes free 908828672 bytes total Related Commands clear cores delete show file1-89 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands dm (ACE Appliance only) To verify the state of the Device Manager (DM), restart it when it is inoperative, or upload a lifeline file to a TFTP server, use the dm command. dm {help | {lifeline tftp host port}| reload | status} Syntax Description Command Modes Exec Admin context Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the status of the DM, enter: host1/Admin# dm status Related Commands This command has no related commands. help Displays the list of keywords that are available for use on the dm command. lifeline tftp host port Creates and uploads a lifeline (anm-lifeline.tar.gz) file through TFTP. reload Restarts the DM with a reinitialized database. status Displays the status of the DM. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.6) This command is no longer hidden1-90 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands exit To exit out of Exec mode and log out the CLI session, use the exit command. exit Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To log out of an active CLI session, enter: host1/Admin# exit Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-91 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands format flash: To erase all data stored in the Flash memory and reformat it with the ACE module FAT16 filesystem or the ACE appliance third extended filesystem (ext3) as the base file system, use the format flash: command. All user-defined configuration information is erased and the ACE returns to the factory-default settings. format flash: Syntax Description This command has no keywords or arguments. Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. (ACE appliance only) The ACE performs the following verification sequence prior to reformatting Flash memory: • If the system image (the current loaded image) is present in the GNU GRand Unified Bootloader (GRUB) boot loader, the ACE automatically performs a backup of that image and then performs the reformat of Flash memory. • If the system image is not present in the GRUB boot loader, the ACE prompts you for the location of an available image to backup prior to reformatting the Flash memory. • If you choose not to backup an available image file, the ACE searches for the ACE-APPLIANCE-RECOVERY-IMAGE.bin image in the Grub partition of Flash memory. ACE-APPLIANCE-RECOVERY-IMAGE.bin is the recovery software image that the ACE uses if the disk partition in Flash memory is corrupted. – If ACE-APPLIANCE-RECOVERY-IMAGE.bin is present, the ACE continues with the Flash memory reformat. The CLI prompt changes to “switch(RECOVERY-IMAGE)/Admin#” as a means for you to copy the regular ACE software image. – If ACE-APPLIANCE-RECOVERY-IMAGE.bin is not present, the ACE stops the Flash memory reformat because there is no image to boot after format. Before you reformat the Flash memory, you should save a copy of the following ACE operation and configuration attributes to a remote server: • ACE software image (use the copy image: command) ACE Module Release Modification A4(1.0) This command was introduced and replaced the format disk0: command. ACE Appliance Release Modification A1(7) This command was introduced.1-92 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands • ACE license (use the copy licenses command) • Startup configuration of each context (use the copy startup-config command) • Running configuration of each context (use the copy running-config command) • Core dump files of each context (use the copy core: command) • Packet capture buffers of each context (use the copy capture command) • Secure Sockets Layer (SSL) certificate and key pair files of each context (use the crypto export command) After you reformat the Flash memory, perform the following actions: • Copy the ACE software image to the image: file system using the copy ftp:, copy tftp:, or copy sftp: command • Reinstall the ACE license using the license command • Import the following configuration files into the associated context using the copy disk0: command: – Startup-configuration file – Running-configuration file • Import the following SSL files into the associated context using the crypto import command: – SSL certificate files – SSL key pair files Examples For example, to erase all information in Flash memory and reformat it, enter: host1/Admin# format flash: Warning!! This will erase everything in the compact flash including startup configs for all the contexts and reboot the system!! Do you wish to proceed anyway? (yes/no) [no] yes If the ACE fails to extract a system image from the Grub bootloader, it prompts you to provide the location of an available system image to backup: Failed to extract system image Information from Grub backup specific imagefile? (yes/no) [no] yes Enter Image name: scimi-3.bin Saving Image [scimi-3.bin] Formatting the cf..... Unmounting ext3 filesystems... Unmounting FAT filesystems... Unmounting done... Unmounting compact flash filesystems... format completed successfully Restoring Image backupimage/scimi-3.bin kjournald starting. Commit interval 5 seconds REXT3 FS on hdb2, internal journal EXT3-fs: mounted filesystem with ordered data mode. starting graceful shutdown switch/Admin# Unmounting ext3 filesystems... Unmounting FAT filesystems... Unmounting done...1-93 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands copy capture copy ftp: copy tftp: copy sftp: crypto export crypto import dir license ft switchover To purposely cause a failover to make a particular context active, use the ft switchover command. ft switchover [all [force] | force | group_id [force]] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By using the ft switchover command, you direct the standby group member to statefully become the active member of the FT group, which forces a switchover. all (Optional) Causes a switchover of all FT groups configured in the ACE simultaneously. force (Optional) Causes a switchover of the Admin context if you enter the command in the Admin context and do not specify a group ID, or the specified FT group, while ignoring the state of the standby member. Use this option only when the fault-tolerant (FT) VLAN is down. group_id (Optional) Causes a switchover of the specified FT group. Enter the ID of an existing FT group as an integer from 1 to 255. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) Added the all keyword. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) Added the all keyword. A3(2.2) This command is disabled by default for the network-monitor role.1-94 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands You may need to force a switchover when you want to make a particular context the standby (for example, for maintenance or a software upgrade on the currently active context). If the standby group member can statefully become the active member of the FT group, a switchover occurs. To use this command, you must configure the no preempt command in FT group configuration mode. The ft switchover command exhibits the following behavior, depending on whether you enter the command from the Admin context or a user context: • Admin context—If you specify an FT group ID, then the FT group specified by the group ID switches over. If you do not specify a group ID, then the Admin context switches over. • User context—Because you cannot specify an FT group ID in a user context, the context in which you enter the command switches over. When you specify the ft switchover command, there may be brief periods of time when the configuration mode is enabled on the new active group member to allow the administrator to make configuration changes. However, these configuration changes are not synchronized with the standby group member and will exist only on the active group member. We recommend that you refrain from making any configuration changes after you enter the ft switchover command until the FT states stabilize to ACTIVE and STANDBY_HOT. Once the FT group reaches the steady state of ACTIVE and STANDBY_HOT, any configuration changes performed on the active group member will be incrementally synchronized to the standby group member, assuming that configuration synchronization is enabled. Examples To cause a switchover from the active ACE to the standby ACE of FT group1, enter: host1/Admin# ft switchover 1 Related Commands (config-ft-group) preempt gunzip To uncompress (unzip) LZ77 coded files residing in the disk0: file system (for example, zipped probe script files), use the gunzip command. gunzip disk0:[path/]filename.gz Syntax Description Command Modes Exec Admin and user contexts Command History disk0:[path/]filename.gz Specifies the name of the compressed file on the disk0: file system. The filename must end with a .gz extension. If you do not specify the optional path, the ACE looks for the file in the root directory. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-95 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is useful in uncompressing large files. The filename must end with a .gz extension for the file to be uncompressed using the gunzip command. The .gz extension indicates a file that is zipped by the gzip (GNU zip) compression utility. To display a list of available zipped files on disk0:, use the dir command. Examples To unzip a compressed series of probe script files from the file PROBE_SCRIPTS in the disk0: file system, enter: host1/Admin# gunzip disk0:PROBE_SCRIPTS.gz Related Commands dir invoke context To display the context running configuration information from the Admin context, use the invoke context command. invoke context context_name show running-config Syntax Description Command Modes Exec Admin context Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ACE Appliance Release Modification A1(7) This command was introduced. context_name Name of user-created context. This argument is case sensitive. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-96 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display the running configuration for the C1 user context from the Admin context, enter: host1/Admin# invoke context C1 show running-config Related Commands This command has no related commands. license To install, update, or uninstall licenses on the ACE, use the license command. license {install disk0:[path/]filename [target_filename] | uninstall {name | all} | update disk0:[path/]permanent_filename demo_filename} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. install disk0:[path/]filename Installs a demo or permanent license from the disk0: file system into flash memory on the ACE. The filename is the name of the license on the disk0: file system. If you do not specify the optional path, the ACE looks for the file in the root directory. target_filename (Optional) Target filename for the license file. uninstall name Uninstalls the specified license file. Enter the license name as an unquoted text string with no spaces. all Uninstalls all installed licenses in the ACE. update disk0: Updates an installed demo license with a permanent license. [path/]permanent_filename Filename for the permanent license. demo_filename Filename for the demo license. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) Added the all keyword to the uninstall option ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) Added the all keyword to the uninstall option1-97 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands After you receive a demo or permanent software license key in an e-mail from Cisco Systems, you must copy the license file to a network server and then use the copy tftp command in Exec mode to copy the file to the disk0: file system on the ACE. To update an installed demo license with a permanent license, use the license update command. The demo license is valid for 60 days. To view the expiration of the demo license, use the show license usage command. To back up license files, use the copy licenses command Caution When you remove a demo or permanent virtual context license, the ACE removes all user contexts from the Admin running configuration. By removing the user contexts, their running and startup configurations are also removed from the ACE. Before removing any virtual context license, back up the Admin running configuration and the user context running configurations to a remote server. For more information about the types of ACE licenses available and how to manage the licenses on your ACE, see the Administration Guide, Cisco ACE Application Control Engine. Examples To install a new permanent license, enter: host1/Admin# license install disk0:ACE-VIRT-020.LIC To uninstall a license, enter: host1/Admin# license uninstall ACE-VIRT-20.LIC ACE Module Example To update the demo license with a permanent license, enter: host1/Admin# license update disk0:ACE-VIRT-250.LIC ACE-VIRT-250-demo.LIC ACE Appliance Example To update the demo license with a permanent license, enter: host1/Admin# license update disk0:ACE-AP-VIRT-020.lic ACE-AP-VIRT-020-DEMO.lic Related Commands copy licenses copy tftp: show license mkdir disk0: To create a new directory in disk0:, use the mkdir disk0: command. mkdir disk0:[path/]directory_name Syntax Description [path/]directory_name Name that you assign to the new directory. Specify the optional path if you want to create a directory within an existing directory.1-98 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If a directory with the same name already exists, the ACE does not create the new directory and the “Directory already exists” message appears. Examples To create a directory in disk0: called TEST_DIRECTORY, enter: host1/Admin# mkdir disk0:TEST_DIRECTORY Related Commands dir rmdir disk0: move disk0: To move a file between directories in the disk0: file system, use the move disk0: command. move disk0:[source_path/]filename disk0:[destination_path/]filename Syntax Description Command Modes Exec Admin and user contexts Command History ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. disk0: Indicates the disk0: file system of the current context. source_path/ (Optional) Path of the source directory. destination_path/ (Optional) Path of the destination directory. filename Name of the file to move in the disk0: file system. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-99 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If a file with the same name already exists in the destination directory, that file is overwritten by the file that you move. Examples To move the file called SAMPLEFILE in the root directory of disk0: to the MYSTORAGE directory in disk0:, enter: host1/Admin# move disk0:SAMPLEFILE disk0:MYSTORAGE/SAMPLEFILE Related Commands dir np session (ACE module only) To execute network processor-related commands, use the np session command. np session {disable | enable} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To enable sessions to the network processor from the supervisor engine, enter: host1/Admin# np session enable ACE Appliance Release Modification A1(7) This command was introduced. disable Disables sessions to the network processor from the supervisor engine. enable Enables sessions to the network processor from the supervisor engine. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-100 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands This command has no related commands.1-101 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands ping To verify the connectivity of a remote host or server by sending echo messages from the ACE, use the ping command. ping [ip | ipv6 [system_address [count count [size size [timeout time]]]]] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ping command sends an echo request packet to an address from the current context on the ACE and then awaits a reply. The ping output can help you evaluate path-to-host reliability, delays over displaying the name of the current directory and the path, and whether the host can be reached or is functioning. To terminate a ping session before it reaches its timeout value, press Ctrl-C. ip | ipv6 (Optional) Specifies the IPv4 or IPv6 protocol. If you do not specify the IP protocol, it is inferred from the address. system_address (Optional) IP address of the remote host to ping. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). If you do not specify the IP address of the remote host, the CLI prompts you for the information. count count (Optional) Repeat count. Enter the repeat count as an integer from 1 to 65000. The default is 5. size size (Optional) Datagram size. Enter the datagram size as an integer from 36 to 1440. The default is 100. timeout time (Optional) Timeout in seconds. Enter the timeout value as an integer from 0 to 3600. The default is 2. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The size option was increased from 452 to 1440. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.5) At the datagram size prompt for the extended ping command, the size was increased from 452 to 1400. A3(2.6) The size option was increased from 452 to 1440. A5(1.0) Added IPv6 support.1-102 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples IPv6 Example To send a ping to the IPv6 loopback address 0:0:0:0:0:0:0:1, enter the following command: host1/Admin# ping ::1 PING 0:0:0:0:0:0:0:1(::1) 56 data bytes 64 bytes from ::1: icmp_seq=1 ttl=255 time=0.039 ms 64 bytes from ::1: icmp_seq=2 ttl=255 time=0.000 ms 64 bytes from ::1: icmp_seq=3 ttl=255 time=0.000 ms 64 bytes from ::1: icmp_seq=4 ttl=255 time=0.108 ms 64 bytes from ::1: icmp_seq=5 ttl=255 time=0.126 ms --- 0:0:0:0:0:0:0:1 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 8002ms rtt min/avg/max/mdev = 0.000/0.054/0.126/0.053 ms To abnormally terminate a ping session, press Ctrl-C. IPv4 Example To ping the FTP server with an IP address of 196.168.1.2 using the default ping session values, enter: host1/Admin# ping 196.168.1.2 Related Commands traceroute1-103 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands reload To reload the configuration on the ACE, use the reload command. reload Syntax Description This command has no keywords or arguments. Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The reload command reboots the ACE and performs a full power cycle of both the hardware and software. The reset process can take several minutes. Any open connections with the ACE are dropped after you enter the reload command. Caution Configuration changes that are not written to flash memory are lost after a reload. Before rebooting, enter the copy running-conf startup-config command to save a copy of the running configuration to the startup configuration in flash memory. If you fail to save your running configuration changes, the ACE reverts to the last saved version of the startup configuration upon restart. Examples To execute a soft reboot, enter: host1/Admin# reload This command will reboot the system Save configurations for all the contexts. Save? [yes/no]: [yes] Related Commands copy capture show running-config show startup-config ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-104 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands reprogram bootflash (ACE module only) To reprogram the field upgradable (FUR) partition of the ROM monitor (rommon) image on the ACE, use the reprogram bootflash command. reprogram bootflash {default-image {disk0:[path/]filename | image:[path/]filename} | fur-image {disk0:[path/]filename | image:[path/]filename} | invalidate-fur-image | validate-fur-image} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The reprogram bootflash command is intended for use by trained Cisco personnel only. Entering this command may cause unexpected results. Do not attempt to use the reprogram bootflash command without guidance from Cisco support personnel. Examples To reprogram the rommon image FUR partition on the image: file system, enter: host1/Admin# reprogram bootflash fur-image image:sb-ace.NOV_11 Related Commands This command has no related commands. default-image Reprograms the rommon image default partition. fur-image Reprograms the rommon image FUR partition. disk0:[path/]filename Specifies a file stored on the disk0: file system. image:[path/]filename Specifies the rommon image stored on the image: file system. invalidate-fur-image Invalidates the rommon image FUR partition. validate-fur-image Validates the rommon image FUR partition. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-105 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands restore To restore the configuration files and dependent files in a context or in all contexts, use the restore command. restore {[all] disk0:archive_filename} [pass-phrase text_string] [exclude {licenses | ssl-files}] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The restore command has the following configuration guidelines and limitations: • The restore command will cause an interruption in service for the two contexts in a redundant configuration. We recommend that you schedule the restoration of a backup archive on a redundant pair during a maintenance window. • When you instruct the ACE to restore the archive for the entire ACE in the Admin context, it restores the Admin context completely first, and then it restores the other contexts. The ACE restores all dependencies before it restores the running context. The order in which the ACE restores dependencies is as follows: – License files all Specifies that the ACE should restore the configuration files and dependencies in all contexts. You can specify this keyword only in the Admin context. disk0:archive_ filename Name of the archive file that you want to restore. exclude licenses | ssl-files (Optional) Excludes licenses or SSL certificates and keys from the restoration. Use this option only if you want to keep the license or SSL files already present in your ACE and ignore the license or SSL files in the backup archive, if any. pass-phrase text_string Passphrase that you used to encrypt the backed up SSL keys in the archive. Enter the passphrase as an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. If you used a passphrase when you backed up the SSL keys, the ACE encrypted the keys with AES-256 encryption using OpenSSL software. To restore the SSL keys, you must enter that same passphrase. Note If you forget your passphrase, import the required SSL files first. Then, use the exclude option of the restore command to restore e the backup archive. ACE Module Release Modification A2(3.0) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.1-106 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands – SSL certificates and key files – Health-monitoring scripts – Checkpoints – Startup-configuration file – Running-configuration file • After you restore license files, previously installed license files are uninstalled and the restored files are installed in their place. • In a redundant configuration, if the archive that you want to restore is different from the peer configurations in the FT group, redundancy may not operate properly after the restoration. • You can restore a single context from an ACE-wide backup archive provided that: – You enter the restore command in the context that you want to restore – All files dependencies for the context exist in the ACE-wide backup archive • If you upgrade to software version A4(1.0) or later from a release before A4(1.0), the ACE cannot install the earlier license files because they are unsupported. The ACE ignores these license files and keeps the existing licenses. • If you enter the exclude option first, you cannot enter the pass-phrase option. Examples To restore a backup archive in the Admin context, enter: host1/Admin# restore disk0:switch_Admin_07_July_2009_11_08_04_AM.tgz pass-phrase MY_PASS_PHRASE Related Commands backup show restore1-107 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands rmdir disk0: To remove a directory from the disk0: file system, use the rmdir disk0: command. rmdir disk0:directory Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To remove a directory from disk0:, the directory must be empty. To view the contents of a directory, use the dir command. To delete files from a directory, use the delete command. Examples To remove the directory TEST_DIRECTORY from disk0:, enter: host1/Admin# rmdir disk0:TEST-DIRECTORY Related Commands delete dir mkdir disk0: directory Name of the directory to remove. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-108 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands setup (ACE appliance only) To initiate a special setup script that guides you through the basic process of configuring an Ethernet port on the ACE as the management port to access the Device Manager GUI, use the setup command. setup Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The setup script is intended primarily as the means to guide you though a basic configuration of the ACE to quickly access the Device Manager. Use the setup command when the ACE boots without a startup-configuration file. This situation may occur when the ACE is new and the appliance was not configured upon initial startup. The setup script guides you through configuring a management VLAN on the ACE through one of its Gigabit Ethernet ports. After you specify a gigabit Ethernet port, the port mode, and management VLAN, the setup script automatically applies the following default configuration: • Management VLAN allocated to the specified Ethernet port. • VLAN 1000 assigned as the management VLAN interface. • GigabitEthernet port mode configured as VLAN access port. • Extended IP access list that allows IP traffic originating from any other host addresses. • Traffic classification (class map and policy map) created for management protocols HTTP, HTTPS, ICMP, SSH, Telnet, and XML-HTTPS. HTTPS is dedicated for connectivity with the Device Manager GUI. • VLAN interface configured on the ACE and a policy map assigned to the VLAN interface. The ACE provides a default answer in brackets [ ] for each question in the setup script. To accept a default configuration prompt, press Enter, and the ACE accepts the setting. To skip the remaining configuration prompts, press Ctrl-C any time during the configuration sequence. When completed, the setup script prompts you to apply the configuration settings. Examples To run the setup script from the CLI, enter: host1/Admin# setup ACE Appliance Release Modification A1(7) This command was introduced.1-109 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands This script will perform the configuration necessary for a user to manage the ACE Appliance using the ACE Device Manager.The management port is a designated Ethernet port which has access to the same network as your management tools including the ACE Device Manager. You will be prompted for the Port Number, IP Address, Netmask and Default Route (optional). Enter 'ctrl-c' at any time to quit the script Would you like to enter the basic configuration (yes/no): y Enter the Ethernet port number to be used as the management port (1-4):? [1]: 3 Enter the management port IP Address (n.n.n.n): [192.168.1.10]: 192.168.1.10 Enter the management port Netmask(n.n.n.n): [255.255.255.0]: 255.255.255.2 Enter the default route next hop IP Address (n.n.n.n) or to skip this step: 172.16.2.1 Summary of entered values: Management Port: 3 Ip address 192.168.1.10 Netmask: 255.255.255.2 Default Route: 172.16.2.1 Submit the configuration including security settings to the ACE Appliance? (yes/no/details): [y]: d Detailed summary of entered values: interface gigabit/Ethernet 1/3 switchport access vlan 1000 no shut access-list ALL extended permit ip any any class-map type management match-any remote_access match protocol xml-https any match protocol dm-telnet any match protocol icmp any match protocol telnet any match protocol ssh any match protocol http any match protocol https any match protocol snmp any policy-map type management first-match remote_mgmt_allow_policy class remote_access permit interface vlan 1000 ip address 192.168.1.10 255.255.255.0 access-group input ALL service-policy input remote_mgmt_allow_policy no shutdown ssh key rsa ip route 0.0.0.0 0.0.0.0 172.16.2.1 Submit the configuration including security settings to the ACE Appliance? (yes/no/details): [y]: y Configuration successfully applied. You can now manage this ACE Appliance by entering the url 'https://192.168.1.10' into a web browser to access the Device Manager GUI. Related Commands This command has no related commands.1-110 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands set dc (ACE module only) To set the daughter card console access to the master or the slave network processor, use the set dc command. set dc dc_number console {master | slave} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role in the Admin context. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To set the daughter card 1 console access to the slave network processor, enter: host1/Admin# set dc 1 console slave Switched the console access to slave network processor Related Commands clear dc show dc dc_number Specifies the daughter card on the ACE module. Enter either 1 or 2. console Sets the console access to the specified network processor. master | slave Specifies the master or the slave network processor on the specified daughter card for console access. The default is master. ACE Module Release Modification A4(1.0) This command was introduced.1-111 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands set sticky-ixp (ACE module only) This command has been deprecated in software version A4(1.0). Command History ACE Module Release Modification A2(1.0) This command was introduced. A4(1.0) This command was removed from the software.1-112 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show To display ACE statistical and configuration information, use the show command. show keyword [| {begin pattern | count | end | exclude pattern | include pattern | next | prev}] [> {filename | {disk0:| volatile}:[path/][filename] | ftp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename]}] Syntax Description Command Modes Exec Command History keyword Keyword associated with the show command. See the show commands that follow. | (Optional) Enables an output modifier that filters the command output. begin pattern Begins with the line that matches the pattern that you specify. count Counts the number of lines in the output. end pattern Ends with the line that matches the pattern that you specify. exclude pattern Excludes the lines that match the pattern that you specify. include pattern Includes the lines that match the pattern that you specify. next Displays the lines next to the matching pattern that you specify. prev Displays the lines before the matching pattern that you specify. > (Optional) Enables an output modifier that redirects the command output to a file. filename Name of the file that the ACE saves the output to on the volatile: file system. disk0: Specifies that the destination is the disk0: file system on the ACE flash memory. volatile: Specifies that the destination is the volatile: file system on the ACE. [path/][filename] (Optional) Path and filename to the disk0: or volatile: file system. This path is optional because the ACE prompts you for this information if you omit it. ftp://server/path[/filename] Specifies the File Transfer Protocol (FTP) network server and optional filename. sftp://[username@]server/path [/filename] Specifies the Secure File Transfer Protocol (SFTP) network server and optional filename. tftp://server[:port]/path[/filename] Specifies the Trivial File Transfer Protocol (TFTP) network server and optional filename. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-113 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines The features required in your user role to execute a specific show command are described in the “Usage Guidelines” section of the command. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Most commands have an associated show command. For example, the associated show command for the interface command in configuration mode is the show interface command. Use the associated show command to verify changes that you make to the running configuration. The output of the show command may vary depending on the context that you enter the command from. For example, the show running-config command displays the running-configuration for the current context only. To convert show command output from the ACE to XML for result monitoring by an NMS, use the xml-show command. Examples To display the current running configuration, enter: host1/Admin# show running-config Related Commands xml-show show aaa To display AAA accounting and authentication configuration information for the current context, use the show aaa command. show aaa {accounting | authentication [login error-enable] | groups} [|] [>] Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. accounting Displays accounting configuration information. authentication Displays authentication configuration information. login error-enable (Optional) Displays the status of the login error message configuration. groups Displays the configured server groups. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-114 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show aaa command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display the accounting configuration information, enter: host1/Admin# show aaa accounting default: local Related Commands show accounting log (config) aaa accounting default (config) aaa authentication login show access-list To display statistics associated with a specific access control list (ACL), use the show access-list command. show access-list name [detail] [|] [>] Syntax Description Command Modes Exec Admin and user contexts ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. name Name of an existing ACL. Enter the name as an unquoted text string. detail Displays detailed information for the specified ACL. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-115 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command requires the access-list feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACL information that the ACE displays when you enter the show access-list command includes the ACL name, the number of elements in the ACL, the operating status of the ACL (ACTIVE or NOT ACTIVE), any configured remarks, the ACL entry, and the ACL hit count. For information about the fields in the show access-list command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display statistical and configuration information for the ACL ACL1, enter: host1/Admin# show access-list ACL1 Related Commands clear access-list show running-config (config) access-list ethertype (config) access-list extended (config) access-list remark (config) access-list resequence show accounting log To display AAA accounting log information, use the show accounting log command. show accounting log [size] [all] [|] [>] Syntax Description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised with the detail option. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised with the detail option. size (Optional) Size (in bytes) of the local accounting file. Enter a value from 0 to 250000. The default is 250000 bytes. all (Optional) Displays the accounting logs of all contexts in the ACE. This option is available only in the Admin context.1-116 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show accounting log command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display the contents of the accounting log file, enter: host1/Admin# show accounting log Related Commands show aaa (config) aaa accounting default | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The all option was added. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The all option was added.1-117 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show acl-merge The ACE merges individual ACLs into one large ACL called a merged ACL. The ACL compiler then parses the merged ACL and generates the ACL lookup mechanisms. A match on this merged ACL can result in multiple actions. To display statistics related to merged ACLs, use the show acl-merge command. show acl-merge {acls {vlan number | internal vlan 1 | 4095} {in | out} [summary]} | {event-history} | {match {acls {vlan number | internal vlan 1 | 4095} {in | out} ip_address1 ip_address2 protocol src_port dest_port}} | {merged-list {acls {vlan number | internal vlan 1 | 4095}{in | out} [non-redundant | summary]}} | {statistics} [|] [>] Syntax Description Command Modes Exec Admin and user contexts acls Displays various feature ACLs and their entries before the merge. vlan number Specifies the interface on which the ACL was applied. internal vlan 1 | 4095 Displays the ACL merge information for internal VLAN 1 or 4095 (ACE appliance). in | out Specifies the direction in which the ACL was applied to network traffic: incoming or outgoing. summary (Optional) Displays summary information before or after the merge. event-history Displays the ACL merge event-history log. match Displays the ACL entry that matches the specified tuple. ip_address1 Source IP address. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). ip_address2 Destination IP address. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). protocol Protocol specified in the ACL. src_port Source port specified in the ACL. dest_port Destination port specified in the ACL. merged-list (Optional) Displays the merged ACL. non-redundant (Optional) Displays only those ACL entries that have been downloaded to a network processor. statistics Displays ACL merge node failure statistics and other merge and compiler errors. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-118 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command requires the acl-merge feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. The ACL merge list number (instance ID) is locally generated (not synchronized) on each ACE in a redundant configuration. The number assigned depends on the order in which the ACLs are applied to the VLANs. This number can be different on the two ACEs. The ACL merged list could be different on the two ACEs depending on when redundancy is enabled. Examples To display the ACL merge information for VLAN 401, enter: host1/Admin# show acl-merge acls vlan 401 in summary Related Commands This command has no related commands. show action-list To display information about an action list configuration, use the show action-list command in Exec mode. The show action-list command output displays all modify HTTP and ACE appliance optimization action list configurations and configured values. show action-list [list_name] [|] [>] Syntax Description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.5) and A2(2.1) This command was revised to include the internal vlan 1 keywords. A4(1.0) This command was revised to include the event-history and statistics keywords. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.3) This command was revised to include the internal vlan 1 | 4095 keywords. A3(2.5) This command was revised to include the event-history and statistics keywords. list_name (Optional) Identifier of an existing action list as an unquoted text string with a maximum of 64 alphanumeric characters. If you do not enter an action list name, the ACE displays all configured action lists.1-119 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show action-list command output, see the Application Acceleration and Optimization Guide, Cisco ACE 4700 Series Application Control Engine Appliance and the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To display configuration information for the ACT_LIST1 action list, enter: host1/Admin# show action-list ACT_LIST1 Related Commands show running-config (config) action-list type modify http (ACE appliance only) (config) action-list type optimization http show arp To display the current active IP address-to-MAC address mapping in the Address Resolution Protocol (ARP) table, statistics, or inspection or timeout configuration, use the show arp command. show arp [inspection | internal event-history dbg | statistics [vlan vlan_number] | timeout] [|] [>] | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.3) The Description field has been added to the show action-list command output. This field displays the previously entered summary about the specific parameter map. 1-120 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the routing feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The show arp command without options displays the active IP address-to-MAC address mapping in the ARP table. For information about the fields in the show arp command output, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. Examples To display the current active IP address-to-MAC address mapping in the ARP table, enter: host1/Admin# show arp Related Commands clear arp (config) arp inspection (Optional) Displays the ARP inspection configuration. internal event-history dbg (Optional) Displays the ARP internal event history. The ACE debug commands are intended for use by trained Cisco personnel only. Do not attempt to use these commands without guidance from Cisco support personnel. statistics (Optional) Displays the ARP statistics for all VLAN interfaces. vlan vlan_number (Optional) Displays the statistics for the specified VLAN number. timeout (Optional) Displays the ARP timeout values. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-121 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show backup To display backup errors (in the case of a failed backup) or the backup status, use the show backup command. show backup errors | status [details] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the status of an ongoing backup, enter: host1/Admin# show backup status detail Backup Archive: host1_2010_09_16_21_34_03.tgz Type : Full Start-time : Thu Sep 16 21:34:03 2010 Finished-time : Thu Sep 16 21:34:18 2010 Status : SUCCESS Current vc : ct3 Completed : 4/4 ------------------------+---------------+--------------------------+------------ Context component Time Status ------------------------+---------------+--------------------------+------------ errors Displays errors that may occur during a backup operation. For information about backup system messages, see the System Message Guide, Cisco ACE Application Control Engine. status [details] Displays the status of the last backup operation. Backup status details are not stored across reboots. Possible values in the Status column are as follows: • SUCCESS—The component was successfully backed up • FAILED—The component failed to be backed up • N/A—The component (for example, a checkpoint or probe script) being backed up contains 0 files ACE Module Release Modification A2(3.0) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.1-122 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Admin Running-cfg Thu Sep 16 21:34:04 2010 SUCCESS Admin Startup-cfg Thu Sep 16 21:34:04 2010 SUCCESS Admin Checkpoints Thu Sep 16 21:34:07 2010 SUCCESS Admin Cert/Key Thu Sep 16 21:34:07 2010 SUCCESS Admin License Thu Sep 16 21:34:07 2010 SUCCESS Admin Probe script Thu Sep 16 21:34:07 2010 N/A ct1 Running-cfg Thu Sep 16 21:34:12 2010 SUCCESS ct1 Startup-cfg Thu Sep 16 21:34:12 2010 SUCCESS ct1 Checkpoints Thu Sep 16 21:34:12 2010 N/A ct1 Cert/Key Thu Sep 16 21:34:12 2010 SUCCESS ct1 Probe script Thu Sep 16 21:34:12 2010 N/A ct2 Running-cfg Thu Sep 16 21:34:13 2010 SUCCESS ct2 Startup-cfg Thu Sep 16 21:34:13 2010 SUCCESS ct2 Checkpoints Thu Sep 16 21:34:13 2010 N/A ct2 Cert/Key Thu Sep 16 21:34:13 2010 SUCCESS ct2 Probe script Thu Sep 16 21:34:13 2010 N/A ct3 Running-cfg Thu Sep 16 21:34:13 2010 SUCCESS ct3 Startup-cfg Thu Sep 16 21:34:13 2010 SUCCESS ct3 Checkpoints Thu Sep 16 21:34:13 2010 N/A ct3 Cert/Key Thu Sep 16 21:34:13 2010 SUCCESS ct3 Probe script Thu Sep 16 21:34:13 2010 N/A Related Commands backup show banner motd To display the configured banner message of the day, use the show banner motd command. show banner motd [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-123 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To configure the banner message, use the banner command in the configuration mode. For information about the fields in the show banner motd command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the message of the day, enter: host1/Admin# show banner motd Related Commands (config) banner show bootvar To display the current BOOT environment variable and configuration register setting, use the show bootvar command. This command is available only in the Admin context. show bootvar [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To set the BOOT environment variable, use the boot system image: command in the configuration mode. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-124 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands For information about the fields in the show bootvar command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples ACE Module Example To display the current BOOT environment variable and configuration register setting, enter: host1/Admin# show bootvar BOOT variable = "disk0:c6ace-t1k9-mzg.3.0.0_A0_2.48.bin" Configuration register is 0x1 ACE Appliance Example To display the current BOOT environment variable and configuration register setting, enter: host1/Admin# show bootvar BOOT variable = “disk0:c4710ace-mz.A5_1_0.bin” Configuration register is 0x1 Related Commands This command has no related commands.1-125 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show buffer To display the buffer manager module messages, use the show buffer command. show buffer {events-history | stats | usage} [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display the control plane buffer event history, enter: host1/Admin# show buffer events-history 1) Event:E_DEBUG, length:72, at 477729 usecs after Sat Jan 1 00:01:29 2000 [102] headers=0xd2369000, ctrl_blocks=0xd280a040, data_blocks=0xd5403aa0 2) Event:E_DEBUG, length:50, at 477707 usecs after Sat Jan 1 00:01:29 2000 [102] total blocks=151682 (ctrl=75841, data=75841) events-history Displays a historic log of the most recent messages generated by the buffer manager event history. stats Displays detailed counters for various buffer manager event occurrences. usage Displays the number of buffers currently being held (allocated but not freed) by each buffer module. The usage keyword also shows an estimate of the number of times a particular buffer module has freed the same buffer more than once (this condition indicates a software error). Displays the Hi watermark field which allows more visibility for buffer usage when monitoring high watermarks | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-126 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands clear buffer stats1-127 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show capture To display the packet information that the ACE traces as part of the packet capture function, use the show capture command. show capture buffer_name [detail [connid connection_id | range packet_start packet_end] | status] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For all types of received packets, the console display is in tcpdump format. To copy the capture buffer information as a file in flash memory, use the copy capture command. For information about the fields in the show capture command output, see the Administration Guide, Cisco ACE Application Control Engine. buffer_name Name of the packet capture buffer. Specify an unquoted text string with no spaces from 1 to 80 alphanumeric characters. detail (Optional) Displays additional protocol information for each packet. connid connection_id (Optional) Displays protocol information for a specified connection identifier. range packet_start packet_end (Optional) Displays protocol information for a range of captured packets. status (Optional) Displays capture status information for each packet. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-128 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display the captured packet information contained in packet capture buffer CAPTURE1, enter: switch/Admin# show capture CAPTURE1 Related Commands copy capture1-129 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show cde (ACE module only) To display the classification and distribution engine (CDE) interface statistics, health, and register values, use the show cde command. This command includes statistics for the CDE daughter card interface, the CDE control plane interface, and the CDE switch fabric interface. show cde {all | count | dist | hash index_number | health | interrupts | reg cde_number register | stats {cumulative | stats} | vlan vlan_number} [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. all Displays all CDE register values. count Displays the cumulative count of the CDE interrupts. dist Displays the CDE distribution type. hash index_number Displays the hash distribution table. Enter a value from 0 to 63. health Displays the CDE health, including the daughter card statistics. interrupts Displays the CDE interrupts. reg Displays the specified CDE register. cde_number CDE number (0 or 1). register Register value. Enter a hexadecimal value from 0x0 to 0x1d9. stats Displays the specified CDE statistics. cumulative Displays the cumulative CDE statistics from the last invocation of the show cde command. delta Displays the delta CDE statistics from the last invocation of the show cde command. vlan vlan_number Displays the VLAN distribution table for the specified VLAN. Enter the desired VLAN number from 0 to 4096. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-130 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display all of the CDE register values, enter: host1/Admin# show cde all Related Commands clear cde show cfgmgr To display the Configuration Manager internal information, use the show cfgmgr command. show cfgmgr internal {history | {table {access-group | ace name| acl name| action-list | arp | class-map | context | icmp-vip | if-zone | interface | l2-ace | l2-acl | l3-rule| match-item | nat | nat-dynamic | nat-pool | nat-pool-data | nat-static | og name | og-data name | og-exp name | parameter-map | policy-map | probe | probe-instance | rserver | script-file | script-task | sfarm | sfarm-real | slb-policy | ssl-proxy | sticky-grp | sticky-static-grp | time-range | track-probe | vip} [all | context name | detail]} [|] [>] Syntax Description history Displays the Configuration Manager debug log. table Displays the specified Configuration Manager internal table. access-group Displays the access group table. ace name Displays the specified ACE table. acl name Displays the specified ACL table. action-list Displays the action-list table. arp Displays the ARP table. class-map Displays the class map table. context Displays the context table. icmp-vip Displays the ICMP state in VIP table. if-zone Displays the if zone table. interface Displays the interface table. l2-ace Displays the Layer 2 ACE table. l2-acl Displays the Layer 2 ACL table. l3-rule Displays the Layer 3 rule table. match-item Displays the match-item table. nat Displays the NAT table. nat-dynamic Displays the NAT dynamic table. nat-pool Displays the NAT pool table. nat-pool-data Displays the NAT pool data table. nat-static Displays the NAT static table. og name Displays the specified Object Group table. og-data name Displays the specified Object Group Data table. og-exp name Displays the specified Object Group Expanded table. parameter-map Displays the parameter map table. policy-map Displays the policy map table.1-131 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. probe Displays the probe table. probe-instance Displays the probe instance table. rserver Displays the real server table. script-file Displays the script file table. script-task Displays the script task table. sfarm Displays the server farm table. sfarm-real Displays the server farm and real server table. slb-policy Displays the server load-balancing policy table. ssl-proxy Displays the SSL proxy table. sticky-grp Displays the sticky group table. sticky-static-grp Displays the static sticky table. time-range Displays the time-range table. track-probe Displays the track probe table. vip Display the VIP table. all Displays the internal table information for all the contexts. context name Displays the internal table information for the specified context. detail Displays the detailed Configuration Manager table information. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-132 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display real server table information, enter: host1/Admin# show cfgmgr internal table rserver Related Commands clear cfgmgr internal history show checkpoint To display information relating to the configured checkpoints, use the show checkpoint command. show checkpoint {all | detail name} [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show checkpoint command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the running configuration for the checkpoint MYCHECKPOINT, enter: host1/Admin# show checkpoint detail MYCHECKPOINT all Displays a list of all existing checkpoints. The show output includes checkpoint time stamps. detail name Displays the running configuration of the specified checkpoint. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-133 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands checkpoint1-134 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show clock To display the current date and time settings of the system clock, use the show clock command. show clock [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To configure the system clock setting, use the clock command in the configuration mode. For information about the fields in the show clock command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the current clock settings, enter: host1/Admin# show clock Fri Feb 24 20:08:14 UTC 2006 Related Commands (config) clock summer-time (config) clock timezone | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-135 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show conn To display the connection statistics, use the show conn command. show conn {address ip_address1 [ip_address2] [/prefix_length | netmask mask]] [detail]} | count | detail | {port number1 [number2] [detail]} | {protocol {tcp | udp} [detail]} | {rserver rs_name [port_number] [serverfarm sfarm_name1] [detail]} | {serverfarm sfarm_name2 [detail]} [|] [>] Syntax Description Command Modes Exec Admin and user contexts address ip_address1 [ip_address2] Displays connection statistics for a single source or destination IPv4 or IPv6 address or, optionally, for a range of source or destination IPv4 or IPv6 addresses. To specify a range of IP addresses, enter an IP address for the lower limit of the range and a second IP address for the upper limit of the range. /prefix_length Displays connection statistics for the IPv6 address or range of IPv6 addresses that you specify. Enter an IPv6 prefix (for example, /64). netmask mask Specifies the network mask for the IPv4 address or range of IPv4 addresses that you specify. Enter a network mask in dotted-decimal notation (for example, 255.255.255.0). count Displays the total current connections to the ACE. Note The total current connections is the number of connection objects. There are two connection objects for each flow and complete connection. detail Displays detailed connection information. Note The total current connections is the number of connection objects. There are two connection objects for each flow and complete connection. port number1 [number2] Displays connection statistics for a single source or destination port or optionally, for a range of source or destination ports. protocol {tcp | udp} Displays connection statistics for TCP or UDP. rserver rs_name Displays connection statistics for the specified real server. port_number (Optional) Port number associated with the specified real server. Enter an integer from 1 to 65535. serverfarm sfarm_name1 (Optional) Displays connection statistics for the specified real server associated with this server farm. serverfarm sfarm_name2 Displays connection statistics for the real servers associated with the specified server farm. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-136 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show conn command output, see the Security Guide, Cisco ACE Application Control Engine. Examples IPv6 Example To display connection statistics for a range of IP addresses, enter: host1/C1# show conn address 2001:DB8:1::15 2001:DB8:1::35/64 IPv4 Example To display connection statistics for a range of IP addresses, enter: host1/C1# show conn address 192.168.12.15 192.168.12.35 netmask 255.255.255.0 Related Commands clear conn show context To display the context configuration information, use the show context command. show context [context_name | Admin] [|] [>] Syntax Description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.4) and A2(2.1) This detail option was added for a specified address, port, protocol, real server, or server farm. A5(1.0) Added support for IPv6. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) This detail option was added for a specified address, port, protocol, real server, or server farm. A5(1.0) Added support for IPv6. context_name (Optional) Name of user-created context. The ACE displays just the specified context configuration information. The context_name argument is case sensitive. and is visible only from the admin context. Admin (Optional) Displays just the admin context configuration information. This keyword is visible only from the admin context.1-137 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE displays different information for this command depending on the context that you are in when executing the command: • Admin context—When you are in the Admin context and use the show context command without specifying a context, the ACE displays the configuration information for the admin context and all user-created contexts. • user-created context—When you are in a user-created context and enter the show context command, the ACE displays only the configuration information of the current context. For information about the fields in the show context command output, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the Admin context and all user-context configuration information, enter: host1/Admin# show context To display the configuration information for the user context CTX1, enter: host1/Ctx1# show context Related Commands changeto (config) context show copyright To display the software copyright information for the ACE, use the show copyright command. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-138 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show copyright [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show copyright command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the ACE software copyright information, enter: host1/Admin# show copyright Related Commands This command has no related commands. show crypto To display the summary and detailed reports on files containing Secure Sockets Layer (SSL) certificates, key pairs, chain and authentication groups, and statistics, use the show crypto command. show crypto { aia-errors | authgroup {group_name| all} | cdp-errors | certificate {filename | all} | chaingroup {filename | all} | {crl {filename [detail]} | all | best-effort} | csr-params {filename | all} | files | key {filename | all} | ocspserver {name [detail] | all | best-effort} | session}} [|] [>] | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-139 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts aia-errors Displays the AuthorityInfoAccess (AIA) extension error statistics. authgroup Specifies the authentication group file type. group_name Name of the specific authentication group file. all Displays the summary report that lists all the files of the specified file type or certificates for each authentication group, or certificate revocation lists (CRLs) in the context. cdp-errors Displays the statistics for discrepancies in CRL Distribution Points (CDPs) for the certificates on the ACE; not context specific. A CDP indicates the location of the CRL in the form of a URL. CDP parsing in the certificate occurs only when best effort CRL is in use. The statistics include incomplete, malformed and missing information, and unrecognized transports and the number of times that the ACE ignores CDP errors as related to the (config-parammap-ssl) cdp-errors ignore command. certificate Specifies the certificate file type. filename Name of a specific file. The ACE displays the detailed report for the specified file. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. chaingroup Specifies the chaingroup file type. crl Specifies the certificate revocation list configured in the context. detail (Optional) Displays detailed statistics for the downloading of the CRL including failure counters. best-effort Displays summarized information for all best-effort CRLs in ACE (a maximum of 16 CRLs). csr-params Specifies the Certificate Signing Request (CSR) parameter set. files Displays the summary report listing all of the crypto files loaded on the ACE, including certificate, chaingroup, and key pair files. The summary report also shows whether the file contains a certificate, a key pair, or both. key Specifies the key pair file type. ocspserver name Identifier of a configured OCSP server. The ACE displays Online Certificate Status Protocol (OCSP) information. You can use OCSP as an alternative to CRLs. detail Instructs the ACE to display detailed statistics for the specified OCSP server. all Displays statistics for all configured OCSP servers. best-effort Displays statistics for OCSP servers that were obtained on a best-effort basis by extracting the server information from the client packets. session Displays the number of cached TLS and SSL client and server session entries in the current context. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-140 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When using the show crypto certificate command and the certificate file contains a chain, the ACE displays only the bottom level certificate (the signers are not displayed). For information about the fields in the show crypto command output, see the SSL Guide, Cisco ACE Application Control Engine. Examples To display the summary report that lists all of the crypto files, enter: host1/Admin# show crypto files To display Related Commands crypto delete crypto export crypto import crypto verify (config) crypto csr-params (config-parammap-ssl) cdp-errors ignore ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(6.2a) This command was revised with the hardware and stats keywords. A2(1.0) This command was revised with the authgroup, csr-params, crl, and session keywords. A2(2.0) This command was revised with the cdp-errors, detail, and best-effort keywords. A2(2.1) This command was revised to include the Best Effort CDP Errors Ignored field displayed with the cdp-errors keyword. A5(1.0) Added the aia-errors and the ocspserver keywords and arguments. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised with the authgroup, csr-params, crl, and session keywords. A3(2.2) The cdp-errors keyword and the detail option were added. A3(2.3) The best-effort keyword was added. A5(1.0) Added the aia-errors and the ocspserver keywords and arguments.1-141 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show dc (ACE module only) To display the statistics for the daughter card hardware on the ACE ACE, use the show dc command. show dc dc_number {console | controller {all | health | interrupts | reg register_number | stats {cumulative | delta}} | interrupts} [|] [>] Syntax Description Command Modes Exec Admin context only Command History dc_number Number of the daughter card (1 or 2). console Displays whether the master or the slave network processor console is directed to the base board front panel for the specified daughter card. For example, if the master network processor is directed to the front panel, the following message appears: “mCPU console is directed to base board front panel.” See the related set dc dc_number console command. controller Displays the register values for the specified daughter card CPU and the specified controller area. all Displays all controller register values for the specified daughter card CPU health Displays the controller health and statistics for the specified daughter card. interrupts Displays the controller interrupt statistics for the specified daughter card. reg register_number Displays the description, value, and register type for the specified controller register in the specified daughter card. stats Displays the controller statistics registers for the specified daughter card. You can instruct the ACE to display either cumulative stats since the last reboot or the change in stats since the last time you entered this command. cumulative Displays accumulated controller statistics since the last time you rebooted the ACE or entered the clear dc command. delta Displays the difference in controller statistics since the last time you entered this command. interrupts Displays the interrupt statistics for the specified daughter card. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification A4(1.0) This command was introduced.1-142 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the Admin feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. For information about the fields in the show dc command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the cumulative daughter card controller statistics, enter: host1/Admin# show dc 1 controller stats cumulative Tnrpc call for INFO_VERN_REGISTERS Success SNO Verni Register Name Address Value --------------------------------------------------------- 0 VERNI_TXDCCTRLBPCNT_REG_ADDR 0x0024 0 1 VERNI_TXBCMBPCNT_REG_ADDR 0x0028 0 2 VERNI_CSR_CNTL_REG_ADDR 0x0080 0 3 VERNI_DCRX0_BYTCNT_L_REG_ADDR 0x3104 0 4 VERNI_DCRX0_BYTCNT_H_REG_ADDR 0x3100 0 5 VERNI_DCRX1_BYTCNT_L_REG_ADDR 0x3114 26857913 6 VERNI_DCRX1_BYTCNT_H_REG_ADDR 0x3110 0 7 VERNI_DCRX2_BYTCNT_L_REG_ADDR 0x3124 2984041857 8 VERNI_DCRX2_BYTCNT_H_REG_ADDR 0x3120 0 9 VERNI_DCRX3_BYTCNT_L_REG_ADDR 0x3134 0 10 VERNI_DCRX3_BYTCNT_H_REG_ADDR 0x3130 0 11 VERNI_DCRX4_BYTCNT_L_REG_ADDR 0x3144 0 12 VERNI_DCRX4_BYTCNT_H_REG_ADDR 0x3140 0 13 VERNI_DCRX5_BYTCNT_L_REG_ADDR 0x3154 10182426 14 VERNI_DCRX5_BYTCNT_H_REG_ADDR 0x3150 0 15 VERNI_DCRX6_BYTCNT_L_REG_ADDR 0x3164 461907 16 VERNI_DCRX6_BYTCNT_H_REG_ADDR 0x3160 0 17 VERNI_DCRX7_BYTCNT_L_REG_ADDR 0x3174 0 18 VERNI_DCRX7_BYTCNT_H_REG_ADDR 0x3170 0 19 VERNI_DCRX0_PKTCNT_REG_ADDR 0x3200 0 20 VERNI_DCRX1_PKTCNT_REG_ADDR 0x3204 270400 21 VERNI_DCRX2_PKTCNT_REG_ADDR 0x3208 33181066 22 VERNI_DCRX3_PKTCNT_REG_ADDR 0x320c 0 23 VERNI_DCRX4_PKTCNT_REG_ADDR 0x3210 0 24 VERNI_DCRX5_PKTCNT_REG_ADDR 0x3214 120311 25 VERNI_DCRX6_PKTCNT_REG_ADDR 0x3218 4946 26 VERNI_DCRX7_PKTCNT_REG_ADDR 0x321c 0 27 VERNI_DCRX0_EPKTCNT_REG_ADDR 0x3300 0 28 VERNI_DCRX1_EPKTCNT_REG_ADDR 0x3304 0 29 VERNI_DCRX2_EPKTCNT_REG_ADDR 0x3308 0 30 VERNI_DCRX3_EPKTCNT_REG_ADDR 0x330c 0 31 VERNI_DCRX4_EPKTCNT_REG_ADDR 0x3310 0 32 VERNI_DCRX5_EPKTCNT_REG_ADDR 0x3314 0 33 VERNI_DCRX6_EPKTCNT_REG_ADDR 0x3318 0 34 VERNI_DCRX7_EPKTCNT_REG_ADDR 0x331c 0 35 VERNI_DCRX0_FCCNT_REG_ADDR 0x3400 0 36 VERNI_DCRX0_DROPCNT_REG_ADDR 0x3420 0 37 VERNI_DCRX1_FCCNT_REG_ADDR 0x3404 0 38 VERNI_DCRX1_DROPCNT_REG_ADDR 0x3424 0 39 VERNI_DCRX2_DROPCNT_REG_ADDR 0x3408 0 40 VERNI_DCRX3_DROPCNT_REG_ADDR 0x340c 0 41 VERNI_DCRX4_FCCNT_REG_ADDR 0x3410 0 42 VERNI_DCRX4_DROPCNT_REG_ADDR 0x3428 0 43 VERNI_DCRX5_FCCNT_REG_ADDR 0x3414 0 44 VERNI_DCRX5_DROPCNT_REG_ADDR 0x342c 0 45 VERNI_DCRX6_DROPCNT_REG_ADDR 0x3418 0 46 VERNI_DCRX7_DROPCNT_REG_ADDR 0x341c 01-143 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands 47 VERNI_DCTX0_BYTCNT_L_REG_ADDR 0x4104 0 48 VERNI_DCTX0_BYTCNT_H_REG_ADDR 0x4100 0 49 VERNI_DCTX1_BYTCNT_L_REG_ADDR 0x4114 29588774 50 VERNI_DCTX1_BYTCNT_H_REG_ADDR 0x4110 0 51 VERNI_DCTX2_BYTCNT_L_REG_ADDR 0x4124 15457403 52 VERNI_DCTX2_BYTCNT_H_REG_ADDR 0x4120 0 53 VERNI_DCTX3_BYTCNT_L_REG_ADDR 0x4134 0 54 VERNI_DCTX3_BYTCNT_H_REG_ADDR 0x4130 0 55 VERNI_DCTX4_BYTCNT_L_REG_ADDR 0x4144 0 56 VERNI_DCTX4_BYTCNT_H_REG_ADDR 0x4140 0 57 VERNI_DCTX5_BYTCNT_L_REG_ADDR 0x4154 7139354 58 VERNI_DCTX5_BYTCNT_H_REG_ADDR 0x4150 0 59 VERNI_DCTX6_BYTCNT_L_REG_ADDR 0x4164 82 60 VERNI_DCTX6_BYTCNT_H_REG_ADDR 0x4160 0 61 VERNI_DCTX7_BYTCNT_L_REG_ADDR 0x4174 0 62 VERNI_DCTX7_BYTCNT_H_REG_ADDR 0x4170 0 63 VERNI_DCTX0_PKTCNT_REG_ADDR 0x4200 0 64 VERNI_DCTX1_PKTCNT_REG_ADDR 0x4204 345107 65 VERNI_DCTX2_PKTCNT_REG_ADDR 0x4208 150138 66 VERNI_DCTX3_PKTCNT_REG_ADDR 0x420c 0 67 VERNI_DCTX4_PKTCNT_REG_ADDR 0x4210 0 68 VERNI_DCTX5_PKTCNT_REG_ADDR 0x4214 77580 69 VERNI_DCTX6_PKTCNT_REG_ADDR 0x4218 1 70 VERNI_DCTX7_PKTCNT_REG_ADDR 0x421c 0 71 VERNI_DCTX0_EPKTCNT_REG_ADDR 0x4300 0 72 VERNI_DCTX1_EPKTCNT_REG_ADDR 0x4304 0 73 VERNI_DCTX2_EPKTCNT_REG_ADDR 0x4308 0 74 VERNI_DCTX3_EPKTCNT_REG_ADDR 0x430c 0 75 VERNI_DCTX4_EPKTCNT_REG_ADDR 0x4310 0 76 VERNI_DCTX5_EPKTCNT_REG_ADDR 0x4314 0 77 VERNI_DCTX6_EPKTCNT_REG_ADDR 0x4318 0 78 VERNI_DCTX7_EPKTCNT_REG_ADDR 0x431c 0 79 VERNI_DCTX0_CRCECNT_REG_ADDR 0x4400 0 80 VERNI_DCTX1_CRCECNT_REG_ADDR 0x4404 0 81 VERNI_DCTX2_CRCECNT_REG_ADDR 0x4408 0 82 VERNI_DCTX3_CRCECNT_REG_ADDR 0x440c 0 83 VERNI_DCTX4_CRCECNT_REG_ADDR 0x4410 0 84 VERNI_DCTX5_CRCECNT_REG_ADDR 0x4414 0 85 VERNI_DCTX6_CRCECNT_REG_ADDR 0x4418 0 86 VERNI_DCTX7_CRCECNT_REG_ADDR 0x441c 0 87 VERNI_SOP_ILL_CNT_REG_ADDR 0x4420 0 88 VERNI_SNKCH0_BYTCNT_L_REG_ADDR 0x5104 0 89 VERNI_SNKCH0_BYTCNT_H_REG_ADDR 0x5100 0 90 VERNI_SNKCH1_BYTCNT_L_REG_ADDR 0x5114 29589286 91 VERNI_SNKCH1_BYTCNT_H_REG_ADDR 0x5110 0 92 VERNI_SNKCH2_BYTCNT_L_REG_ADDR 0x5124 15466363 93 VERNI_SNKCH2_BYTCNT_H_REG_ADDR 0x5120 0 94 VERNI_SNKCH3_BYTCNT_L_REG_ADDR 0x5134 0 95 VERNI_SNKCH3_BYTCNT_H_REG_ADDR 0x5130 0 96 VERNI_SNKCH4_BYTCNT_L_REG_ADDR 0x5144 0 97 VERNI_SNKCH4_BYTCNT_H_REG_ADDR 0x5140 0 98 VERNI_SNKCH5_BYTCNT_L_REG_ADDR 0x5154 7141402 99 VERNI_SNKCH5_BYTCNT_H_REG_ADDR 0x5150 0 100 VERNI_SNKCH6_BYTCNT_L_REG_ADDR 0x5164 82 101 VERNI_SNKCH6_BYTCNT_H_REG_ADDR 0x5160 0 102 VERNI_SNKCH7_BYTCNT_L_REG_ADDR 0x5174 0 103 VERNI_SNKCH7_BYTCNT_H_REG_ADDR 0x5170 0 104 VERNI_SNKCH0_PKTCNT_REG_ADDR 0x5200 0 105 VERNI_SNKCH1_PKTCNT_REG_ADDR 0x5210 345107 106 VERNI_SNKCH2_PKTCNT_REG_ADDR 0x5220 150138 107 VERNI_SNKCH3_PKTCNT_REG_ADDR 0x5230 0 108 VERNI_SNKCH4_PKTCNT_REG_ADDR 0x5240 0 109 VERNI_SNKCH5_PKTCNT_REG_ADDR 0x5250 75532 110 VERNI_SNKCH6_PKTCNT_REG_ADDR 0x5260 11-144 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands 111 VERNI_SNKCH7_PKTCNT_REG_ADDR 0x5270 0 112 VERNI_SNKCH0_EPKTCNT_REG_ADDR 0x5300 0 113 VERNI_SNKCH1_EPKTCNT_REG_ADDR 0x5310 0 114 VERNI_SNKCH2_EPKTCNT_REG_ADDR 0x5320 0 115 VERNI_SNKCH3_EPKTCNT_REG_ADDR 0x5330 0 116 VERNI_SNKCH4_EPKTCNT_REG_ADDR 0x5340 0 117 VERNI_SNKCH5_EPKTCNT_REG_ADDR 0x5350 0 118 VERNI_SNKCH6_EPKTCNT_REG_ADDR 0x5360 0 119 VERNI_SNKCH7_EPKTCNT_REG_ADDR 0x5370 0 120 VERNI_SNK_GERRCNT_REG_ADDR 0x5400 0 121 VERNI_SRCCH0_BYTCNT_L_REG_ADDR 0x6104 0 122 VERNI_SRCCH0_BYTCNT_H_REG_ADDR 0x6100 0 123 VERNI_SRCCH1_BYTCNT_L_REG_ADDR 0x6114 26857913 124 VERNI_SRCCH1_BYTCNT_H_REG_ADDR 0x6110 0 125 VERNI_SRCCH2_BYTCNT_L_REG_ADDR 0x6124 2984065605 126 VERNI_SRCCH2_BYTCNT_H_REG_ADDR 0x6120 0 127 VERNI_SRCCH3_BYTCNT_L_REG_ADDR 0x6134 0 128 VERNI_SRCCH3_BYTCNT_H_REG_ADDR 0x6130 0 129 VERNI_SRCCH4_BYTCNT_L_REG_ADDR 0x6144 0 130 VERNI_SRCCH4_BYTCNT_H_REG_ADDR 0x6140 0 131 VERNI_SRCCH5_BYTCNT_L_REG_ADDR 0x6154 10182426 132 VERNI_SRCCH5_BYTCNT_H_REG_ADDR 0x6150 0 133 VERNI_SRCCH6_BYTCNT_L_REG_ADDR 0x6164 461907 134 VERNI_SRCCH6_BYTCNT_H_REG_ADDR 0x6160 0 135 VERNI_SRCCH7_BYTCNT_L_REG_ADDR 0x6174 0 136 VERNI_SRCCH7_BYTCNT_H_REG_ADDR 0x6170 0 137 VERNI_SRCCH0_PKTCNT_REG_ADDR 0x6200 0 138 VERNI_SRCCH1_PKTCNT_REG_ADDR 0x6210 270400 139 VERNI_SRCCH2_PKTCNT_REG_ADDR 0x6220 33181387 140 VERNI_SRCCH3_PKTCNT_REG_ADDR 0x6230 0 141 VERNI_SRCCH4_PKTCNT_REG_ADDR 0x6240 0 142 VERNI_SRCCH5_PKTCNT_REG_ADDR 0x6250 120311 143 VERNI_SRCCH6_PKTCNT_REG_ADDR 0x6260 4946 144 VERNI_SRCCH7_PKTCNT_REG_ADDR 0x6270 0 145 VERNI_SRCCH0_EPKTCNT_REG_ADDR 0x6300 0 146 VERNI_SRCCH1_EPKTCNT_REG_ADDR 0x6310 0 147 VERNI_SRCCH2_EPKTCNT_REG_ADDR 0x6320 0 148 VERNI_SRCCH3_EPKTCNT_REG_ADDR 0x6330 0 149 VERNI_SRCCH4_EPKTCNT_REG_ADDR 0x6340 0 150 VERNI_SRCCH5_EPKTCNT_REG_ADDR 0x6350 0 151 VERNI_SRCCH6_EPKTCNT_REG_ADDR 0x6360 0 152 VERNI_SRCCH7_EPKTCNT_REG_ADDR 0x6370 0 153 CH0_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6400 8 154 CH1_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6410 0 155 CH2_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6420 0 156 CH3_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6430 0 157 CH4_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6440 0 158 CH5_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6450 0 159 CH6_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6460 0 160 CH7_OCTEON_FLOWCTRL_CNT_REG_ADDR 0x6470 0 Related Commands set dc clear dc1-145 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show debug To display the debug flags, use the show debug command. show debug {aaa | access-list | arpmgr | ascii-cfg | bpdu | buffer | cfg_cntlr | cfgmgr | clock | dhcp | fifo | fm | fs-daemon | ha_dp_mgr | ha_mgr | hm | ifmgr | ipcp | lcp | ldap | license | logfile | nat-download | netio | pfmgr | pktcap | radius | routemgr | scp | security | sme | snmp | ssl | syslogd | system | tacacs+ | tl | ttyd | virtualization | vnet | vshd} [|] [>] Syntax Description aaa Displays the 301 debug flags. access-list Displays the access-list debug flags. arpmgr Displays the Address Resolution Protocol (ARP) manager debug flags. ascii-cfg Displays the ASCII cfg debug flags. bpdu Displays the bridge protocol data unit (BPDU) debug flags. buffer Displays the CP buffer debug flags. cfg_cntlr Displays the configuration controller debug flags. cfgmgr Displays the configuration manager debug flags. clock (ACE module only) Displays the state of clock debug settings. dhcp Displays the Dynamic Host Configuration Protocol (DHCP) debug flags. fifo Displays the show packet first in, first out (FIFO) debug flags. fm Displays the feature manager debug flags. fs-daemon Displays the FS daemon debug flags. ha_dp_mgr Displays the high availability (HA) dataplane manager debug flags. ha_mgr Displays the HA manager debug flags. hm Displays the HM debug flags. ifmgr Displays the interface manager debug flags. ipcp Displays the kernel IP Control Protocol (IPCP) debug flags. lcp (ACE module only) Displays the LCP debug flags. ldap Displays the Lightweight Directory Access Protocol (LDAP) debug flags. license Displays the licensing debug flags. logfile Displays the contents of the logfile. nat-download Displays the Network Address Translation (NAT) download debug flags. netio Displays the CP net I/O debug flags. pfmgr Displays the platform manager debug flags. pktcap Displays the packet capture debug flags. radius Displays the Remote Authentication Dial-In User Service (RADIUS) debug flags. routemgr Displays the route manager debug flags. scp (ACE module only) Displays the Secure Copy Protocol (SCP) debug flags.1-146 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the debug feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE debug commands are intended for use by trained Cisco personnel only. Entering these commands may cause unexpected results. Do not attempt to use these commands without guidance from Cisco support personnel. Examples To display the VSHD debug flags, enter: host1/Admin# show debug vshd security Displays the security/accounting debug flags. sme Displays the System Manager Extension (SME) debug flags. snmp Displays the Simple Network Management Protocol (SNMP) server debug flags. ssl Displays the Secure Sockets Layer (SSL) manager debug flags. syslogd Displays the syslogd debug flags. system Displays the system debug flags. tacacs+ Displays the Terminal Access Controller Access Control System Plus (TACACS+) debug flags. tl Displays the CP buffer debug flags. ttyd Displays the TTYD debug flags. virtualization Displays the virtualization debug flags. vnet Displays the virtual network (VNET) driver debug flags. vshd Displays the VSHD debug flags. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-147 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands debug clear debug-logfile1-148 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show domain To display the information about the configured domains in the ACE, use the show domain command. show domain [name] [|] [>] Syntax Description Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To display the complete domain configuration report that lists all of the configured domains, enter the show domain command without including the name argument. For information about the fields in the show domain command output, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the domain configuration report for the domain D1, enter: host1/Admin# show domain D1 Related Commands (config) domain name (Optional) Name of an existing context domain. Specify a domain name to display the detailed configuration report that relates to the specified domain. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-149 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show download information To display the state of the configuration download for each interface on the context, use the show download information command. show download information [all] [summary]} [|] [>] Syntax Description Command Modes Exec Admin context for the all option. Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If no option is included with this command, the status information for all interfaces in the current context is displayed. You can execute the show download information command to monitor the progress of the download. When you apply changes to a configuration file, the ACE downloads the configuration to its data plane. When you perform incremental changes, such as copying and pasting commands in a configuration, the ACE immediately performs the configuration download and does not display any terminal messages at the start or end of the download. all Displays the configuration download status for all interfaces on all contexts (Admin context only). summary Displays the summary status of the download information for the context. When you include the all option with the summary option, this command displays the download summary status for all contexts. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification A2(3.0) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.7) only This command displays the regex download optimization status, enabled or disabled through the debug cfgmgr limit-regex-dnld command.1-150 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands However, in the following situations, the ACE defers the configuration download until the entire configuration is applied to the context: • The startup configuration at boot time • Copying of the configuration to the running-config file • A checkpoint rollback We recommend that you do not execute any configuration commands during the deferred download. The ACE does not deny you from entering configuration changes. But the changes will not occur until the download is completed. If the command times out during the download, the following message appears: Config application in progress. This command is queued to the system. The ACE does not queue the command immediately, however, the ACE processes and executes the command when the download is completed even if the command times out. Examples To display the configuration download status for all contexts, enter: host1/Admin# show download information all Related Commands This command has no related commands. show eobc (ACE module only) To display the Ethernet Out-of-Band Channel (EOBC) registers and statistics on the ACE, use the show eobc command. show eobc {registers | stats} [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History registers Displays the EOBC registers. stats Displays the EOBC statistics. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification A2(2.3) This command was introduced. A2(3.1) This command was introduced.1-151 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display the EOBC statistics, enter: host1/Admin# show eobc stats Related Commands This command has no related commands.1-152 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show fifo To display the packet first in, first out (FIFO) statistics for the Pkt-Fifo module, use the show fifo command. show fifo {event-history | registers | stats} [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display the control plane packet FIFO registers, enter: host1/Admin# show fifo registers Related Commands clear fifo stats event-history Displays a historic log of the most recent debug messages generated by the Pkt-Fifo module. registers Displays the state of all the registers associated with the transmit and receive hardware engines. stats Displays detailed counters for the various Pkt-Fifo module event occurrences. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(5) Interrupt statistics were added to the output of the stats keyword. ACE Appliance Release Modification A1(7) This command was introduced.1-153 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show file To display the contents of a specified file in a directory in persistent memory (flash memory) or volatile memory (RAM), use the show file command. show file {disk0: | volatile:}[directory/]filename [cksum | md5sum] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show file command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the contents of the file FILE1 stored in the directory MYFILES in disk0:, enter: host1/Admin# show file disk0:MYFILES/FILE1 disk0: Specifies the disk0 file system in persistent memory. volatile: Specifies the file system in volatile memory. [directory/]filename Path and name of the specified file. cksum (Optional) Displays the cyclic redundancy check (CRC) checksum for the file. The checksum values compute a CRC for each named file. Use this command to verify that the files are not corrupted. You compare the checksum output for the received file against the checksum output for the original file. md5sum (Optional) Displays the MD5 checksum (electronic fingerprint) for the file. MD5 is the latest implementation of the Internet standards described in RFC 1321 and is useful for data security and integrity. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-154 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands dir clear cores delete1-155 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show fragment To display the IPv4 an IPv6 fragmentation and reassembly statistics for all interfaces in the ACE or the specified interface, use the show fragment command. show fragment [vlan vlan_id] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you omit the vlan vlan_id optional keyword and argument, you can display statistics for all interfaces in the ACE. For information about the fields in the show fragment command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display the IPv4 and IPv6 fragmentation and reassembly statistics for VLAN 210, enter: host1/Admin# show fragment vlan 210 Related Commands show vlans vlan vlan_id (Optional) Specifies an existing interface. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.1-156 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show ft To display the fault-tolerant (ft), or redundancy, statistics per context, use the show ft command. show ft {config-error [context_name]} | {group {brief | {[group_id] {detail | status | summary}}}} | {history {cfg_cntlr | ha_dp_mgr | ha_mgr}} | {idmap} | {memory [detail]} | {peer peer_id {detail | status | summary}} | {stats group_id} | {track group_id {detail | status | summary}} [|] [>] Syntax Description config-error [context_name] Displays the commands that fail on the standby ACE during bulk synchronization in a redundant configuration. If all commands succeed on the standby ACE, the command displays the following message: No bulk config apply errors In the Admin context, the optional context_name argument is the name of a user context. If you do not enter the argument, the command uses the Admin context. In a user context, this argument is not available. group group_id Displays FT group statistics for the specified FT group. In the Admin context, this keyword displays statistics for all FT groups in the ACE. Also, in the Admin context, you can specify an FT group number to display statistics for an individual group. In a user context, this keyword displays statistics only for the FT group to which the user context belongs. brief Displays the group ID, local state, peer state, context name, context ID of all the FT groups that are configured in the ACE, and the configuration synchronization status. detail Displays detailed information for the specified FT group or peer, including the configuration synchronization status of the running- and the startup-configuration files. status Displays the current operating status for the specified FT group or peer. summary Displays summary information for the specified FT group or peer. history Displays a history of internal redundancy software statistics (Admin context only). cfg_cntlr Displays the configuration controller debug log. ha_dp_mgr Displays the high availability (HA) dataplane manager debug log. ha_mgr Displays the HA manager debug log. idmap Displays the IDMAP table for all object types. In a redundancy configuration, the IDMAP table is used to map objects between the active and the standby ACEs for use in config sync and state replication. memory [detail] Displays summary HA manager memory statistics or optional detailed HA manager memory statistics (Admin context only). peer peer_id Specifies the identifier of the remote standby member of the FT group. stats group_id Displays redundancy statistics for the specified FT group. track group_id Displays redundancy statistics related to tracked items for all FT groups. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-157 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The show ft {history | memory} command is available to users configured with a custom role in both the Admin context and a user-configured context, as well as the predefined Admin and Network-Monitor roles. Because these commands are not context specific, we recommend that you issue them from the Admin context only. If you issue these commands in a user context, they may not display any data if other user context information could be displayed. For detailed information about the fields in the show ft command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the detailed statistics for FT group GROUP1, enter: host1/Admin# show ft group GROUP1 detail Related Commands clear ft (config) ft auto-sync (config) ft group (config) ft interface vlan (config) ft peer ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(5) The brief and idmap keywords were added to this command. The status of config sync was added to the output of the detail keyword. A2(2.1) The config-error keyword and context_name option were added to this command. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) The config-error keyword and context_name option were added to this command. A3(2.6) The show ft {history | memory} command is now available to users configured with a custom role in both the Admin context and a user-configured context, as well as the predefined Admin and Network-Monitor roles. See the “Usage Guidelines” section for more information. A4(1.0) The brief and detail options were added to the show ft group command.1-158 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands (config) ft track host (ACE module only) (config) ft track hsrp (config) ft track interface show hardware To display the ACE hardware details, such as the serial number and the hardware revision level of the ACE and the ACE module daughter card, use the show hardware command. show hardware [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show hardware command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display ACE hardware information, enter: host1/Admin# show hardware Related Commands show inventory show tech-support | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) Added daughter card information. ACE Appliance Release Modification A1(7) This command was introduced.1-159 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show hyp (ACE module only) To display the Hyperion backplane ASIC register values and statistics, use the show hyp command. show hyp [reg reg_number | stats] [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display the Hyperion backplane ASIC statistics, enter: host1/Admin# show hyp stats Related Commands This command has no related commands. show icmp statistics To display the Internet Control Message Protocol (ICMP) statistics, use the show icmp statistics command. show icmp statistics [|] [>] reg reg_number (Optional) Displays the specified Hyperion backplane ASIC register values. Enter a hexadecimal value from 0x0 to 0x6db. stats (Optional) Displays the Hyperion backplane ASIC statistics. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-160 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the clear icmp-statistics command to clear the ICMP statistics. For information about the fields in the show icmp statistics command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display ICMP statistics, enter: host1/Admin# show icmp statistics Related Commands clear icmp statistics | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-161 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show interface To display the interface information, use the show interface command. show interface [bvi number | eobc | gigabitEthernet slot_number/port_number [counters] | internal {event-history {dbg | mts} | iftable [name] | port-vlantable | seciptable | vlantable [number]} port-channel channel_number | vlan number] [|] [>] Syntax Description bvi number (Optional) Displays the information for the specified Bridge Group Virtual Interface (BVI). eobc (Optional, ACE module only) Displays the interface information for the Ethernet Out-of-Band channel (EOBC). gigabitEthernet slot_number/por t_number (Optional, ACE appliance only) Displays the statistics for the specified gigabit Ethernet slot and port. • The slot_number represents the physical slot on the ACE containing the Ethernet ports. This selection is always 1. • The port_number represents the physical Ethernet port on the ACE. Valid selections are 1 through 4. This keyword is available in the Admin context only. counters (ACE appliance only) Displays a summary of interface counters for the specified Ethernet data port related to the receive and transmit queues. internal (Optional) Displays the internal interface manager tables and events. event-history Displays event history information. dbg Displays debug history information. mts Displays message history information. iftable Displays the master interface table (Admin context only). name (Optional) Interface table name. If you specify an interface table name, the ACE displays the table information for that interface. port-vlantable (Optional, ACE appliance only) Displays the Ethernet port manager VLAN table. seciptable Displays the interface manager's (ifmgr) view of a logical interface and displays all the configured secondary IP addresses under an interface vlantable Displays the VLAN table (Admin context only). number (Optional) VLAN number. If you specify an interface number, the ACE displays the table information for that interface. port-channel channel_number (Optional, ACE appliance only) Displays the channel number assigned to a port-channel interface. Valid values are from 1 to 255. This keyword is available in the Admin context only. vlan number (Optional) Displays the statistics for the specified VLAN. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-162 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec BVI and VLAN interface—Admin and user contexts (ACE appliance only) Ethernet data port, Ethernet management port, and port-channel interface—Admin context only Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. (ACE appliance only) In addition, the Ethernet data port, Ethernet management port, and port-channel interface command functions require the Admin user role. (ACE appliance only) You can configure flow control on each Ethernet port of a Catalyst 6500 series switch. However, the ACE does not support flow control. If you connect an ACE to a Catalyst 6500 series switch, the flow control functionality is disabled on the ACE. The output of the show interface gigabitEthernet command on the ACE displays the “input flow-control is off, output flow control is off” flow-control status line as shown in the example above regardless of the state of flow control on the Catalyst 6500 series switch port to which the ACE is connected. To display all of the interface statistical information, enter the show interface command without using any of the optional keywords. The internal keyword and options are intended for use by trained Cisco personnel for troubleshooting purposes only. For information about the fields in the show interface command output, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. Examples To display all of the interface statistical information, enter: host1/Admin# show interface ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.1) Added the seciptable option. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.5) The command output includes the reason for an UP transition, timestamp for the last change, number for transitions since creation, and the last three previous states including the timestamp and the transition reasons. If you do not configure a load-balance scheme on the interface, the load-balance scheme field through the port-channel option displays src-dst-mac, which is the default load-balance scheme on the source or destination MAC address. A4(1.0) Added the seciptable option.1-163 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands ACE Appliance Example To view the configuration status for Ethernet data port 4, enter: host1/Admin# show interface gigabitEthernet 1/4 Related Commands clear interface show inventory To display the system hardware inventory, use the show inventory command. show inventory [raw] [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the show inventory command to display information about the field-replaceable units (FRUs) in the ACE, including product IDs, serial numbers, and version IDs. If you do not include the raw keyword, the ACE displays the hardware inventory report only. For information about the fields in the show inventory command output, see the Administration Guide, Cisco ACE Application Control Engine. raw (Optional) Displays the hardware inventory report and information about each temperature sensor in the ACE. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-164 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display the hardware inventory report, enter: host1/Admin# show inventory To display the hardware inventory report and information about each temperature sensor, enter: host1/Admin# show inventory raw Related Commands show hardware show ip To display the IP statistics, use the show ip command. show ip {dhcp relay {conf | information policy | statistics} | fib [np number {dest-ip ip_address}} | summary | wr dest-ip ip_address] | interface brief {[bvi | gigabitEthernet | port-channel | vlan] number} | route [summary | internal {event-history dbg | memory}] | traffic} [|] [>] Syntax Description dhcp relay Specifies the Dynamic Host Configuration Protocol (DHCP) configuration information. conf Displays the DHCP relay configuration information. information policy Displays the relay agent information and the reforwarding policy status. statistics Displays the DHCP relay statistics. fib Displays the Forwarding Information Base (FIB) table for the context. This table contains information that the forwarding processors require to make IP forwarding decisions. This table is derived from the route and ARP tables. np number dest-ip ip_address (Optional) Displays the FIB information for a destination address on the specified ACE NP (network processor). For the number argument: • For the ACE module, enter an integer from 1 to 4. • For the ACE appliance, enter 1. For the ip_address argument, enter the IPV4 address in dotted-decimal notation (for example, 172.27.16.10). summary (Optional) Displays the FIB table or route summary for the current context. wr dest-ip ip_address (Optional) Displays the FIB information for the specified wire region (0 only) and destination IP address. Enter the IPv4 address in dotted-decimal notation (for example, 172.27.16.10). interface brief Displays a brief configuration and status summary of all interfaces, a specified bridge group virtual interface (BVI), or a virtual LAN (VLAN), including the interface number, IP address, status, and protocol. bvi Displays the information for a specified BVI. gigabitEthernet Displays the information for an existing gigabit Ethernet (GE) port. Enter 1. port-channel Displays the information for an existing port-channel. vlan Displays the statistics for a specified VLAN number. 1-165 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The internal and fib keywords and options are intended for use by trained Cisco personnel for troubleshooting purposes only. number Number of the existing BVI, gigabit Ethernet (GE) port, port-channel, or VLAN. For a BVI, enter an integer from 1 to 4090. For a GE port, enter 1. For a port channel, enter an integer from 1 to 255. For a VLAN, enter an integer from 2 to 4090. route Displays the route entries. internal (Optional) Specifies the internal route entries. event-history dbg Displays the event history statistics. memory Displays the mtrack output statistics. traffic Displays the IPv4 and IPv6 protocol statistics. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) Added the interface brief and related keywords. A5(1.0) Added IPv6 support for the traffic keyword. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) Added the interface brief and related keywords. A3(2.5) Added the gigabitEthernet and port-channel keywords. The interface brief option displays the hardware interfaces along with the logical interfaces. It also supports the individual output of each physical interface. For FT interfaces, (ft) appears after the VLAN ID in the output. This change is only applicable in the Admin context. A5(1.0) Added IPv6 support for the traffic keyword.1-166 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands For information about the fields in the show ip command output, see the Security Guide, Cisco ACE Application Control Engine and the Routing and Bridging Guide, Cisco ACE Application Control Engine. Examples To display all IP route entries, enter: host1/Admin# show ip route Related Commands clear ip1-167 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show ipcp To display the Interprocess Communication Protocol (IPCP) statistics, use the show ipcp command. The ACE module uses the Interprocess Communication Protocol for communication between the control plane processor and the dataplane processors. show ipcp {cde | clients | event-history | peek_poke} [|] [>] Syntax Description Command Modes Exec Admin context only Command History cde Displays the following statistics: • ACE module—IPCP messages that were sent over the classification and distribution engine (CDE) interface. • ACE appliance—Displays IPCP statistical information. clients Displays the following statistics: • ACE module—Displays the IPCP statistics of the service access points (SAPs). • ACE appliance—Displays IPCP message queue information. event-history Displays the following statistics: • ACE module—Displays the history of error messages (usually none) in the IPCP driver. • ACE appliance—Displays IPCP event history information. peek_poke Displays the following statistics: • ACE module—Displays the statistics of the special queue that is used to read from or write to the network processor or the control plane processor memory from the control plane. • ACE appliance—Displays IPCP peek poke message queue information. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification A2(1.0) This command was introduced.1-168 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the Admin role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display IPCP statistics for the CDE interface, enter the following command: host1/Admin# show ipcp cde Related Commands This command has no related commands. show ipv6 To display the IPv6 statistics, use the show ipv6 command. show ipv6 {dhcp relay [statistics]} | {fib [{np number dest-ip ip_address} | summary | wr dest-ip ip_address]} | {interface [brief] [[bvi | vlan] number]} | neighbors | {route [summary | internal ktable]} [|] [>] Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The pci option was removed. dhcp relay Specifies the Dynamic Host Configuration Protocol (DHCP) configuration information. statistics (Optional) Displays the DHCP relay statistics. fib Displays the Forwarding Information Base (FIB) table for the context. This table contains information that the forwarding processors require to make IP forwarding decisions. This table is derived from the route and ARP tables. np number dest-ip ip_address (Optional) Displays the FIB information for a destination address on the specified ACE NP (network processor). For the number argument: • For the ACE module, enter an integer from 1 to 4. • For the ACE appliance, enter 1. For the ip_address argument, enter the IP address in dotted-decimal notation (for example, 172.27.16.10). summary (Optional) Displays the FIB table or route summary for the current context. wr dest-ip ip_address (Optional) Displays the FIB information for the specified wire region (0 only) and destination IP address. Enter the IP address in dotted-decimal notation (for example, 172.27.16.10). interface Displays the configuration and status of all interfaces, including the interface number, IP address, status, and protocol.1-169 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History brief Displays a brief configuration and status summary of all interfaces, a specified bridge group virtual interface (BVI), or a virtual LAN (VLAN), including the interface number, IP address, status, and protocol. bvi Displays the configuration and status information for a specified BVI. vlan Displays the configuration and status information for a specified VLAN number. number Number of the existing BVI, gigabit Ethernet (GE) port, port-channel, or VLAN. For a BVI, enter an integer from 1 to 4090. For a GE port, enter 1. For a port channel, enter an integer from 1 to 255. For a VLAN, enter an integer from 2 to 4090. neighbors Displays information about the IPv6 neighbors, including the IPv6 address, MAC address, status (Up or Down), and more. route Displays the route entries. internal (Optional) Specifies the internal route entries. ktable Displays the IPv6 kernel route table entries. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) Added the interface brief and related keywords. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) Added the interface brief and related keywords. A3(2.5) Added the gigabitEthernet and port-channel keywords. The interface brief option displays the hardware interfaces along with the logical interfaces. It also supports the individual output of each physical interface. For FT interfaces, (ft) appears after the VLAN ID in the output. This change is only applicable in the Admin context. A5(1.0) Added IPv6 support.1-170 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The internal and fib keywords and options are intended for use by trained Cisco personnel for troubleshooting purposes only. For information about the fields in the show ipv6 command output, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. Examples To display IPv6 interface summary information for VLAN 300, enter: host1/Admin# show ipv6 interface brief vlan 300 Related Commands show kalap udp load To display the latest load information for a VIP address, VIP-based tag, or a domain name provided to the KAL-AP request, use the show kalap udp load command in Exec mode. show kalap udp load {all | domain domain | vip {ip_address | tag name}} [|] [>] Syntax Description Command Modes Exec Admin and user contexts all Displays the latest load information for all VIP addresses, and VIP-based tags and domains with their associated VIP addresses and port numbers. domain domain Displays the latest load information for the specified domain name. vip ip_address | tag name Displays the latest load information for the specified VIP address or VIP tag name. For the ip_address argument, enter the IP address in dotted-decimal notation (for example, 192.168.11.1). | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-171 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines The output fields for the show kalap udp load all command display the VIP address, VIP tag with its associated VIP address and port number, or domain name with its associated VIP address and port number, its load value, and the time stamp. Examples To display the latest load information to the KAL-AP request for VIP address 10.10.10.10, enter: host1/Admin# show kalap udp load vip 10.10.10.10 To display the latest load information to the KAL-AP request for domain KAL-AP-TAG1, enter: host1/Admin# show kalap udp load domain KAL-AP-TAG1 To display the latest load information to the KAL-AP request for the VIP KAL-AP-TAG2 tag, enter: host1/Admin# show kalap udp load vip tag KAL-AP-TAG2 Related Commands (config-pmap-c) kal-ap-tag ACE Module Release Modification A2(1.0) This command was introduced. A2(2.0) The all keyword was added. The vip tag name keyword and argument were added. ACE Appliance Release Modification A3(1.0) This command was introduced. A4(1.0) The tag name keyword and argument were added.1-172 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show lcp event-history (ACE module only) To display the Line Card Process (LCP) debug event history information, use the show lcp event-history command. show lcp event-history [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display LCP debug event history information, enter: host1/Admin# show lcp event-history Related Commands This command has no related commands. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-173 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show ldap-server To display the configured Lightweight Directory Access Protocol (LDAP) server and server group parameters, use the show ldap-server command. show ldap-server [groups] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show ldap-server command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display the configured LDAP server groups, enter: host1/Admin# show ldap-server groups Related Commands (config) aaa group server (config) ldap-server host (config) ldap-server port (config) ldap-server timeout groups (Optional) Displays configured LDAP server group information. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-174 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show license To display your ACE license information, use the show license command. show license [brief | file filename | internal event-history | status | usage] [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Entering the show license command without any options and arguments displays all of the installed ACE license files and their contents. For information about the fields in the show license command output, see the Administration Guide, Cisco ACE Application Control Engine. To manage the licenses on your ACE, use the license command. brief (Optional) Displays a filename list of currently installed licenses. file filename (Optional) Displays the file contents of the specified license. internal event-history (Optional) Displays a history of licensing-related events. status (Optional) Displays the status of licensed features. usage (Optional) Displays the usage table for all licenses. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.3) The Count value for Web Optimization in the show license status command output has been modified from “cps” to “concurrent connections.”1-175 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display all of the installed ACE license files and their contents, enter: host1/Admin# show license Related Commands copy capture license1-176 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show line To display all of the configured console and virtual terminal line sessions, use the show line command. show line [console [connected]] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show line command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display all configured console and virtual terminal line sessions, enter: host1/Admin# show line ACE Module Example To display the configured console settings for the ACE, enter: host1/Admin# show line console Related Commands clear line (ACE module only) (config) line console console (Optional) Displays the configured console settings for the ACE. connected (Optional) Displays the physical connection status. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-177 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show logging To display the current severity level and state of all syslog messages stored in the logging buffer, or to display information related to specific syslog messages, use the show logging command. show logging [history | internal {event-history dbg | facility} | message [syslog_id | all | disabled] | persistent | queue | rate-limit | statistics] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History history (Optional) Displays the logging history file. internal (Optional) Displays syslog internal messages. event-history dbg Displays the debug history for the syslog server. facility Displays the registered internal facilities for the syslog server. message (Optional) Displays a list of syslog messages that have been modified from the default settings. These are messages that have been assigned a different severity level or messages that have been disabled. syslog_id (Optional) Identifier of a specific system log message to display, specified by message ID, and identifies whether the message is enabled or disabled. all (Optional) Displays all system log message IDs and identifies whether they are enabled or disabled. disabled (Optional) Displays a complete list of suppressed syslog messages. persistent (Optional) Displays statistics for the log messages sent to flash memory on the ACE. queue (Optional) Displays statistics for the internal syslog queue. rate-limit (Optional) Displays the current syslog rate-limit configuration. statistics (Optional) Displays syslog statistics. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-178 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the show logging command, you must have the ACE buffer enabled as a logging output location. By default, logging to the local buffer on the ACE is disabled. To enable system logging to a local buffer and to limit the messages sent to the buffer based on severity, use the logging buffered configuration command from the desired context. The show logging command lists the current syslog messages and identifies which logging command options are enabled. To clear the ACE buffer of the logging information currently stored, use the clear logging command. For information about the fields in the show logging command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display a complete list of disabled syslog messages, enter: host1/Admin# show logging message disabled To display the contents of the logging history buffer, enter: host1/Admin# show logging history To display the contents of the internal facility messages buffer, enter: host1/Admin# show logging internal facility To display statistics for the log messages sent to flash memory on the ACE, enter: host1/Admin# show logging persistent To display statistics for the internal syslog queue, enter: host1/Admin# show logging queue To display the current syslog rate-limit configuration, enter: host1/Admin# show logging rate-limit To display the current syslog statistics, enter: host1/Admin# show logging statistics Related Commands clear logging (config) logging buffered1-179 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show login timeout To display the login session idle timeout value, use the show login timeout command. show login timeout [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To configure the login timeout value, use the login timeout command in configuration mode. For information about the fields in the show login timeout command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the login timeout value, enter: host1/Admin# show login timeout Related Commands (config) login timeout | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-180 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show nat-fabric To display the Network Address Translation (NAT) policy and pool information for the current context, use the show nat-fabric command. show nat-fabric {policies | src-nat policy_id mapped_if | dst-nat static_xlate_id | nat-pools | implicit-pat| global-static} [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the NAT feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. policies Displays the NAT policies. src-nat policy_id mapped_if Displays the specified source NAT policy information. To obtain the values for the policy_id and mapped_if arguments, view the policy_id and mapped_if fields displayed by the show nat-fabric policies command. dst-nat static_xlate_id Displays the static address translation for the specified static XLATE ID. To obtain the value for the static_xlate_id argument, view the static_xlate_id field displayed by the show nat-fabric policies command. nat-pools Displays NAT pool information for a dynamic NAT policy. implicit-pat Displays the implicit PAT policies. global-static Displays global static NAT information when the static command in global configuration mode is configured. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised with the global-static keyword. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised with the global-static keyword.1-181 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands To obtain the values for the policy_id, mapped_if, and static_xlate_id arguments, view their respective fields displayed by the show nat-fabric policies command. Examples To display the implicit PAT policies, enter: host1/Admin# show nat-fabric implicit-pat Related Commands (ACE module only) (config) static show netio To display the control plane network I/O information, use the show netio command. show netio {clients | event-history | stats} [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. clients Displays statistics for the applications that are transmitting and receiving packets through the Netio module. event-history Displays a historic log of the most recent debug network I/O messages. stats Displays detailed counters for various Netio event occurrences. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-182 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display control plane network I/O client information, enter: host1/Admin# show netio event-history 1) Event:E_DEBUG, length:73, at 921762 usecs after Sat Jan 1 00:04:55 2000 [105] ed_request_encap: Sending ARP_RESOLUTION for 75.0.0.6, in context 0 2) Event:E_DEBUG, length:78, at 921752 usecs after Sat Jan 1 00:04:55 2000 [105] ed_egress_route_lookup: Route lookup failure -96 for 75.0.0.6, context 0 Related Commands clear netio stats show nexus-device To display the Nexus device connection statistics, use the show nexus-device command. show nexus-device [name][detail] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the Nexus device connection information, enter the following command: host1/Admin# show nexus-device DC1 name Configured identifier of the Nexus device. Enter the name of an existing Nexus device as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. detail Displays an additional field for the IP address of the Nexus device. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.1-183 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands (config) nexus-device1-184 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show np To display the hardware information stored on the four network processors (NPs), use the show np command. show np np_number {access-list {node vlan vlan_number {in node_address | out node_address} | resource | root vlan vlan_number {in | out} | syslog {lineno-table [index_1 index_2 | all] | name-table [index_3 index_4 | all]} | trace vlan vlan_number in protocol prot_number | source source_ip source_port | destination dest_ip dest_port} | {adjacency [lower_index upper_index [all]} | {buffer stats {event-history | stats | usage}} | {cpu | internal [lower_index upper_index]] | reap]} | {interface {icmlookup [all] | iflookup}} | {interrupts} | {lb-stats {option}} | {mac-address-table} | {me-stats ucdump_option} | {memory} | {mtrie dest-ip dest_ip} | {nat {bitmap map_id | dst_nat policy_id | implicit-pat | policies | src-nat policy_id interface_id} | {reg} | {status} [|] [>] Syntax Description np_number Network processor number, as follows: • ACE module—Enter one of the following processor identifier numbers: – 1—Octeon network processor (NP) 1 – 2—Octeon network processor (NP) 2 – 3—Octeon network processor (NP) 3 – 4—Octeon network processor (NP) 4 • ACE appliance—Enter one of the following processor identifier numbers: – 0—x86 processor – 1—Octeon processor access-list Displays information related to the access control list (ACL). node Displays the contents of the hardware ACL node that is identified by the vlan_number. vlan vlan_number Specifies the number of the VLAN. in Specifies the inbound traffic flow. out Specifies the outbound traffic flow. node_address Address of the node. resource Displays information about the ACL resource usage. root Displays the hardware address of the root of the downloaded, aggregated ACL, identified by the vlan_number. syslog Displays the ACL syslog tables. lineno-table Displays the ACl syslog line-number table. index_1 index_2 Range of indices to display. Enter an integer from 0 to 262143 for index_1 and index_2. all Specifies whether to display invalid entries. name-table Displays the ACL syslog namestring table. index_3 index_4 Range of indices to display. Enter an integer from 0 to 16383 for index_3 and index_4.1-185 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands trace Traces a packet through a specific ACL. protocol prot_number Specifies a protocol number. source Specifies the source of the flow. source_ip Source IP address. source_port Source port number. destination Specifies the destination of a flow. dest_ip Destination IP address. dest_port Destination port number. adjacency Displays information related to the adjacent nodes. lower_index Lower index value. Enter a value from 1 to 32767. upper_index Upper index value. Enter a value from 1 to 32767. all Displays all entries, including invalid entries. internal Displays the internal information for adjacency structures. buffer Displays NP buffer usage available and status of ft switchover. event-history Displays control plane buffer event history. stats Displays control plane buffer statistics. usage Displays control plane buffer usage. cpu Displays information about the CPU processes. This command option is available only for a user with the Admin role in any context. reap (Optional, ACE appliance only) Retrieves the encap reap statistics. interface Displays information related to the interface tables. icmlookup Displays the ICM/OCM interface table from the CP (0) or the specified NP. iflookup Displays the fast path interface lookup table from the CP (0) or the specified NP. Note The iflookup keyword presents information from the fast path interface lookup table. If you wish to verify the configured shared VLAN host ID value, enter the show running-config | include shared command. interrupts (ACE module only) Displays the network processor interrupt error counters (for example, PIP, L2D, L2T, DRAM, and so on). lb-stats Displays load-balancing statistics similar to the LbInspectTool. mac-address-table Displays the MAC address table. me-stats Displays Micro Engine statistics for the network processors. This command option is available only for a user with the Admin role in any context. ucdump_option Options for the ucdump utility. The ucdump utility is a binary on Xscale which returns information about Micro Engine statistics. Specify --help as the ucdump_option argument to list all of the supported ucdump utility options. Enter up to 80 alphanumeric characters. Note The following ucdump utility options are disabled from show np me-stats: -C, -f, and -i. memory Displays information about the memory processes. This command option is available only for a user with the Admin role in any context.1-186 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command and its options require the access-list or interface feature in your user role, except for the cpu, me-stats, and memory options. These three options require that you have the Admin user role in any context. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. mtrie dest-ip dest_ip Displays Mtrie entry for the specified destination IP address. nat Displays information related to the network processor Network Address Translation (NAT) tables. bitmap map_id Specifies the NAT-pool bit-map table in the network processor. dst_nat policy_id Specifies the destination NAT policy. implicit-pat Specifies the implicit Port Address Translation (PAT) policy table. policies Specifies the full NAT policy table. src-nat Specifies the source NAT policy. policy_id Policy identifier number. Enter a value from 0 to 65535. interface_id Mapped interface identifier. Enter a value from 0 to 65535. reg (ACE module only) Displays information related to the network processor registers. status (ACE appliance only) Displays status information related to the specified network processor. You can only display the statistics for network processor 1. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The value of 0 was removed from the network processor np_number argument range. A4(1.1) Added the buffer keyword and options. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.1) Added the buffer keyword and options.1-187 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands (ACE appliance only) The show np 1 {me-stats | memory | status} is now available to users configured with a custom role in both the Admin context and a user-configured context, as well as the predefined Admin and Network-Monitor roles. Because these commands are not context specific, we recommend that you issue them from the Admin context only. If you issue these commands in a user context, they may not display any data if other user context information could be displayed. Examples To display the access list information from the hardware using the network processor 1, enter: host1/Admin# show np 1 access-list To display Micro Engine statistics for a ucdump utility (-b, which instructs the ACE to dump fastpath buffer memory), enter: host1/Admin# show np me-stats -b Fastpath thread buffers ================================= ME:1 thread:0 addr:0x0010 particle:0x00000000 len:78 rx_seq=7 0018 0x8500004e 0x00608034 0x0000001e 0x00101e07 ...N .`.4 .... .... 001c 0x0000ffff 0xffffffff 0x00059a3b 0x9a390800 .... .... ...; .9.. 0020 0x4500002c 0xa4540000 0xff11fd64 0x0c010105 E.., .T.. ...d .... 0024 0x0c010101 0xc350c352 0x00185db6 0x000100f0 .... .P.R ..]. .... 0028 0x00000008 0x00000000 0x00000064 0x00000000 .... .... ...d .... Related Commands clear np show processes1-188 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show ntp (ACE appliance only) To display information about the Network Time Protocol (NTP) statistics, use the show ntp command. show ntp {peer-status | peers | statistics [io | local | memory | peer ip_address]} [|] [>] Syntax Description Command Modes Exec Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the status for all configured NTP servers and peers, enter: host1/Admin# show peer-status To display a listing of all peers, enter: switch/Admin# show ntp peers Related Commands (config) ntp peer-status Displays the status for all configured NTP servers and peers. peers Displays a listing of all peers. statistics Displays the NTP statistics. io (Optional) Displays information the input/output statistics. local (Optional) Displays the counters maintained by the local NTP. memory (Optional) Displays the statistical counters related to the memory code. peer (Optional) Displays the peer-peer statistical counters of the specified peer. ip_address Peer statistics for the specified IP address. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Appliance Release Modification A1(7) This command was introduced.1-189 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show optimization-global To display information about the global optimization statistics, use the show optimization-global command. show optimization-global [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display global optimization statistics, enter: host1/Admin# show optimization-global Related Commands (config) optimize | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Appliance Release Modification A1(7) This command was introduced.1-190 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show parameter-map To display the detailed configuration information for a specified parameter map, use the show parameter-map command. show parameter-map [parammap_name] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the configuration for the parameter map SSL_PARAMMAP, enter: host1/Admin# show parameter-map SSL_PARAMMAP Related Commands show running-config parammap_name (Optional) Name of an existing parameter map. Enter the name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The persistence rebalance field now displays the enabled strict state when you configure the persistence-rebalance strict command. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.3) The Description field has been added to the show parameter-map command output. This field displays the previously entered summary about the specific parameter map.1-191 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show probe To display the probe information including script probes, use the show probe command. show probe [probe_name] [detail] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you enter the show probe command without specifying a probe name, the ACE displays a summary report that includes all configured probes. For information about the fields in the show probe command output, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To display the probe summary report, enter: host1/Admin# show probe Related Commands clear probe (config) probe probe_name (Optional) Name of an existing probe. detail (Optional) Displays a detailed probe report that includes configuration information and statistics for all configured probes. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.7). Not applicable for A4(1.0) or A4(2.0). The regex cache-length field was added to display the configured cache length.1-192 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show processes To display the general information about all of the processes running on the ACE, use the show processes command. The show processes command displays summary CPU information for the ACE module SiByte 1250 Processor or ACE appliance Pentium processor. show processes [cpu | log [details | pid process_id] | memory] [|] [>] Syntax Description Command Modes Exec Admin users (users with an Admin role), across all contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The show processes command is available only to Admin users (users with an Admin role) across all contexts. The displayed system processes information is at the CPU system level (the total CPU usage) and is not on a per-context level. For information about the fields in the show processes command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display information about the memory processes, enter: host1/Admin# show processes memory cpu (Optional) Displays information about the CPU processes. log (Optional) Displays information about the process logs. details (Optional) Displays detailed process log information for all process identifiers. pid process_id (Optional) Displays process information about a specific process identifier. Enter a value from 0 to 2147483647. memory (Optional) Displays information about the memory processes. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-193 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands clear processes log show np show tech-support show pvlans (ACE module only) To display the private VLANs on the ACE downloaded from the supervisor engine in the Catalyst 6500 series switch, use the show pvlans command. show pvlans [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show pvlans command output, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. Examples To display the private VLANs on the ACE downloaded from the supervisor engine, enter: host1/Admin# show pvlans Related Commands This command has no related commands. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-194 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show radius-server To display the configured Remote Authentication Dial-In User Service (RADIUS) server and group parameters, use the show radius-server command. show radius-server [groups | sorted] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show radius-server command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display configured RADIUS server parameters, enter: host1/Admin# show radius-server To display the configured RADIUS server groups, enter: host1/Admin# show radius-server groups To display the sorted RADIUS servers, enter: host1/Admin# show radius-server sorted groups (Optional) Displays configured RADIUS server group information. sorted (Optional) Displays RADIUS server information sorted by name. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-195 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands (config) aaa group server (config) radius-server attribute nas-ipaddr (config) radius-server deadtime (config) radius-server host (config) radius-server key (config) radius-server retransmit show resource allocation To display the allocation for each resource across all resource classes and class members, use the show resource allocation command. show resource allocation [|] [>] Syntax Description Command Modes Exec (ACE module) Admin context only ACE appliance) Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command shows the resource allocation but does not show the actual resources being used. To display information about actual resource usage, use the show resource usage command. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.6) This command is now available to users configured with a custom role in both the Admin context and a user-configured context, as well as the predefined Admin and Network-Monitor roles. See the “Usage Guidelines” section for more information.1-196 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands (ACE appliance only) The show resource allocation command is now available to users configured with a custom role in both the Admin context and a user-configured context, as well as the predefined Admin and Network-Monitor roles. Because these commands are not context specific, we recommend that you issue them from the Admin context only. If you issue these commands in a user context, they may not display any data if other user context information could be displayed. For information about the fields in the show resource allocation command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the allocation for each resource, enter: host1/Admin# show resource allocation Related Commands show resource usage show resource internal To display internal resource-related functions, use the show resource internal command. show resource internal {appmap | regexp | socket}[|] [>] Syntax Description Command Modes Exec (ACE module) Admin context only (ACE Appliance) Admin and user contexts Command History appmap Displays the resource driver application map. regexp Displays the current memory usage for the virtual server ID. socket Displays the current socket resources. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The regexp keyword was added.1-197 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. (ACE appliance only) The show resource internal command is now available to users configured with a custom role in both the Admin context and a user-configured context, as well as the predefined Admin and Network-Monitor roles. Because these commands are not context specific, we recommend that you issue them from the Admin context only. If you issue these commands in a user context, they may not display any data if other user context information could be displayed. Examples To display the memory used by the virtual server IDs, enter: host1/Admin# show resource internal regexp Related Commands show resource usage ACE Appliance Release Modification A1(7) This command was introduced. A3(2.6) This command is now available to users configured with a custom role in both the Admin context and a user-configured context, as well as the predefined Admin and Network-Monitor roles. See the “Usage Guidelines” section for more information. A4(1.0) The regexp keyword was added.1-198 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show resource usage To display the resource usage for each Network Processor (NP) or each context, use the show resource usage command. show resource usage [np {1 | number |current |denied | peak}] [all | [[context context_name | summary] [resource {acc-connections | acl-memory | all | conc-connections | mgmt-connections | probes | proxy-connections | rate {bandwidth | connections | http-comp | inspect-conn | mac-miss | mgmt-traffic | ssl-connections | syslog} | regexp | sticky | syslogbuffer | xlates}]]] [counter [all | current | denied | peak [count_threshold]]] [|] [>] Syntax Description np (Optional) Displays the resource usage for the NP. 1 (ACE appliance only) Displays all resource usage statistics for the NP. Enter 1. number (ACE module only) Network Processor (NP) number. Enter a number from 1 to 4. Since the ACE divides all resources equally between all NPs, this argument allows you to monitor the resource usage for each NP independently in case it reaches a limit. When an NP reaches a limit, it can deny a connection even though the limit is not reached in the other NPs. current Displays the active concurrent instances or the current rate of the resource for the NPs. denied Displays the number of denied uses of the resource for the NPs since the resource statistics were last cleared. peak Displays the peak concurrent instances, or the peak rate of the resource for the NPs since the statistics were last cleared, either using the clear resource usage command or because the device rebooted. all (Optional) Displays the resource usage for each context individually. This is the default setting. This option is available in the Admin context only. context context_name (Optional) Displays the resource usage for the specified context. The context_name argument is case sensitive. This option is available in the Admin context only. summary (Optional) Displays the total resource usage for all contexts together. For example, the denied column shows the items that have been denied for each context limit. This option is available in the Admin context only. top number (Optional) Displays the greatest n users of a single resource arranged from the highest to the lowest percentage of resources used. You must specify a single resource type and cannot use the resource all keywords with this option. This option is available in the Admin context only. resource (Optional) Displays statistics for one of the following specified resources. This option is available for the np option in the Admin context only. acc-connections (ACE appliance only) Displays the number of application acceleration connections. acl-memory Displays the ACL memory usage. all Displays the resource usage for all resources used by the specified context or contexts. conc-connections Displays the resource usage for simultaneous connections. mgmt-connections Displays the resource usage for management connections.1-199 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Defaults None Command Modes Exec probes Displays the resource usage for probes. proxy-connections Displays the resource usage for proxy connections. rate Displays the rate per second for the specified connections or syslog messages. bandwidth Displays the bandwidth in bytes per second. connections Displays connections per second. http-comp Displays the HTTP compression rate in bytes per second. To convert the value to bits per second, multiply the displayed value by 8. inspect-conn Displays all inspection connections per second. mac-miss Displays MAC miss traffic that was punted to the CP packets per second. mgmt-traffic Displays management traffic bytes per second. ssl-connections Displays Secure Sockets Layer (SSL) connections. syslog Displays the syslog message buffer usage. regexp Displays resource usage for regular expressions. sticky Displays resource usage for sticky entries. syslogbuffer Displays resource usage for the syslog buffer. xlates Displays resource usage by Network Address Translation (NAT) and Port Address Translation (PAT) entries. counter (Optional) Displays all statistics. You can specify one of the following options: all (Optional) Displays all statistics. This is the default setting. current (Optional) Displays the active concurrent instances or the current rate of the resource. denied (Optional) Displays the number of denied uses of the resource since the resource statistics were last cleared. peak (Optional) Displays the peak concurrent instances, or the peak rate of the resource since the statistics were last cleared, either using the clear resource usage command or because the device rebooted. count_threshold (Optional) Number above which resources are shown. Enter an integer from 0 to 4294967295. The default is 1. If the usage of the resource is below the number you set, then the resource is not shown. If you specify all for the counter name, then the count_threshold applies to the current usage. To show all resources, set the count_threshold to 0. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-200 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show resource usage command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the resource usage for context C1, enter: host1/Admin# show resource usage context C1 resource Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) This command was modified to include the np option and http-comp keywords for compression. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) This command was modified to include the np option.1-201 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show restore To display restore errors or the restore status, use the show restore command. show restore errors | status [details] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display the details of a restore operation in the Admin context, enter: host1/Admin# show restore status details Backup Archive: fusion_2010_09_16_21_34_03.tgz Type : Full Start-time : Thu Sep 16 23:27:53 2010 Finished-time : Thu Sep 16 23:28:19 2010 Status : SUCCESS Current vc : ct3 Completed : 4/4 ------------------------+---------------+--------------------------+------------ Context component Time Status ------------------------+---------------+--------------------------+------------ Admin License Thu Sep 16 23:28:03 2010 SUCCESS Admin Cert/Key Thu Sep 16 23:28:03 2010 SUCCESS Admin Probe script Thu Sep 16 23:28:03 2010 SUCCESS Admin Checkpoints Thu Sep 16 23:28:06 2010 SUCCESS Admin Startup-cfg Thu Sep 16 23:28:07 2010 SUCCESS Admin Running-cfg Thu Sep 16 23:28:07 2010 SUCCESS ct1 Cert/Key Thu Sep 16 23:28:17 2010 SUCCESS ct1 Probe script Thu Sep 16 23:28:17 2010 SUCCESS errors Displays errors that may occur during a backup operation. For information about backup system messages, see the System Message Guide, Cisco ACE Application Control Engine. status [details] Displays errors that occur during a restore operation. For information about restore system messages, see the System Message Guide, Cisco ACE Application Control Engine. ACE Module Release Modification A2(3.0) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.1-202 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands ct1 Checkpoints Thu Sep 16 23:28:17 2010 SUCCESS ct1 Startup-cfg Thu Sep 16 23:28:17 2010 SUCCESS ct1 Running-cfg Thu Sep 16 23:28:18 2010 SUCCESS ct2 Cert/Key Thu Sep 16 23:28:18 2010 SUCCESS ct2 Probe script Thu Sep 16 23:28:18 2010 SUCCESS ct2 Checkpoints Thu Sep 16 23:28:18 2010 SUCCESS ct2 Startup-cfg Thu Sep 16 23:28:18 2010 SUCCESS ct2 Running-cfg Thu Sep 16 23:28:18 2010 SUCCESS ct3 Cert/Key Thu Sep 16 23:28:19 2010 SUCCESS ct3 Probe script Thu Sep 16 23:28:19 2010 SUCCESS ct3 Checkpoints Thu Sep 16 23:28:19 2010 SUCCESS ct3 Startup-cfg Thu Sep 16 23:28:19 2010 SUCCESS ct3 Running-cfg Thu Sep 16 23:28:19 2010 SUCCESS Related Commands restore1-203 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show role To display the configured user roles (predefined and user-configured roles), use the show role command. show role [role_name] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To configure roles, use the role command in configuration mode. For information about the fields in the show role command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display all of the available user roles, enter: host1/Admin# show role Related Commands (config) role role_name (Optional) Name of an existing role. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-204 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show rserver To display the IPv6 or IPv4 summary or detailed statistics for a named real server or for all real servers, use the show rserver command. show rserver [rserver_name] [detail] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the rserver feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show rserver command output, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. For the Total Conn-failures output field of the show rserver detail command, the following conditions apply: For Layer 4 traffic with normalization on, the count increments if the three-way handshake fails to be established for either of the following reasons: • A RST comes from the client or the server after a SYN-ACK. • The server does not reply to a SYN. The connection times out. For Layer 4 traffic with normalization off, the count does not increment. rserver_name (Optional) Identifier of an existing real server. detail (Optional) Displays detailed statistics for the real server name that you enter or for all real servers. If you do not include the detail keyword, the summary report is displayed. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support1-205 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands For L7 traffic (normalization is always on), the count increments if the three-way handshake fails to be established for either of the following reasons: • A RST comes from the server after the front-end connection is established • The server does not reply to a SYN. The connection times out. Examples To display detailed statistics for all configured real servers, enter: host1/Admin# show rserver detail Related Commands clear rserver (config) rserver1-206 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show running-config To display the running configuration information associated with the current context, use the show running-config command. show running-config [aaa | access-list | action-list | class-map | context | dhcp | domain | ft | interface | object-group | parameter-map | policy-map | probe | resource-class | role | rserver | serverfarm | sticky [name]] [|] [>] Syntax Description Command Modes Exec aaa (Optional) Displays authentication, authorization, and accounting (AAA) information. access-list (Optional) Displays access control list (ACL) information. action-list (Optional) Displays action-list information. class-map (Optional) Displays the list of all class maps configured for the current context. The ACE also displays configuration information for each class map listed. context (Optional) Displays the list of contexts configured on the ACE. The ACE also displays the resource class (member) assigned to each context. The context keyword only works from within the admin context. dhcp (Optional) Displays Dynamic Host Configuration Protocol (DHCP) information. domain (Optional) Displays the list of domains configured for the current context. The ACE also displays configuration information for each domain listed. ft (Optional) Displays the list of redundancy or fault-tolerance (ft) configurations configured for the current context. The ACE also displays configuration information for each ft configuration listed. interface (Optional) Displays interface information. object-group (Optional) Displays object-group information. parameter-map (Optional) Displays parameter map information. policy-map (Optional) Displays policy map information. probe (Optional) Displays probe information. resource-class (Optional) Displays resource class information. role (Optional) Displays the list of roles configured for the current context. The ACE also displays configuration information for each role on the list. rserver (Optional) Displays rserver information. serverfarm (Optional) Displays server farm information. sticky (Optional) Displays sticky information. name (Optional) Object name to display. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command.1-207 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The show running-config command is a context-sensitive command. The ACE creates a running configuration for each context that you create; therefore, to display the running-config file of a specific context, you must enter the show running-config command from within the desired context. If you need to change to another context before executing the show running-config command, use the changeto command or log directly in to the desired context. Use the copy capture command to do the following: • Save a copy of the running configuration to a file on one or more destination locations. • Save the running configuration as the startup configuration. • Save the startup configuration as the running configuration. For information about the fields in the show running-config command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the entire running configuration, enter: host1/Admin# show running-config Related Commands copy capture show startup-config show tech-support write ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A4(1.1) Added the optional name argument. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A3(2.7). Not applicable for A4(1.0) and A4(2.0). The name option was added.1-208 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show scp (ACE module only) To display the Switch Command Control Protocol (SCP) statistics, use the show scp command. show scp {debugs | event-history | stats} [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display the SCP statistics, enter: host1/Admin# show scp stats Related Commands This command has no related commands. debugs Displays SCP debug filter settings. event-history Displays a historic log of the most recent SCP debug messages. stats Displays detailed counters for SCP events. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.1-209 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show script To display the statistics for a script file that is active on the ACE including exit codes and exit messages, use the show script command. show script {script_name probe_name [rserver_name [port_number] [serverfarm sfarm_name]] | code script_name} [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show script command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the script file code for the script in the file MYSCRIPT, enter: host1/Admin# show script code MYSCRIPT script_name Name of a loaded script. probe_name Name of a probe containing an association with the specified script. rserver_name (Optional) Name of a real server that contains an association with the specified probe. port_number (Optional) Port number on the specified real server. serverfarm sfarm_name (Optional) Specifies the server farm containing an association with the specified real server. code script_name Displays the code for the specified script. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-210 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands (config) script file name (config-probe-probe_type) script1-211 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show security internal event-history To display information about the security event history, use the show security internal event-history command. show security internal event-history {errors | msgs} [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display the error logs of the security manager, enter: host1/Admin# show security internal event-history errors Related Commands This command has no related commands. errors Displays the debug error logs of the security manager. msgs Displays the message logs of the security manager. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-212 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show serverfarm To display a summary or detailed statistics about a specified server farm, use the show serverfarm command. show serverfarm [name [retcode]] [detail] [NPn] [|] [>] show serverfarm [name [inband]] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History name (Optional) Detailed report for the specified server farm. If you do not specify a server farm name, the summary report is displayed. retcode (Optional) Displays the HTTP return codes statistics for configured real server and retcode map combinations only if the return code hit count is greater than 0. All return code hit counts are an aggregate of the counts of both network processors. Displays the HTTP return codes associated with the server farm. detail (Optional) Displays detailed statistics for the specified server farm, including the current and total connections stuck to each real server due to sticky. When used after the retcode option, the detail option displays return code statistics even if the value is 0. inband (Optional) Displays the number of inband health monitoring connection failures for each real server in a server farm. NPn (Optional) Indicates which network processor (NP) handled a connection for a particular real server. Use this field to troubleshoout real server connections when only some connections are dropped. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(4) This command was revised. The Out-of-Rotation Count field was added to the show command output. A4(1.0) This command was revised to include the inband option. A4(1.1) Added the NPn option.1-213 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the serverfarm feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. In software version A4(1.1) and later, the ACE retains the retcode and inband health monitoring statistics of a server farm when a real server transitions from the OPERATIONAL state to the INACTIVE state. For information about the fields in the show serverfarm command output, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To display a summary report about the server farm, enter: host1/Admin# show serverfarm Related Commands clear serverfarm (config) serverfarm (config-sfarm-host) inband-health check ACE Appliance Release Modification A1(7) This command was introduced. A3(2.3)) This command with the name or detail option was revised to include the real server description field as defined by the description command in the serverfarm host real server configuration mode. A4(1.0) This command was revised to include the inband option. A4(1.1) Added the NPn option.1-214 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show service-policy To display the statistics for all policy maps or a specific policy map that is currently in service, use the show service-policy command. This command also allows you to display statistics for a specific class map in a policy or the hit counts for match HTTP URL statements in a Layer 7 HTTP policy map. If you do not enter an option with this command, the ACE displays all enabled policy statistics. show service-policy [policy_name [class-map class_name]] [detail [dad] | summary | url-summary] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History policy_name (Optional) Identifier of an existing policy map that is currently in service (applied to an interface) as an unquoted text string with a maximum of 64 alphanumeric characters. If you do not enter the name of an existing policy map, the ACE displays information and statistics for all policy maps. class-map class_name (Optional) Displays the statistics for the specified class map associated with the policy. detail (Optional) Displays a more detailed listing of policy map or class map statistics and status information. dad (Optional) Displays the IPv6 duplicate address detection (DAD) information, including the DAD status of the VIP. summary (Optional) Displays a summary of policy map or class map statistics and status information. url-summary (Optional) Displays the number of times that a connection is established based on a match HTTP URL statement for a class map in a Layer 7 HTTP policy map. The URL hit counter is per match statement per load-balancing Layer 7 policy. If you are using the same combination of Layer 7 policy and class maps with URL match statements in different VIPs, the count is combined. If the ACE configuration exceeds 64K URL and load-balancing policy combinations, this counter displays NA. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(4) Command syntax was changed to allow the display of all service policies that are configured in the ACE. A2(1.2) The class-map class_name and summary options were added.1-215 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The show service-policy command displays the following information: • VLAN to which the policy is applied • Class map associated with the policy • Status of any NAT operations • Status of any load-balancing operations • Status of any compression operations • Dynamic Workload Scaling (DWS) status of the VIP • DAD status of IPv6 VIPs The ACE updates the counters that the show service-policy command displays after the applicable connections are closed. For information about the fields in the show service-policy command output, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To display detailed statistics and current status of the service policy MGMT_POLICYMAP, enter: host1/Admin# show service-policy MGMT_POLICYMAP detail Related Commands clear service-policy show running-config (config) service-policy A2(2.0) The url-summary option was added. A2(3.3) The regex dnld status field was added. A4(2.0) Added VIP DWS state output field A5(1.0) Added optional dad keyword and associated output fields for IPv6. ACE Module Release Modification ACE Appliance Release Modification A1(7) This command was introduced. A3(2.1) The class-map class_name and summary options were added. A3(2.5) Compression counter fields were added. A3(2.6) The regex dnld status field was added. A4(1.0) The url-summary option was added. A4(2.0) Added VIP DWS state output field A5(1.0) Added optional dad keyword and associated output fields for IPv6.1-216 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show snmp To display the Simple Network Management Protocol (SNMP) statistics and configured SNMP information, use the show snmp command. show snmp [community | engineID | group | host | sessions | user] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, this command displays the ACE contact, the ACE location, the packet traffic information, community strings, and the user information. You can instruct the ACE to display specific SNMP information by including the appropriate keyword. For information about the fields in the show snmp command output, see the Security Guide, Cisco ACE Application Control Engine. community (Optional) Displays SNMP community strings. engineID (Optional) Displays the identification of the local SNMP engine and all remote engines that have been configured on the ACE. group (Optional) Displays the names of groups on the ACE, the security model, the status of the different views, and the storage type of each group. host (Optional) Displays the configured SNMP notification recipient host, the User Datagram Protocol (UDP) port number, the user, and the security model. sessions (Optional) Displays the IP address of the targets for which traps or informs have been sent. user (Optional) Displays SNMPv3 user information. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-217 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To display SNMP statistics and configured SNMP information, enter: host1/Admin# show snmp Related Commands (config) snmp-server community (config) snmp-server contact (config) snmp-server enable traps (config) snmp-server host (config) snmp-server location (config) snmp-server trap link ietf (config) snmp-server trap-source vlan (config) snmp-server user1-218 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show ssh To display the information about the Secure Shell (SSH) keys and sessions, use the show ssh command. show ssh {key [dsa | rsa | rsa1] | maxsessions [context_name] | session-info [context_name]} [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. From the Admin context, this argument allows you to display only the SSH information associated with a specific user-created context. key Displays the host key pair details for all SSH keys. dsa (Optional) Displays only the details of the DSA key pair for the SSH version 2 protocol. rsa (Optional) Displays only the details of the RSA key pair for the SSH version 2 protocol. rsa1 (Optional) Displays only the details of the RSA1 key pair for the SSH version 1 protocol. maxsessions Displays the maximum number of SSH sessions that the ACE allows. Context administrators may also view SSH session information associated with a particular context. context_name (Optional) Name of an existing context that contains the SSH session information that the context administrator wants to view. Only the global administrator can view Telnet information associated with a particular context. The context_name argument is case sensitive and is visible only from the admin context. session-info Displays session information, including the session ID, the remote host IP address, and the active time. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-219 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands For information about the fields in the show ssh command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display all of the loaded SSH keys, enter: host1/Admin# show ssh key To display the maximum number of SSH sessions that the ACE permits for the context C2, enter: host1/Admin # show ssh maxsessions C2 Maximum Sessions Allowed is 2(SSH Server is enabled) Related Commands clear ssh (config) class-map (config) ssh key (config) ssh maxsessions1-220 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show startup-config To display information about the startup configuration that is associated with the current context, use the show startup-config command. show startup-config [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To clear the startup configuration, use the clear startup-config command. To copy the running configuration to the startup configuration, or copy the startup configuration to the running configuration, use the copy running-config command. For information about the fields in the show startup-config command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display information about the startup configuration, enter: host1/Admin# show startup-config Related Commands clear startup-config copy capture show running-config | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-221 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show stats To display statistics about the ACE operation, use the show stats command. show stats [connection | {crypto {client [alert | authentication | cipher | termination]} | {server [alert | authentication | cipher | insert | redirect | termination]}} | http | inspect [ftp | http | rtsp]| kalap [all] | loadbalance [radius | rdp | rtsp | sip] | optimization http | probe [type probe_type] | sticky] [|] [>] Syntax Description connection (Optional) Displays global connection statistics associated with the current context. crypto (Optional) Displays the back-end (client keyword) and front-end (server keyword) SSL statistics for the current context. client Displays the back-end SSL client statistics for the current context. If you do not enter any options with this keyword, this command displays alert, authentication, cipher, and termination statistics. alert (Optional) Displays SSL alert statistics. authentication (Optional) Displays the SSL authentication statistics. cipher (Optional) Displays the SSL cipher statistics. termination (Optional) Displays the back-end SSL termination statistics. server Displays the front-end SSL server statistics for the current context. If you do not enter any options with this keyword, this command displays alert, authentication, cipher, header insertion, redirect, and termination statistics. insert (Optional) Displays the header insertion statistics. redirect (Optional) Displays the redirect statistics. http (Optional) Displays global HTTP statistics associated with the current context. inspect [ftp | http | rtsp] (Optional) Displays global FTP, HTTP, or RTSP inspect statistics associated with the current context. If you do not include any options with the inspect keyword, the ACE displays the global HTTP statistics. kalap (Optional) Displays global server load-balancing (GSLB) statistics associated with the current context. all (Optional) In the admin context, displays the total number of KAL-AP statistics for all contexts. These statistics are followed by the statistics for the admin context and then all other contexts. loadbalance (Optional) Displays global load-balancing statistics associated with the current context. radius (Optional) Displays Remote Authentication Dial-In User Service (RADIUS) load-balancing statistics associated with the current context. rdp (Optional) Displays Reliable Datagram Protocol (RDP) load-balancing statistics associated with the current context. rtsp (Optional) Displays Real-Time Streaming Protocol (RTSP) load-balancing statistics associated with the current context. sip (Optional) Displays Session Initiation Protocol (SIP) load-balancing statistics associated with the current context. optimization http (Optional, ACE appliance only) Displays HTTP optimization global statistics associated with the current context.1-222 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Command HistoryA Usage Guidelines This command requires the loadbalance, inspect, NAT, connection, or SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To display the statistics for a specific probe type (for example, scripted), include the type probe_type keyword and argument. Examples To display all of the statistics about the ACE operation, enter: host1/Admin# show stats To see a list of probe types, enter: host1/Admin# show stats probe type ? probe [type probe_type] (Optional) Displays global probe statistics associated with the current context. sticky (Optional) Displays global sticky statistics associated with the current context. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised to add the crypto, radius, and rtp keywords. A2(1.1) This command was revised to add the rtsp and sip keywords. A2(2.0) This command was revised to add the all keyword. This command was revised to add counters for SSL redirect and header insertion. A4(1.0) This command was revised to add the alert, authentication, cipher, insert, redirect, and termination options. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A3(2.1) The alert, authentication, cipher, and termination options were added.1-223 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands clear stats show sticky cookie-insert group To display the inserted cookie information for the specified sticky group, use the show sticky cookie-insert group command. show sticky cookie-insert group sticky_group_name Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command displays information that correlates the inserted cookie, the sticky entry, and the final destination for the cookie insert configuration. For information about the fields in the show sticky cookie-insert command output, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To display the inserted cookie information for the sticky group, enter: host1/Admin# show sticky cookie-insert group STICKY-TEST Related Commands (config-sticky-cookie) cookie insert sticky_group_name The name of the configured sticky group | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification A2(1.4) and A2(2.1) This command was introduced. ACE Appliance Release Modification A3(2.2) This command was introduced.1-224 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show sticky database To display the sticky statistics, use the show sticky database command. show sticky database [static] [active-conn-count min value1 max value2 | client ip_address1 | group name1 | http-content value3 | http-cookie value24 | http-header value5 | ip-netmask {both {source ip_address2 destination ip_address3} | destination ip_address4 | source ip_address5} | layer4-payload value6 | rserver name2 [port] serverfarm name3 | rtsp-header value7 | sip-header value8 | time-to-expire min value9 max value10 | type {http-content | http-cookie | http-header | ip-netmask {both | destination | source} | layer4-payload | radius {calling-id | framed-ip | username} | rtsp-header | sip-header} [count | detail]] Syntax Description static (Optional) Displays static sticky database entries. If you do not use an optional keyword to specify the type of static sticky database entry to display, all entries are displayed. active-conn-count min value1 max value2 (Optional) Displays sticky database entries within the specified connection count range. client ip_address (Optional) Displays sticky database entries for the source IPv6 or IPv4 address of a client that you specify. group name1 (Optional) Displays sticky database entries for the sticky group name that you specify. http-content value3 (Optional) Displays sticky database entries for the HTTP content value that you specify. http-cookie value4 (Optional) Displays sticky database entries for the HTTP cookie value that you specify. http-header value5 (Optional) Displays sticky database entries for the HTTP header value that you specify. ip-netmask {both {source ip_address2 destination ip_address3} | destination ip_address4 | source ip_address5} (Optional) Displays sticky database entries for both the source and destination addresses, the destination address only, or the source address only. layer4-payload value6 (Optional) Displays sticky database entries for the Layer 4 payload value that you specify. rserver name2 (Optional) Displays sticky database entries for the real-server name that you specify. port (Optional) Real server port number. serverfarm name3 Specifies a server farm associated with the real server. rtsp-header value7 (Optional) Displays sticky database entries for the RTSP header value that you specify. sip-header value8 (Optional) Displays sticky database entries for the SIP header value that you specify. time-to-expire min value9 max value10 (Optional) Displays the sticky database entries within the specified time to expire range. type (Optional) Displays sticky database entries for one of the following sticky group types: http-content Specifies HTTP content sticky database entries.1-225 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History http-cookie Specifies HTTP cookie sticky database entries. http-header Specifies HTTP header sticky database entries. ip-netmask Specifies IP netmask sticky database entries. both Specifies both source and destination IP netmasks. destination Specifies the destination IP netmask. source Specifies the source IP netmask. radius Specifies RADIUS attribute sticky database entries. calling-id Specifies RADIUS calling-ID attribute sticky database entries. framed-ip Specifies RADIUS framed-IP attribute sticky database entries. username Specifies RADIUS username attribute sticky database entries. rtsp-header Specifies RTSP header sticky database entries. sip-header Specifies SIP header sticky database entries. count (Optional) Displays the count for the sticky databae entries. detail (Optional) Displays detailed statistics for the specified sticky database component. The detail option output includes the sticky-hit-count field to display the total number of times that a sticky entry is hit. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A2(1.3) The show sticky database static http-cookie value2 command no longer displays the hash key. A4(1.1) Added the active-conn-count, ip-netmask, time-to-expire, count, and deatil options. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A4(1.1) Added the active-conn-count, ip-netmask, time-to-expire, count, and deatil options.1-226 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show sticky command output, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To display sticky statistics for the client with a source IP address of 192.168.12.15, enter: host1/Admin# show sticky database client 192.168.12.15 Related Commands (config-sfarm-host-rs) cookie-string A3(2.2) When you enable cookie insertion through the cookie insert command in sticky-cookie configuration mode, the show sticky database static http-cookie command no longer displays the hash key. A3(2.6) This command displays the source and destination addresses in dotted-decimal notation instead of the hexadecimal equivalent. ACE Appliance Release Modification1-227 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show sticky hash To correlate a known cookie or URL value with its corresponding sticky database entry (hash), use the show sticky hash command. This command allows you to generate the hash value from a known cookie or URL value using the same algorithm that is used by the URL and cookie hashing function. show sticky hash text Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To generate the hash value for the cookie value 1.1.1.10, enter the following command: host1/Admin# show sticky hash 1.1.1.10 Hash: 0x8a0937592c500bfb - 9946542108159511547 Now you can display the sticky database for a particular sticky group and match the generated hash with the sticky entry (hash) in the sticky database. For example, to display the sticky database for the group STICKY_GROUP1, enter the following command: host1//Admin# show sticky database group STICKY_GROUP1 sticky group : STICKY_GROUP1 type : HTTP-COOKIE timeout : 1440 timeout-activeconns : FALSE sticky-entry rserver-instance time-to-expire flags --------------------+----------------+----------------+-------+ 9946542108159511547 SERVER1:80 86390 - Related Commands show sticky database text Cookie or URL text for which you want to calculate the hash value. Enter the cookie or URL value as an unquoted text string with no spaces and with a maximum of 1024 alphanumeric characters. If you want to include spaces in the text string, enclose the text string in quotation marks (“ ”) ACE Module/Appliance Release Modification A4(1.0) This command was introduced.1-228 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show conn sticky To display all the connections that are linked to a sticky entry, use the show conn sticky internal_id command. This command is useful in identifying why a sticky entry does not timeout. show conn sticky internal_id Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples The following example shows how to use the two above-mentioned commands to display all the connections associated with a particular sticky entry. To obtain the internal IDs of sticky database entries, enter the following command: switch/Admin# show sticky database static detail | i internal internal entry-id: 0x200006 internal entry-id: 0x200007 After you have obtained an internal sticky id, use the show conn sticky command to display all the connections linked to that sticky entry as follows: switch/Admin# show conn sticky 0x200006 conn-id np dir proto vlan source destination state -------+--+---+-----+----+-------------------+----------------+------+ 242 1 in TCP 20 192.168.20.45:44425192.168.20.15:80 ESTAB 243 1 out TCP 40 192.168.40.28:80 192.168.20.45:44425 ESTAB switch/Admin# show conn sticky 0x200007 conn-id np dir proto vlan source destination state -------+--+---+-----+----+-----------------+-----------------+------+ switch/Admin# Related Commands show sticky database internal_id internal identifier of a sticky entry in the sticky database. ACE Module/Appliance Release Modification A4(1.0) This command was introduced.1-229 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show syn-cookie To display SYN cookie statistics, use the show syn-cookie command. To display SYN cookie statistics for all VLANs that are configured in the current context, enter the command with no arguments. show syn-cookie [vlan number] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To display SYN cookie statistics for VLAN 100, enter: host1/C1# show syn-cookie vlan 100 Related Commands clear syn-cookie vlan number Instructs the ACE to display SYN cookie statistics for the specified interface. Enter an integer from 2 to 2024. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-230 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show system To display the ACE system information, use the show system command. show system {cpuhog} | {error-id {hex_id | list} | internal {aaa {event-history {errors | msgs} | mem-stats} | dmesg | log {boot {kickstart | system} | install [details]} | mts {buffers [age seconds | details | node name | order | sap number | sap_all | summary] | memory | opcode} | radius event-history {errors | msgs} | sysmgr {event-history {errors | msgs} | service {all [detail] | local [detail] | name service_name [dependencies | policies | seqnotbl] | not-running [details] | pid id [config | dependencies | log] | running [details] | uuid hex_id [config | dependencies]} | startup-config {locks | state} | state | time} | tacacs+ event-history {errors | msgs} | urifs | vshd {config-intro | feature-list | license-info | log {running-config | tree-table} | subtype-table | tree-table}} | kcache | kmem | kmemtrack | resources | skbtrack | uptime | watchdog [lcp | memory | scp]} [|] [>] Syntax Description cpuhog Displays the largest amount of time that a driver was executing in the kernel. This keyword is intended for use by trained Cisco personnel for troubleshooting purposes only. error-id Displays description about errors. This keyword is available in all user contexts. hex_id Error ID in hexadecimal format. The range is from 0x0 to 0xffffffff. list Specifies all error IDs. internal Displays Cisco internal system-related functions. The internal keywords and related keywords, options, and arguments are intended for use by trained Cisco personnel for troubleshooting purposes only. This option is available in the Admin context only. kcache Displays Linux kernel cache statistics. kmem Displays Linux kernel memory statistics. kmemtrack Displays how the kernel memory is being currently used. This keyword is intended for use by trained Cisco personnel for troubleshooting purposes only. resources Displays system-related CPU and memory statistics. skbtrack Displays the allocation and deallocation of network buffers in the drivers. This keyword is intended for use by trained Cisco personnel for troubleshooting purposes only. uptime Displays how long the ACE has been up and running. This keyword is available in all user contexts.1-231 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin context User contexts (error-id and uptime keywords only) Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show system command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display system resource information, enter: host1/Admin# show system resources watchdog [lcp | memory | scp] Displays whether the watchdog is enabled or disabled, and its timeout. When you enter this keyword without an option, all watchdogs are displayed. To display a specific watchdog, enter one of the following options: • lcp—(ACE module only) Displays the LCP process watchdog • memory—Displays whether the low memory watchdog is enabled or disabled, and its timeout. • scp—(ACE module only) Displays the watchdog for SCP keepalive messages from the hardware timer interrupt level The system watchdog command allows you to configure the Memory watchdog timeout. (ACE module only) The LCP and SCP timeouts are not configurable. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The watchdog keyword was added. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The dmseg and watchdog memory keywords were added.1-232 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands system watchdog show tacacs-server To display the configured Terminal Access Controller Access Control System Plus (TACACS+) server and server group parameters, use the show tacacs-server command. show tacacs-server [groups | sorted] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show tacacs-server command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display the configured TACACS+ server parameters, enter: host1/Admin# show tacacs-server To display the configured TACACS+ server groups, enter: host1/Admin# show tacacs-server groups To display the sorted TACACS+ servers, enter: host1/Admin# show tacacs-server sorted groups (Optional) Displays configured TACACS+ server group information. sorted (Optional) Displays TACACS+ server information sorted by name. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-233 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands (config) aaa group server (config) tacacs-server deadtime (config) tacacs-server host (config) tacacs-server key (config) radius-server timeout show tcp statistics To display the Transmission Control Protocol (TCP) statistics, use the show tcp statistics command. show tcp statistics [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show tcp statistics command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display TCP statistics, enter: host1/Admin# show tcp statistics Related Commands clear tcp statistics | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-234 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show tech-support To display information that is useful to technical support when reporting a problem with your ACE, use the show tech-support command. show tech-support [details] [|] [>] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The show tech-support command is useful when collecting a large amount of information about your ACE for troubleshooting purposes with Cisco technical support. The output of this command can be provided to technical support representatives when reporting a problem. details (Optional) Provides detailed information for each of the show commands described below in the “Usage Guidelines” section. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) This command no longer displays the following: • All show acl-merge acls vlan command output • All show acl-merge merge-list vlan number out command output It also now displays a maximum of four VLANs. A3(2.6) This command no longer executes the following commands: • show optimization-debug • show np 1 me-stats “-W number”1-235 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands The show tech-support command displays the output of several show commands at once. The output from this command varies depending on your configuration. The default output of the show tech-support command includes the output of the following commands: • show hardware—See the show hardware command. • show interface—See the show interface command. • show process—See the show processes command. • show running-config—See the show running-config command. • show system internal dmesg—See the show system command. • show version—See the show version command. Explicitly set the terminal length command to 0 (zero) to disable autoscrolling and enable manual scrolling. Use the show terminal command to view the configured terminal size. After obtaining the output of this command, reset your terminal length as required. You can save the output of this command to a file by appending > filename to the show tech-support command. If you save this file, verify that you have sufficient space to do so as each of these files may take about 1.8 MB. For information about the fields in the show tech-support command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the summary version of the technical support report, enter: host1/Admin# show tech-support Related Commands show fifo show hardware show interface show processes show running-config show terminal show version show telnet To display the information about the Telnet session, use the show telnet command. show telnet [maxsessions] [context_name] [|] [>] Syntax Description maxsessions (Optional) Displays the maximum number of enabled Telnet sessions. context_name (Optional) Name of an existing context. Use the context_name argument to display Telnet information that pertains only to the specified context. The context_name argument is case sensitive.1-236 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you do not include the optional maxsessions keyword, the ACE displays the following Telnet information: • Session ID—Unique session identifier for the Telnet session • Remote host—IP address and port of the remote Telnet client • Active time—Time since the Telnet connection request was received by the ACE For information about the fields in the show telnet command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display the current Telnet information, enter: host1/Admin# show telnet Related Commands clear telnet telnet (config) class-map show terminal To display the console terminal settings, use the show terminal command. show terminal [internal info] [|] [>] | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-237 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show terminal command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the console terminal settings, enter: host1/Admin# show terminal Related Commands terminal show udp statistics To display the User Datagram Protocol (UDP) statistics, use the show udp statistics command. show udp statistics [|] [>] internal info (Optional) Displays terminal internal information. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-238 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show udp statistics command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display UDP statistics, enter: host1/Admin# show udp statistics Related Commands clear udp statistics show user-account To display user account information, use the show user-account command. show user-account [user_name] [|] [>] Syntax Description | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. user_name (Optional) Name of user.1-239 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command Modes Exec Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To display the user account information for all users, do not specify a user with the optional user_name argument. For information about the fields in the show user-account command output, see the Administration Guide, Cisco ACE Application Control Engine. The Account Expiry field for this command displays the date, if any, when the user account expires. This date is based on Coordinated Universal Time (UTC/GMT), which the ACE keeps internally. If you use the clock timezone command to configure a UTC offset, this field displays the UTC date and does not reflect the date with the offset as displayed by the show clock command. Examples To display the account information for all users, enter: host1/Admin# show user-account Related Commands show users (config) username show users To display the information for users that are currently logged in to the ACE, use the show users command. show users [user_name] [|] [>] | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-240 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To display the information for all users that are currently logged in to the ACE, do not specify a user with the optional user_name argument. For information about the fields in the show users command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display information for all users that are currently logged in to the ACE, enter: host1/Admin# show users Related Commands clear user show user-account (config) username show version To display the version information of system software that is loaded in flash memory and currently running on the ACE, use the show version command. show version [|] [>] user_name (Optional) Name of user. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-241 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The show version command also displays information related to the following ACE hardware components: • (ACE module only) Slot number—Slot number that the ACE occupies on the Catalyst 6500 series chassis. • CPU—Number of CPUs and type and model • Memory—Total and shared volatile memory • Flash memory—Total and used flash memory Use the show version command to verify the software version on the ACE before and after an upgrade. For information about the fields in the show version command output, see the Administration Guide, Cisco ACE Application Control Engine. Examples To display the software version information, enter: host1/Admin# show version Related Commands show tech-support | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-242 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show vlans To display the VLANs on the ACE, use the show vlans command. For the ACE module, they are downloaded from the supervisor engine in the Catalyst 6500 series switch show vlans [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show vlans command output, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. Examples To display the VLANs on the ACE, enter: host1/Admin# show vlans Related Commands This command has no related commands. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-243 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show vm-controller To display the VM controller connection statistics, use the show vm-controller command. show vm-controller [name] [detail] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To display detailed VM controller statistics, enter: host1/Admin# show vm-controller VCENTER1 detail Related Commands (config) vm-controller name Configured identifier of the VM controller. Enter the name of an existing VM controller as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. detail Displays additional fields for the vendor and the URL location of the VM controller. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.1-244 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show vnet To display information about the virtual network (VNET) device, use the show vnet command. show vnet {event-history | stats} [|] [>] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To display VNET device statistics for the control plane, enter: host1/Admin# show vnet stats Related Commands clear vnet stats event-history Displays a historic log of the most recent debug VNET messages. stats Displays detailed counters for various VNET events. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-245 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands show xlate To display information about the IP and port translation (XLATE), use the show xlate command. show xlate [global {ip_address1 [ip_address2 [/prefix-length | netmask mask1]]}] [local {ip_address3 [ip_address4 [/prefix-length2 | netmask mask2]]}] [gport port1 [port2]] [lport port1 [port2]] [|] [>] Syntax Description Command Modes Exec Admin context only Command History global ip_address1 ip_address2 (Optional) Displays information for a global IPv6 or IPv4 address or a range of global IPv6 or IPv4 addresses to which the ACE translates source addresses for static and dynamic NAT. To specify a range of IP addresses, enter a second IP address. /prefix-length IPv6 prefix length that specifies the number of bytes used for the network identifier. netmask mask (Optional) Specifies a subnet mask for the specified IP addresses. local ip_address3 ip_address4 (Optional) Displays information for a local IP address or a range of local IP addresses. To specify a range of local IP addresses, enter a second IP address. gport port1 port2 (Optional) Displays information for a global port or a range of global ports to which the ACE translates source ports for static port redirection and dynamic PAT. Enter a port number as an integer from 0 to 65535. To specify a range of port numbers, enter a second port number. lport port1 port2 (Optional) Displays information for a local port or a range of local ports. Enter a port number as an integer from 0 to 65535. To specify a range of port numbers, enter a second port number. | (Optional) Pipe character (|) for enabling an output modifier that filters the command output. For a complete description of the options available for filtering the command output, see the show command. > (Optional) Greater-than character (>) for enabling an output modifier that redirects the command output to a file. For a complete description of the options available for redirecting the command output, see the show command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-246 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Usage Guidelines This command requires the NAT feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the fields in the show xlate command output, see the Security Guide, Cisco ACE Application Control Engine. Examples To display IP and XLATE information, enter: host1/Admin# show xlate global 172.27.16.3 172.27.16.10 netmask 255.255.255.0 gport 100 200 Related Commands clear xlate ssh To initiate a Secure Shell (SSH) session with another device, use the ssh command. ssh {hostname | user@hostname} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To initiate an SSH session with the host 196.168.12.10, enter: host1/Admin# ssh 196.168.12.10 To initiate an SSH session with USER1 on HOST1, enter: host1/Admin# ssh USER1@HOST1 hostname Name or IP address of the host to access. If no username is specified, the default is “admin.” Enter up to 64 alphanumeric characters. user Username on a host. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-247 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands clear ssh show ssh (config) class-map (config) login timeout (config) ssh key (config) ssh maxsessions1-248 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands system internal To generate a debug snapshot of a service, use the system internal command. system internal snapshot service {name} Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin role in the Admin context. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. Examples To take a snapshot of a service, enter: host1/Admin# system internal snapshot service Related Commands This command has no related commands. snapshot service Specifies debug snapshots of a service. name Name of a system service for which you want to take a snapshot. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-249 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands system watchdog To enable all system watchdogs or the specific system watchdog, use the system watchdog command. When you enter this command without an option, all watchdogs are enabled. By default, the watchdogs are enabled. Use the no form of this command to disable the system watchdogs. When you disable the low memory watchdog, its timeout is reset to its default. system watchdog [lcp | memory [timeout seconds] | scp] system no watchdog [lcp | memory | scp] Syntax Description Command Modes Exec Admin context only Command History Usage Guidelines This command requires the Admin role in the Admin context. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is intended for use by trained Cisco personnel for troubleshooting purposes only. When you are troubleshooting the ACE, disable the watchdog timeout to prevent the ACE from rebooting. lcp (Optional, ACE module only) Enables the watchdog for the LCP process. The current SCP watchdog watches this process. However, if the LCP process is not scheduled on time, this watchdog reboots the ACE. memory (Optional) Enables the low memory watchdog when the ACE memory reaches 99 percent. timeout seconds (Optional) Configures the low memory watchdog timeout in seconds. Enter a number from 5 to 180. The default is 90. To change the timeout, reenter the system watchdog memory timeout seconds command. When reenable a disabled watchdog, the timeout is reset to its default value. scp (Optional, ACE module only) Enables the watchdog that monitors the SCP keepalive messages from the hardware timer interrupt level. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(2.4) The lcp, memory and scp options were added. The system watchdog command now enables all watchdogs. Previously, it enabled only the SCP watchdog timer. ACE Appliance Release Modification A4(1.0) This command was introduced.1-250 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To enable the low memory system watchdog after it has been disabled, enter: host1/Admin# system watchdog memory To disable the low memory system watchdog, enter: host1/Admin# system no watchdog memory Related Commands show system1-251 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands tac-pac To save Technical Assistance Center (TAC) information to a local or remote location, use the tac-pac command. tac-pac [ftp://server/path[/filename] | scp://server/path[/filename] | sftp://[username@]server/path[/filename] | tftp://server[:port]/path[/filename] | disk0:[path/]filename] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The TAC information that the ACE saves when using the tac-pac command is the same information that you can display using the show tech-support command. If you do not specify a directory on a file system, the default is the root directory. The output of the show tech-support command is in gzip format. We recommend that you include the .gz extension in the filename so that it can be easily unzipped from the destination filesystem. Examples To save TAC information and send the output of the show tech-support command to a remote FTP server, enter: host1/Admin# tac-pac ftp://192.168.1.2/tac-output_10-7-07.gz ftp: (Optional) Specifies the File Transfer Protocol network server as the destination. scp: (Optional) Specifies the Secure Copy network server as the destination. sftp: (Optional) Specifies the Secure File Transfer Protocol network server as the destination. tftp: (Optional) Specifies the Trivial File Transfer Protocol network server as the destination. disk0: (Optional) Specifies the disk0: file system in flash memory on the ACE as the destination. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-252 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Related Commands This command has no related commands.1-253 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands telnet To initiate a Telnet session with another network device, use the telnet command. telnet ip_address [port] Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To open a Telnet session with another network device, enter: host1/Admin# telnet 192.126.2.1 Related Commands clear telnet show telnet (config) class-map (config) login timeout ip_address IP address of the network host. Enter an IP address in dotted-decimal notation (for example, 172.16.1.10). port (Optional) Port number on network host. The range is from 0 to 2147483647. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-254 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands terminal To configure the terminal display settings, use the terminal command. terminal {length lines | monitor | no | session-timeout minutes | terminal-type text | width characters} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the show terminal command to display the current terminal settings. length lines Sets the number of lines displayed on the current terminal screen. This command is specific to the console port only. Telnet and Secure Shell (SSH) sessions set the length automatically. Valid entries are from 0 to 511. The default is 24 lines. A value of 0 instructs the ACE to scroll continuously (no pausing) and overrides the terminal width command. monitor Displays the syslog output on the terminal for the current terminal and session. To enable the various levels of syslog messages to the terminal, use the logging monitor command in configuration command mode. no Negates a command or sets it back to its default value. session-timeout minutes Specifies the session timeout value in minutes to configure the automatic logout time for the current terminal session on the ACE. When you exceed the time limit configured by this command, the ACE closes the session and exits. The range is 0 to 525600. The default is 5 minutes. You can set the terminal session-timeout value to 0 to disable this feature so that the terminal remains active until you choose to exit the ACE. The ACE does not save this change in the configuration file. terminal-type text Specifies the name and type of the terminal used to access the ACE. If a Telnet or SSH session specifies an unknown terminal type, the ACE uses the VT100 terminal by default. Specify a text string from 1 to 80 alphanumeric characters. width characters Sets the number of characters displayed on the current terminal screen. This command is specific to only the console port. Telnet and SSH sessions set the width automatically. Valid entries are from 24 to 512. The default is 80 columns. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-255 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands All terminal parameter-setting commands are set locally and do not remain in effect after you end a session. You must perform this task at the Exec prompt at each session to see the debugging messages. Examples To specify the VT100 terminal, set the number of screen lines to 35, and set the number of characters to 250, enter: host1/Admin# terminal terminal-type vt220 host1/Admin# terminal length 35 host1/Admin# terminal width 250 To specify a terminal timeout of 600 minutes for the current session, enter host1/Admin# terminal session-timeout 600 To set the width to 100 columns, enter: host1/Admin# terminal width 100 To set the width to its default of 80 columns, enter: host1/Admin# terminal no width To start the current terminal monitoring session, enter: host1/Admin# terminal monitor To stop the current terminal monitoring session, enter: host1/Admin# terminal no monitor Related Commands show terminal (config) login timeout traceroute To trace the route that an IP packet takes to a network host from the ACE, use the traceroute command. traceroute [ip | ipv6 [ip_address [size packet]] Syntax Description Command Modes Exec Admin and user contexts ip | ipv6 (Optional) Specifies the IPv4 or IPv6 protocol. If you do not specify the IP protocol, it is inferred from the address. ip_address (Optional) IP address of the network host. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). size packet (Optional) Specifies the packet size. Enter a number from 40 to 452. The default is 40.1-256 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command traces the route that an IP packet follows to an Internet host by launching User Datagram Protocol (UDP) probe packets with a small time to live (TTL), and then listening for an Internet Control Message Protocol (ICMP) “time exceeded” reply from a gateway. Examples IPv6 Example To trace the IPv6 address 2001:DB8:1::2, enter the following command: host1/Admin# traceroute ipv6 2001:DB8:1::2 To terminate a traceroute session, press Ctrl-C. IPv4 Example To display the route that a packet takes from the ACE to a network host with the IP address 196.126.1.2, enter: host1/Admin# traceroute 196.126.1.2 Related Commands ping undebug all To disable all debugging, use the undebug all command. undebug all Syntax Description This command has no keywords or arguments. Command Modes Exec Admin and user contexts ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.1-257 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Command History Usage Guidelines This command is available to all user roles that allow debugging and is not available to network monitor or technician users. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE debug commands are intended for use by trained Cisco personnel only. Entering these commands may cause unexpected results. Do not attempt to use these commands without guidance from Cisco support personnel. Examples To disable all debugging, enter: host1/Admin# undebug all Related Commands debug ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-258 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands untar disk0: To untar a single file with a .tar extension in the disk0: file system, use the untar command. untar disk0:[path/]filename Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The copy licenses disk0: command creates backup .tar license files on the ACE. If a license becomes corrupted or lost, or you accidently remove the license on the ACE, you can untar the license and reinstall it. You must use the untar command in the Admin context to untar a backup tar license file. Examples To untar the mylicense.tar file on disk0, enter: host1/Admin# untar disk0:mylicenses.tar Related Commands copy licenses gunzip [path/]filename Name of the .tar file on the disk0: file system. The filename must end with a .tar extension. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-259 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands write To manage persistent and nonpersistent configuration information, use the write command. write {erase | memory [all] | terminal} Syntax Description Exec Admin and user contexts Command History Usage Guidelines For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The different versions of this command require the following user role or feature in your user role: • write erase—Admin user • write memory—config-copy feature • write all—Admin user The write erase command does not remove license files or crypto files (certs and keys) from the ACE. To remove license files, see the license uninstall command. To remove crypto files, see the crypto delete command. If you intend to use the write memory command to save the contents of the running-configuration file for the current context to the startup-configuration file, you must also specify this command in the Admin context. Saving changes to the Admin context startup-configuration file is important because the Admin context startup-configuration file contains all configurations that are used to create each user context. To write the running configuration to the startup configuration, you can also use the copy running-config startup-config command. To erase the startup configuration, you can also use the clear startup-config command. To display the running configuration, use the show running-config command. erase Erases the entire startup configuration with the exception of any configuration that affects the loader functionality. The startup configuration then reverts back to the factory-default values. The running configuration is not affected. memory Writes the running configuration to the startup configuration. all (Optional) Writes configurations for all existing contexts. This keyword is available only in the Admin context. terminal Writes the running configuration to the terminal. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-260 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands Examples To write running configuration to the startup configuration, enter: host1/Admin# write memory Related Commands clear startup-config show running-config xml-show To enable the display of raw XML request show command output in XML format, use the xml-show command. xml show {off | on | status} Syntax Description Command Modes Exec Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, XML responses will automatically appear in XML format if the corresponding CLI show command output supports the XML format. However, if you are running commands on the CLI console or you are running raw XML responses from NMS, the XML responses appear in regular CLI display format. You can enable the display of raw XML request show command output in XML format by performing one of the following actions: • Specifying the xml-show on command in Exec mode from the CLI, or • Including the xml-show on command in the raw XML request itself (CLI commands included in an XML wrapper). Specification of the xml-show on command is not required if you are running true XML. off Displays CLI show command output in regular CLI display output, not in XML format. on Displays CLI show command output in XML format unless a specific show command is not implemented to display its output in XML format. status Displays the current setting of the xml-show command (on or off). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.1-261 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 1 CLI Commands Exec Mode Commands For details on the show command output supported in XML format, consult the ACE schema file, schema.xsd for the ACE module or for the ACE appliance, that is included as part of the software image (see the Administration Guide, Cisco ACE Application Control Engine). The ACE schema File contains the information on the XML attributes for those show output commands that support XML format. The off and on keywords affect only the current CLI session in use; they are session-based functions. Examples To enable the display of raw XML request show command output in XML format from the CLI, enter: host1/Admin# xml-show on Related Commands This command has no related commands.2-262 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Configuration Mode Commands Configuration mode commands allow you to configure global ACE parameters that affect the following contexts: • All contexts, when configured in the Admin context • A single user context, when configured in that context Configuration mode also allows you to access all the ACE subordinate configuration modes. These modes provide parameters to configure the major features of the ACE, including access control lists (ACLs), application protocol inspection, fragmentation and reassembly, interfaces, Network Address Translation (NAT), persistence (stickiness), protocols, redundancy, routing, scripts, Secure Sockets Layer (SSL), server load balancing (SLB), TCP/IP normalization, users, and virtualization. To access configuration mode, use the config command. The CLI prompt changes to (config). See the individual command descriptions of all the configuration mode commands on the following pages. Command Modes Exec mode Admin and user contexts Command History Usage Guidelines This command requires one or more features assigned to your user role that allow configuration, such as AAA, interface, or fault-tolerant. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To access configuration mode, enter: host1/Admin# config host1/Admin(config)# Related Commands show running-config show startup-config ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-263 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) aaa accounting default To configure the default accounting method, use the aaa accounting default command. You specify either a previously created AAA server group that identifies separate groups of Terminal Access Controller Access Control System Plus (TACACS+) or Remote Authentication Dial-In User Service (RADIUS) servers or the local database on the ACE. Use the no form of this command to remove the accounting method. aaa accounting default {group group_name} {local} {none} no aaa accounting default {group group_name} {local} {none} Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To enable user accounting to be performed using remote TACACS+ servers, followed by local login as the fallback method, enter: host1/Admin(config)# aaa accounting default group TacServer local Related Commands show aaa show accounting log (config) aaa authentication login group group_name Associates the accounting method with a TACACS+ or RADIUS server defined previously through the aaa group server command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. local Specifies to use the local database on the ACE as the accounting method. none Specifies that the ACE does not perform password verification, which disables password verification. If you configure this option, users can log in without providing a valid password. Note Only users with an Admin role can configure the none keyword. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-264 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) aaa group server2-265 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) aaa authentication login To configure the authentication method used for login to the ACE CLI, use the aaa authentication login command. Use the no form of this command to disable the authentication method. aaa authentication login {{console | default} {{group group_name} {local} {none}}} | error-enable no aaa authentication login {{console | default} {{group group_name} {local} {none}}} | error-enable Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the error-enable option cautiously. If you specify none, any user will be able to access the ACE at any time. console Specifies the console port login authentication method, identified by the specified server group. default Specifies the default login authentication method (by console or by Telnet or Secure Shell [SSH] session) that is identified by the specified server group. group group_name Associates the login authentication process with a Terminal Access Controller Access Control System Plus (TACACS+), Remote Authentication Dial-In User Service (RADIUS), or Lightweight Directory Access Protocol (LDAP) server defined through the aaa group server command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. local Specifies to use the local database on the ACE as the login authentication method. If the server does not respond, then the local database is used as the fallback authentication method. none Specifies that the ACE does not perform password verification. If you configure this option, users can log in to the ACE without providing a valid password. Note Only users with an Admin role can configure the none keyword. error-enable Enables the display of the login error message when the remote AAA servers fail to respond. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-266 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To view the current display status, use the show aaa authentication login error-enable command. When a user attempts to log in, and the remote AAA servers do not respond to the authentication request, the ACE processes the login sequence by switching to local user database. Examples To enable console authentication using the TACSERVER server group, followed by local login as the fallback method, enter: host1/Admin(config)# aaa authentication login console group TACSERVER local Password verification remains enabled for login authentication. To turn off password validation, enter: host1/Admin(config)# aaa authentication login console group TACSERVER local none Related Commands show aaa (config) aaa accounting default (config) aaa group server (config) aaa group server To configure independent server groups of Terminal Access Controller Access Control System Plus (TACACS+), Remote Authentication Dial-In User Service (RADIUS), or Lightweight Directory Access Protocol (LDAP) servers, use the aaa group server command. Use the no form of this command to remove a server group. aaa group server {ldap | radius | tacacs+} group_name no aaa group server {ldap | radius | tacacs+} group_name Syntax Description Command Modes Configuration mode Admin and user contexts ldap Specifies an LDAP directory server group. For information about the commands in the LDAP server configuration mode, see the “LDAP Configuration Mode Commands” section. radius Specifies a RADIUS server group. For information about the commands in the RADIUS server configuration mode, see the “RADIUS Configuration Mode Commands” section. tacacs+ Specifies a TACACS+ server group. For information about the commands in the TACACS+ server configuration mode, see the “TACACS+ Configuration Mode Commands” section. group_name Name for the LDAP, RADIUS, or TACACS+ server group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-267 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A server group is a list of server hosts of a particular type. The ACE allows you to configure multiple TACACS+, RADIUS, and LDAP servers as a named server group. You group the different AAA server hosts into distinct lists. The ACE searches for the server hosts in the order in which you specify them within a group. You can configure a maximum of 10 server groups for each context in the ACE. You can configure server groups at any time, but they take effect only when you apply them to the AAA service using the aaa authentication login or the aaa accounting default commands. To create a AAA server group and access one of the three AAA server group configuration modes, enter the aaa group server ldap, aaa group server radius, or aaa group server tacacs+ command in configuration mode. The CLI prompt changes to (config-ldap), (config-radius), or (config-tacacs+). In this mode, you specify the IP address of one or more previously configured servers that you want added to or removed from the server group. Examples To create a RADIUS server group and add a previously configured RADIUS server, enter: (config)# aaa group server radius RAD_Server_Group1 host1/Admin(config-radius)# server 192.168.252.1 host1/Admin(config-radius)# server 192.168.252.2 host1/Admin(config-radius)# server 192.168.252.3 Related Commands show aaa show running-config (config) aaa accounting default (config) aaa authentication login (config) access-group To apply an IPv4 or IPv6 access control list (ACL) to the inbound direction on all VLAN interfaces in a context and make the ACL active, use the access-group command. Use the no form of this command to remove an ACL from all interfaces in a context. access-group input acl_name no access-group input acl_name ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-268 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the access-list feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use this command to apply an IPv6 or an IPv4 ACL to a single interface or all interfaces in a context. You must apply an ACL to an interface to allow the passing of traffic on that interface. This command enables you to apply an ACL to all interfaces in a context in the inbound direction only and to allow traffic on all interfaces simultaneously. The following considerations apply: • You can use the access-group command in configuration mode only if there are no interfaces in the context to which you have applied an ACL previously using the (config-if) access-group command in interface configuration mode. • If you have applied an ACL globally to all interfaces in a context, you cannot apply an ACL to an individual interface using the (config-if) access-group command in interface configuration mode. • You can apply one Layer 2 ACL and one Layer 3 ACL globally to all interfaces in a context. • You can apply both a Layer 3 and a Layer 2 ACL to all Layer 2 bridge-group virtual interfaces (BVIs) in a context. • On Layer 3 virtual LAN (VLAN) interfaces, you can apply only Layer 3 ACLs. You can apply one IPv6 and one IPv4 ACL in each direction on a Layer 3 VLAN interface. • In a redundant configuration, the ACE does not apply a global ACL to the FT VLAN. For details about redundancy, see the Administration Guide, Cisco ACE Application Control Engine. For complete details on ACLs, see the Security Guide, Cisco ACE Application Control Engine. Examples To apply an ACL named INBOUND to the inbound direction of all interfaces in the Admin context, enter: host1/Admin(config)# access-group input INBOUND To remove an ACL from all interfaces in the Admin context, enter: input Specifies the inbound direction of all interfaces in a context on which you want to apply the ACL acl_name Identifier of an existing ACL that you want to apply to an interface ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-269 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands host1/Admin(config)# no access-group input INBOUND Related Commands (config-if) access-group show access-list2-270 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) access-list ethertype To configure an EtherType access control list (ACL), use the access-list ethertype command. Use the no form of this command to remove the ACL from the configuration. access-list name ethertype {deny | permit} {any | bpdu | ipv6 | mpls} no access-list name ethertype {deny | permit} {any | bpdu | ipv6 | mpls} Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the access-list feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can configure an ACL that controls traffic based on its EtherType. An EtherType is a subprotocol identifier. EtherType ACLs support Ethernet V2 frames. EtherType ACLs do not support 802.3-formatted frames because they use a length field instead of a type field. Bridge protocol data units (BPDUs) are exceptions because they are SNAP-encapsulated, and the ACE is designed to specifically handle BPDUs. You can permit or deny BPDUs. By default, all BPDUs are denied. The ACE receives trunk port (Cisco proprietary) BPDUs because ACE ports are trunk ports. Trunk BPDUs have VLAN information inside the payload, so the ACE modifies the payload with the outgoing VLAN if you permit BPDUs. BPDU packets are not subjected to bandwidth policing in a bridge-mode configuration. You can configure an EtherType ACL only on a Layer 2 interface in the inbound direction. name Unique identifier of the ACL. Enter an unquoted text string with a maximum of 64 alphanumeric characters. ethertype Specifies a subprotocol of type: any, bpdu, ipv6, or mpls. deny Blocks connections on the assigned interface. permit Allows connections on the assigned interface. any Specifies any EtherType. bpdu Specifies bridge protocol data units. ipv6 Specifies Internet Protocol version 6. mpls Specifies Multiprotocol Label Switching. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(2.4) BPDU packets are not subjected to bandwidth policing in a bridge-mode configuration. ACE Appliance Release Modification A1(7) This command was introduced.2-271 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands When you specify the mpls keyword in an EtherType ACL, the ACE denies or permits both MPLS-unicast and MPLS-multicast traffic. Examples To configure an ACL that controls traffic based on its EtherType, enter: (config)# access-list INBOUND ethertype permit mpls Related Commands clear access-list show access-list2-272 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) access-list extended To create an extended ACL, use the access-list extended command. The two major types of extended ACLs are as follows: • Non-ICMP ACLs • ICMP ACLs Use the no form of this command to delete the ACL. IPv6 Syntax For a non-ICMP extended ACL, the syntax is as follows: access-list name [line number] extended {deny | permit} {protocol {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length | object-group net_obj_grp_name} [operator port1 [port2]] {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length | object-group net_obj_grp_name} [operator port3 [port4]]} | {object-group service_obj_grp_name} {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length | object-group net_obj_grp_name} {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length | object-group net_obj_grp_name} no access-list name [line number] extended {deny | permit} {protocol {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length | object-group net_obj_grp_name} [operator port1 [port2]] {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length | object-group net_obj_grp_name} [operator port3 [port4]]} | {object-group service_obj_grp_name} {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length | object-group net_obj_grp_name} {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length | object-group net_obj_grp_name} For an ICMP-extended ACL, the syntax is as follows: access-list name [line number] extended {deny | permit} {icmpv6 {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length| object_group net_obj_grp_name} {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length| object_group network_grp_name} [icmp_type [code operator code1 [code2]]]} | {object-group service_obj_grp_name} {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length| object-group net_obj_grp_name} {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length| object-group net_obj_grp_name} no access-list name [line number] extended {deny | permit} {icmpv6 {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length| object_group net_obj_grp_name} {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length| object_group network_grp_name} [icmp_type [code operator code1 [code2]]]} | {object-group service_obj_grp_name} {anyv6 | host src_ipv6_address | src_ipv6_address/prefix_length| object-group net_obj_grp_name} {anyv6 | host dest_ipv6_address | dest_ipv6_address/prefix_length| object-group net_obj_grp_name} IPv4 Syntax For a non-ICMP extended ACL, the syntax is as follows: access-list name [line number] extended {deny | permit} {protocol {any | host src_ip_address | src_ip_address netmask | object-group net_obj_grp_name} [operator port1 [port2]] {any | host dest_ip_address | dest_ip_address netmask | object-group net_obj_grp_name} [operator port3 [port4]]}2-273 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands |{object-group service_obj_grp_name} {any | host src_ip_address | src_ip_address netmask | object-group net_obj_grp_name} {any | host dest_ip_address | dest_ip_address netmask | object-group net_obj_grp_name} no access-list name [line number] extended {deny | permit} {protocol {any | host src_ip_address | src_ip_address netmask | object-group net_obj_grp_name} [operator port1 [port2]] {any | host dest_ip_address | dest_ip_address netmask | object-group net_obj_grp_name} [operator port3 [port4]]} |{object-group service_obj_grp_name} {any | host src_ip_address | src_ip_address netmask | object-group net_obj_grp_name} {any | host dest_ip_address | dest_ip_address netmask | object-group net_obj_grp_name} For an ICMP-extended ACL, the syntax is as follows: access-list name [line number] extended {deny | permit} {icmp {any | host src_ip_address | src_ip_address netmask | object_group net_obj_grp_name} {any | host dest_ip_address | dest_ip_address netmask | object_group network_grp_name} [icmp_type [code operator code1 [code2]]]} |{object-group service_obj_grp_name} {any | host src_ip_address | src_ip_address netmask | object-group net_obj_grp_name} {any | host dest_ip_address | dest_ip_address netmask | object-group net_obj_grp_name} no access-list name [line number] extended {deny | permit} {icmp {any | host src_ip_address | src_ip_address netmask | object_group net_obj_grp_name} {any | host dest_ip_address | dest_ip_address netmask | object_group network_obj_grp_name} [icmp_type [code operator code1 [code2]]]} |{object-group service_obj_grp_name} {any | host src_ip_address | src_ip_address netmask | object-group net_obj_grp_name} {any | host dest_ip_address | dest_ip_address netmask | object-group net_obj_grp_name} Syntax Description name Unique identifier of the ACL. Enter an unquoted text string with a maximum of 64 alphanumeric characters. line number (Optional) Specifies the line number position where you want the entry that you are configuring to appear in the ACL. The position of an entry affects the lookup order of the entries in an ACL. If you do not configure the line number of an entry, the ACE applies a default increment and a line number to the entry and appends it at the end of the ACL.2-274 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands extended Specifies an extended ACL. Extended ACLs allow you to specify the destination IP address and subnet mask and other parameters not available with a standard ACL. deny Blocks connections on the assigned interface. permit Allows connections on the assigned interface. protocol Name or number of an IP protocol. Enter a protocol name or an integer from 0 to 255 that represents an IP protocol number from the following: • ah—(51) Authentication Header • eigrp—(88) Enhanced IGRP • esp—(50) Encapsulated Security Payload • gre—(47) Generic Routing Encapsulation • icmp—(1) Internet Control Message Protocol (See Table 1-1 for optional ICMPv4 messaging types) • icmpv6—(58) Internet Control Message Protocol (See Table 1-2 for optional ICMPv6 messaging types) • igmp—(2) Internet Group Management Protocol • ip—(0) Internet Protocol • ip-in-ip—(4) IP-in-IP Layer 3 tunneling protocol • ospf—(89) Open Shortest Path First • pim—(103) Protocol Independent Multicast • tcp—(6) Transmission Control Protocol • udp—(17) User Datagram Protocol any Specifies the network traffic from any IPv4 source. anyv6 Specifies the network traffic from any IPv6 source. host src_ipv6_address Specifies the IPv6 address of the host from which the network traffic originates. Use this keyword and argument to specify the network traffic from a single IPv6 address. host src_ip_address Specifies the IP address of the host from which network traffic originates. Use this keyword and argument to specify the network traffic from a single IP address. src_ipv6_address/ prefix_length Traffic from a source defined by the IPv6 address and the prefix length. Use these arguments to specify network traffic from a range of IPv6 source addresses. src_ip_address netmask Traffic from a source defined by the IP address and the network mask. Use these arguments to specify the network traffic from a range of source IP addresses. object-group network_obj_grp_ name Specifies the identifier of an existing source network object group. To use object groups in an ACL, replace the normal network (source_address, mask, and so on), service (protocol operator port) or ICMP type (icmp_type) arguments with an object-group name. 2-275 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands operator (Optional) Operand used to compare source and destination port numbers for TCP, TCP-UDP, and UDP protocols. The operators are as follows: • eq—Equal to. • gt—Greater than. • lt—Less than. • neq—Not equal to. • range—An inclusive range of port values. If you entered the range operator, enter a second port number value to define the upper limit of the range. port1 [port2] TCP or UDP source port name or number from which you permit or deny services access. Enter an integer from 0 to 65535. To enter an inclusive range of ports, enter two port numbers. Port2 must be greater than or equal to port1. See Table 1-3 for a list of well-known TCP port names and numbers and Table 1-4 for a list of well-known UDP port names and numbers. dest_ipv6_address/ prefix_length IPv6 address of the network or host to which the packet is being sent and the prefix length of the IPv6 destination address. Use these arguments to specify a range of IPv6 destination addresses. dest_ip_address netmask Specifies the IP address of the network or host to which the packet is being sent and the network mask bits that are to be applied to the destination IP address. Use these arguments to specify a range of destination IP addresses. anyv6 Specifies the network traffic that goes to any IPv6 destination. any Specifies the network traffic going to any destination. host dest_ipv6_address Specifies the IPv6 address of the destination of the packets in a flow. Use this keyword and argument to specify the network traffic destined to a single IPv6 address. host destination_ address Specifies the IP address and subnet mask of the destination of the packets in a flow. Use this keyword and argument to specify the network traffic destined to a single IP address. operator (Optional) Operand used to compare source and destination port numbers for TCP, TCP-UDP, and UDP protocols. The operators are as follows: • lt—Less than. • gt—Greater than. • eq—Equal to. • neq—Not equal to. • range—An inclusive range of port values. If you enter this operator, enter a second port number value to define the upper limit of the range. port3 [port4] TCP or UDP destination port name or number to which you permit or deny access to services. To enter an optional inclusive range of ports, enter two port numbers. Port4 must be greater than or equal to port3. See Table 1-3 for a list of well-known ports. icmp_type (Optional) Type of ICMP messaging. Enter either an integer that corresponds to the ICMP code number or one of the ICMP types as described in Table 1-1. code (Optional) Specifies that a numeric operator and ICMP code follows. 2-276 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the access-list feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE does not explicitly support standard ACLs. To configure a standard ACL, specify the destination addresses as “any” and do not specify ports in an extended ACL. For the source IP address and destination IP address netmasks, the ACE supports only standard subnet mask entries in an ACL. Wildcard entries and non-standard subnet masks are not supported. For TCP and UDP connections, you do not need to also apply an ACL on the destination interface to allow returning traffic, because the ACE allows all returning traffic for established connections. You can apply only one extended ACL to each direction (inbound or outbound) of an interface. You can also apply the same ACL on multiple interfaces.You can apply EtherType ACLs only in the inbound direction and only on Layer 2 interfaces. operator An operator that the ACE applies to the ICMP code number that follows. Enter one of the following operators: • lt—Less than. • gt—Greater than. • eq—Equal to. • neq—Not equal to. • range—An inclusive range of ICMP code values. When you use this operator, specify two code numbers to define the range. code1, code2 ICMP code number that corresponds to an ICMP type. See Table 1-3. If you entered the range operator, enter a second ICMP code value to define the upper limit of the range. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised with the object-group keyword and associated keywords and arguments. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A2(1.0) This command was revised with the object-group keyword and associated keywords and arguments. A5(1.0) Added IPv6 support.2-277 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands If you create an ICMP extended ACL, you can optionally specify the type of ICMP messaging. Enter either an integer that corresponds to the ICMP code number or one of the ICMP messaging types as described in Table 1-1 (ICMPv4) and Table 1-2 (ICMPv6). ACLs have no effect on neighbor discovery (ND) packets and they are always permitted to and through the ACE. For more information about ND, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. Ta b l e 1-1 ICMPv4 Types ICMPv4 Code Number ICMPv4 Type 0 echo-reply 3 unreachable 4 source-quench 5 redirect 6 alternate-address 8 echo 9 router-advertisement 10 router-solicitation 11 time-exceeded 12 parameter-problem 13 timestamp-request 14 timestamp-reply 15 information-request 16 information-reply 17 mask-request 18 mask-reply 30 traceroute 31 conversion-error 32 mobile-redirect Ta b l e 1-2 ICMPv6 Types ICMPv6 Code Number ICMPv6 Type 1 unreachable 3 time-exceeded 4 parameter-problem 30 traceroute 128 echo 129 echo-reply 137 redirect2-278 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands 139 information-request 140 information-reply Ta b l e 1-3 Well-Known TCP Port Numbers and Key Words Keyword Port Number Description aol 5190 America-Online bgp 179 Border Gateway Protocol chargen 19 Character Generator citrix-ica 1494 Citrix Independent Computing Architecture protocol cmd 514 Same as exec, with automatic authentication ctiqbe 2748 Computer Telephony Interface Quick Buffer Encoding daytime 13 Daytime discard 9 Discard domain 53 Domain Name System echo 7 Echo exec 512 Exec (RSH) finger 79 Finger ftp 21 File Transfer Protocol ftp-data 20 FTP data connections gopher 70 Gopher hostname 101 NIC hostname server http 80 Hyper Text Transfer Protocol https 443 HTTP over TLS/SSL ident 113 Ident Protocol imap4 143 Internet Message Access Protocol, version 4 irc 194 Internet Relay Chat kerberos 88 Kerberos klogin 543 Kerberos Login kshell 544 Kerberos Shell ldap 389 Lightweight Directory Access Protocol ldaps 636 LDAP over TLS/SSL login 513 Login (rlogin) lotusnotes 1352 IBM Lotus Notes Table 1-2 ICMPv6 Types (continued) ICMPv6 Code Number ICMPv6 Type2-279 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands lpd 515 Printer Service matip-a 350 Mapping of Airline Traffic over Internet Protocol (MATIP) Type A netbios-ssn 139 NetBIOS Session Service nntp 119 Network News Transport Protocol pcanywhere-data 5631 PC Anywhere data pim-auto-rp 496 PIM Auto-RP pop2 109 Post Office Protocol v2 pop3 110 Post Office Protocol v3 pptp 1723 Point-to-Point Tunneling Protocol, RFC 2637 rtsp 554 Real Time Streaming Protocol sip 5060 Session Initiation Protocol skinny 2000 Cisco Skinny Client Control Protocol (SCCP) smtp 25 Simple Mail Transfer Protocol sqlnet 1521 Structured Query Language Network ssh 22 Secure Shell sunrpc 111 Sun Remote Procedure Call tacacs 49 Terminal Access Controller Access Control System talk 517 Talk telnet 23 Telnet time 37 Time uucp 540 UNIX-to-UNIX Copy Program whois 43 Nicname www 80 World Wide Web (HTTP) Ta b l e 1-4 Well-Known UDP Key Words and Port Numbers Keyword Port Number Description biff 512 Mail notification bootpc 68 Bootstrap Protocol client bootps 67 Bootstrap Protocol server discard 9 Discard dnsix 195 DNSIX Security protocol auditing (dn6-nlm-aud) domain 53 Domain Name System Table 1-3 Well-Known TCP Port Numbers and Key Words (continued) Keyword Port Number Description2-280 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples IPv6 Examples To configure an IPv6 TCP extended ACL, enter: host1/Admin(config)# access-list INBOUND line 10 extended permit tcp 2001:DB8:1::1/64 gt 1024 2001:DB8:2::1 lt 4000 To remove an entry from an extended ACL, enter: echo 7 Echo isakmp 500 Internet Security Association Key Management Protocol kerberos 88 Kerberos mobile-ip 434 Mobile IP registration nameserver 42 Host Name Server netbios-dgm 138 NetBIOS datagram service netbios-ns 137 NetBIOS name service netbios-ssn 139 NetBIOS Session Service ntp 123 Network Time Protocol pcanywherestatus 5632 PC Anywhere status radius 1812 Remote Authentication Dial-in User Service radius-acct 1813 RADIUS Accounting rip 520 Routing Information Protocol snmp 161 Simple Network Management Protocol snmptrap 162 SNMP Traps sunrpc 111 Sun Remote Procedure Call syslog 514 System Logger tacacs 49 Terminal Access Controller Access Control System talk 517 Talk tftp 69 Trivial File Transfer Protocol time 37 Time who 513 Who service (rwho) wsp 9200 Connectionless Wireless Session Protocol wsp-wtls 9202 Secure Connectionless WSP wsp-wtp 9201 Connection-based WSP wsp-wtp-wtls 9203 Secure Connection-based WSP xdmcp 177 X Display Manager Control Protocol Table 1-4 Well-Known UDP Key Words and Port Numbers (continued) Keyword Port Number Description2-281 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands host1/Admin(config)# no access-list INBOUND line 10 To control a ping, specify echo (128) (host to ACE). To allow an external host with IP address 2001:DB8:1::2 to ping a host behind the ACE with an IP address of FC00:ABCD:1:2::5, enter: host1/Admin(config)# access-list INBOUND extended permit icmpv6 host 2001:DB8:1::2 host FC00:ABCD:1:2::5 echo code eq 0 To remove an entry from an ICMP ACL, enter: host1/Admin(config)# no access-list INBOUND extended permit icmpv6 host 2001:DB8:1::2 echo IPv4 Examples To configure a TCP extended ACL, enter: host1/Admin(config)# access-list INBOUND line 10 extended permit tcp 192.168.12.0 255.255.255.0 gt 1024 172.27.16.0 255.255.255.0 lt 4000 To remove an entry from an extended ACL, enter: host1/Admin(config)# no access-list INBOUND line 10 To allow an external host with IP address 192.168.12.5 to be able to ping a host behind the ACE with an IP address of 10.0.0.5, enter: (config)# access-list INBOUND extended permit icmp host 192.168.12.5 host 10.0.0.5 echo code eq 0 To remove an entry from an ICMP ACL, enter: (config)# no access-list INBOUND extended permit icmp host 192.168.12.5 echo To use object groups for all available parameters, enter: ISM/Admin(config)# access-list acl_name extended {deny | permit} object-group service_grp_name object-group network_grp_name object-group network_grp_name Related Commands clear access-list show access-list (config) access-list remark You can add comments about an access control list (ACL) to clarify the function of the ACL. To add a comment to an ACL, use the access-list remark command. You can enter only one comment per ACL and the comment appears at the top of the ACL. Use the no form of this command to remove an ACL remark. access-list name remark text no access-list name remark text2-282 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the access-list feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you delete an ACL using the no access-list name command, then the remarks are also removed. Examples To add an entry comment to an ACL, enter: host1/Admin(config)# access-list INBOUND remark This is a remark To remove entry comments from an ACL, enter: (config)# no access-list INBOUND line 200 remark Related Commands clear access-list show access-list (config) access-list resequence To resequence the entries in an extended access control list (ACL) with a specific starting number and interval, use the access-list resequence command. Use the no form of this command to reset the number assigned to an ACL entry to the default of 10. access-list name resequence number1 number2 no access-list name resequence number1 number2 name Unique identifier of the ACL. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. line number (Optional) Specifies the line number position where you want the comments to appear in the ACL. If you do not specify a line number, the ACE applies a default increment and a line number to the remark and appends it at the end of the ACL. remark text Specifies any comments that you want to include about the ACL. Comments appear at the top of the ACL. Enter an unquoted text string with a maximum of 100 alphanumeric characters. You can enter leading spaces at the beginning of the text. Trailing spaces are ignored. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-283 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the access-list feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ability to resequence entries in an ACL is supported only for extended ACLs. Examples For example, to assign the number 5 to the first entry in the access list INBOUND and then number each succeeding entry by adding 15 to the preceding entry line number, enter: host1/Admin(config)# access-list INBOUND resequence 5 15 Related Commands clear access-list show access-list (config) action-list type modify http Action list modify configuration mode commands allow you to configure ACE action lists. An action list is a named group of actions that you associate with a Layer 7 HTTP class map in a Layer 7 HTTP policy map. You can create an action list to modify an HTTP header or to rewrite an HTTP redirect URL for SSL. For information about the commands in action list modify configuration mode, see the “Action List Modify Configuration Mode Commands” section. To create an action list, use the action-list type modify http command. The CLI prompt changes to (config-actlist-modify). Use the no form of this command to remove the action list from the configuration. action-list type modify http name name Unique identifier of the ACL. Enter an unquoted text string with a maximum of 64 alphanumeric characters. resequence Specifies the renumbering of the entries in an ACL. number1 Number assigned to the first entry in the ACL. Enter any integer. The default is 10. number2 Number added to each entry in the ACL after the first entry. Enter any integer. The default is 10. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-284 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands no action-list type modify http name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To create an action list, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# To remove the action list from the configuration, enter: host1/Admin(config)# no action-list type modify http HTTP_MODIFY_ACTLIST Related Commands show running-config show stats name Unique name for the action list. Enter an unquoted text string with a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-285 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) action-list type optimization http (ACE appliance only) Action list optimization configuration mode commands allow you to configure ACE action lists. An action list is a named group of actions that you associate with a Layer 7 HTTP optimization policy map. The action-list type command allows you to configure a series of application acceleration and optimization statements. After you enter this command, the system enters the action list optimization configuration mode. For information about the commands in action list optimization configuration mode, see the “Action List Optimization Configuration Mode Commands” section. To create an optimization action map for performing application acceleration and optimization, use the action-list type command in global configuration mode. The CLI prompt changes to (config-actlist-optm). Use the no form of this command to remove an action list from the ACE. action-list type optimization http list_name no action-list type optimization http list_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you configure the action list, you associate it with a specific statement in a Layer 7 HTTP optimization policy map. The Layer 7 optimization HTTP policy map activates an optimization HTTP action list that allows you to configure the specified optimization actions. For information about the commands in action list optimization configuration mode, see the “Action List Optimization Configuration Mode Commands” section. For details about configuring the commands in the action list optimization configuration mode, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. optimization http Specifies an optimization HTTP action list. After you create the optimization HTTP type action list, you configure application acceleration and optimization functions in the action list optimization configuration mode. For information about the commands in action list optimization configuration mode, see the “Action List Optimization Configuration Mode Commands” section. list_name Name assigned to the action list. Enter a unique name as an unquoted text string with a maximum of 64 alphanumeric characters. ACE Appliance Release Modification A1(7) This command was introduced.2-286 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To create an optimization HTTP action list, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# To remove the action list from the configuration, enter: host1/Admin(config)# no action-list type optimization http ACT_LIST1 Related Commands show action-list show running-config (config) parameter-map type (config) policy-map2-287 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) arp To configure the Address Resolution Protocol (ARP) on the ACE to manage and map IP to Media Access Control (MAC) information to forward and transmit packets, use the arp command. Use the no form of this command to remove the ARP entry or reset a default value. arp {ip_address mac_address | interval seconds | inspection enable [flood | no flood] | learned-interval seconds | learned-mode enable | rate seconds | ratelimit pps | retries number | sync disable | sync-interval seconds} no arp {ip_address mac_address | interval | inspection enable | learned-interval | learned-mode enable | rate | ratelimit | retries | sync disable | sync-interval} Syntax Description Command Modes Configuration mode ip_address mac_address Static ARP entry in the ARP table that allows ARP responses from an IP address to a MAC address. Enter the IP address in dotted-decimal notation (for example, 172.16.56.76). Enter the MAC address in dotted-hexadecimal notation (for example, 00.60.97.d5.26.ab). interval seconds Specifies the interval in seconds that the ACE sends ARP requests to the configured hosts. Enter a number from 15 to 31526000. The default is 300. inspection enable Enables ARP inspection, preventing malicious users from impersonating other hosts or routers, known as ARP spoofing. The default is disabled. flood (Optional) Enables ARP forwarding of nonmatching ARP packets. The ACE forwards all ARP packets to all interfaces in the bridge group. This is the default setting. no flood (Optional) Disables ARP forwarding for the interface and drops non-matching ARP packets. learned-interval seconds Sets the interval in seconds when the ACE sends ARP requests for learned hosts. Enter a number from 60 to 31536000. The default is 14400. learned-mode enable Enables the ACE to learn MAC addresses if the command has been disabled. By default, for bridged traffic, the ACE learns MAC addresses from all traffic. For routed traffic, the ACE learns MAC addresses only from ARP response packets or from packets that are destined to the ACE (for example, a ping to a VIP or a ping to a VLAN interface). rate seconds Specifies the time interval in seconds between ARP retry attempts to hosts. Enter a number from 1 to 60. The default is 10. ratelimit pps Specifies the rate limit in packets per second for gratuitous ARPs sent by the ACE. Enter a number from 100 to 8192. The default is 512. Note that this keyword applies to the entire ACE. retries number Specifies the number of ARP attempts before the ACE flags the host as down. Enter a number from 2 to 15. The default is 3. sync disable Disables the replication of ARP entries. By default, ARP entry replication is enabled. sync-interval seconds Specifies the time interval between ARP sync messages for learned hosts. Enter an integer from 1 to 3600 seconds (1 hour). The default is 5 seconds.2-288 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Admin and user contexts. The ratelimit keyword is available in the Admin context only. Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The static arp command in configuration mode now allows the configuration of the multicast MAC address for a host. The ACE uses this multicast MAC address while sending packets to the host. This enhancement allows the support of deployments that involve clustering (for example Checkpoint clustering). A host can be assigned an multicast MAC address with the arp command. The ACE does not learn the multicast MAC addresses for a host. ARP inspection operates only on ingress bridged interfaces. By default, ARP inspection is disabled on all interfaces, allowing all ARP packets through the ACE. When you enable ARP inspection, the ACE uses the IP address and interface ID (ifID) of an incoming ARP packet as an index into the ARP table. The ACE then compares the MAC address of the ARP packet with the MAC address in the indexed static ARP entry in the ARP table and takes the following actions: • If the IP address, source ifID, and MAC address match a static ARP entry, the inspection succeeds and the ACE allows the packet to pass. • If the IP address and interface of the incoming ARP packet match a static ARP entry, but the MAC address of the packet does not match the MAC address that you configured in that static ARP entry, ARP inspection fails and the ACE drops the packet. • If the ARP packet does not match any static entries in the ARP table or there are no static entries in the table, then you can set the ACE to either forward the packet out all interfaces (flood) or to drop the packet (no-flood). In this case, the source IP address to MAC address mapping is new to the ACE. If you enter the flood option, the ACE creates a new ARP entry and marks it as LEARNED. If you enter the no-flood option, the ACE drops the ARP packet. The ARP rate limit applies to all gratuitous ARPs sent for local addresses on new configurations, ACE reboot, and on MAC address changes. When you change the ARP request internal for learned hosts and configured hosts, the new timeout does not take effect until the existing time is reached. If you want the new timeout to take effect immediately, enter the clear arp command to apply the new ARP interval (see the clear arp command). For more information, see the Routing and Bridging Guide, Cisco ACE Application Control Engine ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(3) This command was revised with the sync disable and sync-interval keywords. 3.0(0)A1(6.2a) This command was revised with the ratelimit keyword. A2(3.2) The static arp this command now allows the configuration of a multicast MAC address. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.6) The static arp this command now allows the configuration of a multicast MAC address. 2-289 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To allow ARP responses from the router at 10.1.1.1 with the MAC address 00.02.9a.3b.94.d9, enter: host1/contexta(config)# arp 10.1.1.1 00.02.9a.3b.94.d9 To remove a static ARP entry, enter: host1/contexta(config)# no arp 10.1.1.1 00.02.9a.3b.94.d9 To enable ARP inspection and to drop all nonmatching ARP packets, enter: host1/contexta(config)# arp inspection enable no-flood To configure the retry attempt interval of 15 seconds, enter: host1/contexta(config)# arp rate 15 To reset the retry attempt interval to the default of 10 seconds, enter: host1/contexta(config)# no arp rate To disable the replication of ARP entries, enter: host1/contexta(config)# sync disable Related Commands clear arp show arp (config) banner Use the banner command to specify a message to display as the message-of-the-day banner when a user connects to the ACE CLI. Use the no form of this command to delete or replace a banner or a line in a multiline banner. banner motd text no banner motd text Syntax Description Command Modes Configuration mode Admin and user contexts motd Configures the system to display as the message-of-the-day banner when a user connects to the ACE. text Line of message text to be displayed as the message-of-the-day banner. The text string consists of all characters that follow the first space until the end of the line (carriage return or line feed). The # character functions as the delimiting character for each line. For the banner text, spaces are allowed but tabs cannot be entered at the CLI. Multiple lines in a message-of-the-day banner are handled by entering a new banner command for each line that you wish to add. The banner message is a maximum of 80 alphanumeric characters per line, up to a maximum of 3000 characters (3000 bytes) total for a message-of-the-day banner. This maximum value includes all line feeds and the last delimiting character in the message.2-290 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To replace a banner or a line in a multiline banner, use the no banner motd command before adding the new lines. To add multiple lines in a message-of-the-day banner, precede each line by the banner motd command. The ACE appends each line to the end of the existing banner. If the text is empty, the ACE adds a carriage return (CR) to the banner. You can include tokens in the form $(token) in the message text. Tokens will be replaced with the corresponding configuration variable, as follows: • $(hostname)—Displays the hostname for the ACE during run time. • $(line)—Displays the tty (teletypewriter) line or name (for example, /dev/console, /dev/pts/0, or 1). To use the $(hostname) in single line banner motd input, include double quotation marks (“) around the $(hostname) so that the $ is interpreted to a special character for the beginning of a variable in the single line. An example is as follows: switch/Admin(config)# banner motd #Welcome to “$(hostname)”...# Do not use the double quotation mark (“) or the percent sign (%) as a delimiting character in a single line message string. Do not use the delimiting character in the message string. For multiline input, double quotation marks (“) are not required for the token because the input mode is different from the signal line mode. The ACE treats the double quotation mark (“) as a regular character when you operate in multiline mode. Examples To add a message-of-the-day banner, enter: host1/Admin(config)# banner motd #Welcome to the “$(hostname)”. host1/Admin(config)# banner motd Contact me at admin@admin.com for any host1/Admin(config)# banner motd issues.# Related Commands show banner motd (config) boot system image: To set the BOOT environment variable, use the boot system image: command. Use the no form of this command to remove the name of the system image file. boot system image:filename no boot system image:filename ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-291 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can add several images to the BOOT environment variable to provide a fail-safe boot configuration. If the first file fails to boot the ACE, subsequent images that are specified in the BOOT environment variable are tried until the ACE boots or there are no additional images to attempt to boot. If there is no valid image to boot, the ACE enters ROM-monitor mode where you can manually specify an image to boot. The ACE stores and executes images in the order in which you added them to the BOOT environment variable. If you want to change the order in which images are tried at startup, you can either prepend and clear images from the BOOT environment variable to attain the desired order or you can clear the entire BOOT environment variable and then redefine the list in the desired order. If the file does not exist (for example, if you entered the wrong filename), then the filename is appended to the boot string, and this message displays: Warning: File not found but still added in the bootstring. If the file does exist, but is not a valid image, the file is not added to the bootstring, and this message displays: Warning: file found but it is not a valid boot image. Examples ACE Module Example To set the BOOT environment variable, enter: host1/Admin(config)# boot system image:sb-ace.REL_1_0_0 ACE Appliance Example To set the BOOT environment variable, enter: host1/Admin(config)# boot system image:ace-t1k9-mzg.3.1.0.bin Related Commands show bootvar (config) config-register filename Name of the system image file. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-292 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) buffer threshold To set threshold levels for the NP buffers in the active and the standby ACEs and cause the active ACE to reboot if the thresholds are reached or exceeded, use the buffer threshold command. Use the no form of this command to . buffer threshold active number1 standby number2 action reload no buffer threshold active number1 standby number2 action reload Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE checks the status of NP buffer usage every five seconds to initiate the reload action if the buffer threshold is configured and reached, and to generate syslogs if necessary. If the buffer threshold command is configured and if the NP buffer usage reaches or exceeds the threshold, the ACE reloads. In a redundant configuration, a switchover occurs and the former standby ACE becomes the active ACE. In the absence of this command, the automatic reload feature is disabled. You can also use this command in a stand-alone ACE. Examples To specify the active NP buffer utilization threshold as 88 percent and the standby NP buffer utilization threshold as 40 percent, enter the following command: active number1 Specifies the buffer threshold for the active redundant ACE or stand-alone ACE as a percentage. Enter 50, 75, 88, 95, or 100. There is no default value. In a redundant configuration, if the buffer usage of any NP reaches or exceeds the threshold and each of the NP’s buffer usage in the standby ACE is below the configured standby threshold, the active ACE reboots and a switchover occurs. For a standalone ACE, if any of the NP’s buffer usage exceeds the active value, then the ACE reboots. standby number Specifies the buffer threshold for the standby redundant ACE. Enter 10, 20, 30, 40, 50. There is no default value. In a redundant configuration, if the active ACE buffer usage reaches or exceeds the configured active threshold and the standby ACE buffer usage reaches or exceeds the standby threshold, the active ACE does not reboot and no switchover occurs. For a reload and a switchover to occur, the standby buffer usage of all NPs must be less than the configured standby threshold value. action reload Specifies that the ACE reloads when the buffer utilization exceeds the configured threshold. In a redundant configuration, a switchover occurs upon reload of the active ACE. ACE Release Modification A5(1.0) This command was introduced.2-293 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands host1/Admin(config)# buffer threshold active 88 standby 40 action reload Related Commands show np2-294 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) class-map To create a Layer 3 and Layer 4 or a Layer 7 class map, use the class-map command. Use the no form of the command to remove a class map from the ACE. class-map [match-all | match-any] map_name class-map type {ftp inspect match-any | generic {match-all | match-any}} map_name class-map type {http {inspect | loadbalance} | management | radius loadbalance | rtsp loadbalance | sip {inspect | loadbalance}} [match-all | match-any] map_name no class-map [match-all | match-any] map_name no class-map type {ftp inspect match-any | generic {match-all | match-any}} map_name no class-map type {http {inspect | loadbalance} | management | radius loadbalance | rtsp loadbalance | sip {inspect | loadbalance}} [match-all | match-any] map_name Syntax Description match-all Determines how the ACE evaluates Layer 3 and Layer 4 network traffic when multiple match criteria exist in a class map. The class map is considered a match if all the match criteria listed in the class map match the network traffic class in the class map (typically, match commands of different types). The default setting is to meet all of the match criteria (match-all) in a class map. match-any Determines how the ACE evaluates Layer 3 and Layer 4 network traffic when multiple match criteria exist in a class map. The class map is considered a match if only one of the match criteria listed in the class map matches the network traffic class in the class map (typically, match commands of the same type). The default setting is to meet all of the match criteria (match-all) in a class map. map_name Name assigned to the class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. For a Layer 3 and Layer 4 class map, you enter the class map configuration mode and the prompt changes to (config-cmap). type Specifies the class map type that is to be defined. When you specify a class map type, you enter its corresponding class map configuration mode (for example, HTTP inspection configuration mode). ftp inspect Specifies a Layer 7 class map for the inspection of File Transfer Protocol (FTP) request commands. For information about commands in FTP inspection configuration mode, see the “Class Map FTP Inspection Configuration Mode Commands” section. generic Specifies a Layer 7 class map for generic TCP or UDP data parsing. For information about commands in class map generic configuration mode, see the “Class Map Generic Configuration Mode Commands” section. http inspect | loadbalance Specifies a Layer 7 class map for HTTP server load balancing (loadbalance keyword) or a Layer 7 class map for the HTTP deep packet application protocol inspection (inspect keyword) of traffic through the ACE. For information about commands in class map HTTP inspection configuration mode, see the “Class Map HTTP Inspection Configuration Mode Commands” section. For information about commands in class map HTTP server load-balancing configuration mode, see the “Class Map HTTP Load Balancing Configuration Mode Commands” section.2-295 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the inspect, loadbalance, NAT, connection, SSL, or vip feature in your user role, depending on the type of class map that you want to configure. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the class map configuration mode commands to create class maps that classify inbound network traffic destined to, or passing through, the ACE based on a series of flow match criteria specified in the class map. The CLI prompt changes correspondingly to the selected class map configuration mode, for example, (config-cmap), (config-cmap-ftp-insp), (config-cmap-http-lb), or (config-cmap-mgmt). A Layer 3 and Layer 4 class map contains match criteria that classifies the following: • Network traffic that can pass through the ACE based on source or destination IP address, source or destination port, or IP protocol and port management Specifies a Layer 3 and Layer 4 class map to classify the IP network management protocols received by the ACE. For information about commands in class map management configuration mode, see the “Class Map Management Configuration Mode Commands” section. radius loadbalance Specifies a Layer 7 class map for RADIUS server load balancing of traffic through the ACE. For information about commands in RADIUS server load-balancing configuration mode, see the “Class Map RADIUS Load Balancing Configuration Mode Commands” section. rtsp loadbalance Specifies a Layer 7 class map for RTSP server load balancing of traffic through the ACE. For information about commands in RTSP server load-balancing configuration mode, see the “Class Map RTSP Load Balancing Configuration Mode Commands” section. sip inspect | loadbalance Specifies a Layer 7 class map for SIP server load balancing (loadbalance keyword) or a Layer 7 class map for the SIP deep packet application protocol inspection (inspect keyword) of traffic through the ACE. For information about commands in class map SIP inspection configuration mode, see the “Class Map SIP Inspection Configuration Mode Commands” section. For information about commands in class map SIP server load-balancing configuration mode, see the “Class Map SIP Load Balancing Configuration Mode Commands” section. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-296 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands • Network management traffic that can be received by the ACE based on the HTTP, HTTPS, ICMP, SNMP, SSH, or Telnet protocols A Layer 7 class map contains match criteria that classifies specific Layer 7 protocol information. The match criteria enables the ACE to do the following: • Perform server load balancing based on the HTTP cookie, the HTTP header, the HTTP URL, protocol header fields, or source IP addresses • Perform deep packet inspection of the HTTP protocol • Perform FTP request command filtering The ACE supports a system-wide maximum of 8192 class maps. For details about creating a class map, see the Administration Guide, Cisco ACE Application Control Engine. When multiple match criteria exist in the traffic class, you can identify evaluation instructions using the match-any or match-all keywords. If you specify match-any, the traffic that is evaluated must match one of the specified criteria (typically, match commands of the same type). If you specify match-all, the traffic that is evaluated must match all of the specified criteria (typically, match commands of different types). Examples To create a Layer 3 and Layer 4 class map named L4VIP_CLASS that specifies the network traffic that can pass through the ACE for server load balancing, enter: host1/Admin(config)# class-map match-all L4VIP_CLASS host1/Admin(config-cmap)# To create a Layer 3 and Layer 4 class map named MGMT-ACCESS_CLASS that classifies the network management protocols that can be received by the ACE, enter: host1/Admin(config)# class-map type management match-any MGMT-ACCESS_CLASS host1/Admin(config-cmap-mgmt)# To create a Layer 7 class map named L7SLB_CLASS that performs HTTP server load balancing, enter: host1/Admin(config)# class-map type http loadbalance match-any L7SLB_CLASS host1/Admin(config-cmap-http-lb)# To create a Layer 7 class map named HTTP_INSPECT_L7CLASS that performs HTTP deep packet inspection, enter: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# To create a Layer 7 class map named FTP_INSPECT_L7CLASS that performs FTP command inspection, enter: host1/Admin(config)# class-map type ftp inspect match-any FTP_INSPECT_L7CLASS host1/Admin(config-cmap-ftp-insp)# Related Commands show startup-config (config) policy-map (config) service-policy2-297 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) clock timezone To set the time zone, use the clock timezone command. Use the no form of this command to configure independent server groups of Terminal Access Controller Access Control System Plus (TACACS+), Remote Authentication Dial-In User Service (RADIUS), or Lightweight Directory Access Protocol (LDAP) servers. clock timezone {zone_name {+ | –} hours minutes} | {standard time_zone} no clock timezone Syntax Description Command Modes Configuration mode Admin context only zone_name 8-letter name of the time zone (for example, PDT) to be displayed when the time zone is in effect. See Table 1-5 in the “Usage Guidelines” section for a list of the common time zone acronyms used for this argument. hours Hours offset from Coordinated Universal Time (UTC). minutes Minutes offset from UTC. Range is from 0 to 59 minutes. standard time_zone Sets the time to a standard time zone that include an applicable UTC hours offset. Enter one of the following well-known time zones: • ACST—Australian Central Standard Time as UTC + 9.5 hours • AKST—Alaska Standard Time as UTC –9 hours • AST—Atlantic Standard Time as UTC –4 hours • BST—British Summer Time as UTC + 1 hour • CEST—Central Europe Summer Time as UTC + 2 hours • CET—Central Europe Time as UTC + 1 hour • CST—Central Standard Time as UTC –6 hours • EEST—Eastern Europe Summer Time as UTC + 3 hours • EET—Eastern Europe Time as UTC + 2 hours • EST—Eastern Standard Time as UTC –5 hours • GMT—Greenwich Mean Time as UTC • HST—Hawaiian Standard Time as UTC –10 hours • IST—Irish Summer Time as UTC + 1 hour • MSD—Moscow Summer Time as UTC + 4 hours • MSK—Moscow Time as UTC + 3 hours • MST—Mountain Standard Time as UTC –7 hours • PST—Pacific Standard Time as UTC –8 hours • WEST—Western Europe Summer Time as UTC + 1 hour • WST—Western Standard Time as UTC + 8 hours2-298 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines The ACE keeps time internally in Universal Time Coordinated (UTC) offset, so this command is used only for display purposes and when the time is set manually. This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Table 1-5 lists common time zone acronyms used for the zone_name argument. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) The ACST keyword was introduced. It replaced the CST keyword, as UTC +9.5 hours. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) The ACST keyword was introduced. It replaced the CST keyword, as UTC +9.5 hours. Ta b l e 1-5 Time Zone Acronyms Acronym Time Zone Name and UTC Offset Europe BST British Summer Time as UTC + 1 hour CET Central Europe Time as UTC + 1 hour CEST Central Europe Summer Time as UTC + 2 hours EET Eastern Europe Time as UTC + 2 hours EEST Eastern Europe Summer Time as UTC + 3 hours GMT Greenwich Mean Time as UTC IST Irish Summer Time as UTC + 1 hour MSK Moscow Time as UTC + 3 hours MSD Moscow Summer Time as UTC + 4 hours WET Western Europe Time as UTC WEST Western Europe Summer Time as UTC + 1 hour United States and Canada AST Atlantic Standard Time as UTC –4 hours ADT Atlantic Daylight Time as UTC –3 hours CT Central Time, either as CST or CDT, depending on the place and time of the year CST Central Standard Time as UTC –6 hours CDT Central Daylight Saving Time as UTC –5 hours ET Eastern Time, either as EST or EDT, depending on the place and time of the year2-299 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To set the time zone to PST and to set an UTC offset of –8 hours, enter: host1/Admin(config)# clock timezone PST -8 0 To remove the clock time-zone setting, enter: host1/Admin(config)# no clock timezone PST -8 0 Related Commands (ACE appliance only) clock set show clock (config) clock summer-time EST Eastern Standard Time as UTC –5 hours EDT Eastern Daylight Saving Time as UTC –4 hours MT Mountain Time, either as MST or MDT, depending on the place and time of the year MDT Mountain Daylight Saving Time as UTC –6 hours MST Mountain Standard Time as UTC –7 hours PT Pacific Time, either as PST or PDT, depending on the place and time of the year PDT Pacific Daylight Saving Time as UTC –7 hours PST Pacific Standard Time as UTC –8 hours AKST Alaska Standard Time as UTC –9 hours AKDT Alaska Standard Daylight Saving Time as UTC –8 hours HST Hawaiian Standard Time as UTC –10 hours Australia CST Central Standard Time as UTC + 9.5 hours EST Eastern Standard/Summer Time as UTC + 10 hours (+11 hours during summer time) WST Western Standard Time as UTC + 8 hours Table 1-5 Time Zone Acronyms (continued) Acronym Time Zone Name and UTC Offset2-300 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) clock summer-time To configure the ACE to change the time automatically to summer time (daylight saving time), use the clock summer-time command. Use the no form of this command to remove the clock summer-time setting. clock summer-time {daylight_timezone_name start_week start_day start_month start_time end_week end_day end_month end_time daylight_offset | standard time_zone} no clock summer-time Syntax Description Command Modes Configuration mode Admin context only daylight_timezone_name 8-letter name of the time zone (for example, PDT) to be displayed when summer time is in effect. For a list of the common time zone acronyms used for this argument, see the “Usage Guidelines” section for the (config) clock timezone command. start_week Start week for summer time, ranging from 1 through 5. start_day Start day for summer time, ranging from Sunday through Saturday. start_month Start month for summer time, ranging from January through December. start_time Start time (military time) in hours and minutes. end_week End week for summer time, ranging from 1 through 5. end_day End day for summer time, ranging from Sunday through Saturday. end_month End month for summer time, ranging from January through December. end_time End time (military format) in hours and minutes. daylight_offset Number of minutes to add during summer time. Valid entries are from 1 to 1440. The default is 60. standard time_zone Sets the daylight time to a standard time zone that includes an applicable daylight time start and end range along with a daylight offset. Enter one of the following well-known time zones: • ADT—Atlantic Daylight Time: 2 a.m. first Sunday in April—2 a.m. last Sunday in October, + 60 minutes • AKDT—Alaska Standard Daylight Time: 2 a.m. first Sunday in April—2 a.m. last Sunday in October, + 60 minutes • CDT—Central Daylight Time: 2 a.m. first Sunday in April—2 a.m. last Sunday in October, + 60 minutes • EDT—Eastern Daylight Time: 2 a.m. first Sunday in April—2 a.m. last Sunday in October, + 60 minutes • MDT—Mountain Daylight Time: 2 a.m. first Sunday in April— 2 a.m. last Sunday in October, + 60 minutes • PDT—Pacific Daylight Time: 2 a.m. first Sunday in April—2 a.m. last Sunday in October, + 60 minutes2-301 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The first part of the command specifies when summer time begins, and the second part of the command specifies when summer time ends. All times are relative to the local time zone; the start time is relative to standard time and the end time is relative to summer time. If the starting month is after the ending month, the ACE assumes that you are located in the southern hemisphere. Examples To specify that summer time begins on the first Sunday in April at 02:00 and ends on the last Sunday in October at 02:00, with a daylight offset of 60 minutes, enter: host1/Admin(config)# clock summer-time Pacific 1 Sun Apr 02:00 5 Sun Oct 02:00 60 To remove the clock summer-time setting, enter: host1/Admin(config)# no clock summer-time Related Commands show clock (config) clock timezone (config) config-register To change the configuration register settings, use the config-register configuration command. Use the no form of this command to reset the config-register to its default setting. config-register value no config-register value ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-302 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can modify the boot method that the ACE uses at the next startup by setting the boot field in the software configuration register. The configuration register identifies how the ACE should boot. For the ACE module, it also identifies where the system image is stored. You can modify the boot field to force the ACE to boot a particular system image at startup instead of using the default system image. The config-register command affects only the configuration register bits that control the boot field and leaves the remaining bits unaltered. value Configuration register value that you want to use the next time that you restart the ACE. • For the ACE module, the supported value entries are as follows: – 0—(default) Upon reboot, the ACE boots to ROM monitor. The ACE remains in ROM monitor mode at startup. – 1—Upon reboot, the ACE boots the system image identified in the BOOT environment variable (see the (config) boot system image: command). The BOOT environment variable specifies a list of image files on various devices from which the ACE can boot at startup. If the ACE encounters an error or if the image is not valid, it will try the second image (if one is specified). If the second image also fails to boot, the ACE returns to ROM monitor. • For the ACE appliance, the supported value entries are as follows: – 0x0—Upon reboot, the ACE boots to the GNU GRand Unified Bootloader (GRUB). From the GRUB boot loader, you specify the system boot image to use to boot the ACE. Upon startup, the ACE loads the startup-configuration file stored in Flash memory (nonvolatile memory) to the running-configuration file stored in RAM (volatile memory). – 0x1—(default) Upon reboot, the ACE boots the system image identified in the BOOT environment variable (see (config) boot system image:). The BOOT environment variable specifies a list of image files on various devices from which the ACE can boot at startup. If the ACE encounters an error or if the image is not valid, it will try the second image (if one is specified). Upon startup, the ACE loads the startup-configuration file stored in Flash memory (nonvolatile memory) to the running-configuration file stored in RAM (volatile memory). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-303 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples ACE Module Example To set the boot field in the configuration register to boot the system image identified in the BOOT environment variable upon reboot, enter: host1/Admin(config)# config-register 1 ACE Appliance Example To set the boot field in the configuration register to boot the system image identified in the BOOT environment variable upon reboot and to load the startup-configuration file stored in Flash memory, enter: host1/Admin(config)# config-register 0x1 Related Commands (config) boot system image: (config) context To create a context, use the context command. The CLI prompt changes to (config-context). A context provides a user view into the ACE and determines the resources available to a user. Use the no form of this command to remove a context. context name no context name Syntax Description Command Modes Configuration mode Admin context only Command History name Name that designates a context. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Do not configure a context name that contains opening braces, closing braces, white spaces, or any of the following characters: ` $ % & * ( ) \ | ; ' " < > / ? Do not start the context name with the following characters: - . # ~ ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(2.3) This command no longer supports you from configuring a context name that contains opening braces, closing braces, white spaces, or any of the following symbols: ` $ % & * ( ) \ | ; ' " < > / ? 2-304 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, the ACE allows you to create and use five user-configured contexts plus the default Admin context. To use a maximum of 251 contexts (Admin context plus 250 user contexts), you must purchase an additional license from Cisco Systems. Examples To create a context called C1, enter: host1/Admin(config)# context C1 host1/Admin(config-context)# To remove the context from the configuration, enter: host1/Admin(config)# no context C1 Related Commands changeto show context show user-account show users (config) crypto authgroup To create a certificate authentication group, use the crypto authgroup command. Once you create an authentication group, the CLI enters into the authentication group configuration mode, where you add the required certificate files to the group. Use the no form of this command to delete an existing authentication group. crypto authgroup group_name no crypto authgroup group_name Syntax Description Command Modes Configuration mode Admin and user contexts ACE Appliance Release Modification A1(7) This command was introduced. A3(2.3) This command no longer supports you from configuring a context name that contains opening braces, closing braces, white spaces, or any of the following symbols: ` $ % & * ( ) \ | ; ' " < > / ? group_name Name that you assign to the authentication group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. 2-305 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the Secure Sockets Layer (SSL) feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By creating an authentication group, you can implement a group of certificates that are trusted as certificate signers on the ACE. After creating the authentication group and assigning its certificates, you can configure client authentication on an SSL-proxy service by assigning the authentication group to the service. You include an authentication group in the handshake process by configuring the SSL proxy-service with the authentication group (see the (config) ssl-proxy service command). You can configure an authentication group with up to ten certificates. Examples To create the authentication group AUTH-CERT1, enter: host1/Admin(config)# crypto authgroup AUTH-CERT Related Commands (config) ssl-proxy service (config) crypto chaingroup To create a certificate chain group, use the crypto chaingroup command. Once you create a chain group, the CLI enters into the chaingroup configuration mode, where you add the required certificate files to the group. Use the no form of this command to delete an existing chain group. crypto chaingroup group_name no crypto chaingroup group_name Syntax Description Command Modes Configuration mode Admin and user contexts ACE Module Release Modification A2(1.0) This command was introduced. A4(1.0) The number of certificates in an authentication group was increased from 4 to 10. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The number of certificates in an authentication group was increased from 4 to 10. group_name Name that you assign to the chain group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. 2-306 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the Secure Sockets Layer (SSL) feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A chain group specifies the certificate chains that the ACE sends to its peer during the handshake process. A certificate chain is a hierarchal list of certificates that includes the subject’s certificate, the root CA certificate, and any intermediate CA certificates. You include a chain group in the handshake process by configuring the SSL proxy service with the chain group (see the (config) ssl-proxy service command). Each context on the ACE can contain up to eight chain groups. Examples To create the chain group MYCHAINGROUP, enter: host1/Admin(config)# crypto chaingroup MYCHAINGROUP Related Commands (config) ssl-proxy service (config) crypto crl To download a certificate revocation list (CRL) to the ACE, use the crypto crl command. Use the no form of this command to remove a CRL. crypto crl crl_name url no crypto crl crl_name Syntax Description Command Modes Configuration mode Admin and user contexts ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. crl_name Name that you assign to the CRL. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. url URL where the ACE retrieves the CRL. Enter the URL full path including the CRL filename in an unquoted alphanumeric string with a maximum of 255 characters. Both HTTP and LDAP URLs are supported. Start the URL with the http:// prefix or the ldap:// prefix. 2-307 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the Secure Sockets Layer (SSL) feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can use a CRL downloaded to the ACE for client or server authentication on an SSL proxy service. After you download the CRL, you can assign it to an SSL proxy service for either client or server authentication (see (config-ssl-proxy) crl for more information). The ldap:/// prefix is not considered a valid LDAP CRL link in the CDP portion of the server certificate. Valid formats for LDAP URLs are as follows: • ldap://10.10.10.1:389/dc=cisco,dc=com?o=bu?certificateRevocationList • ldap://10.10.10.1/dc=cisco,dc=com?o=bu?certificateRevocationList • ldap://ldapsrv.cisco.com/dc=cisco,dc=com?o=bu?certificateRevocationList • ldap://ldapsrv.cisco.com:389/dc=cisco,dc=com?o=bu?certificateRevocationList To use a question mark (?) character as part of the URL, press Ctrl-v before entering it. Otherwise the ACE interprets the question mark as a help command. You can configure up to eight CRLs per context. Examples To download a CRL that you want to name CRL1 from http://crl.verisign.com/class1.crl, enter: host1/Admin(config)# crypto crl CRL1 http://crl.verisign.com/class1.crl To remove the CRL, enter: host1/Admin(config)# no crypto crl CRL1 Related Commands (config) ssl-proxy service (config) crypto crlparams To configure signature verification on a Certificate Revocation List (CRL) to determine that it is from a trusted certificate authority or to configure a timeoute for CRL downloads to specify the maximum wait time for the ACE to retrieve the CRL data from a server, use the crypto crlparams command. Use the no form of this command to remove the CRL global parameters. ACE Module Release Modification A2(1.0) This command was introduced. A2(2.0) This command was revised to support LDAP URLs and increased the number of CRLs per context from four to eight. ACE Appliance Release Modification A3(1.0) This command was introduced. A4(1.0) This command was revised to support LDAP URLs and increased the number of CRLs per context from four to eight.2-308 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands crypto crlparams crl_name {cacert ca_cert_filename | timeout number} no crypto crlparams crl_name {cacert ca_cert_filename | timeout number} Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the PKI feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. In the absence of the timeout keyword, if the ACE does not receive the complete certificate revocation list (CRL) in a timely manner from a CRL server or the server does not close the connection, the ACE continues to wait for the data to arrive. While it is waiting for the CRL data, the ACE keeps the socket connection with the server open until the TCP connection with the server is closed because of inactivity. The TCP inactivity timer value could be as large as an hour. There is no way to clear this already established connection with the CRL server even if the static CRL is removed from the configuration. Examples To download a CRL that you want to name CRL1 from http://crl.verisign.com/class1.crl, enter: host1/Admin(config)# crypto crl CRL1 http://crl.verisign.com/class1.crl To remove the CRL, enter: host1/Admin(config)# no crypto crl CRL1 to configure a 200-second CRL download timeout for CRL1, enter the following command: crl_name Name that you assign to the CRL. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. cacert ca_cert_filename Name of the CA certificate file used for signature verification. timeout number Specifies the time in seconds that the ACE waits for the CRL data before closing the connection with the server. For static CRLs, enter an integer from 2 to 300. For best-effort CRLs, the timeout is 60 seconds and not user-configurable. If the ACE does not receive the entire CRL data within the timeout limit, the ACE closes the socket connection with the server. For static CRLs, you can abort the CRL data download by removing the static CRL from the configuration. ACE Module Release Modification A2(1.4) and A2(2.1) This command was introduced. A4(1.1) Added the timeout number keyword and argument. ACE Appliance Release Modification A3(2.2) This command was introduced. A4(1.1) Added the timeout number keyword and argument.2-309 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands host1/Admin(config)# crypto crl-params CRL1 timeout 200 When the CRL data download timeout expires and the download is aborted, the ACE generates a syslog to log the event as follows: %ACE-6-253008: CRL crl_name could not be retrieved, reason: crl data dnld timeout error The crl_name variable indicates the name of an existing CRL whose download was aborted because the CRL download timeout expired. To return the behavior of the ACE to the default of waiting until the entire CRL is downloaded before closing the SSL connection or waiting for the TCP inactivity timeout to close the TCP connection, enter the following command: host1/Admin(config)# no crypto crl-params CRL1 timeout 200 Related Commands (config) ssl-proxy service (config) crypto csr-params To create a Certificate Signing Request (CSR) parameter set to define a set of distinguished name attributes, use the crypto csr-params command. Use the no form of this command to remove an existing CSR parameter set. crypto csr-params csr_param_name no crypto csr-params csr_param_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. csr_param_name Name that designates a CSR parameter set. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-310 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands A CSR parameter set defines the distinguished name attributes that the ACE applies to the CSR during the CSR-generating process. The distinguished name attributes provide the CA with the information that it needs to authenticate your site. Creating a CSR parameter set allows you to generate multiple CSRs with the same distinguished name attributes. You can create up to eight CSR parameter sets per context. When you use the crypto csr-params command to specify a CSR parameter set, the prompt changes to the csr-params configuration mode (for more information on this mode and commands, see the “CSR Parameters Configuration Mode Commands” section), where you define each of the distinguished name attributes. The ACE requires that you define the following attributes: Country name • State or province • Common name • Serial number If you do not configure the required attributes, the ACE displays an error message when you attempt to generate a CSR using the incomplete CSR parameter set. Examples To create the CSR parameter set CSR_PARAMS_1, enter: host1/Admin(config)# crypto csr-params CSR_PARAMS_1 host1/Admin(config-csr-params) Related Commands crypto generate csr show crypto (config) crypto ocspserver To configure an Online Certificate Status Protocol (OCSP) server that the ACE uses for revocation checks, use the crypto ocspserver command. By default, SSL rehandshake is disabled in all ACE contexts. Use the no form of this command to reset the default behavior. crypto ocspserver ocsp_server_name url [conninactivitytout timeout] [nonce enable | disable] [reqsigncert signer_cert_filename {reqsignkey signer_key_filename}] [respsigncert response_signer_cert] no crypto ocspserver ocsp_server_name url [conninactivitytout timeout] [nonce enable | disable] [reqsigncert signer_cert_filename {reqsignkey signer_key_filename}] [respsigncert response_signer_cert] Syntax Description ocsp_server_name Identifier of the OCSP server. You use this name to apply the OCSP server to an SSL proxy service. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. url HTTP URL in the form: http://ocsphost.com:port_id/. The port ID is optional. If you do not specify a port, the default value of 2560 is used. You can specify either an IPv4- or an IPv6-based URL. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. conninactivitytout timeout (Optional) TCP connection inactivity timeout. in seconds. Enter an integer from 2 to 3600. The default is 300 seconds.2-311 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode All contexts Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. OCSP has the following configurations guidelines and restrictions: • You can configure a maximum of 64 OCSP servers in the ACE. • You can configure a maximum of 10 OCSP servers in an SSL proxy service. • The ACE can handle a maximum of 64 OCSP server connections with both static and best effort OCSP servers combined. • If you configure best-effort OCSP servers and best-effort CRLs in the same proxy list, the ACE extracts a maximum of four AIAs and four CDPs to conserve resources. • Client authentication may be delayed when you configure OCSP servers and CRLs in the same SSL proxy service. • The ACE does not perform authentication and revocation checks on response signer certificates. Examples To configure an OCSP server that the ACE uses to check the revocation status of SSL certificates, enter the following command: host1/Admin(config)# crypto ocspserver OCSP_SSERVER1 http://10.10.10.10/ nonce enable conninactivitytout 60 To remove an OCSP server from the configuration, enter the following command: nonce enable | disable (Optional) Enables or disables the use of a nonce. By default, nonce is disabled. A nonce is a unique string that is used to bind OCSP requests and responses. When a nonce is enabled, the ACE includes a unique string in the requests that is sends to the OCSP server. The server must include the string in its responses to the ACE to verify the response. reqsigncert signer_cert_filename (Optional) Signer’s certificate filename to sign outgoing requests to the OCSP server. By default, the request is not signed. reqsignkey signer_key_filename (Optional) Signer’s private key filename to sign outgoing requests to the OCSP server. By default, the request is not signed. If you enter the reqsigncert option, you must enter the reqsignkey option. respsigncert response_signer_cert (Optional) Certificate to verify the signature of the OCSP server responses. By default, the signature in the response from the OCSP server are not verified. ACE Module Release Modification A5(1.0) This command was introduced. ACE Appliance Release Modification A5(1.0) This command was introduced.2-312 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands host1/Admin(config)# no crypto ocspserver OCSP_SSERVER1 Related Commands show crypto (config) crypto rehandshake enabled To enable SSL rehandshake for all VIPs in a context, use the crypto rehandshake enabled command in configuration mode. By default, SSL rehandshake is disabled in all ACE contexts. Use the no form of this command to reset the default behavior. crypto rehandshake enabled no crypto rehandshake enabled Syntax Description This command has no keywords or arguments. Command Modes Configuration mode All contexts Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The crypto rehandshake enabled configuration mode command overrides the rehandshake enable parameter map command that you can configure individually in an SSL proxy service. Examples To enable SSL rehandshake for all VIPs in a context, enter: host1/Admin(config)# crypto rehandshake enabled To return the ACE behavior to the default of rehandshake being disabled, enter: host1/Admin(config)# no crypto rehandshake enabled Related Commands show crypto (config-parammap-ssl) rehandshake enabled ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.2-313 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) domain To create a domain, use the domain command. The CLI prompt changes to (config-domain). See the “Domain Configuration Mode Commands” section for details. Use the no form of this command to remove a domain from the configuration. domain name no domain name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can configure a maximum of 63 domains in each context. A domain does not restrict the context configuration that you can display using the show running-config command. You can still display the running configuration for the entire context. However, you can restrict your access to the configurable objects within a context by adding to the domain only a limited subset of all the objects available to a context. To limit a user’s ability to manipulate the objects in a domain, you can assign a role to that user. For more information about domains and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can configure KAL-AP TAGs as domains. For the domain load calculation, the ACE considers the Layer 3 class map, server farm, and real server objects. All other objects under the domain are ignored during the calculation. Examples To create a domain named D1, enter: host1/Admin(config)# domain D1 host1/Admin(config-domain)# name Name for the domain. Enter an unquoted text string with no spaces and a maximum of 76 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(2.0) The length of the name argument changes from 64 to 76 characters. ACE Appliance Release Modification A1(7) This command was introduced.2-314 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands (config) context show user-account show users (config) end To exit from configuration mode and return to Exec mode, use the end command. end Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can also press Ctrl-Z or enter the exit command to exit configuration mode. Examples To exit from configuration mode and return to Exec mode, enter: host1/Admin(config)# end host1/Admin# Related Commands This command has no related commands. (config) exit To exit from the current configuration mode and return to the previous mode, use the exit command. exit ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-315 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description This command has no keywords or arguments. Command Modes All configuration modes Admin and user contexts Command History Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. In configuration mode, the exit command transitions to the Exec mode. In all other configuration modes, the exit command transitions to the previous configuration mode. You can also press Ctrl-Z, enter the (config) end command, or enter the exit command to exit configuration mode. Examples To exit from configuration mode and return to Exec mode, enter: host1/Admin(config)# exit host1/Admin# To exit from interface configuration mode and return to configuration mode, enter: host1/Admin(config-if)# exit host1/Admin(config)# Related Commands This command has no related commands. (config) ft auto-sync To enable automatic synchronization of the running-configuration and the startup-configuration files in a redundancy configuration, use the ft auto-sync command. Use the no form of this command to disable the automatic synchronization of the running-configuration or the startup-configuration file. ft auto-sync {running-config | startup-config} no ft auto-sync {running-config | startup-config} ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-316 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, the ACE automatically updates the running configuration on the standby context of an FT group with any changes that occur to the running configuration of the active context. If you disable the ft auto-sync command, you need to update the configuration of the standby context manually. For more information about configuration synchronization and configuring redundancy, see the Administration Guide, Cisco ACE Application Control Engine. Caution Toggling ft auto-sync running-config in the Admin context may have undesirable side effects if the same command is also disabled in an active user context. If the ft auto-sync running-config command is disabled in the active Admin context and in an active user context, and you subsequently enable the ft auto-sync running-config command in the active Admin context first, the entire configuration of the standby user context will be lost. Always enter the ft auto-sync running-config command in the active user context first, and then enable the command in the active Admin context. The ACE does not copy or write changes in the running-configuration file to the startup-configuration file unless you enter the copy running-config startup-config command or the write memory command for the current context. To write the contents of the running-configuration file to the startup-configuration file for all contexts, use the write memory all command. At this time, if the ft auto-sync startup-config command is enabled, the ACE syncs the startup-configuration file on the active ACE to the standby ACE. The ACE does not synchronize the SSL certificates and key pairs that are present in the active context with the standby context of an FT group. If the ACE performs a configuration synchronization and does not find the necessary certs and keys in the standby context, config sync fails and the standby context enters the STANDBY_COLD state. running-config Enables autosynchronization of the running-configuration file. The default is enabled. startup-config Enables autosynchronization of the startup-configuration file. The default is enabled. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-317 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Caution Do not enter the no inservice command followed by the inservice command on the active context of an FT group when the standby context is in the STANDBY_COLD state. Doing so may cause the standby context running-configuration file to overwrite the active context running-configuration file. To copy the certs and keys to the standby context, you must export the certs and keys from the active context to an FTP or TFTP server using the crypto export command, and then import the certs and keys to the standby context using the crypto import command. For more information about importing and exporting certs and keys, see the SSL Guide, Cisco ACE Application Control Engine. To return the standby context to the STANDBY_HOT state in this case, ensure that you have imported the necessary SSL certs and keys to the standby context, and then perform a bulk sync of the active context configuration by entering the following commands in configuration mode in the active context of the FT group: 1. no ft auto-sync running-config 2. ft auto-sync running-config Examples To enable autosynchronization of the running-configuration file in the C1 context, enter: host1/C1(config)# ft auto-sync running-config Related Commands (config) ft group (config) ft interface vlan (config) ft peer (config) ft track host (ACE module only) (config) ft track hsrp (config) ft track interface (config) ft connection-sync disable By default, connection replication is enabled. There may be times when you want to disable it. To disable connection replication, use the ft connection-sync disable command. The syntax of this command is as follows: ft connection-sync disable no ft connection-sync disable Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts2-318 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Initially, after you disable connection replication, the active ACE does not synchronize connections to the standby ACE. After a bulk sync: • New connections are not synchronized • Connections are not updated in a periodic scan • Connections that are already synchronized on the standby are not torn down If you enable connection replication after a bulk sync occurs, the ACE takes the following actions: • New connections are synced immediately • Existing connections are synced in the next periodic cycle (in approximately 3 to 4 minutes) Sticky replication is disabled by default and you can configure it on a per sticky group basis. The replicate sticky command takes precedence over the ft connection-sync disable command, so new client connections can be load balanced to the same server even when connection replication is disabled. Note the following caveats with stickiness when connection replication is disabled: • The sticky database is not always in sync on the standby. With connection replication disabled, sticky connections on the active close normally, but on the standby the connections time out according to the idle timeout setting. • When sticky entries are approaching their expiration time, it is possible to have a zero active-conns-count on the standby and still have active connections on the active ACE. This condition can lead to sticky entries that are not present after a switchover. Examples To disable connection replication in the C1 context, enter the following command: host1/C1(config)# ft connection-sync disable To reenable connection replication after you have disabled it, enter the following command: host1/Admin(config)# no ft connection-sync disable Related Commands (config) ft auto-sync (config) ft group To create a fault-tolerant (FT) group for redundancy, use the ft group command. After you enter this command, the system enters the FT group configuration mode. Use the no form of this command to remove an FT group from the configuration. ACE Module Release Modification A4(1.1) This command was introduced. ACE Appliance Release Modification A4(1.1) This command was introduced.2-319 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands ft group group_id no ft group group_id Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You must configure the same group ID on both peer ACEs. On each ACE, you can create multiple FT groups: • For ACE module, up to a maximum of 251 (250 contexts and 1 Admin context) • For ACE appliance, up to a maximum of 64 groups Each group consists of a maximum of two members (contexts): one active context on one ACE and one standby context on the peer ACE. For information about the commands in FT group configuration mode, see the “FT Group Configuration Mode Commands” section. Examples To configure an FT group, enter: host1/Admin(config)# ft group 1 host1/Admin(config-ft-group)# To remove the group from the configuration, enter: host1/Admin(config)# no ft group 1 Related Commands (config) ft auto-sync (config) ft interface vlan group-id Unique identifier of the FT group. • For the ACE module, enter an integer from 1 to 255. • For the ACE appliance, enter an integer from 1 to 64. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.6) The number of FT groups increased from 21 to 64.2-320 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ft peer (config) ft track host (ACE module only) (config) ft track hsrp (config) ft track interface (config) ft interface vlan To create a dedicated fault-tolerant (FT) VLAN over which two redundant peers communicate, use the ft interface vlan command. After you enter this command, the system enters the FT interface configuration mode. Use the no form of this command to remove an FT VLAN from the configuration. ft interface vlan vlan_id no ft interface vlan vlan_id Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Peer ACEs communicate with each other over a dedicated FT VLAN. These redundant peers use the FT VLAN to transmit and receive heartbeat packets and state and configuration replication packets. You must configure the same VLAN on each peer ACE. You cannot use this VLAN for normal network traffic and the FT VLAN does not support IPv6. To remove an FT VLAN, first remove it from the FT peer using the no ft interface vlan command in FT peer configuration mode. See the (config-ft-peer) ft-interface vlan command for more information. (ACE appliance only) To configure one of the Ethernet ports or a port-channel interface on the ACE for fault tolerance using a dedicated FT VLAN for communication between the members of an FT group, use the ft-port vlan command in interface configuration mode. See the (config-if) ft-port vlan command for more information. (ACE appliance only) On both peer ACE appliances, you must configure the same Ethernet port or port-channel interface as the FT VLAN port. For example: vlan_id Unique identifier for the FT VLAN. Enter an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-321 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands • If you configure ACE appliance 1 to use Ethernet port 4 as the FT VLAN port, then be sure to configure ACE appliance 2 to use Ethernet port 4 as the FT VLAN port. • If you configure ACE appliance 1 to use port-channel interface255 as the FT VLAN port, then be sure to configure ACE appliance 2 to use port-channel interface 255 as the FT VLAN. Examples To configure an FT VLAN, enter: host1/Admin(config)# ft interface vlan 200 host1/Admin(config-ft-intf)# To remove the FT VLAN from the redundancy configuration, enter: host1/Admin(config)# no ft interface vlan 200 Related Commands (config) ft auto-sync (config) ft group (config) ft peer (config) ft track host (ACE module only) (config) ft track hsrp (config) ft track interface (ACE appliance only) (config-if) ft-port vlan (config) ft peer On both peer ACEs, configure an FT peer definition. To create an FT peer, use the ft peer command. After you enter this command, the system enters the FT peer configuration mode. You can configure a maximum of two ACEs as redundancy peers. Use the no form of this command to remove the FT peer from the configuration. ft peer peer_id no ft peer peer_id Syntax Description Command Modes Configuration mode Admin context only Command History peer_id Unique identifier of the FT peer. Enter 1. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-322 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Each ACE ACE can have one FT peer. FT peers are redundant ACE ACEs that communicate with each other over a dedicated FT VLAN. Before you can remove an FT peer from the configuration, remove the peer from the FT group using the no peer command in FT group configuration mode. For information about the commands in FT peer configuration mode, see the “FT Peer Configuration Mode Commands” section. Examples To configure an FT peer, enter: host1/Admin(config)# ft peer 1 host1/Admin(config-ft-peer)# Related Commands (config) ft auto-sync (config) ft group (config) ft interface vlan (config) ft track host (ACE module only) (config) ft track hsrp (config) ft track interface (config) ft track host To create a tracking and failure detection process for a gateway or host, use the ft track host command. After you enter this command, the system enters FT track host configuration mode. Use the no form of this command to remove the gateway-tracking process. ft track host name no ft track host name Syntax Description Command Modes Configuration mode Admin and user contexts Command History name Unique identifier of the tracking process for a gateway or host. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-323 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the fault-tolerant (FT) feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about commands in FT track host configuration mode, see the “FT Track Host Configuration Mode Commands” section. For details about configuring redundant ACE ACEs, see the Administration Guide, Cisco ACE Application Control Engine. Examples To create a tracking process for a gateway, enter: host1/Admin(config)# ft track host TRACK_GATEWAY1 host1/Admin(config-ft-track-host)# To remove the gateway-tracking process, enter: host1/Admin(config)# no ft track host TRACK_GATEWAY1 Related Commands (ACE module only) (config) ft track hsrp (config) ft track interface (config) ft track hsrp (ACE module only) To configure failure detection and tracking for a Hot Standby Router Protocol (HSRP) group, use the ft track hsrp command. After you enter this command, the system enters FT track hsrp configuration mode. Use the no form of this command to stop tracking for an HSRP group. ft track hsrp name ft track hsrp name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the fault-tolerant (FT) feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. name Unique identifier of the tracking process for an HSRP group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-324 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands You must configure the HSRP group on the supervisor engine on the Catalyst 6500 series switch before you configure HSRP tracking on the ACE. Failure to do so may result in erroneous state information for the HSRP group being displayed in the show ft track detail command output in Exec mode. For information about commands in FT track hsrp configuration mode, see the “FT Track Interface Configuration Mode Commands” section. For details about configuring redundant ACE ACEs, see the Administration Guide, Cisco ACE Application Control Engine. Examples To configure FT tracking for an HSRP group, enter: host1/Admin(config)# ft track hsrp TRACK_HSRP_GRP1 host1/Admin(config-ft-track-hsrp)# To remove the HSRP group-tracking process, enter: host1/Admin(config)# no ft track hsrp TRACK_HSRP_GRP1 Related Commands (config) ft auto-sync (config) ft group (config) ft interface vlan (config) ft peer (config) ft track host (config) ft track interface (config) ft track interface To create a tracking and failure detection process for a critical interface, use the ft track interface command. After you enter this command, the system enters FT track interface configuration mode. Use the no form of this command to stop tracking for an interface. ft track interface name no ft track interface name Syntax Description Command Modes Configuration mode Admin and user contexts Command History name Unique identifier of the tracking process for a critical interface. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-325 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the fault-tolerant (FT) feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You cannot delete an interface if the ACE is using the interface for tracking. Also, you cannot configure the FT VLAN for tracking. For information about commands in FT track interface configuration mode, see the “FT Track Interface Configuration Mode Commands” section. For details about configuring redundant ACE ACEs, see the Administration Guide, Cisco ACE Application Control Engine. Examples To configure a tracking and failure detection process for an interface, enter: host1/Admin(config)# ft track interface TRACK_VLAN100 To remove the interface-tracking process, enter: host1/Admin(config)# no ft track interface TRACK_VLAN100 Related Commands (config) ft auto-sync (config) ft group (config) ft interface vlan (config) ft peer (config) ft track host (ACE module only) (config) ft track hsrp (config) hostname To specify a hostname for the ACE, use the hostname command. The hostname is used for the command line prompts and default configuration filenames. If you establish sessions to multiple devices, the hostname helps you track where you enter commands. Use the no form of this command to reset the hostname to the default of switch. hostname name no hostname name Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. name New hostname for the ACE. Enter a case-sensitive text string that contains from 1 to 32 alphanumeric characters (with no spaces). The underscore (_) character is not supported in the hostname for the ACE.2-326 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, the hostname for the ACE is switch. Examples To change the hostname of the ACE from switch to ACE1, enter: switch/Admin(config)# hostname ACE1 ACE1/Admin(config)# Related Commands (config) peer hostname (config) hw-module (ACE module only) To configure hardware module parameters in the ACE, use the hostname command. Use the no form of this command to reset to the default behavior. hw-module {cde-same-port-hash | optimize-lookup} no hw-module {cde-same-port-hash | optimize-lookup} Syntax Description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) Underscores (_) in the host name for an ACE are not supported. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) Underscores (_) in the host name for an ACE are not supported. cde-same-port-hash Configures the classification and distribution engine (CDE) to perform the hash function using the ports when the TCP or UDP packets are equal. When this command is configured, the ACE also disables implicit PAT on packets so that the source port does not change. This command is available only in the Admin context. optimize-lookup Disables the egress MAC address lookup that the ACE normally performs. Use this command when you have multiple ACEs installed in a chassis with heavy traffic to improve performance.2-327 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, when the source and destination ports of a TCP or UDP packet are equal, the CDE uses the source IP address and destination IP address to perform the hash function. When they are not equal, the CDE only uses the ports. When the cde-same-port-hash command is configured and the ports are equal, the CDE uses a slightly different hash method from the default method. If you have multiple ACEs installed in a Catalyst 6500 Series Switch or in a Cisco Catalyst 7600 Router, you may experience lower performance than expected with very high rates of traffic. If you fail to achieve the advertised performance of the ACE, you can disable the egress MAC address lookup using the hw-module optimize-lookup command. Do not use the hw-module optimize-lookup command if you have intelligent modules with distributed forwarding cards (DFCs) installed in the Catalyst 6500 Series Switch or the Cisco Catalyst 7600 Router. Using this command with such modules will cause the Encoded Address Recognition Logic (EARL) units on these modules and on the Supervisor to become unsynchronized. Examples To configure the CDE to perform the hash function using the ports when the TCP or UDP packets are equal, enter: switch/Admin(config)# hw-module cde-same-port-hash To reset the default behavior, enter: switch/Admin(config)# no hw-module cde-same-port-hash Related Commands show cde (config) interface To configure a bridge-group virtual interface (BVI), VLAN interface, and for the ACE appliance, the Ethernet port, or port-channel interface, use the interface command. The CLI prompt changes to (config-if). Use the no form of this command to remove the interface. interface {bvi group_number | gigabitEthernet slot_number/port_number | port-channel channel_number | vlan number} no interface {bvi group_number | gigabitEthernet slot_number/port_number | port-channel channel_number | vlan number} ACE Module Release Modification 3.0(0)A1(6.2a) This command was introduced. A2(1.0) This command was revised with the optimize-lookup keyword.2-328 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode BVI and VLAN—Admin and user contexts (ACE appliance only) Ethernet port and port-channel interface—Admin context only Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about commands in interface configuration mode, see the “Interface Configuration Mode Commands” section. For details about configuring a BVI interface, Ethernet port, port-channel interface, or VLAN interface, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. To enable the bridge-group VLANs, you must configure a bridge-group virtual interface (BVI) that represents a corresponding bridge group. You should configure an IP address in the same subnet on the BVI. This address is used for management traffic and as a source IP address for traffic from the ACE, similar to ARP requests. You can configure one or more VLAN interfaces in any user context before you assign those VLAN interfaces to the associated user contexts through the (config-context) allocate-interface command in the Admin context. The ACE supports a maximum of 4093 VLAN interfaces with a maximum of 1024 shared VLANs. bvi group_number Creates a BVI for a bridge group and accesses interface configuration mode commands for the BVI. The group_number argument is the bridge-group number configured on a VLAN interface. gigabitEthernet slot_number/ port_number (ACE appliance only) Specifies one of the four Ethernet ports on the rear panel of the ACE as follows: • slot_number—The physical slot on the ACE containing the Ethernet ports. This selection is always 1, the location of the daughter card in the ACE. The daughter card includes the four Layer 2 Ethernet ports to perform Layer 2 switching. • port_number—The physical Ethernet port on the ACE. Valid selections are 1 through 4, which specifies one of the four Ethernet ports (1, 2, 3, or 4) associated with the slot 1 (daughter card) selection. port-channel channel_number (ACE appliance only) Specifies the channel number assigned to this port-channel interface. Valid values are from 1 to 255. vlan number Assigns the VLAN to the context and accesses interface configuration mode commands for the VLAN. The number argument is the number for a VLAN assigned to the ACE. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-329 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Each ACE supports a maximum of 8192 interfaces that includes VLANs, shared VLANs, and BVI interfaces. ACE Appliance Guidelines In addition, the Ethernet port and port-channel interface command functions require the Admin user role. The four Ethernet ports provide physical Ethernet ports to connect servers, PCs, routers, and other devices to the ACE. You can configure the four Ethernet ports to provide an interface for connecting to 10-Mbps, 100-Mbps, or 1000-Mbps networks. Each Layer 2 Ethernet port supports autonegotiate, full-duplex, or half-duplex operation on an Ethernet LAN and can carry traffic within a designated VLAN. You can group physical ports together on the ACE to form a logical Layer 2 interface called the EtherChannel (or port channel). You must configure all the ports that belong to the same port channel with the same values (such as port parameters, VLAN membership, and trunk configuration). Only one port channel in a channel group is allowed, and a physical port can belong to only to a single port-channel interface. Examples To assign VLAN interface 200 to the Admin context and access interface configuration mode, enter: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# To remove a VLAN, enter: host1/Admin(config)# no interface vlan 200 To create a BVI for bridge group 15, enter: host1/Admin(config)# interface bvi 15 host1/Admin(config-if)# To delete a BVI for bridge group 15, enter: host1/Admin(config)# no interface bvi 15 ACE Appliance Example To configure Ethernet port 3 and access interface configuration mode, enter: host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config-if)# To create a port-channel interface with a channel number of 255, enter: host1/Admin(config)# interface port-channel 255 host1/Admin(config-if)# Related Commands clear interface show interface2-330 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ip dhcp relay To configure a Dynamic Host Configuration Protocol (DHCP) relay agent on the ACE, use the ip dhcp relay command. When you configure the ACE as a DHCP relay agent, it is responsible for forwarding the requests and responses negotiated between the DHCP clients and the server. You must configure a DHCP server when you enable the DHCP relay. Use the no form of this command to disable a DHCP relay agent setting. ip dhcp relay {enable | information policy {keep | replace} | server ip_address} no ip dhcp relay {enable | information policy {keep | replace} | server ip_address} Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the DHCP feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The DHCP relay agent can be configured at both the context and interface level of the ACE. Note the following configuration considerations: • If you configure the DHCP relay agent at the context level, the configuration is applicable to all interfaces associated with the context. enable Accepts DHCP requests from clients on the associated context or interface and enables the DHCP relay agent. The DHCP relay starts forwarding packets to the DHCP server address specified in the ip dhcp relay server command for the associated interface or context. information policy Configures a relay agent information reforwarding policy on the DHCP server to identify what the DHCP server should do if a forwarded message already contains relay information. keep Indicates that existing information is left unchanged on the DHCP relay agent. This is the default setting. replace Indicates that existing information is overwritten on the DHCP relay agent. server Specifies the IP address of a DHCP server to which the DHCP relay agent forwards client requests. ip_address IP address of the DHCP server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-331 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands • If you configure the DHCP relay agent at the interface level, the configuration is applicable to that particular interface only; the remaining interfaces fallback to the context level configuration. Examples To set the IP address of a DHCP server at the context level, enter: host1/Admin# changeto C1 host1/C1# config Enter configuration commands, one per line. End with CNTL/Z host1/C1(config)# ip dhcp relay enable host1/C1(config)# ip dhcp relay server 192.168.20.1 To specify the DHCP relay at the interface level, enter: host1/Admin(config)# interface vlan 50 host1/Admin(config-if)# ip dhcp relay enable host1/Admin(config-if)# ip dhcp relay server 192.168.20.1 To remove the IP address of the DHCP server, enter: host1/Admin(config-if)# no ip dhcp relay server 192.168.20.1 Related Commands clear ip show ip2-332 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ip domain-list To configure a domain name search list, use the ip domain-list command. The domain name list can contain a maximum of three domain names. Use the no form of this command to remove a domain name from the list. ip domain-list name no ip domain-list name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the domain name feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can configure a Domain Name System (DNS) client on the ACE to communicate with a DNS server to provide hostname-to-IP-address translation for hostnames in CRLs for the client authentication feature. For unqualified hostnames (hostnames that do not contain a domain name), you can configure a default domain name or a list of domain names that the ACE can use to: • Complete the hostname • Attempt a hostname-to-IP-address resolution with a DNS server If you configure both a domain name list and a default domain name, the ACE uses only the domain name list and not the single default name. After you have enabled domain name lookups and configured a domain name list, the ACE uses each domain name in turn until it can resolve a single domain name into an IP address. Examples For example, to configure a domain name list, enter: host1/Admin(config)# ip domain-list cisco.com host1/Admin(config)# ip domain-list foo.com host1/Admin(config)# ip domain-list xyz.com To remove a domain name from the list, enter: host1/Admin(config)# no ip domain-list xyz.com name Domain name. Enter an unquoted text string with no spaces and a maximum of 85 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-333 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands show running-config (config) ip domain-lookup (config) ip domain-name (config) ip domain-lookup To enable the ACE to perform a domain lookup (host-to-address translation) with a DNS server, use the ip domain-lookup command. By default, this command is disabled. Use the no form of this command to return the state of domain lookups to the default value of disabled. ip domain-lookup no ip domain-lookup Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the Domain Name feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can configure a Domain Name System (DNS) client on the ACE to communicate with a DNS server to provide hostname-to-IP-address translation for hostnames in CRLs for the client authentication feature. Before you configure a DNS client on the ACE, ensure that one or more DNS name servers are properly configured and are reachable. Otherwise, translation requests (domain lookups) from the DNS client will be discarded. You can configure a maximum of three name servers. The ACE attempts to resolve the hostnames with the configured name servers in order until the translation succeeds. If the translation fails, the ACE reports an error. For unqualified hostnames (hostnames that do not contain a domain name), you can configure a default domain name or a list of domain names that the ACE can use to do the following: • Complete the hostname ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-334 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands • Attempt a hostname-to-IP-address resolution with a DNS server Examples For example, to enable domain lookups, enter: host1/Admin(config)# ip domain-lookup To return the state of domain lookups to the default value of disabled, enter: host1/Admin(config)# no ip domain-lookup Related Commands show running-config (config) ip domain-list (config) ip domain-name (config) ip name-server2-335 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ip domain-name To configure a default domain name, use the ip domain-name command. The domain name list can contain a maximum of three domain names. Use the no form of this command to remove a domain name from the list. ip domain-list name no ip domain-list name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the domain name feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The DNS client feature allows you to configure a default domain name that the ACE uses to complete unqualified hostnames. An unqualified hostname does not contain a domain name (any name without a dot). When domain lookups are enabled and a default domain name is configured, the ACE appends a dot (.) and the configured default domain name to the unqualified host name and attempts a domain lookup. Examples For example, to specify a default domain name of cisco.com, enter: host1/Admin(config)# ip domain-name cisco.com In the above example, the ACE appends cisco.com to any unqualified host name in a CRL before the ACE attempts to resolve the host name to an IP address using a DNS name server. To remove the default domain from the configuration, enter: host1/Admin(config)# no ip domain-name cisco.com name Default domain name. Enter an unquoted text string with no spaces and a maximum of 85 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-336 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands show running-config (config) ip domain-list (config) ip domain-lookup2-337 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ip name-server To configure a DNS name server on the ACE, use the ip name-server command. You can configure a maximum of three DNS name servers. Use the no form of this command to remove a name server from the list. ip name-server ip_address no ip name-server ip_address Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the domain name feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To translate a hostname to an IP address, you must configure one or more (maximum of three) existing DNS name servers on the ACE. Ping the IP address of each name server before you configure it to ensure that the server is reachable. Examples For example, to configure three name servers for the DNS client feature, enter: host1/Admin(config)# ip name-server 192.168.12.15 192.168.12.16 192.168.12.17 To remove a name server from the list, enter: host1/Admin(config)# no ip name-server 192.168.12.15 Related Commands show running-config (config) ip domain-lookup ip_address IP address of a name server. Enter the address in dotted decimal notation (for example, 192.168.12.15). You can enter up to three name server IP addresses in one command line. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-338 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ip route To configure a default or static IP route, use the ip route command. Use the no form of this command to remove a default or static IP route from the configuration. ip route ipv6_dest_address/prefix_length {global_nexthop_address | {bvi number | vlan number {link_local_address}}} | {ipv4_dest_address netmask gateway_ip_address} no ip route dest_ip_prefix netmask gateway_ip_address Syntax Description Command Modes Configuration mode Admin and user contexts Command History ipv6_dest_address IPv6 destination address for the route. The address that you specify for the static route is the address that is in the packet before entering the ACE and performing network address translation. /prefix_length Specifies how many of the most significant bits (MSBs) of the IPv6 address are used for the network identifier. Enter a a forward slash character (/) followed by an integer from 1 to 128. The default is /128. global_nexthop_add ress IP address of the gateway router (the next-hop address for this route). The gateway address must be in the same network as specified in the ip address command for a VLAN interface. For information on configuring the address, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. bvi number Forward bridged VLAN interface for the link-local address. link_local_address Link-local address of the interface. vlan number Forward VLAN interface for the link-local address. ipv4_dest_address IPv4 destination address for the route. The address that you specify for the static route is the address that is in the packet before entering the ACE and performing network address translation. netmask Subnet mask for the route. gateway_ip_address IP address of the gateway router (the next-hop address for this route). The gateway address must be in the same network as specified in the ip address command for a VLAN interface. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-339 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the routing feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The default route identifies the router IP address to which the ACE sends all IP packets for which it does not have a route. Admin and user contexts do not support dynamic routing. You must use static routes for any networks to which the ACE is not directly connected; for example, use a static route when there is a router between a network and the ACE. The ACE supports up to eight equal cost routes on the same interface for load balancing. Routes that identify a specific destination address take precedence over the default route. See the Routing and Bridging Guide, Cisco ACE Application Control Engine for more information about configuring default or static routes. Examples IPv6 Examples To configure a static route to send all traffic destined to 2001:DB8:1::1/64 to the next-hop router at 2001:DB8:1::10, enter the following command: host1/Admin(config)# ip route 2001:DB8:1::1/64 2001:DB8:1::10 To configure a default route, set the IPv6 address for the route to ::/0, the IPv6 equivalent of “any.” For example, if the ACE receives traffic that does not have a route and you want the ACE to send the traffic out the interface to the router at 2001:DB8:1::10/64, enter: host1/Admin(config)# ip route ::/0 2001:DB8:1::10 To remove a default or static route, use the no form of the command as follows: host1/Admin(config)# no ip route 2001:DB8:1::1/64 2001:DB8:1::10 IPv4 Examples To configure a default route, set the IP address and the subnet mask for the route to 0.0.0.0. For example, if the ACE receives traffic that it does not have a route, it sends the traffic out the interface to the router at 192.168.4.8. Enter: host1/Admin(config)# ip route 0.0.0.0 0.0.0.0 192.168.4.8 Related Commands (config-if) ip address2-340 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ipv6 nd interval To configure the refresh interval for existing neighbor discovery (ND) entries of configured hosts, use the ipv6 nd interval command in configuration mode. Use the no form of this command to reset the ND refresh interval to the default value of 300 seconds. ipv6 nd interval number no ipv6 nd interval number Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines You configure this command for each context. Examples To configure an NS message interval of 600 seconds (10 minutes), enter the following command: host1/Admin(config)# ipv6 nd interval 600 To reset the NS message interval to the default of 300 seconds, enter the following command; host1/Admin(config)# no ipv6 nd interval 600 Related Commands (config-if) ipv6 nd ns-interval interval Indicates the frequency of the neighbor solicitation (NS) messages that are sent by the ACE. number Specifies the time interval in seconds between NS messages for configured hosts. Enter an integer from 15 to 31536000. The default is 300 seconds (5 minutes). ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-341 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ipv6 nd learned-interval To configure the refresh interval for ND entries of learned hosts, use the ipv6 nd learned-interval command. Use the no form of this command to reset the ND refresh interval of learned hosts to the default value of 300 seconds. ipv6 nd learned-interval number no ipv6 nd learned-interval number Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines You configure this command for each context. Examples To configure a learned neighbor interval of 600 seconds (10 minutes), enter the following command: host1/Admin(config)# ipv6 nd learned-interval 600 To reset the learned neighbor interval to the default of 300 seconds, enter the following command; host1/Admin(config)# no ipv6 nd learned-interval 600 Related Commands (config-if) ipv6 nd ns-interval learned-interval Indicates the refresh interval for ND entries of learned hosts. number Specifies the time interval in seconds between NS messages for learned neighbor entries. Enter an integer from 60 to 31536000. The default is 300 seconds (5 minutes). ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-342 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ipv6 nd retries To configure the number of NS attempts before the ACE considers a host as down, use the ipv6 nd retries command. Use the no form of this command to reset the number of retries to the default value of 3. ipv6 nd retries number no ipv6 nd retries number Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines You configure this command for each context. Examples To configure the ACE to resend NS messages five times before marking the host as down, enter the following command: host1/Admin(config)# ipv6 nd retries 5 To reset the number of retries to the default value of 3, enter the following command; host1/Admin(config)# no ipv6 nd retries 5 Related Commands (config-if) ipv6 nd ns-interval (config) ipv6 nd interval number Specifies the number of times that the ACE resends the NS messages before considering a host as down. Enter an integer from 1 to 15. The default is 3. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-343 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ipv6 nd sync disable To disable the replication of ND entries from the active to the standby in a redundant configuration, use the ipv6 nd sync disable command. Use the no form of this command to reset the ACE behavior to the default of replicating ND entries to the standby in a redundant configuration. ipv6 nd sync disable no ipv6 nd sync disable Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines You configure this command for each context. Examples To disable ND entry replication for the current context, enter the following command: host1/Admin(config)# ipv6 nd sync disable To reenable the replication of ND entries, enter the following command; host1/Admin(config)# no ipv6 nd sync disable Related Commands (config-if) ipv6 nd ns-interval ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-344 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ipv6 nd sync-interval To configure the time interval between neighbor discovery (ND) synchronization messages for learned hosts, use the ipv6 nd sync-interval command. Use the no form of this command to reset the interval to the default value of 5 seconds. ipv6 nd sync-interval number no ipv6 nd sync-interval number Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines You configure this command for each context. Examples To specify a time intervall between ND synchronization messages for learned hosts of 100 seconds, enter: host1/Admin(config)# ipv6 nd sync-interval 100 To restore the default value of 5 seconds, enter the following command: host1/Admin(config)# no ipv6 nd sync-interval Related Commands (config-if) ipv6 nd ns-interval number Specifies the time interval between ND synchronization messages. Enter an integer from 1 to 3600 seconds (1 hour). The default is 5 seconds. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-345 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) kalap udp To configure secure KAL-AP on the ACE, use the kalap udp command to access KAL-AP UDP configuration mode. The CLI prompt changes to (config-kalap-udp). Use the no form of this command to return to configuration mode (or use the exit command). kalap udp no kalap udp Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports secure KAL-AP for MD5 encryption of data between the ACE and the Global Site Selector (GSS). For encryption, you must configure a shared secret as a key for authentication between the GSS and the ACE context. For information about the commands in KAL-AP UDP configuration mode, see the “KAL-AP UDP Configuration Mode Commands” section. Examples To enter KAL-AP UDP configuration mode, enter: host1/Admin(config)# kalap udp host1/Admin(config-kalap-udp)# Related Commands show kalap udp load show running-config (config-kalap-udp) ip address ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-346 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ldap-server host To specify the Lightweight Directory Access Protocol (LDAP) server IP address, the destination port, and other options, use the ldap-server host command. You can enter multiple ldap-server host commands to configure multiple LDAP servers. Use the no form of this command to revert to a default LDAP server authentication setting. ldap-server host ip_address [port port_number] [timeout seconds] [rootDN “DN_string” [password bind_password]] no ldap-server host ip_address [port port_number] [timeout seconds] [rootDN “DN_string” [password bind_password]] Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ip_address IP address for the LDAP server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). port port_number (Optional) Specifies the TCP destination port for communicating authentication requests to the LDAP directory server. The port_number argument specifies the LDAP + port number. Enter an integer from 1 to 65535. timeout seconds (Optional) Specifies the time in seconds to wait for a response from the LDAP server before the ACE can declare a timeout failure with the LDAP server. Use this option to change the time interval that the ACE waits for the LDAP server to reply to an authentication request. Enter an integer from 1 to 60. The default is 5 seconds. rootDN “DN_string” (Optional) Defines the distinguished name (DN) for a user who is unrestricted by access controls or administrative limit parameters to perform operations on the LDAP server directory. The rootDN user can be thought of as the root user for the LDAP server database. Enter a quoted string with a maximum of 63 alphanumeric characters. The default is an empty string. password bind_password (Optional) Defines the bind password (rootpw) applied to the rootDN of the LDAP server directory. Enter an unquoted string with a maximum of 63 alphanumeric characters. The default is an empty string. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-347 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands By default, the LDAP server port is 389. If your LDAP server uses a port other than 389, use the port keyword to configure an appropriate port before starting the LDAP service. The ldap-server port command overrides the global setting for the specified server. By default, the ACE waits 5 seconds for the LDAP server to reply to an authentication request before the ACE declares a timeout failure and attempts to contact the next server in the group. The ldap-server timeout command overrides the global setting for the specified server. Examples To configure LDAP server authentication parameters, enter: host1/Admin(config)# ldap-server host 192.168.2.3 port 2003 host1/Admin(config)# ldap-server host 192.168.2.3 timeout 60 host1/Admin(config)# ldap-server host 192.168.2.3 rootDN “cn=manager,dc=cisco,dc=com" password lab To remove the LDAP server authentication setting, enter: host1/Admin(config)# no ldap-server host 192.168.2.3 timeout 60 Related Commands show aaa (config) aaa group server (config) ldap-server port (config) ldap-server timeout (config) ldap-server port To globally configure a TCP port (if your LDAP server uses a port other than the default port 389) before you start the LDAP service, use the ldap-server port command. This global port setting will be applied to those LDAP servers for which a TCP port value is not individually configured by the ldap-server host command. Use the no form of this command to revert to the default of TCP port 389. ldap-server port port_number no ldap-server port port_number Syntax Description Command Modes Configuration mode Admin and user contexts Command History port_number Destination port to the LDAP server. Enter an integer from 1 to 65535. The default is TCP port 389. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-348 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To override the global TCP port setting (specified by the ldap-server port command) for a specific server, use the ldap-server host port command. Examples To globally configure the TCP port, enter: host1/Admin(config)# ldap-server port 2003 To revert to the default of TCP port 389, enter: host1/Admin(config)# no ldap-server port 2003 Related Commands show aaa (config) aaa group server (config) ldap-server host (config) ldap-server timeout (config) ldap-server timeout To globally change the time interval that the ACE waits for the LDAP server to reply to a response before it declares a timeout failure, use the ldap-server timeout command. By default, the ACE waits 5 seconds to receive a response from an LDAP server before it declares a timeout failure and attempts to contact the next server in the group. The ACE applies this global timeout value to those LDAP servers for which a timeout value is not individually configured by the ldap-server host command. Use the no form of this command to revert to the default of 5 seconds between transmission attempts. ldap-server timeout seconds no ldap-server timeout seconds Syntax Description Command Modes Configuration mode Admin and user contexts Command History seconds Timeout value in seconds. Enter an integer from 1 to 60. The default is 5 seconds. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-349 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To override the global TCP timeout setting (specified by the ldap-server timeout command) for a specific server, use the ldap-server host timeout command. Examples To globally configure the timeout value to 30 seconds, enter: host1/Admin(config)# ldap-server timeout 30 To change to the default of 5 seconds between transmission attempts, enter: host1/Admin(config)# no ldap-server timeout 30 Related Commands show aaa (config) aaa group server (config) ldap-server host (config) ldap-server port (config) line console (ACE module only) To configure the console interface settings, use the line console configuration mode command. When you enter this command, the prompt changes (config-console) and you enter the console configuration mode. Use the no form of this command to reset the console configuration mode parameters to their default settings. line console no line console Syntax Description There are no keywords or arguments for this command. Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The console port is an asynchronous serial port on the Catalyst 6500 series switch that enables the ACE to be set up for initial configuration through a standard RS-232 port with an RJ-45 connector. Any device connected to this port must be capable of asynchronous transmission. Connection to a terminal requires a terminal emulator to be configured as 9600 baud, 8 data bits, 1 stop bit, no parity. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-350 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands For information about the commands in console configuration mode, see the “Console Configuration Mode Commands” section. Examples To enter console configuration mode, enter: host1/Admin(config)# line console host1/Admin(config-console)# Related Commands clear line show line (config) line vty To configure the virtual terminal line settings, use the line vty configuration mode command. When you enter this command, the prompt changes (config-line) and you enter the line configuration mode. Use the no form of this command to reset the line configuration mode parameter to its default setting. line vty no line vty Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the commands in line configuration mode, see the “Line Configuration Mode Commands” section. Examples To enter the line configuration mode, enter: host1/Admin(config)# line vty host1/Admin(config-line)# ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-351 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands clear line show line2-352 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) login timeout To modify the length of time that a user can be idle before the ACE terminates the console, Telnet, or Secure Shell (SSH) session, use the login timeout command. By default, the inactivity timeout value is 5 minutes. Use the no form of this command to restore the default timeout value of 5 minutes. login timeout minutes no login timeout Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To specify a timeout period of 10 minutes, enter: host1/Admin(config)# login timeout 10 To restore the default timeout value of 5 minutes, enter. host1/Admin(config)# no login timeout Related Commands telnet (config-cmap-mgmt) match protocol minutes Length of time in minutes. Enter a value from 0 to 60 minutes. A value of 0 instructs the ACE never to time out. The default is 5 minutes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-353 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging buffered To enable system logging to a local buffer and to limit the messages sent to the buffer based on severity, use the logging buffered command. By default, logging to the local buffer on the ACE is disabled. New messages are appended to the end of the buffer. The first message displayed is the oldest message in the buffer. When the log buffer fills, the ACE deletes the oldest message to make space for new messages. Use the no form of this command to disable message logging. logging buffered severity_level no logging buffered Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To set the logging buffer level to 3 for logging error messages, enter: host1/Admin(config)# logging buffered 3 To disable message logging, enter: host1/Admin(config)# no logging buffered severity_level Maximum level for system log messages sent to the buffer. The severity level that you specify indicates that you want syslog messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-354 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands (config) logging enable2-355 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging console To enable the logging of syslog messages during console sessions and to limit the display of messages based on severity, use the logging console command. By default, the ACE does not display syslog messages during console sessions. Use the no form of this command to disable logging to the console. logging console severity_level no logging console Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Logging to the console can degrade system performance. Use the logging console command only when you are testing and debugging problems, or when there is minimal load on the network. We recommend that you use the lowest severity level possible because logging at a high rate may affect ACE performance. Do not use this command when the network is busy. Examples To enable system logging to the console for messages with severity levels of 2, 1, and 0: host1/Admin(config)# logging console 2 severity_level Maximum level for system log messages sent to the console. The severity level that you specify indicates that you want to log messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-356 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands (config) logging enable2-357 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging device-id To specify that the device ID of the ACE is included in the syslog message, use the logging device-id command. If enabled, the ACE displays the device ID in all non-EMBLEM-formatted syslog messages. The device ID specification does not affect the syslog message text that is in the EMBLEM format. Use the no form of this command to disable device ID logging for the ACE in the syslog message. logging device-id {context-name | hostname | ipaddress interface_name | string text} no logging device-id Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The device ID part of the syslog message is viewed through the syslog server only and not directly on the ACE. The device ID does not appear in EMBLEM-formatted messages, Simple Network Management Protocol (SNMP) traps, or on the ACE console, management session, or buffer. Examples To instruct the ACE to use the hostname of the ACE to uniquely identify the syslog messages, enter: host1/Admin(config)# logging device-id hostname context-name Specifies the name of the current context as the device ID to uniquely identify the syslog messages sent from the ACE. hostname Specifies the hostname of the ACE as the device ID to uniquely identify the syslog messages sent from the ACE. ipaddress interface_name Specifies the IP address of the interface as the device ID to uniquely identify the syslog messages sent from the ACE. You can specify the IP address of a VLAN interface or BVI as the device ID. If you use the ipaddress keyword, syslog messages sent to an external server contain the IP address of the interface specified, regardless of which interface the ACE uses to send the log data to the external server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. string text Specifies a text string to uniquely identify the syslog messages sent from the ACE. The maximum length is 64 alphanumeric characters without spaces. You cannot use the following characters: & (ampersand), ‘ (single quotation mark), “ (double quotation marks), < (less than), > (greater than), or ? (question mark). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-358 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To disable the use of the hostname of the ACE, enter: host1/Admin(config)# no logging device-id Related Commands (config) logging enable2-359 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging enable To enable message logging, use the logging enable command. Message logging is disabled by default. You must enable logging if you want to send messages to one or more output locations. Use the no form of this command to stop message logging to all output locations. logging enable no logging enable Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Message logging is disabled by default. When enabled, log messages are sent to a logging process, which logs messages to designated locations asynchronously to the processes that generated the messages. You must set a logging output location to view any logs. Examples To enable message logging to all output locations, enter: host1/Admin(config)# logging enable To stop message logging to all output locations, enter: host1/Admin(config)# no logging enable Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-360 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging facility To change the logging facility to a value other than the default of 20 (LOCAL4), use the logging facility command. Most UNIX systems expect the messages to use facility 20. The ACE allows you to change the syslog facility type to identify the behavior of the syslog daemon (syslogd) on the host. Use the no form of this command to set the syslog facility to its default of 20. logging facility number no logging facility number Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The syslog daemon uses the specified syslog facility to determine how to process messages. Each logging facility configures how the syslog daemon on the host handles a message. Syslog servers file messages based on the facility number in the message. For more information on the syslog daemon and facility levels, see your syslog daemon documentation. Examples To set the syslog facility as 16 (LOCAL0) in syslog messages, enter: host1/Admin(config)# logging facility 16 To change the syslog facility back to the default of LOCAL4, enter: host1/Admin(config)# no logging facility 16 Related Commands (config) logging enable number Syslog facility. Enter an integer from 16 (LOCAL0) to 23 (LOCAL7). The default is 20 (LOCAL4). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-361 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging fastpath To enable the logging of connection setup and teardown messages through the fastpath, use the logging fastpath command. By default, the ACE logs connection setup and teardown syslog messages through the control plane. Use the no form of this command to disable the logging of connection setup and teardown syslog messages. logging fastpath no logging fastpath Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Because of the large number of syslog messages that are generated by connection setup and teardown, you can instruct the ACE to send these syslogs through the fast path instead of the control plane. The fast path supports a much higher rate of syslogs than the control plane does. When you instruct the ACE to send these syslogs through the fast path, the message formatting changes (different message spacing) and the syslog IDs change from 106023, 302022, 302023, 302024, and 302025 to 106028, 302028, 302029, 302030, and 302031, respectively. Examples To configure the ACE to log connection setup and teardown syslog messages, enter: host1/Admin(config)# logging fastpath To disable the ACE from logging connection setup and teardown syslog messages, enter: host1/Admin(config)# no logging fastpath Related Commands (config) logging enable ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-362 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging history To set the Simple Network Management Protocol (SNMP) message severity level when sending log messages to a network management system (NMS), use the logging history command. Use the no form of this command to disable logging of informational system messages to an NMS. logging history severity_level no logging history Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To enable or disable all SNMP syslog message logging, use the logging history command without the severity_level argument. We recommend that you use the debugging (7) level during initial setup and during testing. After setup, set the level from debugging (7) to a lower value for use in your network. Examples To send informational system message logs to an SNMP NMS, enter: host1/Admin(config)# logging history 6 severity_level Maximum level system log messages sent as traps to the NMS. The severity level that you specify indicates that you want to log messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-363 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To disable logging to an SNMP NMS, enter: host1/Admin(config)# no logging history Related Commands (config) logging enable2-364 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging host To specify a host (the syslog server) that receives the syslog messages sent by the ACE, use the logging host command. You can use multiple logging host commands to specify additional servers to receive the syslog messages. Use the no form of this command to disable logging to a syslog server. By default, logging to a syslog server on a host is disabled on the ACE. logging host ip_address [tcp | udp [/port#] | [default-udp] | [format emblem]] no logging host ip_address Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you choose to send log messages to a host, the ACE sends those messages using either UDP or TCP. The host must run a program (known as a server) called syslogd, a daemon that accepts messages from other applications and the network, and writes them out to system wide log files. UNIX provides the syslog server as part of its operating system. If you are running Microsoft Windows, you must obtain a syslog server for the Windows operating system. ip_address IP address of the host to be used as the syslog server. tcp (Optional) Specifies to use TCP to send messages to the syslog server. A server can only be specified to receive either UDP or TCP, not both. udp (Optional) Specifies to use UDP to send messages to the syslog server. A server can only be specified to receive either UDP or TCP, not both. /port# (Optional) Port that the syslog server listens to for syslog messages. Enter an integer from 1025 to 65535. The default protocol and port are UDP/514. The default TCP port, if specified, is 1470. default-udp (Optional) Instructs the ACE to default to UDP if the TCP transport fails to communicate with the syslog server. format emblem (Optional) Enables EMBLEM-format logging for each syslog server. The Cisco Resource Management Environment (RME) is a network management application that collects syslogs. RME can process syslog messages only if they are in EMBLEM format. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-365 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands If you use TCP as the logging transport protocol, the ACE denies new network access sessions if the ACE is unable to reach the syslog server, if the syslog server is misconfigured, if the TCP queue is full, or if the disk is full. The format emblem keywords allow you to enable EMBLEM-format logging for each syslog server. EMBLEM-format logging is available for either TCP or UDP syslog messages. If you enable EMBLEM-format logging for a particular syslog host, then the messages are sent to that host. If you also enable the logging timestamp command, the messages are sent to the syslog server with a time stamp. For example, the EMBLEM format for a message with a time stamp appears as follows: ipaddress or dns name [Dummy Value/Counter]: [mmm dd hh:mm:ss TimeZone]: %FACILITY-[SUBFACILITY-]SEVERITY-MNEMONIC: [vtl-ctx: context id] Message-text Examples To send log messages to a syslog server, enter: host1/Admin(config)# logging host 192.168.10.1 tcp/1025 format emblem default-udp To disable logging to a syslog server, enter: host1/Admin(config)# no logging host 192.168.10.1 Related Commands (config) logging enable (config) logging timestamp2-366 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging message To control the display of a specific system logging message or to change the severity level associated with the specified system logging message, use the logging message command. Use the no form of this command to disable logging of the specified syslog message. logging message syslog_id [level severity_level] no logging message syslog_id Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can use the show logging command to determine the level currently assigned to a message and whether the message is enabled. For information on syslog messages and their IDs, see the System Message Guide, Cisco ACE Application Control Engine. syslog_id Specific message that you want to disable or to enable. level severity_level (Optional) Changes the severity level associated with a specific system log message. For example, the %-4-411001 message listed in the syslog has the default assigned severity level of 4 (warning message). You can change the assigned default severity level to a different level. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-367 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To disable the %-6-615004 syslog message (VLAN available for configuring an interface), enter: host1/Admin(config)# no logging message 615004 To resume logging of the disabled syslog message, enter: host1/Admin(config)# logging message 615004 level 6 To change the severity level of the 615004 syslog message from the default of 6 (informational) to a severity level of 5 (notification), enter: (config)# logging message 615004 level 5 To return the severity level of the 615004 syslog message to the default of 6, enter: host1/Admin(config)# no logging message 615004 Related Commands (config) logging enable2-368 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) logging monitor To display syslog messages as they occur when accessing the ACE through a Secure Shell (SSH) or a Telnet session, use the logging monitor command. You can limit the display of messages based on severity. By default, logging to a remote connection using the SSH or Telnet is disabled on the ACE. Use the no form of this command to disable system message logging to the current Telnet or SSH session. logging monitor severity_level no logging monitor Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Note Before you can use this command, you must enable remote access on the ACE and establish a remote connection using the SSH or Telnet protocols from a PC. severity_level Maximum level for system log messages displayed during the current SSH or Telnet session. The severity level that you specify indicates that you want to log messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-369 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To display logs during the SSH or Telnet session, use the terminal monitor Exec mode command. This command enables syslog messages for all sessions in the current context. The logging monitor command sets the logging preferences for all SSH and Telnet sessions, while the terminal monitor command controls logging for each individual Telnet session. However, in each session, the terminal monitor command controls whether syslog messages appear on the terminal during the session. Examples To send informational system message logs to the current Telnet or SSH session, enter: host1/Admin# terminal monitor host1/Admin# config Enter configuration commands, one per line. End with CNTL/Z host1/Admin(config)# logging monitor 6 To disable system message logging to the current Telnet or SSH session, enter: host1/Admin(config)# no logging monitor Related Commands (config) logging enable (config) logging persistent To send specific log messages to compact flash on the ACE, use the logging persistent command. By default, logging to compact flash is disabled on the ACE. The ACE allows you to specify the system message logs that you want to keep after a system reboot by saving them to compact flash. Use the no form of this command to disable logging to compact flash. logging persistent severity_level no logging persistent Syntax Description Command Modes Configuration mode Admin and user contexts severity_level Maximum level for system log messages sent to compact flash. The severity level that you specify indicates that you want to log messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages)2-370 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. We recommend that you use a lower severity level, such as severity level 3, because logging at a high rate to flash memory on the ACE might affect performance. Examples To send informational system message logs to flash memory on the ACE, enter: host1/Admin(config)# logging persistent 6 To disable logging to flash memory on the ACE, enter: host1/Admin(config)# no logging persistent Related Commands (config) logging enable (config) logging queue To change the number of syslog messages that can appear in the message queue, use the logging queue command. By default, the ACE can hold 80 syslog messages in the message queue while awaiting processing. Use the no form of this command to reset the logging queue size to the default of 100 messages. logging queue queue_size no logging queue queue_size Syntax Description Command Modes Configuration mode Admin and user contexts Command History ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. queue_size Queue size for storing syslog messages. Enter an integer from 1 to 8192. The default is 80 messages. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-371 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Set the queue size before the ACE processes syslog messages. When traffic is heavy, messages might get discarded. Examples To set the size of the syslog message queue to 1000, enter: host1/Admin(config)# logging queue 1000 To reset the logging queue size to the default of 80 messages, enter: host1/Admin(config)# no logging queue 0 Related Commands (config) logging enable (config) logging rate-limit To limit the rate at which the ACE generates messages in the syslog, use the logging rate-limit command. You can limit the number of syslog messages generated by the ACE for specific messages. Use the no form of this command to disable rate limiting for message logging in the syslog. logging rate-limit {num {interval | level severity_level | message syslog_id} | unlimited {level severity_level | message syslog_id}} no logging rate-limit {num {interval | level severity_level | message syslog_id} | unlimited {level severity_level | message syslog_id}} Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. num Number at which the syslog is to be rate limited. interval Time interval in seconds over which the system message logs should be limited. The default time interval is 1 second.2-372 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Disabled rate limiting is the default setting. In this case, the logging rate-limit unlimited command will not be displayed in the ACE running-configuration file. The severity level you enter indicates that you want all syslog messages at the specified level to be rate-limited. For example, if you specify a severity level of 7, the ACE applies a rate limit only to level 7 (debugging messages). If you want to apply a logging rate limit on a different severity level, you must configure the logging rate-limit level command for that level as well. If you configure rate limiting for syslogs 302028 through 302031 (connection setup and teardown syslogs that are formatted in the data plane), the ACE always rate-limits these syslogs at level 6. Even if you change the logging level to a different value using the logging message command and the new logging level appears on the syslog server or other destination, the ACE will continue to rate-limit these syslogs at level 6. For information on syslog messages and their IDs, see the System Message Guide, Cisco ACE Application Control Engine. level severity_level Specifies the syslog level that you want to rate limit. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) message syslog_id Identifies the ID of the specific message you want to suppress reporting. unlimited Disables rate limiting for messages in the syslog. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-373 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To limit the syslog rate to a 60-second time interval for informational messages (level 6), enter: host1/Admin(config)# logging rate-limit 42 60 level 6 To suppress reporting of system message 302022, enter: host1/Admin(config)# logging rate-limit 42 60 302022 To disable rate limiting, enter: host1/Admin(config)# no logging rate-limit 42 60 level 6 Related Commands (config) logging enable (config) logging standby To enable logging on the standby ACE in a redundant configuration, use the logging standby command. When enabled, the standby ACE syslog messages remain synchronized should a failover occur. When enabled, this command causes twice the message traffic on the syslog server. Use the no form of this command to disable logging on the standby ACE. logging standby no logging standby Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is disabled by default. Examples To enable logging on the failover standby ACE: host1/Admin(config)# logging standby ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-374 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To disable logging on the standby ACE, enter: host1/Admin(config)# no logging standby Related Commands (config) logging enable (config) logging supervisor (ACE module only) To set the severity level at which syslog messages are sent to the supervisor engine, use the logging supervisor command. The ACE can forward syslog messages to the supervisor engine on the Catalyst 6500 series switch. Use the no form of this command to disable system message logging to the supervisor engine. logging supervisor severity_level no logging supervisor Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. severity_level Maximum level for system log messages. The severity level that you specify indicates that you want to log messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-375 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To send informational system message logs to the supervisor engine on the Catalyst 6500 series switch, enter: host1/Admin(config)# logging supervisor 6 To disable system message logging to the supervisor engine, enter: host1/Admin(config)# no logging supervisor 3 Related Commands (config) logging enable (config) logging timestamp To specify that syslog messages should include the date and time that the message was generated, use the logging timestamp command. By default, the ACE does not include the date and time in syslog messages. Use the no form of this command to specify that the ACE not include the date and time when logging syslog messages. logging timestamp no logging timestamp Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is disabled by default. Examples To enable the time stamp on system logging messages, enter: host1/Admin(config)# logging timestamp To disable the time stamp from syslog messages, enter: host1/Admin(config)# no logging timestamp ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-376 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands (config) logging enable (config) logging trap To identify which messages are sent to a syslog server, use the logging trap command. This command limits the logging messages sent to a syslog server based on severity. Use the no form of this command to return the trap level to the default (information messages). logging trap severity_level no logging trap Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the syslog feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To send logging messages to a syslog server, use the logging host command to specify the name or IP address of the host to be used as the syslog server. severity_level Maximum level for system log messages. The severity level that you specify indicates that you want to log messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages) ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-377 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To send informational system message logs to the syslog server, enter: host1/Admin(config)# logging trap 6 To disable sending message logs to the syslog server, enter: host1/Admin(config)# no logging trap 6 Related Commands (config) logging enable (config) logging host (config) nexus-device To create the DCI device (Nexus 7000 series switch) for the dynamic workload scaling (DWS) feature, use the nexus-device command. The CLI prompt changes to (config-dci). See the “DCI Configuration Mode Commands” section for details. Use the no form of this command to remove the DCI device from the configuration. nexus-device name no nexus-device name Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The DCI device provides the locality information (local or remote) of the virtual machines (VMs) only. You can configure one DCI device per ACE. Examples To create a DCI device named DCI_DEVICE1, enter: host1/Admin(config)# nexus-device DCI_DEVICE1 host1/Admin(config-dci)# To remove the DCI device from the configuration, enter: host1/Admin(config)# no nexus-device DCI_DEVICE1 name Name of the DCI device that the ACE queries for the locality information of the VMs. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-378 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands show nexus-device2-379 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ntp (ACE appliance only) To configure the ACE system clock to synchronize a peer (or to be synchronized by a peer) or to be synchronized by a time server, use the ntp command. Use the no form of the command to remove an NTP peer or server from the configuration. ntp {peer ip_address1 [prefer] | server ip_address2 [prefer]} no ntp {peer ip_address1 [prefer] | server ip_address2 [prefer]} Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. An NTP association can be a peer association, which means that the ACE is willing to synchronize to the other system or to allow the other system to synchronize to the ACE. An NTP association can also be a server association, which means that only this system will synchronize to the other system, not the other way around. You can identify multiple servers; the ACE uses the most accurate server. To send logging messages to a syslog server, use the logging host command to specify the name or IP address of the host to be used as the syslog server. Examples To specify multiple NTP server IP addresses and identify a preferred server, enter: host1/Admin(config)# ntp server 192.168.10.10 prefer host1/Admin(config)# ntp server 192.168.4.143 host1/Admin(config)# ntp server 192.168.5.10 peer Configures the ACE system clock to synchronize a peer or to be synchronized by a peer. You can specify multiple associations. ip_address1 IP address of the peer providing or being provided by the clock synchronization. prefer (Optional) Makes this peer the preferred peer that provides synchronization. Using the prefer keyword reduces switching back and forth between peers. server Configures the ACE system clock to be synchronized by a time server. You can specify multiple associations. ip_address2 IP address of the time server that provides the clock synchronization. prefer (Optional) Makes this server the preferred server that provides synchronization. Use the prefer keyword to set this NTP server as the preferred server if multiple servers have similar accuracy. NTP uses an algorithm to determine which server is the most accurate and synchronizes to that one. If servers have similar accuracy, then the prefer keyword specifies which of those servers to use. ACE Appliance Release Modification A1(7) This command was introduced.2-380 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To form a peer association with a preferred peer, enter: host1/Admin(config)# ntp peer 192.168.10.0 prefer To remove an NTP peer or server from the configuration, enter: host1/Admin(config)# no ntp peer 192.168.10.0 Related Commands clear np show clock (config) object-group To create an object group, use the object-group command. Object groups allow you to streamline the creation of multiple ACL entries in an ACL. Use the no form of this command to remove the object group from the configuration. object-group [network | service] name no object-group [network | service] name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines You can create either network or service object groups. After you create these groups, you can use a single ACL entry to allow trusted hosts to make specific service requests to a group of public servers. If you add new members to an existing object group that is already in use by an entry in a large ACL, recommitting the ACL can take a long time, depending on the size of the ACL and the object group. In some cases, making this change can cause the ACE to devote over an hour to committing the ACL, during which time you cannot access the terminal. We recommend that you first remove the ACL entry that refers to the object group, make your change, and then add the ACL entry back into the ACL. network Specifies a group of hosts or subnet IP addresses. service Specifies a group of TCP or UDP port specifications. name Unique identifier for the object group. Enter the object group name as an unquoted, alphanumeric string from 1 to 64 characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-381 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To create a network object group, enter: host1/Admin(config)# object-group network NET_OBJ_GROUP1 Related Commands (config-objgrp-netw) ip_address (config-objgrp-netw) host2-382 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) optimize (ACE appliance only) To configure the global optimization settings on the ACE, enter the optimize command. The CLI prompt changes to (config-optimize). To remove an optimize mode selection, use the no form of the command. optimize no optimize Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about commands in optimize configuration mode, see the “Optimize Configuration Mode Commands” section. For details about configuring the commands in the optimize configuration mode, see the Application Acceleration and Optimization Guide, Cisco ACE 4700 Series Application Control Engine Appliance. Examples To access the optimize configuration mode, enter: host1/Admin(config)# optimize host1/Admin(config-optimize)# Related Commands show optimization-global (config) parameter-map type To create a connection-, HTTP- or SSL-type parameter map, use the parameter-map type command. For the ACE appliance only, you can also create an optimization HTTP-type parameter map. Use the no form of this command to remove a parameter map from the ACE. parameter-map type {connection | generic | http | optimization http | rtsp | sip | skinny | ssl} name no parameter-map type {connection | generic | http | optimization http | rtsp | sip | skinny | ssl} name ACE Appliance Release Modification A1(7) This command was introduced.2-383 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description connection Specifies a connection-type parameter map. After you create the connection-type parameter map, you configure TCP, IP, and other settings for the map in the parameter map connection configuration mode. For information about the commands in parameter map connection configuration mode, see the “Parameter Map Connection Configuration Mode Commands” section. dns Specifies a DNS parameter map. After you create a DNS parameter map, you configure settings for the map in the parameter map DNS configuration mode. For information about the commands in parameter map DNS configuration mode, see the “Parameter Map DNS Configuration Mode Commands” section. generic Specifies a generic Layer 7 parameter map. After you create the generic Layer 7 parameter map, you configure settings for the map in the parameter map generic configuration mode. For information about the commands in parameter map generic configuration mode, see the “Parameter Map HTTP Configuration Mode Commands” section. http Specifies an HTTP-type parameter map. After you create the HTTP-type parameter map, you configure HTTP settings for the map in the parameter map HTTP configuration mode. For information about the commands in parameter map HTTP configuration mode, see the “Parameter Map HTTP Configuration Mode Commands” section. optimization http (ACE appliance only) Specifies an optimization HTTP-type parameter map and define its application acceleration and optimization settings. After you create the optimization HTTP-type parameter map, you configure settings for the map in the parameter map optimization HTTP configuration mode. For information about the commands in parameter map HTTP connection configuration mode, see the “Parameter Map Optimization Configuration Mode Commands” section. rtsp Specifies an RTSP-type parameter map. After you create the RTSP-type parameter map, you configure RTSP settings for the map in the parameter map RTSP configuration mode. For information about the commands in parameter map RTSP configuration mode, see the “Parameter Map RTSP Configuration Mode Commands” section. sip Specifies a SIP-type parameter map. After you create the SIP-type parameter map, you configure SIP settings for the map in the parameter map SIP configuration mode. For information about the commands in parameter map SIP configuration mode, see the “Parameter Map SIP Configuration Mode Commands” section. skinny Specifies a Skinny Client Control Protocol (SCCP) type parameter map. After you create the SCCP-type parameter map, you configure SCCP settings for the map in the parameter map SCCP configuration mode. For information about the commands in parameter map SCCP configuration mode, see the “Parameter Map SCCP Configuration Mode Commands” section.2-384 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The connection and http commands requires the connection feature in your user role. The ssl commands in this mode require the connection or SSL feature. (ACE appliance only) The optimization http commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The parameter-map type command allows you to configure a series of Layer 3 and Layer 4 statements that instruct the ACE how to handle TCP termination, normalization and reuse, SSL termination, and advanced HTTP behavior for server load-balancing connections. After you enter this command, the system enters the corresponding parameter map configuration mode. To access one of the parameter-map configuration modes, enter the appropriate parameter-map type command. For example, enter parameter-map type connection, parameter-map type http, or parameter-map type ssl. The CLI prompt changes to the corresponding mode, for example, (config-parammap-conn), (config-parammap-http), or (config-parammap-ssl). After you configure the parameter map, you associate it with a specific action statement in a policy map. Examples To create a connection-type parameter map called TCP_MAP, enter: host1/Admin(config)# parameter-map type connection TCP_MAP host1/Admin(config-parammap-conn)# To create an HTTP-type parameter map called HTTP_MAP, enter: host1/Admin(config)# parameter-map type http HTTP_MAP host1/Admin(config-parammap-http)# ssl Specifies an SSL-type parameter map. After you create the SSL-type parameter map, you configure SSL settings for the map in the parameter map SSL configuration mode. For information about the commands in parameter map SSL connection configuration mode, see the “Parameter Map SSL Configuration Mode Commands” section. name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-385 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To create an SSL-type parameter map called SSL_MAP, enter: host1/Admin(config)# parameter-map type ssl SSL_MAP host1/Admin(config-parammap-ssl)# ACE Appliance Example To create an optimization HTTP parameter map called OPTIMIZE_MAP, enter: host1/Admin(config)# parameter-map type optimization http OPTIMIZE_MAP host1/Admin(config-parammap-optmz)# Related Commands show running-config (config) policy-map (config) peer hostname To specify a hostname for the peer ACE in a redundant configuration, use the peer hostname command. The hostname is used for the command line prompts and default configuration filenames. If you establish sessions to multiple devices, the hostname helps you track where you enter commands. Use the no form of this command to reset the hostname of the peer to the default of switch. peer hostname name no peer hostname name Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, the hostname for the ACE is switch. name New hostname for the peer ACE. Enter a case-sensitive text string that contains from 1 to 32 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-386 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To change the hostname of the peer ACE from switch to ACE_1, enter: switch/Admin(config)# peer hostname ACE_1 ACE_1/Admin(config)# Related Commands (config) hostname (config) peer shared-vlan-hostid To configure a specific bank of MAC addresses for a peer ACE in a redundant configuration, use the peer shared-vlan-hostid command. Use the no form of this command to remove the configured bank of MAC addresses. peer shared-vlan-hostid number no peer shared-vlan-hostid Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure bank 3 for a peer ACE, enter: host1/Admin(config)# peer shared-vlan-hostid 3 To remove the configured bank of MAC addresses, enter: host1/Admin(config)# no peer shared-vlan-hostid number Bank of MAC addresses that the ACE uses. Enter a number from 1 to 16. Be sure to configure different bank numbers for multiple ACEs. ACE Module Release Modification 3.0(0)A1(6.2a) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-387 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands (config) arp (config) shared-vlan-hostid2-388 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) policy-map Use the policy-map command to create a Layer 3 and Layer 4 or Layer 7 policy map. To access one of the policy map configuration modes, use the policy-map command. Use the no form of this command to remove a policy map from the ACE. policy-map multi-match map_name policy-map type inspect {ftp first-match | http all-match | sip all-match | skinny} map_name policy-map type loadbalance {first-match | generic first-match | http first-match | radius first-match | rdp first-match | rtsp first-match | sip first-match} map_name policy-map type management first-match map_name policy-map type optimization http first-match map_name no policy-map multi-match map_name no policy-map type inspect {ftp first-match | http all-match | sip all-match | skinny} map_name no policy-map type loadbalance {first-match | generic first-match | http first-match | radius first-match | rdp first-match | rtsp first-match | sip first-match} map_name no policy-map type management first-match map_name Syntax Description multi-match Configures a Layer 3 and Layer 4 policy map that defines the different actions applied to traffic passing through the ACE. The ACE attempts to match multiple classes within the Layer 3 and Layer 4 policy map to allow a multifeature Layer 3 and Layer 4 policy map. The ACE executes the action for only one matching class within each of the class sets. The definition of which classes are in the same class set depends on the actions applied to the classes; the ACE associates each policy map action with a specific set of classes. For information about the commands in policy map configuration mode, see the “Policy Map Configuration Mode Commands” section. map_name Name assigned to the policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. type Specifies the type of policy map to be defined. When you specify a policy map type, you enter its corresponding policy map configuration mode (for example, RADIUS load balancing). inspect ftp first-match Specifies a Layer 7 policy map that defines the inspection of File Transfer Protocol (FTP) commands by the ACE. The ACE executes the action for the first matching classification. For a list of classes in a policy map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map FTP inspection configuration mode, see the “Policy Map FTP Inspection Configuration Mode Commands” section.2-389 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands inspect http all-match Specifies a Layer 7 policy map that defines the deep packet inspection of the HTTP protocol by the ACE. The ACE attempts to match all specified conditions against the matching classification and executes the actions of all matching classes until it encounters a deny for a match request. For information about the commands in policy map inspection HTTP configuration mode, see the “Policy Map Inspection HTTP Configuration Mode Commands” section. inspect sip all-match Specifies a Layer 7 policy map that defines the inspection of SIP protocol packets by the ACE. The ACE attempts to match all specified conditions against the matching classification and executes the actions of all matching classes until it encounters a deny for a match request. For information about the commands in policy map inspection SIP configuration mode, see the “Policy Map Inspection SIP Configuration Mode Commands” section. inspect skinny Specifies a Layer 7 policy map that defines the inspection of SCCP or skinny protocol packets by the ACE. The ACE uses the SCCP inspection policy to filter traffic based on message ID and to perform user-configurable actions on that traffic. For information about the commands in policy map inspection SIP configuration mode, see the “Policy Map Inspection Skinny Configuration Mode Commands” section. loadbalance first-match Specifies a Layer 7 policy map that defines Layer 7 HTTP server load-balancing decisions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map load balance configuration mode, see the “Policy Map Load Balancing HTTP Configuration Mode Commands” section. loadbalance generic first-match Specifies a Layer 7 policy map that defines Layer 7 HTTP server load-balancing decisions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map load balance configuration mode, see the “Policy Map Load Balancing Generic Configuration Mode Commands” section. loadbalance http first-match Specifies a Layer 7 policy map that defines Layer 7 HTTP server load-balancing decisions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map load balance configuration mode, see the “Policy Map Load Balancing HTTP Configuration Mode Commands” section.2-390 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode loadbalance radius first-match Specifies a Layer 7 policy map that defines Layer 7 HTTP server load-balancing decisions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map load balance configuration mode, see the “Policy Map Load Balancing RADIUS Configuration Mode Commands” section. loadbalance rdp first-match Specifies a Layer 7 policy map that defines Layer 7 HTTP server load-balancing decisions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map load balance configuration mode, see the “Policy Map Load Balancing RDP Configuration Mode Commands” section. loadbalance rtsp first-match Specifies a Layer 7 policy map that defines Layer 7 HTTP server load-balancing decisions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map load balance configuration mode, see the “Policy Map Load Balancing RDP Configuration Mode Commands” section. loadbalance sip first-match Specifies a Layer 7 policy map that defines Layer 7 HTTP server load-balancing decisions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map load balance configuration mode, see the “Policy Map Load Balancing SIP Configuration Mode Commands” section. management first-match Specifies a Layer 3 and Layer 4 policy map that defines the IP management protocols that can be received by the ACE. The ACE executes the specified action only for traffic that meets the first matching classification with a policy map. For information about the commands in policy map management configuration mode, see the “Policy Map Management Configuration Mode Commands” section. optimization http first-match (ACE appliance only) Specifies a Layer 7 policy map that defines Layer 7 HTTP optimization operations. The Layer 7 optimization HTTP policy map associates an HTTP optimization action list and parameter map to configure the specified optimization actions. The ACE executes the action for the first matching classification. For a list of classes in a policy-map, the actions associated with the first class that matches the packet are the actions that the ACE executes on the packet. For information about the commands in policy map optimization configuration mode, see the “Policy Map Optimization Configuration Mode Commands” section.2-391 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Admin and user contexts Command History Usage Guidelines This command requires the inspect, loadbalance, NAT, connection, or SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the policy map configuration mode commands to configure a series of Layer 3 and Layer 4 or Layer 7 policies. Each policy map defines a series of actions (functions) that you apply to a set of classified inbound traffic. The CLI prompt changes correspondingly to the selected policy map configuration mode: config-pmap, config-pmap-c, config-pmap-insp-http, config-pmap-insp-http-c, config-pmap-insp-http-m, config-pmap-lb, config-pmap-lb-c, config-pmap-lb-m, config-pmap-mgmt, and config-pmap-mgmt-c. (ACE appliance only) In addition, the prompt include config-pmap-optmz and config-pmap-optmz-c. For a Layer 3 and Layer 4 traffic classification, you create Layer 3 and Layer 4 policy maps with actions that configure the following: • Network management traffic received by the ACE (HTTP, HTTPS, ICMP, SNMP, SSH, or Telnet) • Server load balancing based on Layer 3 and Layer 4 connection information (virtual IP address) • Secure Sockets Layer (SSL) security services between a web browser (the client) and the HTTP connection (the server) • Static or dynamic Network Address Translation (NAT) • Application protocol inspection (also known as protocol fixup) • TCP termination, normalization, and reuse • IP normalization and fragment reassembly For a Layer 7 traffic classification, you create policy maps with actions that configure the following: • Server load balancing based on the Layer 7 HTTP-related information (such as HTTP headers, cookies, and URLs), or the client IP address • (ACE appliance only) Application acceleration and optimization functions • Deep packet inspection of the HTTP protocol • FTP command inspection The ACE supports a system-wide maximum of 4096 policy maps. For details about creating a policy map, see the Administration Guide, Cisco ACE Application Control Engine. Examples To create a Layer 3 and Layer 4 server load-balancing policy map named L4_SLB_POLICY, enter: host1/Admin(config)# policy-map multi-match L4_SLB_POLICY ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-392 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands host1/Admin(config-pmap)# To create a Layer 3 and Layer 4 management protocol policy map named L4_MGMT-ACCESS_POLICY, enter: host1/Admin(config)# policy-map type management match-any L4_MGMT-ACCESS_CLASS host1/Admin(config-pmap-mgmt)# (ACE appliance only) To create a Layer 7 optimization HTTP policy map named L7OPTIMIZATION_POLICY, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY host/Admin(config-pmap-optmz)# To create a Layer 7 HTTP server load-balancing policy map named L7_SLB_POLICY, enter: host1/Admin(config)# policy-map type loadbalance first-match L7_SLB_POLICY host1/Admin(config-pmap-lb)# To create a Layer 7 HTTP deep packet inspection policy map named L7_HTTP_INSPECT_POLICY, enter: host/Admin(config) # policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host/Admin(config-pmap-ins-http)# To create a Layer 7 FTP command inspection policy map named L7_FTP_INSPECT_POLICY, enter: host1/Admin(config)# class-map type ftp inspect match-any L7_FTP_INSPECT_POLICY host1/Admin(config-pmap-ftp-ins)# Related Commands show startup-config (config) class-map (config) parameter-map type (config) service-policy (config) probe To define a probe and access its configuration mode, use the probe command. The CLI prompt changes to (config-probe_type). Use the no form of this command to delete the probe. probe probe_type probe_name no probe probe_type probe_name Syntax Description probe_type Probe types. The probe type determines what the probe sends to the real server. Enter one of the following keywords: • dns—Sends a request to a DNS server giving it a configured domain. To determine if the server is up, the ACE must receive the configured IP address for that domain. • echo {tcp | udp}—Sends a string to the server and compares the response to the original string. If the response string matches the original string, the server is marked as passed. Otherwise, the ACE retries a configured number of times and time interval before the server is marked as failed.2-393 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands • finger—Sends a Finger probe to a server to verify that a defined username is a username on the server. Use the Finger protocol to configure the username string. • ftp—Initiates an FTP session. By default, this probe is for an anonymous login with the option of configuring a user ID and password. The ACE performs an FTP GET or LS to determine the outcome of the probe. This probe supports only active connections. • http—Sets up a TCP connection and issues an HTTP request. The default request is an HTTP 1.1 GET request with the URL /. Any valid HTTP response causes the probe to mark the real server as passed. You can also configure an HTTP response value. • https—Similar to the HTTP probe, but this probe uses SSL to generate encrypted data. • icmp—Sends an ICMP request and listens for a response. If the server returns a response, the ACE marks the real server as passed. If there is no response and the time times out, or an ICMP standard error such as DESTINATION_UNREACHABLE occurs, the ACE marks the real server as failed. • imap—Identical to POP/POP3 probe, but uses IMAP. • pop—Initiates a POP session, using a configured user ID and password. Then, the probe attempts to retrieve e-mail from the server and validates the result of the probe based on the return codes received from the server. • radius—Connects to a RADIUS server and logs in to it to determine whether the server is up. • rtsp—Establishes a TCP connection and sends a request packet to the RTSP server to determine whether the server is up. • scripted—Executes probes from a configured script to perform health probing. You can author specific scripts with features not present in standard health probes. • sip {tcp | udp}— Establishes a TCP or UDP connection and sends an OPTIONS request packet to the user agent on the SIP server to determine whether the server is up. • smtp—Initiates an SMTP session by logging in to the server. • snmp—Establishes a UDP connection and sends a maximum of eight SMNP OID queries to probe the server. • tcp—Initiates a TCP handshake and expects a response. By default, a successful response causes the probe to mark the server as passed, and then the probe sends a FIN to end the session. If the response is not valid or if there is no response, the probe marks the real server as failed. • telnet—Establishes a connection to the real server and verifies that a greeting from the application was received.2-394 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about commands in probe configuration mode, see the “Probe Configuration Mode Commands” section. Examples To define a TCP probe named PROBE1 and access its mode, enter: host1/Admin(config)# probe tcp PROBE1 host1/Admin(config-probe-tcp)# To delete a TCP probe named PROBE1, enter: host1/Admin(config)# no probe tcp PROBE1 • udp—Sends a UDP packet to a real server. The probe marks the server as failed only if an ICMP Port Unreachable message is returned. Optionally, you can configure this probe to send specific data and expect a specific response to mark the real server as passed. • vm—Polls the local VM load information from the VM controller (vCenter) for the dynamic workload scaling (DWS) feature. The ACE calculates the average aggregate load information as a percentage of CPU usage or memory usage to determine when to burst traffic to the remote data center. If the server farm consists of both physical servers and VMs, the ACE considers load information only from the VMs. After you configure the VM probe and its attributes, you associate it with a VM controller and a server farm. probe_name Identifier for the probe. The probe name associates the probe to the real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A4(2.0) Added the VM probe type. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A4(2.0) Added the VM probe type.2-395 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands clear probe show probe (config) radius-server attribute nas-ipaddr To specify a RADIUS NAS-IP-Address attribute, use the radius-server attribute nas-ipaddr command. Use the no form of this command to delete the RADIUS NAS-IP-Address and return to the default configuration. radius-server attribute nas-ipaddr nas_ip_address no radius-server attribute nas-ipaddr nas_ip_address Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, the NAS-IP-Address is not configured. The ACE performs a route lookup on the Remote Authentication Dial-In User Service (RADIUS) server IP address and uses the result. The RADIUS NAS-IP-Address attribute allows you to configure an arbitrary IP address to be used as RADIUS attribute 4, NAS-IP-Address for each context. The radius-server attribute nas-ipaddr command allows the ACE to behave as a single RADIUS client from the perspective of the RADIUS server. The configured NAS-IP-Address will be encapsulated in all outgoing RADIUS authentication request and accounting packets. Examples To specify a RADIUS NAS-IP-Address, enter: host1/Admin(config)# radius-server attribute nas-ipaddr 192.168.1.1 nas_ip_address IP address that is used as the RADIUS NAS-IP-Address, attribute 4. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-396 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To delete the RADIUS NAS-IP-Address and return to the default configuration, enter: host1/Admin(config)# no radius-server attribute nas-ipaddr 192.168.1.1 Related Commands show aaa (config) aaa group server (config) radius-server host (config) radius-server deadtime To globally set the time interval in which the ACE verifies whether a nonresponsive server is operational, use the radius-server deadtime command. Use the no form of this command to reset the Remote Authentication Dial-In User Service (RADIUS) server dead-time request to the default of 0. radius-server deadtime minutes no radius-server deadtime minutes Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use of this command causes the ACE to mark as “dead” any RADIUS servers that fail to respond to authentication requests. This action avoids the wait for the request to time out before trying the next configured server. The ACE skips a RADIUS server that is marked as dead by sending additional requests for the duration of minutes. The dead-time interval starts when the server does not respond to the number of authentication request transmissions configured through the radius-server retransmit command. When the server responds to a probe access-request packet, the ACE transmits the authentication request to the server. minutes Length of time that the ACE skips a nonresponsive RADIUS server for transaction requests. Enter an integer from 0 to 1440 (24 hours). The default is 0. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-397 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To globally configure a 15-minute dead-time for RADIUS servers that fail to respond to authentication requests, enter: host1/Admin(config)# radius-server deadtime 15 To set the RADIUS server dead-time request to 0, enter: host1/Admin(config)# no radius-server deadtime 15 Related Commands show aaa (config) aaa group server (config) radius-server host (config) radius-server host To designate and configure a host for RADIUS server functions, use the radius-server host command. You can define multiple radius-server host commands to configure multiple Remote Authentication Dial-In User Service (RADIUS) servers. Use the no form of this command to remove the RADIUS server from the configuration. radius-server host ip_address [key shared_secret [0 shared_secret | 7 shared_secret]] [auth-port port_number] [acct-port port_number] [authentication] [accounting] [timeout seconds] [retransmit count] no radius-server host ip_address [key shared_secret [0 shared_secret | 7 shared_secret]] [auth-port port_number] [acct-port port_number] [authentication] [accounting] [timeout seconds] [retransmit count] Syntax Description ip_address IP address for the RADIUS server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). key (Optional) Enables an authentication key for communication between the ACE and the RADIUS daemon running on the RADIUS server. The key is a text string that must match the encryption key used on the RADIUS server. shared_secret Key that is used to authenticate communication between the RADIUS client and server. The shared secret must match the one configured on the RADIUS server. Enter the shared secret as a case-sensitive string with no spaces with a maximum of 63 alphanumeric characters. 0 (Optional) Configures a key specified in clear text (indicated by 0) to authenticate communication between the RADIUS client and server. 7 (Optional) Configures a key specified in encrypted text (indicated by 7) to authenticate communication between the RADIUS client and server. auth-port port_number (Optional) Specifies the UDP destination port for communicating authentication requests to the RADIUS server. By default, the RADIUS authentication port is 1812 (as defined in RFC 2138 and RFC 2139). The port_number argument specifies the RADIUS port number. Valid values are from 1 to 65535.2-398 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The key option overrides the global setting of the radius-server key command. If you do not specify a key, the global value is used. RADIUS keys are always stored in encrypted form in persistent storage. The running configuration also displays keys in encrypted form. If neither the authentication nor the accounting options are specified, the RADIUS server is used for both accounting and authentication. If your RADIUS server uses a port other than 1813, use the acct-port keyword to configure the ACE for the appropriate port before starting the RADIUS service. acct-port port_number (Optional) Specifies the UDP destination port for communicating accounting requests to the RADIUS server. By default, the RADIUS accounting port is 1813 (as defined in RFC 2138 and RFC 2139). The port_number argument specifies the RADIUS port number. Valid values are from 1 to 65535. authentication (Optional) Specifies that the RADIUS server is used only for authentication purposes. If neither the authentication nor the accounting options are specified, the RADIUS server is used for both accounting and authentication purposes. accounting (Optional) Specifies that the RADIUS server is used only for accounting purposes. If neither the authentication nor the accounting options are specified, the RADIUS server is used for both accounting and authentication purposes. timeout seconds (Optional) Specifies the time interval that the ACE waits for the RADIUS server to reply to an authentication request before retransmitting a request. Valid entries are from 1 to 60 seconds. The default is 1 second. retransmit count (Optional) Specifies the number of times that the ACE retransmits an authentication request to a timed-out RADIUS server before declaring the server to be unresponsive and contacting the next server in the group. Valid entries are from 1 to 5 attempts. The default is one attempt. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-399 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands If your RADIUS server uses a port other than 1812, use the auth-port keyword to configure the ACE for the appropriate port before starting the RADIUS service. The retransmit and timeout options override the global settings assigned for the specified server when you enter the radius-server retransmit and radius-server timeout commands. Examples To configure RADIUS server authentication parameters, enter: host1/Admin(config)# radius-server host 192.168.2.3 key HostKey host1/Admin(config)# radius-server host 192.168.2.3 key 7 secret_1256 host1/Admin(config)# radius-server host 192.168.2.3 auth-port 1645 host1/Admin(config)# radius-server host 192.168.2.3 acct-port 1646 host1/Admin(config)# radius-server host 192.168.2.3 authentication host1/Admin(config)# radius-server host 192.168.2.3 accounting host1/Admin(config)# radius-server host 192.168.2.3 timeout 25 host1/Admin(config)# radius-server host 192.168.2.3 retransmit 3 To revert to a default RADIUS server authentication setting, enter: host1/Admin(config)# no radius-server host 192.168.2.3 acct-port 1646 Related Commands show aaa (config) aaa group server (config) radius-server attribute nas-ipaddr2-400 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) radius-server key To globally configure an authentication key for communication between the ACE and the Remote Authentication Dial-In User Service (RADIUS) daemon running on each RADIUS server, use the radius-server key command. Use the no form of this command to remove the global RADIUS server key setting from the configuration. radius-server key {shared_secret | 0 shared_secret | 7 shared_secret} no radius-server key {shared_secret | 0 shared_secret | 7 shared_secret} Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The key is a text string that must match the encryption key used on the RADIUS server. RADIUS keys are always stored in encrypted form in persistent storage on the ACE. This global key will be applied to those RADIUS servers in a named server group for which a shared secret is not individually configured by the (config) radius-server host command. Examples To globally configure an authentication key to be sent in encrypted text (indicated by 7) to the RADIUS server, enter: host1/Admin(config)# radius-server key 7 abe4DFeeweo00o To delete the key, enter: host1/Admin(config)# no radius-server key 7 abe4DFeeweo00o shared_secret Key used to authenticate communication between the RADIUS client and the server. The shared secret must match the one configured on the RADIUS server. Enter the shared secret as a case-sensitive string with no spaces and a maximum of 63 alphanumeric characters. 0 Configures a key specified in clear text (indicated by 0) to authenticate communication between the RADIUS client and server. 7 Configures a key specified in encrypted text (indicated by 7) to authenticate communication between the RADIUS client and server. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-401 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands show aaa (config) aaa group server (config) radius-server host (config) radius-server retransmit To globally change the number of times that the ACE sends an authentication request to a Remote Authentication Dial-In User Service (RADIUS) server, use the radius-server retransmit command. Use the no form of this command to revert to the default of one transmission attempt. radius-server retransmit count no radius-server retransmit count Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE applies this global retransmission value to those RADIUS servers for which a value is not individually configured by the (config) radius-server host command. If all servers in the group are unavailable for authentication and accounting, the ACE tries the local database if you configure a local fallback method by entering the aaa authentication login or the aaa accounting default commands. If you do not have a fallback method, the ACE continues to contact one of the AAA servers listed in the server group. Examples To globally configure the number of retransmissions to 3, enter: host1/Admin(config)# radius-server retransmit 3 To revert to the default of one transmission attempt, enter: host1/Admin(config)# no radius-server retransmit 3 count Number of times that the ACE attempts to connect to a RADIUS server(s) before trying to contact the next available server. Enter an integer from 1 to 5. The default is 1. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-402 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands show aaa (config) aaa group server (config) radius-server host (config) radius-server timeout To globally change the time interval that the ACE waits for the Remote Authentication Dial-In User Service (RADIUS) server to reply before retransmitting an authentication request to the RADIUS server, use the radius-server timeout command. Use the no form of this command to revert to the default of one second between transmission attempts. radius-server timeout seconds no radius-server timeout seconds Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE applies this global timeout value to those RADIUS servers for which a timeout value is not individually configured by the (config) radius-server host command. Examples To globally configure the timeout value to 30 seconds, enter: host1/Admin(config)# radius-server timeout 30 To revert to the default of one second between transmission attempts, enter: host1/Admin(config)# no radius-server timeout 30 Related Commands show aaa (config) aaa group server seconds Time in seconds between retransmissions to the RADIUS server. Enter an integer from 1 to 60 seconds. The default is 1 second. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-403 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) radius-server host (config) regex compilation-timeout (ACE appliance only) To configure the timeout for regex compilation, use the regex compilation-timeout command. When you configure a regex and its compilation is longer than the configured timeout, the ACE stops the regex compilation. Use the no form of this command to revert to the default of 60 minutes. regex compilation-timeout minutes no regex compilation-timeout Syntax Description Command Modes Configuration mode Admin context Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. This command is applicable across all contexts. Examples To configure a compilation timeout of 80 minutes, enter the following command: host/Admin(config)# regex compilation-timeout 80 To reset the regex compilation timeout to the default value of 60 minutes, enter the following command: host/Admin(config)# no regex compilation-timeout Related Commands This command has no related commands. minutes Timeout value in minutes. Enter an integer from 1 to 500. The default timeout is 60 minutes. ACE Appliance Release Modification A3(2.7). Not applicable for A4(1.0) and A4(2.0). This command was introduced.2-404 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) resource-class Caution The no resource-class command will remove all resources from any context to which the specified resource class is assigned. Be sure that you want to do this before you enter the command. To create a resource class and enter resource configuration mode, use the resource-class command. The CLI prompt changes to (config-resource). Configure a resource class to limit the use of system resources by one or more contexts. Use the no form of this command to remove the resource-class setting. resource-class name no resource-class name Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use a resource class to allocate and limit system resources among contexts in your ACE. The default resource class allocates 100 percent of all configurable system resources to each context. By creating a resource class, you can prevent oversubscription by limiting the percentage of resources available to each context. After you create and configure a resource class, use the (config-context) member command in context configuration mode to assign a context to the class. To use the stickiness feature, you must allocate a minimum percentage of resources to the feature. Otherwise, stickiness will not work. For more details, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the commands in the resource configuration mode, see the “Resource Configuration Mode Commands” section. name Name assigned to the resource class. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. You can also use the resource class called default. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-405 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To create a resource class called RC1, enter: host1/C1(config)# resource-class RC1 host1/C1(config-resource) To remove the resource class from the configuration, enter: host1/C1(config)# no resource-class RC1 Related Commands show resource allocation show resource usage show user-account show users (config-context) member (config) role To assign a user role to a user and enter role configuration mode, use the role command. The CLI prompt changes to (config-role). User roles determine the privileges that a user has, the commands that a user can enter, and the actions that a user can perform in a particular context. You can apply the roles that you create only in the context in which you create them. See the “Role Configuration Mode Commands” section for details. Use the no form of this command to remove the user role assignment. role name no role name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. name Identifier associated with a user role. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-406 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands If you do not assign a user role to a new user, the default user role is Network-Monitor. For users that you create in the Admin context, the default scope of access is the entire device. For users that you create in other contexts, the default scope of access is the entire context. If you need to restrict a user’s access, you must assign a role-domain pair using the (config) username command. For information about the commands in the role configuration mode, see the “Role Configuration Mode Commands” section. For information about configuring roles and assigning them to users, see the Virtualization Guide, Cisco ACE Application Control Engine Examples To assign a role, enter: host1/C1(config)# role TECHNICIAN host1/C1(config-role)# To remove the role from the configuration, enter: host1/C1(config)# no role TECHNICIAN Related Commands show role show user-account show users (config) username (config) rserver To create a real server for server load balancing (SLB) and enter real server configuration mode, use the rserver command. The CLI prompt changes to (config-host-rserver) or (config-redirect-rserver), depending on the type of real server that you create. You can create a maximum of 16,384 real servers. Use the no form of this command to remove the real server from the configuration. rserver [host | redirect] name no rserver [host | redirect] name Syntax Description host (Optional) Specifies a typical real server that provides content and services to clients. This is the default setting. For details on the commands in real server host configuration mode, see the “Real Server Host Configuration Mode Commands” section. redirect (Optional) Specifies a real server used to redirect traffic to a new location as specified in the relocn-string argument of the webhost-redirection command. For details on the commands in real server redirect configuration mode, see the “Real Server Redirect Configuration Mode Commands” section. name Identifier for the real server. Enter an unquoted text string with no spaces and maximum of 64 alphanumeric characters.2-407 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the rserver feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. All servers in a server farm must be of the same type: host or redirect. You can create a maximum of 4096 real servers in each ACE. Examples To create a real server of type host, enter: host1/Admin(config)# rserver server1 To remove the real server of type host from the configuration, enter: host1/Admin(config)# no rserver server1 Related Commands (config-rserver-redir) webhost-redirection clear rserver show rserver (config) script file name To load a script into memory on the ACE and enable it for use, use the script file name command. Use the no form of this command to remove a script from memory and the running configuration. script file name script_name no script file name script_name Syntax Description Command Modes Configuration mode Admin and user contexts ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. script_name Name of the script on the disk0: filesystem. The script name must be unique across the context. You will use the filename when you configure the probe.2-408 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To run a script or create a health probe using a script, you must see the script name, not the script file from which the script was loaded. Examples To load a script into memory, enter: host1/Admin(config)# script file name ftp1.tcl To remove the script, enter: host1/Admin(config)# no script file name ftp1.tcl Related Commands show script (config) serverfarm To create a new server farm or modify an existing server farm and enter the serverfarm configuration mode, use the serverfarm command. You can configure a maximum of 4096 server farms on each ACE. Use the no form of this command to remove the server farm from the configuration. serverfarm [host | redirect] name no serverfarm [host | redirect] name Syntax Description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. host (Optional) Specifies a typical server farm that consists of real servers that provide content and services to clients. This is the default. For details on the commands in the serverfarm host configuration mode, see the “Server Farm Host Configuration Mode Commands” section. redirect (Optional) Specifies that the server farm consist only of real servers that redirect client requests to alternate locations specified by the relocation string or port number in the real server configuration. For details on the commands in the serverfarm redirect host configuration mode, see the “Server Farm Redirect Configuration Mode Commands” section. name Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-409 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the server-farm feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create a server farm, you configure the other server farm attributes and add real servers to the farm. You can configure a maximum of 4096 server farms in each ACE. Examples To create a server farm of type host called SFARM1, enter: host1/Admin(config)# serverfarm SFARM1 host1/Admin(config-sfarm-host)# To remove a server farm called SFARM1, enter: host1/Admin(config)# no serverfarm SFARM1 host1/Admin(config-sfarm-host)# Related Commands (config-rserver-redir) webhost-redirection clear serverfarm show serverfarm (config) service-policy To apply a previously created policy map and attach the traffic policy to a specific VLAN interface or globally to all VLAN interfaces in the same context, use the service-policy command. Use the no form of this command to remove a service policy. service-policy input policy_name no service-policy input policy_name ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-410 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Note the following when creating a service policy: • Policy maps, applied globally in a context, are internally applied on all interfaces existing in the context. • You can apply the policy in an input direction only. • A policy activated on an interface overwrites any specified global policies for overlapping classification and actions. • The ACE allows only one policy of a specific feature type to be activated on a given interface. Examples To specify an interface VLAN and apply the Layer 3 and Layer 4 SLB policy map to the VLAN, enter: host1/C1(config)# interface vlan50 host1/C1(config-if)# mtu 1500 host1/C1(config-if)# ip address 172.20.1.100 255.255.0.0 host1/C1(config-if)# service-policy input L4SLBPOLICY To globally apply the Layer 3 and Layer 4 SLB policy map to the entire context: host1/C1(config)# service-policy input L4SLBPOLICY To globally detach a traffic policy from a context, enter: host1/C1(config)# no service-policy input L4SLBPOLICY Related Commands clear service-policy show service-policy (config-if) service-policy input input Specifies that the traffic policy is to be attached to the input direction of an interface. The traffic policy evaluates all traffic received by that interface. policy_name Name of a previously defined policy map, configured with a previously created policy-map command. The name can be a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-411 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) shared-vlan-hostid To configure a specific bank of MAC addresses for an ACE, use the shared-vlan-hostid command. Use the no form of this command to remove a configured bank of MAC addresses. shared-vlan-hostid number no shared-vlan-hostid Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When contexts share a VLAN, the ACE assigns a different MAC address to the VLAN on each context. The MAC addresses reserved for shared VLANs are 0x001243dc6b00 to 0x001243dcaaff, inclusive. All ACE ACEs derive these addresses from a global pool of 16k MAC addresses. This pool is divided into 16 banks, each containing 1,024 addresses. An ACE supports only 1,024 shared VLANs, and would use only one bank of MAC addresses out of the pool. By default, the bank of MAC addresses that the ACE uses is randomly selected at boot time. However, if you configure two ACE ACEs in the same Layer 2 network and they are using shared VLANs, the ACEs may select the same address bank and use the same MAC addresses. To avoid this conflict, you need to configure the bank that the ACEs will use. Examples To configure bank 2 of MAC addresses, enter: host1/Admin(config)# shared-vlan-hostid 2 To remove the configured bank of MAC addresses, enter: host1/Admin(config)# no shared-vlan-hostid number Bank of MAC addresses that the ACE uses. Enter a number from 1 to 16. Be sure to configure different bank numbers for multiple ACEs. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-412 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands (config) arp (config) peer shared-vlan-hostid (config) snmp-server community To create or modify Simple Network Management Protocol (SNMP) community names and access privileges, use the snmp-server community command. Each SNMP device or member is part of a community. An SNMP community determines the access rights for each SNMP device. SNMP uses communities to establish trust between managers and agents. Use the no form of this command to remove an SNMP community. snmp-server community community_name [group group_name | ro] no snmp-server community community_name [group group_name | ro] Syntax Description Command Modes Configuration mode Admin and user contexts Caution If you change the SNMP engine ID for an Admin or user context, all configured SNMP users become invalid. You must recreate all SNMP users by using the snmp-server community command in configuration mode. Command History community_name SNMP community name for this system. Enter an unquoted text string with no space and a maximum of 32 alphanumeric characters. group group_name (Optional) Identifies the role group to which the user belongs. Enter Network-Monitor, the default group name and the only role that is supported. Note Only network monitoring operations are supported through the ACE implementation of SNMP. In this case, all SNMP users are automatically assigned the system-defined default group of Network-Monitor. For details on creating users, see the Virtualization Guide, Cisco ACE Application Control Engine. ro (Optional) Allows read-only access for this community. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-413 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create or modify a community, all SNMP devices assigned to that community as members have the same access rights (as described in RFC 2576). The ACE allows read-only access to the MIB tree for devices included in this community. The read-only community string allows a user to read data values, but prevents that user from modifying modify the data. SNMP communities are applicable only for SNMPv1 and SNMPv2c. SNMPv3 requires user configuration information such as specifying the role group that the user belongs to, authentication parameters for the user, authentication password, and message encryption parameters. Examples To specify an SNMP community called SNMP_Community1, which is a member of the user group, with read-only access privileges for the community, enter: host1/Admin(config)# snmp-server community SNMP_Community1 group Network-Monitor To remove an SNMP community, enter: host1/Admin(config)# no snmp-server community SNMP_Community1 group Network-Monitor Related Commands (config) snmp-server host2-414 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) snmp-server contact To specify the contact information for the Simple Network Management Protocol (SNMP) system, use the snmp-server contact command. You can specify information for only one contact name. Use the no form of this command to remove an SNMP contact. snmp-server contact contact_information no snmp-server contact Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can specify only one contact name per SNMP system. Examples To specify SNMP system contact information, enter: host1/Admin(config)# snmp-server contact “User1 user1@cisco.com” To remove the specified SNMP contact information, enter: host1/Admin(config)# no snmp-server contact Related Commands (config) snmp-server host contact_information SNMP contact information for this system. Enter a text string with a maximum of 240 alphanumeric characters, including spaces. If the string contains more than one word, enclose the string in quotation marks (“ ”). You can include information on how to contact the person; for example, you can include a phone number or an e-mail address. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-415 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) snmp-server enable traps To enable the ACE to send Simple Network Management Protocol (SNMP) traps and informs to the network management system (NMS), use the snmp-server enable traps command. This command enables both traps and inform requests for the specified notification types. Use the no form of this command to disable the sending of SNMP traps and inform requests. snmp-server enable traps [notification_type [notification_option]] no snmp-server enable traps [notification_type [notification_option]] Syntax Description Command Modes Configuration mode notification_type (Optional) Type of notification to enable. If no type is specified, the ACE sends all notifications. Specify one of the following keywords: • license—Sends SNMP license manager notifications. This keyword appears only in the Admin context. • slb—Sends server load-balancing notifications. When you specify the slb keyword, you can specify a notification_option value. • snmp—Sends SNMP notifications. When you specify the snmp keyword, you can specify a notification_option value. • syslog—Sends error message notifications (Cisco Syslog MIB). Specify the level of messages to be sent with the logging history command. • virtual-context—Sends virtual context change notifications. This keyword appears only in the Admin context. notification_option (Optional) One of the following SNMP notifications to enable: • When you specify the snmp keyword, specify the authentication, coldstart, linkdown, or linkup keyword to enable SNMP notifications. This selection generates a notification if the community string provided in SNMP request is incorrect, or when a VLAN interface is either up or down. The coldstart keyword appears only in the Admin context. • When you specify the slb keyword, specify the real, serverfarm, or vserver keyword to enable server load-balancing notifications. This selection generates a notification if one of the following occurs: – The real server changes state (up or down) due to such occurrences as user intervention, ARP failures, and probe failures. – The virtual server changes state (up or down). The virtual server represents the servers behind the content switch in the ACE to the outside world and consists of the following attributes: destination address (can be a range of IP addresses), protocol, destination port, incoming VLAN.2-416 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Admin and user contexts Command History Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The notification types used in the snmp-server enable traps command all have an associated MIB object that globally enables or disables them. However, not all of the notification types available in the snmp-server host command have notificationEnable MIB objects, so some of the notification types cannot be controlled using the snmp-server enable traps command. To configure the ACE to send the SNMP notifications, specify at least one snmp-server enable traps command. To enable multiple types of notifications, you must enter a separate snmp-server enable traps command for each notification type and notification option. If you enter the command without any keywords, the ACE enables all notification types and traps. The snmp-server enable traps command is used with the snmp-server host command. The snmp-server host command specifies which host receives the SNMP notifications. To send notifications, you must configure at least one SNMP server host. (ACE appliance only) The supported SNMP notifications (traps) in the CISCO-ENHANCED-SLB-MIB for the serverfarm option are as follows: • esRealServerStateUpRev1 State of a real server configured in a server farm is up due to user intervention.The notification is sent with the following varbinds: – cesRealServerName – cesServerFarmRserverBackupPort – cesServerFarmName – cesServerFarmRserverAdminStatus – cesServerFarmRserverOperStatus – cesRserverIpAddressType – cesRserverIpAddress – cesServerFarmRserverDescr • cesRealServerStateDownRev1 State of a real server configured in a server farm is down due to user intervention. The notification is sent with the following varbinds: – cesRealServerName – cesServerFarmRserverBackupPort – cesServerFarmName – cesServerFarmRserverAdminStatus ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.4) The serverfarm option was added to this command.2-417 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands – cesServerFarmRserverOperStatus – cesServerFarmRserverStateDescr – cesRserverIpAddressType – cesRserverIpAddress – cesServerFarmRserverDescr • cesRealServerStateChangeRev1 State of a real server configured in a server farm changed to a new state as a result of something other than a user intervention. This notification is sent for situations such as ARP failures, probe failures, and so on. The notification is sent with the following varbinds: – cesRealServerName – cesServerFarmRserverBackupPort – cesServerFarmName – cesServerFarmRserverAdminStatus – cesServerFarmRserverOperStatus – cesServerFarmRserverStateDescr – cesRserverIpAddressType – cesRserverIpAddress – cesProbeName – cesServerFarmRserverDescr Examples To enable the ACE to send server load-balancing traps to the host myhost.cisco.com using the community string public, enter: host1/Admin(config)# snmp-server host myhost.cisco.com host1/Admin(config)# snmp-server community SNMP_Community1 group Network-Monitor host1/Admin(config)# snmp-server enable traps slb real To disable SNMP server notifications, enter: host1/Admin(config)# no snmp-server enable traps slb real Related Commands (config) snmp-server host2-418 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) snmp-server engineid To configure the SNMP engine ID for an ACE context, use the snmp-server engineid command. Use the no form of this command to reset the default engine ID for the context. snmp-server engineid number no snmp-server engineid number Syntax Description Command Modes Configuration mode Admin and user contexts Caution If you change the SNMP engine ID for an Admin or user context, all configured SNMP users become invalid and all SNMP communities are deleted. You must recreate all SNMP users by using the snmp-server user command in configuration mode. You must recreate all SNMP communities by using the snmp-server community command in configuration mode. Command History Usage Guidelines The ACE allows you to configure an SNMP engine ID for the Admin or user context. By default, the ACE automatically creates an SNMP engine ID for the Admin context and each user context. The SNMP engine represents a logically separate SNMP agent. The IP address for an ACE context provides access to only one SNMP engine ID. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure an engine ID 88439573498573888843957349857388 for the Admin context, enter: host1/Admin(config)# snmp-server engineID 88439573498573888843957349857388 To reset the default engine ID for the Admin context, enter: host1/Admin(config)# no snmp-server engineID contact_information SNMPv3 engine ID that you want to configure. Enter a range of 10 to 64 hexadecimal digits. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-419 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To display the engine ID for a context, use the show snmp engineID command in Exec mode for the context. For example, to display the engine ID for the Admin context, enter: host1/Admin# show snmp engineID Related Commands (config) snmp-server host (config) snmp-server community (config) snmp-server user2-420 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) snmp-server host To specify which host receives Simple Network Management Protocol (SNMP) notifications, use the snmp-server host command. To send notifications, you must configure at least one SNMP host using the snmp-server host command. Use the no form of this command to remove the specified host. snmp-server host host_address [informs | traps] [version {1 | 2c | {3 auth | noauth | priv}] community-string_username [udp-port number] no snmp-server host host_address [informs | traps] [version {1 | 2c | {3 auth | noauth | priv}] community-string_username [udp-port number] Syntax Description Command Modes Configuration mode Admin and user contexts Command History host_address IP address of the host (the targeted recipient). Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). informs (Optional) Sends SNMP inform requests to the identified host, which allows for manager-to-manager communication. Inform requests can be useful when you need more than one NMS in the network. traps (Optional) Sends SNMP traps to the identified host. An agent uses a trap to tell the NMS that a problem has occurred. The trap originates from the agent and is sent to the trap destination, as configured within the agent itself. The trap destination is typically the IP address of the NMS. version (Optional) Specifies the version of SNMP used to send the traps. SNMPv3 is the most secure model because it allows packet encryption with the priv keyword. 1 Specifies SNMPv1. 2c Specifies SNMPv2C. 3 Specifies SNMPv3. auth Enables Message Digest 5 (MD5) and Secure Hash Algorithm (SHA) packet authentication. noauth Specifies the noAuthNoPriv security level. priv Enables Data Encryption Standard (DES) packet encryption (privacy). community-string_username SNMP community string or username with the notification operation to send. Enter an unquoted text string with no space and a maximum of 32 alphanumeric characters. udp-port number (Optional) Specifies the port UDP port of the host to use. The default is 162. Enter a number from 0 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-421 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports a maximum of 10 SNMP hosts per context. Examples To specify the recipient of an SNMP notification, enter: host1/Admin(config)# snmp-server host 192.168.1.1 traps version 2c abcddsfsf udp-port 500 To remove the specified host, enter: host1/Admin(config)# no snmp-server host 192.168.1.1 traps version 2c abcddsfsf udp-port 500 Related Commands (config) snmp-server enable traps (config) snmp-server location To specify the Simple Network Management Protocol (SNMP) system location, use the snmp-server location command. You can specify only one location. Use the no form of this command to remove the SNMP system location. snmp-server location location no snmp-server location Syntax Description Command Modes Configuration mode Admin and user contexts Command History ACE Appliance Release Modification A1(7) This command was introduced. location Physical location of the system. Enter a text string with a maximum of 240 alphanumeric characters, including spaces. If the string contains more than one word, enclose the string in quotation marks (“ ”). ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-422 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can specify only one location per SNMP system. Examples To specify SNMP system location information, enter: host1/Admin(config)# snmp-server location “Boxborough MA” To remove the specified SNMP system location information, enter: host1/Admin(config)# no snmp-server location Related Commands (config) snmp-server community (config) snmp-server trap link ietf To instruct the ACE to send the linkUp and linkDown traps with the IETF standard IF-MIB (RFC 2863) variable bindings that consist of ifIndex, ifAdminStatus, and ifOperStatus, use the snmp-server trap link ietf command. Use the no form of this command to revert to the Cisco implementation of linkUp and linkDown traps. snmp-server trap link ietf no snmp-server trap link ietf Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History ACE Appliance Release Modification A1(7) This command was introduced. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-423 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. By default, the ACE sends the Cisco implementation of linkUp and linkDown traps to the NMS. The ACE sends the Cisco Systems IF-MIB variable bindings that consist of ifIndex, ifAdminStatus, ifOperStatus, ifName, ifType, clogOriginID, and clogOriginIDType. You can configure the ACE to send the IETF standards-based implementation for linkUp and linkDown traps (as outlined in RFC 2863). The Cisco var-binds are sent by default. To receive RFC 2863-compliant traps, you must specify the snmp-server trap link ietf command. Examples To configure the linkUp and linkDown traps to be compliant with RFC 2863, enter: host1/Admin(config)# snmp-server trap link ietf To revert to the Cisco implementation of linkUp and linkDown traps, enter: host1/Admin(config)# no snmp-server trap link ietf Related Commands (config) snmp-server enable traps (config) snmp-server trap-source vlan To specify the use of the IP address configured on a VLAN as the trap-source address in the SNMPv1 trap PDU, use the snmp-server trap-source vlan command. If the VLAN interface does not contain a valid IP address, the sending of notifications fails for SNMPv1 traps. Use the no form of this command to remove the specified VLAN as the source address in the SNMPv1 trap PDU and reset the default behavior. snmp-server trap-source vlan number no snmp-server trap-source vlan number Syntax Description Command Modes Configuration mode Admin and user contexts Command History number VLAN number of the configured interface. Enter a value from 2 to 4094 for an existing VLAN. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-424 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines By default, the ACE uses the trap source IP address from the internal routing table, depending on the destination host address, where the ACE will send the notification. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. (ACE appliance only) The ACE restricts you from selecting the VLAN number of the FT VLAN interface that has been specified between redundant ACE appliances as the trap source address contained in the SNMP v1 trap PDU. Examples To specify VLAN 50 in the VLAN interface as the source address in the SNMPv1 trap PDUs, enter: host1/Admin(config)# snmp-server trap-source vlan 50 To remove the specified VLAN as the source address in the SNMPv1 trap PDU and reset the default behavior, enter: host1/Admin(config)# no snmp-server trap-source Related Commands (config) snmp-server enable traps (config) snmp-server unmask-community To unmask the snmpCommunityName and snmpCommunitySecurityName OIDs of the SNMP-COMMUNITY-MIB, use the snmp-server unmask-community command. By default, these OIDs are masked. Use the no form of this command to mask these OIDs. snmp-server unmask-community no snmp-server unmask-community Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History A3(2.1) You can no longer select the VLAN number of the FT VLAN interface that has been specified between redundant ACE appliances as the trap source address contained in the SNMP v1 trap PDU. ACE Appliance Release Modification ACE Module Release Modification A2(1.5) This command was introduced.2-425 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To assign multiple roles to a user, enter multiple snmp-server user commands. You can create a maximum of 28 SNMP users for each context. User configuration through the snmp-server user command is applicable only for SNMPv3; SNMPv1 and SNMPv2c use a community string match for user authentication. The ACE synchronizes the interactions between a user created with the username command and the same user specified using the snmp-server user command; updates made to a user configuration in the ACE CLI are automatically reflected in the SNMP server. For example, when you delete a user, the user is automatically deleted from both the SNMP server and the CLI. In addition, user-role mapping changes are synchronized in SNMP and CLI. Only network monitoring operations are supported through the ACE implementation of SNMP where all SNMP users are automatically assigned to the system-defined default group of Network-Monitor. Examples To set the user information, enter: host1/Admin# config Enter configuration commands, one per line. End with CNTL/Z host1/Admin(config)# snmp-server user joe Network-Monitor auth sha abcd1234 host1/Admin(config)# snmp-server user sam Network-Monitor auth md5 abcdefgh host1/Admin(config)# snmp-server user Bill Network-Monitor auth sha abcd1234 priv abcdefgh To disable the SNMP user configuration or to remove an SNMP user, enter: host1/Admin(config)# no snmp-server user Bill Network-Monitor auth sha abcd1234 priv abcdefgh Related Commands This command has no related commands. (config) snmp-server user To configure Simple Network Management Protocol (SNMP) user information, use the snmp-server user command. Use the no form of this command to disable the SNMP user configuration or to remove an SNMP user. snmp-server user user_name [group_name] [auth {md5 | sha} password1 [priv [aes-128] password2] [localizedkey]] no snmp-server user user_name [group_name] [auth {md5 | sha} password1 [priv [aes-128] password2] [localizedkey]] ACE Appliance Release Modification A3(2.3) This command was introduced.2-426 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description user_name Username. Enter an unquoted text string with no spaces and a maximum of 24 alphanumeric characters. group_name • (Optional) User role group to which the user belongs. Enter Network-Monitor, the default group name and the only role that is supported. Note Only network monitoring operations are supported through the ACE implementation of SNMP. In this case, all SNMP users are automatically assigned the system-defined default group of Network-Monitor. For details on creating users, see the Virtualization Guide, Cisco ACE Application Control Engine. auth (Optional) Sets authentication parameters for the user. Authentication determines that the message is from a valid source. md5 Specifies the HMAC Message Digest 5 (MD5) encryption algorithm for user authentication. sha Specifies the HMAC Secure Hash Algorithm (SHA) encryption algorithm for user authentication. password1 User authentication password. Enter an unquoted text string with no space and a maximum of 130 alphanumeric characters. The ACE automatically synchronizes the SNMP authentication password as the password for the CLI user. The ACE supports the following special characters in a password: , . / = + - ^ @ ! % ~ # $ * ( ) Note that the ACE encrypts clear text passwords in the running-config. priv (Optional) Specifies encryption parameters for the user. The priv option and the aes-128 option indicate that this privacy password is for generating a 128-bit AES key. aes-128 (Optional) Specifies the 128-byte Advanced Encryption Standard (AES) algorithm for privacy. AES is a symmetric cipher algorithm and is one of the privacy protocols for SNMP message encryption. It conforms with RFC 3826. password2 Encryption password for the user. The AES priv password can have a minimum of eight alphanumeric characters. If the passphrases are specified in clear text, you can specify a maximum of 64 alphanumeric characters. If you use the localized key, you can specify a maximum of 130 alphanumeric characters. Spaces are not allowed. The ACE supports the following special characters in a password: , . / = + - ^ @ ! % ~ # $ * ( ) Note that the ACE encrypts clear text passwords in the running-config. localizedkey (Optional) Specifies that the password is in a localized key format for security encryption.2-427 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Note If you change the SNMP engine ID for an Admin or user context, all configured SNMP users become invalid. You must recreate all SNMP users by using the snmp-server user command in configuration mode. Command History Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To assign multiple roles to a user, enter multiple snmp-server user commands. You can create a maximum of 28 SNMP users for each context. User configuration through the snmp-server user command is applicable only for SNMPv3; SNMPv1 and SNMPv2c use a community string match for user authentication. The ACE synchronizes the interactions between a user created with the username command and the same user specified using the snmp-server user command; updates made to a user configuration in the ACE CLI are automatically reflected in the SNMP server. For example, when you delete a user, the user is automatically deleted from both the SNMP server and the CLI. In addition, user-role mapping changes are synchronized in SNMP and CLI. Only network monitoring operations are supported through the ACE implementation of SNMP where all SNMP users are automatically assigned to the system-defined default group of Network-Monitor. Examples To set the user information, enter: host1/Admin# config Enter configuration commands, one per line. End with CNTL/Z host1/Admin(config)# snmp-server user joe Network-Monitor auth sha abcd1234 host1/Admin(config)# snmp-server user sam Network-Monitor auth md5 abcdefgh host1/Admin(config)# snmp-server user Bill Network-Monitor auth sha abcd1234 priv abcdefgh To disable the SNMP user configuration or to remove an SNMP user, enter: host1/Admin(config)# no snmp-server user Bill Network-Monitor auth sha abcd1234 priv abcdefgh Related Commands (config) snmp-server community ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-428 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) ssh key To generate the Secure Shell (SSH) private key and the corresponding public key for use by the SSH server, use the ssh key command. Use the no form of this command to remove an SSH key pair. ssh key {dsa | rsa | rsa1} [bits [force]] no ssh key {dsa | rsa | rsa1} Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Before you generate the key, set the hostname. This setting is used in the generation of the key. The global administrator performs the key generation in the Admin context. All contexts associated with the ACE share the common key. There is only a single host-key pair. If you are the administrator or another user authorized in the Admin context, use the changeto command in exec mode to move to the Admin context. An administrator can perform all allowable functions within the Admin context. Ensure that you have an SSH host key pair with the appropriate version before you enable the SSH service. The SSH service accepts three types of key pairs for use by SSH versions 1 and 2. Generate the SSH host key pair according to the SSH client version used. dsa Generates the DSA key pair for the SSH version 2 protocol. rsa Generates the RSA key pair for the SSH version 2 protocol. rsa1 Generates the RSA1 key pair for the SSH version 1 protocol. bits (Optional) Number of bits for the key pair. For DSA, enter an integer from 768 to 2048. For RSA and RSA1, enter an integer from 768 to 4096. The greater the number of bits that you specify, the longer it takes to generate the key. The default is 1024. force (Optional) Forces the generation of a DSA or RSA key even when previous keys exist. If the SSH key pair option is already generated for the required version, use the force option to overwrite the previously generated key pair. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-429 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To generate an RSA1 key pair in the Admin context, enter: host1/Admin(config)# ssh key rsa1 768 generating rsa1 key(768 bits)..... . generated rsa1 key To remove the SSH host key pair, enter: host1/Admin(config)# no ssh key rsa1 Related Commands (config) ssh maxsessions (config-cmap-mgmt) match protocol (config) ssh maxsessions To control the maximum number of Secure Shell (SSH) sessions allowed for each context, use the ssh maxsessions command. By default, the ACE supports four concurrent SSH management sessions for each user context and 16 concurrent SSH management sessions for the Admin context. Use the no form of this command to revert to the default number of SSH sessions. ssh maxsessions max_sessions no ssh maxsessions Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports a total maximum of 256 concurrent SSH sessions. max_sessions Maximum number of concurrent SSH sessions allowed for the associated context. The range is from 1 to 4 SSH sessions per user context and from 1 to 16 SSH sessions for the Admin context. The defaults are 4 (user context) and 16 (Admin context). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-430 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To set the maximum number of concurrent SSH sessions in the Admin context to 3, enter: host1/Admin(config)# ssh maxsessions 3 To revert to the default of 16 SSH sessions for the Admin context, enter: host1/Admin(config)# no ssh maxsessions Related Commands (config) ssh key (config-cmap-mgmt) match protocol (config) ssl-proxy service To create a Secure Sockets Layer (SSL) proxy service, use the ssl-proxy service command. For SSL termination, you configure the ACE with an SSL proxy server service because the ACE acts as an SSL server. Once you create an SSL proxy service, the CLI enters into the ssl-proxy configuration mode, where you define each of the proxy service attributes that the ACE uses during the SSL handshake. Use the no form of this command to delete an existing SSL proxy service. ssl-proxy service pservice_name no ssl-proxy service pservice_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you create a SSL proxy service, the CLI prompt changes to the ssl-proxy configuration mode, where you define the following SSL proxy service attributes: • Authentication group • Certificate • Key pair pservice_name Name of the SSL proxy service. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-431 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands • Chain group • Parameter map For information about the commands in SSL proxy configuration mode, see the “SSL Proxy Configuration Mode Commands” section. Examples To create the SSL proxy service PSERVICE_SERVER, enter: host1/Admin(config)# ssl-proxy service PSERVICE_SERVER host1/Admin(config-ssl-proxy)# To delete an existing SSL proxy service, enter: host1/Admin(config)# no ssl-proxy PSERVICE_SERVER Related Commands (config-ssl-proxy) cert (config-ssl-proxy) authgroup (config-ssl-proxy) chaingroup (config-ssl-proxy) key (config-ssl-proxy) ssl advanced-options (config) static (ACE module only) To configure the static NAT overwrite feature, use the static command. This feature allows a maximum number of 400 K static NATs. By default, the ACE allows you to configure a maximum 8 K static NAT configurations. Use the no form of this command to reset the default behavior. static vlan mapped_vlan_id vlan real_vlan_id mapped_ip_address {real_ip_address [netmask mask]} no static vlan mapped_vlan_id vlan real_vlan_id mapped_ip_address {real_ip_address [netmask mask]} Syntax Description mapped_vlan_id The VLAN ID of the interface connected to the mapped IP address network. In a context, the mapped interface must be the same in each static NAT configuration. real_vlan_id The VLAN ID of the interface connected to the real IP address network. mapped_ip_address The translated IP address for the real address. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). In a context, the mapped IP address must be different in each static NAT configuration. real_ip_address The real server IP address for translation. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). In a context, you must configure a different address for configurations that have the same real server interface. netmask mask (Optional) Specifies the subnet mask for the real server address. Enter a subnet mask in dotted-decimal notation (for example, 255.255.255.0).2-432 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the NAT feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE creates static connections that contain the NATs as soon as the configuration is applied. Because these connections exist before the packets are received, no ACL is required to permit flows that will be translated. When using the static command, consider the following restrictions: • The ACE supports this configuration only in routed mode. • The ACE allows only one mapped interface in a context. However, each static NAT configuration must have a different mapped IP address. • The ACE does not support bidirectional NAT, source address and destination address translation for the same flow. • You must limit the number of real server IP addresses on the same subnet as the real interface to less than 1 K. Also, limit the number of mapped IP addresses on the same subnet as the mapped interface to less than 1 K. • You must not configure more than one next-hop at any point on the mapped interface. It is not recommended that you configure MPC-based NAT for the same context in which you configure the static command. Examples To create a static NAT configuration for the mapped interface VLAN 176, real server interface VLAN 171, and real server IP address of 10.181.0.2 255.255.255.255 to be translated to the mapped address 5.6.7.4, enter: host1/C1(config)# static vlan 176 vlan 171 5.6.7.4 10.81.0.2 netmask 255.255.255.255 To remove this configuration, enter: host1/C1(config)# no static vlan 176 vlan 171 5.6.7.4 10.81.0.2 netmask 255.255.255.255 Related Commands show nat-fabric show running-config ACE Module Release Modification A2(1.0) This command was introduced.2-433 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) sticky http-content To create a sticky group for HTTP content stickiness, use the sticky http-content command. The prompt changes to the sticky HTTP content configuration mode (config-sticky-content). Use the no form of this command to remove the sticky group from the configuration. sticky http-content name no sticky http-content name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the commands in sticky HTTP content configuration mode, see the “Sticky HTTP Content Configuration Mode Commands” section. Examples To create a sticky group for HTTP packet content stickiness, enter: host1/Admin(config)# sticky http-content HTTP_CONTENT_GROUP host1/Admin(config-sticky-content)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky http-content HTTP_CONTENT_GROUP Related Commands show running-config show sticky database name Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-434 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) sticky http-cookie To configure the ACE to use HTTP cookies for stickiness and enter sticky cookie configuration mode, use the sticky http-cookie command. The CLI prompt changes to (config-sticky-cookie). The ACE uses the learned cookie to provide stickiness between a client and a server for the duration of a transaction. Use the no form of this command to remove the sticky group from the configuration. sticky http-cookie name1 name2 no sticky http-cookie name1 name2 Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the commands in sticky cookie configuration mode, see the “Sticky HTTP Cookie Configuration Mode Commands” section. Examples To create a sticky group for cookie stickiness, enter: host1/Admin(config)# sticky http-cookie cisco.com GROUP3 To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky http-cookie cisco.com GROUP3 http-cookie name1 Specifies that the ACE learn the cookie value from the HTTP header of the client request or from the Set-Cookie message from the server. Enter a unique identifier for the cookie as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. name2 Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-435 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands show running-config show sticky database2-436 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) sticky http-header To create an HTTP header sticky group to enable the ACE to stick client connections to the same real server based on HTTP headers, use the sticky http-header command. The prompt changes to the sticky-header configuration mode (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration. sticky http-header name1 name2 no sticky http-header name1 name2 Syntax Description Command Modes Configuration mode Admin and user contexts name1 HTTP header name. Enter the HTTP header name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Alternatively, you can select one of the following standard headers: • Accept • Accept-Charset • Accept-Encoding • Accept-Language • Authorization • Cache-Control • Connection • Content-MD5 • Expect • From • Host • If-Match • Pragma • Referer • Transfer-Encoding • User-Agent • Via See the Server Load-Balancing Guide, Cisco ACE Application Control Engine for a definition of each standard header. name2 Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-437 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the commands in HTTP sticky header configuration mode, see the “Sticky HTTP Header Configuration Mode Commands” section. Examples To create a group for HTTP header stickiness, enter: host1/Admin(config)# sticky http-header Host GROUP4 host1/Admin(config-sticky-header)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky http-header Host GROUP4 Related Commands show running-config show sticky database ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-438 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) sticky ip-netmask To create a sticky group for IP address stickiness, use the sticky-ip netmask command. The prompt changes to the sticky-IP configuration mode (config-sticky-ip). You can create a maximum of 4096 sticky groups on an ACE. Use the no form of this command to remove the sticky group from the configuration. sticky ip-netmask netmask address {both | destination | source} name no sticky ip-netmask netmask address {both | destination | source} name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. netmask Network mask that the ACE applies to the IP address. Enter a network mask in dotted-decimal notation (for example, 255.255.255.0). address {both | destination | source} Specifies the IP address used for stickiness. Enter one of the following options after the address keyword: • both—Specifies that the ACE use both the source IP address and the destination IP address to stick the client to a server. • destination—Specifies that the ACE use the destination address specified in the client request to stick the client to a server. You typically use this keyword in caching environments. • source—Specifies that the ACE use the client source IP address to stick the client to a server. You typically use this keyword in web application environments. name Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-439 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands For information about the commands in sticky IP configuration mode, see the “Sticky IP Configuration Mode Commands” section. Examples To create a sticky group that uses IP address stickiness based on both the source IP address and the destination IP address, enter: host1/Admin(config)# sticky ip-netmask 255.255.255.0 address both GROUP1 host1/Admin(config-sticky-ip)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky ip-netmask 255.255.255.0 address both GROUP1 Related Commands show running-config show sticky database (config) sticky layer4-payload To create a sticky group for Layer 4 payload stickiness, use the sticky layer4-payload command. The prompt changes to the sticky Layer 4 payload configuration mode (config-sticky-l4payloa). Use the no form of this command to remove the sticky group from the configuration. sticky layer4-payload name no sticky layer4-payload name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. name Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-440 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. You can create a maximum of 4096 sticky groups on an ACE.For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the commands in sticky Layer 4 payload configuration mode, see the “Sticky Layer 4 Payload Configuration Mode Commands” section. Examples To create a sticky group that uses Layer 4 payload stickiness, enter: host1/Admin(config)# sticky layer4-payload L4_PAYLOAD_GROUP host1/Admin(config-sticky-l4payloa)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky layer4-payload L4_PAYLOAD_GROUP Related Commands show running-config show sticky database (config) sticky radius framed-ip To create a sticky group for RADIUS attribute stickiness, use the sticky radius framed-ip command. The prompt changes to the sticky RADIUS configuration mode (config-sticky-radius). Use the no form of this command to remove the sticky group from the configuration. sticky radius framed-ip [calling-station-id | username] name no sticky radius framed-ip [calling-station-id | username] name Syntax Description Command Modes Configuration mode Admin and user contexts Command History calling-station-id (Optional) Specifies stickiness based on the RADIUS framed IP attribute and the calling station ID attribute. username (Optional) Specifies stickiness based on the RADIUS framed IP attribute and the username attribute. name Unique identifier of the RADIUS sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced.2-441 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. For information about the commands in sticky RADIUS configuration mode, see the “Sticky RADIUS Configuration Mode Commands” section. Examples To create a sticky group for RADIUS attribute stickiness, enter: host1/Admin(config)# sticky radius framed-ip calling-station-id RADIUS_GROUP host1/Admin(config-sticky-radius)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky radius framed-ip calling-station-id RADIUS_GROUP Related Commands show running-config show sticky database (config) sticky rtsp-header To create an RTSP header sticky group to enable the ACE to stick client connections to the same real server based on the RTSP Session header field, use the sticky rtsp-header command. The prompt changes to the sticky header configuration mode prompt (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration. sticky rtsp-header name1 name2 no sticky rtsp-header name1 name2 Syntax Description Command Modes Configuration mode Admin and user contexts ACE Appliance Release Modification A3(1.0) This command was introduced. name1 RTSP header field. The ACE supports only the RTSP Session header field for stickiness. Enter Session. name2 Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-442 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports only the RTSP Session header field for stickiness. For information about the commands in RTSP sticky header configuration mode, see the “Sticky RTSP Header Configuration Mode Commands” section. Examples To create a group for RTSP header stickiness, enter: host1/Admin(config)# sticky rtsp-header Session RTSP_GROUP host1/Admin(config-sticky-header)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky rtsp-header Session RTSP_GROUP Related Commands show running-config show sticky database (config) sticky sip-header To create a SIP header sticky group to enable the ACE to stick client connections to the same real server based on the SIP Call-ID header field, use the sticky sip-header command. The prompt changes to the sticky header configuration mode prompt (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration. sticky sip-header name1 name2 no sticky sip-header name1 name2 Syntax Description ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. name1 SIP header field. The ACE supports only the SIP Call-ID header field for stickiness. Enter Call-ID. name2 Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-443 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use the stickiness feature, you must allocate a minimum percentage of system resources to stickiness. Otherwise, the feature will not work. For more information about allocating resources, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports only the SIP Call-ID header field for stickiness. For information about the commands in SIP sticky header configuration mode, see the “Sticky SIP Header Configuration Mode Commands” section. Examples To create a group for SIP header stickiness, enter: host1/Admin(config)# sticky sip-header Call-ID SIP_GROUP host1/Admin(config-sticky-header)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky sip-header Call-ID SIP_GROUP Related Commands show running-config show sticky database (config) switch-mode To change the way that the ACE handles TCP and UDP connections that are not destined to a particular VIP and those connections that do not have any policies associated with their traffic, use the switch-mode command. When you enable this command, the ACE still creates connection objects for those TCP sessions that are not destined to the VIP. The ACE processes these connections as stateless connections, which means that they do not undergo any TCP normalization checks (for example, TCP window, TCP state, TCP sequence number, and other normalization checks). switch-mode [timout seconds] no switch-mode ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-444 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines If you configure switch mode and you configure any connection parameter-map commands (for example, set tcp buffer-share, rate-limit, exceed-mss, nagle, random-sequence-number, reserved-bits, set tcp wan-optimization, timeout inactivity, slowstart, and so on) either locally on a specific interface or globally on all interfaces, switch mode will override these commands for certain types of traffic. This behavior applies only to non-VIP, non-inspection, non-NATed, and non-management traffic. The ACE continues to apply local, global, and VIP-specific connection parameter maps to load-balanced (VIP), inspected, NATed, and management traffic. For details about switch mode, see the “Parameter Map Connection Configuration Mode Commands” section. Examples To enable the switch mode feature, enter the following command: host1/Admin(config)# switch-mode To enable the switch mode feature with a timeout of 300 seconds (5 minutes), enter the following command: host1/Admin(config)# switch-mode timeout 300 To reset the switch-mode timeout to the default value of 8100 seconds after you have enabled switch mode and configured a timeout, enter the following command: host1/Admin(config)# switch-mode To disable the switch mode feature, enter the following command: host1/Admin(config)# no switch-mode Related Commands This command has no related commands. timeout seconds Length of time in seconds that the ACE waits before removing the switch mode connection. Enter an integer from 0 to 1440 (24 hours). The default is 0. ACE Module Release Modification A2(3.0) This command was introduced. A4(1.0) The timeout option was added. ACE Appliance Release Modification A4(1.0) This command was introduced.2-445 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) tacacs-server deadtime To globally set the time interval in which the ACE verifies whether a nonresponsive server is operational, use the tacacs-server deadtime command. Use the no form of this command to reset the Terminal Access Controller Access Control System Plus (TACACS+) server dead-time request to the default of 0. tacacs-server deadtime minutes no tacacs-server deadtime minutes Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The dead-time interval starts when the server does not respond to an authentication request transmission. When the server responds to a probe access-request packet, the ACE retransmits the authentication request to the server. Using this command causes the ACE to mark as dead any TACACS+ servers that fail to respond to authentication requests. This action avoids the wait for the request to time out before trying the next configured server. The ACE skips a TACACS+ server that is marked as dead by additional requests for the duration of minutes. Examples To globally configure a 15-minute dead time for TACACS+ servers that fail to respond to authentication requests, enter: host1/Admin(config)# tacacs-server deadtime 15 To set the TACACS+ server dead-time request to 0, enter: host1/Admin(config)# no tacacs-server deadtime 15 minutes Length of time in minutes that the ACE skips a nonresponsive TACACS+ server for transaction requests. Enter an integer from 0 to 1440 (24 hours). The default is 0. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-446 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Related Commands show aaa (config) aaa group server (config) tacacs-server host (config) tacacs-server host To specify the Terminal Access Controller Access Control System Plus (TACACS+) server IP address, encrypted key, destination port, and other options, use the tacacs-server host command. You can enter multiple tacacs-server host commands to configure multiple TACACS+ servers. Use the no form of this command to revert to the default TACACS+ server authentication setting. tacacs-server host ip_address [key [0 | 7] shared_secret]] [port port_number] [timeout seconds] no tacacs-server host ip_address [key [0 | 7] shared_secret]] [port port_number] [timeout seconds] Syntax Description Command Modes Configuration mode Admin and user contexts Command History ip_address IP address for the TACACS+ server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). key (Optional) Enables an authentication key for communication between the ACE and the daemon running on the TACACS+ server. 0 (Optional) Configures a key specified in clear text (indicated by 0) to authenticate communication between the TACACS+ client and server. 7 (Optional) Configures a key specified in encrypted text (indicated by 7) to authenticate communication between the TACACS+ client and server. shared_secret Key used to authenticate communication between the TACACS+ client and server. The shared secret must match the one configured on the TACACS+ server. Enter the shared secret as a case-sensitive string with no spaces with a maximum of 63 alphanumeric characters. port port_number (Optional) Specifies the TCP destination port for communicating authentication requests to the TACACS+ server. By default, the TACACS+ authentication port is 1812 (as defined in RFC 2138 and RFC 2139). If your TACACS+ server uses a port other than 1812, use the port keyword to configure the ACE for the appropriate port before starting the TACACS+ service. The port_number argument specifies the TACACS+ port number. Enter an integer from 1 to 65535. timeout seconds (Optional) Specifies the time interval that the ACE waits for the TACACS+ server to reply to an authentication request. Enter an integer from 1 to 60. The default is 1 second. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-447 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The key shared_secret text string must match the encryption key used on the TACACS+ server. This key overrides the global setting of the (config) tacacs-server key command. If you do not specify a key, the global value is used. TACACS+ keys are always stored in encrypted form in persistent storage. The running configuration also displays keys in encrypted form. For the specified server, the timeout keyword used with the tacacs-server host command overrides the global setting assigned using the (config) tacacs-server timeout command. By default, the ACE waits 1 second for the TACACS+ server to reply to an authentication request before it declares a timeout and attempts to contact the next server in the group. If all servers in the group are unavailable for authentication and accounting, the ACE tries the local database if you configure the database as the local fallback method by entering the (config) aaa authentication login or the (config) aaa accounting default command. Examples To configure TACACS+ server authentication parameters, enter: host1/Admin(config)# tacacs-server host 192.168.3.2 key HostKey host1/Admin(config)# tacacs-server host 192.168.3.2 tacacs3 key 7 1234 host1/Admin(config)# tacacs-server host 192.168.3.2 port 1645 host1/Admin(config)# tacacs-server host 192.168.3.2 timeout 5 To revert to a default TACACS+ server authentication setting, enter: host1/Admin(config)# no tacacs-server host 192.168.3.2 tacacs3 key 7 1234 Related Commands show aaa (config) aaa group server ACE Appliance Release Modification A1(7) This command was introduced.2-448 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) tacacs-server key To globally configure an authentication key for communication between the ACE and the Terminal Access Controller Access Control System Plus (TACACS+) daemon running on each TACACS+ server, use the tacacs-server key command. Use the no form of this command to delete the key. tacacs-server key [0 | 7] shared_secret [timeout seconds] no tacacs-server key [0 | 7] shared_secret [timeout seconds] Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The key is a text string that must match the encryption key used on the TACACS+ server. TACACS+ keys are always stored in encrypted form in persistent storage on the ACE. This global key will be applied to those TACACS+ servers in a named server group for which a shared secret is not individually configured using the (config) tacacs-server host command. 0 (Optional) Configures a key specified in clear text (indicated by 0) to authenticate communication between the TACACS+ client and server. 7 (Optional) Configures a key specified in encrypted text (indicated by 7) to authenticate communication between the TACACS+ client and server. shared_secret Key used to authenticate communication between the TACACS+ client and server. The shared secret must match the one configured on the TACACS+ server. Enter the shared secret as a case-sensitive string with no spaces with a maximum of 63 alphanumeric characters or you can include spaces if you enclose the entire key with quotation marks (for example, “my key”). timeout seconds (Optional) Globally configures the time interval that the ACE waits for the TACACS+ server to reply before retransmitting an authentication request to the TACACS+ server. The seconds argument is the timeout value in seconds. Valid entries are from 1 to 60 seconds. By default, the ACE waits 1 second to receive a response from a TACACS+ server before it declares a timeout failure and attempts to contact the next server in the group. This option configures the same time interval as the tacacs-server timeout command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-449 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To globally configure an authentication key in encrypted text (indicated by 7) to authenticate communication between the TACACS+ client and server, enter: host1/Admin(config)# tacacs-server key 7 abe4DFeeweo00o To delete the key, enter: host1/Admin(config)# no tacacs-server key 7 abe4DFeeweo00o Related Commands show aaa (config) aaa group server (config) tacacs-server host (config) tacacs-server timeout To globally change the time interval that the ACE waits for the Terminal Access Controller Access Control System Plus (TACACS+) server to reply before retransmitting an authentication request to the TACACS+ server, use the tacacs-server timeout command. The ACE applies the global timeout value to those TACACS+ servers for which a timeout value is not individually configured using the (config) tacacs-server host command. Use the no form of this command to revert to the default of 1 second between transmission attempts. tacacs-server timeout seconds no tacacs-server timeout seconds Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. seconds Timeout value in seconds. Valid entries are from 1 to 60 seconds. The default is 1 second. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-450 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Examples To globally configure the timeout value to 30 seconds, enter: host1/Admin(config)# tacacs-server timeout 30 To revert to the default of 1 second between transmission attempts, enter: host1/Admin(config)# no tacacs-server timeout 30 Related Commands show aaa (config) aaa group server (config) tacacs-server host2-451 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) telnet maxsessions To control the maximum number of Telnet sessions allowed for each context, use the telnet maxsessions command. By default, the ACE supports 4 concurrent Telnet management sessions for each user context and 16 concurrent Telnet management sessions for the Admin context. Use the no form of this command to revert to the default number of Telnet sessions. telnet maxsessions sessions no telnet maxsessions Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports a total maximum of 256 concurrent Telnet sessions. Examples To set the maximum number of concurrent Telnet sessions to 3 in the Admin context, enter: host1/Admin(config)# telnet maxsessions 3 To revert to the default of 16 Telnet sessions for the Admin context, enter: host1/Admin(config)# no telnet maxsessions Related Commands telnet clear telnet show telnet (config-cmap-mgmt) match protocol sessions Maximum number of concurrent Telnet sessions allowed for the associated context. The range is from 1 to 4 Telnet sessions per user context and from 1 to 16 Telnet sessions for the Admin context. The defaults are 4 (user context) and 16 (Admin context). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-452 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) timeout xlate To configure an idle timeout for Network Address Translation (NAT), use the timeout xlate command. Use the no form of this command to reset the idle timeout to the default of 10800 seconds (3 hours). timeout xlate seconds no timeout xlate Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the NAT feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To specify an idle timeout of 120 seconds (2 minutes), enter: host1/Admin(config)# timeout xlate 120 To reset the NAT idle timeout to the default value of 10800 seconds (3 hours), enter: host1/Admin(config)# no timeout xlate Related Commands (config) policy-map (config-pmap-c) nat dynamic (config-pmap-c) nat static seconds Time in seconds that the ACE waits to free the Xlate slot after it becomes idle. Enter an integer from 60 to 2147483. The default is 10800 seconds (3 hours). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-453 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) udp (ACE module only) To configure the UDP booster feature, use the udp command. Use this feature when your application requires very high UDP connection rates. Use the no form of this command to disable the UDP booster feature. udp {ip-source-hash | ip-destination-hash} no udp Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command requires the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To use this feature, you must configure both keywords on the appropriate interfaces, and configure standard load balancing on the ACE. For details about configuring load balancing and more information about this command, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. We recommend that you do not configure this feature with per-packet UDP load balancing (also called UDP fast-age) using the (config-pmap-c) loadbalance vip udp-fast-age command. Otherwise, unexpected results may occur. To configure the UDP booster feature on a the ACE, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# udp ip-source-hash host1/Admin(config-if)# exit host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# udp ip-destination-hash To disable the UDP booster feature, enter the following command: host1/Admin(config-if)# no udp Related Commands This command has no related commands. ip-source-hash Instructs the ACE to hash the source IP address of UDP packets that hit a source-hash VLAN interface prior to performing a connection match. Configure this keyword on a client-side interface. ip-destination-hash Instructs the ACE to hash the destination IP address of UDP packets that hit a destination-hash VLAN interface prior to performing a connection match. Configure this keyword on a server-side interface. ACE Module Release Modification A2(1.0) This command was introduced.2-454 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) username To change the default username and password, use the username command. Use the no form of this command to remove the username from the configuration. username name1 [password [0 | 5] password] [expire date] [role name2] [domain name3 name4 . . . namen] no username name1 [password [0 | 5] password] [expire date] [role name2] [domain name3 name4 . . . namen] Syntax Description Command Modes Configuration mode Admin and user contexts name1 Identifier of the user that you are creating. Enter an unquoted text string with no spaces and a maximum of 24 alphanumeric characters. The ACE supports the following non-alphanumeric characters in a username: - _ @ \ The ACE does not support the following characters: $ / ; ! # Note The “.” character is not supported on the local database but a username with this character is authenticated when it is configured on an ACS server. password (Optional) Indicates that a password follows. 0 (Optional) Specifies a clear text password. 5 (Optional) Specifies an MD5-hashed strong encryption password. password Password in clear text, encrypted text, or MD5 strong encryption, depending on the numbered option that you enter. If you do not enter a numbered option, the password is in clear text by default. If you enter the password keyword, you must enter a password. Enter a password as an unquoted text string with a maximum of 64 alphanumeric characters. The ACE supports the following special characters in a password: , . / = + - ^ @ ! % ~ # $ * ( ) Note that the ACE encrypts clear text passwords in the running-config. expire date (Optional) Specifies the expiration date of the user account. Enter the expiration date in the format yyyy-mm-dd. Be aware that the ACE applies the configured UTC offset to this date. role name2 (Optional) Specifies an existing role that you want to assign to the user. domain name3 name4 . . . namen (Optional) Specifies the domains in which the user can operate. You can enter multiple domain names up to a maximum of 10, including default-domain.2-455 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands Command History Usage Guidelines This command requires the context Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE creates the following default user accounts at startup: • The admin user is the global administrator and cannot be deleted. • (ACE appliance only) The dm user is for accessing the Device Manager GUI and cannot be deleted. The dm user is an internal user required by the Device Manager GUI; it is hidden on the ACE CLI. Note Do not modify the dm user password from the ACE CLI. If the password is changed, the Device Manager GUI will become inoperative. If this occurs, restart the Device Manager using the dm reload command (you must be the global administrator to access the dm reload command). Note that restarting the Device Manager does not impact ACE functionality; however, it may take a few minutes for the Device Manager to reinitialize as it reads the ACE CLI configuration. • The www user account is used by the ACE for the XML interface. If you do not assign a role to a new user, the default role is Network-Monitor. For users that you create in the Admin context, the default scope of access is the entire device. For users that you create in other contexts, the default scope of access is the entire context. If you need to restrict a user’s access, you must assign a role-domain pair. For more information about creating users, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To change the default username, enter: host1/Admin(config)# username USER1 password MYSECRET expire 2005-12-31 role TECHNICIAN domain D1 default-domain host1/Admin(config)# username USER2 password HERSECRET expire 2005-12-31 role Admin domain default-domain D2 To remove a username from the configuration, enter: host1/Admin(config)# no username USER1 Related Commands clear user show role show user-account show users ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-456 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Configuration Mode Commands (config) vm-controller To configure the VM controller (vCenter) that the ACE queries for VM load information for the dynamic workload scaling (DWS) feature, use the vm-controller command. Use the no form of this command to remove the username from the configuration. vm-controller name no vm-controller name Syntax Description Command Modes Configuration mode Admin context Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure a VM controller, enter: host1/Admin(config)# vm-controller VCENTER1 To remove a VM controller from the configuration, enter: host1/Admin(config)# no vm-controller VCENTER1 Related Commands show vm-controller name Name of an existing VM controller (vCenter) that the ACE queries for VM load information. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-457 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Action List Modify Configuration Mode Commands Action list modify configuration mode commands allow you to configure ACE action lists. An action list is a named group of actions that you associate with a Layer 7 HTTP class map in a Layer 7 HTTP policy map. You can create an action list to modify an HTTP header or to rewrite an HTTP redirect URL for Secure Sockets Layer (SSL). To create an action list, use the action-list type modify http command. The CLI prompt changes to (config-actlist-modify). Use the no form of this command to remove the action list from the configuration. action-list type modify http name no action-list type modify http name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To create an action list, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# To remove the action list from the configuration, enter: host1/Admin(config)# no action-list type modify http HTTP_MODIFY_ACTLIST Related Commands show running-config show stats name Unique name for the action list. Enter an unquoted text string with a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-458 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands (config-actlist-modify) description (ACE appliance only) To add a description about the action list, use the description command. Use the no form of this command to remove the description from the action list. description text_string no description Syntax Description Command Modes Action list modify configuration mode Admin and user contexts Command History Usage Guidelines After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To add a description for the action list, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# description action - delete request To remove the description from the action list, enter: host1/Admin(config-actlist-modify)# no description Related Commands show action-list text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Appliance Release Modification A3(2.3) This command was introduced.2-459 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands (config-actlist-modify) header delete To delete an HTTP header from a client request, a server response, or from both, use the header delete command in action list modify configuration mode. Use the no form of this command to remove the HTTP header delete action from the action list. header delete {request | response | both} header-name no header delete {request | response | both} header-name Syntax Description Command Modes Action list modify configuration mode Admin and user contexts Command History Usage Guidelines After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To delete the Host header from request packets only, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# header delete request Host To remove the header delete action from the action list, enter: host1/Admin(config-actlist-modify)# no header delete request Host Related Commands (config) action-list type modify http (config-actlist-modify) header insert request Specifies that the ACE delete the header from HTTP request packets from clients. response Specifies that the ACE delete the header from HTTP response packets from servers. both Specifies that the ACE delete the header from both HTTP request packets and response packets. header-name Identifier of the HTTP header that you want to delete. Enter an unquoted text string with a maximum of 255 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-460 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands (config-actlist-modify) header rewrite2-461 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands (config-actlist-modify) header insert When the ACE uses NAT to translate the source IP address of a client to a VIP address, servers need a way to identify that client for the TCP and IP return traffic. To identify a client whose source IP address has been translated using NAT, you can instruct the ACE to insert a generic header and string value in the client HTTP request. To insert a header name and value in an HTTP request from a client, a response from a server, or both, use the header insert command in action list modify configuration mode. Use the no form of this command to remove the HTTP header insert action from the action list. header insert {request | response | both} header-name header-value expression no header insert {request | response | both} header-name header-value expression Syntax Description Command Modes Action list modify configuration mode Admin and user contexts Command History request Specifies that the ACE insert an HTTP header in HTTP request packets from clients. response Specifies that the ACE insert an HTTP header in HTTP response packets from servers. both Specifies that the ACE insert an HTTP header in both HTTP request packets and response packets. header-name Identifier of an HTTP header. Enter an unquoted text string with a maximum of 255 alphanumeric characters. header-value expression Specifies the value of the HTTP header that you want to insert in request packets, response packets, or both. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can also use the following dynamic replacement strings: • %is—Insert the source IP address in the HTTP header. • %id—Insert the destination IP address in the HTTP header. • %ps—Insert the source port in the HTTP header. • %pd—Insert the destination port in the HTTP header. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-462 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Usage Guidelines After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. With either TCP server reuse or persistence rebalance enabled, the ACE inserts a header in every client request. For information about TCP server reuse, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To include a header insert action for both request and response packets in an action list, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# header insert both Host header-value www.cisco.com To remove the insert action from the action list, enter: host1/Admin(config-actlist-modify)# no header insert both Host header-value www.cisco.com Related Commands (config) action-list type modify http (config-actlist-modify) header delete (config-actlist-modify) header rewrite (config-actlist-modify) ssl header-insert (config-actlist-modify) header rewrite To rewrite an HTTP header value in request packets from a client, response packets from a server, or both, use the header rewrite command in action list modify configuration mode. Use the no form of this command to remove the HTTP header rewrite action from the action list. header rewrite {request | response | both} header-name header-value expression replace pattern no header rewrite {request | response | both} header-name header-value expression replace pattern Syntax Description request Specifies that the ACE rewrite an HTTP header string in HTTP request packets from clients. response Specifies that the ACE rewrite an HTTP header string in HTTP response packets from servers. both Specifies that the ACE rewrite an HTTP header string in both HTTP request packets and response packets. header-name Identifier of the HTTP header that you want to rewrite. Enter an unquoted text string with a maximum of 255 alphanumeric characters.2-463 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Command Modes Action list modify configuration mode Admin and user contexts Command History Usage Guidelines After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To include a header replace action for HTTP request packets in an action list, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# header rewrite request Host header-value www.cisco.com replace ? To remove the replace action from the action list, enter: host1/Admin(config-actlist-modify)# no header rewrite request Host header-value www.cisco.com replace ? Related Commands (config) action-list type modify http (config-actlist-modify) header delete (config-actlist-modify) header insert header-value expression Specifies the value of the HTTP header that you want to replace in request packets, response packets, or both. Enter a text string from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching data strings. Use parenthesized expressions for dynamic replacement using %1 and %2 in the replacement pattern. Note When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). replace pattern Specifies the pattern string that you want to substitute for the header value regular expression. For dynamic replacement of the first and second parenthesized expressions from the header value, use %1 and %2, respectively. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-464 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands (config-actlist-modify) ssl header-insert To insert HTTP headers containing SSL session information when the ACE receives an HTTP request during a session, use the ssl header-insert command. When a client sends encrypted traffic to the ACE in an SSL termination configuration, the ACE terminates the SSL traffic and then sends clear text to the server, which is unaware of the encrypted traffic flowing between the client and the ACE. Using an action list associated with a Layer 7 HTTP load-balancing policy map, you can instruct the ACE to provide the server with the following SSL session information by inserting HTTP headers into the HTTP requests that it receives over the connection: • Session Parameters—SSL session parameters that the ACE and client negotiate during the SSL handshake. • Server Certificate Fields—Information regarding the SSL server certificate that resides on the ACE. • Client Certificate Fields—Information regarding the SSL client certificate that the ACE retrieves from the client when you configure the ACE to perform client authentication. Use the no form of this command to remove the HTTP header insert information. ssl header-insert {client-cert specific_field | server-cert specific_field | session specific_field} [prefix prefix_string | rename new_field_name] no ssl header-insert {client-cert specific_field | server-cert specific_field | session specific_field} [prefix prefix_string | rename new_field_name] Syntax Description client-cert specific_field Specifies a client certificate (ClientCert) field name to insert into the HTTP header. See Table 1-6 for a list of the valid client certificate field names. server-cert specific_field Specifies a server certificate (ServerCert) field name to insert into the HTTP header. See Table 1-7 for a list of the valid server certificate field names. session specific_field Specifies a session field name to insert into the HTTP header. See Table 1-8 for a list of the valid session field names. prefix prefix_string (Optional) Inserts a prefix string before the specified field name. For example, if you specify the prefix Acme-SSL for the Authority-Key-Id server certificate field, then the ACE adds the field name as Acme-SSL-ServerCert-Authority-Key-Id. Enter a quoted text string. The maximum combined number of prefix string and field name characters that the ACE permits is 32. rename new_field_name (Optional) Assigns a new name to the specified field name. Enter an unquoted text string with no spaces. The maximum combined number of field name and prefix string characters that the ACE permits is 32.2-465 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Table 1-6 lists the supported SSL client certificate fields. Depending on how the certificate was generated and what key algorithm was used, all of these fields may not be present for the certificate. Ta b l e 1-6 SSL Session Information: SSL Client Certificate Fields ClientCert Field Description Authority-Key-Identifier X.509 authority key identifier. Format: ASCII string of hexadecimal bytes separated by colons for the X.509 version 3 Authority Key Identifier. Example: ClientCert-Authority-Key-Identifier: 16:13:15:97:FD:8E:16:B9:D2:99 Basic-Constraints X.509 basic constraints. Format: String that indicates if the certificate subject can act as a certificate authority. Possible values are CA=TRUE or CA=FALSE basic constraints. Example: ClientCert-Basic-Constraints: CA=TRUE Certificate-Version X.509 certificate version. Format: Numerical X.509 version (3, 2, or 1), followed by the ASN.1 defined value for X.509 version (2, 1, or 0) in parentheses. Example: ClientCert-Certificate-Version: 3 (0x2) Data-Signature-Algorithm X.509 hashing and encryption method. Format: md5WithRSAEncryption, sha1WithRSAEncryption, or dsaWithSHA1 algorithm used to sign the certificate and algorithm parameters. Example: ClientCert-Signature-Algorithm: md5WithRSAEncryption Fingerprint SHA1 hash of the certificate. Format: ASCII string of hexadecimal bytes separated by colons. Example: ClientCert-Fingerprint: 64:75:CE:AD:9B:71:AC:25:ED:FE:DB:C7:4B:D4:1:BA Issuer X.509 certificate issuer's distinguished name. Format: String of characters representing the certificate authority that issued the certificate. Example: ClientCert-Issuer: CN=Example CA, ST=Virginia, C=US/Email=ca@exampleca.com, 0=Root Issuer-CN X.509 certificate issuer's common name. Format: String of characters representing the common name of the certificate issuer. Example: ClientCert-Issuer-CN: www.exampleca.com Not-After Date after which the certificate is not valid. Format: Universal time string or generalized time string in the Not After date of the Validity field. Example: ClientCert-Not-After: Dec 12 22:45:13 2014 GMT2-466 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Not-Before Date before which the certificate is not valid. Format: Universal time string or generalized time string in the Not Before date of the Validity field. Example: ClientCert-Not-Before: Dec 12 22:45:13 2011 GMT Public-Key-Algorithm Algorithm used for the public key. Format: rsaEncryption, rsa, or dsaEncryption public key algorithm used to create the public key in the certificate. Example: ClientCert-Public-Key-Algorithm: rsaEncryption RSA-Modulus RSA algorithm modulus. Format: RSA algorithm modulus (n) printed in big-endian format hexadecimal, without leading 0x, and lowercase alphanumeric characters separated by a colon (:) character. Together with the exponent (e), this modulus forms the public key portion in the RSA certificate Example: ClientCert-RSA-Modulus: +00:d8:1b:94:de:52:a1:20:51:b1:77 RSA-Exponent Public RSA exponent. Format: Printed as a whole integer for the RSA algorithm exponent (e). Example: ClientCert-RSA-Exponent: 65537 RSA-Modulus-Size Size of the RSA public key. Format: Number of bits as a whole integer of the RSA modulus (typically 512, 1024, or 2048) followed by the word bit. Example: ClientCert-RSA-Modulus-Size: 1024 bit Serial-Number Certificate serial number. Format: Whole integer value assigned by the certificate authority; this can be any arbitrary integer value. Example: ClientCert-Serial-Number: 2 Signature Certificate signature. Format: Secure hash of the other fields in the certificate and a digital signature of the hash printed in big-endian format hexadecimal, without leading 0x, and lowercase alphanumeric characters separated by a colon (:) character. Example: ClientCert-Signature: 33:75:8e:a4:05:92:65 Signature-Algorithm Certificate signature algorithm. Format: md5WithRSAEncryption, sha1WithRSAEncryption, or dsaWithSHA1 for the secure hash algorithm. Example: ClientCert-Signature-Algorithm: md5WithRSAEncryption Table 1-6 SSL Session Information: SSL Client Certificate Fields (continued) ClientCert Field Description2-467 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Table 1-7 lists the supported SSL server certificate fields. Depending on how the certificate was generated and what key algorithm was used, all of these fields may not be present for the certificate. Subject X.509 subject's distinguished name. Format: String of characters representing the subject that owns the private key being certified. Example: ClientCert-Subject: CN=Example, ST=Virginia, C=US/Email=ca@example.com, 0=Root Subject-CN X.509 subject's common name. Format: String of characters that represent the common name of the subject to whom the certificate has been issued. Example: ClientCert-Subject-CN: www.cisco.com Subject-Key-Identifier X.509 subject key identifier. Format: ASCII string of hexadecimal bytes separated by colons for the X.509 version 3 subject key identifier. Example: ClientCert-Subject-Key-Identifier: 16:13:15:97:FD:8E:16:B9:D2:99 Table 1-6 SSL Session Information: SSL Client Certificate Fields (continued) ClientCert Field Description Ta b l e 1-7 SSL Session Information: Server Certificate Fields ServerCert Field Description Authority-Key-Id X.509 authority key identifier. Format: ASCII string of hex bytes separated by colons for the X.509 version 3 Authority Key Identifier. Example: ServerCert-Authority-Key-Identifier:16:13:15:97:FD:8E:16:B9:D2: 99 Basic-Constraints X.509 basic constraints. Format: String listing whether the certificate subject can act as a certificate authority. Possible values are CA=TRUE or CA=FALSE. Example: ServerCert-Basic-Constraints: CA=TRUE Certificate-Version X.509 certificate version. Format: Numerical X.509 version (3, 2, or 1), followed by the ASN.1 defined value for X.509 version (2, 1, or 0) in parentheses. Example: ServerCert-Certificate-Version: 3 (0x2) Data-Signature-Alg X.509 hashing and encryption method. Format: md5WithRSAEncryption, sha1WithRSAEncryption, or dsaWithSHA1 algorithm used to sign the certificate and algorithm parameters. Example: ServerCert-Signature-Algorithm: md5WithRSAEncryption2-468 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Fingerprint SHA1 hash output of the certificate. Format: ASCII string of hexadecimal bytes separated by colons. Example: ServerCert-Fingerprint: 64:75:CE:AD:9B:71:AC:25:ED:FE:DB:C7:4B:D4:1A:BA Issuer X.509 certificate issuer's distinguished name. Format: String of characters representing the certificate authority that issued this certificate. Example: ServerCert-Issuer: CN=Example CA, ST=Virginia, C=US/Email=ca@exampleca.com, 0=Root Issuer-CN X.509 certificate issuer’s common name. Format: String of characters representing the common name of the certificate issuer. Example: ServerCert-Issuer-CN: www.exampleca.com Not-After Date after which the certificate is not valid. Format: Universal time string or generalized time string in the Not After date of the Validity field. Example: ServerCert-Not-After: Dec 12 22:45:13 2014 GMT Not-Before Date before which the certificate is not valid. Format: Universal time string or generalized time string in the Not Before date of the Validity field. Example: ServerCert-Not-Before: Dec 12 22:45:13 2011 GMT Public-Key-Algorithm Algorithm used for the public key. Format: rsaEncryption, rsa, or dsaEncryption public key algorithm used to create the public key in the certificate. Example: ServerCert-Public-Key-Algorithm: rsaEncryption RSA-Exponent Public RSA exponent. Format: Whole integer representing the RSA algorithm exponent (e). Example: ServerCert-RSA-Exponent: 65537 RSA-Modulus RSA algorithm modulus. Format: RSA algorithm modulus (n) printed in big-endian format hexadecimal, without leading 0x, and lowercase alphanumeric characters separated by a colon (:) character. Together with the exponent (e), this modulus forms the public key portion in the RSA certificate. Example: ServerCert-RSA-Modulus: + 00:d8:1b:94:de:52:a1:20:51: b1:77 Table 1-7 SSL Session Information: Server Certificate Fields (continued) ServerCert Field Description2-469 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands RSA-Modulus-Size Size of the RSA public key. Format: Number of bits as a whole integer of the RSA modulus (typically 512, 1024, or 2048), followed by the word bit. Example: ServerCert-RSA-Modulus-Size: 1024 bit Serial-Number Certificate serial number. Format: Whole integer value assigned by the certificate authority; this can be any arbitrary integer value. Example: ServerCert-Serial-Number: 2 Signature Certificate signature. Format: Secure hash of the other fields in the certificate and a digital signature of the hash printed in big-endian format hexadecimal, without leading 0x, and lowercase alphanumeric characters and separated by a colon (:) character. Example: ServerCert-Signature: 33:75:8e:a4:05:92:65 Signature-Algorithm Certificate signature algorithm. Format: md5WithRSAEncryption, sha1WithRSAEncryption, or dsaWithSHA1 for the secure hash algorithm. Example: ServerCert-Signature-Algorithm: nmd5WithRSAEncryption Subject X.509 subject's distinguished name. Format: String of characters representing the subject that owns the private key being certified. Example: ServerCert-Subject: CN=Example, ST=Virginia, C=US/Email=ca@example.com, 0=Root Subject-CN X.509 subject's common name. Format: String of characters that represents the common name of the certificate issuer. Example: ServerCert-Subject-CN: CN=Example, ST=Virginia, C=US/Email=ca@example.com, 0=Root Subject-Key-Id X.509 subject key identifier. Format: ASCII string of hexadecimal bytes separated by colons for the X.509 version 3 subject key identifier. Example: ServerCert-Subject-Key-Identifier: 16:13:15:97: FD:8E:16:B9:D2:99 Table 1-7 SSL Session Information: Server Certificate Fields (continued) ServerCert Field Description2-470 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Table 1-8 lists the supported SSL session fields. Ta b l e 1-8 SSL Session Information: SSL Session Fields Session Field Description Cipher-Key-Size Symmetric cipher key size. Format: Whole integer that specifies the length in bytes of the public key. Example: Session-Cipher-Key-Size: 32 Cipher-Name Symmetric cipher suite name. Format: OpenSSL version name of the cipher suite negotiated during the session. Example: Session-Cipher-Name: EXP1024-RC4-SHA Cipher-Use-Size Symmetric cipher use size. Format: Whole integer that specifies the length in bytes of the key used for symmetric encryption during this session. Example: Session-Cipher-Use-Size: 7 Id SSL Session ID. The default is 0. Format: 32-byte session ID negotiated during this session if a session ID is or has been negotiated, printed in big-endian format; hexadecimal without leading 0x and lowercase alphanumeric characters separated by a colon (:). Example: Session-Id: 75:45:62:cf:ee:71:de:ad:be:ef:00:33:ee:23:89: 25:75:45:62:cf:ee:71:de:ad:be:ef:00:33:ee:23:89:25 Protocol-Version Version of SSL or TLS. Format: String that indicates whether SSL or TLS protocol is used followed by a version number. Example: Session-Protocol-Version: TLSv12-471 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Command Modes Action list modify configuration mode Admin and user contexts Command History Step-Up Use of SGC or StepUp cryptography. Format: String (yes/no) that indicates whether or not the ACE used Server Gated Cryptography (SGC) or StepUp cryptography to increase the level of security by using 128-bit encryption. Example: Session-Step-Up: YES Verify-Result SSL session verify result. Format: String value that indicates the SSL session verify result. Possible values are as follows: • ok—The SSL session is established. • certificate is not yet valid—The client certificate is not yet valid. • certificate is expired—The client certificate has expired. • bad key size—The client certificate has a bad key size. • invalid not before field—The client certificate notBefore field is in an unrecognized format. • invalid not after field—The client certificate notAfter field is in an unrecognized format. • certificate has unknown issuer—The client certificate issuer is unknown. • certificate has bad signature—The client certificate contains a bad signature. • certificate has bad leaf signature—The client certificate contains a bad leaf signature. • unable to decode issuer public key—The ACE is unable to decode the issuer public key. • unsupported certificate—The client certificate is not supported. • certificate revoked— The client certificate has been revoked. • internal error—An internal error exists. Example: Session-Verify-Result: ok Table 1-8 SSL Session Information: SSL Session Fields (continued) Session Field Description ACE Module/Appliance Release Modification A4(1.0) This command was introduced.2-472 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands Usage Guidelines When you instruct the ACE to insert SSL session information, by default the ACE inserts the HTTP header information into the first HTTP request only that it receives over the client connection. When the ACE and client need to renegotiate their connection, the ACE updates the HTTP header information that it send to the server to reflect the new session parameters. You can also instruct the ACE to insert the session information into every HTTP request that it receives over the connection by creating an HTTP parameter map with either the header modify per-request or persistence-rebalance command enabled. You then reference the parameter map in the policy map that the ACE applies to the traffic. For information about creating an HTTP parameter map, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. To prevent HTTP header spoofing, the ACE deletes any incoming HTTP headers that match one of the headers that it is going to insert into the HTTP request. The maximum amount of data that the ACE can insert is 512 bytes. The ACE truncates the data if it exceeds this limit. Examples To insert the session Id field with the prefix SSL-, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# ssl header-insert session Id prefix SSLTo insert the server certificate Issuer field, enter: host1/Admin(config-actlist-modify)# ssl header-insert server-cert Issuer To insert the client certificate Serial_Number field and rename it Client-Serial-Number, enter: host1/Admin(config-actlist-modify)# ssl header-insert client-cert Serial-Number rename Client-Serial-Number Related Commands show stats (config) action-list type modify http (config-actlist-modify) header insert2-473 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Modify Configuration Mode Commands (config-actlist-modify) ssl url rewrite location To specify the SSL URL, SSL port, and clear port for rewrite, use the ssl url rewrite location command. SSL URL rewrite changes the redirect URL from http:// to https:// in the Location response header from the server before sending the response to the client. By doing so, it allows you to avoid nonsecure HTTP redirects because all client connections to the web server will be SSL, thus ensuring the secure delivery of HTTPS content back to the client. Use the no form of this command to remove the SSL rewrite specification from the configuration. ssl url rewrite location expression [clearport number] [sslport number] no ssl url rewrite location expression [clearport number] [sslport number] Syntax Description Command Modes Action list modify configuration mode Admin and user contexts Command History location expression Specifies the rewriting of the URL in the Location response header based on a URL regular expression match. If the URL in the Location header matches the URL regular expression string that you specify, the ACE rewrites the URL from http:// to https:// and rewrites the port number. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching data strings. Note When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). clearport number1 (Optional) Specifies the clear port number to which the ACE translates the SSL port number before sending a server redirect response to the client. Enter an integer from 1 to 65535. The default is 80. sslport number (Optional) Specifies the SSL port number from which the ACE translates a clear port number before sending the server redirect response to the client. Enter an integer from 1 to 65535. The default is 443. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-474 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands Usage Guidelines After you create an action list and configure an HTTP redirect URL for SSL, you must associate the action list with a Layer 3 and Layer 4 policy map. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify SSL URL rewrite using the default SSL port of 443 and clear port of 80, enter: host1/Admin(config)# action-list type modify http HTTP_MODIFY_ACTLIST host1/Admin(config-actlist-modify)# ssl url rewrite location www\.website\.com In this case, the ACE rewrites all HTTP redirects to http://www.website.com/ as https://www.website.com/ and forwards them to the client. Related Commands (config) action-list type modify http Action List Optimization Configuration Mode Commands (ACE appliance only) The action list optimization mode allows you to configure a series of application acceleration and optimization statements. An action list groups a series of individual application acceleration and optimization functions that apply to a specific type of operation. After you enter this command, the system enters the corresponding action list configuration mode. To access the action list optimization mode, enter the action-list type optimization http command. The CLI prompt changes to (config-actlist-optm). To remove an action list optimization selection, use the no form of the command. For details about using the commands in the action list optimization mode, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. action-list type optimization http list_name no action-list type optimization http list_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History list_name Name assigned to the action list. Enter a unique name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Appliance Release Modification A1(7) This command was introduced.2-475 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The action-list type command allows you to configure a series of statements. An action list groups a series of individual functions that apply to a specific type of application acceleration and optimization operation. After you enter this command, the system enters the corresponding action list configuration mode. After you configure the action list, you associate it with a specific statement in a Layer 7 HTTP optimization policy map. The Layer 7 optimization HTTP policy map activates an optimization HTTP action list that allows you to configure the specified optimization actions. Examples To create an optimization HTTP action list, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# To remove the action list from the configuration, enter: host1/Admin(config)# no action-list type optimization http ACT_LIST1 Related Commands show action-list show running-config (config) parameter-map type (config) policy-map (config-actlist-optm) appscope (ACE appliance only) To enable AppScope performance monitoring by the optional Cisco AVS 3180A Management Station for use with the ACE, use the appscope command. Use the no form of this command to disable the AppScope function from the action list. appscope no appscope Syntax Description This command has no keywords or arguments. Command Modes Action list optimization mode Admin and user contexts Command History ACE Appliance Release Modification A1(7) This command was introduced.2-476 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands Usage Guidelines The statistical log contains an entry for each ACE optimization request to the server and is used for statistical analysis by the optional Cisco AVS 3180A Management Station. The ACE collects statistical log and sends it to the Cisco AVS 3180A Management Station for loading into the database. For details about the use of the Cisco AVS 3180A Management Station for database, management, and reporting features for the ACE optimization functionality, including AppScope reporting, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. To control the AppScope features that measure application acceleration and optimization performance, use the appscope commands in parameter map optimization configuration mode. See the “Parameter Map Optimization Configuration Mode Commands” section for details. To specify the host (the syslog server on the Management Station) that receives the syslog messages sent by the ACE, use the logging host configuration command. See the (config) logging host command. This command allows you to identify the IP address of the Management Station that will be used as the syslog server. You can specify that the host uses either UDP or TCP to send messages to the syslog server. Examples For example, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# appscope To disable the AppScope function from the action list, enter: host1/Admin(config-actlist-optm)# no appscope Related Commands (config) logging host (config-parammap-optmz) appscope optimize-rate-percent (config-parammap-optmz) parameter-summary parameter-value-limit (config-parammap-optmz) request-grouping-string (config-actlist-optm) cache (ACE appliance only) To enable cache optimization for the corresponding URLs, use the cache command. Use the no form of this command to disable the cache function from the action list. cache {dynamic | forward | forward-with-wait} no cache {dynamic | forward | forward-with-wait} Syntax Description dynamic Enables Adaptive Dynamic Caching for the corresponding URLs, even if the expiration settings in the response indicate that the content is dynamic. The expiration of cache objects is controlled by the cache expiration settings based on the time or server load (performance assurance).2-477 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands Command Modes Action list optimization mode Admin and user contexts Command History Usage Guidelines You define the ACE cache object key, cache freshness, and cache request/response policy settings by configuring the cache and cache-policy commands in parameter map optimization configuration mode. See “Parameter Map Optimization Configuration Mode Commands” section for details. The ACE restricts you from enabling Adaptive Dynamic Caching if you have previously specified either the delta command (see “(config-actlist-optm) delta”) or the dynamic etag command (see “(config-actlist-optm) dynamic etag”). Examples For example, to enable the cache forward feature for the corresponding URLs, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# cache forward To disable the cache function from the action list, enter: host1/Admin(config-actlist-optm)# no cache forward Related Commands (config-parammap-optmz) cache key-modifier (config-parammap-optmz) cache parameter (config-parammap-optmz) cache ttl (config-parammap-optmz) cache-policy request (config-parammap-optmz) cache-policy response forward Enables the cache forward feature for the corresponding URLs. This keyword allows the ACE to serve the object from its cache (static or dynamic) even when the object has expired if the maximum cache TTL time period has not yet expired (set using the cache ttl command in parameter map optimization mode). At the same time, the ACE sends an asynchronous request to the origin server to refresh its cache of the object. forward-withwait Enables the cache forward with wait feature for the corresponding URLs. If the object has expired but the maximum cache TTL time period has not expired (set using the cache ttl command in parameter map optimization mode), the ACE sends a request to the origin server for the object. The rest of the users requesting this page will still continue to receive the content from the cache during this time. When the fresh object is returned, it is sent to the requesting user and the cache is also updated. This keyword is similar to the forward keyword, except that a single user must wait for the object to be updated before the request is satisfied. This keyword is useful in situations where you are unable to specify the forward keyword because the application requires a context for processing and an asynchronous update process is not appropriate. ACE Appliance Release Modification A1(7) This command was introduced.2-478 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands (config-actlist-optm) delta (ACE appliance only) To enable delta optimization to condense corresponding URLs, use the delta command. Use the no form of this command to disable delta optimization from the action list. delta no delta Syntax Description This command has no keywords or arguments. Command Modes Action list optimization mode Admin and user contexts Command History Usage Guidelines The ACE restricts you from enabling delta optimization if you have previously specified either the cache dynamic command (see “(config-actlist-optm) cache”) or the dynamic etag command (see “(config-actlist-optm) dynamic etag”). Examples For example, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# delta To disable delta optimization from the action list, enter: host1/Admin(config-actlist-optm)# no delta Related Commands (config-parammap-optmz) delta ACE Appliance Release Modification A1(7) This command was introduced.2-479 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands (config-actlist-optm) description (ACE appliance only) To add a description about the action list, use the description command. Use the no form of this command to remove the description from the action list. description text_string no description Syntax Description Command Modes Action list modify configuration mode Admin and user contexts Command History Usage Guidelines After you create an action list and associate actions with it, you must associate the action list with a Layer 7 policy map. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To add a description for the action list, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# description action - delta To remove the description from the action list, enter: host1/Admin(config-actlist-optm)# no description Related Commands show action-list text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Appliance Release Modification A3(2.3) This command was introduced.2-480 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands (config-actlist-optm) dynamic etag (ACE appliance only) To enable just-in-time object acceleration for the corresponding URLs, use the dynamic etag command. Use the no form of this command to disable just-in-time object acceleration from the action list. dynamic etag no dynamic etag Syntax Description This command has no keywords or arguments. Command Modes Action list optimization mode Admin and user contexts Command History Usage Guidelines The ACE restricts you from enabling just-in-time object acceleration if you have previously specified either the cache dynamic command (see “(config-actlist-optm) cache”) or the delta command (see “(config-actlist-optm) delta”). Examples For example, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# dynamic etag To disable just-in-time object acceleration from the action list, enter: host1/Admin(config-actlist-optm)# no dynamic etag Related Commands This command has no related commands. ACE Appliance Release Modification A1(7) This command was introduced.2-481 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands (config-actlist-optm) flashforward (ACE Appliance only) To enable FlashForward for the corresponding URLs and to transform embedded objects, use the flashforward command. Use the no form of this command to disable FlashForward from the action list. flashforward no flashforward Syntax Description This command has no keywords or arguments. Command Modes Action list optimization mode Admin and user contexts Command History Usage Guidelines The flashforward and flashforward-object commands cannot be configured in the same optimization action list; these two commands are mutually exclusive. Examples For example, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# flashforward To disable FlashForward from the action list, enter: host1/Admin(config-actlist-optm)# no flashforward Related Commands (config-actlist-optm) flashforward-object (config-parammap-optmz) flashforward refresh-policy (config-parammap-optmz) rebase (config-actlist-optm) flashforward-object (ACE appliance only) To enable FlashForward static caching for the corresponding URLs, use the flashforward-object command. Use the no form of this command to disable FlashForward static caching from the action list. flashforward-object no flashforward-object Syntax Description This command has no keywords or arguments. Command Modes Action list optimization mode ACE Appliance Release Modification A1(7) This command was introduced.2-482 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Action List Optimization Configuration Mode Commands Admin and user contexts Command History Usage Guidelines The flashforward-object and flashforward commands cannot be configured in the same optimization action list; these two commands are mutually exclusive. Examples For example, enter: host1/Admin(config)# action-list type optimization http ACT_LIST1 host1/Admin(config-actlist-optm)# flashforward-object To disable FlashForward static caching from the action list, enter: host1/Admin(config-actlist-optm)# no flashforward-object Related Commands (config-actlist-optm) flashforward (config-parammap-optmz) flashforward refresh-policy (config-parammap-optmz) rebase ACE Appliance Release Modification A1(7) This command was introduced.2-483 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Authentication Group Configuration Mode Commands Authentication Group Configuration Mode Commands Authentication group configuration mode commands allow you to configure client authentication on a Secure Sockets Layer (SSL)-proxy service by assigning the authentication group to the service. To create an authentication group and access authgroup configuration mode, use the crypto authgroup command. The CLI prompt changes to (config-authgroup). Use the no form of this command to delete an existing authentication group. crypto authgroup group_name no crypto authgroup group_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. During the flow of a normal SSL handshake, the server send its certificate to the client. The client verifies the identity of the server through the certificate. However, the client does not send any identification of its own to the server. When the client authentication feature is enabled on the ACE, it requires that the client send a certificate to the server. On the ACE, you can implement a group of certificates that are trusted as certificate signers by creating an authentication group. Examples To create the authentication group AUTH-CERT1, enter: host1/Admin(config)# crypto authgroup AUTH-CERT1 Related Commands (config) ssl-proxy service group_name Name that you assign to the certificate authentication group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-484 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Authentication Group Configuration Mode Commands (config-authgroup) cert To add certificate files to the authentication group, use the cert command. You can configure an authentication group with up to ten certificates. Use the no form of this command to remove a certificate file from the authentication group. cert cert_filename no cert cert_filename Syntax Description Command Modes Chaingroup configuration mode Admin and user contexts Command History Usage Guidelines It is not necessary to add the certificates in any type of hierarchical order because the device that verifies the certificates determines the correct order. Examples To add the certificate files MYCERTS.PEM and MYCERTS_2.PEM to the authentication group, enter: host1/Admin(config-authgroup)# cert MYCERTS.PEM host1/Admin(config-authgroup)# cert MYCERTS_2.PEM To remove the certificate file MYCERTS_2.PEM from the authentication group, enter: host1/Admin(config-authgroup)# no cert MYCERTS_2.PEM Related Commands (config) crypto authgroup cert_filename Name of an existing certificate file stored on the ACE. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. To display a list of available certificate files, use the do show crypto files command. ACE Module Release Modification A2(1.0) This command was introduced. A2(3.0) The number of certificates in an authentication group increased from 4 to 10. ACE Appliance Release Modification A3(1.0) This command was introduced. A4(1.0) The number of certificates in an authentication group increased from 4 to 10.2-485 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Chaingroup Configuration Mode Commands Chaingroup Configuration Mode Commands Chaingroup configuration mode commands allow you to add Secure Sockets Layer (SSL) certificate files to a chain group. To create a new chain group (or modify an existing chain group) and access chaingroup configuration mode, use the crypto chaingroup command. The CLI prompt changes to (config-chaingroup). Use the no form of the command to delete an existing chain group. crypto chaingroup group_name no crypto chaingroup group_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A chain group specifies the certificate chains that the ACE sends to its peer during the handshake process. A certificate chain is a hierarchical list of certificates that includes the subject’s certificate, the root CA certificate, and any intermediate CA certificates. You include a chain group in the handshake process by configuring the SSL proxy-service with the chain group (see the (config) ssl-proxy service command). The ACE supports the following certificate chain group capabilities: • A chain group can contain up to eight certificate chains. • Each context on the ACE can contain up to eight chain groups. • The maximum size of a chain group is 16 KB. Examples To create the chain group MYCHAINGROUP, enter: host1/Admin(config)# crypto chaingroup MYCHAINGROUP group_name Name that you assign to the chain group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-486 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Chaingroup Configuration Mode Commands Related Commands (config) ssl-proxy service (config-chaingroup) cert To add certificate files to a chain group, use the cert command. Use the no form of the command to remove a certificate file from a chain group. cert cert_filename no cert cert_filename Syntax Description Command Modes Chaingroup configuration mode Admin and user contexts Command History Usage Guidelines It is not necessary to add the certificates in any type of hierarchical order because the device verifying the certificates determines the correct order. The ACE supports the following certificate chain group capabilities: • A chain group can contain up to eight certificate chains. • Each context on the ACE can contain up to eight chain groups. • The maximum size of a chain group is 16 KB. Examples To add the certificate files MYCERTS.PEM, MYCERTS_2.PEM, and MYCERTS_3.PEM to the chain group, enter: host1/Admin(config-chaingroup)# cert MYCERTS.PEM host1/Admin(config-chaingroup)# cert MYCERTS_2.PEM host1/Admin(config-chaingroup)# cert MYCERTS_3.PEM To remove the certificate file MYCERTS_2.PEM from the chain group, enter: host1/Admin(config-chaingroup)# no cert MYCERTS_2.PEM cert_filename Name of an existing certificate file stored on the ACE. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. To display a list of available certificate files, use the do show crypto files command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-487 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Chaingroup Configuration Mode Commands Related Commands (config) crypto chaingroup2-488 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands Class Map Configuration Mode Commands Class-map configuration mode commands allow you to create and configure a Layer 3 and Layer 4 class map to classify network traffic that passes through the ACE. To create a Layer 3 and Layer 4 class map and access class map configuration mode, use the class-map command. The prompt changes to (config-cmap). Use the no form of this command to remove a Layer 3 and Layer 4 class map from the ACE. class-map [match-all | match-any] map_name no class-map [match-all | match-any] map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The features required in your user role to execute a specific class map configuration command is described in the “Usage Guidelines” section of the command. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports a system-wide maximum of 8192 class maps. Examples To create a Layer 3 and Layer 4 class map named L4VIP_CLASS to identify the network traffic that can pass through the ACE for server load balancing, enter: host1/Admin(config)# class-map match-all L4VIP_CLASS match-all | match-any (Optional) Determines how the ACE evaluates Layer 3 and Layer 4 network traffic when multiple match criteria exist in a class map. The class map is considered a match if the match commands meet one of the following conditions: • match-all—(Default) All of the match criteria listed in the class map are satisfied to match the network traffic class in the class map, typically, match commands of different types. • match-any—Only one of the match criteria listed in the class map is satisfied to match the network traffic class in the class map, typically, match commands of the same type. map_name Name assigned to the Layer 3 and Layer 4 class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-489 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands host1/Admin(config-cmap)# Related Commands (config) policy-map2-490 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) description To provide a brief summary about a Layer 3 and Layer 4 class map, use the description command. Use the no form of this command to remove the Layer 3 and Layer 4 class map description from the class map. description text no description Syntax Description Command Modes Class map configuration mode Admin and user contexts Command History Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To add a description that the class map is to filter network traffic based on the source IP address, enter: host1/Admin(config)# class-map L4_SOURCE_IP_CLASS host1/Admin(config-cmap)# description match on source IP address of incoming traffic Related Commands This command has no related commands. text Description about a Layer 3 and Layer 4 class map. Enter a description as an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-491 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) match access-list To configure the Layer 3 and Layer 4 class map to filter network traffic using a predefined access control list, use the match access-list command. When a packet matches an entry in an access list, and if it is a permit entry, the ACE allows the matching result. If it is a deny entry, the ACE blocks the matching result. Use the no form of this command to clear the access control list match criteria from the class map. [line_number] match access-list name no [line_number] match access-list name Syntax Description Command Modes Class map configuration mode Admin and user contexts Command History Usage Guidelines This command has no user role restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A single class map can have multiple match access-list commands. You can combine multiple match access-list, match source-address, match destination-address, and match port commands in a class map. See the Security Guide, Cisco ACE Application Control Engine for details about the creating access control lists in the ACE. Examples To specify that the class map is to match on the access control list INBOUND, enter: line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. name Previously created access list identifier. Enter an unquoted text string with a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-492 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands host1/Admin(config)# class-map match-any L4_FILTERTRAFFIC_CLASS host1/Admin(config-cmap)# match access-list INBOUND Related Commands (config-cmap) description2-493 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) match any To instruct the ACE to perform a match on any network traffic that passes through the device, use the match any command. Use the no form of this command to remove the match any criteria from the class map. [line_number] match any no [line_number] match any Syntax Description Command Modes Class map configuration mode Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can include only one match any command within a class map, and you cannot combine the match any command with other types of match commands in a class map because the match criteria will be ignored. Examples To specify that the class map is to match on any network traffic, enter: host1/Admin(config)# class-map match-any L4_MATCHANYTRAFFIC_CLASS host1/Admin(config-cmap)# match any Related Commands (config-cmap) description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-494 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) match anyv6 To instruct the ACE to perform a match on any IPv6 network traffic that passes through the device, use the match anyv6 command. Use the no form of this command to remove the match any criteria from the class map. [line_number] match anyv6 no [line_number] match anyv6 Syntax Description Command Modes Class map configuration mode Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can include only one match anyv6 command within a class map, and you cannot combine the match anyv6 command with other types of match commands in a class map because the match criteria will be ignored. Examples To specify that the class map is to match on any network traffic, enter: host1/Admin(config)# class-map match-any L4_MATCHANYTRAFFIC_CLASS host1/Admin(config-cmap)# match anyv6 Related Commands (config-cmap) description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-495 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) match destination-address To specify the destination IP address and subnet mask as the network traffic matching criteria, use the match destination-address command. Use the no form of this command to clear the destination IP address and subnet mask match criteria from the class map. [line_number] match destination-address ipv6_address [/prefix_length] | ip_address [mask] no [line_number] match destination-address ipv6_address /prefix_length | ip_address [mask] Syntax Description Command Modes Class map configuration mode Admin and user contexts Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. ipv6_address IPv6 address of the destination. /prefix_length (Optional) Specifies the length of the IPv6 prefix. ip_address Destination IPv4 address. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). mask (Optional) Subnet mask entry in dotted-decimal notation (for example, 255.255.255.0). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-496 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands A single class map can have multiple match destination-address commands. You can combine multiple match destination-address, match access-list, match source-address, and match port commands in a class map. An entry of 0.0.0.0 0.0.0.0 indicates a wildcard match for any destination IPv4 address and subnet mask. Examples IPv6 Example The following example specifies that the network traffic must match destination IPv6 address 2001:DB8:1::7/64: host1/C1(config)# class-map match-any IP_CLASS host1/C1(config-cmap)# match destination-address 2001:DB8:1::7/64 To remove the destination IPv6 address match criteria from the class map, enter: host1/C1(config-cmap)# no match destination-address 2001:DB8:1::7/64 IPv4 Example The following example specifies that the network traffic must match destination IP address 172.27.16.7: host1/C1(config)# class-map match-any IP_CLASS host1/C1(config-cmap)# match destination-address 172.27.16.7 To remove the destination IP address match criteria from the class map, enter: host1/C1(config-cmap)# no match destination-address 172.27.16.7 Related Commands (config-cmap) description2-497 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) match port To specify a TCP or UDP port number or port range as the IPv4 network traffic matching criteria, use the match port command. Use the no form of this command to clear the TCP or UDP port number match criteria from the class map. [line_number] match port {tcp | udp} {any | eq {port_number} | range port1 port2} no [line_number] match {port | port-v6} {tcp | udp} {any | eq {port_number} | range port1 port2} Syntax Description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. tcp | udp Specifies the protocol: TCP or UDP. any Specifies that any TCP or UDP port number can match the specified value.2-498 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands Command Modes Class map configuration mode Admin and user contexts Command History eq port_number Specifies that the TCP or UDP port number must match the specified value. Enter an integer from 0 to 65535. A value of 0 instructs the ACE to include all ports. Alternatively, you can enter the name of a well-known TCP or UDP port as follows: • TCP port—Specify one of the following names or well-known port numbers: – domain—Specifies the Domain Name Service (53) – ftp—Specifies the File Transfer Protocol (21) – ftp-data—Specifies the File Transfer Protocol Data (20) – http—Specifies the Hypertext Transfer Protocol (80) – https—Specifies the HTTP over SSL protocol (443) – irc—Specifies the Internet Relay Chat protocol (194) – matip-a—Specifies the Matip Type A protocol (350) – nntp—Specifies the Network News Transport Protocol (119) – pop2—Specifies the Post Office Protocol v2 (109) – pop3—Specifies the Post Office Protocol v3 (110) – rtsp—Specifies the Real Time Streaming Protocol (554) – sip—Specifies the Session Initiation Protocol (5060) – skinny—Specifies the Cisco Skinny Client Protocol (2000) – smtp—Specifies the Simple Mail Transfer Protocol (25) – sunrpc—Specifies the Sun Remote Procedure Call (111) – telnet—Specifies the Telnet protocol (23) – www—Specifies the World Wide Web (80) – xot—Specifies X25 over TCP (1998) • UDP port—Specify one of the following protocols: – domain—Specifies the Domain Name Service (53) – sip—Specifies the Session Initiation Protocol (5060) – wsp—Specifies the Connectionless Wireless Session Protocol (9200) – wsp-wtls—Specifies the Secure Connectionless WSP (9202) – wsp-wtp—Specifies the Connection-based WSP (9201) – wsp-wtp-wtls—Specifies the Secure Connection-based WSP (9203) range port1 port2 Specifies a port range to use for the TCP or UDP port. Valid port ranges are from 0 to 65535. A value of 0 (for port1and port2) instructs the ACE to match all ports. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-499 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A single class map can have multiple match port commands. You can combine multiple match port, match access-list, match source-address, and match destination-address commands in a class map. Examples To specify a port to match, enter the following command: switch/Admin(config)# class-map match-all TCP_ANY switch/Admin(config-cmap)# match port tcp any Related Commands (config-cmap) description ACE Appliance Release Modification A1(7) This command was introduced.2-500 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) match port-v6 To specify a TCP or UDP port number or port range as the IPv6 network traffic matching criteria, use the match port-v6 command. Use the no form of this command to clear the TCP or UDP port number match criteria from the class map. [line_number] match port-v6 {tcp | udp} {any | eq {port_number} | range port1 port2} no [line_number] match port-v6 {tcp | udp} {any | eq {port_number} | range port1 port2} Syntax Description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. tcp | udp Specifies the protocol: TCP or UDP. any Specifies that any TCP or UDP port number can match the specified value.2-501 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands Command Modes Class map configuration mode Admin and user contexts Command History eq port_number Specifies that the TCP or UDP port number must match the specified value. Enter an integer from 0 to 65535. A value of 0 instructs the ACE to include all ports. Alternatively, you can enter the name of a well-known TCP or UDP port as follows: • TCP port—Specify one of the following names or well-known port numbers: – domain—Specifies the Domain Name Service (53) – ftp—Specifies the File Transfer Protocol (21) – ftp-data—Specifies the File Transfer Protocol Data (20) – http—Specifies the Hypertext Transfer Protocol (80) – https—Specifies the HTTP over SSL protocol (443) – irc—Specifies the Internet Relay Chat protocol (194) – matip-a—Specifies the Matip Type A protocol (350) – nntp—Specifies the Network News Transport Protocol (119) – pop2—Specifies the Post Office Protocol v2 (109) – pop3—Specifies the Post Office Protocol v3 (110) – rtsp—Specifies the Real Time Streaming Protocol (554) – sip—Specifies the Session Initiation Protocol (5060) – skinny—Specifies the Cisco Skinny Client Protocol (2000) – smtp—Specifies the Simple Mail Transfer Protocol (25) – sunrpc—Specifies the Sun Remote Procedure Call (111) – telnet—Specifies the Telnet protocol (23) – www—Specifies the World Wide Web (80) – xot—Specifies X25 over TCP (1998) • UDP port—Specify one of the following protocols: – domain—Specifies the Domain Name Service (53) – sip—Specifies the Session Initiation Protocol (5060) – wsp—Specifies the Connectionless Wireless Session Protocol (9200) – wsp-wtls—Specifies the Secure Connectionless WSP (9202) – wsp-wtp—Specifies the Connection-based WSP (9201) – wsp-wtp-wtls—Specifies the Secure Connection-based WSP (9203) range port1 port2 Specifies a port range to use for the TCP or UDP port. Valid port ranges are from 0 to 65535. A value of 0 (for port1and port2) instructs the ACE to match all ports. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-502 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A single class map can have multiple match port-v6 commands. You can combine multiple match port-v6, match access-list, match source-address, and match destination-address commands in a class map. Examples To specify that the class map is to match on TCP port number 23 (Telnet client), enter: host1/Admin(config)# class-map L4_TCPPORT_CLASS host1/Admin(config-cmap)# match port-v6 tcp eq 23 Related Commands (config-cmap) description (config-cmap) match source-address To specify a client source host IP address and subnet mask from which the ACE accepts traffic as the network traffic matching criteria, use the match source-address command. You configure the associated policy map to permit or restrict management traffic to the ACE from the specified source network or host. Use the no form of this command to clear the source IP address and subnet mask match criteria from the class map. [line_number] match source-address ipv6_address [/prefix_length] | ip_address mask no [line_number] match source-address ipv6_address [/prefix_length] | ip_address mask Syntax Description Command Modes Class map configuration mode Admin and user contexts line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. ipv6_address Source IPv6 address of the client. /prefix_length ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). mask Subnet mask of the client entry in dotted-decimal notation (for example, 255.255.255.0).2-503 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands Command History Usage Guidelines This command has no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A single class map can have multiple match source-address commands. You can combine multiple match source-address, match access-list, match destination-address, and match port commands in a class map. An entry of 0.0.0.0 0.0.0.0 indicates a wildcard match for any source IP address and subnet mask. Examples To specify that the class map match on the source IP address 192.168.11.2 255.255.255.0, enter: host1/Admin(config)# class-map type http loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-http-lb)# match source-address 192.168.11.2 255.255.255.0 Related Commands (config-cmap) description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-504 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands (config-cmap) match virtual-address To define a 3-tuple flow of the virtual IP (VIP) address, protocol, and port as matching criteria for server load balancing, use the match virtual-address command. You can configure multiple match criteria statements to define the VIPs for server load balancing. Use the no form of this command to remove the VIP match statement from the class map. [line_number] match virtual-address vip_address {{/prefix_length | [netmask]} protocol_number | any | {tcp | udp {any | eq port_number | range port1 port2}}} no [line_number] match virtual-address vip_address {{/prefix_length | [netmask]} protocol_number | any | {tcp | udp {any | eq port_number | range port1 port2}}} Syntax Description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 255 as the line number. • For the ACE appliance, enter an integer from 2 to 255 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. vip_address VIP server IP address of the ACE, specified in dotted-decimal format (for example, 192.168.1.2). netmask (Optional) Subnet mask for the VIP address, specified in dotted-decimal format (for example, 255.255.255.0). protocol_number (Optional) Number of an IP protocol. Enter an integer from 1 to 255 that represents the IP protocol number. any Specifies the wildcard value that allows connections from any IP protocol. tcp | udp Specifies the protocol: TCP or UDP. any Specifies the wildcard value for the TCP or UDP port number. With any used in place of either the eq or range values, packets from any incoming port match.2-505 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands eq port_number Specifies that the TCP or UDP port number must match the specified value. Enter an integer from 0 to 65535. A value of 0 instructs the ACE to include all ports. Alternatively, you can enter the name of a well-known TCP port or a well-known UDP port as follows: • TCP port—Specify one of the following names or well-known port numbers: – domain—Specifies the Domain Name Service (53) – ftp—Specifies the File Transfer Protocol (21) – ftp-data—Specifies the File Transfer Protocol Data (20) – http—Specifies the Hypertext Transfer Protocol (80) – https—Specifies the HTTP over SSL protocol (443) – irc—Specifies the Internet Relay Chat protocol (194) – matip-a—Specifies the Matip Type A protocol (350) – nntp—Specifies the Network News Transport Protocol (119) – pop2—Specifies the Post Office Protocol v2 (109) – pop3—Specifies the Post Office Protocol v3 (110) – rdp—Specifies the Remote Desktop Protocol (3389) – rtsp—Specifies the Real-Time Streaming Protocol (554) – sip—Specifies the Session Initiation Protocol (5060) – skinny—Specifies the Skinny Client Control protocol (2000) – smtp—Specifies the Simple Mail Transfer Protocol (25) – telnet—Specifies the Telnet protocol (23) – www—Specifies the World Wide Web (80) – xot—Specifies X25 over TCP (1998) • UDP port—Specify one of the following protocols: – domain—Specifies the Domain Name Service (53) – radius-acct—Specifies the Remote Authentication Dial-In User Service (accounting) (1813) – radius-auth—Specifies the Remote Authentication Dial--In User Service (server) (1812) – sip—Specifies the Session Initiation Protocol (5060) – wsp—Specifies the Connectionless Wireless Session Protocol (9200) – wsp-wtls—Specifies the Secure Connectionless WSP (9202) – wsp-wtp—Specifies the Connection-based WSP (9201) – wsp-wtp-wtls—Specifies the Secure Connection-based WSP (9203)2-506 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Configuration Mode Commands Command Modes Class map configuration mode Admin and user contexts Command History Usage Guidelines This command requires the VIP feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can specify multiple match virtual-address commands within a class map. The match virtual-address command cannot be combined with other types of match commands. For KAL-AP, the ACE verifies whether the VIP addresses are active in all Layer 3 class maps that are configured with the addresses. It ignores all other protocol-specific information for the VIP addresses. The ACE does not allow you to configure a class-map VIP address that overlaps with an ACE interface IP address. If you do, the ACE displays the following warning: Error: Entered VIP address is not the first address in the VIP range See the Server Load-Balancing Guide, Cisco ACE Application Control Engine for details about configuring the ACE to perform server load balancing. Examples To specify that the class map L4VIPCLASS matches traffic destined to VIP address 192.168.1.10 and TCP port number 80, enter: host1/Admin(config)# class-map L4VIPCLASS host1/Admin(config-cmap)# match virtual-address 192.168.1.10 tcp port eq 80 Related Commands (config-cmap) description range port1 port2 Specifies a port range to use for the TCP or UDP port. Valid port ranges are from 0 to 65535. A value of 0 (for port1and port2) instructs the ACE to match all ports. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A3(2.2) The ACE no longer allows the configuration of a class-map VIP address that overlaps with an ACE interface IP address.2-507 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map FTP Inspection Configuration Mode Commands Class Map FTP Inspection Configuration Mode Commands Class map File Transfer Protocol (FTP) inspection configuration mode commands allow you to create and configure a Layer 7 class map to be used for the inspection of FTP request commands. To create this class map and access class map FTP inspection configuration mode, use the class-map type ftp inspect command. The prompt changes to (config-cmap-ftp-insp). Use the no form of this command to remove the class map from the ACE. class-map type ftp inspect match-any map_name no class-map type ftp inspect match-any map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Layer 7 class map named FTP_INSPECT_L7CLASS that performs FTP command inspection, enter: host1/Admin(config)# class-map type ftp inspect match-any FTP_INSPECT_L7CLASS host1/Admin(config-cmap-ftp-insp)# Related Commands (config) policy-map match-any Determines how the ACE inspects FTP request commands when multiple match criteria exist in a class map. The FTP request commands being inspected must match only one of the match criteria listed in the class map. map_name Name assigned to the Layer 7 FTP command request class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-508 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map FTP Inspection Configuration Mode Commands (config-cmap-ftp-insp) description To provide a brief summary about the Layer 7 File Transfer Protocol (FTP) command inspection class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description text Syntax Description Command Modes Class map FTP inspection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the class map is to perform FTP command inspection, enter: host1/Admin(config-cmap-ftp-insp)# description FTP command inspection of incoming traffic To remove a description from the FTP class map, enter: host1/Admin(config-cmap-ftp-insp)# no description FTP command inspection of incoming traffic Related Commands This command has no related commands. text Description about the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-509 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map FTP Inspection Configuration Mode Commands (config-cmap-ftp-insp) match request-method To define File Transfer Protocol (FTP) command inspection decisions by the ACE, use the match request-method command. The match command identifies the FTP commands that you want filtered by the ACE. Use the no form of this command to clear the FTP inspection request method from the class map. [line_number] match request-method ftp_command no [line_number] match request-method ftp_command Syntax Description Command Modes Class map FTP inspection configuration mode Admin and user contexts line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. ftp_command FTP command in the class map to be subjected to FTP inspection by the ACE. The possible FTP commands are as follows: • appe—Append to a file. • cd—Change to the specified directory. • cdup—Change to the parent of the current directory. • dele—Delete a file at the server side. • get—Retrieve a file. • help—Help information from the server. • mkd—Create a directory. • put—Store a file. • rmd—Remove a directory. • rnfr—Rename from. • rnto—Rename to. • site—Specify the server-specific command. • stou—Store a file with a unique name. • syst—Get system information.2-510 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Generic Configuration Mode Commands Command History Usage Guidelines You can specify multiple match request-method commands within a class map. Examples To specify FTP_INSPECT_L7CLASS as the name of a class map and identify that at least one FTP inspection command in the class map must be satisfied for the ACE to indicate a match, enter: (config)# class-map type ftp inspect match-any FTP_INSPECT_L7CLASS host1/Admin(config-cmap-ftp-insp)# match request-method cdup host1/Admin(config-cmap-ftp-insp)# match request-method get host1/Admin(config-cmap-ftp-insp)# match request-method stou host1/Admin(config-cmap-ftp-insp)# match request-method put Related Commands (config-cmap-ftp-insp) description Class Map Generic Configuration Mode Commands Generic TCP and UDP data parsing allows you to perform regular expression (regex) matches on packets from protocols that the ACE does not explicitly support. Such regex matches can be based on a custom protocol configuration. To accomplish this task, you create a Layer 7 class map for generic TCP or UDP data parsing and then instruct the ACE to perform a policy-map action based on the payload of a TCP stream or UDP packet. To create a class map for generic TCP or UDP data parsing and access class map generic configuration mode, use the class-map type generic command in configuration mode. Use the no form of this command to remove a generic class map from the ACE. class-map type generic {match-all | match-any} map_name no class-map type generic {match-all | match-any} map_name ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced.2-511 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Generic Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To create a class map named GENERIC_L7_CLASS, enter: host1/Admin(config)# class-map type generic match-any GENERIC_L7_CLASS host1/Admin(config-cmap-generic)# To remove the class map from the configuration, enter: host1/Admin(config)# no class-map type generic match-any GENERIC_L7_CLASS Related Commands (config) class-map (config-cmap-generic) description To provide a brief description of the Layer 7 class map for generic TCP and UDP data parsing, use the description command. Use the no form of this command to remove the description from the class map. description text no description match-all | match-any Determines how the ACE evaluates Layer 3 and Layer 4 network traffic when multiple match criteria exist in a class map. • match-all—Network traffic needs to satisfy all of the match criteria (implicit AND) to match the class map. • match-any—Network traffic needs to satisfy only one of the match criteria (implicit OR) to match the class map. map_name Name assigned to the Layer 7 class map for generic TCP and UDP data parsing. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-512 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Generic Configuration Mode Commands Syntax Description Command Modes Class map generic configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the generic class map, enter: host1/Admin(config-cmap-generic)# description GENERIC TCP UDP CLASS MAP To remove a description from a generic class map, enter: host1/Admin(config-cmap-generic)# no description Related Commands This command has no related commands. text Description of the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-513 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Generic Configuration Mode Commands (config-cmap-generic) match class-map To identify one Layer 7 generic class map as a matching criterion for another Layer 7 generic class map, use the match class-map command. Use the no form of this command to remove the nested class map from the generic class map. [line_number] match class-map name no [line_number] match class-map name Syntax Description Command Modes Class map generic configuration mode Admin and user contexts Command History Usage Guidelines The match class-map command allows you to combine the use of the match-any and match-all keywords in the same class map. To combine match-all and match-any characteristics in a class map, create a class map that uses one match command (either match-any or match-all) and then use this class map as a match statement in a second class map that uses a different match type. The ACE restricts the nesting of class maps to two levels to prevent you from including a nested class map under another class map. The nesting of class maps allows you to achieve complex logical expressions for Layer 7 server load balancing. Examples To combine the characteristics of two class maps, one with match-any and one with match-all characteristics, into a single class map, enter: (config)# class-map type generic match-all GENERIC_CLASS3 line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. name Name of an existing Layer 7 generic class map. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-514 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Generic Configuration Mode Commands (config-cmap-generic)# 100 match layer4-payload offset 500 regex abc123.* (config-cmap-generic)# exit (config)# class-map type generic match-any GENERIC_CLASS4 (config-cmap-generic)# 10 match class-map GENERIC_CLASS3 (config-cmap-generic)# 20 match source-address 192.168.11.2 (config-cmap-generic)# 30 match source-address 192.168.11.3 (config-cmap-generic)# exit Related Commands (config-cmap-generic) description (config-cmap-generic) match layer4-payload To define match criteria for Layer 4 payloads, use the match layer4-payload command in class map generic configuration mode. Use the no form of this command to remove the Layer 4 payload match criteria from the class map. [line_number] match layer4-payload [offset number] regex expression no [line_number] match layer4-payload [offset number] regex expression Syntax Description Command Modes Class map generic configuration mode Admin and user contexts Command History line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. offset number (Optional) Specifies an absolute offset in the data where the Layer 4 payload expression search string starts. The offset starts at the first byte of the TCP or UDP body. Enter an integer from 0 to 999. The default is 0. regex expression Specifies the Layer 4 payload expression that is contained within the TCP or UDP entity body. The range is from 1 to 255 alphanumeric characters. For a list of the supported characters that you can use in regular expression strings, see Table 1-9. ACE Module Release Modification A2(1.0) This command was introduced. A2(2.1) This command supports the “\xST” metacharacter.2-515 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Generic Configuration Mode Commands Usage Guidelines You cannot configure more than one match layer4-payload command in the same match-all class map. Generic data parsing begins at Layer 4 with the TCP or UDP payload, which allows you the flexibility to match Layer 5 data (in the case of LDAP or DNS) or any Layer 7 header or payload (for example, HTTP). Examples To configure match criteria for generic Layer 4 data parsing, enter: ACE Appliance Release Modification A3(1.0) This command was introduced. Ta b l e 1-9 Characters Supported in Regular Expressions Convention Description .* Zero or more characters. . Exactly one character. \ . Escaped character. \xhh Any ASCII character as specified in two-digit hex notation. () Expression grouping. Bracketed range [for example, 0-9] Matches any single character from the range. A leading ^ in a range [^charset] Does not match any character in the range; all other characters represent themselves. (expr1 | expr2) OR of expressions. (expr)* 0 or more of expressions. (expr)+ 1 or more of expressions. (expr{m,n} Matches the previous item between m and n times; valid entries are from 1 to 255. (expr{m} Matches the previous item exactly m times; valid entries are from 1 to 255. (expr{m,} Matches the previous item m or more times; valid entries are from 1 to 255. \a Alert (ASCII 7). \b Backspace (ASCII 8). \f Form-feed (ASCII 12). \n New line (ASCII 10). \r Carriage return (ASCII 13). \t Tab (ASCII 9). \v Vertical tab (ASCII 11). \0 Null (ASCII 0). .\\ Backslash. \xST (ACE module only) Stop metacharacter. 2-516 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Generic Configuration Mode Commands host1/Admin(config)# class-map type generic match-any GENERIC_L4_CLASS host1/Admin(config-cmap-generic)# 10 match layer4-payload offset 500 regex abc123.* To remove the match statement from the class map, enter: host1/Admin(config-cmap-generic)# no 10 Related Commands (config-cmap-generic) description (config-cmap-generic) match source-address To configure the generic class map to filter traffic based on a client source IP address, use the match source-address command. Use the no form of this command to remove the source IP address match statement from the class map. [line_number] match source-address ip_address [netmask] no [line_number] match source-address ip_address [netmask] Syntax Description Command Modes Class map generic configuration mode Admin and user contexts Command History line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.2). netmask (Optional) Subnet mask of the IP address. Enter the netmask in dotted-decimal notation (for example, 255.255.255.0). The default is 255.255.255.255. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-517 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Usage Guidelines You cannot configure more than one match source-address command in the same match-all class map. Examples To specify that the class map match on source IP address 192.168.11.2 255.255.255.0, enter: host1/Admin(config)# class-map type generic match-any GENERIC_L7_CLASS host1/Admin(config-cmap-generic)# 50 match source-address 192.168.11.2 255.255.255.0 To remove the source IP address match statement from the class map, enter: host1/Admin(config-cmap-generic)# no 50 Related Commands (config-cmap-generic) description Class Map HTTP Inspection Configuration Mode Commands Class map HTTP inspection configuration mode commands allow you to create a Layer 7 HTTP deep packet inspection class map. To create this class map and access class map HTTP inspection configuration mode, use the class-map type http inspect command. The prompt changes to (config-cmap-http-insp). Use the no form of this command to remove an HTTP deep packet inspection class map from the ACE. class-map type http inspect [match-all | match-any] map_name no class-map type http inspect [match-all | match-any] map_name2-518 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Layer 7 class map named HTTP_INSPECT_L7CLASS that performs HTTP deep packet inspection, enter: match-all | match-any (Optional) Determines how the ACE performs the deep packet inspection of HTTP traffic when multiple match criteria exist in a class map. The class map is considered a match if the match commands meet one of the following conditions: • match-all —(Default) Specifies that network traffic needs to satisfy all of the match criteria (implicit AND) to match the Layer 7 HTTP deep packet inspection class map. The match-all keyword is applicable only for match statements of different HTTP deep packet inspection types. For example, specifying a match-all condition for URL, HTTP header, and URL content statements in the same class map is valid. However, specifying a match-all condition for multiple HTTP headers with the same names or multiple URLs in the same class map is invalid. • match-any—Network traffic needs to satisfy only one of the match criteria (implicit OR) to match the Layer 7 HTTP deep packet inspection class map. The match-any keyword is applicable for match statements of different Layer 7 HTTP deep packet inspection type or multiple instances of the same type with different names. For example, the ACE allows you to specify a match-any condition for cookie, HTTP header, and URL content statements in the same class map, but it does not allow you to specify a match-any condition for URL length, HTTP header length, and content length statements in the same class map. map_name Name assigned to the Layer 7 HTTP deep packet inspection class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-519 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# Related Commands (config) policy-map (config-cmap-http-insp) description To provide a brief summary about the Layer 7 HTTP inspection class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the class map is to perform HTTP deep packet inspection, enter: host1/Admin(config-cmap-http-insp)# description HTTP protocol deep inspection of incoming traffic Related Commands This command has no related commands. text Description about the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-520 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands (config-cmap-http-insp) match content To define HTTP application inspection decisions based on content expressions contained within the HTTP entity body, use the match content command. Use the no form of this command to clear content expression checking match criteria from the class map. [line_number] match content expression [offset number] no [line_number] match content expression [offset number] Syntax Description Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression Content expression contained within the HTTP entity body. • For the ACE module, enter a range of 1 to 1024 alphanumeric characters. • For the ACE appliance, enter a range of 2 to 1024 alphanumeric characters. For a list of the supported characters that you can use in regular expressions, see Table 1-9. offset number (Optional) Provides an absolute offset where the content expression search string starts. The offset starts at the first byte of the message body, after the empty line (CR, LF, CR, LF) between the headers and the body of the message. The offset value is from 1 to 4000 bytes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-521 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Examples To specify a content expression contained within the entity body sent with an HTTP request, enter: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match content .*newp2psig Related Commands (config-cmap-http-insp) description2-522 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands (config-cmap-http-insp) match content length To configure the class map to define application inspection decisions on HTTP traffic up to the configured maximum content parse length, use the match content length command. Messages that meet the specified criteria will be either allowed or denied based on the Layer 7 HTTP deep packet inspection policy map action. Use the no form of this command to clear the HTTP content length match criteria from the class map. [line_number] match content length {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} no [line_number] match content length {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} Syntax Description Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. eq bytes Specifies a value for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length size equal to the specified value. Valid entries are from 1 to 65535 bytes. gt bytes Specifies a minimum value for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length size greater than the specified value. Valid entries are from 1 to 65535 bytes. lt bytes Specifies a maximum value for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length size less than the specified value. Valid entries are from 1 to 65535 bytes. range bytes1 bytes Specifies a size range for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length size within this range. The range is from 1 to 65535 bytes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-523 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Usage Guidelines This command has no usage guidelines. Examples To identify content parse length in an HTTP message that can be received by the ACE, enter: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match content length eq 3495 Related Commands (config-cmap-http-insp) description (config-cmap-http-insp) match cookie secondary To configure a class map to define HTTP inspection decisions based on the name or prefix and value of a secondary cookie (URL query string), use the match cookie secondary command. Use the no form of this command to clear secondary cookie match criteria from the class map. [line_number] match cookie secondary [name cookie_name | prefix prefix_name] value expression no [line_number] match cookie secondary [name cookie_name | prefix prefix_name] value expression Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. name cookie_name Identifier of the secondary cookie to match. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. prefix prefix_name Prefix of the secondary cookie to match. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. value expression Regular expression of the secondary cookie to match. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters.2-524 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines The following configuration guidelines apply when you configure a secondary cookie match statement for HTTP inspection: • Ensure that secondary cookie names do not overlap with other secondary cookie names in the same match-all class map. For example, the following configuration is not allowed because the two match statements have overlapping cookie names: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match cookie secondary prefix id value .* host1/Admin(config-cmap-http-insp)# match cookie secondary name identity value bob • When you configure a secondary cookie value match across all secondary cookie names in a match-all class map, you cannot configure any other secondary cookie match in the same class map. That is because a secondary cookie match on value alone is equivalent to a wildcard match on name. In the following example, the second match statement is not allowed: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match cookie secondary value bob host1/Admin(config-cmap-http-insp)# match cookie secondary name identity value jane Examples To match a secondary cookie called “matchme” with a regular expression value of .*abc123, enter the following commands: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match cookie secondary name matchme value .*abc123 Related Commands (config-pmap-ins-http) match cookie secondary (config-cmap-http-insp) match header To configure the class map to define application inspection decisions based on the name and value in an HTTP header, use the match header command. The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP header expression. Use the no form of this command to clear an HTTP header match criteria from the class map. [line_number] match header {header_name | header_field} header-value expression no [line_number] match header {header_name | header_field} header-value expression ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-525 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Syntax Description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. header_name Name of the HTTP header to match (for example, www.example1.com.) The range is from 1 to 64 alphanumeric characters. Note The header_name argument cannot include the colon in the name of the HTTP header; the ACE rejects the colon as an invalid token. 2-526 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands header_field Standard HTTP/1.1 header field. Valid selections include request-header fields, general-header fields, and entity-header fields. Selections also include two lower-level header-matching commands: “length” and “mime-type.” The supported selections are as follows: • Accept—Semicolon-separated list of representation schemes (content type metainformation values) that will be accepted in the response to the request. • Accept-Charset—Character sets that are acceptable for the response. This field allows clients capable of understanding more comprehensive or special-purpose character sets to signal that capability to a server that can represent documents in those character sets. • Accept-Encoding—Restricts the content encoding that a user will accept from the server. • Accept-Language—ISO code for the language in which the document is written. The language code is an ISO 3316 language code with an optional ISO639 country code to specify a national variant. • Authorization—Specifies that the user agent wants to authenticate itself with a server, usually after receiving a 401 response. • Cache-Control—Directives that must be obeyed by all caching mechanisms along the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. • Connection—Allows the sender to specify connection options. • Content-MD5—MD5 digest of the entity body that provides an end-to-end integrity check. Only a client or an origin server can generate this header field. • Expect—Used by a client to inform the server about the behaviors that the client requires. • From—Contains the e-mail address of the person that controls the requesting user agent. • Host—Internet host and port number of the resource being requested, as obtained from the original URL given by the user or referring resource. The Host field value must represent the naming authority of the origin server or gateway given by the original URL.2-527 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History • If-Match—Used with a method to make it conditional. A client that has one or more entities previously obtained from the resource can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field. This feature allows efficient updates of cached information with a minimum amount of transaction overhead. It is also used on updating requests to prevent inadvertent modification of the wrong version of a resource. As a special case, the value “*” matches any current entity of the resource. • length—See the (config-cmap-http-insp) match header length command. • mime-type—See the (config-cmap-http-insp) match header mime-type command. • Pragma—Pragma directives that are understood by servers to whom the directives are relevant. The syntax is the same as for other multiple-value fields in HTTP. For example, the accept field is a comma-separated list of entries for which the optional parameters are separated by semicolons. • Referer—Address (URI) of the resource from which the URI in the request was obtained. • Transfer-Encoding—Indicates what (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient. • User-Agent—Information about the user agent (for example, a software program that originates the request). This information is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents. • Via—Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests and between the origin server and the client on responses. header-value expression Specifies the header value expression string to compare against the value in the specified field in the HTTP header. The range is from 1 to 255 alphanumeric characters. Table 1-9 lists the supported characters that you can use in regular expressions. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-528 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Usage Guidelines The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces, provided that the spaces are escaped or quoted. Table 1-9 lists the supported characters that you can use in regular expressions. Examples To filter on content and allow HTTP headers that contain the expression html, enter: host1/Admin(config)# class-map type http inspect match-all L7_CLASSFLTRHTML1 host1/Admin(config-cmap-http-insp)# match header accept header-value html Related Commands (config-cmap-http-insp) description (config-cmap-http-insp) match header length To limit the HTTP traffic allowed through the ACE based on the length of the entity body in the HTTP message, use the match header length command. Messages will be either allowed or denied based on the Layer 7 HTTP deep packet inspection policy map action. Use the no form of this command to clear an HTTP header length match criteria from the class map. [line_number] match header length {request | response} {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} no [line_number] match header length {request | response} {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} Syntax Description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. request Specifies the size of the HTTP header request message that can be received by the ACE. response Specifies the size of the HTTP header response message sent by the ACE. eq bytes Specifies a value for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with an entity body size equal to the specified value. Valid entries are from 1 to 65535 bytes. gt bytes Specifies a minimum value for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with an entity body size greater than the specified value. Valid entries are from 1 to 65535 bytes.2-529 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines By default, the maximum header length for HTTP deep packet inspection is 2048 bytes. Examples To specify that the class map match on HTTP traffic received with a length less than or equal to 3600 bytes in the entity body of the HTTP message, enter: (config)# class-map type http inspect HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match header length request eq 3600 Related Commands This command has no related commands. lt bytes Specifies a maximum value for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with an entity body size less than the specified value. Valid entries are from 1 to 65535 bytes. range bytes1 bytes 2 Specifies a size range for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a entity body size within this range. The range is from 1 to 65535 bytes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-530 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands (config-cmap-http-insp) match header mime-type To specify a subset of the Multipurpose Internet Mail Extension (MIME)-type messages that the ACE permits or denies based on the actions in the policy map, use the match header mime-type command. MIME-type validation extends the format of Internet mail to allow non-US-ASCII textual messages, non-textual messages, multipart message bodies, and non-US-ASCII information in message headers. Use the no form of this command to deselect the specified MIME message match criteria from the class map. [line_number] match header mime-type mime_type no [line_number] match header mime-type mime_type Syntax Description [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not dictate a priority or sequence for the match statements. mime_type MIME-type message. The ACE includes a predefined list of mime-types, such as image\Jpeg, text\html, application\msword, audio\mpeg. Choose whether only the mime-types included in this list are permitted through the ACE firewall or whether all mime-types are acceptable. The default behavior is to allow all mime-types. The following lists the supported mime-types: • application\msexcel • application\mspowerpoint • application\msword • application\octet-stream2-531 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands • application\pdf • application\postscript • application\x-gzip • application\x-java-archive • application\x-java-vm • application\x-messenger • application\zip • audio\* • audio\basic • audio\midi • audio\mpeg • audio\x-adpcm • audio\x-aiff • audio\x-ogg • audio\x-wav • image \* • image\gif • image\jpeg • image\png • image\tiff • image\x-3ds • image\x-bitmap • image\x-niff • image\x-portable-bitmap • image\x-portable-greymap • image\x-xpm • text\* • text\css • text\html • text\plain • text\richtext • text\sgml • text\xmcd • text\xml2-532 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines To define MIME type messages in addition to what is supported under the match header mime-type command, use the match header command. For example, to define a match for a new MIME-type audio\myaudio, you could enter the following match statement: match header Content-type header-value audio\myaudio. Examples To specify the MIME-type audio\midi and audio\mpeg messages permitted through the ACE, enter: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match header mime-type audio\midi host1/Admin(config-cmap-http-insp)# match header mime-type audio\mpeg Related Commands This command has no related commands. • video\* • video\flc • video\mpeg • video\quicktime • video\sgi • video\x-fli ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-533 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands (config-cmap-http-insp) match port-misuse To configure the class map to define application inspection compliance decisions that restrict certain HTTP traffic from passing through the ACE, use the match port-misuse command. This class map detects the misuse of port 80 (or any other port running HTTP) for tunneling protocols such as peer-to-peer (p2p) applications, tunneling applications, and instant messaging. Use the no form of this command to clear the HTTP restricted application category match criteria from the class map. [line_number] match port-misuse {im | p2p | tunneling} no [line_number] match port-misuse {im | p2p | tunneling} Syntax Description Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines You can specify multiple match port-misuse commands within a class map. Each match port-misuse command configures a single application type. The port misuse application inspection process requires a search of the entity body of the HTTP message, which may degrade performance of the ACE. The ACE disables the match port-misuse command by default. If you do not configure a restricted HTTP application category, the default action by the ACE is to allow the applications without generating a log. line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not dictate a priority or sequence for the match statements. im Defines the instant messaging application category. The ACE checks for the Yahoo Messenger instant messaging application. p2p Defines the peer-to-peer application category. The applications checked include Kazaa and Gnutella. For the ACE appliance, the GoToMyPC application is included. tunneling Defines the tunneling application category. The applications checked include: HTTPort/HTTHost, GNU Httptunnel, GotoMyPC, Firethru, and Http-tunnel.com Client. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-534 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Examples To identify that peer-to-peer applications are restricted HTTP traffic, enter: (config)# class-map type http inspect HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match port-misuse p2p Related Commands (config-cmap-http-insp) description (config-cmap-http-insp) match request-method To configure the class map to define application inspection compliance decisions based on the request methods defined in RFC 2616 and by HTTP extension methods, use the match request-method command. If the HTTP request method or extension method compliance checks fails, the ACE denies or resets the specified HTTP traffic based on the policy map action. Use the no form of this command to clear the HTTP request method match criteria from the class map. [line_number] match request-method {ext method | rfc method} no [line_number] match request-method {ext method | rfc method} Syntax Description Command Modes Class map HTTP inspection configuration mode Admin and user contexts line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not dictate a priority or sequence for the match statements. ext method Specifies an HTTP extension method. If the RFC request messages does not contain one of the RFC 2616 HTTP request methods, the ACE verifies if it is an extension method. The ACE supports the inspection of the following HTTP request extension methods: bcopy, bdelete, bmove, bpropfind, bproppatch, copy, edit, getattr, getattrname, getprops, index, lock, mkdir, mkcol, move, propfind, proppatch, revadd, revlabel, revlog, revnum, save, search, setattr, startrev, stoprev, unedit, and unlock. (ACE module only) The ACE also supports the inspection of the following HTTP request extension methods: notify, poll, subscribe, unsubscribe, and x-ms-emumatts. rfc method Specifies a RFC 2616 HTTP request method that you want to perform an RFC compliance check on. The ACE supports the inspection of the following RFC 2616 HTTP request methods: connect, delete, get, head, options, post, put, and trace. 2-535 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Command History Usage Guidelines You can specify multiple match request-method commands within a class map.Each match request-method command configures a single request method. For unsupported HTTP request methods, include the inspect http strict command as an action in the Layer 3 and Layer 4 policy map. The ACE disables the match request-method command by default. If you do not configure a request method, the default action by the ACE is to allow the RFC 2616 HTTP request method without generating a log. By default, the ACE allows all request and extension methods. Examples To identify that the connect, get, head, and index HTTP RFC 2616 protocols are to be used for application inspection, enter: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match request-method rfc connect host1/Admin(config-cmap-http-insp)# match request-method rfc get host1/Admin(config-cmap-http-insp)# match request-method rfc head host1/Admin(config-cmap-http-insp)# match request-method ext index Related Commands (config-cmap-http-insp) description (config-cmap-http-insp) match transfer-encoding To configure the class map to define application inspection decisions that limit the HTTP transfer-encoding types that can pass through the ACE, use the match transfer-encoding command. The transfer-encoding general-header field indicates the type of transformation, if any, that has been applied to the HTTP message body to safely transfer it between the sender and the recipient. When an HTTP request message contains the configured transfer-encoding type, the ACE performs the configured action in the policy map. Use the no form of this command to clear the HTTP transfer-encoding match criteria from the class map. [line_number] match transfer-encoding {chunked | compressed | deflate | gzip | identity} no [line_number] match transfer-encoding {chunked | compressed | deflate | gzip | identity} ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced.2-536 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Syntax Description Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines You can specify multiple match transfer-encoding commands within a class map. Each match transfer-encoding command configures a single application type. The ACE disables the match transfer-encoding command by default. If you do not configure a transfer-encoding type, the default action by the ACE is to allow the HTTP transfer-encoding types without generating a log. Examples To specify a chunked HTTP transfer encoding type to limit the HTTP traffic that flows through the ACE, enter: (config)# class-map type http inspect HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match transfer-encoding chunked line_number (Optional) Line number to assist you in editing or deleting individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not dictate a priority or sequence for the match statements. chunked Transfers the message body as a series of chunks. compressed Defines the encoding format produced by the common UNIX file compression program “compress”. This format is an adaptive Lempel-Ziv-Welch coding (LZW). deflate Defines the .zlib format defined in RFC 1950 in combination with the deflate compression mechanism described in RFC 1951. gzip Defines the encoding format produced by the file compression program gzip (GNU zip) as described in RFC 1952. This format is a Lempel-Ziv coding (LZ77) with a 32 bit CRC. identity Defines the default (identity) encoding, which does not require the use of transformation. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-537 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands Related Commands (config-cmap-http-insp) description (config-cmap-http-insp) match url To configure the class map to define application inspection decisions based on URL name and, optionally, HTTP method, use the match url command. HTTP performs regular expression matching against the received packet data from a particular connection based on the URL expression. Use the no form of this command to clear a URL match criteria from the class map. [line_number] match url expression no [line_number] match url expression Syntax Description Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines Include only the portion of the URL following www.hostname.domain in the match statement. For example, in the URL www.anydomain.com/latest/whatsnew.html, include only /latest/whatsnew.html. To match the www.anydomain.com portion, the URL string can take the form of a URL regular expressions. The ACE supports the use of regular expressions for matching. line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not dictate a priority or sequence for the match statements. expression URL or portion of a URL to match. The URL string range is from 1 to 255 characters. Include only the portion of the URL following www.hostname.domain in the match statement. For a list of the supported characters that you can use in regular expressions, see Table 1-9. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-538 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Inspection Configuration Mode Commands When matching URLs, the period (.) character does not have a literal meaning in regular expressions. Use either the brackets ([ ]) or the slash (/) character classes to match this symbol, for example, specify www[.]xyz[.]com instead of www.xyz.com. Examples To specify that the Layer 7 class map is to match and perform application inspection on a specific URL, enter: (config)# class-map type http inspect HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match url whatsnew/latest.* To use regular expressions to emulate a wildcard search to match on any .gif or .html file, enter: (config)# class-map type http inspect match-any HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match url .*.gif host1/Admin(config-cmap-http-insp)# match url .*.html Related Commands (config-cmap-http-insp) description (config-cmap-http-insp) match url length To limit the HTTP traffic allowed through the ACE by specifying the maximum length of a URL in a request message that can be received by the ACE, use the match url length command. Messages will be either allowed or denied based on the Layer 7 HTTP deep packet inspection policy map action. Use the no form of this command to clear a URL length match criteria from the class map. [line_number] match url length {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} no [line_number] match url length {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} Syntax Description line_number (Optional) Line number to assist you in editing or deleting individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not dictate a priority or sequence for the match statements. eq bytes Specifies a value for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length equal to the specified value. Valid entries are from 1 to 65535 bytes. gt bytes Specifies a minimum value for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length greater than the specified value. Valid entries are from 1 to 65535 bytes.2-539 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Command Modes Class map HTTP inspection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify that the class map is to match on a URL with a length equal to 10000 bytes in the request message, enter: (config)# class-map type http inspect HTTP_INSPECT_L7CLASS host1/Admin(config-cmap-http-insp)# match url length eq 10000 Related Commands (config-cmap-http-insp) description Class Map HTTP Load Balancing Configuration Mode Commands Class map HTTP load balancing configuration mode commands allow you to create a Layer 7 HTTP server load balancing (SLB) class map. To create this class map and access class map HTTP load balancing configuration mode, use the class-map type http loadbalance command. The prompt changes to (config-cmap-http-lb). Use the no form of this command to remove an HTTP SLB class map from the ACE. class-map type http loadbalance [match-all | match-any] map_name no class-map type http loadbalance [match-all | match-any] map_name lt bytes Specifies a maximum value for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length less than the specified value. Valid entries are from 1 to 65535 bytes. range bytes1 bytes Specifies a size range for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length within this range. The range is from 1 to 65535 bytes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-540 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Layer 7 class map named L7SLB_CLASS that performs server load balancing, enter: host1/Admin(config)# class-map type http loadbalance match-any L7SLB_CLASS match-all | match-any (Optional) Determines how the ACE evaluates Layer 7 HTTP SLB operations when multiple match criteria exist in a class map. The class map is considered a match if the match commands meet one of the following conditions: • match-all —(Default) Specifies that network traffic needs to satisfy all of the match criteria (implicit AND) to match the Layer 7 load-balancing class map. The match-all keyword is applicable only for match statements of different Layer 7 load-balancing types. For example, specifying a match-all condition for URL, HTTP header, and URL cookie statements in the same class map is valid. However, specifying a match-all condition for multiple HTTP headers or multiple cookies with the same names or multiple URLs in the same class map is invalid. • match-any—Specifies that network traffic needs to satisfy only one of the match criteria (implicit OR) to match the HTTP load-balancing class map. The match-any keyword is applicable only for match statements of the same Layer 7 load-balancing type. For example, the ACE does not allow you to specify a match-any condition for URL, HTTP header, and URL cookie statements in the same class map but does allow you to specify a match-any condition for multiple URLs, or multiple HTTP headers or multiple cookies with different names in the same class map. map_name Name assigned to the Layer 7 HTTP SLB class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-541 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands host1/Admin(config-cmap-http-lb)# Related Commands (config) policy-map (config-cmap-http-lb) description To provide a brief summary about the Layer 7 HTTP SLB class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Class map HTTP load balancing configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the class map is to perform server load balancing, enter: host1/Admin(config-cmap-http-lb)# description HTTP LOAD BALANCE PROTOCOL 1 Related Commands This command has no related commands. text Description about the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-542 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands (config-cmap-http-lb) match class-map To identify one Layer 7 HTTP SLB class map as a matching criterion for another Layer 7 HTTP SLB class map, use the match class-map command. Use the no form of this command to remove the nested class map from the HTTP SLB class map. [line_number] match class-map name no [line_number] match class-map name Syntax Description Command Modes Class map HTTP load balancing configuration mode Admin and user contexts Command History Usage Guidelines The match class map command allows you to combine the use of the match-any and match-all keywords in the same class map. To combine match-all and match-any characteristics in a class map, create a class map that uses one match command (either match-any or match-all) and then use this class map as a match statement in a second class map that uses a different match type. The nesting of class maps allows you to achieve complex logical expressions for Layer 7 HTTP-based server load balancing. The ACE restricts the nesting of class maps to two levels to prevent you from including a nested class map under another class map. See the Server Load-Balancing Guide, Cisco ACE Application Control Engine for details about configuring the ACE to perform server load balancing. line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. name Name of an existing Layer 7 load-balancing class map. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-543 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Examples To combine the characteristics of two class maps, one with match-any and one with match-all characteristics, into a single class map, enter: (config)# class-map type http loadbalance match-all class3 (config-cmap-http-lb)# 100 match http cookie testcookie1 cookie-value 123456 (config-cmap-http-lb)# 200 match http header Host header-value XYZ (config-cmap-http-lb)# exit (config)# class-map type http loadbalance match-any class4 (config-cmap-http-lb)# 10 match class-map class3 (config-cmap-http-lb)# 20 match source-address 192.168.11.2 (config-cmap-http-lb)# 30 match source-address 192.168.11.3 (config-cmap-http-lb)# exit Related Commands (config-cmap-http-lb) description2-544 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands (config-cmap-http-lb) match cipher (ACE appliance only) To make server load-balancing (SLB) decisions based on a specific SSL cipher or cipher strength used to initiate a connection, use the match cipher command. Use the no form of this command to remove an SSL cipher content match statement from the class map. match cipher {equal-to cipher | less-than cipher_strength} no match cipher {equal-to cipher | less-than cipher_strength} Syntax Description Command Modes Class map HTTP load balancing configuration mode Admin and user contexts Command History equal-to cipher Specifies the SSL cipher. The possible values for cipher are as follows: • RSA_EXPORT1024_WITH_DES_CBC_SHA • RSA_EXPORT1024_WITH_RC4_56_MD5 • RSA_EXPORT1024_WITH_RC4_56_SHA • RSA_EXPORT_WITH_DES40_CBC_SHA • RSA_EXPORT_WITH_RC4_40_MD5 • RSA_WITH_3DES_EDE_CBC_SHA • RSA_WITH_AES_128_CBC_SHA • RSA_WITH_AES_256_CBC_SHA • RSA_WITH_DES_CBC_SHA • RSA_WITH_RC4_128_MD5 • RSA_WITH_RC4_128_SHA less-than cipher_strength Specifies a noninclusive minimum SSL cipher bit strength. For example, if you specify a cipher strength value of 128, any SSL cipher that was no greater than 128 would hit the traffic policy. If the SSL cipher was 128-bit or greater, the connection would miss the policy. The possible values for cipher_strength are as follows: • 128 • 168 • 256 • 56 ACE Appliance Release Modification A3(1.0) This command was introduced.2-545 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Usage Guidelines This command has no usage guidelines. Examples To specify that the Layer 7 SLB class map load balances on a specific SSL cipher, enter: host1/Admin(config)# class-map type http loadbalance http match-all L7SLBCLASS host1/Admin(config-cmap-http-lb)# 10 match cipher equal-to RSA_WITH_RC4_128_CBC_SHA To specify that the Layer 7 SLB class map load balances on a specific minimum SSL cipher bit strength, enter: host1/Admin(config)# class-map type http loadbalance http match-all L7SLBCLASS host1/Admin(config-cmap-http-lb)# 100 match cipher less-than 128 Related Commands This command has no related commands. (config-cmap-http-lb) match http content To configure a class map to make Layer 7 SLB decisions based on the HTTP packet content, use the match http content command. Use the no form of this command to remove an HTTP content match statement from the class map. [line_number] match http content expression [offset number] no [line_number] match http content expression [offset number] Syntax Description Command Modes Class map HTTP load balancing configuration mode Admin and user contexts line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression Regular expression content to match. Enter a string from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching data strings. For a list of the supported characters that you can use in regular expressions, see Table 1-9. offset number (Optional) Specifies the byte at which the ACE begins parsing the packet data. Enter an integer from 0 to 999. The default is 0.2-546 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Command History Usage Guidelines The ACE can perform regular expression matching against the received packet data from a particular connection based on a regular expression string in HTTP packet data (not the header). When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). Examples To specify that the Layer 7 class map performs SLB based on a specific HTTP header string, enter: host1/Admin(config)# class-map type http loadbalance match-any L7_HTTP_CLASS host1/Admin(config-cmap-http-lb)# 10 match http content abc*123 offset 50 Related Commands (config-cmap-http-lb) description (config-cmap-http-lb) match http cookie To configure the class map to make Layer 7 server load-balancing (SLB) decisions based on the name and string of a cookie, use the match http cookie command. The ACE performs regular expression matching against the received packet data from a particular connection based on the cookie expression. You can configure a maximum of five cookie names per VIP. Use the no form of this command to remove an HTTP cookie match statement from the class map. [line_number] match http cookie {name | secondary name} cookie-value expression no [line_number] match http cookie {name | secondary name} cookie-value expression Syntax Description ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. name Unique cookie name. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-547 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Command Modes Class map HTTP load balancing configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify that the Layer 7 class map load balances on a cookie with the name of testcookie1 or testcookie2, enter: (config)# class-map type http loadbalance match-any L7SLBCLASS (config-cmap-http-lb)# 100 match http cookie testcookie1 cookie-value 123456 (config-cmap-http-lb)# 200 match http cookie testcookie2 cookie-value 789987 Related Commands (config-cmap-http-lb) description (config-cmap-http-lb) match http header To configure a class map to make Layer 7 SLB decisions based on the name and value of an HTTP header, use the match http header command. The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP header expression. You can configure a maximum of 10 HTTP header names and cookie names per class. Use the no form of this command to remove all HTTP header match criteria from the class map. [line_number] match http header header_name header-value expression no [line_number] match http header header_name header-value expression secondary name Specifies a cookie in a URL string. You can specify the delimiters for cookies in a URL string using a command in an HTTP parameter map. For more information, see the “Parameter Map HTTP Configuration Mode Commands” section. cookie-value expression Specifies a unique cookie value expression. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. The ACE supports the use of regular expressions for matching string expressions. For a list of the supported characters that you can use for matching string expressions, see Table 1-9. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-548 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Syntax Description Command Modes Class map HTTP load balancing configuration mode Admin and user contexts Command History Usage Guidelines The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. For a list of the supported characters that you can use for regular expressions, see Table 1-9. line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. header_name Name of the field in the HTTP header. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). You can enter any header field name, including a standard HTTP header field name or any user-defined header field name. Valid selections include request-header fields, general-header fields, and entity-header fields. Note The header_name argument cannot include the colon in the name of the HTTP header; the ACE rejects the colon as an invalid token. For a list of the standard HTTP/1.1 header field names, see Table 1-10. header-value expression Specifies the header value expression string to compare against the value in the specified field in the HTTP header. Enter a text string from 1 to 255 alphanumeric characters. For a list of the supported characters that you can use for regular expressions, see Table 1-9. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-549 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Table 1-10 lists the standard HTTP header fields that you can use in an HTTP load-balancing class map. Ta b l e 1-10 Standard HTTP Header Fields Field Name Description Accept Semicolon-separated list of representation schemes (content type metainformation values) that will be accepted in the response to the request. Accept-Charset Character sets that are acceptable for the response. This field allows clients capable of understanding more comprehensive or special-purpose character sets to signal that capability to a server that can represent documents in those character sets. Accept-Encoding Restricts the content encoding that a user will accept from the server. Accept-Language ISO code for the language in which the document is written. The language code is an ISO 3316 language code with an optional ISO 639 country code to specify a national variant. Authorization Specifies that the user agent wants to authenticate itself with a server, usually after receiving a 401 response. Cache-Control Directives that must be obeyed by all caching mechanisms along the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. Connection Allows the sender to specify connection options. Content-MD5 MD5 digest of the entity-body that provides an end-to-end integrity check. Only a client or an origin server can generate this header field. Expect Used by a client to inform the server about what behaviors the client requires. From E-mail address of the person that controls the requesting user agent. Host Internet host and port number of the resource being requested, as obtained from the original URI given by the user or referring resource. The Host field value must represent the naming authority of the origin server or gateway given by the original URL. If-Match Used with a method to make it conditional. A client that has one or more entities previously obtained from the resource can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field. This feature allows efficient updates of cached information with a minimum amount of transaction overhead. It is also used on updating requests to prevent inadvertent modification of the wrong version of a resource. As a special case, the asterisk (*) value matches any current entity of the resource. Pragma Pragma directives understood by servers to whom the directives are relevant. The syntax is the same as for other multiple-value fields in HTTP, for example, the accept field, a comma-separated list of entries, for which the optional parameters are separated by semicolons. Referer Address (URI) of the resource from which the URI in the request was obtained. Transfer-Encoding What (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient.2-550 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Examples To specify that the Layer 7 class map performs SLB on an HTTP header named Host, enter: (config)# class-map type http loadbalance match-any L7SLBCLASS (config-cmap-http-lb)# 100 match http header Host header-value .*cisco.com To use regular expressions in a class map to emulate a wildcard search to match the header value expression string, enter: host1/Admin(config)# class-map type http loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-http-lb)# 10 match http header Host header-value .*cisco.com host1/Admin(config-cmap-http-lb)# 20 match http header Host header-value .*yahoo.com To specify that the Layer 7 class map performs SLB on an HTTP header named Via, enter: host1/Admin(config)# class-map type http loadbalance match-all L7SLBCLASS host1/Admin(config-cmap-http-lb)# 30 match http header Via header-value 192.* Related Commands (config-cmap-http-lb) description (config-cmap-http-lb) match http url To configure a class map to make Layer 7 SLB decisions based on the URL name and, optionally, the HTTP method, use the match http url command. The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP URL string. Use the no form of this command to remove a URL match statement from the class map. [line_number] match http url expression [method name] no [line_number] match http url expression [method name] User-Agent Information about the user agent, for example, a software program originating the request. This information is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents to customize responses to avoid particular user agent limitations. Via Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests and between the origin server and the client on responses. Table 1-10 Standard HTTP Header Fields (continued) Field Name Description2-551 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands Syntax Description Command Modes Class map HTTP load balancing configuration mode Admin and user contexts Command History Usage Guidelines Include only the portion of the URL that follows www.hostname.domain in the match statement. For example, in the URL www.anydomain.com/latest/whatsnew.html, include only /latest/whatsnew.html. To match the www.anydomain.com portion, the URL string can take the form of a URL regular expression. The ACE supports the use of regular expressions for matching URL strings. For a list of the supported characters that you can use for regular expressions, see Table 1-9. When matching URLs, note that the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). Examples To specify that the Layer 7 class map performs SLB on a specific URL, enter: host1/Admin(config)# class-map type http loadbalance L7SLBCLASS line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression URL, or portion of a URL, to match. Enter a URL string from 1 to 255 alphanumeric characters. Include only the portion of the URL that follows www.hostname.domain in the match statement. For a list of the supported characters that you can use for regular expressions, see Table 1-9. method name (Optional) Specifies the HTTP method to match. Enter a method name as an unquoted text string with no spaces and a maximum of 15 alphanumeric characters. The method can either be one of the standard HTTP 1.1 method names (OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, or CONNECT) or a text string that must be matched exactly (for example, CORVETTE). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-552 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map HTTP Load Balancing Configuration Mode Commands host1/Admin(config-cmap-http-lb)# 10 match http url whatsnew/latest.* To use regular expressions to emulate a wildcard search to match on any .gif or .html file, enter: host1/Admin(config)# class-map type http loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-http-lb)# 100 match http url .*.gif host1/Admin(config-cmap-http-lb)# 200 match http url .*.html Related Commands (config-cmap-http-lb) description (config-cmap-http-lb) match source-address To configure the class map to make Layer 7 SLB decisions based on a client source IP address, use the match source-address command. Use the no form of this command to remove the source IP address match statement from the class map. [line_number] match source-address ip_address [netmask] no [line_number] match source-address ip_address [netmask] Syntax Description Command Modes Class map HTTP load balancing configuration mode Admin and user contexts Command History line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.2). netmask (Optional) Subnet mask of the IP address. Enter the netmask in dotted-decimal notation (for example, 255.255.255.0). The default is 255.255.255.255. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-553 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Management Configuration Mode Commands Usage Guidelines This command has no usage guidelines. Examples To specify that the class map match on source IP address 192.168.11.2 255.255.255.0, enter: host1/Admin(config)# class-map type http loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-http-lb)# 50 match source-address 192.168.11.2 255.255.255.0 Related Commands (config-cmap-http-lb) description Class Map Management Configuration Mode Commands Class map management configuration mode allows you to create a Layer 3 and Layer 4 class map to classify the IP network management traffic received by the ACE. To create this class map and access class map management configuration mode, use the class-map type management configuration command. The prompt changes to (config-cmap-mgmt). This command permits network management traffic by identifying the incoming IP management protocols that the ACE can receive as well as the client source host IP address and subnet mask as the matching criteria. A class map of type management provides access for one or more of the following management protocols: HTTP, HTTPS, ICMP, SNMP, SSH, or Telnet. Use the no form of this command to remove a network management class map. class-map type management [match-all | match-any] map_name no class-map type management [match-all | match-any] map_name Syntax Description Command Modes Configuration mode Admin and user contexts match-all | match-any (Optional) Determines how the ACE evaluates Layer 3 and Layer 4 network management traffic when multiple match criteria exist in a class map. The class map is considered a match if the match commands meet one of the following conditions. • match-all—(Default) Traffic being evaluated must match all of the match criteria listed in the class map (typically, match commands of different types). • match-any—Traffic being evaluated must match one of the match criteria listed in the class map (typically, match commands of the same type). map_name Name assigned to the Layer 3 and Layer 4 network management protocol class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-554 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Management Configuration Mode Commands Command History Usage Guidelines The commands in this mode require the context Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Layer 3 and Layer 4 class map named MGMT-ACCESS_CLASS that classifies the network management protocols that can be received by the ACE, enter: host1/Admin# class-map type management match-any MGMT-ACCESS_CLASS host1/Admin(config-cmap-mgmt)# Related Commands This command has no related commands. (config-cmap-mgmt) description To provide a brief summary about the Layer 3 and Layer 4 management class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Class map management configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. text Description about the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-555 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Management Configuration Mode Commands Examples To add a description that the class map is to allow remote Telnet access, enter: host1/Admin# class-map type management TELNET-ALLOW_CLASS host1/Admin(config-cmap-mgmt)# description Allow Telnet access to the ACE Related Commands This command has no related commands.2-556 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Management Configuration Mode Commands (config-cmap-mgmt) match protocol To configure the class map to identify the network management protocols that can be received by the ACE, use the match protocol command. You configure the associated policy map to permit access to the ACE for the specified management protocols. As part of the network management access traffic classification, you also specify either a client source host IP address and subnet mask as the matching criteria or instruct the ACE to allow any client source address for the management traffic classification. Use the no form of this command to deselect the specified network management protocol match criteria from the class map. [line_number] match protocol {http | https | icmp | icmpv6 | kalap-udp | snmp | ssh | telnet | xml-https} {any | anyv6 | source-address {ipv6_address/prefix_length | ipv4_address mask} no [line_number] match protocol {http | https | icmp | icmpv6 | kalap-udp | snmp | ssh | telnet | xml-https} {any | anyv6 | source-address {ipv6_address/prefix_length | ipv4_address mask} Syntax Description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. http Specifies the Hypertext Transfer Protocol (HTTP). https Specifies the secure (SSL) Hypertext Transfer Protocol (HTTP). (ACE appliance only) Specifies the secure (SSL) Hypertext Transfer Protocol (HTTP) for connectivity with the Device Manager GUI on the ACE using port 443. icmp Specifies the Internet Control Message Protocol (ping). icmpv6 Specifies the Internet Control Message Protocol Version 6 messages to the ACE. kalap-udp Specifies the keepalive-appliance protocol (KAL-AP) over UDP. snmp Specifies the Simple Network Management Protocol (SNMP). ssh Specifies a Secure Shell (SSH) connection to the ACE. telnet Specifies a Telnet connection to the ACE. xml-https (ACE appliance only) Specifies HTTPS as transfer protocol to send and receive XML documents between the ACE and a Network Management System (NMS). Communication is performed using port 10443. any Specifies any client source IPv4 address for the management traffic classification. anyv6 Specifies any client source IPv6 address for the management traffic classification.2-557 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map Management Configuration Mode Commands Command Modes Class map management configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify that the class map allows SSH access to the ACE from the source IP address 192.168.10.1 255.255.255.0, enter: host1/Admin# class-map type management SSH-ALLOW_CLASS host1/Admin(config-cmap-mgmt)# match protocol ssh source-address 192.168.10.1 255.255.255.0 Related Commands (config-cmap-mgmt) description source-address Specifies a client source host IP address and subnet mask as the network traffic matching criteria. As part of the classification, the ACE implicitly obtains the destination IP address from the interface on which you apply the policy map. ipv6_address Source IPv6 address of the client. /prefix_length Prefix length of the client entry (for example, /64). ipv4_address Source IPv4 address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). mask Subnet mask of the client entry in dotted-decimal notation (for example, 255.255.255.0). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A5(1.0) Added the anyv6 and icmpv6 keywords. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. Added the anyv6 and icmpv6 keywords.2-558 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RADIUS Load Balancing Configuration Mode Commands Class Map RADIUS Load Balancing Configuration Mode Commands The ACE performs Layer 7 Remote Authentication Dial-In User Service (RADIUS) load balancing based on the calling-station-ID or the username RADIUS attribute. To create a RADIUS load-balancing class map and access class map RADIUS load balancing configuration mode, use the class-map type radius loadbalance command. The prompt changes to (config-cmap-radius-lb). Use the no form of this command to remove a RADIUS load-balancing class map from the configuration. class-map type radius loadbalance [match-all | match-any] map_name no class-map type radius loadbalance [match-all | match-any] map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To create a class map named RADIUS_L7_CLASS, enter: host1/Admin(config)# class-map type radius loadbalance match-any RADIUS_L7_CLASS host1/Admin(config-cmap-radius-lb)# To remove the RADIUS class map from the configuration, enter: host1/Admin(config)# no class-map type radius loadbalance match-any RADIUS_L7_CLASS match-all | match-any (Optional) Determines how the ACE evaluates RADIUS network traffic when multiple match criteria exist in a class map. • match-all—(Default) Network traffic needs to satisfy all of the match criteria (implicit AND) to match the RADIUS load-balancing class map. • match-any—Network traffic needs to satisfy only one of the match criteria (implicit OR) to match the RADIUS load-balancing class map. map_name Unique identifier assigned to the RADIUS load-balancing class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-559 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RADIUS Load Balancing Configuration Mode Commands Related Commands (config) class-map (config-cmap-radius-lb) description (config-cmap-radius-lb) match radius attribute2-560 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RADIUS Load Balancing Configuration Mode Commands (config-cmap-radius-lb) description To provide a brief description of the RADIUS load-balancing class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Class map RADIUS load balancing configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the RADIUS load-balancing class map, enter: host1/Admin(config)# class-map type radius loadbalance match-any RADIUS_L7_CLASS host1/Admin(config-cmap-radius-lb)# description RADIUS CLASS MAP To remove a description from a RADIUS load-balancing class map, enter: host1/Admin(config-cmap-radius-lb)# no description Related Commands (config-cmap-radius-lb) match radius attribute text Description of the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-561 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RADIUS Load Balancing Configuration Mode Commands (config-cmap-radius-lb) match radius attribute To specify the RADIUS attribute match criteria for the class map, use the match radius attribute command. Use the no form of this command to remove the match statement from the RADIUS attribute class map. [line_number] match radius attribute {calling-station-id | username} expression no [line_number] match radius attribute {calling-station-id | username} expression Syntax Description Command Modes Class map RADIUS load balancing configuration mode Admin and user contexts Command History Usage Guidelines The ACE performs Layer 7 RADIUS load balancing based on the calling-station-ID or username RADIUS attribute. Examples To configure RADIUS match criteria based on the calling station ID attribute, enter: host1/Admin(config)# class-map type radius loadbalance match-any RADIUS_L7_CLASS host1/Admin(config-cmap-radius-lb)# 10 match radius attribute calling-station-id 122* line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. calling-station-id Specifies the unique identifier of the calling station. username Specifies the name of the RADIUS user who initiated the connection. expression Calling station ID or username to match. Enter a string from 1 to 64 alphanumeric characters. The ACE supports the use of regular expressions for matching strings. For a list of the supported characters that you can use in regular expressions, see Table 1-9. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-562 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands To remove the RADIUS attribute match statement from the RADIUS_L7_CLASS class map, enter: host1/Admin(config-cmap-radius-lb)# no 10 Related Commands (config-cmap-radius-lb) description Class Map RTSP Load Balancing Configuration Mode Commands Class map Real-Time Streaming Protocol (RTSP) load balancing configuration mode commands allow you to create a Layer 7 RTSP server load-balancing class map. To create an RTSP load-balancing class map and access class map RTSP load balancing configuration mode, use the class-map type rtsp loadbalance command. The prompt changes to (config-cmap-rtsp-lb). Use the no form of this command to remove an RTSP load-balancing class map from the configuration. class-map type rtsp loadbalance [match-all | match-any] map_name no class-map type rtsp loadbalance [match-all | match-any] map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. match-all | match-any (Optional) Determines how the ACE evaluates RTSP network traffic when multiple match criteria exist in a class map. • match-all—(Default) Network traffic needs to satisfy all of the match criteria (implicit AND) to match the RTSP load-balancing class map. • match-any—Network traffic needs to satisfy only one of the match criteria (implicit OR) to match the RTSP load-balancing class map. map_name Unique identifier assigned to the RTSP load-balancing class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-563 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands Examples To create a class map named RTSP_L7_CLASS, enter: host1/Admin(config)# class-map type rtsp loadbalance match-any RTSP_L7_CLASS host1/Admin(config-cmap-rtsp-lb)# To remove the RTSP class map from the configuration, enter: host1/Admin(config)# no class-map type rtsp loadbalance match-any RTSP_L7_CLASS Related Commands (config) class-map (config-cmap-sip-lb) description2-564 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands (config-cmap-rtsp-lb) description To provide a brief description of the RTSP load-balancing class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Class map RTSP load balancing configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the RTSP load-balancing class map, enter: host1/Admin(config)# class-map type rtsp loadbalance match-any RTSP_L7_CLASS host1/Admin(config-cmap-rtsp-lb)# description RTSP CLASS MAP To remove the description from an RTSP load-balancing class map, enter: host1/Admin(config-cmap-rtsp-lb)# no description Related Commands This command has no related commands. text Description of the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-565 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands (config-cmap-rtsp-lb) match class-map To identify one RTSP load-balancing class map as a matching criterion for another RTSP load-balancing class map, use the match class-map command. Use the no form of this command to remove the nested class map from an RTSP load-balancing class map. [line_number] match class-map name no [line_number] match class-map name Syntax Description Command Modes Class map RTSP load balancing configuration mode Admin and user contexts Command History Usage Guidelines The match class-map command allows you to combine the use of the match-any and match-all keywords in the same class map. To combine match-all and match-any characteristics in a class map, create a class map that uses one match command (either match-any or match-all) and then use this class map as a match statement in a second class map that uses the other match type. The nesting of class maps allows you to achieve complex logical expressions for Layer 7 server load balancing. The ACE restricts the nesting of class maps to two levels to prevent you from including a nested class map under another class map. Examples To combine the characteristics of two class maps, one with match-any and one with match-all characteristics, into a single class map, enter: host1/Admin(config)# class-map type rtsp loadbalance match-any CLASS3 host1/Admin(config-cmap-rtsp-lb)# 100 match rtsp url .*.gif host1/Admin(config-cmap-rtsp-lb)# 200 match rtsp header Host header-value XYZ host1/Admin(config-cmap-rtsp-lb)# exit line_number (Optional) Line number that you can use to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. name Name of an existing RTSP load-balancing class map. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-566 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands host1/Admin(config)# class-map type rtsp loadbalance match-all CLASS4 host1/Admin(config-cmap-rtsp-lb)# 10 match class-map CLASS3 host1/Admin(config-cmap-rtsp-lb)# 20 match source-address 192.168.11.2 host1/Admin(config-cmap-rtsp-lb)# exit To remove the nested class map from the RTSP class map, enter: host1/Admin(config-cmap-rtsp-lb)# no 10 Related Commands (config-cmap-sip-lb) description (config-cmap-rtsp-lb) match rtsp header To configure a class map to make RTSP SLB decisions based on the name and value of an RTSP header, use the match rtsp header command. Use the no form of this command to remove an RTSP header match statement from the RTSP load-balancing class map. [line_number] match rtsp header name header-value expression no [line_number] match rtsp header name header-value expression Syntax Description line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. name Name of the field in the RTSP header. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). You can enter any header field name, including a standard RTSP header field name or any user-defined header field name. Because RTSP is similar in syntax and operation to HTTP/1.1, you can use any HTTP header listed in Table 1-10 if the RTSP server supports it. For a complete list of RTSP headers, see RFC 2326. expression Header value expression string to compare against the value in the specified field in the RTSP header. Enter a text string with a maximum of 255 alphanumeric characters. The ACE supports the use of regular expressions for header matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the entire string that contains spaces is quoted. If you use a match-all class map, all headers in the header map must be matched. For a list of the supported characters that you can use in regular expressions, see Table 1-9.2-567 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands Command Modes Class map RTSP load balancing configuration mode Admin and user contexts Command History Usage Guidelines When the ACE receives an RTSP session request, the load-balancing decision is based on the first request message. All subsequent request and response message exchanges are forwarded to the same server. When you configure header match criteria, ensure that the header is included in the first request message by a media player. The ACE can perform regular expression matching against the received packet data from a particular connection based on the RTSP header expression. You can configure a maximum of 10 RTSP header names per class map. Examples To configure an RTSP class map to load balance based on an RTSP header named Session, enter: host1/Admin(config)# class-map type rtsp loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-rtsp-lb)# 10 match rtsp header Session header-value abc123 To configure an RTSP class map to load balance based on an RTSP header named Via, enter: host1/Admin(config)# class-map type rtsp loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-rtsp-lb)# 20 match rtsp header Via header-value 192.* To remove the RTSP header match criteria from the L7SLBCLASS class map, enter: host1/Admin(config-cmap-rtsp-lb)# no 10 host1/Admin(config-cmap-rtsp-lb)# no 20 Related Commands (config-cmap-sip-lb) description (config-cmap-rtsp-lb) match rtsp url To configure a class map to make RTSP SLB decisions based on the URL name and optionally, the RTSP method, use the match rtsp url command. Use the no form of this command to remove an RTSP URL match statement from the RTSP load-balancing class map. [line_number] match rtsp url expression [method name] no [line_number] match rtsp url expression [method name] ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-568 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands Syntax Description Command Modes Class map RTSP load balancing configuration mode Admin and user contexts Command History Usage Guidelines When matching URLs, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). Examples To configure an RTSP class map to load balance based on a specific URL, enter: host1/Admin(config)# class-map type rtsp loadbalance L7SLBCLASS host1/Admin(config-cmap-rtsp-lb)# 10 match rtsp url /whatsnew/latest.* To configure a URL match criterion that emulates a wildcard search to match on any .wav or .mpg file, enter: line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. expression URL, or portion of a URL, to match. The ACE performs matching on whatever URL string appears after the RTSP method, regardless of whether the URL includes the hostname. The ACE supports the use of regular expressions for matching URL strings. For a list of the supported characters that you can use for regular expressions, see Table 1-9. method name (Optional) Specifies the RTSP method to match. Enter a method name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. The method can either be one of the standard RTSP method names (DESCRIBE, ANNOUNCE, GET_PARAMETER, OPTIONS, PAUSE, PLAY, RECORD, REDIRECT, SETUP, SET_PARAMETER, TEARDOWN) or a text string that must be matched exactly (for example, STINGRAY). ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-569 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands host1/Admin(config)# class-map type rtsp loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-rtsp-lb)# 100 match rtsp url .*.wmv host1/Admin(config-cmap-rtsp-lb)# 200 match rtsp url .*.mpg To remove a URL match statement from the L7SLBCLASS class map, enter: host1/Admin(config-cmap-rtsp-lb)# no 100 Related Commands (config-cmap-sip-lb) description2-570 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map RTSP Load Balancing Configuration Mode Commands (config-cmap-rtsp-lb) match source-address To configure the class map to make RTSP SLB decisions based on a client source IP address, use the match source-address command. Use the no form of this command to remove the source IP address match statement from the class map. [line_number] match source-address ip_address [netmask] no [line_number] match source-address ip_address [netmask] Syntax Description Command Modes Class map RTSP load balancing configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify that the class map match on source IP address 192.168.11.2 255.255.255.0, enter: host1/Admin(config)# class-map type rtsp loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-rtsp-lb)# 50 match source-address 192.168.11.2 255.255.255.0 To remove the source IP address match statement from the class map, enter: line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. Yo u ca n e n ter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.2). netmask (Optional) Subnet mask of the IP address. Enter the netmask in dotted-decimal notation (for example, 255.255.255.0). The default is 255.255.255.255. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-571 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands host1/Admin(config-cmap-rtsp-lb)# no 50 Related Commands (config-cmap-sip-lb) description Class Map SIP Inspection Configuration Mode Commands SIP inspection configuration mode commands allow you to create a Layer 7 SIP inspection class map. The ACE uses class maps to filter SIP traffic based on a variety of parameters such as, called party, calling party, and media type. To create this class map and access class map SIP inspection configuration mode, use the class-map type sip inspect command. The prompt changes to (config-cmap-sip-insp). Use the no form of this command to remove the SIP inspection class map from the ACE. class-map type sip inspect [match-all | match-any] map_name no class-map type sip inspect [match-all | match-any] map_name Syntax Description Command Modes Configuration mode match-all | match-any (Optional) Determines how the ACE performs the inspection of SIP traffic when multiple match criteria exist in a class map. The class map is considered a match if the match commands meet one of the following conditions: • match-all —(Default) Network traffic needs to satisfy all of the match criteria (implicit AND) to match the Layer 7 SIP inspection class map. The match-all keyword is applicable only for match statements of different SIP inspection types. For example, specifying a match-all condition for SIP URI, SIP header, and SIP content statements in the same class map is valid. However, specifying a match-all condition for multiple SIP headers with the same names or multiple URLs in the same class map is invalid. • match-any—Network traffic needs to satisfy only one of the match criteria (implicit OR) to match the Layer 7 SIP inspection class map. The match-any keyword is applicable only for match statements of the same Layer 7 SIP inspection type. For example, the ACE allows you to specify a match-any condition for SIP URI, SIP header, and SIP content statements in the same class map and allows you to specify a match-any condition for multiple URLs, multiple SIP headers, or multiple SIP content statements in the same class map as long as the statements are logical. For example, you could not have two match uri sip length statements in the same class map, but you could have one match uri sip length and one match uri tel length statement in one class map. map_name Name assigned to the class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-572 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Admin and user contexts Command History Usage Guidelines To classify the SIP application inspection of traffic for evaluation by the ACE, include one or more of the following commands to configure the match criteria for the Layer 7 class map: • (config-cmap-sip-insp) match called-party • (config-cmap-sip-insp) match calling-party • (config-cmap-sip-insp) match content • (config-cmap-sip-insp) match im-subscriber • (config-cmap-sip-insp) match message-path • (config-cmap-sip-insp) match request-method • (config-cmap-sip-insp) match third-party registration • (config-cmap-sip-insp) match uri You may include multiple match commands in the class map. Examples To specify SIP_INSPECT_L7CLASS as the name of a class map and identify that all commands in the Layer 7 SIP application inspection class map must be satisfied for the ACE to indicate a match, enter: (config)# class-map type sip inspect match-all SIP_INSPECT_L7CLASS host1/Admin(config-cmap-sip-insp)# match calling-id .*ABC123 host1/Admin(config-cmap-sip-insp)# match im-subscriber JOHN_Q_PUBLIC host1/Admin(config-cmap-sip-insp)# match content type sdp To remove the SIP inspection class map from the ACE, enter: (config)# no class-map type sip inspect match-any SIP_INSPECT_L7CLASS Related Commands (config) policy-map (config-cmap-sip-insp) description (config-cmap-sip-insp) description To provide a brief summary about the Layer 7 SIP inspection class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-573 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description to the SIP inspection class map, enter: host1/Admin(config-cmap-sip-insp)# description SIP inspection class map To remove the description from the class map, enter: host1/Admin(config-cmap-sip-insp)# no description Related Commands This command has no related commands. (config-cmap-sip-insp) match called-party To filter SIP traffic based on the called party, use the match called-party command. Use the no form of this command to remove the match statement from the class map. [line_number] match called-party expression no [line_number] match called-party expression text Description about the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-574 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History Usage Guidelines You can filter SIP traffic based on the called party (callee or destination) as specified in the URI of the SIP To header. The ACE does not include the display name or tag part of the field. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. Table 1-9 lists the supported characters that you can use in regular expressions. Examples To identify the called party in the SIP To header, enter: host1/Admin(config-cmap-sip-insp)# match called-party sip:some-user@somenetwork.com To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match called-party sip:some-user@somenetwork.com Related Commands (config-cmap-sip-insp) match calling-party (config-cmap-sip-insp) match content (config-cmap-sip-insp) match im-subscriber (config-cmap-sip-insp) match message-path (config-cmap-sip-insp) match request-method (config-cmap-sip-insp) match third-party registration (config-cmap-sip-insp) match uri [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression Calling party in the URI of the To header. Enter a regular expression from 1 to 255 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-575 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands (config-cmap-sip-insp) match calling-party To filter SIP traffic based on the calling party, use the match calling-party command. Use the no form of this command to remove the description from the class map. [line_number] match calling-party expression no [line_number] match calling-party expression Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History Usage Guidelines You can filter SIP traffic based on the calling party (caller or source) as specified in the URI of the SIP From header. The ACE does not include the display name or tag part of the field. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-9 for a list of the supported characters that you can use in regular expressions. Examples To identify the calling party in the SIP From header, enter: host1/Admin(config-cmap-sip-insp)# match calling-party sip:this-user@thisnetwork.com;tag=745g8 [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression Calling party in the URI of the SIP From header. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-576 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match calling-party sip:this-user@thisnetwork.com;tag=745g8 Related Commands (config-cmap-sip-insp) match called-party (config-cmap-sip-insp) match content (config-cmap-sip-insp) match im-subscriber (config-cmap-sip-insp) match message-path (config-cmap-sip-insp) match request-method (config-cmap-sip-insp) match third-party registration (config-cmap-sip-insp) match uri2-577 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands (config-cmap-sip-insp) match content To define SIP content checks, use the match content command. Use the no form of this command to remove the match statement from the class map. [line_number] match content {length gt number} | {type sdp | expression} no [line_number] match content {length gt number} | {type sdp | expression} Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. length Specifies the SIP message body length. gt Greater than operator. number Maximum size of a SIP message body that the ACE allows. Enter an integer from 0 to 65534 bytes. If the message body is greater than the configured value, the ACE performs the action that you configure in the policy map. type Specifies a content type check. sdp Specifies that the traffic must be of type Session Description Protocol (SDP) to match the class map. expression Regular expression that identifies the content type in the SIP message body that is required to match the class map. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. See Table 1-9 for a list of the supported characters that you can use in regular expressions. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-578 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Usage Guidelines You can configure the ACE to perform SIP content checks based on the content length or content type. By default, the ACE allows all content types. Examples To configure the ACE to drop SIP packets that have content with a length greater than 4000 bytes in length, enter: host1/Admin(config)# class-map type sip inspect match-all SIP_INSP_CLASS host1/Admin(config-cmap-sip-insp)# match content length gt 200 host1/Admin(config)# policy-map type sip inspect all-match SIP_INSP_POLICY host1/Admin(config-pmap-ins-sip)# class SIP_INSP_CLASS host1/Admin(config-pmap-ins-sip-c)# deny To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match content length gt 200 Related Commands (config-cmap-sip-insp) match called-party (config-cmap-sip-insp) match calling-party (config-cmap-sip-insp) match im-subscriber (config-cmap-sip-insp) match message-path (config-cmap-sip-insp) match request-method (config-cmap-sip-insp) match third-party registration (config-cmap-sip-insp) match uri (config-cmap-sip-insp) match im-subscriber To filter SIP traffic based on the Instant Messaging (IM) subscriber, use the match im-subscriber command. Use the no form of this command to remove the description from the class map. [line_number] match im-subscriber expression no [line_number] match im-subscriber expression Syntax Description [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression Calling party. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. 2-579 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History Usage Guidelines The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-9 for a list of the supported characters that you can use in regular expressions. Examples To filter SIP traffic based on the IM subscriber, John Q. Public, enter: host1/Admin(config-cmap-sip-insp)# match im-subscriber John_Q_Public To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match im-subscriber John_Q_Public Related Commands (config-cmap-sip-insp) match called-party (config-cmap-sip-insp) match calling-party (config-cmap-sip-insp) match content (config-cmap-sip-insp) match message-path (config-cmap-sip-insp) match request-method (config-cmap-sip-insp) match third-party registration (config-cmap-sip-insp) match uri (config-cmap-sip-insp) match message-path To filter SIP traffic based on the message path, use the match message-path command. Use the no form of this command to remove the match statement from the class map. [line_number] match message-path expression no [line_number] match message-path expression ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-580 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History Usage Guidelines SIP inspection allows you to filter messages coming from or transiting through certain SIP proxy servers. The ACE maintains a list of unauthorized SIP proxy IP addresses or URIs in the form of regular expressions and then checks this list against the VIA header field in each SIP packet. The default action is to drop SIP packets with VIA fields that match the regex list. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-9 for a list of the supported characters that you can use in regular expressions. Examples To filter SIP traffic based on the message path 192.168.12.3:5060, enter: host1/Admin(config-cmap-sip-insp)# match message-path 192.168.12.3:5060 To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match message-path 192.168.12.3:5060 Related Commands (config-cmap-sip-insp) match called-party (config-cmap-sip-insp) match calling-party (config-cmap-sip-insp) match content (config-cmap-sip-insp) match im-subscriber [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression SIP proxy server. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-581 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands (config-cmap-sip-insp) match request-method (config-cmap-sip-insp) match third-party registration (config-cmap-sip-insp) match uri2-582 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands (config-cmap-sip-insp) match request-method To filter SIP traffic based on the request method, use the match request-method command. Use the no form of this command to remove the description from the class map. [line_number] match request-method method_name no [line_number] match request-method method_name Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. method_name Supported SIP method that uses one of the following keywords: • ack • bye • cancel • info • invite • message • notify • options • prack • refer • register • subscribe • unknown • update Use the unknown keyword to permit or deny unknown or unsupported SIP methods.2-583 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Command History Usage Guidelines This command has no usage guidelines. Examples To filter SIP traffic based on the INVITE request method, enter: host1/Admin(config-cmap-sip-insp)# match request-method invite To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match request-method invite Related Commands (config-cmap-sip-insp) match called-party (config-cmap-sip-insp) match calling-party (config-cmap-sip-insp) match content (config-cmap-sip-insp) match im-subscriber (config-cmap-sip-insp) match message-path (config-cmap-sip-insp) match third-party registration (config-cmap-sip-insp) match uri (config-cmap-sip-insp) match third-party registration To filter SIP traffic based on third-party registrations or deregistrations, use the match third-party-registration command. Use the no form of this command to remove the match statement from the class map. [line_number] match third-party registration expression no [line_number] match third-party registration expression ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-584 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History Usage Guidelines SIP allows users to register other users on their behalf by sending REGISTER messages with different values in the From and To header fields. This process may pose a security threat if the REGISTER message is actually a DEREGISTER message. A malicious user could cause a Denial of Service (DoS) attack by deregistering all users on their behalf. To prevent this security threat, the ACE administrator can specify a list of privileged users who can register or unregister someone else on their behalf. The ACE maintains the list as a regex table. If you configure this policy, the ACE drops REGISTER messages with mismatched From and To headers and a From header value that does not match any of the privileged user IDs. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-9 for a list of the supported characters that you can use in regular expressions. Examples To filter SIP traffic based on SIP registrations or deregistrations, enter: host1/Admin(config-cmap-sip-insp)# match third-party-registration USER1 To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match third-party-registration USER1 [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. expression Privileged user that is authorized for third-party registrations. Enter a regular expression from 1 to 255 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-585 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Inspection Configuration Mode Commands Related Commands (config-cmap-sip-insp) match called-party (config-cmap-sip-insp) match calling-party (config-cmap-sip-insp) match content (config-cmap-sip-insp) match im-subscriber (config-cmap-sip-insp) match message-path (config-cmap-sip-insp) match request-method (config-cmap-sip-insp) match uri (config-cmap-sip-insp) match uri To filter SIP traffic based on URIs, use the match uri command. Use the no form of this command to remove the match statement from the class map. [line_number] match uri {sip | tel} length gt value no [line_number] match uri {sip | tel} length gt value Syntax Description Command Modes Class map SIP inspection configuration mode Admin and user contexts Command History [line_number] (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate a priority for the match statements. sip Specifies that the ACE validates the length of a SIP URI. tel Specifies that the ACE validates the length of a Tel URI. length Specifies the length of the SIP or Tel URI. gt Specifies the greater than operator. value Maximum value for the length of the SIP URI or Tel URI in bytes. Enter an integer from 0 to 254 bytes. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-586 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands Usage Guidelines You can configure the ACE to validate the length of SIP URIs or Tel URIs. A SIP URI is a user identifier that a calling party (source) uses to contact the called party (destination). A Tel URI is a telephone number that identifies the endpoint of a SIP connection. For more information about SIP URIs and Tel URIs, see RFC 2534 and RFC 3966, respectively. Examples To instruct the ACE to filter traffic based on SIP URIs, enter: host1/Admin(config-cmap-sip-insp)# match uri sip length gt 100 To remove the match statement from the class map, enter: host1/Admin(config-cmap-sip-insp)# no match uri sip length gt 100 Related Commands (config-cmap-sip-insp) match called-party (config-cmap-sip-insp) match calling-party (config-cmap-sip-insp) match content (config-cmap-sip-insp) match im-subscriber (config-cmap-sip-insp) match message-path (config-cmap-sip-insp) match request-method (config-cmap-sip-insp) match third-party registration Class Map SIP Load Balancing Configuration Mode Commands Class map SIP load balancing configuration mode commands allow you to create a Layer 7 SIP server load-balancing class map. To create a SIP load-balancing class map and access class map SIP load balancing configuration mode, use the class-map type sip loadbalance command. The prompt changes to (config-cmap-sip-lb). Use the no form of this command to remove a SIP load-balancing class map from the configuration. class-map type sip loadbalance [match-all | match-any] map_name no class-map type sip loadbalance [match-all | match-any] map_name Syntax Description Command Modes Configuration mode Admin and user contexts match-all | match-any (Optional) Determines how the ACE evaluates SIP network traffic when multiple match criteria exist in a class map. • match-all—(Default) Network traffic needs to satisfy all of the match criteria (implicit AND) to match the SIP load-balancing class map. • match-any—Network traffic needs to satisfy only one of the match criteria (implicit OR) to match the SIP load-balancing class map. map_name Unique identifier assigned to the SIP load-balancing class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-587 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands Command History Usage Guidelines This command has no usage guidelines. Examples To create a class map named SIP_L7_CLASS, enter: host1/Admin(config)# class-map type sip loadbalance match-any SIP_L7_CLASS host1/Admin(config-cmap-sip-lb)# To remove the SIP load-balancing class map from the configuration, enter: host1/Admin(config)# no class-map type sip loadbalance match-any SIP_L7_CLASS Related Commands (config) class-map (config-cmap-sip-lb) description ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-588 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands (config-cmap-sip-lb) description To provide a brief description of the SIP load-balancing class map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Class map SIP load balancing configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the SIP load-balancing class map, enter: host1/Admin(config)# class-map type sip loadbalance match-any SIP_L7_CLASS host1/Admin(config-cmap-sip-lb)# description SIP CLASS MAP To remove the description from a SIP load-balancing class map, enter: host1/Admin(config-cmap-sip-lb)# no description Related Commands This command has no related commands. text Description of the class map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-589 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands (config-cmap-sip-lb) match class-map The nesting of class maps allows you to achieve complex logical expressions for Layer 7 server load balancing. To identify one SIP load-balancing class map as a matching criterion for another SIP load-balancing class map, use the match class-map command. Use the no form of this command to remove the nested class map from a SIP load-balancing class map. [line_number] match class-map name no [line_number] match class-map name Syntax Description Command Modes Class map SIP load balancing configuration mode Admin and user contexts Command History Usage Guidelines The match class-map command allows you to combine the use of the match-any and match-all keywords in the same class map. To combine match-all and match-any characteristics in a class map, create a class map that uses one match command (either match-any or match-all) and then use this class map as a match statement in a second class map that uses the other match type. The ACE restricts the nesting of class maps to two levels to prevent you from including a nested class map under another class map. Examples To combine the characteristics of two class maps, one with match-any and one with match-all characteristics, into a single class map, enter: host1/Admin(config)# class-map type sip loadbalance match-any CLASS3 line_number (Optional) Line number that allows you to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. name Name of an existing SIP load-balancing class map. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-590 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands host1/Admin(config-cmap-sip-lb)# 200 match sip header Host header-value XYZ host1/Admin(config-cmap-sip-lb)# exit host1/Admin(config)# class-map type sip loadbalance match-all CLASS4 host1/Admin(config-cmap-sip-lb)# 10 match class-map CLASS3 host1/Admin(config-cmap-sip-lb)# 20 match source-address 192.168.11.2 host1/Admin(config-cmap-sip-lb)# exit To remove the nested class map from the SIP class map, enter: host1/Admin(config)# class-map type sip loadbalance match-all CLASS4 host1/Admin(config-cmap-sip-lb)# no 10 Related Commands (config-cmap-sip-lb) description (config-cmap-sip-lb) match sip header To configure a class map to make SIP SLB decisions based on the name and value of a SIP header, use the match sip header command. Use the no form of this command to remove a SIP header match statement from the SIP load-balancing class map. [line_number] match sip header name header-value expression no [line_number] match sip header name header-value expression Syntax Description line_number (Optional) Line number that you can use to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. 2-591 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands Command Modes Class map SIP load balancing configuration mode Admin and user contexts Command History Usage Guidelines The ACE can perform regular expression matching against the received packet data from a particular connection based on the SIP header expression. You can configure a maximum of nine SIP header field names per class map (the ACE always parses Call-ID). When the ACE receives a SIP session request, the load-balancing decision is based on the first request message. All subsequent request and response message exchanges (with the same Call-ID) are forwarded to the same server. For this reason, when you configure header match criteria, ensure that the header is included in the first request message. Table 1-11 lists the standard SIP header fields. name Name of the field in the SIP header. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks (“ ”). You can enter any header field name, including a standard SIP header field name or any user-defined header field name. For a list of standard SIP header field names, see Table 1-11. Because SIP is similar to HTTP/1.1, you can use any HTTP header listed in Table 1-10 if the SIP server supports it. For a complete list of SIP headers, see RFC 3261. header-value expression Header value expression string to compare against the value in the specified field in the SIP header. Enter a text string with a maximum of 255 alphanumeric characters. The ACE supports the use of regular expressions for header matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the entire string that contains spaces is quoted. If you use a match-all class map, all headers in the header map must be matched. For a list of the supported characters that you can use in regular expressions, see Table 1-9. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. Ta b l e 1-11 Standard SIP Header Fields Field Name Description Call-ID Unique identifier that groups together a series of messages in a call. Contact SIP URI that can be used to contact the user agent. From Initiator of the SIP request, the source.2-592 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands Examples To configure a SIP load-balancing class map to load balance based on a SIP header named Session, enter: host1/Admin(config)# class-map type sip loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-sip-lb)# 10 match sip header Session header-value abc123 To configure a SIP load-balancing class map to load balance based on a SIP header named Via, enter: host1/Admin(config)# class-map type sip loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-sip-lb)# 20 match sip header Via header-value 192.* To configure a SIP load-balancing class map to emulate a wildcard search to match the header value expression string, enter: host1/Admin(config)# class-map type sip loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-sip-lb)# 30 match sip header To header-value .*@cisco.com host1/Admin(config-cmap-sip-lb)# 40 match sip header To header-value .*@linksys.com To remove SIP header match criteria from the L7SLBCLASS class map, enter: host1/Admin(config-cmap-sip-lb)# no 10 host1/Admin(config-cmap-sip-lb)# no 20 Related Commands (config-cmap-sip-lb) description To Desired recipient of the SIP request, the destination. Via Transport used for the transaction and where the response should be sent. Table 1-11 Standard SIP Header Fields (continued) Field Name Description2-593 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands (config-cmap-sip-lb) match source-address To configure the class map to make SIP SLB decisions based on a client source IP address, use the match source-address command. Use the no form of this command to remove the source IP address match statement from the class map. [line_number] match source-address ip_address [netmask] no [line_number] match source-address ip_address [netmask] Syntax Description Command Modes Class map SIP load balancing configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify that the SIP load-balancing class map match on source IP address 192.168.11.2 255.255.255.0, enter: host1/Admin(config)# class-map type sip loadbalance match-any L7SLBCLASS host1/Admin(config-cmap-sip-lb)# 50 match source-address 192.168.11.2 255.255.255.0 To remove the source IP address match statement from the class map, enter: line_number (Optional) Line number that you can use to edit or delete individual match commands. • For the ACE module, enter an integer from 1 to 1024 as the line number. • For the ACE appliance, enter an integer from 2 to 1024 as the line number. You can enter no line_number to delete long match commands instead of entering the entire line. The line numbers do not indicate any priority for the match statements. ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.2). netmask (Optional) Subnet mask of the IP address. Enter the netmask in dotted-decimal notation (for example, 255.255.255.0). The default is 255.255.255.255. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-594 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Class Map SIP Load Balancing Configuration Mode Commands host1/Admin(config-cmap-sip-lb)# no 50 Related Commands (config-cmap-sip-lb) description2-595 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Console Configuration Mode Commands Console Configuration Mode Commands (ACE module only) Console configuration mode commands allow you to configure the console interface settings. To access console configuration mode, use the line console command in configuration mode. The CLI prompt changes to (config-console). For information about the commands in console configuration mode, see the commands in this section. Use the no form of the line console command to reset the console configuration mode parameters to their default settings. line console no line console Syntax Description There are no keywords or arguments for this command. Command Modes Configuration mode Admin context only Command History Usage Guidelines All commands in this mode require the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The console port is an asynchronous serial port on the Catalyst 6500 series switch that enables the ACE to be set up for initial configuration through a standard RS-232 port with an RJ-45 connector. Any device connected to this port must be capable of asynchronous transmission. Connection to a terminal requires a terminal emulator to be configured at 9600 baud, 8 data bits, 1 stop bit, and no parity. Examples To enter console configuration mode, enter: host1/Admin(config)# line console host1/Admin(config-console)# Related Commands clear line show line ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-596 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Console Configuration Mode Commands (config-console) databits (ACE module only) To specify the number of data bits per character, use the databits command. Use the no form of this command to revert to the default setting of 8 data bits. databits number no databits number Syntax Description Command Modes Console configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To set the number of data bits per character to 6, enter: host1/Admin# config Enter configuration commands, one per line. End with CNTL/Z host1/Admin(config)# host1/Admin(config)# line console host1/Admin(config-console)# databits 6 Related Commands clear line show line (config) line console number Number of data bits per character. Enter an integer from 5 to 8. The default is 8 data bits. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-597 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Console Configuration Mode Commands (config-console) parity (ACE module only) To set the parity for the console connection, use the parity command. Use the no form of this command to revert to the default setting of none. parity {even | odd | none} no parity {even | odd | none} Syntax Description Command Modes Console configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To set the parity for the console connection to even, enter: host1/Admin# config Enter configuration commands, one per line. End with CNTL/Z host1/Admin(config)# host1/Admin(config)# line console host1/Admin(config-console)# parity even Related Commands clear line show line (config) line console even Sets the parity for the console connection to even. odd Sets the parity for the console connection to odd. none Sets the parity for the console connection to none. This is the default setting. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-598 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Console Configuration Mode Commands (config-console) speed (ACE module only) To set the transmit and receive speeds for the serial console, use the speed command. Use the no form of this command to revert to the default setting of 9600 baud. speed baud_rate no speed baud_rate Syntax Description Command Modes Console configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To set the transmit and receive speeds for the serial console to 19,200 baud, enter: host1/Admin# config Enter configuration commands, one per line. End with CNTL/Z host1/Admin(config)# host1/Admin(config)# line console host1/Admin(config-console)# speed 19200 Related Commands clear line show line (config) line console baud_rate Transmit and receive speeds. Enter an integer between 110 and 115200 baud (110, 150, 300, 600, 1200, 2400, 4800, 9600, 19200, 28800, 38400, 57600, or 115200). The default is 9600 baud. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-599 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Console Configuration Mode Commands (config-console) stopbits (ACE module only) To set the number of stop bits for the console connection, use the stopbits command. Use the no form of this command to revert to the default setting of 1 stop bit. stopbits {1 | 2} no stopbits {1 | 2} Syntax Description Command Modes Console configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To set the number of stop bits, enter: host1/Admin(config)# line console host1/Admin(config-console)# stopbits 2 Related Commands clear line show line (config) line console 1 Sets the stop bit to 1. The default is 1 stop bit. 2 Sets the stop bit to 2. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-600 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Context Configuration Mode Commands Context Configuration Mode Commands Context configuration mode commands allow you to configure attributes of virtual contexts. Each context that you create behaves like an independent device with its own policies, interfaces, domains, server farms, real servers, and administrators. Each context, including the Admin context, has its own configuration file and local user database that are stored in the local disk partition in flash memory or that can be downloaded from an FTP, TFTP, or HTTP(S) server. The startup-config for each context is stored as the startup configuration file in flash memory. In the Admin context, use the changeto command in Exec mode or the do changeto command in any configuration mode to move between contexts. Only users authenticated in the Admin context can use the changeto command. Other users that are authorized for more than one context must explicitly log in to each context. To create a context and access context configuration mode, use the context command in configuration mode. The CLI prompt changes to (config-context). For information about the commands in context configuration mode, see the commands in this section. Use the no form of this command to remove a context from the configuration. context name no context name Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines All commands in this mode require the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a context named C1 and access context configuration mode, enter: host1/Admin(config)# context C1 host1/Admin(config-context)# name Unique identifier of a virtual context. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-601 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Context Configuration Mode Commands To delete the C1 context, enter: host1/Admin(config)# no context C1 Related Commands show context show running-config (config-context) allocate-interface To assign one or more VLAN interfaces to the context, use the allocate-interface command. Use the no form of this command to remove the VLAN from the context configuration. allocate-interface vlan number_id no allocate-interface vlan number_id Syntax Description Command Modes Context configuration mode Admin context only Command History Usage Guidelines After you allocate the interface to a user context, you can configure the interface in that context. When a VLAN is shared in multiple contexts, the interfaces must be on the same subnet. However, the interfaces that share the VLANs will have different MAC addresses. These different MAC addresses on the same VLAN classify traffic on multiple contexts. No routing can occur across contexts even if you configure shared VLANs. The ACE allows you to configure one or more VLAN interfaces in any user context before you assign those VLAN interfaces to the associated user contexts through the allocate-interface vlan command in the Admin context. For more information about assigning interfaces to the ACE, see the Routing and Bridging Guide, Cisco ACE Application Control Engine. You cannot deallocate a VLAN from a user context if the VLAN is currently in use on that context. vlan number_id Identifies the VLAN to assign to the user context. For the number_id argument, enter the number of an existing VLAN that you want to assign to the context as an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-602 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Context Configuration Mode Commands Examples To allocate the VLAN interface identified as 100 to the currently active context, enter: host1/Admin(config-context)# allocate-interface vlan 100 Related Commands show context (config) interface (ACE module only) (config) hw-module2-603 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Context Configuration Mode Commands (config-context) description To enter a description for a user context, use the description command. Use the no form of this command to remove the context description from the configuration. description text no description Syntax Description Command Modes Context configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To provide a description of a user context, enter: host1/Admin(config-context)# description context for accounting users Related Commands show context text Description for the user context. Enter a description as an unquoted text string with a maximum of 240 characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-604 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Context Configuration Mode Commands (config-context) member To associate a context with a resource class, use the member command. Use the no form of this command to remove a context from a resource class. member class no member class Syntax Description Command Modes Context configuration mode Admin context only Command History Usage Guidelines You can associate a context with only one resource class. If you do not explicitly associate a context with a resource class, the ACE associates the context with the default resource class. Examples To disassociate a context from a resource class, enter: host1/Admin(config-context)# no member RC1 Related Commands show context (config) resource-class class Name of an existing resource class. Enter the class name as an unquoted text string with a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-605 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands CSR Parameters Configuration Mode Commands CSR parameters configuration mode commands allow you to define the distinguished name attributes for a Certificate Signing Request (CSR) parameter set. The ACE applies the CSR parameter set attributes during the CSR-generating process. The distinguished name attributes provide the Certificate Authority (CA) with the information that it needs to authenticate your site. The CA then applies the information that you provide in the CSR parameter set to your Secure Sockets Layer (SSL) certificate. Creating a CSR parameter set allows you to generate multiple CSRs with the same distinguished name attributes. To create a new CSR parameter set (or modify an existing CSR parameter set) and access the CSR parameters configuration mode, use the crypto csr-params command. The CLI prompt changes to (config-csr-params). Use the no form of this command to remove an existing CSR parameter set. crypto csr-params csr_param_name no crypto csr-params csr_param_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you specify a CSR parameter set, you define the following distinguished name attributes: • Common name—See the (config-csr-params) common-name command. This distinguished name attribute is required. • Country name—See the (config-csr-params) country command. This distinguished name attribute is required. • E-mail address—See the (config-csr-params) email command. • Locality—See the (config-csr-params) locality command. • Organization name (certificate subject)—See the (config-csr-params) organization-name command. • Organization unit—See the (config-csr-params) organization-unit command. • Serial number—See the (config-csr-params) serial-number command. This distinguished name attribute is required. csr_param_name Name that designates a CSR parameter set. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-606 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands • State—See the (config-csr-params) state command. This distinguished name attribute is required. If you do not define the required distinguished name attributes, the ACE displays an error message when you attempt top generate a CSR using the CSR parameter set. You can create up to eight CSR parameter sets per context. To generate a Certificate Signing Request (CSR) file using the CSR parameter set, use the crypto generate csr command in the Exec mode. Examples To create the CSR parameter set CSR_PARAMS_1, enter: host1/Admin(config)# crypto csr-params CSR_PARAMS_1 host1/Admin(config-csr-params) Related Commands crypto generate csr (config-csr-params) common-name (config-csr-params) country (config-csr-params) email (config-csr-params) locality (config-csr-params) organization-name (config-csr-params) organization-unit (config-csr-params) serial-number (config-csr-params) state (config-csr-params) common-name To define the common name parameter in the Certificate Signing Request (CSR) parameter set, use the common-name command. Use the no form of this command to delete an existing common name from the CSR parameter set. common-name name no common-name Syntax Description Command Modes CSR parameters configuration mode Command History name Name that designates the common name in a CSR parameter set. Enter the common name as an unquoted alphanumeric string with no spaces or a quoted string with spaces and a maximum of 64 characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-607 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands Usage Guidelines The common name is a required distinguished name attribute. If you do not configure this attribute (and all other required attributes), the ACE displays an error message when you try to generate a CSR using the CSR parameter set. The common name should be the domain name or individual hostname of the Secure Sockets Layer (SSL) site. Examples To specify the common name WWW.ABC123.COM, enter: host1/Admin(config-csr-params)# common-name WWW.ABS123.COM Related Commands (config) crypto csr-params (config-csr-params) country (config-csr-params) email (config-csr-params) locality (config-csr-params) organization-name (config-csr-params) organization-unit (config-csr-params) serial-number (config-csr-params) state (config-csr-params) country To define the country name parameter in the Certificate Signing Request (CSR) parameter set, use the country command. Use the no form of this command to delete an existing country name from the CSR parameter set. country name no country Syntax Description Command Modes CSR parameters configuration mode Command History name Name of the country where the Secure Sockets Layer (SSL) site resides. Enter the country name as an alphanumeric string from 1 to 2 characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-608 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands Usage Guidelines The country name is a required distinguished name attribute. If you do not configure this attribute (and all other required attributes), the ACE displays an error message when you try to generate a CSR using the CSR parameter set. Examples To specify the country US (United States), enter: host1/Admin(config-csr-params)# country US Related Commands (config) crypto csr-params (config-csr-params) common-name (config-csr-params) email (config-csr-params) locality (config-csr-params) organization-name (config-csr-params) organization-unit (config-csr-params) serial-number (config-csr-params) state (config-csr-params) email To define the e-mail address parameter in the Certificate Signing Request (CSR) parameter set, use the email command. Use the no form of this command to delete an existing e-mail address from the CSR parameter set. email address no email Syntax Description Command Modes CSR parameters configuration mode Command History Usage Guidelines The e-mail address is an optional distinguished name attribute. address Address that designates the site e-mail address in a CSR parameter set. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-609 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands Examples To specify the e-mail address WEBADMIN@ABC123.COM, enter: host1/Admin(config-csr-params)# email WEBADMIN@ABC123.COM Related Commands (config) crypto csr-params (config-csr-params) common-name (config-csr-params) country (config-csr-params) locality (config-csr-params) organization-name (config-csr-params) organization-unit (config-csr-params) serial-number (config-csr-params) state (config-csr-params) locality To define the locality name parameter in the Certificate Signing Request (CSR) parameter set, use the locality command. Use the no form of this command to delete an existing locality from the CSR parameter set. locality name no locality Syntax Description Command Modes CSR parameters configuration mode Command History Usage Guidelines The locality name is an optional distinguished name attribute. Examples To specify the locality ATHENS, enter: host1/Admin(config-csr-params)# locality ATHENS name Name that designates the locality (a county, for example) in a CSR parameter set. Enter an unquoted text string with a maximum of 40 alphanumeric characters including spaces and the ampersand (&) character. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.2) The ampersand (&) character is supported. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The ampersand (&) character is supported.2-610 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands Related Commands (config) crypto csr-params (config-csr-params) common-name (config-csr-params) country (config-csr-params) email (config-csr-params) organization-name (config-csr-params) organization-unit (config-csr-params) serial-number (config-csr-params) state2-611 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands (config-csr-params) organization-name To define the organization name parameter in the Certificate Signing Request (CSR) parameter set, use the organization-name command. Use the no form of this command to delete an existing organization name from the CSR parameter set. organization-name name no organization-name Syntax Description Command Modes CSR parameters configuration mode Command History Usage Guidelines The organization name is an optional distinguished name attribute. Examples To specify the organization ABC123 SYSTEMS INC, enter: host1/Admin(config-csr-params)# organization-name ABC123 SYSTEMS INC Related Commands (config) crypto csr-params (config-csr-params) common-name (config-csr-params) country (config-csr-params) email (config-csr-params) locality (config-csr-params) organization-unit (config-csr-params) serial-number (config-csr-params) state name Name that designates the organization in a CSR parameter set. Enter the organization name as an unquoted alphanumeric string with a maximum of 64 characters including spaces. The ACE also supports the ampersand (&) character. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.2) The ampersand (&) character is supported. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The ampersand (&) character is supported.2-612 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands (config-csr-params) organization-unit To define the organization unit parameter in the Certificate Signing Request (CSR) parameter set, use the organization-unit command. Use the no form of this command to delete an existing organization unit from the CSR parameter set. organization-unit unit no organization-unit Syntax Description Command Modes CSR parameters configuration mode Command History Usage Guidelines The organization unit is an optional distinguished name attribute. Examples To specify the organization unit SSL ACCELERATOR, enter: host1/Admin(config-csr-params)# organization-unit SSL ACCELERATOR Related Commands (config) crypto csr-params (config-csr-params) common-name (config-csr-params) country (config-csr-params) email (config-csr-params) locality (config-csr-params) organization-name (config-csr-params) serial-number (config-csr-params) state unit Name that designates the unit (within an organization) in a CSR configuration file. Enter the organization unit as an unquoted alphanumeric string with a maximum of 64 characters including spaces. The ACE also supports the ampersand (&) character. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.2) The ampersand (&) character is supported. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The ampersand (&) character is supported.2-613 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands (config-csr-params) serial-number To define the serial number parameter in the Certificate Signing Request (CSR) parameter set, use the serial-number command. Use the no form of this command to delete an existing serial number from the CSR parameter set. serial-number number no serial-number Syntax Description Command Modes CSR parameters configuration mode Command History Usage Guidelines The serial number is a required distinguished name attribute. If you do not configure this attribute (and all other required attributes), the ACE displays an error message when you try to generate a CSR using the CSR parameter set. The CA may choose to overwrite the serial number that you provide with its own serial number. Examples To specify the serial number 1001, enter: (config-csr-params)# serial-number 1001 Related Commands (config) crypto csr-params (config-csr-params) common-name (config-csr-params) country (config-csr-params) email (config-csr-params) locality (config-csr-params) organization-name (config-csr-params) organization-unit (config-csr-params) state number Number that designates the serial number in a CSR parameter set. Enter the serial number as an alphanumeric string from 1 to 16 characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.2) The ampersand (&) character is supported. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The ampersand (&) character is supported.2-614 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands CSR Parameters Configuration Mode Commands (config-csr-params) state To define the state name parameter in the Certificate Signing Request (CSR) parameter set, use the state command. Use the no form of this command to delete an existing state name from the CSR parameter set. state name no state Syntax Description Command Modes CSR parameters configuration mode Command History Usage Guidelines The state name is a required distinguished name attribute. If you do not configure this attribute (and all other required attributes), the ACE displays an error message when you try to generate a CSR using the CSR parameter set. Examples To specify the state GA (Georgia), enter: host1/Admin(config-csr-params)# state GA Related Commands (config) crypto csr-params (config-csr-params) common-name (config-csr-params) country (config-csr-params) email (config-csr-params) locality (config-csr-params) organization-name (config-csr-params) organization-unit (config-csr-params) serial-number name Name that designates the state or province in a CSR configuration file. Enter an unquoted text string with a maximum of 40 alphanumeric characters including spaces. and the ampersand (&) character. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.2) The ampersand (&) character is supported. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The ampersand (&) character is supported.2-615 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands DCI Configuration Mode Commands DCI Configuration Mode Commands Data center interconnect (DCI) configuration mode commands allow you to create the local Nexus device and configure its attributes for the dynamic workload scaling (DWS) feature. To create a local Nexus device and access DCI configuration mode, use the nexus-device command in configuration mode. The CLI prompt changes to (config-dci). For information about the commands in DCI configuration mode, see the commands in this section. Use the no form of this command to remove the Nexus device from the configuration. nexus-device name no nexus-device name Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines All commands in this mode require the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Nexus device named DCI_DEVICE1 and access DCI configuration mode, enter: host1/Admin(config)# nexus-device DCI_DEVICE1 host1/Admin(config-dci)# To delete the DCI_DEVICE1 domain, enter: host1/Admin(config)# no nexus-device DCI_DEVICE1 Related Commands show nexus-device (config-dci) credentials (config-dci) ip-address name Identifier of the local Nexus device. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-616 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands DCI Configuration Mode Commands (config-dci) credentials To configure the login credentials that the ACE uses to access the local Nexus device (Nexus 7000 series switch) in a DWS configuration, use the credentials command. Use the no form of this command to remove the login credentials of the local Nexus device from the ACE configuration. credentials {username} {[encrypted] password} no credentials {username} {[encrypted] password} Syntax Description Command Modes DCI configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You must have either the vdc-admin or the network-admin user role on the Nexus 7000 to receive the Nexus 7000 output for the VM location information in XML format. Examples To configure the credentials, enter the following command: host1/Admin(config-dci)# credentials admin encrypted mydcipassphrase To remove the credentials of the Nexus device from the ACE configuration, enter the following command: host1/Admin(config-dci)# no credentials admin encrypted mydcipassphrase Related Commands show nexus-device (config-dci) ip-address username Username that the ACE uses to log in to the local Nexus device. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. encrypted (Optional) Specifies that the ACE encrypts the local Nexus device password. password Password that the ACE uses to access the local Nexus device. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. The password will not appear in the output of the show running-config command. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-617 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands DCI Configuration Mode Commands (config-dci) ip-address To configure the IP address of the local Nexus device (Nexus 7000 series switch) in a DWS configuration, use the ip-address command. Use the no form of this command to remove the IP address of the local Nexus device from the ACE configuration. ip-address ip_address no ip-address ip_address Syntax Description Command Modes DCI configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The IP address specified with this command is the IP address of the management interface of either the default VDC or the VDC in which the OTV configuration is deployed on the Nexus 7000 series switch. Examples To configure the IP address of the Nexus device, enter: host1/Admin(config-dci)# ip-address 192.168.12.15 Related Commands show nexus-device (config-dci) credentials ip_address Specifies the IP address of the local Nexus device. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-618 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Domain Configuration Mode Commands Domain Configuration Mode Commands Domain configuration mode commands allow you to determine a user’s domain (namespace in which the user operates). To create a domain and access domain configuration mode, use the domain command in configuration mode. The CLI prompt changes to (config-domain). For information about the commands in domain configuration mode, see the commands in this section. Use the no form of this command to remove a domain from the configuration. domain name no domain name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines All commands in this mode require the context Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A domain does not restrict the context configuration that you can display using the show running-config command. You can still display the running configuration for the entire context. However, you can restrict your access to the configurable objects within a context by adding to the domain only a limited subset of all the objects available to a context. To limit a user’s ability to manipulate the objects in a domain, you can assign a role to that user. For more information about domains and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can configure KAL-AP TAGs as domains. For the domain load calculation, the ACE considers the Layer 3 class map, server farm, and real server objects. All other objects under the domain are ignored during the calculation. Examples To create a domain named D1 and access domain configuration mode, enter: host1/Admin(config)# domain D1 host1/Admin(config-domain)# To delete the D1 domain, enter: host1/Admin(config)# no domain D1 name Unique identifier of a domain in a context. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-619 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Domain Configuration Mode Commands Related Commands show domain show running-config2-620 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Domain Configuration Mode Commands (config-domain) add-object To associate a configuration object with a domain, use the add-object command. Use the no form of this command to remove an object added to the domain. add-object {access-list {ethertype | extended} name | action-list name | all | class-map name | interface {bvi number | vlan number} | object-group name | parameter-map name | policy-map name | probe name | rserver name | script name | serverfarm name | sticky name} no add-object {access-list {ethertype | extended} name | action-list name | all | class-map name | interface {bvi number | vlan number} | object-group name | parameter-map name | policy-map name | probe name | rserver name | script name | serverfarm name | sticky name} Syntax Description Command Modes Domain configuration mode Admin and user contexts access-list Specifies an existing access control list that you want to associate with the domain. ethertype Specifies an existing EtherType access control list that you want to associate with the domain. extended Specifies an existing extended access control list that you want to associate with the domain. name Name of the access control list. action-list name Specifies an existing action list that you want to associate with the domain. all Specifies that all configuration objects in the context are added to the domain. class-map name Specifies an existing class map for flow classification that you want to associate with the domain. interface Specifies an existing interface—either a Bridge Group Virtual Interface or a VLAN—that you want to associate with the domain. bvi number Specifies the existing Bridge Group Virtual Interface that you want to associate with the domain. Enter an integer from 1 to 4094. vlan number Specifies the existing VLAN that you want to associate with the domain. Enter an integer from 2 to 4094. object-group name Specifies an existing object group that you want to associate with the domain. parameter-map name Specifies an existing parameter map that you want to associate with the domain. policy-map name Specifies an existing policy map that you want to associate with the domain. probe name Specifies an existing real server probe (keepalive) that you want to associate with the domain. rserver name Specifies an existing real server that you want to associate with the domain. script name Specifies an existing script file (created with the ACE TCL scripting language) that you want to associate with the domain. serverfarm name Specifies an existing server farm that you want to associate with the domain. sticky name Specifies an existing sticky group that you want to associate with the domain to maintain persistence with a server.2-621 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Domain Configuration Mode Commands Command History Usage Guidelines This command has no usage guidelines. Examples To associate an interface called VLAN 10 with a domain, enter: host1/Admin(config-domain)# add-object interface vlan 10 Related Commands show domain ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-622 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Group Configuration Mode Commands FT Group Configuration Mode Commands FT group configuration mode commands allow you to configure fault-tolerant (FT) groups that consist of two contexts, each residing on a different ACE. FT groups are part of the ACE redundancy feature. For details about redundancy, see the Virtualization Guide, Cisco ACE Application Control Engine. To create an FT group and access the FT group configuration mode, use the ft group command in configuration mode. The CLI prompt changes to (config-ft-group). For information about the commands in FT group configuration mode, see the commands in this section. Use the no form of this command to remove an FT group from the configuration. ft group group_id no ft group group_id Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines All commands in this mode require the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create an FT group with a group ID of 1 and access ft-group configuration mode, enter: host1/Admin(config)# ft group 1 host1/Admin(config-ft-group)# To delete the FT group, enter: host1/Admin(config)# no ft group 1 Related Commands show ft show running-config group_id Unique identifier of an FT group. Enter an integer from 1 to 255. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-623 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Group Configuration Mode Commands (config-ft-group) associate-context To associate a context with a fault-tolerant (FT) group, use the associate-context command. You need to make this association for each of the two redundant contexts in an FT group. Use the no form of this command to remove a context from an FT group. associate-context name no associate-context name Syntax Description Command Modes FT group configuration mode Admin context only Command History Usage Guidelines Before you can remove a context from an FT group, you must first take the group out of service using the no inservice command. See the (config-ft-group) inservice command. Examples To associate a context with an FT group, enter: host1/Admin(config-ft-group)# associate-context C1 Related Commands show ft (config) context name Identifier of the context that you want to associate with the FT group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-624 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Group Configuration Mode Commands (config-ft-group) inservice To place a fault-tolerant (FT) group in service, use the inservice command. Use the no form of this command to take the FT group out of service. inservice no inservice Syntax Description This command has no keywords or arguments. Command Modes FT group configuration mode Admin context only Command History Usage Guidelines Before you place an FT group in service, be sure that you have associated one or two contexts with the FT group and properly configured the two peers. Examples To place an FT group in service, enter: host1/Admin(config-ft-group)# inservice Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-625 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Group Configuration Mode Commands (config-ft-group) peer To associate a peer ACE with a fault-tolerant (FT) group, use the peer command. Use the no form of this command to remove the peer association with the FT group. peer peer_id no peer peer_id Syntax Description Command Modes FT group configuration mode Admin context only Command History Usage Guidelines The peer designation is used to denote the remote standby member of the FT group. A context in a redundant configuration can have only one peer context. Examples To associate a peer ACE with an FT group, enter: host1/Admin(config-ft-group)# peer 1 Related Commands show ft (config) ft peer peer_id Identifier of an existing peer ACE. Enter 1 for the peer ID. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-626 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Group Configuration Mode Commands (config-ft-group) peer priority To configure the priority of a fault-tolerant (FT) group on the remote standby member, use the peer priority command. Use the no form of this command to restore the default priority of 100. peer priority number no peer priority number Syntax Description Command Modes FT group configuration mode Admin context only Command History Usage Guidelines Configure a lower priority on the FT group member (context) that you want as the standby member. Examples To configure the priority of the FT group on the standby ACE with a value of 50, enter: host1/Admin(config-ft-group)# peer priority 50 Related Commands (config-ft-group) peer (config-ft-group) preempt number Priority of the FT group on the standby member. Enter an integer from 1 to 255. The default is 100. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-627 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Group Configuration Mode Commands (config-ft-group) preempt To configure preemption after it has been disabled, use the preempt command. Use the no form of this command to disable preemption. preempt no preempt Syntax Description This command has no keywords or arguments. Command Modes FT group configuration mode Admin context only Command History Usage Guidelines Preemption ensures that the group member with the higher priority always asserts itself and becomes the active member. By default, preemption is enabled. If you disable preemption and a member with a higher priority is found after the other member has become active, the newly elected member becomes the standby member even though it has a higher priority. Examples To reenable preemption after its default setting was disabled, enter: host1/Admin(config-ft-group)# preempt Related Commands show ft (config-ft-group) priority ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-628 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Group Configuration Mode Commands (config-ft-group) priority To configure the priority of the active group member, use the priority command. Use the no form of this command to restore the default priority of 100. priority number no priority number Syntax Description Command Modes FT group configuration mode Admin context only Command History Usage Guidelines You must configure the priority of a group on both peer ACEs. Configure a higher priority for the group on the ACE where you want the active member to initially reside. Examples To set the priority of the FT group on the active member to a value of 150, enter: host1/Admin(config-ft-group)# priority 150 Related Commands show ft (config-ft-group) preempt number Priority number for the active group member. Enter an integer from 1 to 255. The default is 100. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-629 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Interface Configuration Mode Commands FT Interface Configuration Mode Commands FT interface configuration mode commands allows you to configure redundancy parameters for the fault-tolerant (FT) VLAN. The FT VLAN is a dedicated interface that the ACE uses exclusively for redundancy traffic (such as heartbeat, state, and replication packets). For more information about configuring redundancy on the ACE, see the Administration Guide, Cisco ACE Application Control Engine. To create an FT VLAN and access FT interface configuration mode, use the ft interface vlan command in configuration mode. The CLI prompt changes to (config-ft-intf). For information about the commands in FT interface configuration mode, see the following commands. Use the no form of this command to remove an FT VLAN from the redundancy configuration. ft interface vlan vlan_id no ft interface vlan vlan_id Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines All commands in this mode require the System feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To remove an FT VLAN from the redundancy configuration, first dissociate it from the FT peer using the no form of the (config-ft-peer) ft-interface vlan command and then enter the no ft interface vlan command in configuration mode. Examples To configure an FT VLAN and access FT group configuration mode, enter: host1/Admin(config)# ft interface vlan 4000 host1/Admin(config-ft-intf)# To delete the FT VLAN configuration, enter: host1/Admin(config)# no ft interface vlan 4000 vlan_id Identifier of an existing VLAN that you want to use as the FT VLAN. Enter an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-630 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Interface Configuration Mode Commands Related Commands show ft show interface show running-config (ACE module only) (config) hw-module (config-ft-peer) ft-interface vlan (config-ft-intf) ip To assign an IP address to the fault-tolerant (FT) VLAN, use the ip command. Use the no form of this command to remove the IP address from the configuration. ip address ip_address netmask no ip address ip_address netmask Syntax Description Command Modes FT interface configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To configure an IP address for the FT VLAN, enter: host1/Admin(config-ft-intf)# ip address 192.168.12.1 255.255.255.0 To remove an IP address from the FT VLAN, enter: host1/Admin(config-ft-intf)# no ip address address ip_address Specifies the IP address of the FT VLAN. Enter an IP address in dotted-decimal notation (for example, 192.168.12.1). netmask Subnet mask of the FT VLAN. Enter a subnet mask in dotted-decimal notation (for example, 255.255.255.0). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-631 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Interface Configuration Mode Commands Related Commands show ft show interface (config-ft-intf) peer ip2-632 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Interface Configuration Mode Commands (config-ft-intf) peer ip To allow the local member of the fault-tolerant (FT) group to communicate with the remote peer, use the peer ip command to configure an IP address for the remote peer. Use the no form of this command to remove the IP address from the peer configuration. peer ip address ip_address netmask no peer ip address ip_address netmask Syntax Description Command Modes FT interface configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To configure an IP address for the remote peer, enter: host1/Admin(config-ft-intf)# peer ip address 192.168.12.15 255.255.255.0 To remove the IP address from the remote peer, enter: host1/Admin(config-ft-intf)# no peer ip address 192.168.12.15 255.255.255.0 Related Commands show interface (config-ft-intf) ip address ip_address Specifies the IP address of the remote peer. Enter an IP address in dotted-decimal notation (for example, 192.168.12.15). netmask Subnet mask of the remote peer. Enter a subnet mask in dotted-decimal notation (for example, 255.255.255.0). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-633 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Interface Configuration Mode Commands (config-ft-intf) shutdown To disable the fault-tolerant (FT) VLAN, use the shutdown command. Use the no form of this command to enable the FT VLAN. shutdown no shutdown Syntax Description This command has no keywords or arguments. Command Modes FT interface configuration mode Admin context only Command History Usage Guidelines When you create the FT VLAN, it is disabled by default. Use the no form of this command to enable the FT VLAN. Examples For example, to enable the FT VLAN, enter: host1/Admin(config-ft-intf)# no shutdown To disable the FT VLAN after you have enabled it, enter: host1/Admin(config-ft-intf)# shutdown Related Commands show interface ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-634 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Peer Configuration Mode Commands FT Peer Configuration Mode Commands Fault-tolerant (FT) peer configuration mode commands allow you to configure redundancy parameters for peer (standby) ACEs. Each FT group in a redundant configuration consists of two ACE ACEs: a local active ACE and a remote standby ACE or peer. To configure an FT peer and access FT peer configuration mode, use the ft peer command in configuration mode. The CLI prompt changes to (config-ft-peer). For information about the commands in FT peer configuration mode, see the following commands. Use the no form of this command to remove an FT group from the configuration. ft peer peer_id no ft peer peer_id Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines All commands in this mode require the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure an FT peer and access FT peer configuration mode, enter: host1/Admin(config)# ft peer 1 host1/Admin(config-ft-peer)# To delete the FT peer configuration, enter: host1/Admin(config)# no ft peer 1 Related Commands show ft show running-config peer_id Unique identifier of the FT peer. Enter 1. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-635 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Peer Configuration Mode Commands (config-ft-peer) ft-interface vlan To associate an existing fault-tolerant (FT) VLAN with a peer, use the ft-interface vlan command. Use the no form of this command to remove the FT VLAN from the peer configuration. ft-interface vlan vlan_id no ft-interface vlan vlan_id Syntax Description Command Modes FT peer configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To associate an existing FT VLAN with a peer, enter: host1/Admin(config-ft-peer)# ft-interface vlan 200 Related Commands show ft (config) ft interface vlan vlan_id Identifier of an existing VLAN. Enter an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-636 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Peer Configuration Mode Commands (config-ft-peer) heartbeat To configure the heartbeat interval and count for verification timing between active and standby fault-tolerant (FT) peers, use the heartbeat command. Use the no form of this command to revert to the default heartbeat interval and count. heartbeat {count number | interval frequency} no heartbeat {count number | interval frequency} Syntax Description Command Modes FT peer configuration mode Admin context only Command History Usage Guidelines If the standby member of the FT group does not receive a heartbeat packet from the active member, a time period equal to count number times interval frequency must elapse before a switchover between the active and standby members can occur. Examples To set a heartbeat count of 20, enter: host1/Admin(config-ft-peer)# heartbeat count 20 To set a heartbeat interval of 200 milliseconds, enter: host1/Admin(config-ft-peer)# heartbeat interval 200 Related Commands show ft count number Specifies the number of heartbeat intervals that must transpire with no heartbeat packet received by the standby member before the standby member determines that the active member is not available. Enter an integer from 10 to 50. The default is 10 heartbeat intervals. interval frequency Specifies the time period between heartbeats in milliseconds (ms). Enter an integer from 100 to 1000 ms. The default is 300 ms. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-637 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Peer Configuration Mode Commands (config-ft-peer) query-interface To configure an alternate interface to allow the standby member to determine whether the active member is down or whether there is a connectivity problem with the fault-tolerant (FT) VLAN, use the query-interface command. A query interface helps prevent two redundant contexts from becoming active at the same time for the same FT group. Use the no form of this command to remove the query interface from the peer configuration. query-interface vlan vlan_id no query-interface vlan vlan_id Syntax Description Command Modes FT peer configuration mode Admin context only Command History Usage Guidelines Configuring a query interface allows you to assess the health of the active FT group member, but it increases failover time. You cannot delete a query interface if it is associated with a peer. You must dissociate the interface from the peer first, and then you can delete the query interface. Examples To configure a query interface, enter: host1/Admin(config-ft-peer)# query-interface vlan 400 Related Commands show ft (config) ft interface vlan vlan vlan_id Specifies the identifier of an existing VLAN. Enter an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-638 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands FT Track Host Configuration Mode Commands Fault-tolerant (FT) track host configuration mode commands allow you to configure tracking and failure detection for critical network gateways and hosts. To create a process that tracks and detects failures for a gateway or host and accesses FT track host configuration mode, use the ft track host command in configuration mode. The CLI prompt changes to (config-ft-track-host). For information about the commands in FT track host configuration mode, see the following commands. Use the no form of this command to delete a process that tracks and detects failures for a gateway or host. ft track host name no ft track host name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a process that tracks and detects failures for a gateway or host and accesses FT track host configuration mode, enter: host1/Admin(config)# ft track host TRACK_GATEWAY1 host1/Admin(config-ft-track-host)# To delete the process that tracks and detects failures for a gateway or host, enter: host1/Admin(config)# no ft track host TRACK_GATEWAY1 name Unique identifier of the tracking process for a gateway or a host. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-639 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands Related Commands show ft show running-config2-640 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands (config-ft-track-host) peer priority To assign a priority for multiple probes on the standby member of a fault-tolerant (FT) group, use the peer priority command. Use the no form of this command to reset the multiple-probe priority to the default value of 10 on the standby member. peer priority number no peer priority number Syntax Description Command Modes FT track host configuration mode Admin and user contexts Command History Usage Guidelines The peer command keyword indicates the standby member of an FT group. Assign a priority value to multiple probes based on the relative importance of the gateway or host that the probes are tracking. If all the probes go down, the ACE decrements the priority of the FT group on the standby member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To assign a priority for multiple probes on the standby member of an FT group, enter: host1/Admin(config-ft-track-host)# peer priority 50 To reset the priority of multiple probes on the standby member of an FT group to the default value of 0, enter: host1/Admin(config-ft-track-host)# no peer priority 50 Related Commands (config-ft-track-host) priority number Priority of the probes configured for the gateway or host on the standby member. Enter a priority value as an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-641 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands (config-ft-track-host) peer probe To associate an existing probe with a gateway or host for tracking by the standby member of a fault-tolerant (FT) group, use the peer probe command. Use the no form of this command to dissociate the tracking probe from the tracking process on the standby member. peer probe name priority number no peer probe name priority number Syntax Description Command Modes FT track host configuration mode Admin and user contexts Command History Usage Guidelines The peer command keyword indicates the standby member of an FT group. Assign a priority value to the probe based on the relative importance of the gateway or host that the probe is tracking. If the probe goes down, the ACE decrements the priority of the FT group on the standby member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To configure a probe with priority of 15 on the standby member of an FT group, enter: host1/Admin(config-ft-track-host)# peer probe TCP_PROBE1 priority 15 To remove the tracking probe from the standby member, enter: host1/Admin(config-ft-track-host)# no peer probe TCP_PROBE1 name Identifier of an existing probe that you want to associate with a gateway or host for tracking. priority number (Optional) Specifies the priority of the probe. Enter an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-642 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands Related Commands show probe show running-config (config) ft peer (config) probe (config-ft-track-host) probe2-643 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands (config-ft-track-host) peer track-host To configure the IP address of the gateway or host that you want to track on the standby member of a fault-tolerant (FT) group, use the peer track-host command. Use the no form of this command to remove the IP address of the gateway or host from the tracking process on the standby member configuration. peer track-host ip_address no peer track-host ip_address Syntax Description Command Modes FT track host configuration mode Admin and user contexts Command History Usage Guidelines The peer command keyword indicates the standby member of an FT group. Examples IPv6 Example: To configure the IPv6 address of a gateway for tracking on the standby member of an FT group, enter: host1/Admin(config-ft-track-host)# peer track-host 2001:DB8:12::101 To remove the IPv6 address of the tracked gateway from the standby member, enter: host1/Admin(config-ft-track-host)# no peer track-host 2001:DB8:12::101 IPv4 Example: To configure the IPv4 address of a gateway for tracking on the standby member of an FT group, enter: host1/Admin(config-ft-track-host)# peer track-host 172.16.27.1 To remove the IPv4 address of the tracked gateway from the standby member, enter: host1/Admin(config-ft-track-host)# no peer track-host 172.16.27.1 ip_address IPv6 or IPv4 address of the gateway or host that you want the standby FT group member to track. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-644 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands Related Commands show running-config (config) ft peer (config-ft-track-host) track-host2-645 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands (config-ft-track-host) priority To assign a priority for multiple probes on the active member of a fault-tolerant (FT) group, use the priority command. Use the no form of this command to reset the multiple-probe priority to the default value of 10 on the active member. priority number no priority number Syntax Description Command Modes FT track host configuration mode Admin and user contexts Command History Usage Guidelines Assign a priority value for multiple probes based on the relative importance of the gateway or host that the probes are tracking. If all the probes go down, the ACE decrements the priority of the FT group on the active member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To assign a priority for multiple probes on the active member of an FT group, enter: host1/Admin(config-ft-track-host)# priority 100 To reset the priority of multiple probes on the active member of an FT group to the default value of 0, enter: host1/Admin(config-ft-track-host)# no priority 100 Related Commands (config-ft-track-host) peer priority number Priority of the probes configured for the gateway or host on the active member. Enter a priority value as an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-646 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands (config-ft-track-host) probe To associate an existing probe with a gateway or host for tracking by the active member of a fault-tolerant (FT) group, use the probe command. Use the no form of this command to dissociate the tracking probe from the tracking process on the active member. probe name priority number no probe name priority number Syntax Description Command Modes FT track host configuration mode Admin and user contexts Command History Usage Guidelines Assign a priority value to the probe based on the relative importance of the gateway or host that the probe is tracking. If the probe goes down, the ACE decrements the priority of the FT group on the active member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To configure a probe with a priority of 25 on the active member of an FT group, enter: host1/Admin(config-ft-track-host)# probe TCP_PROBE1 priority 25 To remove the tracking probe from the active member, enter: host1/Admin(config-ft-track-host)# no probe TCP_PROBE1 Related Commands show probe show running-config (config) probe (config-ft-track-host) peer probe name Identifier of an existing probe that you want to associate with a gateway or host for tracking. priority number (Optional) Specifies the priority of the probe on the active member of an FT group. Enter an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-647 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Host Configuration Mode Commands (config-ft-track-host) track-host To configure the IP address of the gateway or host that you want to track on the active member of a fault-tolerant (FT) group, use the track-host command. Use the no form of this command to remove the IP address of the gateway or host from the tracking process on the active member. track-host ip_address no track-host ip_address Syntax Description Command Modes FT track host configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples IPv6 Example: To configure the IPv6 address of a gateway for tracking on the active member of an FT group, enter: host1/Admin(config-ft-track-host)# track-host 2001:DB8:12::101 To remove the IPv6 address of the tracked gateway from the active member, enter: host1/Admin(config-ft-track-host)# no track-host 2001:DB8:12::101 IPv4 Example: To configure the IPv4 address of a gateway for tracking on the active member of an FT group, enter: host1/Admin(config-ft-track-host)# track-host 172.16.27.1 To remove the IPv4 address of the tracked gateway from the active member, enter: host1/Admin(config-ft-track-host)# no track-host 172.16.27.1 Related Commands show running-config (config-ft-track-host) peer track-host ip_address IPv6 or IPv4 address of the gateway or host that you want the active FT group member to track. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-648 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track HSRP Configuration Mode Commands FT Track HSRP Configuration Mode Commands (ACE module only) Fault-tolerant (FT) track HSRP configuration mode allows you to configure tracking and failure detection for critical Hot Standby Router Protocol (HSRP) groups configured on the supervisor engine for the Catalyst 6500 series switch. To create a process that tracks and detects failures for an HSRP group and accesses FT track HSRP configuration mode, enter the ft track hsrp command in configuration mode. The CLI prompt changes to (config-ft-track-hsrp). For information about the commands in FT track HSRP configuration mode, see the following commands. To delete the tracking and failure-detection process for an HSRP group, use the no form of this command. ft track hsrp name no ft track hsrp name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a process that tracks and detects failures for an HSRP group and accesses FT track HSRP configuration mode, enter: host1/Admin(config)# ft track hsrp TRACK_HSRP_GRP1 host1/Admin(config-ft-peer)# To delete the process that tracks and detects failures for an HSRP group, enter: host1/Admin(config)# no ft track hsrp TRACK_HSRP_GRP1 Related Commands show ft show running-config name Unique identifier of the tracking process for an HSRP group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-649 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track HSRP Configuration Mode Commands (config-ft-track-hsrp) peer priority (ACE module only) To assign a priority to the Hot Standby Router Protocol (HSRP) group that you are tracking on the standby member of a fault-tolerant (FT) group, use the peer priority command. Use the no form of this command to reset the priority to the default value of 10. peer priority number no peer priority Syntax Description Command Modes FT track hsrp configuration mode Admin and user contexts Command History Usage Guidelines The peer command keyword indicates the standby member of an FT group. Assign a priority value to the HSRP group based on the relative importance of the group that you are tracking on the standby member. If the HSRP group goes down, the ACE decrements the priority of the FT group on the standby member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To assign a priority to the HSRP group that you are tracking on the standby member of an FT group, enter: host1/Admin(config-ft-track-hsrp)# peer priority 50 To reset the priority of the HSRP group to the default value of 0, enter: host1/Admin(config-ft-track-hsrp)# no peer priority 50 Related Commands (config-ft-track-hsrp) priority number Priority of the HSRP group configured on the standby member of an FT group. Enter an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-650 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track HSRP Configuration Mode Commands (config-ft-track-hsrp) peer track-hsrp (ACE module only) To track a Hot Standby Router Protocol (HSRP) group on the standby member of a fault-tolerant (FT) group, use the peer track-hsrp command. Use the no form of this command to remove the HSRP group name from the tracking process on the standby member. peer track-hsrp name no peer track-hsrp name Syntax Description Command Modes FT track HSRP configuration mode Admin and user contexts Command History Usage Guidelines The peer command keyword indicates the standby member of an FT group. Examples To configure an HSRP group for tracking on the standby member of an FT group, enter: host1/Admin(config-ft-track-hsrp)# peer track-hsrp HSRP_GRP1 To remove the HSRP group from the tracking process on the standby member, enter: host1/Admin(config-ft-track-hsrp)# no peer track-hsrp HSRP_GRP1 Related Commands show running-config (config) ft peer (config-ft-track-hsrp) track-hsrp name Identifier of an HSRP group previously configured on the supervisor engine for the Catalyst 6500 series switch that you want to track on the standby member of an FT group. Enter the name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-651 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track HSRP Configuration Mode Commands (config-ft-track-hsrp) priority (ACE module only) To assign a priority to the Hot Standby Router Protocol (HSRP) group that you are tracking on the active member of a fault-tolerant (FT) group, use the priority command. Use the no form of this command to reset the priority to the default value of 10. priority number no priority number Syntax Description Command Modes FT track HSRP configuration mode Admin and user contexts Command History Usage Guidelines Assign a priority value to the HSRP group based on the relative importance of the group that you are tracking on the active member. If the HSRP group goes down, the ACE decrements the priority of the FT group on the active member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To assign a priority to the HSRP group that you are tracking on the active member of an FT group, enter: host1/Admin(config-ft-track-hsrp)# priority 100 To reset the priority of the HSRP group to the default value of 0, enter: host1/Admin(config-ft-track-hsrp)# no priority 100 Related Commands (config-ft-track-hsrp) peer priority number Priority of the HSRP group configured on the active member of an FT group. Enter an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-652 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track HSRP Configuration Mode Commands (config-ft-track-hsrp) track-hsrp (ACE module only) To track a Hot Standby Router Protocol (HSRP) group on the active member of a fault-tolerant (FT) group, use the track-hsrp command. Use the no form of this command to remove the HSRP group name from the tracking process on the active member. track-hsrp name no track-hsrp name Syntax Description Command Modes FT track HSRP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples For example, to configure the HSRP group for tracking on the active member of an FT group, enter: host1/Admin(config-ft-track-hsrp)# track-hsrp HSRP_GRP1 To remove the HSRP group tracked by the active member, enter: host1/Admin(config-ft-track-hsrp)# no track-hsrp HSRP_GRP1 Related Commands show running-config (config) ft peer (config-ft-track-hsrp) peer track-hsrp name Identifier of an HSRP group previously configured on the supervisor engine for the Catalyst 6500 series switch that you want to track on the active member of an FT group. Enter the name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-653 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Interface Configuration Mode Commands FT Track Interface Configuration Mode Commands Fault-tolerant (FT) track interface configuration mode allows you to configure tracking and failure detection for critical interfaces. To create a process that tracks and detects failures for critical interfaces and accesses FT track interface configuration mode, enter the ft track interface command in configuration mode. The CLI prompt changes to (config-ft-track-interface). For information about the commands in FT track interface configuration mode, see the following commands. To delete the process that tracks and detects failures for an interface, use the no form of this command. ft track interface name no ft track interface name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the fault-tolerant feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a process that tracks and detects failures for an interface and access FT track interface configuration mode, enter: host1/Admin(config)# ft track interface TRACK_VLAN200 host1/Admin(config-ft-track-interface)# To delete the process that tracks and detects failures for an interface, enter: host1/Admin(config)# no ft track interface TRACK_VLAN200 Related Commands show running-config name Unique identifier of the process that tracks and detects failures for a critical interface. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-654 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Interface Configuration Mode Commands (config-ft-track-interface) peer priority To assign a priority to the interface that the standby member is tracking, use the peer priority command. Use the no form of this command to reset the priority to the default value of 10. peer priority number no peer priority number Syntax Description Command Modes FT track interface configuration mode Admin and user contexts Command History Usage Guidelines The peer command keyword indicates the standby member of an FT group. Assign a priority value based on the relative importance of the interface that you are tracking on the standby member of an FT group. If the tracked interface goes down, the ACE decrements the priority of the FT group on the standby member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To set a priority of 100 for the interface that you are tracking on the standby member, enter: host1/Admin(config-ft-track-intf)# peer priority 100 To reset the priority of the interface to the default value of 0, enter: host1/Admin(config-ft-track-intf)# no peer priority 100 Related Commands (config-ft-track-interface) priority number Priority of the interface tracked by the standby member of a fault-tolerant (FT) group. Enter an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-655 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Interface Configuration Mode Commands (config-ft-track-interface) peer track-interface vlan To configure the interface that you want the standby member to track, use the peer track-interface vlan command. Use the no form of this command to remove the interface. peer track-interface vlan vlan_id no peer track-interface vlan vlan_id Syntax Description Command Modes FT track interface configuration mode Admin and user contexts Command History Usage Guidelines The peer command keyword indicates the standby member of an FT group. You cannot track the FT VLAN because it is reserved for the redundancy protocol. Examples To configure the VLAN 200 interface for tracking on the standby member, enter: host1/Admin(config-ft-track-intf)# peer track-interface vlan 200 To remove VLAN 200 from the tracking process, enter: host1/Admin(config-ft-track-intf)# no peer track-interface vlan 200 Related Commands (config-ft-track-interface) track-interface vlan vlan_id Unique identifier of an existing VLAN that you want to track on the standby member of a fault-tolerant (FT) group. Enter an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-656 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Interface Configuration Mode Commands (config-ft-track-interface) priority To assign a priority to the interface that the active member is tracking, use the priority command. Use the no form of this command to reset the priority of the interface to the default value of 10. priority number no priority number Syntax Description Command Modes FT track interface configuration mode Admin and user contexts Command History Usage Guidelines Assign a priority value based on the relative importance of the interface that you are tracking on the active member of an FT group. If the tracked interface goes down, the ACE decrements the priority of the FT group on the active member by the value of the number argument. If the priority of the FT group on the active member falls below the priority of the FT group on the standby member, a switchover occurs where the active member becomes the standby member and the standby member becomes the active member. Examples To set a priority of 100 for the interface that you are tracking on the active member of an FT group, enter: host1/Admin(config-ft-track-intf)# priority 100 To reset the priority of the interface to the default value of 0, enter: host1/Admin(config-ft-track-intf)# no priority 100 Related Commands (config-ft-track-interface) peer priority number Priority of the interface tracked by the active member of a fault-tolerant (FT) group. Enter an integer from 0 to 255. The default is 0. Higher values indicate higher priorities. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-657 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands FT Track Interface Configuration Mode Commands (config-ft-track-interface) track-interface vlan To configure the interface that you want the active member to track, use the track-interface vlan command. Use the no form of this command to remove the interface from the tracking process. track-interface vlan vlan_id no track-interface vlan vlan_id Syntax Description Command Modes FT track interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the VLAN 200 interface for tracking on the active member, enter: host1/Admin(config-ft-track-intf)# track-interface vlan 200 To remove VLAN 200 from the tracking process, enter: host1/Admin(config-ft-track-intf)# no track-interface vlan 200 Related Commands show interface (ACE module only) (config) hw-module vlan_id Unique identifier of an existing VLAN that you want to track on the active member of a fault-tolerant (FT) group. Enter an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-658 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Interface Configuration Mode Commands Interface configuration mode commands allow you to configure a VLAN interface or a bridge-group virtual interface (BVI), and, for the ACE appliance, an Ethernet port or a port-channel interface. To configure a bridge-group virtual interface (BVI), Ethernet port, port-channel interface, or VLAN interface, use the interface command. The CLI prompt changes to (config-if). Use the no form of this command to remove the interface from the context. For information about the commands in interface configuration mode, see the following commands. interface {bvi group_number | gigabitEthernet slot_number/port_number | port-channel channel_number | vlan number} no interface {bvi group_number | gigabitEthernet slot_number/port_number | port-channel channel_number | vlan number} Syntax Description Command Modes Configuration mode BVI and VLAN interface—Admin and user contexts (ACE appliance only) Ethernet port and port-channel interface—Admin context only Command History bvi group_number Creates a BVI for a bridge group and accesses interface configuration mode commands for the BVI. The group_number argument is the bridge-group number configured on a VLAN interface. gigabitEthernet slot_number/ port_number (ACE appliance only) Specifies one of the four Ethernet ports on the rear panel of the ACE. • slot_number—The physical slot on the ACE containing the Ethernet ports. This selection is always 1, the location of the daughter card in the ACE. The daughter card includes the four Layer 2 Ethernet ports to perform Layer 2 switching. • port_number—The physical Ethernet port on the ACE. Valid selections are 1 through 4, which specifies one of the four Ethernet ports (1, 2, 3, or 4) associated with the slot 1 (daughter card) selection. port-channel channel_number (ACE appliance only) Specifies the channel number assigned to this port-channel interface. Valid values are from 1 to 255. vlan number Assigns the VLAN to the context and accesses interface configuration mode commands for the VLAN. The number argument is the number for a VLAN assigned to the ACE. (ACE module only) The VLAN is assigned to the ACE from the supervisor engine for the Catalyst 6500 series switch. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-659 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Usage Guidelines All commands in this mode require the interface feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To enable the bridge-group VLANs, you must configure a bridge-group virtual interface (BVI) that represents a corresponding bridge group. An IP address in the same subnet should be configured on the BVI. This address is used for management traffic and as a source IP address for traffic from the ACE, similar to ARP requests. The ACE supports a maximum of 4093 VLAN interfaces with a maximum of 1,024 shared VLANs. The ACE supports a maximum of 4094 BVI interfaces. The ACE supports a maximum of 8192 interfaces per system that include VLANs, shared VLANs, and BVI interfaces. The ACE requires a route back to the client before it can forward a request to a server. If the route back is not present, the ACE cannot establish a flow and drops the client request. Make sure that you configure the appropriate routing to the client network on the ACE VLAN where the client traffic enters the ACE ACE. You can configure one or more VLAN interfaces in any user context before you assign those VLAN interfaces to the associated user contexts through the (config-context) allocate-interface command in the Admin context. ACE Appliance Guidelines In addition, the Ethernet port and port-channel interface command functions require the Admin user role. The four Ethernet ports provide physical Ethernet ports to connect servers, PCs, routers, and other devices to the ACE. You can configure the four Ethernet ports to provide an interface for connecting to 10-Mbps, 100-Mbps, or 1000-Mbps networks. Each Layer 2 Ethernet port supports autonegotiate, or full-duplex or half-duplex operation on an Ethernet LAN, and can carry traffic within a designated VLAN. You can group physical ports together on the ACE to form a logical Layer 2 interface called the EtherChannel (or port-channel). All the ports belonging to the same port-channel must be configured with same values; for example, port parameters, VLAN membership, trunk configuration. Only one port-channel in a channel group is allowed, and a physical port can belong to only to a single port-channel interface. Examples To assign VLAN interface 200 to the Admin context and access interface configuration mode, enter: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# To remove a VLAN, enter: host1/Admin(config)# no interface vlan 200 To create a BVI for bridge group 15, enter: host1/Admin(config)# interface bvi 15 ACE Appliance Release Modification A1(7) This command was introduced.2-660 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands host1/Admin(config-if)# To delete a BVI for bridge group 15, enter: host1/Admin(config)# no interface bvi 15 Related Commands show arp show interface show ip show running-config show vlans (config-if) access-group To apply an IPv6 or an IPv4 access control list (ACL) to the inbound or outbound direction of a VLAN interface and make the ACL active, use the access-group command. Use the no form of this command to remove an ACL from an interface. access-group {input | output} acl_name no access-group {input | output} acl_name Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History input Specifies the inbound direction of the interface to which you want to apply the ACL. output Specifies the outbound direction of the interface to which you want to apply the ACL. acl_name Identifier of an existing ACL that you want to apply to an interface. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-661 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Usage Guidelines You must apply ACLs to a VLAN interface to allow the traffic to pass on an interface. You can apply one IPv6 and one IPv4 ACL of each type (extended and EtherType) to both directions of the interface. For connectionless protocols, you need to apply the ACL to the source and destination interfaces if you want traffic to pass in both directions. For example, you can allow Border Gateway Protocol (BGP) in an ACL in transparent mode, and you need to apply the ACL to both interfaces. A bridge-group VLAN supports extended ACLs for IP traffic and EtherType ACLs for non-IP traffic. For non-IP traffic, you can configure an EtherType ACL. EtherType ACLs support Ethernet V2 frames. You can configure the ACE to pass one or any of the following non-IP EtherTypes: Multiprotocol Label Switching (MPLS), IP version 6 (IPv6), and bridge protocol data units (BDPUs). The output option is not allowed for EtherType ACLs. To apply an ACL globally to all interfaces in a context, use the (config) access-group command. Examples To apply an ACL named INBOUND to the inbound direction of an interface, enter: host1/Admin(config)# interface vlan100 host1/Admin(config-if)# access-group input INBOUND To remove an ACL from an interface, enter: host1/Admin(config-if)# no access-group input INBOUND Related Commands show access-list (config) access-group (config) access-list extended (config-if) alias To configure an IP address that is shared between active and standby ACEs for a bridge-group virtual interface (BVI) or VLAN interface, use the alias command. Use the no form of this command to delete an alias IP address. alias {ipv6_address [/prefix_length] [eui64 | unique-local]} | {ip_address mask [secondary]} no alias {ipv6_address [/prefix_length] [eui64 | unique-local]} | {ip_address mask [secondary]} Syntax Description ipv6_address IPv6 address of the interface. /prefix_length (Optional, except for EUI-64) Specifies how many of the most significant bits (MSBs) of the IPv6 address are used for the network identifier. Enter a a forward slash character (/) followed by an integer from 1 to 128. The default is /128. If you use the optional eui64 keyword, you must specify a prefix length and the prefix must be less than or equal to 64. eui64 (Optional) Specifies that the low order 64 bits are automatically generated in the IEEE 64-bit Extended Unique Identifier (EUI-64) format specified in RFC 2373. To use this keyword, you must specify a prefix length, the prefix must be less than or equal to 64, and the host segment must be all zeros.2-662 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines You must configure redundancy (fault tolerance) on the ACE for the alias IP address to work. For more information on redundancy, see the Administration Guide, Cisco ACE Application Control Engine. For stealth firewalls, an ACE balances traffic among unique VLAN alias IP address interfaces on another ACE that provides paths through stealth firewalls. You configure a stealth firewall so that all traffic moving in both directions across that VLAN moves through the same firewall. For details about firewall load balancing (FWLB), see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. You cannot configure secondary IP addresses on FT VLANs. Examples To configure an alias IP address and mask, enter: host1/Admin(config-if)# alias 12.0.0.81 255.0.0.0 To configure a secondary alias IP address, enter: host1/Admin(config-if)# alias 193.168.12.15 255.255.255.0 secondary unique-local (Optional) Specifies that this address is globally unique and used only for local communications within a site or organization. ipv4_address IPv4 address of the interface. mask Subnet mask of the interface. secondary (Optional) Configures the address as a secondary IPv4 address allowing multiple subnets under the same interface. You can configure a maximum of 15 secondary addresses per interface. The ACE has a system limit of 1,024 secondary addresses. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.0) The secondary option was added. A2(3.1) The number of secondary addresses increased from 4 to 15. A4(1.0) The number of secondary addresses decreased from 15 to 4. A4(1.1) The number of secondary addresses increased from 4 to 15. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The secondary option was added. A4(1.1) The number of secondary addresses increased from 4 to 15. A5(1.0) Added IPv6 support.2-663 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands To remove an alias IP address, enter: host1/Admin(config-if)# no alias 192.168.12.15 255.255.255.0 To remove a secondary alias IP address, enter: host1/Admin(config-if)# no alias 193.168.12.15 255.255.255.0 secondary Related Commands show interface (config-if) arp To add a static ARP entry in the ARP table for a VLAN interface, use the arp command. Use the no form of this command to remove a static ARP entry. arp ip_address mac_address no arp ip_address mac_address Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Static ARPs for bridged interfaces are configured on the specific interface. Examples To allow ARP responses from the router at 10.1.1.1 with the MAC address 00.02.9a.3b.94.d9, enter: host1/Admin(config-if)# arp 10.1.1.1 00.02.9a.3b.94.d9 To remove a static ARP entry, use the no arp command. For example, enter: host1/Admin(config-if)# no arp 10.1.1.1 00.02.9a.3b.94.d9 ip_address IP address for an ARP table entry. Enter the IP address in dotted-decimal notation (for example, 172.16.27.1). mac_address MAC address for the ARP table entry. Enter the MAC address in dotted-hexadecimal notation (for example, 00.02.9a.3b.94.d9). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-664 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Related Commands show arp (config-if) arp inspection To enable the ACE to dynamically check the source MAC address in an Ethernet header against the sender’s MAC address in an ARP payload for every ARP packet received by the ACE, use the arp inspection command. Use the no form of this command to remove a static ARP entry. arp inspection validate src-mac [flood | no-flood] no arp ip_address mac_address Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The ACE does not learn or update the ARP or MAC tables for packets with different MAC addresses. By default, dynamic ARP inspection is disabled. If you enable this feature, the default option is flood. Use this feature for interoperability with third-party firewalls (for example, CheckPoint). If ARP inspection fails, then the ACE does not perform source MAC validation. For details about ARP inspection, see the (config) arp command. Regardless of whether you enter the flood or the no-flood option, if the source MAC address of the ARP packet does not match the MAC address of the Ethernet header, then the source MAC validation fails and the ACE increments the Smac-validation Failed counter of the show arp command. validate src-mac Instructs the ACE to check the source MAC address in an Ethernet header against the sender’s MAC address in an ARP payload for every ARP packet received by the ACE flood (Optional) Enables ARP forwarding for the interface and forwards ARP packets with nonmatching source MAC addresses to all interfaces in the bridge group. This is the default option when you enable dynamic ARP inspection. no-flood (Optional) Disables ARP forwarding for the interface and drops ARP packets with nonmatching source MAC addresses. ACE Module Release Modification 3.0(0)A1(6.3) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-665 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Examples To enable the ACE to check the source MAC address in an Ethernet header against the sender’s MAC address in an ARP payload for every ARP packet received by the ACE and to forward (flood) the packets, enter: host1/Admin(config-if)# arp inspection validate src-mac To restore the behavior of the ACE to the default of not validating source MAC addresses, enter the following command: host1/Admin(config-if)# no arp inspection validate src-mac Related Commands show arp2-666 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) bridge-group To assign the VLAN to a bridge group, use the bridge-group command. Use the no form of this command to remove the bridge group from the VLAN. bridge-group number no bridge-group Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines In bridge mode, you can configure two interface VLANs into a group and bridge packets between them. All interfaces are in one broadcast domain and packets from one VLAN are switched to the other VLAN. The ACE bridge mode supports only two L2 VLANs per bridge group. In this mode, VLANs do not have configured IP addresses. To enable the bridge-group VLANs, you must configure a bridge-group virtual interface (BVI) that represents a corresponding bridge group. Examples To assign bridge group 15 to the VLAN, enter: host1/Admin(config-if)# bridge-group 15 To remove the bridge group from the VLAN, enter: host1/Admin(config-if)# no bridge-group Related Commands show interface number Bridge-group number. Enter an integer from 1 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-667 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) carrier-delay (ACE appliance only) To add a configurable delay at the physical port level to address issues with transition time, based on the variety of peers, use the carrier-delay command. Use the no form of the command to remove the carrier delay for the Ethernet port. carrier-delay seconds no carrier-delay seconds Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines If you connect an ACE to a Catalyst 6500 series switch, your configuration on the Catalyst may include the Spanning Tree Protocol (STP). However, the ACE does not support STP. In this case, you may find that the Layer 2 convergence time is much longer than the physical port up time. For example, the physical port would normally be up within 3 seconds, but STP moving to the forward state may need approximately 30 seconds. During this transitional time, although the ACE declares the port to be up, the traffic will not pass. The carrier-delay command adds a configurable delay at the physical port level to address this transition time, based on the variety of peers. Examples To add a configurable delay of 60 seconds at the physical port level for Ethernet port 3, enter: host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config-if)# carrier-delay 60 To remove the carrier delay for the Ethernet port, enter: host1/Admin(config-if)# no carrier-delay 60 Related Commands show interface seconds The carrier transition delay in seconds. Valid values are 0 to 120 seconds. The default is 0 (no carrier delay). ACE Appliance Release Modification A1(8) This command was introduced.2-668 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) channel-group (ACE appliance only) To map the physical Ethernet port to a port channel when configuring Layer 2 EtherChannels, use the channel-group command. Use the no form of the command to remove the channel group assigned to the Ethernet port. channel-group channel_number no channel-group channel_number Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines You can group physical ports together on the ACE to form a logical Layer 2 interface called the EtherChannel (or port-channel). The channel-group command configures the Ethernet port in a port-channel group and automatically creates the port-channel logical interface. It is not necessary to configure a port-channel interface before assigning a physical Ethernet port to a channel group through the channel-group command. A port-channel interface is created automatically when the channel group receives its first physical interface, if it is not already created. Examples To create a channel group with a channel number of 255, enter: host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config)# channel-group 255 To remove the channel group assigned to the Ethernet port, enter: host1/Admin(config-if)# no channel-group 255 Related Commands show interface channel_number Channel number assigned to this channel group. Valid values are from 1 to 255. ACE Appliance Release Modification A1(7) This command was introduced.2-669 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) description To provide a description for a bridge-group virtual interface (BVI) or VLAN interface, use the description command. Use the no form of this command to delete the description. description text no description Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To provide the description of POLICY MAP 3 FOR INBOUND AND OUTBOUND TRAFFIC, enter: host1/admin(config-if)# description POLICY MAP3 FOR INBOUND AND OUTBOUND TRAFFIC To remove the description for the interface, enter: host1/admin(config-if)# no description Related Commands show interface text Description for the interface. Enter an unquoted text string that contains a maximum of 240 characters including spaces. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-670 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) duplex (ACE appliance only) To configure an Ethernet port for full- or half-duplex operation, use the duplex command in interface configuration mode. The default configuration for an ACE interface is autonegotiate. Use the no form of this command to revert to autonegotiation operation. duplex {full | half} no duplex Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines If you configure the Ethernet port speed to auto on a 10/100/1000-Mbps Ethernet port, both speed and duplex are autonegotiated. The ACE prevents you from making a duplex setting when you configure the speed of an Ethernet port to auto. The speed command must be a non-auto setting of 10, 100, or 1000 Mbps to be able to configure the duplex setting for the Ethernet port. Examples To set the duplex mode to full on Ethernet port 3, enter: host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config-if)# duplex full To restore the default setting of autonegotiate for an Ethernet port, enter: host1/Admin(config-if)# no duplex Related Commands (config-if) speed full Configures the specified Ethernet port for full-duplex operation, which allows data to travel in both directions at the same time. half Configures the specified Ethernet port for half-duplex operation. A half-duplex setting ensures that data travels only in one direction at any given time. ACE Appliance Release Modification A1(7) This command was introduced.2-671 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) fragment chain To configure the maximum number of fragments that belong to the same packet that the ACE accepts for reassembly for a VLAN interface, use the fragment chain command. Use the no form of this command to reset the default value. fragment chain number no fragment chain Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure a fragment chain limit of 126, enter: host1/C1(config-if)# fragment chain 126 To reset the maximum number of fragments in a packet to the default of 24, enter: host1/C1(config-if)# no fragment chain Related Commands show fragment (config-if) fragment min-mtu (config-if) fragment timeout number Maximum number of fragments that belong to the same packet. Enter an integer from 1 to 256. The default is 24. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-672 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) fragment min-mtu To configure the minimum fragment size that the ACE accepts for reassembly for a VLAN interface, use the fragment min-mtu command. Use the no form of this command to reset the default value. fragment min-mtu number no fragment min-mtu Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure a minimum fragment size of 1024, enter: host1/C1(config-if)# fragment min-mtu 1024 To reset the minimum fragment size to the default value of 576 bytes, enter: host1/C1(config-if)# no fragment min-mtu Related Commands show fragment (config-if) fragment chain (config-if) fragment timeout number Minimum fragment size. Enter an integer from 28 to 9216 bytes. The default is 576 bytes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-673 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) fragment timeout To configure a reassembly timeout for a VLAN interface, use the fragment timeout command. Use the no form of this command to reset the default value. fragment timeout seconds no fragment timeout Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The IP reassembly timeout specifies the period of time after which the ACE abandons the fragment reassembly process if it does not receive any outstanding fragments for the current fragment chain (fragments that belong to the same packet). Examples To configure an IP reassembly timeout of 15 seconds, enter: host1/C1(config-if)# fragment timeout 15 To reset the fragment timeout to the default value of 5 seconds, enter: host1/C1(config-if)# no fragment timeout Related Commands show fragment (config-if) fragment chain (config-if) fragment min-mtu seconds Reassembly timeout in seconds. Enter an integer from to 1 to 30. The default is 5. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-674 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ft-port vlan (ACE appliance only) To configure one of the Ethernet ports or a port-channel interface on the ACE for fault tolerance using a dedicated FT VLAN for communication between the members of an FT group, use the ft-port vlan command in interface configuration mode. Use the no form of this command to remove the FT VLAN function from an Ethernet port or port-channel interface. ft-port vlan number no ft-port vlan number Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines Peer ACE appliances communicate with each other over a dedicated FT VLAN. These redundant peers use the FT VLAN to transmit and receive heartbeat packets and state and configuration replication packets. On both peer ACE appliances, you must configure the same Ethernet port or the same port-channel interface as the FT VLAN port. For example, if you configure ACE appliance 1 to use Ethernet port 4 as the FT VLAN port, then be sure to configure ACE appliance 2 to use Ethernet port 4 as the FT VLAN port. It is not necessary to create an FT VLAN before designating an Ethernet port or port-channel interface as the FT VLAN port. When you specify the ft-port vlan command, the ACE modifies the associated Ethernet port or port-channel interface to a trunk port. We recommend that you enable QoS on the FT VLAN port to provide higher priority for FT traffic (see the (config-if) qos trust cos command). For details on configuring redundant ACE appliances, including an FT VLAN, see the Administration Guide, Cisco ACE Application Control Engine. Examples To configure FT VLAN identifier 60 for Ethernet port 3, enter: host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config-if)# ft-port vlan 60 To remove the FT VLAN from the Ethernet port, enter: host1/Admin(config-if)# no ft-port vlan 60 Related Commands show interface number Unique identifier for the FT VLAN. Valid values are from 2 to 4094. ACE Appliance Release Modification A1(7) This command was introduced.2-675 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) icmp-guard To enable the ICMP security checks in the ACE after they have been disabled, use the icmp-guard command. This feature is enabled by default. Use the no form of this command to disable the ICMP security checks. icmp-guard no icmp-guard Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines By default, the ACE provides several ICMP security checks by matching ICMP reply packets with request packets and using mismatched packets to detect attacks. Also, the ACE forwards ICMP error packets only if a connection record pertaining to the flow for which the error packet was received exists. Caution If you disable the ACE ICMP security checks, you may expose your ACE and your data center to potential security risks. After you enter the no icmp-guard command, the ACE no longer performs Network Address Translation (NAT) translations on the ICMP header and payload in error packets, which potentially can reveal real host IP addresses to attackers. If you want to operate your ACE as a load balancer only, use the no icmp-guard command to disable the ACE ICMP security checks. You must also disable TCP normalization by using the no normalization command. For details about operating your ACE for load balancing only, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To enable the ACE ICMP security checks after you have disabled them, enter: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# icmp-guard To disable ACE ICMP security checks, enter: host1/Admin(config-if)# no icmp-guard ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-676 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Related Commands (config-if) normalization2-677 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip address To assign an IPv6 or an IPv4 address to a bridge-group virtual interface (BVI) or a VLAN interface, use the ip address command. Use the no form of this command to remove an IP address from an interface. ip address {ipv6_address [/prefix_length] [eui64 | link-local | unique-local]} | {ipv4_address mask [secondary]} no ip address {ipv6_address [/prefix_length] [eui64 | link-local | unique-local]} | {ipv4_address mask [secondary]} Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History ipv6_address IPv6 address of the interface. /prefix_length (Optional, except for EUI-64) Specifies how many of the most significant bits (MSBs) of the IPv6 address are used for the network identifier. Enter a a forward slash character (/) followed by an integer from 1 to 128. The default is /128. If you use the optional eui64 keyword, you must specify a prefix length and the prefix must be less than or equal to 64. eui64 (Optional) Specifies that the low order 64 bits are automatically generated in the IEEE 64-bit Extended Unique Identifier (EUI-64) format specified in RFC 2373. To use this keyword, you must specify a prefix length, the prefix must be less than or equal to 64, and the host segment must be all zeros. link-local (Optional) Specifies that the address is valid only for the current link. unique-local (Optional) Specifies that this address is globally unique and used only for local communications within a site or organization. ipv4_address IPv4 address of the interface. mask Subnet mask of the interface. secondary (Optional) Configures the address as a secondary IPv4 address allowing multiple subnets under the same interface. You can configure a maximum of 15 secondary addresses per interface. The ACE has a system limit of 1,024 secondary addresses. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.0) The secondary option was added. A2(3.1) The number of secondary addresses increased from 4 to 15. A4(1.0) The number of secondary addresses decreased from 15 to 4. A4(1.1) The number of secondary addresses increased from 4 to 15. A5(1.0) Added IPv6 support.2-678 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Usage Guidelines To process IPv6 traffic on an interface, you must configure the ipv6 enable command on that interface. You can configure one IPv6 link-local and one IPv6 local-unique address on an interface. If you configure additional addresses of either type, the existing address is overwritten. Caution Do not configure under a real server a peer IPv6 address that is calculated from EUI64. In a redundant configuration, if you configure a peer IPv6 address as EUI64 on an interface, the address will not be learned by the active member of an FT group because the address is calculated only on the peer. If you then configure the same calculated IPv6 address on the active under a real server, the CLI accepts it because it does not calculate it. This IPv6 address is not synced to the standby because it conflicts with the interface address. If you subsequently apply a probe to the real server, the state of the real server is PROBE-FAILED on the active and OUTOFSERVICE on the standby. This same check applies to VIPs, routes, interfaces, and probes. When you assign an IPv4 address to an interface, the ACE automatically makes the interface routed. You must configure a primary IPv4 address for the interface to allow a VLAN to become active. The primary address must be active before a secondary address can be active. An interface can have only one primary IPv4 address. When you configure access to an interface, the ACE applies it to all IPv4 addresses configured on the interface. The ACE treats the secondary addresses the same as a primary address and handles IP broadcasts and ARP requests for the subnet that is assigned to the secondary address as well as the interface routes in the IP routing table. The ACE accepts client, server, or remote access traffic on the primary and secondary addresses. When the destination for the control plane (CP)-originated packets is Layer 2 adjacent to either the primary subnet or one of the secondary subnets, the ACE uses the appropriate primary or secondary interface IP address for the destination subnet as the source IP address. For any destination that is not Layer 2 adjacent, the ACE uses the primary address as the source IP address. For packets destined to the secondary IP address, the ACE sends the response with the secondary IP address as the source address. SSL probes use the primary IP address as the source address for all the destinations. You cannot configure secondary IP addresses on FT VLANs. When you configure a query interface to assess the health of the active FT group member, it uses the primary IP address. You must configure static ARP entries for bridged interfaces on the specific interface. In a single context, you must configure each interface address on a unique subnet; the addresses cannot overlap. However, the IP subnet can overlap an interface in different contexts. You must configure a unique IP address across multiple contexts on a shared VLAN. On a nonshared VLAN, the IP address can be the same. No routing occurs across contexts even when shared VLANs are configured. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The secondary option was added. A4(1.1) The number of secondary addresses increased from 4 to 15. A5(1.0) Added IPv6 support.2-679 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Examples IPv6 Examples To configure an IPv6 link-local address on VLAN 100, enter the following commands: host1/Admin(config)# interface VLAN 100 host1/Admin(config-if)# ip address FE80:DB8:1::1 link-local To remove a link-local address from an interface, enter the following commands: host1/Admin(config)# interface VLAN 100 host1/Admin(config-if)# no ip address FE80:DB8:1::1 link-local IPv4 Examples To set the IPv4 address of 192.168.1.1 255.255.255.0 for VLAN interface 200, enter: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# ip address 192.168.1.1 255.255.255.0 To assign a secondary IP address and mask 193.168.1.1 255.255.255.0 to VLAN interface 200, enter the following command: host1/Admin(config-if)# ip address 192.168.1.2 255.255.255.0 secondary To remove the IP address for the VLAN, enter: host1/Admin(config-if)# no ip address 192.168.1.1 255.255.255.0 To remove a secondary IP address for the VLAN, enter: host1/Admin(config-if)# no ip address 192.168.1.2 255.255.255.0 secondary Related Commands show arp show interface show ip2-680 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip df To configure how the ACE handles an IP packet that has its Don’t Fragment (DF) bit set on a VLAN interface, use the ip df command. Use the no form of this command to instruct the ACE to ignore the DF bit. ip df {clear | allow} no ip df Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Occasionally, an ACE may receive a packet that has its DF bit set in the IP header. This flag tells network routers and the ACE not to fragment the packet and to forward it in its entirety. Examples To clear the DF bit and permit the packet, enter: host1/Admin(config-if)# ip df clear To instruct the ACE to ignore the DF bit, enter: host1/Admin(config-if)# no ip df Related Commands This command has no related commands. clear Clears the DF bit and permits the packet. If the packet is larger than the next-hop maximum transmission unit (MTU), the ACE fragments the packet. allow Permits the packet with the DF bit set. This is the default. If the packet is larger than the next-hop MTU, the ACE discards the packet and sends an ICMP unreachable message to the source host. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-681 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip dhcp relay enable To accept Dynamic Host Configuration Protocol (DHCP) requests on a VLAN interface, use the ip dhcp relay enable command. Use the no form of this command to disable DHCP on the interface. ip dhcp relay enable no ip dhcp relay enable Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The DHCP relay starts forwarding packets to the DHCP server address specified in the ip dhcp relay server command for the associated interface or context. Examples To enable the DHCP relay on the interface, enter: host1/Admin(config-if)# ip dhcp relay enable To disable the DHCP relay on the interface, enter: host1/Admin(config-if)# no ip dhcp relay enable Related Commands (config-if) ip dhcp relay enable (config-if) ip dhcp relay server ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-682 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip dhcp relay server To set the IP address of a Dynamic Host Configuration Protocol (DHCP) server to which the DHCP relay agent forwards client requests on a VLAN interface, use the ip dhcp relay server command. Use the no form of this command to remove the IP address of the DHCP server. ip dhcp relay server ip_address no ip dhcp relay server ip_address Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify the IP address for the DHCP relay server, enter: host1/Admin(config-if)# ip dhcp relay server 192.168.20.1 To remove the IP address of the DHCP server, enter: host1/Admin(config-if)# no ip dhcp relay server 192.168.20.1 Related Commands This command has no related commands. ip_address IP address of the DHCP server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-683 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip options To configure how the ACE handles IP options and to perform specific actions when an IP option is set in a packet for a VLAN interface, use the ip options command. Use the no form of this command to instruct the ACE to ignore the IP option. ip options {allow | clear | clear-invalid | drop} no ip options Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To allow packets with IP options set, enter: host1/Admin(config-if)# ip options allow To reset the ACE to its default of clearing all IP options if the ACE encounters one or more invalid or unsupported IP options, enter: host1/Admin(config-if)# no ip options Related Commands This command has no related commands. allow Allows the packet with the IP options set. clear Clears the specified option from the packet and allows the packet. clear-invalid Clears all IP options from the packet if the ACE encounters one or more invalid or unsupported IP options and allows the packet. This option is the default. drop Causes the ACE to discard the packet. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-684 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip route inject vlan (ACE module only) To advertise a VLAN for route health injection (RHI) that is different from the VIP interface VLAN, use the ip route inject vlan command. By default, the ACE advertises the VLAN of the VIP interface for RHI. Use the no form of this command to restore the ACE default behavior of advertising the VIP interface VLAN for RHI. ip route inject vlan vlan_id no ip route inject vlan vlan_id Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Use this command when there is no directly shared VLAN between the ACE and the Catalyst 6500 series supervisor. This topology can occur when there is an intervening device, for example, a Cisco Firewall Services Module (FWSM), configured between the ACE and the supervisor. Be sure to configure this command on the VIP interface of the ACE. Examples To advertise route 200 for RHI, enter: host1/Admin(config-if)# ip route inject vlan 200 To restore the ACE default behavior of advertising the VIP interface VLAN for RHI, enter: host1/Admin(config-if)# no ip route inject vlan 200 Related Commands This command has no related commands. vlan_id Interface shared between the supervisor and the intervening device. Enter the ID as an integer from 2 to 4090. ACE Module Release Modification A2(1.0) This command was introduced.2-685 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip ttl minimum To set the packet time-to-live (TTL) hops in the IP header on a VLAN interface, use the ip ttl minimum command. By default, the ACE does not rewrite the TTL value of a packet. Use the no form of this command to reset the default behavior. ip ttl minimum number no ip ttl minimum Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Each router along the packet’s path decrements the TTL by one. If the packet’s TTL equals 0 before the packet reaches its destination, the packet is discarded. If the TTL value of the incoming packet is lower than the configured minimum value, the ACE rewrites the TTL with the configured value. Otherwise, the ACE transmits the packet with its TTL unchanged or discards the packet if the TTL equals zero. This command applies to both IPv4 and IPv6 flows. The configured value replaces the TTL in an IPv4 packet and the hop limit in an IPv6 packet if the original value is lower. Examples To set the TTL hops to 15, enter: host1/Admin(config-if)# ip ttl minimum 15 To instruct the ACE to ignore the TTL value, enter: host1/Admin(config-if)# no ip ttl minimum Related Commands This command has no related commands. number Minimum number of hops that a packet can take to reach its destination. Enter an integer from 1 to 255 seconds. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-686 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ip verify reverse-path To enable reverse-path forwarding (RPF) based on the source IP address for a VLAN interface, use the ip verify reverse-path command. By default, URPF is disabled on the interface. Use the no form of this command to reset the default behavior. ip verify reverse-path no ip verify reverse-path Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Unicast reverse-path forwarding (URPF) helps to mitigate problems caused by the introduction of malformed or forged (spoofed) IP source addresses into a network by allowing the ACE to discard IP packets that lack a verifiable source IP address. This feature enables the ACE to filter both ingress and egress packets to verify addressing and route integrity. The route lookup is typically based on the destination address, not the source address. When you enable URPF, the ACE discards packets if no route is found or if the route does not match the interface on which the packet arrived. You cannot use this command when RPF based on the source MAC address for a VLAN interface is enabled through the (config-if) mac-sticky enable command. Examples To enable RPF, enter: host/Admin(config-if)# ip verify reverse-path To disable RPF, enter: host/Admin(config-if)# no ip verify reverse-path Related Commands (config-if) mac-sticky enable ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-687 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 dhcp relay enable To configure the ACE to accept DHCP requests from IPv6 clients on the associated context or VLAN interface and enable the DHCP relay agent, use the ipv6 dhcp relay enable command. Use the no form of this command to disable DHCP relay on the specified context or interface. ipv6 dhcp relay enable no ipv6 dhcp relay enable Syntax Description This command has no keywords or arguments. Command Modes Configuration mode and interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To enable the DHCP relay agent globally for all VLAN interfaces associated with a context, enter the following command: host1/Admin(config)# ipv6 dhcp relay enable To enable the DHCP relay agent at the VLAN interface level, enter the following command: host1/Admin(config)# ipv6 dhcp relay enable host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 dhcp relay enable To disable the DHCP relay agent globally for VLAN interfaces in a context where DHCP relay is not explicitly configured, enter the following command: host1/Admin(config)# no ipv6 dhcp relay enable To disable the DHCP relay agent on a VLAN interface, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# no ipv6 dhcp relay enable Related Commands show ipv6 (config-if) ipv6 dhcp relay fwd-interface (config-if) ipv6 dhcp relay server ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-688 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 dhcp relay fwd-interface To configure a forwarding VLAN interface that the ACE uses to forward DHCP requests, use the ipv6 dhcp relay fwd-interface command. Use the no form of this command to remove the forwarding VLAN interface from the configuration. ipv6 dhcp relay fwd-interface vlan vlan_id no ipv6 dhcp relay fwd-interface vlan vlan_id Syntax Description Command Modes Configuration mode and interface configuration mode Admin and user contexts Command History Usage Guidelines When you configure this command, the ACE uses the specified VLAN interface to forward all client DHCP requests to the All_DHCP_Relay_Agents_and_Servers address of FF02::1:2. Examples To configure VLAN200 as the DHCP forwarding VLAN interface, enter the following command: host1/Admin(config)# ipv6 dhcp relay fwd-interface vlan 200 To remove the forwarding VLAN interface from the configuration, enter the following command: host1/Admin(config)# no ipv6 dhcp relay fwd-interface vlan 200 Related Commands show ipv6 (config-if) ipv6 dhcp relay enable (config-if) ipv6 dhcp relay server vlan vlan_id Specifies the VLAN interface number that the ACE uses to forward DHCP requests. Enter the number of an existing VLAN interface as an integer from 2 to 4094. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-689 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 dhcp relay server To set the IP address of a DHCP server to which the DHCP relay agent forwards client requests, use the ipv6 dhcp relay server command. Use the no form of this command to remove the IPv6 address of a DHCP server from a VLAN interface. ipv6 dhcp relay server ipv6_address [fwd-interface vlan vlan_id] no ipv6 dhcp relay server ipv6_address [fwd-interface vlan vlan_id] Syntax Description Command Modes Configuration mode and interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set the IPv6 address of a DHCPv6 relay server globally for all interfaces associated with a context, enter: host1/Admin(config)# ipv6 dhcp relay enable host1/Admin(config)# ipv6 dhcp relay server 2001:DB8:1::1/64 To set the IPv6 address of a DHCP relay server at the VLAN interface level, enter: host1/Admin(config)# interface vlan 50 host1/Admin(config-if)# ipv6 dhcp relay enable host1/Admin(config-if)# ipv6 dhcp relay server 2001:DB8:1::1/64 To set the IPv6 address of a DHCPv6 server that is reachable on its link-local address, enter the following commands: host1/Admin(config)# interface vlan 50 host1/Admin(config-if)# ipv6 dhcp relay enable host1/Admin(config-if)# ipv6 dhcp relay server fe80::250:56ff:fe90:2c fwd-interface vlan 100 To remove the IP address of a DHCP server from a VLAN interface, enter: host1/Admin(config)# interface vlan 50 host1/Admin(config-if)# no ipv6 dhcp relay server 2001:DB8:1::1/64 ipv6_address Specifies the IPv6 address of the destination DHCPv6 server fwd-interface vlan vlan_id (Optional) Specifies the outgoing forwarding interface if the DHCP server address is a link-local address ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-690 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Related Commands show ipv6 (config-if) ipv6 dhcp relay enable (config-if) ipv6 dhcp relay fwd-interface2-691 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 enable To enable IPv6 on an interface, use the ipv6 enable command. By default, IPv6 is disabled on an interface. Use the no form of this command to reset the default behavior. The syntax of this command is as follows; ipv6 enable no ipv6 enable Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The interface cannot be in bridged mode. The interface may or may not have IPv4 addresses configured on it. Examples To enable IPv6 processing on an interface, enter: host/Admin(config-if)# ipv6 enable To disable IPv6 processing on an interface, enter: host/Admin(config-if)# no ipv6 enable Related Commands ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-692 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 extension-header To configure how the ACE processes IPv6 extension headers, use the ipv6 extension-header command. Use the no form of this command to return the ACE behavior to the default of dropping packets that contain an extension header with an invalid option. ipv6 extension-header {allow | clear | clear-invalid | drop} no ipv6 extension-header {allow | clear | clear-invalid | drop} Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The default option is drop. There is no provision to selectively choose which extension header to act on. Examples To configure the ACE to clear IPv6 extension headers and allow the packet, enter the following commands: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# ipv6 extension-header clear To reset the behavior of the ACE to the default of dropping packets with invalid IPv6 extension headers, enter the following command: host1/Admin(config-if)# no ipv6 extension-header Related Commands This command has no related commands. allow If a packet contains an IPv6 extension header, the ACE allows the packet with all the header options clear If a packet contains an IPv6 extension header, the ACE clears all the IPv6 extension header options and allows the packet clear-invalid If a packet contains an IPv6 extension header and one of the header options is invalid, the ACE clears all the extension header options and allows the packet drop (Default) If the packet contains an IPv6 extension header and one of the header options is invalid, theACE drops the packet ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-693 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 fragment chain To configure the maximum number of fragments belonging to the same packet that the ACE accepts for reassembly, use the ipv6 fragment chain command. Use the no form of this command to reset the maximum number of fragments in a packet to the default of 24. ipv6 fragment chain number no ipv6 fragment chain number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The default option is drop. There is no provision to selectively choose which extension header to act on. Examples To set the IPv6 fragment chain limit as 48, enter the following command: host1/C1(config-if)# ipv6 fragment chain 48 To reset the maximum number of fragments in a packet to the default of 24, enter the following command: host1/C1(config-if)# no ipv6 fragment chain Related Commands (config-if) ipv6 fragment min-mtu (config-if) ipv6 fragment timeout number Specifies the fragment chain limit as an integer from 1 to 256 fragments. The default is 24 fragments. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-694 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 fragment min-mtu To configure the minimum fragment size that the ACE accepts for reassembly, use the ipv6 fragment min-mtu command. Use the no form of this command to reset the minimum fragment size to the default value of 1280 bytes. ipv6 fragment min-mtu number no ipv6 fragment min-mtu number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the minimum IPv6 fragment size that the ACE accepts for reassembly, enter the following command: host1/C1(config-if)# ipv6 fragment min-mtu 1024 To reset the minimum fragment size to the default value of 1280 bytes, enter the following command: host1/C1(config-if)# no ipv6 fragment min-mtu Related Commands (config-if) ipv6 fragment chain (config-if) ipv6 fragment timeout number Specifies the minimum fragment size as an integer from 68 to 1280 bytes. The default is 1280 bytes. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-695 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 fragment timeout To configure the IPv6 reassembly timeout, use the ipv6 fragment timeout command. Use the no form of this command to reset the fragment timeout to the default value of 60 seconds. ipv6 fragment timeout seconds no ipv6 fragment timeout seconds Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The IPv6 reassembly timeout specifies the period of time after which the ACE abandons the fragment reassembly process if it does not receive any outstanding fragments for the current fragment chain (fragments that belong to the same packet). Examples To set the fragment reassembly timeout to 30 seconds, enter the following command: host1/C1(config-if)# ipv6 fragment timeout 30 To reset the fragment timeout to the default value of 60 seconds, enter the following command: host1/C1(config-if)# no ipv6 fragment timeout Related Commands (config-if) ipv6 fragment chain (config-if) ipv6 fragment min-mtu seconds Specifies the fragment reassembly timeout. Enter an integer from 1 to 60 seconds. The default is 60 seconds. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-696 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 icmp-guard To enable the ICMP security checks in the ACE after they have been disabled, use the ipv6 icmp-guard command. This feature is enabled by default. Use the no form of this command to disable the ICMP security checks. ipv6 icmp-guard no ipv6 icmp-guard Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Use the no form of this command as part of an overall strategy to operate the ACE as a pure server load balancer. For details, see Chapter 1, Overview, in the Server Load-Balancing Guide, Cisco ACE Application Control Engine. The ACE provides several ICMP security checks by matching ICMP reply packets with request packets and using mismatched packets to detect attacks. Also, the ACE forwards ICMP error packets only if a connection record exists pertaining to the flow for which the error packet was received. By default, the ACE ICMP security checks are enabled. Caution Disabling the ACE ICMPv6 security checks may expose your ACE and your data center to potential security risks. After you enter the no ipv6 icmp-guard command, the ACE no longer performs NAT translations on the ICMPv6 header and payload in error packets, which potentially can reveal real host IPv6 addresses to attackers. When the ipv6 icmp-guard command is enabled, only the "Packet Too Big” ICMPv6 message is allowed. To allow other ICMPv6 error messages (for example, the “Time Exceeded” message or the “Parameter Problem” message), the ipv6 icmp-guard command should be disabled. Examples To disable ICMPv6 security checks on interface VLAN 100, enter: host1/C1(config)# interface vlan 100 host1/C1(config-if)# no ipv6 icmp-guard To reenable ICMPv6 security checks, enter: host1/C1(config-if)# ipv6 icmp-guard ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-697 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Related Commands (config-if) ipv6 normalization2-698 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 mtu To specify the maximum transmission unit (MTU) for an IPv6 VLAN interface, use the ipv6 mtu command. This command allows you to set the data size that is sent on a Layer 3 IPv6 connection. Use the no form of this command to reset the MTU block size to the default of 1500 bytes for Layer 3 interfaces. ipv6 mtu bytes no ipv6 mtu Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The default MTU is a 1500-byte block for Layer 3 interfaces. This value is sufficient for most applications, but you can pick a lower number if network conditions require it. The ACE fragments packets that are larger than the MTU value before sending them to the next hop. This command is valid only for Layer 3 interfaces (VLANs or BVIs). The ACE will not recognize this command on a transparent (Layer 2) interface. Examples To specify the MTU data size of for a Layer 3 interface, enter the following command: host1/admin(config-if)# ipv6 mtu 1300 To reset the MTU block size to the default value of 1500 for Layer 3 interfaces, enter: host1/admin(config-if)# no ipv6 mtu Related Commands show interface bytes Number of bytes in the MTU. Enter a number from 1280 to 9216 bytes. The default is 1500. ACE Release Modification A5(1.0) This command was introduced.2-699 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd dad-attempts To set the number of times that the ACE solicits its neighbors for duplicate address detection (DAD) information on the local link, use the ipv6 nd dad-attempts command. Use the no form of this command to reset the ACE behavior to the default of sending NS messages for DAD once. ipv6 nd dad-attempts number noipv6 nd dad-attempts number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the ACE to send NS messages three times for DAD, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd dad-attempts 3 To reset the ACE behavior to the default of sending NS messages for DAD once, enter the following command: host1/Admin(config-if)# no ipv6 nd dad-attempts Related Commands number Specifies the number of times that the ACE sends NS messages to its neighbors on the local link for DAD. Enter an integer from 0 to 255. The default is 1. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-700 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd managed-config-flag To instruct the ACE to notify hosts that they should use Dynamic Host Configuration Protocol (DHCP) for address configuration, use the ipv6 nd managed-config-flag command. Use the no form of this command to reset the ACE behavior to the default of not notifying hosts to use DHCP. ipv6 nd managed-config-flag no ipv6 nd managed-config-flag Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To advertise route 200 for RHI, enter: host1/Admin(config-if)# ip route inject vlan 200 To restore the ACE default behavior of advertising the VIP interface VLAN for RHI, enter: host1/Admin(config-if)# no ip route inject vlan 200 Related Commands This command has no related commands. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-701 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd ns-interval To configure the interval at which the ACE sends neighbor solicitation (NS) messages for duplicate address detection (DAD) attempts, use the ipv6 nd ns-interval command. Use the no form of this command to reset the NS interval to the default value of 1000 msecs. ipv6 nd ns-interval interval no ipv6 nd ns-interval interval Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The ACE sends neighbor solicitation messages via ICMPv6 on the local link to determine the IPv6 addresses of nearby nodes (hosts or routers). Examples To configure an NS frequency of 36000 msecs, enter the following commands: host1/Admin(config)# interface VLAN 100 host1/Admin(config-if)# ipv6 nd ns-interval 36000 To reset the NS interval to the default value of 1000 msecs, enter the following commands: host1/Admin(config)# interface VLAN 100 host1/Admin(config-if)# no ipv6 nd ns-interval 36000 Related Commands (config) ipv6 nd interval ns-interval Indicates the frequency of the neighbor solicitation (NS) messages that are sent by the ACE. interval Specifies the frequency in milliseconds (msecs) of the NS messages that are sent by the ACE. Enter an integer from 1000 to 2147483647. The default is 1000 msecs. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-702 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd other-config-flag To notify hosts that they should use DHCP for nonaddress configurations, use the ipv6 nd other-config-flag command. Use the no form of this command to reset the ACE behavior to the default of not notifying hosts to use DHCP for nonaddress configurations. ipv6 nd other-config-flag no ipv6 nd other-config-flag Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct hosts to use DHCP for nonaddress configurations, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd other-config-flag To reset the ACE behavior to the default of not notifying hosts to use DHCP for nonaddress configurations, enter the following command: host1/Admin(config-if)# no ipv6 nd other-config-flag Related Commands ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-703 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd prefix To configure the prefixes that the ACE advertises in RA messages on the local link, use the ipv6 nd prefix command. Use the no form of this command to remove the prefix from RA messages. ipv6 nd prefix ipv6_address/prefix_length [no-advertise | no-autoconfig | off-link | [pref-lt | valid-lt {number | infinite}]] no ipv6 nd prefix ipv6_address/prefix_length [no-advertise | no-autoconfig | off-link | [pref-lt | valid-lt {number | infinite}]] Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines You can configure a maximum of two prefixes for RA. Examples To configure the prefixes that the ACE advertises in RA messages, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd prefix 2001:DB8:1::2/64 valid-lt 3000000 To remove the prefix from RA messages, enter the following command: ipv6_address Specifies the prefix that the ACE advertises in RA messages. prefix_length no-advertise (Optional) Instructs the ACE to not advertise the prefix. no-autoconfig (Optional) Specifies that the prefix should not be used for autoconfiguration. off-link (Optional) Flag related to the L-bit as defined in RFC 2461. When you specify the optional off-link keyword, the L-bit flag is turned off, which indicates that the specified prefix should not be used for onlink determination. However, when the L-bit is enabled (the default setting), it indicates in the router advertisement messages that the specified prefix is assigned to the local link. Therefore, nodes sending traffic to addresses that contain the specified prefix consider the destination to be locally reachable on the link. valid-lt number pref-lt number—(Optional) Length of time in seconds that prefix is preferred. For the number argument, enter an integer from 0 to 2147483647 The default is 604800 (seven days). valid-lt number valid-lt number—(Optional) Length of time in seconds that the prefix is valid. For the number argument, enter an integer from 0 to 2147483647. The default is 2592000 seconds (30 days). infinite (Optional) Specified that the prefix never expires. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-704 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands host1/Admin(config-if)# no ipv6 nd prefix 2001:DB8:1::2/64 valid-lt 3000000 Related Commands2-705 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd ra hop-limit To configure the hop limit in the IPv6 header that the ACE’s neighbors should use when originating IPv6 packets, use the ipv6 nd ra hop-limit command. Use the no form of this command to reset the hop limit to the default value of 64. ipv6 nd ra hop-limit number no ipv6 nd ra hop-limit number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the number of hops that neighbors should use when originating IPv6 packets, enter the following command: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd ra hop-limit 32 To reset the hop limit to the default of 64, enter the following command: host1/Admin(config-if)# no ipv6 nd ra hop-limit 32 Related Commands (config-if) ipv6 nd ra interval (config-if) ipv6 nd ra lifetime (config-if) ipv6 nd ra suppress number Specifies the number of hops that neighbors should use when they originate IPv6 packets. Enter an integer from 0 to 255. The default is 64. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-706 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd ra interval To configure the rate at which the ACE sends router advertisement (RA) messages, use the ipv6 nd ra interval command. Use the no form of this command to reset the interval to the default of 600 seconds (10 minutes). ipv6 nd ra interval number no ipv6 nd ra interval number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the ACE to send RA messages every 900 seconds (15 minutes), enter the following command: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd ra interval 900 To reset the interval to the default of 600 seconds (10 minutes), enter the following command: host1/Admin(config-if)# no ipv6 nd ra interval Related Commands (config-if) ipv6 nd ra hop-limit (config-if) ipv6 nd ra lifetime (config-if) ipv6 nd ra suppress number specifies the rate in seconds at which the ACE sends RA messages to other nodes on the local link. Enter an integer from 4 to 1800. The default is 600. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-707 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd ra lifetime The router advertisement (RA) lifetime is the length of time that neighboring nodes should consider the ACE as the default router before they send RS messages again. To configure the RA lifetime, use the ipv6 nd ra lifetime command. Use the no form of this command to reset the interval to the default of 600 seconds (10 minutes). ipv6 nd ra lifetime number no ipv6 nd ra lifetime number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure an RA lifetime of 2400 seconds (40 minutes), enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd ra lifetime 2400 To reset the RA lifetime to the default of 1800 seconds (30 minutes), enter the following command: host1/Admin(config-if)# no ipv6 nd ra lifetime Related Commands (config-if) ipv6 nd ra hop-limit (config-if) ipv6 nd ra interval (config-if) ipv6 nd ra suppress number Specifies the length of time in seconds that the neighboring nodes should consider the ACE as the default router. Enter an integer from 0 to 9000. The default is 1800 seconds (30 minutes). ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-708 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd ra suppress To configure the ACE to not respond to router solicitation (RS) messages, use the ipv6 nd ra suppress command. Use the no form of this command to return the ACE to the default behavior of automatically responding to RS messages. ipv6 nd ra suppress no ipv6 nd ra suppress Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the ACE to not send RA messages to neighbors in response to RS messages, enter the following commands; host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd ra suppress To reset the ACE behavior to the default of always sending RA messages in response to RS messages, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# no ipv6 nd ra suppress Related Commands (config-if) ipv6 nd ra hop-limit (config-if) ipv6 nd ra interval (config-if) ipv6 nd ra lifetime ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-709 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd reachable-time To configure the neighbor reachable time, use the ipv6 nd reachable-time command. Use the no form of this command to reset the reachable time value to the default of 0 milliseconds (msecs). ipv6 nd reachable-time number no ipv6 nd reachable-time number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The reachable time parameter specifies the time in milliseconds during which a host considers a peer as reachable following the host’s receipt of a reachability confirmation from the peer. A reachability confirmation can be an NA or NS message or any upper protocol traffic. The ACE sends the reachable time value in RA messages in response to RS messages. Examples To configure the ACE to send a reachable time value of 2000 msecs, enter the following commands; host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd reachable-time 2000 To restore the reachable time value to the default of 1000 msecs, enter the following command: host1/Admin(config-if)# no ipv6 nd reachable-time Related Commands number Specifies the length of time in milliseconds (msecs) after which a node is considered reachable. Enter an integer from 0 to 3600000 msecs. The default is 0. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-710 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 nd retransmission-time To configure the time during which NS messages (including DAD) are retransmitted, use the ipv6 nd retransmission-time command. Use the no form of this command to restore the NS retransmission time value to the default of 0 milliseconds (msecs). ipv6 nd retransmission-time number no ipv6 nd retransmission-time number Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The ND retransmission time is related to RA and applies to hosts. Examples To configure the NS retransmission time for hosts, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 nd retransmission-time 1000 To restore the NS retransmission time value to the default of 0 msecs, enter the following command: host1/Admin(config-if)# no ipv6 nd retransmission-time Related Commands number Specifies the time in seconds during which NS messages are retransmitted. Enter an integer from 0 to 3600000. The default is 0. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-711 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 neighbor To configure a static ND entry that maps an IPv6 address to a Layer 2 address, use the ipv6 neighbor command. Use the no form of this command to remove the static ND entry. ipv6 neighbor ipv6_address mac_address no ipv6 nd ns-interval interval Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The ACE stores the static neighbor entry in the ND cache. Examples To configure a static ND entry, enter the following commands: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# ipv6 neighbor 2001:DB8:1::2 00-0c-f1-56-98-ad To remove the static ND entry, enter the following command: host1/Admin(config)# interface vlan 100 host1/Admin(config-if)# no ipv6 neighbor Related Commands This command has no related commands. ipv6_address IPv6 address of the host. mac_address Layer 2 media access control (MAC) address. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-712 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 normalization To enable TCP normalization on an IPv6 interface after it has been disabled, use the ipv6 normalization command. This feature is enabled by default. Use the no form of this command to disable TCP normalization. ipv6 normalization no ipv6 normalization Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines By default, TCP normalization is enabled. Caution If you disable TCP normalization, you may expose your ACE and your data center to potential security risks. TCP normalization helps protect the ACE and the data center from attackers by enforcing strict security policies that are designed to examine traffic for malformed or malicious segments. To operate your ACE for load balancing only, disable TCP normalization by entering the no ipv6 normalization command. You must also disable the ACE Internet Control Message Protocol (ICMP) security checks by using the no icmp-guard command. For details about operating your ACE as a load balancer only, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Disabling TCP normalization affects only Layer 4 traffic. TCP normalization is always enabled for Layer 7 traffic. Use the no ipv6 normalization command when you encounter the following two types of asymmetric flows, which would otherwise be blocked by the normalization checks that the ACE performs: • ACE sees only the client-to-server traffic. For example, for a TCP connection, the ACE sees the SYN from the client, but not the SYN-ACK from the server. In this case, apply the no ipv6 normalization command to the client-side VLAN. • ACE sees only the server-to-client traffic. For example, for a TCP connection, the ACE receives a SYN-ACK from the server without having received the SYN from the client. In this case, apply the no ipv6 normalization command to the server-side VLAN. With TCP normalization disabled, the ACE still sets up flows for the asymmetric traffic described above and makes entries in the connection table. Note that the ACE does not check the TCP flags and TCP state of the connection. If a connection is in the half-closed state and a new SYN arrives, the connection is still used but the states do not change. Once the connection is closed properly, the extra ACK from the server goes through as a routed connection and the address is not masked to originate from the VIP. ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-713 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands With TCP normalization enabled, when the ACE receives the final ACK, the ACE removes the entry from the connection table. Even if FIN/ACK retransmission occurs, the ACE drops this packet due to TCP normalization feature. This means that the client cannot receive the final ACK and keeps the LAST_ACK state until half-close timeout occurs by the client. Examples To enable TCP normalization after you have disabled it, enter: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# ipv6 normalization To disable TCP normalization, enter: host1/Admin(config-if)# no ipv6 normalization Related Commands (config-if) ipv6 icmp-guard2-714 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 route inject vlan To advertise an ACE module IPv6 VLAN for route health injection (RHI) that is different from the VIP interface VLAN, use the ipv6 route inject vlan command. Use the no form of this command to restore the ACE module default behavior of advertising the VIP interface VLAN for RHI. ipv6 route inject vlan vlan_id no ipv6 route inject vlan vlan_id Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines This command requires the routing feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use this command when there is no directly shared VLAN between the ACE module and the Catalyst 6500 series supervisor engine. This topology can occur when there is an intervening device, for example, a Cisco Firewall Services Module (FWSM), configured between the ACE module and the supervisor engine. Be sure to configure this command on the VIP interface of the ACE module. Examples To advertise VLAN 200 for RHI, enter: host1/Admin(config-if)# ipv6 route inject vlan 200 To restore the ACE module default behavior of advertising the VIP interface VLAN for RHI, enter: host1/Admin(config-if)# no ipv6 route inject vlan 200 Related Commands This command has no related commands. vlan_id The IPv6 interface shared between the supervisor engine and the intervening device. Enter it as an integer from 2 to 4090. ACE Module Release Modification A5(1.0) This command was introduced.2-715 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) ipv6 verify reverse-path To enable unicast reverse-path forwarding (URPF) based on the source IPv6 address for a VLAN interface, use the ip verify reverse-path command. By default, URPF is disabled on the interface. Use the no form of this command to disable URPF after it has been enabled. ipv6 verify reverse-path no ipv6 verify reverse-path Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines URPF helps to mitigate problems caused by the introduction of malformed or forged (spoofed) IPv6 source addresses into a network by allowing the ACE to discard IPv6 packets that lack a verifiable source IP address. This feature enables the ACE to filter both ingress and egress packets to verify addressing and route integrity. The route lookup is typically based on the destination address, not the source address. When you enable URPF, the ACE discards packets if no route is found or if the route does not match the interface on which the packet arrived. You cannot use this command when URPF based on the source MAC address for a VLAN interface is enabled through the (config-if) mac-sticky enable command. Examples To enable URPF, enter: host/Admin(config-if)# ipv6 verify reverse-path To disable URPF, enter: host/Admin(config-if)# no ipv6 verify reverse-path Related Commands (config-if) mac-sticky enable ACE Module/Appliance Release Modification A5(1.0) This command was introduced.2-716 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) mac-address autogenerate To enable the autogeneration of a MAC address on a VLAN interface, use the mac-address autogenerate command. Use the no form of this command to disable MAC address autogeneration. mac-address autogenerate no mac-address autogenerate Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Command HistoryA Usage Guidelines By default, the ACE does not allow traffic from one context to another context over a transparent firewall. The ACE assumes that VLANs in different contexts are in different Layer-2 domains, unless it is a shared VLAN. Thus the ACE allocates the same MAC address to them. When using a firewall service module (FWSM) to bridge traffic between two contexts on the ACE, two Layer-3 VLANs must be assigned to the same bridge domain. To support this configuration, these VLAN interfaces require different MAC addresses. When you issue the mac-address autogenerate command, the ACE assigns a MAC address from the bank of MAC address for shared VLANs. If you issue the no mac-address autogenerate command, the interface retains this address. To revert to a MAC address for an unshared VLAN, you must delete the interface and then readd it. Examples To enable MAC address autogeneration on the VLAN, enter: host1/Admin(config-if)# mac-address autogenerate To disable MAC address autogeneration on the VLAN, enter: host1/Admin(config-if)# no mac-address autogenerate Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-717 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) mac-sticky enable To enable the mac-sticky feature for a VLAN interface, use the mac-sticky command. The mac-sticky feature ensures that the ACE sends return traffic to the same upstream device through which the connection setup from the original client was received. By default, the mac-sticky feature is disabled on the ACE. Use the no form of this command to disable the mac-sticky feature, resetting the default behavior of the ACE performing a route lookup to select the next hop to reach the client. mac-sticky enable no mac-sticky enable Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines When you use this command to enable the mac-sticky feature, the ACE uses the source MAC address from the first packet of a new connection to determine the device to send the return traffic. This guarantees that the ACE sends the return traffic for load-balanced connections to the same device originating the connection. By default, the ACE performs a route lookup to select the next hop to reach the client. This feature is useful when the ACE receives traffic from Layer-2/Layer-3 adjacent stateful devices, like firewalls and transparent caches, guaranteeing that it sends return traffic to the correct stateful device that sourced the connection without any requirement for source NAT. For more information on firewall load balancing, see the Security Guide, Cisco ACE Application Control Engine. You cannot use this command when RPF based on the source IP address for a VLAN interface is enabled through the (config-if) ip verify reverse-path command. Examples To enable the mac-sticky feature, enter: host/Admin(config-if)# mac-sticky enable To disable the mac-sticky feature, enter: host/Admin(config-if)# no mac-sticky enable ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-718 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Related Commands (config-if) ip verify reverse-path2-719 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) mtu To specify the maximum transmission unit (MTU) for a VLAN interface, use the mtu command. This command allows you to set the data size that is sent on a connection. Use the no form of this command to reset the MTU block size to the default of 1280 (IPv6) or 1500 (IPv4) for Ethernet interfaces. mtu bytes no mtu Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines The default MTU is a 1500-byte block for Ethernet interfaces. This value is sufficient for most applications, but you can pick a lower number if network conditions require it. The ACE fragments packets that are larger than the MTU value before sending them to the next hop. Examples To specify the MTU data size of for an Ethernet interface, enter the following command: host1/admin(config-if)# mtu 1300 To reset the MTU block size to the default value of 1500 for Ethernet interfaces, enter: host1/admin(config-if)# no mtu Related Commands show interface bytes Number of bytes in the MTU. For IPv6, enter a number from 1280 to 9216 bytes. The default is 1500. For IPv4, enter a number from 64 to 9216 bytes. The default is 1500. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Modified range and default for IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Modified range and default for IPv6 support.2-720 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) nat-pool To create a pool of IP addresses for dynamic Network Address Translation (NAT) for a VLAN interface, use the nat-pool command. Use the no form of this command to remove a NAT pool from the configuration. nat-pool nat_id {ipv6_address1[/prefix_length] [ipv6_address2[/prefix_length]]} | {ipv4_address1 [ipv4_address2] netmask mask} [pat] no nat-pool nat_id ip_address1 [ip_address2] netmask mask [pat] Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History nat_id Identifier of the NAT pool of global IP addresses. Enter an integer from 1 to 2147483647. ipv6_address1 [/prefix_length] Single IPv6 address and optional prefix length, or if you are also using the ipv6_address2 argument, the first IP address in a range of global addresses used for NAT. ipv6_address2 [/prefix_length] (Optional) Highest IPv6 address and optional prefix length in a range of global IPv6 addresses used for NAT. You can configure a maximum of 64 K addresses in a NAT pool. ip_address1 Single IP address, or if also using the ip_address2 argument, the first IP address in a range of global addresses used for NAT. Enter an IP address in dotted-decimal notation (for example, 172.27.16.10). ip_address2 (Optional) Highest IP address in a range of global IP addresses used for NAT. Enter an IP address in dotted-decimal notation (for example, 172.27.16.109). netmask mask Specifies the subnet mask for the IP address pool. Enter a mask in dotted-decimal notation (for example, 255.255.255.0). If you do not specify a network mask for the global IP addresses in the pool, the ACE, by default, uses the network mask of the interface to which the pool is attached. pat (Optional) Specifies that the ACE perform Port Address Translation (PAT) in addition to NAT. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-721 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Usage Guidelines Dynamic NAT uses a pool of global IP addresses that you specify. You can define either a single global IP address for a group of servers with PAT to differentiate between them or a range of global IP addresses when using dynamic NAT only. To use a single IP address or a range of addresses, you assign an identifier to the address pool. You then associate the NAT pool with a global interface that is different from the interface that you use to filter and receive NAT traffic. The ACE allows you to configure a virtual IP (VIP) address in the NAT pool for dynamic NAT and PAT. This action is useful when you want to source NAT real server originated connections (bound to the client) using the VIP address. This feature is specifically useful when there are a limited number of real world IP addresses on the client-side network. To perform PAT for different real servers that are source-NATed to the same IP address (VIP), you must configure the pat keyword in the nat-pool command. If a packet egresses an interface that you have not configured for NAT, the ACE transmits the packet untranslated. If the ACE runs out of IP addresses in a NAT pool, it can switch over to a PAT rule, if configured. For example, you can configure the following: nat-pool 1 10.1.100.10 10.1.100.99 netmask 255.255.255.255 nat-pool 1 10.1.100.100 10.1.100.100 netmask 255.255.255.255 pat Examples IPv6 Example To configure a NAT pool that consists of a range of global IPV6 addresses with PAT, enter: host1/C1(config-if)# nat-pool 1 2001:DB8:1::/64 2001:DB8:1::1/64 pat IPv4 Example To configure a NAT pool that consists of a range of 100 global IPv4 addresses with PAT, enter: host1/C1(config-if)# nat-pool 1 172.27.16.10 172.27.16.109 netmask 255.255.255.0 pat Related Commands show nat-fabric (config-pmap-lb-c) nat dynamic (config-if) normalization To enable TCP normalization, use the normalization command. This feature is enabled by default. Use the no form of this command to disable TCP normalization. normalization no normalization Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts2-722 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Command History Usage Guidelines By default, TCP normalization is enabled. Caution If you disable TCP normalization, you may expose your ACE and your data center to potential security risks. TCP normalization helps protect the ACE and the data center from attackers by enforcing strict security policies that are designed to examine traffic for malformed or malicious segments. To operate your ACE for load balancing only, disable TCP normalization by entering the no normalization command. You must also disable the ACE Internet Control Message Protocol (ICMP) security checks by using the no icmp-guard command. For details about operating your ACE as a load balancer only, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Disabling TCP normalization affects only Layer 4 traffic. TCP normalization is always enabled for Layer 7 traffic. Use the no normalization command when you encounter the following two types of asymmetric flows, which would otherwise be blocked by the normalization checks that the ACE performs: • ACE sees only the client-to-server traffic. For example, for a TCP connection, the ACE sees the SYN from the client, but not the SYN-ACK from the server. In this case, apply the no normalization command to the client-side VLAN. • ACE sees only the server-to-client traffic. For example, for a TCP connection, the ACE receives a SYN-ACK from the server without having received the SYN from the client. In this case, apply the no normalization command to the server-side VLAN. With TCP normalization disabled, the ACE still sets up flows for the asymmetric traffic described above and makes entries in the connection table. Note that the ACE does not check the TCP flags and TCP state of the connection. If a connection is in the half-closed state and a new SYN arrives, the connection is still used but the states do not change. Once the connection is closed properly, the extra ACK from the server goes through as a routed connection and the address is not masked to originate from the VIP. With TCP normalization enabled, when the ACE receives the final ACK, the ACE removes the entry from the connection table. Even if FIN/ACK retransmission occurs, the ACE drops this packet due to TCP normalization feature. This means that the client cannot receive the final ACK and keeps the LAST_ACK state until half-close timeout occurs by the client. Examples To enable TCP normalization after you have disabled it, enter: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# normalization To disable TCP normalization, enter: host1/Admin(config-if)# no normalization Related Commands (config-if) icmp-guard ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-723 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) normalization send-reset To enable sending a RST to the peer so it can reset its TCP connections for any non-SYN packets that are a connection miss, use the normalization send-reset command. This feature is disabled by default. Use the no form of this command to disable the normalization RST function. When disabled, the ACE silently drops any non-SYN packet when there is no flow. normalization send-reset no normalization send-reset Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Ensure that TCP normalization is enabled through the normalization command and that the switch mode feature is disabled (the switch-mode command in configuration mode). Examples To enable sending a RST to the peer so it can reset its TCP connections for any non-SYN packets, enter: host1/Admin(config)# interface vlan 200 host1/Admin(config-if)# normalization host1/Admin(config-if)# normalization send-reset To disable the normalization RST function, enter: host1/Admin(config-if)# no normalization send-reset Related Commands (config-if) normalization (config) switch-mode (config-if) peer ip address To configure the IP address of a standby ACE for the bridge-group virtual interface (BVI) or VLAN interface, use the peer ip address command. Use the no form of this command to delete the IP address of the peer ACE. peer ip address {ipv6_address [/prefix_length] [eui64 | link-local | unique-local]} {ipv4_address mask [secondary]} ACE Module/Appliance Release Modification A4(1.1) This command was introduced.2-724 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands no peer ip address {ipv6_address [/prefix_length] [eui64 | link-local | unique-local]} {ipv4_address mask [secondary]} Syntax Description Command Modes Interface configuration mode for BVI and VLAN interfaces Admin and user contexts Command History ipv6_address IPv6 address of the interface. /prefix_length (Optional, except for EUI-64) Specifies how many of the most significant bits (MSBs) of the IPv6 address are used for the network identifier. Enter a a forward slash character (/) followed by an integer from 1 to 128. The default is /128. If you use the optional eui64 keyword, you must specify a prefix length and the prefix must be less than or equal to 64. eui64 (Optional) Specifies that the low order 64 bits are automatically generated in the IEEE 64-bit Extended Unique Identifier (EUI-64) format specified in RFC 2373. To use this keyword, you must specify a prefix length, the prefix must be less than or equal to 64, and the host segment must be all zeros. link-local (Optional) Specifies that the address is valid only for the current link. unique-local (Optional) Specifies that this address is globally unique and used only for local communications within a site or organization. ipv4_address IPv4 address of the interface. mask Subnet mask of the interface. secondary (Optional) Configures the address as a secondary IPv4 address allowing multiple subnets under the same interface. You can configure a maximum of 15 secondary addresses per interface. The ACE has a system limit of 1,024 secondary addresses. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.0) The secondary option was added. A2(3.1) The number of secondary addresses increased from 4 to 15. A4(1.0) The number of secondary addresses decreased from 15 to 4. A4(1.1) The number of secondary addresses increased from 4 to 15. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) The secondary option was added. A4(1.1) The number of secondary addresses increased from 4 to 15. A5(1.0) Added IPv6 support.2-725 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Usage Guidelines When you configure redundancy, configuration mode on the standby ACE is disabled by default and changes on an active ACE are automatically synchronized to the standby ACE. However, interface IP addresses on the active and standby ACEs must be unique. To ensure that the addresses on the interfaces are unique, the interface IP address on the active ACE is synchronized to the standby ACE as the peer IP address. To configure an interface IP address on the standby ACE, use the peer ip address command. The peer IP address on the active ACE is synchronized on the standby ACE as the interface IP address. You must configure a unique IP address across multiple contexts on a shared VLAN. On a nonshared VLAN, the IP address can be the same. You can configure only one IPv6 peer link-local or IPv6 peer unique local address on an interface. Any additional peer link-local or peer unique local address that you configure will overwrite the existing one. When the destination for the control plane (CP)-originated packets is Layer 2 adjacent to either the primary subnet or one of the secondary subnets, the ACE always uses the appropriate primary or secondary interface IP address that belongs to the destination subnet as the source IP address. For any destination that is not Layer 2 adjacent, the ACE uses the primary address as the source IP address. SSL probes always uses the primary IP address as the source address for all destinations. You cannot configure secondary IPv4 addresses on FT VLANs. Examples To configure an IP address and mask for the peer ACE, enter: host1/Admin(config-if)# peer ip address 11.0.0.81 255.0.0.0 To configure a secondary IP address and mask for the peer ACE ACE, enter: host1/Admin(config-if)# peer ip address 12.0.0.81 255.0.0.0 secondary To delete the IP address for the peer ACE ACE, enter: host1/Admin(config-if)# no peer ip address 11.0.0.81 255.0.0.0 To delete the secondary IP address for the peer ACE ACE, enter: host1/Admin(config-if)# no peer ip address 12.0.0.81 255.0.0.0 secondary Related Commands show interface2-726 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) port-channel load-balance (ACE appliance only) To set the load-distribution method among the ports in the EtherChannel bundle, use the port-channel load-balance command. Use the no form of the command to remove the load-distribution method. port-channel load-balance {dst-ip | dst-mac | dst-port | src-dst-ip | src-dst-mac | src-dst-port | src-ip | src-mac | src-port} no port-channel load-balance {dst-ip | dst-mac | dst-port | src-dst-ip | src-dst-mac | src-dst-port | src-ip | src-mac | src-port} Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines An EtherChannel balances the traffic load across the links in the EtherChannel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the channel. EtherChannel load balancing can use MAC addresses or IP addresses, Layer 4 port numbers, source addresses, destination addresses, or both source and destination addresses. Use the option that provides the load-balance criteria with the greatest variety in your configuration. For example, if the traffic on an EtherChannel is going to a single MAC address only and you use the destination MAC address as the basis of EtherChannel load balancing, the EtherChannel always chooses the same link in the EtherChannel. Examples To configure an EtherChannel to balance the traffic load across the links using source or destination IP addresses, enter: host1/Admin(config)# interface gigabitEthernet 1/1 host1/Admin(config-if)# port-channel load-balance src-dst-ip Related Commands This command has no related commands. dst-ip Loads the distribution on the destination IP address dst-mac Loads the distribution on the destination MAC address dst-port Loads the distribution on the destination TCP or UDP port src-dst-ip Loads the distribution on the source or destination IP address src-dst-mac Loads the distribution on the source or destination MAC address src-dst-port Loads the distribution on the source or destination port src-ip Loads the distribution on the source IP address src-mac Loads the distribution on the source MAC address src-port Loads the distribution on the TCP or UDP source port ACE Appliance Release Modification A1(7) This command was introduced.2-727 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) qos trust cos (ACE appliance only) To enable Quality of Service (QoS) for a configured physical Ethernet port that is based on VLAN Class of Service (CoS) bits, use the qos trust cos command. Use the no form of the command to disable QoS for the Ethernet port. qos trust cos no qos trust cos Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin context only Command History Usage Guidelines QoS is configured at the physical port level. When you enable QoS on a trusted port, traffic is mapped into different ingress queues based on their VLAN CoS bits. If there are no VLAN CoS bits, or QoS is not enabled on the port (untrusted port), the traffic is then mapped into the lowest priority queue. You can enable QoS for an Ethernet port configured for fault tolerance (see (config-if) ft-port vlan). In this case, heartbeat packets are always tagged with COS bits set to 7 (a weight of High). We recommend that you enable QoS on the FT VLAN port to provide higher priority for FT traffic. QoS is configurable only for a physical Ethernet port and is not VLAN interface-based. Examples To enable QoS for Ethernet port 3, enter: host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config-if)# qos trust cos To disable QoS for the Ethernet port, enter: host1/Admin(config-if)# no qos trust cos Related Commands show interface ACE Appliance Release Modification A3(1.0) This command was introduced.2-728 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) remove-eth-pad To enable an internal length check and remove a trailing byte appended to the end of an Ethernet IP packet coming into the ACE, use the remove-eth-pad command. This check is performed on the VLAN interface and is disabled by default. Use the no form of the command to disable an internal length check and the removal of the trailing byte. remove-eth-pad no remove-eth-pad Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples To enable an internal length check and remove the trailing byte appended to the end of an Ethernet IP packet coming into the ACE, enter: host1/Admin(config)# interface vlan 3 host1/Admin(config-if)# remove-eth-pad To disable an internal length check and the removal of the trailing byte, enter: host1/Admin(config-if)# no remove-eth-pad Related Commands show interface ACE Module Release Modification A2(1.6) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-729 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) service-policy input To apply a previously created policy map and attach the traffic policy to the input direction of a VLAN interface, use the service-policy input command Use the no form of this command to remove a service policy. service-policy input policy_name no service-policy input policy_name Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines When you enter the service-policy command in configuration mode, the policy maps that are applied globally in a context are applied on all interfaces that exist in the context. A policy activated on an interface overwrites any specified global policies for overlapping classifications and actions. The ACE allows only one policy of a specific feature type to be activated on a given interface. Examples To apply the L4SLBPOLICY policy map to an interface, enter: host1/C1(config-if)# service-policy input L4SLBPOLICY To remove the L4SLBPOLICY policy map from the interface, enter: host1/C1(config-if)# no service-policy input L4SLBPOLICY Related Commands show service-policy (config) service-policy policy_name Name of a previously defined policy map, configured with a previously created policy-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-730 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) shutdown To disable a bridge-group virtual interface (BVI) or VLAN interface, use the shutdown command. Use the no form of this command to enable the interface. shutdown no shutdown Syntax Description This command has no keywords or arguments. Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines When you create an interface, the interface is in the shutdown state until you enable it. If you disable or reenable the interface within a context, only that context interface is affected. To enable a bridge-group virtual interface (BVI), VLAN interface, VLAN trunking, or for an ACE Appliance, Ethernet port or port-channel interface, use the no shutdown command in interface configuration mode. This puts the interface in the Up administrative state. To disable a bridge-group virtual interface (BVI), VLAN interface, VLAN trunking, or for an ACE Appliance, Ethernet port or port-channel interface, use the shutdown command in interface configuration mode. This puts the interface in the Down administrative state. When you enable the interface, all of its configured primary and secondary addresses are enabled. You must configure a primary IP address to enable an interface. The ACE does not enable an interface with only secondary addresses. When you disable an interface, all of its configured primary and secondary addresses are disabled. Examples To disable an interface, enter: host1/Admin(config-if)# shutdown To enable an interface for use, enter: host1/Admin (config-if)# no shutdown ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-731 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Related Commands show interface show running-config2-732 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) speed (ACE appliance only) To configure the Ethernet port speed for a setting of 10, 100, or 1000 Mbps, use the speed command in interface configuration mode. The default speed for an ACE interface is autonegotiate. Use the no form of the command to return to the default Ethernet port speed setting. speed {1000M | 100M | 10M | auto} no speed Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines By default, the ACE automatically uses the autonegotiate setting for Ethernet port speed and duplex mode parameters to allow the ACE to negotiate the speed and duplex mode between ports. If you manually configure the port speed and duplex modes, follow these guidelines: • The ACE prevents you from making a duplex setting when you configure the speed of an Ethernet port to auto. The speed command must be a non-auto setting of 10, 100, or 1000 Mbps to be able to configure the duplex setting for the Ethernet port. • If you configure an Ethernet port speed to a value other than auto (for example, 10, 100, or 1000 Mbps), ensure that you configure the connecting port to match. Do not configure the connecting port to negotiate the speed through the auto keyword. • The ports on both ends of a link must have the same setting. The link will not come up if the port at each end of the connecting interface has a different setting. • If you enter the no speed command, the ACE automatically configures both the speed and duplex settings to auto. The ACE cannot automatically negotiate interface speed and duplex mode if you configure the connecting interface to a value other than auto. If you configure the Ethernet port speed to auto, the ACE automatically sets the duplex mode to auto. 1000M Initiates 1000-Mbps operation. 100M Initiates 100-Mbps operation. 10M Initiates 10-Mbps operation. auto Enables the ACE to autonegotiate with other devices for speeds of 10, 100, or 1000 Mbps. If you set the Ethernet port speed to auto, the ACE automatically sets the duplex mode to auto. This is the default setting. ACE Appliance Release Modification A1(7) This command was introduced.2-733 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Examples To set the speed to 1000 Mbps on Ethernet port 3, enter: host1/Admin(config)# interface gigabitEthernet 1/3 host1/Admin(config-if)# speed 1000M To restore the default setting of autonegotiate for an Ethernet port, enter: host1/Admin(config-if)# no speed Related Commands (config-if) duplex2-734 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) switchport access vlan (ACE appliance only) To configure an access port to a specific VLAN for either an Ethernet interface or a Layer 2 EtherChannel interface, use the switchport access vlan command in interface configuration mode. Use the no form of the command to reset the access mode to the default VLAN 1. switchport access vlan number no switchport access vlan number Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines On the ACE, ports are assigned to a single VLAN. These ports are referred to as access ports and provide a connection for end users or node devices, such as a router or server. By default, all devices are assigned to VLAN 1, known as the default VLAN. You can configure a trunk on a single Ethernet port or on a port-channel interface (EtherChannel). It is not necessary to create a VLAN interface before configuring an access VLAN. To configure a VLAN interface and access its mode to configure its attributes, use the interface vlan command in configuration mode for the context. When you assign a VLAN as the access port for a specific Ethernet port or port-channel interface, the VLAN is reserved and cannot be configured as a VLAN trunk. A VLAN access port and a VLAN trunk cannot coexist for the same Ethernet port or port-channel interface. If you specify both configurations for the same Ethernet port or port-channel interface, the most recent configuration will overwrite the older configuration. If you have QoS enabled for a physical Ethernet port (see the “(config-if) qos trust cos” command) that has been designated as an FT VLAN port (see the “(config-if) ft-port vlan” command), do not configure this Ethernet port as a VLAN access port. In this configuration, the QoS setting for redundancy traffic, such as heartbeat packets or TCP tracking probes, may not be handled properly by the ACE and FT traffic may be dropped when there is network congestion. Examples To configure VLAN 101 as an access port for Ethernet port 4, enter: host1/Admin(config)# interface gigabitEthernet 1/4 host1/Admin(config-if)# switchport access vlan 101 To configure VLAN 101 as an access port for EtherChannel 255, enter: host1/Admin(config)# interface port-channel 255 host1/Admin(config-if)# switchport access vlan 101 number VLAN number that you want to configure as the IEEE 802.1Q native VLAN when operating in trunking mode. Valid values are from 1 to 4094. The default is VLAN 1. ACE Appliance Release Modification A1(7) This command was introduced.2-735 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands To reset the access mode to the default VLAN 1, enter: host1/Admin(config)# interface gigabitEthernet 1/4 host1/Admin(config-if)# no switchport access vlan 101 Related Commands (config) interface2-736 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) switchport trunk allowed vlan (ACE appliance only) To specify which VLANs are to be allocated to a trunk link, use the switchport trunk allowed vlan command in interface configuration mode. To remove a VLAN from the trunk link, use the no form of the command. switchport trunk allowed vlan vlan_list no switchport trunk allowed vlan vlan_list Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines You cannot remove VLAN 1. If you remove VLAN 1 from a trunk, the trunk interface continues to send and receive management traffic in VLAN 1. You can selectively allocate individual VLANs to a trunk link. All added VLANs are active on a trunk link, and as long as the VLAN is available for use, traffic for that VLAN is carried across the trunk link. It is not necessary to create a VLAN interface before you allocate a VLAN to an Ethernet port or port-channel interface (EtherChannel). To configure a VLAN interface and access its mode to configure its attributes, use the interface vlan command in configuration mode for the context. If you configure a VLAN on a trunk, you cannot configure the VLAN as the access port for a specific Ethernet port or port-channel interface. A VLAN access port and a VLAN trunk cannot coexist for the same Ethernet port or port-channel interface. If you specify both configurations for the same Ethernet port or port-channel interface, the most recent configuration will overwrite the older configuration. When allocating VLANs to ports, overlapping is not allowed. For example, if you associate VLAN 10 with Ethernet port 1, you cannot associate VLAN 10 with another Ethernet port. If you have QoS enabled for a physical Ethernet port (see the “(config-if) qos trust cos” command) that has been designated as an FT VLAN port (see the “(config-if) ft-port vlan” command), do not configure the FT VLAN as an 802.1Q native VLAN. In this configuration, the QoS setting for redundancy traffic, such as heartbeat packets or TCP tracking probes, may not be handled properly by the ACE and FT traffic may be dropped when there is network congestion. vlan_list The allowed VLANs that transmit this interface in tagged format when in trunking mode. The vlan_list argument can be one of the following: • Single VLAN number • Range of VLAN numbers separated by a hyphen • Specific VLAN numbers separated by commas Valid entries are 1 through 4094. Do not enter any spaces between the dash-specified ranges or the comma-separated numbers in the vlan_list argument. ACE Appliance Release Modification A1(7) This command was introduced.2-737 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands Examples To add VLANs 101, 201, and 250 through 260 to the defined list of VLANs currently set for Ethernet port 4, enter: host1/Admin(config)# interface gigabitEthernet 1/4 host1/Admin(config-if)# switchport trunk allowed vlan 101,201,250-260 To remove VLANs 101 through 499 from the defined list of VLANs currently set for Ethernet port 4, enter: host1/Admin(config)# interface gigabitEthernet 1/4 host1/Admin(config-if)# no switchport trunk allowed vlan 101-499 Related Commands (config) interface2-738 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) switchport trunk native vlan (ACE appliance only) To set the IEEE 802.1Q native VLAN for a trunk, use the switchport trunk native vlan command in interface configuration mode. Use the no form of the command to revert to the default of VLAN 1. switchport trunk native vlan number no switchport trunk native vlan number Syntax Description Command Modes Interface configuration mode Admin context only Command History Usage Guidelines You can only have one assigned native VLAN. The native VLAN is the VLAN that is assigned to all ports in the ACE. By default, all interfaces are in VLAN 1 on the ACE, and VLAN 1 is the native VLAN. Depending on your network needs, you may change the native VLAN to be other than VLAN 1. When configuring 802.1Q trunking, you must match the native VLAN across the link. Because the native VLAN is untagged, you must keep the native VLAN the same on each side of the trunk line. The native VLAN must match on both sides of the trunk link for 802.1Q; otherwise, the link will not work. It is not necessary to create a VLAN interface setting the 802.1Q native VLAN for a trunk. To configure a VLAN interface and access its mode to configure its attributes, use the interface vlan command in configuration mode for the context. Examples To specify VLAN 3 as the 802.1Q native VLAN for the trunk, enter: host1/Admin(config)# interface port-channel 255 host1/Admin(config-if)# switchport trunk native vlan 3 To revert to the default of VLAN 1, enter: host1/Admin(config-if)# no switchport trunk native vlan Related Commands (config) interface number VLAN number that you want to configure as the 802.1Q native VLAN when operating in trunking mode. Valid values are from 1 to 4094. The default is VLAN 1. ACE Appliance Release Modification A1(7) This command was introduced.2-739 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) syn-cookie To configure SYN-cookie-based DoS protection, use the syn-cookie command. Use the no form of this command to remove SYN-cookie DoS protection from the interface. syn-cookie number no syn-cookie Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines Keep in mind the following guidelines when you use the SYN cookie feature: • If the server drops the SYN that is sent by the ACE, the ACE resets the connection using the embryonic timeout. It does not retry the SYN packet. • A SYN cookie supports only the MSS TCP option. The ACE ignores all other TCP options, even if there are problems with those other options. • The ACE returns an MSS of 536 to the client, which is the RFC-specified default. • If you use a parameter map to specify the minimum and maximum MSS values, the ACE ignores those values. • Disabling normalization and using a SYN cookie concurrently may result in unpredictable behavior. • The ACE does not generate any syslogs for a SYN cookie, even if the number of embryonic connections exceeds the configured threshold, which may indicate a SYN-flood attack. • (ACE module only) When you configure SYN cookie protection, the ACE calculates the internal embryonic connection threshold value for each network processor (NP) as configured_threshold ÷ 4 (fractions are not disregarded). For example, if you configure the threshold as 6, the ACE applies the threshold to each NP in a round-robin fashion in the order shown, which results in the following threshold distribution: – NP1=2 – NP2=2 number Embryonic connection threshold above which the ACE applies SYN-cookie DoS protection. Enter an integer from 1 to 65535. ACE Module Release Modification A2(1.0) This command was introduced. A4(1.0) The embryonic connection threshold range changed to 1 to 65535 (from 2 to 65535). ACE Appliance Release Modification A3(1.0) This command was introduced.2-740 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands – NP3=1 – NP4=1 Because of this internal division of the threshold value, you may occasionally observe that SYN cookie protection is applied before the embryonic connection count reaches the configured threshold value. For example, suppose that you configure a threshold value of 4. Because the threshold value is divided by four internally for each NP, the internally calculated threshold is 1. After one incomplete connection attempt (SYN) is sent to an NP, the ACE activates SYN cookie protection and intercepts the second SYN going to that same NP. • If you are configuring the SYN cookie feature on a bridged VLAN with non-loadbalanced flows, you must configure static routes for non-loadbalanced destinations that do not reside in the same subnet as the bridge-group virtual interface (BVI). IPv6 Configuration For example, assuming the following IPv6 configuration: – BVI IPv6 address is 2001:DB8:1::1 – Gateway1 IPv6 address 2001:DB8:1::2 to reach external network 2001:DB8:2::1 – Gateway2 IPv6 address 2001:DB8:1::3 to reach external network 2001:DB8:3::1 Configure the following static routes: – ip route 2001:DB8:2::1/64 2001:DB8:1::2 – ip route 2001:DB8:3::1/64 2001:DB8:1::3 IPv4 Configuration For example, assuming the following IPv4 configuration: – BVI IPv4 address is 192.168.1.1 – Gateway1 IPv4 address 192.168.1.2 to reach external network 172.16.1.0 – Gateway2 IPv4 address 192.168.1.3 to reach external network 172.31.1.0 Configure the following static routes: – ip route 172.16.1.0 255.255.255.0 192.168.1.2 – ip route 172.31.1.0 255.255.255.0 192.168.1.3 Examples To configure SYN-cookie DoS protection for servers in a data center connected to VLAN 100, enter: host1/C1(config)# interface vlan 100 host1/C1(config-if)# syn-cookie 4096 To remove SYN-cookie DoS protection from the interface, enter: host1/C1(config-if)# no syn-cookie Related Commands show interface show running-config2-741 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands (config-if) udp To enable the UDP booster feature for applications that require very high UDP connection rates, use the udp command in interface configuration mode. The syntax of this command is as follows: udp {ip-source-hash | ip-destination-hash} no udp Syntax Description Command Modes Interface configuration mode Admin and user contexts Command History Usage Guidelines For the UDP booster feature to work, you must configure both command keywords on their respective interfaces. Do not configure this feature with NAT or with any Layer 7 feature, for example, per-packet UDP load balancing (also called UDP fast-age) using the loadbalance vip udp-fast-age command. Otherwise, unexpected results may occur. For detailed information concerning this feature and its configuration, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To configure the UDP booster feature on the client VLAN 100, enter: host1/C1(config)# interface vlan 100 host1/C1(config-if)# udp ip-source-hash To configure the UDP booster feature on the server VLAN 200, enter: host1/C1(config)# interface vlan 200 host1/C1(config-if)# udp ip-destination-hash To remove the UDP booster feature from an interface, enter: ip-source-hash Instructs the ACE to hash the source IP address of UDP packets that hit a source-hash VLAN interface prior to performing a connection match. Configure this keyword on a client-side interface. ip-destination-hash Instructs the ACE to hash the destination IP address of UDP packets that hit a destination-hash VLAN interface prior to performing a connection match. Configure this keyword on a server-side interface. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-742 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Interface Configuration Mode Commands host1/C1(config-if)# no udp Related Commands show interface show running-config2-743 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands KAL-AP UDP Configuration Mode Commands KAL-AP UDP Configuration Mode Commands The ACE supports secure KAL-AP for MD5 encryption of data between the ACE and the Global Site Selector (GSS). To configure secure KAL-AP on the ACE, access KAL-AP UDP configuration mode using the kalap udp command. The CLI prompt changes to (config-kalap-udp). Use the no form of this command to return to configuration mode (or use the exit command). kalap udp no kalap udp Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The ACE supports secure KAL-AP for MD5 encryption of data between the ACE and the GSS. For encryption, you must configure a shared secret as a key for authentication between the GSS and the ACE context. Examples To enter KAL-AP UDP configuration mode, enter: host1/Admin(config)# kalap udp host1/Admin(config-kalap-udp)# Related Commands show kalap udp load show running-config (config-kalap-udp) ip address ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-744 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands KAL-AP UDP Configuration Mode Commands (config-kalap-udp) ip address To enable secure KAL-AP, you configure the VIP address to the GSS and the shared secret using the ip address command. Use the no form of this command to remove the VIP address and the shared secret from the configuration. ip address ip_address encryption md5 secret no ip address ip_address Syntax Description Command Modes KAL-AP UDP configuration mode Admin and user contexts Command History Usage Guidelines The ACE supports secure KAL-AP for MD5 encryption of data between the ACE and the Global Site Selector (GSS). For encryption, you must configure a shared secret as a key for authentication between the GSS and the ACE context. Examples To enable secure KAL-AP and configure the VIP address for the GSS and the shared secret, enter: host1/Admin(config)# kalap udp host1/Admin(config-kalap-udp)# ip address 10.1.0.1 encryption md5 andromeda To disable secure KAL-AP, enter: host1/Admin(config-kalap-udp)# no ip address 10.1.0.1 Related Commands show kalap udp load show running-config (config) kalap udp ip_address VIP address for the GSS. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). secret Shared secret between the GSS and the ACE. Enter the shared secret as a case-sensitive string with no spaces and a maximum of 31 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-745 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands LDAP Configuration Mode Commands LDAP Configuration Mode Commands LDAP configuration mode commands allow you to configure multiple Lightweight Directory Access Protocol (v3) (LDAP) servers as a named AAA server group. You specify the IP address of one or more previously configured LDAP servers that you want added to or removed from a AAA server group with configuration parameters such as the user profile attribute, the base DN, and the filter to use in the search request. For details about creating an LDAP server group, see the Security Guide, Cisco ACE Application Control Engine. To create an LDAP server group and access the LDAP server configuration mode, use the aaa group server ldap command in configuration mode. The CLI prompt changes to (config-ldap). Use the no form of this command to remove an LDAP server group. aaa group server ldap group_name no aaa group server ldap group_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines All commands in this mode require the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A server group is a list of server hosts. The ACE allows you to configure multiple AAA servers as a named server group. You group the different AAA server hosts into distinct lists. The ACE searches for the server hosts in the order in which you specify them within a group. You can configure a maximum of 10 server groups for each context in the ACE. You can configure LDAP server groups at any time, but you must enter the aaa authentication login command to apply the groups to the AAA service. ldap Specifies an LDAP directory server group. group_name Name for the group of LDAP servers. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-746 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands LDAP Configuration Mode Commands Examples To create an LDAP server group, enter: host1/Admin(config) aaa group server ldap LDAP_Server_Group1 host1/Admin(config-ldap)# server 172.16.56.76 host1/Admin(config-ldap)# server 172.16.56.77 host1/Admin(config-ldap)# server 172.16.56.78 Related Commands (config) aaa authentication login (config-ldap) attribute user-profile To specify the user profile attribute that the Lightweight Directory Access Protocol (LDAP) server group uses, use the attribute user-profile command. Use the no form of this command to delete a user profile attribute from the LDAP server group. attribute user-profile text no attribute user-profile text Syntax Description Command Modes LDAP configuration mode Admin and user contexts Command History Usage Guidelines The user profile attribute type is a mandatory configuration for an LDAP server group. Without this setting, the user profile attribute cannot be retrieved by the LDAP server. The user profile attribute type is a private attribute. In this case, the LDAP server database should use the same attribute type for the user profile. The LDAP client (the ACE) sends the search request with this attribute type as the attribute that it wants to download. If the lookup was successful, the search response contains this attribute value. The attribute value should contain a string that represents the user role and domain pair for this particular context. Examples To configure a user profile attribute for the LDAP server group, enter: host1/Admin(config)# aaa group server ldap LDAP_Server_Group1 text User profile. The user profile is an unquoted text string of a maximum of 63 alphanumeric characters without spaces. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-747 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands LDAP Configuration Mode Commands host1/Admin(config-ldap)# attribute user-profile usrprof Related Commands (config) aaa group server2-748 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands LDAP Configuration Mode Commands (config-ldap) baseDN To configure the base distinguished name (DN) that you want to use to perform search operations in the LDAP directory tree, use the baseDN command. A baseDN can take a form such as dc=your,dc=domain, where the base DN uses the DNS domain name as its basis and is split into the domain components. Use the no form of this command to delete a configured baseDN for the LDAP server group. baseDN text no baseDN text Syntax Description Command Modes LDAP configuration mode Admin and user contexts Command History Usage Guidelines The base DN is a mandatory configuration for an LDAP server group. Without this setting, a user cannot be authenticated. Examples To configure the base DN for the LDAP server group, enter: host1/Admin(config)# aaa group server ldap LDAP_Server_Group1 host1/Admin(config-ldap)# baseDN "dc=sns,dc=cisco,dc=com" To delete the configured base DN, enter: host1/Admin(config-ldap)# no baseDN "dc=sns,dc=cisco,dc=com" Related Commands (config) aaa group server text Distinguished name of the search base. The baseDN name is a quoted text string of a maximum of 63 alphanumeric characters without spaces. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-749 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands LDAP Configuration Mode Commands (config-ldap) filter search-user To configure a search request sent by the Lightweight Directory Access Protocol (LDAP) client to the server to find the user’s node in the Directory Information Tree (DIT), use the filter search-user command. The $user and $contextid are substituted with actual values when sending the request. Use the no form of this command to delete the search request from the LDAP server group. filter search-user text no filter search-user text Syntax Description Command Modes LDAP configuration mode Admin and user contexts Command History Usage Guidelines The search filter is a mandatory configuration for an LDAP server group. Without this setting, a user cannot be authenticated. The search filter should follow the format defined in RFC 2254. The LDAP client sends the search request with the configured search filter after replacing the $userid and $contextid with the userid that the client is trying to authenticate and the associated virtual context name.The ACE allows $userid and $contextid to be used as placeholders for user ID and context ID. Examples To configure a search request for the LDAP server group, enter: host1/Admin(config)# aaa group server ldap LDAP_Server_Group1 host1/Admin(config-ldap)# filter search-user "(&(objectclass=person) (&(cn=$userid)(cid=$contextid)))" To delete the search request, enter: host1/Admin(config-ldap)# no filter search-user "(&(objectclass=person)(&(cn=$userid)(cid=$contextid)))" Related Commands (config) aaa group server text Search request. The search filter is a quoted text string of a maximum of 63 alphanumeric characters without spaces. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-750 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands LDAP Configuration Mode Commands (config-ldap) server To specify the IP address of one or more previously configured Lightweight Directory Access Protocol (LDAP) servers that you want added to or removed from the AAA server group, use the server command. Use the no form of this command to remove the server from the AAA server group. server ip_address no server ip_address Syntax Description Command Modes LDAP configuration mode Admin and user contexts Command History Usage Guidelines You can add multiple LDAP servers to the AAA server group by entering multiple server commands while in this mode. The same server can belong to multiple server groups. Examples To add one or more servers to an LDAP server group, enter: host1/Admin(config)# aaa group server ldap LDAP_Server_Group1 host1/Admin(config-ldap)# server 172.16.56.76 host1/Admin(config-ldap)# server 172.16.56.79 host1/Admin(config-ldap)# server 172.16.56.82 To remove a server from the LDAP server group, enter: host1/Admin(config-ldap)# no server 172.16.56.76 Related Commands (config) aaa group server ip_address IP address of the LDAP server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-751 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Line Configuration Mode Commands Line Configuration Mode Commands Line configuration mode commands allow you to configure the virtual terminal line settings. To configure the virtual terminal line settings and access line configuration mode, use the line vty command in configuration mode. The CLI prompt changes to (config-line). For information about the commands in line configuration mode, see the following commands. Use the no form of the line vty command to reset the line configuration mode parameter to its default setting. line vty no line vty Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin context only Command History Usage Guidelines The commands in this mode have no user role feature restrictions. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To enter the line configuration mode, enter: host1/Admin(config)# line vty host1/Admin(config-line)# Related Commands clear line show line ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-752 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Line Configuration Mode Commands (config-line) session-limit T o configure the maximum number of terminal sessions per line, use the session-limit command. Use the no form of this command to disable a setting for the configured virtual terminal line. session-limit number no session-limit number Syntax Description Command Modes Line configuration mode Admin context only Command History Usage Guidelines This command has no usage guidelines. Examples For example, to configure a virtual terminal line, enter: host1/Admin# config Enter configuration commands, one per line. End with CNTL/Z host1/Admin(config)# host1/Admin(config)# line vty host1/Admin(config-line)# session-limit 23 To disable a setting for the configured virtual terminal line, enter: host1/Admin(config-line)# no session-limit 23 Related Commands clear line show line (config) line vty number Maximum number of terminal sessions per line. Enter an integer from 1 to 251. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-753 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands Object Group Configuration Mode Commands Object groups allow you to simplify the creation of multiple access control list (ACL) entries in an ACL. By grouping like objects together, you can use an object group in an ACL entry instead of having to enter an ACL entry for each object separately. To create an object group and access object group configuration mode, use the object-group command. The CLI prompt changes to (config-objgrp-netw or config-objgrp-serv) depending upon whether you create a network or service object group. Use the no form of this command to delete an existing object group. object-group [network | service] name no object-group [network | service] name Syntax Description Command Modes Action list modify configuration mode Admin and user contexts Command History Usage Guidelines You can create either network or service object groups. After you create these groups, you can use a single ACL entry to allow trusted hosts to make specific service requests to a group of public servers. If you add new members to an existing object group that is already in use by an entry in a large ACL, recommitting the ACL can take a long time, depending on the size of the ACL and the object group. In some cases, making this change can cause the ACE to devote over an hour to committing the ACL, during which time you cannot access the terminal. We recommend that you first remove the ACL entry that refers to the object group, make your change, and then add the ACL entry back into the ACL. Examples To create a network object group, enter: host1/Admin(config)# object-group network NET_OBJ_GROUP1 host1/Admin(config-objgrp-netw)# To create a service object group, enter: network Specifies a group of hosts or subnet IP addresses. service Specifies a group of TCP or UDP port specifications or ICMP types. name Unique identifier of the object group. Enter the object group name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-754 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands host1/Admin(config)# object-group service SERV_OBJ_GROUP1 host1/Admin(config-objgrp-serv)# Related Commands (config-objgrp-netw) description (config-objgrp-netw) host (config-objgrp-netw) ip_address (config-objgrp-netw) description To add an optional description to a network object group, use the description command. Use the no form of this command to remove a description from a network object group. description text no description text Syntax Description Command Modes Network object group configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description to the network object group, enter: host1/Admin(config-objgrp-netw)# description intranet network object group To remove a description from the network object group, enter: host1/Admin(config-objgrp-netw)# no description intranet network object group Related Commands (config) object-group (config-objgrp-netw) host (config-objgrp-netw) ip_address text (Optional) Description of the network object group. Enter the description as an unquoted, alphanumeric, text string from 1 to 240 characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-755 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands (config-objgrp-netw) host To associate a host IPv6 or IPv4 address with a network object group, use the host command. Use the no form of this command to remove a host from the network object group. host ip_address no host ip_address Syntax Description Command Modes Network object group configuration mode Admin and user contexts Command History Usage Guidelines You cannot mix an IPv6 address and an IPv4 address in the same network object group. Examples IPv6 Example To create a network object group that includes three IPv6 host addresses, enter: host1/Admin(config)# object-group network NET_OBJ_GROUP1 host1/Admin(config-objgrp-netw)# description Administrator Addresses host1/Admin(config-objgrp-netw)# host 2001:DB8:1::/64 host1/Admin(config-objgrp-netw)# host 2001:DB8:2::/64 host1/Admin(config-objgrp-netw)# host 2001:DB8:3::/64 To remove host IPv6 address 2001:DB8:1::/64 from the network object group, enter: host1/Admin(config-objgrp-netw)# no host 2001:DB8:1::/64 IPv4 Example To create a network object group that includes three IPv4 host addresses, enter: host1/Admin(config)# object-group network NET_OBJ_GROUP1 host1/Admin(config-objgrp-netw)# description Administrator Addresses host1/Admin(config-objgrp-netw)# host 192.168.12.15 host1/Admin(config-objgrp-netw)# host 192.168.12.21 host1/Admin(config-objgrp-netw)# host 192.168.12.27 ip_address Host IP address associated with the network object group. Enter an IP address in dotted-decimal notation (for example, 192.168.12.15). ACE Module Release Modification A2(1.0) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A3(1.0) This command was introduced. A5(1.0) Added IPv6 support.2-756 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands To remove host IPv4 address 192.168.12.15 from the network object group, enter: host1/Admin(config-objgrp-netw)# no host 192.168.12.15 Related Commands (config) object-group (config-objgrp-netw) description (config-objgrp-netw) ip_address2-757 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands (config-objgrp-netw) ip_address To associate a network IP address with a network object group, use the ip_address command. Use the no form of this command to remove an IP address or host from the network object group. ip_address{/prefix_length | netmask} no ip_address{/prefix_length | netmask} Syntax Description Command Modes Network object group configuration mode Admin and user contexts Command History Usage Guidelines You cannot mix an IPv6 address and an IPv4 address in the same network object group. Examples IPv6 Example To add the IPv6 address and prefix length 2001:DB8:1::1/64 to a network object group, enter: host1/Admin(config-objgrp-netw)# 2001:DB8:1::1/64 Enter additional object-group IP addresses as required. To remove an IP address from the network object group, enter: host1/Admin(config-objgrp-netw)# no 2001:DB8:1::1/64 IPv4 Example To add the IP address 192.168.12.15 and network mask 255.255.255.0 to a network object group, enter: host1/Admin(config-objgrp-netw)# 192.168.12.15 255.255.255.0 ip_address IP address assigned to the network object group. /prefix_length For an IPv6 address, the length of the network prefix. Enter a “/” (forward slash) followed by an integer from 1 to 128. netmask Network mask applied to the IP address. Enter a network mask in dotted decimal notation (for example, 255.255.255.0). ACE Module Release Modification A2(1.0) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A3(1.0) This command was introduced. A5(1.0) Added IPv6 support.2-758 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands To remove an IP address from the network object group, enter: host1/Admin(config-objgrp-netw)# no 192.168.12.15 255.255.255.0 Related Commands (config) object-group (config-objgrp-netw) description (config-objgrp-netw) host2-759 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands (config-objgrp-serv) description To add an optional description to a service object group, use the description command. Use the no form of this command to remove a description from a service object group. description text no description text Syntax Description Command Modes Service object group configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description to the service object group, enter: host1/Admin(config-objgrp-serv)# description intranet service object group To remove a description from the service object group, enter: host1/Admin(config-objgrp-serv)# no description intranet service object group Related Commands (config) object-group (config-objgrp-serv) protocol text (Optional) Description of the service object group. Enter the description as an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-760 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands (config-objgrp-serv) protocol To associate a protocol and port designation with a service object group, use the protocol command. Use the no form of this command to remove the protocol and port designation from a service object group. protocol [source operator port1 [port2]] [operator port3 [port4]] [icmp-type type code operator code1 code2] no protocol [source operator port1 [port2]] [operator port3 [port4]] [icmp-type type code operator code1 code2] Syntax Description protocol Name or number of an IP protocol. Enter a protocol name or an integer from 1 to 255 that represents an IP protocol number. See Table 1-12. source Specifies a source port for TCP, TCP-UDP, or UDP. To specify a destination port, use the operator argument with no keyword. operator (Optional) Operand used to compare source and destination port numbers for TCP and UDP protocols, and message codes for ICMP. To specify a destination port, use the operator argument with no keyword.The operators are as follows: • lt—Less than. • gt—Greater than. • eq—Equal to. • neq—Not equal to. • range—An inclusive range of port values or ICMP message codes. If you enter this operator, enter a second port number value or second ICMP message code to define the upper limit of the range. port1 [port2] TCP or UDP source name or port number from which you permit or deny services access. Enter a port name or an integer from 0 to 65535. To enter an inclusive range of ports, enter two port numbers. Port2 must be greater than or equal to port1. See Table 1-13 for a list of well-known TCP keywords and port numbers and Table 1-14 for a list of well-known UDP key words and port numbers. port3 [port4] TCP or UDP destination name or port number to which you permit or deny services access. To enter an optional inclusive range of ports, enter two port numbers. port4 must be greater than or equal to port3. See Table 1-13 for a list of well-known TCP keywords and port numbers and Table 1-14 for a list of well-known UDP keywords and port numbers. icmp-type type (Optional) If you entered ICMP as the protocol, specifies the type of ICMP messaging. Enter either an integer corresponding to the ICMP code number or one of the ICMP types listed in Table 1-15 (ICMPv4) or Table 1-16 (ICMPv6). code (Optional) Specifies that a numeric operator and ICMP code follows. code1 [code2] ICMP code number that corresponds to an ICMP type. See Table 1-15 (ICMPv4) or Table 1-16 (ICMPv6). If you entered the range operator, enter a second ICMP code value to define the upper limit of the range.2-761 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands Ta b l e 1-12 Supported Protocol Keywords and Numbers Protocol Name Protocol Number Description ah 51 Authentication Header eigrp 88 Enhanced IGRP esp 50 Encapsulated Security Payload gre 47 Generic Routing Encapsulation icmp 1 Internet Control Message Protocol v4 icmpv6 58 Internet Control Message Protocol v6 igmp 2 Internet Group Management Protocol ip any Internet Protocol ip-in-ip 4 IP-in-IP Layer 3 Tunneling Protocol ospf 89 Open Shortest Path First pim 103 Protocol Independent Multicast tcp 6 Transmission Control Protocol tcp-udp 6 and 17 TCP and UDP udp 17 User Datagram Protocol Ta b l e 1-13 Well-Known TCP Port Numbers and Keywords Keyword Port Number Description aol 5190 America-Online bgp 179 Border Gateway Protocol chargen 19 Character Generator citrix-ica 1494 Citrix Independent Computing Architecture Protocol cmd 514 Same as exec, with automatic authentication ctiqbe 2748 Computer Telephony Interface Quick Buffer Encoding daytime 13 Daytime discard 9 Discard domain 53 Domain Name System echo 7 Echo exec 512 Exec (RSH) finger 79 Finger ftp 21 File Transfer Protocol ftp-data 20 FTP data connections gopher 70 Gopher h323 1720 H.323 call signaling2-762 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands hostname 101 NIC hostname server http 80 Hypertext Transfer Protocol https 443 HTTP over TLS/SSL ident 113 Ident Protocol imap4 143 Internet Message Access Protocol, version 4 irc 194 Internet Relay Chat kerberos 88 Kerberos klogin 543 Kerberos Login kshell 544 Kerberos Shell ldap 389 Lightweight Directory Access Protocol ldaps 636 LDAP over TLS/SSL login 513 Login (rlogin) lotusnotes 1352 IBM Lotus Notes lpd 515 Printer Service matip-a 350 Mapping of Airline Traffic over Internet Protocol Type A netbios-ssn 139 NetBIOS Session Service nntp 119 Network News Transport Protocol pcanywhere-data 5631 PC Anywhere data pim-auto-rp 496 PIM Auto-RP pop2 109 Post Office Protocol v2 pop3 110 Post Office Protocol v3 pptp 1723 Point-to-Point Tunneling Protocol, RFC 2637 rtsp 554 Real-Time Streaming Protocol sip 5060 Session Initiation Protocol skinny 2000 Cisco Skinny Client Control Protocol (SCCP) smtp 25 Simple Mail Transfer Protocol sqlnet 1521 Structured Query Language Network ssh 22 Secure Shell sunrpc 111 Sun Remote Procedure Call tacacs 49 Terminal Access Controller Access Control System talk 517 Talk telnet 23 Telnet Table 1-13 Well-Known TCP Port Numbers and Keywords (continued) Keyword Port Number Description2-763 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands time 37 Time uucp 540 Unix-to-Unix Copy Program whois 43 Nicname www 80 World Wide Web (HTTP) Ta b l e 1-14 Well-Known UDP Keywords and Port Numbers Keyword Port Number Description biff 512 Mail notification bootpc 68 Bootstrap Protocol client bootps 67 Bootstrap Protocol server discard 9 Discard dnsix 195 DNSIX Security protocol auditing (dn6-nlm-aud) domain 53 Domain Name System echo 7 Echo isakmp 500 Internet Security Association Key Management Protocol kerberos 88 Kerberos mobile-ip 434 Mobile IP registration nameserver 42 Host Name Server netbios-dgm 138 NetBIOS datagram service netbios-ns 137 NetBIOS name service netbios-ssn 139 NetBIOS Session Service ntp 123 Network Time Protocol pcanywhere-statu s 5632 PC Anywhere status radius-auth 1812 (ACE module only) Remote Authentication Dial-in User Service radius 1812 (ACE appliance only) Remote Authentication Dial-in User Service radius-acct 1813 RADIUS Accounting rip 520 Routing Information Protocol snmp 161 Simple Network Management Protocol snmptrap 162 SNMP Traps sunrpc 111 Sun Remote Procedure Call syslog 514 System Logger Table 1-13 Well-Known TCP Port Numbers and Keywords (continued) Keyword Port Number Description2-764 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands tacacs 49 Terminal Access Controller Access Control System talk 517 Talk tftp 69 Trivial File Transfer Protocol time 37 Time who 513 Who service (rwho) wsp 9200 Connectionless Wireless Session Protocol wsp-wtls 9202 Secure Connectionless WSP wsp-wtp 9201 Connection-based WSP wsp-wtp-wtls 9203 Secure Connection-based WSP xdmcp 177 X Display Manager Control Protocol Ta b l e 1-15 ICMPv4 Types ICMP Code Number ICMP Type 0 echo-reply 3 unreachable 4 source-quench 5 redirect 6 alternate-address 8 echo 9 router-advertisement 10 router-solicitation 11 time-exceeded 12 parameter-problem 13 timestamp-request 14 timestamp-reply 15 information-request 16 information-reply 17 mask-request 18 mask-reply 30 traceroute 31 conversion-error 32 mobile-redirect Table 1-14 Well-Known UDP Keywords and Port Numbers (continued) Keyword Port Number Description2-765 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands Command Modes Service object group configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To create a service object group for TCP (source port only), UDP (source and destination ports), and ICMPv6, enter: ISM/Admin(config)# object-group service TCP_UDP_ICMP ISM/Admin(config-objgrp-serv)# tcp source eq domain ISM/Admin(config-objgrp-serv)# udp source eq radius eq radius-acct ISM/Admin(config-objgrp-serv)# icmpv6 echo code eq 128 To remove the ICMP protocol from the above service object group, enter: host1/Admin(config-objgrp-prot)# no icmpv6 echo code eq 128 Ta b l e 1-16 ICMPv6 Types ICMPv6 Code Number ICMPv6 Type 1 unreachable 3 time-exceeded 4 parameter-problem 30 traceroute 128 echo 129 echo-reply 137 redirect 139 information-request 140 information-reply ACE Module Release Modification A2(1.0) This command was introduced. A2(2.1) The radius keyword is deprecated and is now the radius-auth keyword. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A3(1.0) This command was introduced. A5(1.0) Added IPv6 support.2-766 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Object Group Configuration Mode Commands Related Commands (config) object-group (config-objgrp-serv) description2-767 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Optimize Configuration Mode Commands Optimize Configuration Mode Commands (ACE appliance only) The optimize mode includes a set of commands that allow you to globally configure application acceleration and optimization operation on the ACE. To remove an optimize mode selection, use the no form of the command. For details about using the commands in the optimize mode, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. To access the optimize mode, enter the optimize command. The CLI prompt changes to (config-optimize). optimize no optimize Syntax Description This command has no keywords or arguments. Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To access the optimize mode, enter: host1/Admin(config)# optimize host1/Admin(config-optimize)# Related Commands show optimization-global ACE Appliance Release Modification A1(7) This command was introduced.2-768 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Optimize Configuration Mode Commands (config-optimize) appscope-log (ACE appliance only) To configure the ACE to upload the application acceleration and optimization statistical log information to the optional Cisco AVS 3180A Management Station, use the appscope-log command. Use the no form of this command to disable sending statistical log information to a Management Station. appscope-log no appscope-log Syntax Description This command has no keywords or arguments. Command Modes Optimize mode Admin and user contexts Command History Usage Guidelines The statistical log file contains an entry for each ACE optimization request to the server and is used for statistical analysis by the optional Cisco AVS 3180A Management Station. The ACE collects statistical log data and then sends it to the Management Station for loading into the management station database. For details about the optional Cisco AVS 3180A Management Station database, management, and reporting features, including AppScope reporting, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. To enable the AppScope feature, use the appscope command in action list optimization configuration mode. See the (config-actlist-optm) appscope command. For each ACE request, information about the statistical log is written to the statlog.nnn file, where nnn is a three-digit number. Each entry in the statlog file is written in an XML-like syntax, where each element is opened with an angle-bracketed tag, and closed with a similar tag, and can contain several fields with nested elements. Note Statistical log information from active ACE nodes is carried by the syslog-ng daemon to the Cisco AVS 3180A Management Console and written to a file under the avs-log/syslog/ directory. The file is _, which is unique across all ACE nodes. To specify the host (the syslog server on the Management Station) that receives the syslog messages sent by the ACE, use the logging host configuration command. See the (config) logging host command. This command allows you to identify the IP address of the Management Station that will be used as the syslog server. You can specify that the host uses either UDP or TCP to send messages to the syslog server. Examples To specify that the information about statistical log is to be sent to a Management Station at 192.168.10.1 using TCP, enter: host1/Admin(config)# optimize ACE Appliance Release Modification A1(7) This command was introduced.2-769 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Optimize Configuration Mode Commands host1/Admin(config-optimize)# appscope-log host1/Admin(config-optimize)# exit host1/Admin(config)# logging host 192.168.10.1 tcp To disable sending information about the statistical log information to an AVS 3180A Management Station, enter: host1/Admin(config-optimize)# no appscope-log Related Commands (config-actlist-optm) appscope (config-parammap-optmz) appscope optimize-rate-percent (config-parammap-optmz) parameter-summary parameter-value-limit (config-parammap-optmz) request-grouping-string (config-optimize) concurrent-connections (ACE appliance only) To define the concurrent connection limit at which optimization will be disabled for all new connections that are received by the ACE, use the concurrent-connections command. Use the no form of this command to return to the default concurrent connection limit of 1000. concurrent-connections connection_limit no concurrent-connections Syntax Description Command Modes Optimize mode Admin and user contexts Command History Usage Guidelines When you use the ACE to perform a specific set of application acceleration and optimization functions, and the ACE reaches the maximum of 10,000 concurrent connections, the ACE stops accepting any additional concurrent connections until the count drops below 10,000. You can define the limit at which all new connections are directly sent to the real server without the ACE performing application acceleration and optimization. This user-defined limit bypasses application acceleration and optimization requests on a connection until the concurrent connection count is less than the allowed specified maximum of 9,500 concurrent connections. The ACE will always perform application acceleration and optimization for FlashForward URLs, AppScope URLs, and base file URLs in a new connection even if you have specified a concurrent connection limit. connection_limit Maximum concurrent connection limit. Enter an integer from 100 to 9500. The default is 1000. ACE Appliance Release Modification A1(8) This command was introduced. A4(1.0) The limit keyword was removed. A4(2.0) This command was deprecated. Application acceleration concurrent connections are now fixed at 100.2-770 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Optimize Configuration Mode Commands Note The show stats loadbalance command in Exec mode displays the optimized connection counter (maximum and concurrent) and the unoptimized connection counter for all application acceleration connections. Examples To specify a concurrent connection limit of 5000, enter: host1/Admin(config)# optimize host1/Admin(config-optimize)# concurrent-connections 5000 To return to the default concurrent connection limit of 1000, enter: host1/Admin(config-optimize)# no concurrent-connections Related Commands This command has no related commands. (config-optimize) debug-level (ACE appliance only) To enable HTTP optimization logging and control the maximum level for system log messages sent to the host (the syslog server on the optional Cisco AVS 3180A Management Station), use the debug-level command. Use the no form of the command to disable the debug function for HTTP optimization. debug-level severity_level no debug-level severity_level Syntax Description Command Modes Optimize mode Admin and user contexts severity_level Maximum level for system log messages sent to a syslog server. The severity level that you specify indicates that you want syslog messages at that level and messages lower than that level. For example, if the specified level is 3, the syslog displays level 3, 2, 1, and 0 messages. The severity level that you specify indicates that you want to log messages at that level and below. Allowable entries are as follows: • 0—emergencies (system unusable messages) • 1—alerts (take immediate action) • 2—critical (critical condition) • 3—errors (error message) • 4—warnings (warning message) • 5—notifications (normal but significant condition) • 6—informational (information message) • 7—debugging (debug messages)2-771 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Optimize Configuration Mode Commands Command History Usage Guidelines The debug-level command limits the HTTP optimization logging messages sent to a syslog server based on severity. To specify the host (the syslog server on the optional Management Station) that receives the syslog messages sent by the ACE, use the logging host configuration command. See the (config) logging host command. You can specify that the host uses either UDP or TCP to send messages to the syslog server. Examples To enable HTTP optimization logging and send informational system message logs to the syslog server, enter: host1/Admin(config)# debug-level 6 To disable the debug function for HTTP optimization, enter: host1/Admin(config)# no debug-level Related Commands (config-parammap-optmz) appscope optimize-rate-percent (config-parammap-optmz) parameter-summary parameter-value-limit (config-parammap-optmz) request-grouping-string Command Modes Optimize mode ACE Appliance Release Modification A1(7) This command was introduced.2-772 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Parameter Map Connection Configuration Mode Commands Parameter map connection configuration mode commands allow you to define a connection-type parameter map. After you create the connection parameter map, you can configure TCP, IP, and other settings for the map. To create the connection parameter map and access parameter map connection configuration mode, use the parameter-map type connection command in configuration mode. The prompt changes to (config-parammap-conn). Use the no form of this command to remove the parameter map from the configuration. parameter-map type connection name no parameter-map type connection name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you configure switch mode and you configure any connection parameter-map commands (for example, set tcp buffer-share, rate-limit, exceed-mss, nagle, random-sequence-number, reserved-bits, set tcp wan-optimization, timeout inactivity, slowstart, and so on) either locally on a specific interface or globally on all interfaces, switch mode will override these commands for certain types of traffic. This behavior applies only to non-VIP, non-inspection, non-NATed, and non-management traffic. The ACE continues to apply local, global, and VIP-specific connection parameter maps to load-balanced (VIP), inspected, NATed, and management traffic. For information about switch mode, see the (config) switch-mode command. After you create and configure a parameter map, you must associate the parameter map with a policy map to activate it. For details, see the (config-pmap-c) connection advanced-options command in the “Policy Map Configuration Mode Commands” section. Examples To create a connection parameter map called TCP_MAP, enter: host1/Admin(config)# parameter-map type connection TCP_MAP name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-773 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands host1/Admin(config-parammap-conn)# To delete the connection parameter map, enter: host1/Admin(config)# no parameter-map type connection TCP_MAP Related Commands (config) parameter-map type (config-pmap-c) connection advanced-options show parameter-map2-774 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the connection parameter map, enter: host1/Admin(config)# parameter-map type connection TCP_MAP host1/Admin(config-parammap-conn)# description TCP CONNECTION PARAMETER MAP To remove the description from the connection parameter map, enter: host1/Admin(config-parammap-conn)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-775 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) exceed-mss To configure the ACE to allow segments that exceed the maximum segment size (MSS), use the exceed-mss command. Use the no form of this command to reset the ACE to its default of discarding segments that exceed the MSS. exceed-mss {allow | drop} no exceed-mss Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the ACE to allow segments that exceed the MSS, enter: host1/Admin(config-parammap-conn)# exceed-mss allow To configure the ACE to discard segments that exceed the MSS, enter: host1/Admin(config-parammap-conn)# exceed-mss drop To reset the ACE behavior to the default of discarding segments that exceed the MSS, enter: host1/Admin(config-parammap-conn)# no exceed-mss allow Related Commands (config-parammap-conn) set tcp mss show parameter-map allow Permits segments that exceed the maximum segment size. drop Discards segments that exceed the maximum segment size. This is the default. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-776 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) nagle To enable Nagle’s algorithm, use the nagle command. By default, this command is disabled. Nagle’s algorithm instructs a sender to buffer any data to be sent until all outstanding data has been acknowledged or until there is a full segment of data to send. Use the no form of this command to disable Nagle’s algorithm. nagle no nagle Syntax Description This command has no keywords or arguments. Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines Nagle’s algorithm automatically concatenates a number of small buffer messages that are transmitted over the TCP connection. This process increases throughput by decreasing the number of segments that need to be sent over the network. However, the interaction between Nagle’s algorithm and the TCP delay acknowledgment may increase latency in your TCP connection. You should disable Nagle’s algorithm if you notice delays in your TCP connection. Examples To enable Nagle’s algorithm, enter: host1/Admin(config-parammap-conn)# nagle To disable Nagle’s algorithm, enter: host1/Admin(config-parammap-conn)# no nagle Related Commands show parameter-map ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-777 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) random-sequence-number To enable TCP sequence number randomization, use the random-sequence-number command. This feature is enabled by default. Use the no form of this command to disable sequence number randomization for Layer 4 flows only. random-sequence-number no random-sequence-number Syntax Description This command has no keywords or arguments. Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines Randomizing TCP sequence numbers makes it more difficult for a hacker to guess or predict the next sequence number in a TCP connection. This feature is enabled by default and you cannot disable it for Layer 7 flows. Examples To enable sequence number randomization, enter: host1/Admin(config-parammap-conn)# random-sequence-number To disable sequence number randomization, enter: host1/Admin(config-parammap-conn)# no random-sequence-number Related Commands show parameter-map ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-778 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) rate-limit To limit the connection rate or the bandwidth rate of a policy, use the rate-limit command. Use the no form of this command to return the behavior of the ACE to the default of not limiting the policy bandwidth rate. rate-limit {connection number1 | bandwidth number2} no rate-limit {connection number1 | bandwidth number2} Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines In addition to preserving system resources by limiting the total number of active connections to a real server, the ACE allows you to limit the connection rate and the bandwidth rate of a policy map. The connection rate is the number of connections per second that match the policy. The bandwidth rate is the number of bytes per second that match the policy. The ACE applies these rate limits to each class map that you associate with the policy at the virtual server level. When the connection-rate limit or the bandwidth-rate limit is reached, the ACE blocks any further traffic that matches that policy until the connection rate or bandwidth rate drops below the configured limit. By default, the ACE does not limit the connection rate or the bandwidth rate of a policy. You can also limit the connection rate and the bandwidth rate of a real server in a server farm. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine Examples To limit the connection rate of a policy to 100000 connections per second, enter: host1/Admin(config-parammap-conn)# rate-limit connection 100000 To return the behavior of the ACE to the default of not limiting the policy connection rate, enter: host1/Admin(config-parammap-conn)# no rate-limit connection 100000 connection number1 Specifies the connection-rate limit for a policy in connections per second. Enter an integer from 0 to 350000. There is no default value. bandwidth number2 Specifies the bandwidth-rate limit for a policy in bytes per second. Enter an integer from 0 to 300000000. There is no default value. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-779 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands To limit the policy bandwidth rate to 5000000 bytes per second, enter: host1/Admin(config-parammap-conn)# rate-limit bandwidth 50000000 To return the behavior of the ACE to the default of not limiting the policy bandwidth rate, enter: host1/Admin(config-parammap-conn)# no rate-limit bandwidth 50000000 Related Commands show parameter-map (config-parammap-conn) reserved-bits To configure how an ACE handles segments with the reserved bits set in the TCP header, use the reserved-bits command. Use the no form of this command to reset the ACE to its default of clearing reserved bits set in the TCP header of a segment. reserved-bits {allow | clear | drop} no reserved-bits Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines The six reserved bits in the TCP header are for future use and have a value of 0. Examples To configure the ACE to allow segments with the reserved bits set in the TCP header, enter: host1/Admin(config-parammap-conn)# reserved-bits allow To reset the ACE to its default of clearing reserved bits set in the TCP header of a segment, enter: host1/Admin(config-parammap-conn)# no reserved-bits allow allow Permits segments with the reserved bits set in the TCP header. clear Clears the reserved bits in the TCP header and allows the segment. This is the default. drop Discards segments with reserved bits set in the TCP header. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-780 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Related Commands show parameter-map (config-parammap-conn) set ip tos To set the type of service (ToS) for packets in a particular traffic class, use the set ip tos command. Use the no form of this command to instruct the ACE to not rewrite the IP ToS value. set ip tos number no set ip tos Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines The ToS for a packet determines how the network handles the packet and balances its precedence, delay, throughput, and reliability. This information resides in the IP header. For details about the ToS byte, see RFCs 791, 1122, 1349, and 3168. Examples To set a packet’s ToS value to 20, enter: host1/Admin(config-parammap)# set ip tos 20 To instruct the ACE to ignore the ToS of a packet, enter: host1/Admin(config-parammap)# no set ip tos Related Commands show parameter-map number Packet ToS value. Enter an integer from 0 to 255. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-781 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) set tcp ack-delay To configure an ACK delay, use the set tcp ack-delay command. You can configure the ACE to delay sending the ACK from a client to a server. Some applications delay the ACK for best performance. To reset the ACK delay timer to the default value of 200 ms, use the no form of this command. set tcp ack-delay number no set tcp ack-delay Syntax Description Command Modes Connection parameter-map configuration mode Command History Usage Guidelines Delaying the ACK can help reduce congestion by sending one ACK for multiple segments rather than sending an ACK for each segment. Examples To delay sending an ACK for 400 ms, enter: host1/Admin(config-parammap-conn)# set tcp ack-delay 400 To reset the ACK delay timer to the default of 200 ms, enter: host1/Admin(config-parammap-conn)# no set tcp ack-delay Related Commands show parameter-map number Delay time for sending an ACK from a client to a server. Enter an integer from 0 to 400 ms. The default is 200 ms. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-782 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) set tcp buffer-share To set the maximum receive or transmit buffer share size for each TCP and UDP connection, use the set tcp buffer-share command. Use the no form of this command to reset the buffer limit to the default of 32768 bytes. set tcp buffer-share number no set tcp buffer-share Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines To improve throughput and overall performance, the ACE checks the number of buffered bytes on a TCP and UDP connection against the configured buffer setting before accepting new receive or transmit data. By default, the maximum size of the receive or transmit buffer for each TCP or UDP connection is 32768 bytes. For large bandwidth and delay network connections, you may want to increase the default buffer size to improve your network performance. If you set the (config-parammap-http) set content-maxparse-length or (config-parammap-http) set header-maxparse-length command in HTTP parameter-map configuration mode to a value that is greater than 32 KB, you must configure the set tcp buffer-share command to a value that is greater than their values. If you do not, even if you configure (config-parammap-http) length-exceed continue command, the ACE may not completely parse a content string or a header packet that is greater than 32 KB. The reason is that the default value of the set tcp buffer-share command buffer size (32 KB) will not accommodate the larger content string size. Examples To specify a maximum receive buffer share size of 16384 bytes, enter: host1/Admin(config-parammap-conn)# set tcp buffer-share 16384 number Maximum size of the receive or transmit buffer share in bytes for each TCP and UDP connection. Enter an integer from 8192 to 262143. The default is 32768 bytes. ACE Module Release Modification 3.0(0)A1(6.2a) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) This command now allows you to configure the buffer limit for UDP connections. Previously, the buffer limit was configurable only for TCP connections.2-783 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands To reset the buffer limit to the default of 65535 bytes, enter: host1/Admin(config-parammap-conn)# no set tcp buffer-share Related Commands show parameter-map (config-parammap-http) set content-maxparse-length (config-parammap-http) set header-maxparse-length2-784 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) set tcp mss To set a range of values for the TCP maximum segment size (MSS), use the set tcp mss command. Use the no form of this command to reset the minimum MSS to the default of 0 bytes and the maximum MSS to the default of 1460. set tcp mss min number1 max number2 no set tcp mss Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines The MSS is the largest amount of TCP data that the ACE accepts in one segment. To prevent the transmission of many smaller segments or very large segments that may require fragmentation, you can set the minimum and maximum acceptable sizes of the MSS. Both the host and the server can set the MSS when they first establish a connection. If either maximum value exceeds the value that you set with the set tcp mss max command, then the ACE overrides the maximum value and inserts the value that you set. If either maximum value is less than the value that you set with the set tcp mss min command, then the ACE overrides the maximum value and inserts the minimum value (the minimum value is actually the smallest maximum allowed). For example, if you set a maximum value of 1200 bytes and a minimum value of 400 bytes, when a host requests a maximum value of 1300 bytes, then the ACE alters the packet to request 1200 bytes (the maximum). If another host requests a maximum value of 300 bytes, then the ACE alters the packet to request 400 bytes (the minimum). If the host or server does not request an MSS, the ACE assumes that the RFC 793 default value of 536 bytes is in effect. min number1 Specifies the smallest segment size in bytes that the ACE will accept. Enter an integer from 0 to 65535. The default is 0 bytes. If the ACE receives a segment smaller than the configured minimum size, the ACE discards the segment. max number2 Specifies the largest segment size in bytes that the ACE will accept. Enter an integer from 0 to 65535. The default is 1460 bytes. If the ACE receives a segment larger than the configured maximum size, the ACE discards the segment. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-785 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Examples To set the minimum acceptable MSS value to 768 bytes and the maximum acceptable MSS value to 1500, enter: host1/Admin(config-parammap-conn)# set tcp mss min 768 max 1500 To reset the minimum MSS to the default of 0 bytes and the maximum MSS to the default of 1460, enter: host1/Admin(config-parammap-conn)# no set tcp mss Related Commands (config-parammap-conn) exceed-mss show parameter-map2-786 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) set tcp reassembly-timout To stop reassembling TCP packets that have remained idle for the specified timeout period, use the set tcp reassembly timeout command. Use the no form of this command to reset the timeout to the default value of 60 seconds. set tcp reassembly-timeout seconds no set tcp reassembly-timeout seconds Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set the TCP reassembly timeout to 5 minutes, enter: host1/Admin(config-parammap-conn)# set tcp reassembly-timeout 300 To reset the TCP reassembly timeout to the default of 60 seconds, enter: host1/Admin(config-parammap-conn)# no set tcp reassembly-timeout Related Commands show parameter-map (config-parammap-conn) set tcp syn-retry To set the maximum number of attempts that the ACE can take to transmit a TCP segment, use the set tcp syn-retry number command. Use the no form of this command to reset the maximum number of TCP SYN retires to the default of 4. set tcp syn-retry number no set tcp syn-retry seconds Time period in seconds after which the ACE stops reassembling TCP packets. Enter an integer from 1 to 255. The default is 60 seconds. ACE Module/Appliance Release Modification A4(1.0) This command was introduced.2-787 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set the maximum number of attempts that the ACE takes to transmit a TCP segment to 3, enter: host1/Admin(config-parammap-conn)# set tcp syn-retry 3 To reset the maximum number of TCP SYN retries to the default of 4, enter: host1/Admin(config-parammap-conn)# no set tcp syn-retry Related Commands show parameter-map (config-parammap-conn) set tcp timeout To configure a timeout for TCP embryonic connections (connections that result from an incomplete three-way handshake) and half-closed connections (connections where the client has sent a FIN and the server has not responded), use the set tcp timeout command. Use the no form of this command to reset TCP timeout values to their default settings. set tcp timeout {embryonic seconds | half-closed seconds} no set tcp timeout {embryonic | half-closed} Syntax Description number Number of SYN retries. Enter an integer from 1 to 15. The default is 4. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. embryonic Specifies the timeout for embryonic connections. seconds Time in seconds after which the ACE times out an embryonic connection. Enter an integer from 0 to 4294967295. The default is 5 seconds. A value of 0 specifies that the ACE never time out an embryonic connection.2-788 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines The set tcp timeout embryonic command affects only Layer 4 flows and not Layer 7 flows. Examples To set the TCP timeout for embryonic connections to 24 seconds, enter: host1/Admin(config-parammap-conn)# set tcp timeout embryonic 24 To reset the TCP half-closed connection timeout to the default of 600 seconds, enter: host1/Admin(config-parammap-conn)# no set tcp timeout half-closed Related Commands show parameter-map (config-parammap-conn) set tcp wan-optimization To control how the ACE applies TCP optimizations to packets on a connection associated with a Layer 7 policy map using a round-trip time (RTT) value, use the set tcp wan-optimization command. Use the no form of this command to restore ACE behavior to the default of not optimizing TCP connections. set tcp wan-optimization rtt number no set tcp wan-optimization rtt number Syntax Description half-closed Specifies the timeout for half-closed connections. seconds Time in seconds after which the ACE times out a half-closed connection. Enter an integer from 0 to 4294967295. The default is 3600 seconds (1 hour). A value of 0 specifies that the ACE never time out a half-closed TCP connection. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. number RTT value. Enter an integer from 0 to 65535. The default is 65535.2-789 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines This command allows you to control how the ACE applies TCP optimizations to packets on a connection associated with a Layer 7 policy map using the following RTT values: • For a value of 0, the ACE applies TCP optimizations to packets for the life of a connection. • For a value of 65535 (the default), the ACE performs normal operations (no optimizations) for the life of a connection. • For values from 1 to 65534, the ACE applies TCP optimizations to packets based on the client RTT to the ACE as follows: – If the actual client RTT is less than the configured RTT, the ACE performs normal operations for the life of the connection. – If the actual client RTT is greater than or equal to the configured RTT, the ACE performs TCP optimizations on the packets for the life of a connection. TCP optimizations include the following connection parameter-map configuration mode operations: • Nagle optimization algorithm • Slow-start connection behavior • Acknowledgement (ACK) delay timer • Window-scale factor • Retry settings Examples To set the RTT to 0 to apply TCP optimizations to packets for the life of a connection, enter: host1/C1(config-parammap-conn)# set tcp wan-optimization rtt 0 To restore the ACE behavior to the default of not optimizing TCP connections, enter: host1/C1(config-parammap-conn)# no set tcp wan-optimization rtt Related Commands show parameter-map ACE Module Release Modification 3.0(0)A1(3) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-790 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) set tcp window-scale To configure a TCP window-scale factor for network paths with high-bandwidth, long-delay characteristics, use the set tcp window-scale command. Use the no form of this command to reset the window-scale factor to its default setting. set tcp window-scale number no set tcp window-scale Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines The TCP window scaling feature adds support for the Window Scaling option in RFC 1323. We recommend increasing the window size to improve TCP performance in network paths with large bandwidth, long-delay characteristics. This type of network is called a long fat network (LFN). The window scaling extension expands the definition of the TCP window to 32 bits and then uses a scale factor to carry this 32-bit value in the 16-bit window field of the TCP header. You can increase the window size to a maximum scale factor of 14. Typical applications use a scale factor of 3 when deployed in LFNs. Examples To set the TCP window-scale factor to 3, enter: host1/Admin(config-parammap-conn)# set tcp window-scale 3 To reset the TCP window-scale factor to the default of 0, enter: host1/Admin(config-parammap-conn)# no set tcp window-scale Related Commands show parameter-map number Window-scale factor. Enter an integer from 0 to 14. The default is 0. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-791 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) set timeout inactivity To configure the connection inactivity timer, use the set timeout inactivity command. Use the no form of this command to reset the timeout inactivity values to the default ICMP, TCP, and UDP settings. set timeout inactivity seconds no set timeout inactivity Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines The ACE uses the connection inactivity timer to disconnect established ICMP, TCP, and UDP connections that have remained idle for the duration of the specified timeout period. The ACE rounds up the configured timeout value to the nearest 30-second interval. Examples To specify that the ACE disconnect idle established TCP connections after 2400 seconds, enter: host1/Admin(config-parammap-conn)# set timeout inactivity 2400 To reset the ICMP, TCP, and UDP inactivity timeout to the default values, enter: host1/Admin(config-parammap-conn)# no set timeout inactivity inactivity Specifies the timeout for idle TCP connections. seconds Time period after which the ACE disconnects idle established connections. • For the ACE module, enter an integer from 0 to 1608601. • For the ACE appliance, enter an integer from 0 to 1638050. A value of 0 specifies that the ACE never time out a TCP connection. Default settings are as follows: • ICMP—2 seconds • TCP—3600 seconds (1 hour) • HTTP/SSL—300 seconds • UDP—120 seconds (2 minutes) ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-792 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Related Commands show parameter-map (config-parammap-conn) slowstart To enable the slow start algorithm, use the slowstart command. This feature is disabled by default. Use the no form of this command to disable the slow start algorithm after it has been enabled. slowstart no slowstart Syntax Description This command has no keywords or arguments. Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines The slow start algorithm is a congestion avoidance method in which TCP increases its window size as ACK handshakes arrive. It operates by observing that the rate at which new segments should be injected into the network is the rate at which the acknowledgments are returned by the host at the other end of the connection. For further details about the TCP slow start algorithm, see RFC 2581 and 3782. Examples To enable the slow start algorithm, enter: host1/Admin(config-parammap-conn)# slowstart To disable the slow start algorithm, enter: host1/Admin(config-parammap-conn)# no slowstart Related Commands show parameter-map ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-793 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) syn-data To set the ACE to discard SYN segments with data, use the syn-data command. Use the no form of this command to reset the ACE to its default of allowing SYN segments that contain data. syn-data {allow | drop} no syn-data Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines Occasionally, the ACE may receive a SYN segment that contains data. You can configure the ACE to either discard the segment or flag the segment for data processing. Examples To instruct the ACE to discard segments that contain data, enter: host1/Admin(config-parammap-conn)# syn-data drop To reset the ACE to its default of allowing SYN segments that contain data, enter: host1/Admin(config-parammap-conn)# no syn-data Related Commands show parameter-map allow Permits the SYN segments that contain data and flags them for data processing. This is the default. drop Discards the SYN segments that contain data. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-794 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) tcp-options To specify a range of TCP options not explicitly supported by the ACE, or allow or clear explicitly supported TCP options specified in a SYN segment, use the tcp-options command. Use the no form of this command to remove a TCP option range from the configuration or reset the ACE to its default of clearing the specific TCP options. tcp-options {range number1 number2 {allow | drop}} | {selective-ack | timestamp | window-scale {allow | clear | drop}} no tcp-options {range number1 number2 {allow | drop}} | {selective-ack | timestamp | window-scale {allow | clear | drop}} Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History range number1 number2 Specifies the TCP options not explicitly supported by the ACE using a range of option numbers. The arguments are as follows: • number1—Specifies the lower limit of the TCP option range. Enter either 6 or 7 or an integer from 9 to 255. See the “Usage Guidelines” section for the available TCP options. • number2—Specifies the upper limit of the TCP option range. Enter 6 or 7 or an integer from 9 to 255. See the “Usage Guidelines” section for the available TCP options. allow Allows any segment with the specified option set. drop Causes the ACE to discard any segment with the specified option set. selective-ack Allows the ACE to inform the sender about all segments that it received. The sender needs to retransmit the lost segments, rather than wait for a cumulative acknowledgement or retransmit segments unnecessarily. Selective ACK (SACK) can reduce the number of retransmitted segments and increase throughput under some circumstances. timestamp Measures the round-trip time (RTT) of a TCP segment between two nodes on a network. Time stamps are always sent and echoed in both directions. window-scale Allows the ACE to use a window-scale factor that increases the size of the TCP send and receive buffers. The sender specifies a window-scale factor in a SYN segment that determines the send and receive window size for the duration of the connection. clear Clears the specified option from any segment that has it set and allows the segment. This is the default action on the explicitly supported options. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-795 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Usage Guidelines Using the tcp-options command, the ACE permits you to allow or clear the following explicitly supported TCP options specified in a SYN segment: • Selective Acknowledgement (SACK) • Time stamp • Window Scale You can specify this command multiple times to configure different options and actions. If you specify the same option with different actions, the ACE uses the order of precedence to decide which action to use. The order of precedence for the actions in this command is as follows: 1. Drop 2. Clear 3. Allow Table 1-17 lists the TCP options not explicitly supported by the ACE. ACE Appliance Release Modification A1(7) This command was introduced. Ta b l e 1-17 Unsupported TCP Options Kind Length Meaning Reference 6 6 Echo (obsoleted by option 8) RFC 1072 7 6 Echo Reply (obsoleted by option 8) RFC 1072 9 2 Partial Order Connection Permitted RFC 1693 10 3 Partial Order Service Profile RFC 1693 11 CC RFC 1644 12 CC.NEW RFC 1644 13 CC.ECHO RFC 1644 14 3 TCP Alternate Checksum Request RFC 1146 15 N TCP Alternate Checksum Data RFC 1146 16 Skeeter [Knowles] 17 Bubba [Knowles] 18 3 Trailer Checksum Option [Subbu & Monroe] 19 18 MD5 Signature Option RFC 2385 20 SCPS Capabilities [Scott]2-796 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Table 1-18 lists the TCP options explicitly supported by the ACE. Examples To allow the segment with the SACK option set, enter: host1/Admin(config-parammap-conn)# tcp-options selective-ack allow To reset the behavior of the ACE to the default of clearing the SACK option and allowing the segment, enter: host1/Admin(config-parammap-conn)# no tcp-options selective-ack allow You can specify a range of options for each action. If you specify overlapping option ranges with different actions, the ACE uses the order of precedence described in the “Usage Guidelines” section to decide which action to perform for the specified options. For example, to specify a range of options for each action, enter: host1/Admin(config-parammap-conn)# tcp-options range 6 7 allow host1/Admin(config-parammap-conn)# tcp-options range 9 18 clear host1/Admin(config-parammap-conn)# tcp-options range 19 26 drop To remove the TCP option ranges from the configuration, enter: host1/Admin(config-parammap-conn)# no tcp-options range 6 7 allow host1/Admin(config-parammap-conn)# no tcp-options range 9 18 clear host1/Admin(config-parammap-conn)# no tcp-options range 19 26 drop 21 Selective Negative Acknowledgements (SNACK) [Scott] 22 Record Boundaries [Scott] 23 Corruption experienced [Scott] 24 SNAP [Sukonnik] 25 Unassigned (released 12/18/00) 26 TCP Compression Filter [Bellovin] Table 1-17 Unsupported TCP Options (continued) Kind Length Meaning Reference Ta b l e 1-18 Supported TCP Options Kind Length Meaning Reference 0 - End of Option List RFC 793 1 - No Operation RFC 793 3 3 WSOPT—Window Scale RFC 1323 4 2 Selective Acknowledgement (SACK) Permitted RFC 2018 5 N SACK RFC 2018 8 10 Time Stamp Option (TSOPT) RFC 13232-797 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands Related Commands show parameter-map2-798 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Connection Configuration Mode Commands (config-parammap-conn) urgent-flag To set the Urgent Pointer policy, use the urgent-flag command. Use the no form of this command to return to the default setting of clearing the Urgent flag. urgent-flag {allow | clear} no urgent-flag Syntax Description Command Modes Parameter map connection configuration mode Admin and user contexts Command History Usage Guidelines If the Urgent control bit (flag) is set in the TCP header, it indicates that the Urgent Pointer is valid. The Urgent Pointer contains an offset that indicates the location of the segment that follows the urgent data in the payload. Urgent data is data that should be processed as soon as possible, even before normal data is processed. The ACE permits you to allow or clear the Urgent flag. If you clear the Urgent flag, you invalidate the Urgent Pointer. The ACE clears the Urgent flag for any traffic above Layer 4. If you have enabled server connection reuse (see the Security Guide, Cisco ACE Application Control Engine), the ACE does not pass the Urgent flag value to the server. Examples To clear the Urgent flag, enter: host1/Admin(config-parammap-conn)# urgent-flag clear To reset the ACE to its default of allowing the Urgent flag, enter: host1/Admin(config-parammap-conn)# no urgent-flag Related Commands show parameter-map allow Permits the status of the Urgent flag. This is the default. If the Urgent flag is set, the offset in the Urgent Pointer that indicates the location of the urgent data is valid. If the Urgent flag is not set, the offset in the Urgent Pointer is invalid. clear Sets the Urgent flag to 0, which invalidates the offset in the Urgent Pointer. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-799 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map DNS Configuration Mode Commands Parameter Map DNS Configuration Mode Commands Parameter map DNS configuration mode commands allow you to define a DNS-type parameter map. After you create the DNS parameter map, you can configure a query timeout for the map. To create the DNS parameter map and access parameter map DNS configuration mode, use the parameter-map type dns command in configuration mode. The prompt changes to (config-parammap-dns). Use the no form of this command to remove the parameter map from the configuration. parameter-map type dns name no parameter-map type dns name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create and configure a parameter map, you must associate the parameter map with a policy map to activate it. For details, see the (config-pmap-c) appl-parameter dns advanced-options command in the “Policy Map Configuration Mode Commands” section. Examples To create a DNS-type parameter map called TCP_MAP, enter: host1/Admin(config)# parameter-map type dns TCP_MAP host1/Admin(config-parammap-dns)# To delete the DNS-type parameter map, enter: host1/Admin(config)# no parameter-map type dns TCP_MAP Related Commands (config) parameter-map type (config-pmap-c) appl-parameter dns advanced-options show parameter-map name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-800 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map DNS Configuration Mode Commands (config-parammap-dns) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map DNS configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type dns TCP_MAP host1/Admin(config-parammap-dns)# description DNS-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-dns)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-801 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Generic Configuration Mode Commands (config-parammap-dns) timeout query To configure the ACE to time out DNS queries that have no matching server response, use the timeout query command. Use the no form of this command to reset the ACE behavior to the default of timing out DNS queries when the underlying UDP connection times out. timeout query {number} no timeout query {number} Syntax Description Command Modes Parameter map DNS configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the ACE to time out DNS query entries with no corresponding server responses after 20 seconds, enter: host1/Admin(config-parammap-dns)# timeout query 20 To reset the ACE behavior to the default of timing out DNS queries without server responses when the underlying UDP connection times out, enter: host1/Admin(config-parammap-dns)# no timeout query 20 Related Commands show parameter-map Parameter Map Generic Configuration Mode Commands Parameter map generic configuration mode commands allow you to define a generic-type parameter map. After you create the generic parameter map, you can configure related parameters for the map. To create the generic parameter map and access parameter map generic configuration mode, use the number Specifies the length of time in seconds that the ACE keeps the query entries without answers in the hash table before timing them out. Enter an integer from 2 to 120 seconds. The default is 10 seconds. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-802 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Generic Configuration Mode Commands parameter-map type generic command in configuration mode. The prompt changes to (config-parammap-generic). Use the no form of this command to remove the parameter map from the configuration. parameter-map type generic name no parameter-map type generic name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create and configure a parameter map, you must associate the parameter map with a policy map to activate it. For details, see the (config-pmap-c) appl-parameter generic advanced-options command in the “Policy Map Configuration Mode Commands” section. Examples To create a generic parameter map called TCP_MAP, enter: host1/Admin(config)# parameter-map type generic TCP_MAP host1/Admin(config-parammap-generi)# To delete the generic parameter map, enter: host1/Admin(config)# no parameter-map type generic TCP_MAP Related Commands (config) parameter-map type (config-pmap-c) appl-parameter generic advanced-options show parameter-map name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-803 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Generic Configuration Mode Commands (config-parammap-generi) case-insensitive To enable case-insensitive matching for generic matching only, use the case-insensitive command. With case-insensitive matching enabled, uppercase and lowercase letters are considered the same. By default, the ACE CLI is case sensitive. Use the no form of this command to reset the ACE to its default of case-sensitive generic matching. case-insensitive no case-insensitive Syntax Description This command has no keywords or arguments. Command Modes Parameter map generic configuration mode Admin and user contexts Command History Usage Guidelines When enabled, case insensitivity applies to generic protocol regular expression matches. Examples To enable case-insensitive-matching, enter: host1/Admin(config-parammap-generi)# case-insensitive To reenable case-sensitive matching, enter: host1/Admin(config-parammap-generi)# no case-insensitive Related Commands show parameter-map ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-804 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Generic Configuration Mode Commands (config-parammap-generi) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map generic configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type generic TCP_MAP host1/Admin(config-parammap-generi)# description GENERIC-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-generi)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-805 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Generic Configuration Mode Commands (config-parammap-generi) set max-parse-length You can set the maximum number of bytes to parse for generic protocols by using the set max-parse-length command in generic parameter-map configuration mode. The syntax of this command is as follows: set max-parse-length bytes no set max-parse-length bytes Syntax Description Command Modes Parameter map generic configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set the maximum parse length for generic protocols, enter the following command: host1/Admin(config-parammap-generi)# set max-parse-length 8192 To reset the maximum parse length for generic protocols to the default value of 2048, enter the following command: host1/Admin(config-parammap-generi)# no set max-parse-length Related Commands show parameter-map bytes Maximum number of bytes to parse. Enter an integer from 1 to 65535. The default is 2048 bytes. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-806 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands Parameter Map HTTP Configuration Mode Commands Parameter map HTTP configuration mode commands allow you to specify an HTTP-type parameter map and define its settings. To create an HTTP-type parameter map and access parameter map HTTP configuration mode, use the parameter-map type http command in configuration mode. The prompt changes to (config-parammap-http). Use the no form of this command to remove an HTTP-type parameter map from the configuration. parameter-map type http name no parameter-map type http name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create and configure a parameter map, you must associate the parameter map with a policy map to activate it. For details, see the (config-pmap-c) appl-parameter http advanced-options command in the “Policy Map Configuration Mode Commands” section. Examples To create an HTTP-type parameter map called HTTP_MAP, enter: host1/Admin(config)# parameter-map type http HTTP_MAP host1/Admin(config-parammap-http)# To delete the HTTP-type parameter map, enter: host1/Admin(config)# no parameter-map type http HTTP_MAP Related Commands (config) parameter-map type (config-pmap-c) appl-parameter http advanced-options name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-807 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands show parameter-map2-808 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) case-insensitive To enable case-insensitive matching for HTTP matching only, use the case-insensitive command. With case-insensitive matching enabled, uppercase and lowercase letters are considered the same. By default, the ACE CLI is case sensitive. Use the no form of this command to reset the ACE to its default of case-sensitive HTTP matching. case-insensitive no case-insensitive Syntax Description This command has no keywords or arguments. Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines When enabled, case insensitivity applies to the following: • HTTP header names and values • HTTP cookie names and values • URL strings • HTTP deep inspection Examples To enable case-insensitive-matching, enter: host1/Admin(config-parammap-http)# case-insensitive To reenable case-sensitive matching, enter: host1/Admin(config-parammap-http)# no case-insensitive Related Commands show parameter-map ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-809 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) cookie-error-ignore (ACE appliance only) This command has been deprecated in software version A4(1.1) and later. See the parsing non-strict command. To configure the ACE to ignore malformed cookies in a request and continue parsing the remaining cookies, use the cookie-error-ignore command. By default, when the ACE finds a malformed cookie in a flow, it stops parsing the remaining packets. Use the no form of this command to reset the default behavior. cookie-error-ignore no cookie-error-ignore Syntax Description This command has no keywords or arguments. Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the ACE to ignore malformed cookies in a request and continue parsing the remaining cookies, enter: host1/Admin(config)# parameter-map type http HTTP_MAP host1/Admin(config-parammap-http)# cookie-error-ignore To reset the default behavior. enter the following: host1/Admin(config-parammap-http)# no cookie-error-ignore Related Commands show parameter-map ACE Appliance Release Modification A3(2.7). Not applicable for A4(1.0) or A4(2.0). This command was introduced.2-810 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type http HTTP_MAP host1/Admin(config-parammap-http)# description HTTP-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-http)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-811 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) compress To define the parameters that the ACE uses when compressing HTTP traffic, use the compress command. Use the no form of this command to remove the HTTP compression. compress {mimetype type/subtype | minimum-size size | user-agent string} no compress {mimetype type/subtype | minimum-size size | user-agent string} Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you attempt to remove a default Multipurpose Internet Mail Extension (MIME) type and no other MIME type is configured, the following error message is displayed: Error: At least one user mimetype needs to be configured before removing the default mimetype When you remove the only configured MIME type and the default MIME type was previously removed, the default MIME type is restored and the following information message is displayed: The only user mimetype available is deleted so the default mimetype is configured Examples To specify compression of all image MIME types, enter: host1/Admin(config-parammap-http)# compress mimetype image/.* mimetype type/subtype Specifies the Multipurpose Internet Mail Extension (MIME) type to compress. The default is text/.* which includes all text MIME types, such as text/html, text/plain, and so on. minimum-size size Specifies the threshold at which compression occurs. The ACE compresses files that are the specified minimum size or larger. The default is 512 bytes. user-agent string Specifies the text string in the request to match. The ACE does not compress the response to a request when the request contains the specified user agent string. The default is none. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.6) Additional error messages were added when removing a MIME type.2-812 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands To specify the user agent string .*Konqueror.*, enter: host1/Admin(config-parammap-http)# compress user-agent .*Konqueror.* Related Commands (config-pmap-lb-c) compress2-813 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) header modify per-request To instruct the ACE to modify headers (insert, delete, or rewrite) on every HTTP request or response without the additional effect of performing load balancing on each new HTTP request caused by the persistence-rebalance command, use the header modify per-request command. Use the no form of this command to reset the ACE to its default of case-sensitive HTTP matching. header modify per-request no header modify per-request Syntax Description This command has no keywords or arguments. Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines This command has an effect only when persistence-rebalance is disabled. The header modify per-request command also causes the ACE to perform URL location header rewrite on every HTTP response if the ssl url rewrite location command is enabled. For more information about SSL URL rewrite, see the SSL Guide, Cisco ACE Application Control Engine. Examples To instruct the ACE to perform header modification on every HTTP request or response, enter the following command: host1/Admin(config-parammap-http)# header modify per-request To return the ACE behavior to the default of modifying headers only on the first HTTP request or response, enter the following command: host1/Admin(config-parammap-http)# no header modify per-request Related Commands show parameter-map (config) action-list type modify http (config-actlist-modify) header delete (config-actlist-modify) header insert (config-actlist-modify) header rewrite (config-actlist-modify) ssl url rewrite location ACE Module Release Modification A2(2.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-814 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) persistence-rebalance (config-pmap-lb-c) insert-http (config-pmap-lb-m) insert-http2-815 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) length-exceed To configure how the ACE handles URLs or cookies that exceed the maximum parse length, use the length command. Use the no form of this command to reset the ACE to its default of stopping load balancing and discarding a packet when its URL or cookie exceeds the maximum parse length. length-exceed {continue | drop} no length-exceed Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you specify the continue keyword, the (config-parammap-http) persistence-rebalance command is disabled if the total length of all cookies, HTTP headers, and URLs exceeds the maximum parse-length value. Examples To continue load balancing when the maximum parse length is exceeded, enter: host1/Admin(config-parammap-http)# length-exceed continue To reset the ACE to its default of stopping load balancing and discarding a packet when its URL or cookie exceeds the maximum parse length, enter: host1/Admin(config-parammap-http)# no length-exceed Related Commands show parameter-map (config-parammap-http) persistence-rebalance continue Specifies that the ACE continue load balancing when the maximum parse length is exceeded. drop Specifies that the ACE stop load balancing when the maximum parse length is exceeded. This is the default. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-816 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) parsing non-strict To configure the ACE to ignore malformed cookies in a request and continue parsing the remaining cookies, use the parsing non-strict command. By default, when the ACE finds a malformed cookie in a flow, it stops parsing the remaining packets. Use the no form of this command to reset the default behavior. cookie-error-ignore no cookie-error-ignore Syntax Description This command has no keywords or arguments. Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines In software version A4(1.1) and later, the cookie-error-ignore command is deprecated. If you are upgrading from version A2(3.3) and have the cookie-error-ignore command in your configuration, you will receive a command exec error during the upgrade process. In a redundant configuration, the standby ACE will remain in the WARM_COMPATIBLE state until you manually change the command configuration to the new syntax that is described below. The functionality of this command has not changed; only the command name has changed. Examples To configure the ACE to ignore malformed cookies in a request and continue parsing the remaining cookies, enter: host1/Admin(config)# parameter-map type http HTTP_MAP host1/Admin(config-parammap-http)# parsing non-strict To reset the default behavior. enter the following: host1/Admin(config-parammap-http)# no parsing non-strict Related Commands show parameter-map ACE Appliance Release Modification A4(1.1) This command was introduced.2-817 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) persistence-rebalance To enable the ACE to check each GET request on a TCP connection and to load balance the request only if it matches a load-balancing class map that is different from the load-balancing class map matched by the previous request, use the persistence-rebalance command. By default, HTTP persistence is disabled. Use the no form of this command to reset persistence to the default setting of disabled. persistence-rebalance [strict] no persistence-rebalance Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines With persistence rebalance enabled, when successive GET requests result in load balancing that chooses the same class in the same policy, the ACE sends the requests to the real server that was used for the last GET request. This behavior prevents the ACE from load balancing every request and recreating the server-side connection on every GET request, producing less overhead and better performance. If a request matches a different policy, then the ACE rebalances the server-side connection. When persistence rebalance is disabled, the ACE load balances the first GET request on a new connection to a real server. The ACE sends successive requests on that same connection to the same server that serviced the first request because the ACE does not parse the Layer 7 information that is present in the request. In this case, load balancing is not involved after the initial load-balancing decision is made. strict Allows you to configure the ACE to load balance each subsequent GET request on the same TCP connection independently. This option allows the ACE to load balance each HTTP request to a potentially different Layer 7 class and/or real server. The persistence-rebalance command without this option does not load balance successive GET requests on the same TCP connection unless it matches a load-balancing class map that is different from the load-balancing class map matched by the previous request. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(6.2a) This command’s behavior was modified. A2(2.1) This command was revised to include the strict option. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.3) This command was revised to include the strict option.2-818 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands Another effect of persistence rebalance is that header insertion and cookie insertion, if enabled, occur for every request instead of only the first request. If a real server is enabled with the NTLM Microsoft authentication protocol, we recommend that you leave persistence rebalance disabled. NTLM is a security measure that is used to perform authentication with Microsoft remote access protocols. When a real server is enabled with NTLM, every connection to the real server must be authenticated; typically, each client user will see a pop-up window prompting for a username and password. Once the connection is authenticated, all subsequent requests on the same connection will not be challenged. However, when the server load balancing function is enabled and configured with persistence rebalance, a subsequent request may point to a different real server causing a new authentication handshake. The persistence-rebalance command is not compatible with generic protocol parsing. By default, persistence rebalance is enabled when you configure an HTTP parameter map. In the absence of an HTTP parameter map in the configuration, persistence rebalance will also be enabled by default when you configure a Layer 7 SLB policy map of type http or generic, associate it with a Layer 4 multi-match policy map, and any one of the following conditions exist: • The class map in the SLB policy is not class-default Note If you specify the default class map in the SLB policy map of type http or generic and no other Layer 7 features are configured, that policy becomes a Layer 4 policy and, in that case, persistence rebalance is disabled by default. • Any type of stickiness is configured except IP netmask stickiness • The predictor is not based on the IP address • You configure an action list, compression, HTTP header insertion, or an SSL proxy service Note If you configure SSL termination on the ACE with no other Layer 7 features (for example, compression, Layer 7 predictors, HTTP header insertion, and so on), persistence rebalance is disabled by default. Examples To enable persistence rebalance, enter: host1/Admin(config-parammap-http)# persistence-rebalance To enable persistence rebalance strict feature, enter: host1/Admin(config-parammap-http)# persistence-rebalance strict To reset persistence rebalance to the default setting of disabled, enter: host1/Admin(config-parammap-http)# no persistence-rebalance Related Commands show parameter-map (config-pmap-lb-c) insert-http (config-sticky-cookie) cookie insert2-819 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) server-conn reuse To configure TCP server reuse, use the server-conn reuse command. TCP server reuse allows the ACE to reduce the number of open connections on a server by allowing connections to persist and be reused by multiple client connections. Use the no form of this command to disable TCP server reuse. server-conn reuse no server-conn reuse Syntax Description This command has no keywords or arguments. Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines The ACE maintains a pool of TCP connections that can be reused if the client connection and the server connection share the same TCP options. For information about how the ACE handles TCP options, see the Security Guide, Cisco ACE Application Control Engine. For proper operation of this feature, follow these TCP server reuse configuration recommendations and restrictions: • Ensure that the ACE maximum segment size (MSS) is the same as the server MSS. • Configure Port Address Translation (PAT) on the interface that is connected to the real server. PAT prevents collisions when a client stops using a server connection and then that connection is reused by another client. Without PAT, if the original client tries to reuse the original server connection, it is no longer available. For details about configuring PAT, see the Security Guide, Cisco ACE Application Control Engine. • Configure the same TCP options that exist on the TCP server. • Ensure that all real servers within a server farm have identical configurations. Another effect of TCP server reuse is that header insertion and cookie insertion, if enabled, occur for every request instead of only the first request. Examples To enable TCP server reuse, enter: host1/Admin(config-parammap-http)# server-conn reuse To disable TCP server reuse, enter: host1/Admin(config-parammap-http)# no server-conn reuse ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-820 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands Related Commands show parameter-map (config-parammap-http) persistence-rebalance (config-pmap-lb-c) insert-http (config-sticky-cookie) cookie insert (config-parammap-http) set content-maxparse-length To set the maximum number of bytes to parse in HTTP content, use the set content-maxparse-length command. Use the no form of this command to reset the maximum parse length to the default of 4096 bytes. set content-maxparse-length bytes no set content maxparse-length Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines If you set the bytes argument to a value that is greater than 32 KB, you must configure the (config-parammap-conn) set tcp buffer-share command in a connection parameter map to a value that is greater than the bytes value. If you do not, even if you configure the (config-parammap-http) length-exceed continue command, the ACE may not completely parse a content string packet that is greater than 32 KB. The reason is that the default value of the (config-parammap-conn) set tcp buffer-share command buffer size (32 KB) will not accommodate the larger content string size. Examples To set the maximum parse length to 8192, enter: host1/Admin(config-parammap-http)# set content-maxparse-length 8192 To reset the maximum parse length to the default of 4096 bytes, enter: host1/Admin(config-parammap-http)# no set content-maxparse-length bytes Maximum number of bytes to parse in HTTP content. Enter an integer from 1 to 65535. The default is 4096 bytes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-821 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands Related Commands show parameter-map (config-parammap-conn) set tcp buffer-share2-822 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) set header-maxparse-length To set the maximum number of bytes to parse for cookies, HTTP headers, and URLs, use the set header-maxparse-length command. Use the no form of this command to reset the HTTP header maximum parse length to the default of 4096 bytes. set header-maxparse-length bytes no set-header maxparse-length Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines If you set the bytes argument to a value that is greater than 32 KB, you must configure the (config-parammap-conn) set tcp buffer-share command in a connection parameter map to a value that is greater than the bytes value. If you do not, even if you configure the (config-parammap-http) length-exceed continue command, the ACE may not completely parse a header packet that is greater than 32 KB. The reason is that the default value of the (config-parammap-conn) set tcp buffer-share buffer size (32 KB) will not accommodate the larger header size. Examples To set the HTTP header maximum parse length to 8192, enter: host1/Admin(config-parammap-http)# set header-maxparse-length 8192 To reset the HTTP header maximum parse length to the default of 4096 bytes, enter: host1/Admin(config-parammap-http)# no set header-maxparse-length Related Commands show parameter-map (config-parammap-conn) set tcp buffer-share bytes Maximum number of bytes to parse for the total length of all cookies, HTTP headers, and URLs. Enter an integer from 1 to 65535. The default is 4096 bytes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) The default value increased from 2048 to 4096. ACE Appliance Release Modification A1(7) This command was introduced.2-823 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) set secondary-cookie-delimiters To define a list of ASCII-character delimiter strings that you can use to separate the cookies in a URL string, use the set secondary-cookie-delimiters command. Use the no form of this command to reset the delimiter string list to the default of /?&#+. set secondary-cookie-delimiters text no set secondary-cookie-delimiters Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines Cookies and their delimiters appear in GET request lines. In the following example of a GET request line, the ampersand (&) that appears between name-value pairs is the secondary cookie delimiter. The question mark (?) begins the URL query and is not configurable. GET /default.cgi?user=me&hello=world&id=2 HTTP/1.1 Examples To set the delimiter string list to the characters !@#$, enter: host1/Admin(config-parammap-http)# set secondary-cookie-delimiters !@#$ To reset the delimiter string list to the default of /?&#+, enter: host1/Admin(config-parammap-http)# no set secondary-cookie-delimiters Related Commands show parameter-map text Delimiter string. Enter an unquoted text string with no spaces and a maximum of four characters. The order of the delimiters in the list does not matter. The default list of delimiters is /&#+. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-824 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map HTTP Configuration Mode Commands (config-parammap-http) set secondary-cookie-start To define the ASCII-character string at the start of a secondary cookie in a URL or ignore any start string of a secondary cookie in the URL and consider the secondary cookie part of the URL, use the set secondary-cookie-start command. Use the no form of this command to reset the secondary cookie start string to the default setting of ?. The syntax of this command is as follows: set secondary-cookie-start {none | text} set secondary-cookie-start Syntax Description Command Modes Parameter map HTTP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To define the secondary cookie start string, enter: host1/Admin(config-parammap-http)# set secondary-cookie-start ?! To reset the secondary cookie start string to the default setting of ?, enter: host1/Admin(config-parammap-http)# no set secondary-cookie-start none The secondary cookie start is not configured or the ACE ignores any start string of a secondary cookie in the URL and considers the secondary cookie as part of the URL. When you configure the none keyword to consider the entire URL query string as part of a URL, the commands that rely on the URL query, such as the match cookie secondary and predictor hash cookie secondary commands, do not work. Do not configure these commands under the same real server. text The start string of the secondary cookie. Enter a maximum of two characters. The default start character is ?. ACE Module Release Modification A2(1.5) and A2(2.1) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-825 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Related Commands show parameter-map Parameter Map Optimization Configuration Mode Commands (ACE appliance only) Parameter map optimization configuration mode commands allow you to create an optimization HTTP-type parameter map and define its application acceleration settings. To create an optimization HTTP-type parameter map and access parameter map optimization configuration mode, use the parameter-map type optimization http command in configuration mode. The prompt changes to (config-parammap-optmz). Use the no form of the command to remove an optimization HTTP-type parameter map from the configuration. parameter-map type optimization http map_name no parameter-map type optimization http map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. An optimization HTTP parameter map can be optionally specified in an optimization HTTP policy map to identify the association between an optimization HTTP action list and the parameter map. The optimization HTTP action list defines what to do, while the optimization HTTP parameter map defines the specific details about how to accomplish the application acceleration action. For details, see the “Policy Map Management Configuration Mode Commands” section. Examples To create an optimization HTTP-type parameter map, enter: host1/Admin(config)# parameter-map type optimization http OPTIMIZE_PARAM_MAP host1/Admin(config-parammap-optmz)# To remove a Layer 7 optimization parameter map from the configuration, enter: host1/Admin(config)# no parameter-map type optimization http OPTIMIZE_PARAM_MAP Related Commands (config) parameter-map type map_name Enter a unique name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters ACE Appliance Release Modification A1(7) This command was introduced.2-826 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config) action-list type optimization http show parameter-map (config-parammap-optmz) appscope optimize-rate-percent (ACE appliance only) To control the AppScope features that measure application acceleration performance by the optional Cisco AVS 3180A Management Station, use the appscope optimize-rate-percent command. Use the no form of the command to revert to the default AppScope performance rate settings. appscope optimize-rate-percent value passthru-rate-percent value no appscope optimize-rate-percent value passthru-rate-percent value Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines The statistical log contains an entry for each ACE optimization request to the server and is used for statistical analysis by the optional Cisco AVS 3180A Management Station. The ACE collects statistical log and sends it to the Cisco AVS 3180A Management Station for loading into the database. For details about the use of the Cisco AVS 3180A Management Station for database, management, and reporting features for the ACE optimization functionality, including AppScope reporting, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. To control the AppScope features that measure application acceleration and optimization performance, use the appscope commands in action list optimization configuration mode. See the “Action List Optimization Configuration Mode Commands” section for details. value Percentage of all requests (or sessions) to be sampled for performance with acceleration (optimization) applied. All applicable optimizations for the class will be performed. Valid values are from 0 to 100 percent. The default is 10 percent. This value plus the passthru-rate-percent value must not exceed 100. passthru-rate-percent value Percentage of all requests (or sessions) to be sampled for performance without optimization. No optimizations for the class will be performed. Valid values are from 0 to 100 percent. The default is 10 percent. This value plus the optimize-rate-percent value must not exceed 100. ACE Appliance Release Modification A1(7) This command was introduced.2-827 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands To specify the host (the syslog server on the Management Station) that receives the syslog messages sent by the ACE, use the logging host configuration command. See the (config) logging host command. This command allows you to identify the IP address of the Management Station that will be used as the syslog server. You can specify that the host uses either UDP or TCP to send messages to the syslog server. Examples To specify a percentage of all requests (or sessions) to be sampled for performance with acceleration and without optimization applied by AppScope, enter: host1/Admin(config-parammap-optmz)# appscope optimize-rate-percent 50 passthru-rate-percent 50 To revert to the default rate AppScope performance rate settings of 10 percent, enter: host1/Admin(config-parammap-optmz)# no appscope optimize-rate-percent 50 passthru-rate-percent 50 Related Commands (config-actlist-optm) appscope (config-parammap-optmz) request-grouping-string (config-parammap-optmz) basefile anonymous-level (ACE appliance only) To define the base file anonymity level for the all-user delta optimization method, use the basefile anonymous-level command. By default, the base file anonymity level is disabled. Use the no form of the command to revert to the default base file anonymity level of 0. basefile anonymous-level value no basefile anonymous-level value Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines The string can contain a URL regular expression that defines a set of URLs in which URLs that differ only by their query parameters are to be treated as separate URLs in AppScope reports. value Base file anonymity level for the all-user delta optimization method. Valid values are from 0 to 50. The default is a value of 0 (disables anonymity). ACE Appliance Release Modification A1(7) This command was introduced.2-828 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Typically, in an AppScope report organized by URL, matching URLs that differ only in their query parameters are treated as the same URL and are not listed on separate lines. Use the request-grouping-string command to specify that all URL variations that are based on query parameters are to be treated as separate URLs for reporting purposes. Each variation will appear on a separate line in the report. For details about the optional Cisco AVS 3180A Management Station database, management, and reporting features for the ACE optimization functionality, including AppScope reporting, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. Examples To specify a base file anonymity level of 25, enter: host1/Admin(config-parammap-optmz)# basefile anonymous-level 25 To revert to the default base file anonymity level of 0, enter: host1/Admin(config-parammap-optmz)# no basefile anonymous-level Related Commands (config-parammap-optmz) canonical-url (config-parammap-optmz) delta (config-parammap-optmz) cache key-modifier (ACE appliance only) To modify the canonical form of a URL, which is the portion before the question mark (?), to form the cache key, use the cache key-modifier command. This command specifies a regular expression that contains embedded variables that are expanded by the ACE. Use the no form of the command to remove a cache key modifier. cache key-modifier {string parameter_expander_function} no cache key-modifier {regular_expression parameter_expander_function} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts string A regular expression. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. Alternatively, you can enter a text string with spaces provided that you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. The “Usage Guidelines” section lists the supported characters that you can use for matching string expressions. parameter_expander_function A parameter expander function that evaluate to strings. The “Usage Guidelines” section lists the parameter expander functions that you can use.2-829 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Command History Usage Guidelines The key that the ACE uses for any given requesting URL comprises one or more of the following two components: • Query parameters—The URL portion after a question mark (?). You can modify query parameters by using the cache parameter command, which can be used to include selected query parameters, a cookie value, an HTTP header value, or other values. • Canonical URL—The URL portion up to a question mark (?). You can modify the canonical URL by using the cache key-modifier command. The expanded string that results from the cache key-modifier command replaces the default canonical URL portion of the cache key. If you do not specify the cache key-modifier command, the canonical URL is used as the default value for the URL portion of the cache key (there may also be a query parameter portion). For details on modifying the cache key, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. The following table lists the supported characters that you can use for matching string expressions. ACE Appliance Release Modification A1(7) This command was introduced. Convention Description . One of any character. .* Zero or more of any character. \. Period (escaped). [charset] Match any single character from the range. [^charset] Do not match any character in the range. All other characters represent themselves. () Expression grouping. (expr1 | expr2) OR of expressions. (expr)* 0 or more of expression. (expr)+ 1 or more of expression. expr{m,n} Repeat the expression between m and n times, where m and n have a range of 1 to 255. expr{m} Match the expression exactly m times. The range for m is from 1 to 255. expr{m,} Match the expression m or more times. The range for m is from 1 to 255. \a Alert (ASCII 7). \b Backspace (ASCII 8). \f Form-feed (ASCII 12). \n New line (ascii 10). \r Carriage return (ASCII 13). \t Tab (ASCII 9). \v Vertical tab (ASCII 11).2-830 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands The following table lists the parameter expander functions that you can use. \0 Null (ASCII 0). \\ Backslash. \x## Any ASCII character as specified in two-digit hexadecimal notation. Convention Description Variable Description $(number) Expands to the corresponding matching subexpression (by number) in the URL pattern. Subexpressions are marked in a URL pattern using parentheses (). The numbering of the subexpressions begins with 1 and is the number of the left-parenthesis “(“ counting from the left. You can specify any positive integer for the number. $(0) matches the entire URL. For example, if the URL pattern is ((http://server/.*)/(.*)/)a.jsp, and the URL that matched it is the following: http://server/main/sub/a.jsp?category=shoes&session=99999, then the following are correct: $(0) = http://server/main/sub/a.jsp $(1) = http://server/main/sub/ $(2) = http://server/main $(3) = sub If the specified subexpression does not exist in the URL pattern, then the variable expands to the empty string. $http_query_string() Expands to the value of the whole query string in the URL. For example, if the URL is http://myhost/dothis?param1=value1¶m2=value2 then the following is correct: $http_query_string() = param1=value1¶m2=value2 This function applies to both GET and POST requests. $http_query_param(query-param-name) this obsolete syntax is also supported: $param(query-param-name) Expands to the value of the named query parameter (case sensitive). For example, if the URL is http://server/main/sub/a.jsp?category=shoes&session=99999 then the following are correct: $http_query_param(category) = shoes $http_query_param(session) = 99999 If the specified parameter does not exist in the query, then the variable expands to the empty string. This function applies to both GET and POST requests. $http_cookie(cookie-name) Evaluates to the value of the named cookie. For example, $http_cookie(cookiexyz). The cookie name is case sensitive.2-831 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Examples For example, enter: host1/Admin(config-parammap-optmz)# cache key-modifier $http://www(1) To remove a cache key modifier, enter: host1/Admin(config-parammap-optmz)# no cache key-modifier Related Commands (config-parammap-optmz) cache parameter (config-parammap-optmz) cache ttl (config-parammap-optmz) cache parameter (ACE appliance only) To modify the query parameter part of a URL, which is the portion after the question mark (?), to form the cache key, use the cache parameter command. Use the no form of the command to remove a cache parameter. cache parameter parameter_expander_function no cache parameter parameter_expander_function Syntax Description $http_header(request-header-name) Evaluates to the value of the specified HTTP request header. In the case of multivalued headers, it is the single representation as specified in the HTTP specification. For example, $http_header(user-agent). The HTTP header name is not case sensitive. $http_method() Evaluates to the HTTP method used for the request, such as GET or POST. Boolean Functions: $http_query_param_present(query-param-name) $http_query_param_notpresent (query-param-name) $http_cookie_present(cookie-name) $http_cookie_notpresent(cookie-name) $http_header_present(request-header-name) $http_header_notpresent(request-header-name) $http_method_present(method-name) $http_method_notpresent(method-name) Evaluates to a Boolean value: True or False, depending on the presence or absence of the element in the request. The elements are a specific query parameter (query-param-name), a specific cookie (cookie-name), a specific request header (request-header-name), or a specific HTTP method (method-name). All identifiers are case sensitive except for the HTTP request header name. Variable Description parameter_expander_function Parameter expander function that evaluates to strings. Use the forwardslash (/) character when combining multiple parameter expander functions (for example, cache parameter $http_cookie(ID)/$http_query_param(category)). The maximum string value is 255 characters. See the “(config-parammap-optmz) cache key-modifier” section for a listing of the parameter expander functions that you can use.2-832 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines The key that the ACE uses for any given requesting URL comprises one or more of the following two components: • Query parameters—The URL portion after a question mark (?). You can modify query parameters by using the cache parameter command, which can be used to include selected query parameters, a cookie value, an HTTP header value, or other values. • Canonical URL—The URL portion up to a question mark (?). You can modify the canonical URL by using the cache key-modifier command. The cache parameter command specifies an expression that includes one or more parameter expander functions if you want to modify the parameter portion of the cache key. This command specifies one or more parameter expander functions that evaluate to strings. These strings are appended to the canonical URL to form the last portion of the cache key. The parameter expander functions are listed in the (config-parammap-optmz) cache key-modifier command. The string specified in the cache parameter command replaces the default query parameter that is used in the cache key. If you do not specify the cache parameter command, the query parameter portion of the URL is used as the default value for this portion of the cache key. The canonical URL, possibly modified by the cache key-modifier command, is the first part of the cache key. For details on modifying the cache key, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. Examples To set the value of the query parameter portion of the cache key, enter: host1/Admin(config-parammap-optmz)# cache parameter $http_query_param (version) To remove a cache parameter, enter: host1/Admin(config-parammap-optmz)# no cache parameter Related Commands (config-parammap-optmz) cache key-modifier (config-parammap-optmz) cache ttl ACE Appliance Release Modification A1(7) This command was introduced.2-833 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) cache ttl (ACE appliance only) To define the ACE cache freshness settings, use the cache ttl command. Use the no form of the command to revert to a default cache time-to-live value. cache ttl {min time | max time | percent value} no cache ttl {min time | max time | percent value} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command sets the maximum time (max keyword) or the minimum time (min keyword) in seconds that an object without an explicit expiration time should be considered fresh. The percent keyword sets the percent of an object's age at which an embedded object without an explicit expiration time is considered fresh. Examples To specify a minimum time-to-live value of 1000 seconds in which the content can be cached, enter: host1/Admin(config-parammap-optmz)# cache ttl min 1000 To revert to a default cache time-to-live value, enter: host1/Admin(config-parammap-optmz)# no cache ttl min min time Minimum time in seconds that an object without an explicit expiration time should be considered fresh. The min keyword specifies the minimum time that the content can be cached for, which corresponds to the time-to-live value of the content. In the case of a new item that is valid for three hours, this value would be 3 x 60 x 60 = 10800 seconds. If you perform static caching (the flashforward-object action), this value should normally be 0. If you perform dynamic caching (the cache dynamic action) this value should be set to indicate how long the ACE should cache the page. Valid values are from 0 to 2147483647 seconds. The default is 0. max time Maximum time in seconds than an object without an explicit expiration time should be considered fresh. The max keyword determines how the ACE handles the case when the object has passed its cache minimum time-to-live value.Valid values are from 0 to 2147483647 seconds. The default is 300 seconds. percent value Percent of an object’s age at which an embedded object without an explicit expiration time is considered fresh. Valid values are from 0 to 100 percent. The default is 0 percent. ACE Appliance Release Modification A1(7) This command was introduced.2-834 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Related Commands (config-parammap-optmz) cache key-modifier (config-parammap-optmz) cache parameter (config-parammap-optmz) cache ttl (config-parammap-optmz) cache-policy request (ACE appliance only) To override client request headers (primarily for embedded objects), use the cache-policy request command. Use the no form of the command to remove a cache policy request selection. cache-policy request {override-all | override-cache-ctl-no-cache} no cache-policy request {override-all | override-cache-ctl-no-cache} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE that all cache request headers are ignored, enter: host1/Admin(config-parammap-optmz)# cache-policy request override-all To remove a cache policy request selection, enter: host1/Admin(config-parammap-optmz)# no cache-policy request override-all Related Commands (config-actlist-optm) flashforward-object override-all Specifies that all cache request headers are ignored. override-cache-ctl-no-cache Overrides the Cache-Control: no cache HTTP header from a request. This keyword is used for a flashforward-object command action (see the “(config-actlist-optm) flashforward-object” section). Typically, if there is a cache control request header stating no cache, the ACE will not cache this object. The override-cache-ctl-no-cache keyword instructs the ACE to ignore the Cache-Control: no cache header from the request side. ACE Appliance Release Modification A1(7) This command was introduced.2-835 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) cache-policy response (ACE appliance only) To override origin server response headers (primarily for embedded objects), use the cache-policy response command. Use the no form of the command to remove a cache policy response selection. cache-policy response {override-all | override-cache-ctl-private} no cache-policy response {override-all | override-cache-ctl-private} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE that all cache response headers are ignored, enter: host1/Admin(config-parammap-optmz)# cache-policy response override-all To remove a cache policy response selection, enter: host1/Admin(config-parammap-optmz)# no cache-policy response override-all Related Commands (config-actlist-optm) flashforward-object override-all Specifies that all cache response headers are ignored. override-cache-ctl-private Overrides the Cache-Control: private HTTP header from a response. This keyword is used for a flashforward-object command action (see the “(config-actlist-optm) flashforward-object” section) and is equivalent to static object caching. Typically, if there is a cache control response header stating private, these response headers will make the object not cacheable. The override-cache-ctl-private keyword instructs the ACE to ignore the Cache-Control: private HTTP header from a response. ACE Appliance Release Modification A1(7) This command was introduced.2-836 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) canonical-url (ACE appliance only) To specify a string containing a canonical URL regular expression that defines a set of URLs to which the parameter map applies, use the canonical-url command. Use the no form of the command to delete the string that contains a canonical URL regular expression. canonical-url {parameter-expander-function} no canonical-url {parameter-expander-function} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines At least one URL must be specified using the canonical-url command. Use the canonical URL function in a parameter map to specify a base file selection policy. The canonical URL function specifies a regular expression that is used to match a variety of actual URLs. All matched URLs share a single base file. The ACE uses the canonical URL feature to modify a parameterized request to eliminate the question mark (?) and the characters that follow to identify the general part of the URL. This general URL is then used to create the base file. The ACE uses this feature to map multiple parameterized URLs to a single canonical URL. Examples To specify a string that contains a canonical URL regular expression, enter: host1/Admin(config-parammap-optmz)# canonical-url (1)/http_query_param(category) To delete the string that contains a canonical URL regular expression, enter: host1/Admin(config-parammap-optmz)# no canonical-url Related Commands (config-parammap-optmz) basefile anonymous-level (config-parammap-optmz) cache key-modifier (config-parammap-optmz) cache parameter (config-parammap-optmz) expires-setting parameter-expander-function Parameter expander function that evaluates to strings. See the “(config-parammap-optmz) cache key-modifier” section for a listing of the parameter expander functions that you can use. ACE Appliance Release Modification A1(7) This command was introduced.2-837 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) clientscript-default (ACE appliance only) To configure the ACE to recognize the scripting language used on delta optimized content pages, either JavaScript or Visual Basic, use the clientscript-default command. Use the no form of the command to revert to the default JavaScript scripting language. clientscript-default {javascript | vbscript} no clientscript-default {javascript | vbscript} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set the default scripting language to Visual Basic, enter: host1/Admin(config-parammap-optmz)# clientscript-default vbscript To revert to the default JavaScript scripting language, enter: host1/Admin(config-parammap-optmz)# no clientscript-default vbscript Related Commands This command has no related commands. javascript Sets the default scripting language to JavaScript (default). vbscript Sets the default scripting language to Visual Basic. ACE Appliance Release Modification A1(7) This command was introduced.2-838 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) description (ACE appliance only) To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type optimization http OPTIMIZE_PARAM_MAP host1/Admin(config-parammap-optmz)# description OPTIMIZATION HTTP-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-optz)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Appliance Release Modification A3(2.3) This command was introduced.2-839 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) delta (ACE appliance only) To control the delta optimization mode used by the ACE and to configure the delta optimization operating parameters on the ACE, use the delta command. Use the no form of the command to revert to the default all-user delta optimization mode. delta {all-user | cacheable-content | exclude {iframes | mime-type mime-type | non-ascii | scripts} | first-visit | page-size {min value | max value} | per-user} no delta {all-user | cacheable-content | exclude {iframes | mime-type mime-type | non-ascii | scripts} | first-visit | page-size {min value | max value} | per-user} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History all-user Specifies the corresponding URLs are to be delta optimized using the all-user delta optimization mode. This is the default. cacheable-content Enables delta optimization of cacheable content. Typically, the ACE detects cacheable content and prevents its delta optimization. exclude Defines the cacheable objects that should not be delta optimized. iframes Specifies that IFrames should not be delta optimized. mime-type mime-type Specifies the Multipurpose Internet Mail Extension (MIME)-type messages that should not be delta optimized (such as image/Jpeg, text/html, application/msword, audio/mpeg). non-ascii Specifies that non-ASCII data should not to be delta optimized. Specify this keyword if the content has UTF8 characters. Using this keyword excludes such UTF8 characters from delta optimization but the remainder of that page can still have delta optimization. scripts Specifies that JavaScript should not to be delta optimized. first-visit Enables delta optimization on the first visit to a web page. page-size Sets the minimum and maximum page size, in bytes, that can be delta optimized. min value Specifies the minimum page size, in bytes, that can be delta optimized. Valid values are from 1 to 250000 bytes. The default is 1024 bytes. max value Specifies the maximum page size, in bytes, that can be delta optimized. Valid values are 1024 to 250000 bytes. The default is 250000 bytes. per-user Specifies the corresponding URLs are to be delta optimized using the per-user delta optimization mode. ACE Appliance Release Modification A1(7) This command was introduced.2-840 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Usage Guidelines Delta optimization mode specifies whether the web pages to be delta optimized are common to all users or personalized for individual users, which determines what kind of page deltas are generated by the ACE. The ACE supports two delta optimization modes: • All-user mode • Per-user mode In the all-user delta optimization mode, the delta is generated against a single base file that is shared by all users of the URL. The all-user delta optimization mode is usable in most cases, even in the case of dynamic personalized content if the structure of a page is common across users. The disk space overhead is minimal (the disk space requirements are determined by the number of delta optimized pages, not the number of users). In the per-user delta optimization mode, when a specific user requests a URL, the delta for the response is generated against a base file that is created specifically for that user. The per-user delta optimization mode is useful in situations where the contents of a page (including layout elements) are different for each user. This mode delivers the highest level of delta optimization. However, a copy of the base page that is delivered to each user has to be kept in the ACE cache which increases the requirements on disk space for the ACE cache. The per-user delta optimization mode is useful for content privacy because base pages are not shared among users. Examples To specify that the corresponding URLs are to be delta optimized using the per-user delta optimization mode, enter: host1/Admin(config-parammap-optmz)# delta per-user To revert to the default all-user delta optimization mode, enter: host1/Admin(config-parammap-optmz)# no delta per-user To specify the MIME-type messages that should not be delta optimized, enter: host1/Admin(config-parammap-optmz)# delta exclude mime-type audio/mpeg To disable a delta optimization operating parameter on the ACE, enter: host1/Admin(config-parammap-optmz)# no delta exclude mime-type audio/mpeg Related Commands (config-actlist-optm) delta (config-parammap-optmz) basefile anonymous-level2-841 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) expires-setting (ACE appliance only) To control the period of time that objects in the client’s browser remain fresh, use the expires-setting command. Use the no form of the command to remove an expiration setting. expires-setting {cachettl | time-to-live seconds | unmodified) no expires-setting {cachettl | time-to-live seconds | unmodified) Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines The expires-setting command instructs the ACE to insert an Expires response header with a time value for an object. It is not necessary to configure this command when specifying the flashforward command in an action list because, in this case, the ACE always inserts a long time value in the Expires header for the transformed object. The expires-setting command is typically used when you are not using FlashForward but want to achieve the FlashForward affect by making all of the embedded objects perceived as being fresh by the browser. Examples To specify that the ACE use the settings configured by the cache ttl command, enter: host1/Admin(config-parammap-optmz)# expires-setting cachettl To remove an expiration setting, enter: host1/Admin(config-parammap-optmz)# no expires-setting cachettl Related Commands (config-parammap-optmz) cache ttl cachettl Sets the freshness similar to FlashForwarded objects and uses the minimum and maximum settings configured by the cache ttl command (if set). See the “(config-parammap-optmz) cache ttl” section. time-to-live seconds The duration that objects in the client’s browser remain fresh. Valid entries are from 0 to 2147483647 seconds. unmodified Disables browser object freshness control (default). ACE Appliance Release Modification A1(7) This command was introduced.2-842 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) extract meta (ACE appliance only) To configure the ACE to remove HTML Meta elements from documents to prevent them from being condensed, use the extract meta command. By default, the ACE includes HTML Meta elements in documents. Use the no form of the command to include HTML Meta elements in documents. extract meta no extract meta Syntax Description This command has no keywords or arguments. Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To remove HTML Meta elements from documents, enter: host1/Admin(config-parammap-optmz)# extract meta To include HTML Meta elements in documents, enter: host1/Admin(config-parammap-optmz)# no extract meta Related Commands This command has no related commands. ACE Appliance Release Modification A1(7) This command was introduced.2-843 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) flashforward refresh-policy (ACE appliance only) To configure the ACE to bypass FlashForward for stale embedded objects, use the flashforward refresh-policy command. Use the no form of the command to revert to the default of allowing FlashForward to indirectly refresh embedded objects. flashforward refresh-policy {all | direct} no flashforward refresh-policy {all | direct} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines Request headers that the ACE sends to the origin server for stale embedded objects (indirect GET) may not be accepted by the origin server and cause errors. In this case, specify direct to prevent this behavior. FlashForward is disabled by default; you must enable it by specifying the following commands in action list optimization mode: flashforward and flashforward-object (for embedded objects). Examples To bypass FlashForward for stale embedded objects, enter: host1/Admin(config-parammap-optmz)# flashforward refresh-policy direct To revert to the default of allowing FlashForward to indirectly refresh embedded objects, enter: host1/Admin(config-parammap-optmz)# no flashforward refresh-policy Related Commands (config-actlist-optm) flashforward (config-actlist-optm) flashforward-object all Allows FlashForward to indirectly refresh embedded objects (default). direct Bypasses FlashForward for stale embedded objects so that they are directly refreshed. ACE Appliance Release Modification A1(7) This command was introduced.2-844 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) ignore-server-content (ACE appliance only) To specify a comma-separated list of HTTP response codes for which the response body must not be read (ignored), use the ignore-server-content command. Use the no form of the command to remove one or more response codes to ignore. ignore-server-content value no ignore-server-content value Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify a response code value of 302 to ignore, enter: host1/Admin(config-parammap-optmz)# ignore-server-content 302 To remove one or more response codes to ignore, enter: host1/Admin(config-parammap-optmz)# no ignore-server-content Related Commands This command has no related commands. value The response code as an unquoted text string with a maximum of 64 alphanumeric characters. For example, a response code value of 302 directs the ACE to ignore the response body in the case of a 302 (redirect) response from the origin server. ACE Appliance Release Modification A1(7) This command was introduced.2-845 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) parameter-summary parameter-value-limit (ACE appliance only) To set the maximum number of bytes that are logged for each parameter value in the parameter summary of a transaction log entry in the statistics log, use the parameter-summary parameter-value-limit command. Use the no form of the command to revert to the default of 100 bytes as the parameter summary value. parameter-summary parameter-value-limit bytes no parameter-summary parameter-value-limit bytes Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify 5000 bytes as the value of the parameter summary, enter: host1/Admin(config-parammap-optmz)# parameter-summary parameter-value-limit 5000 To revert to the default of 100 bytes as the value of the parameter summary, enter: host1/Admin(config-parammap-optmz)# no parameter-summary parameter-value-limit Related Commands (config) logging host (config-actlist-optm) appscope (config-parammap-optmz) appscope optimize-rate-percent (config-parammap-optmz) request-grouping-string bytes Maximum number of bytes that are logged for each parameter value in the parameter summary of a transaction log entry in the statistical log. If a parameter value is longer than this limit, it is truncated at the specified parameter limit. Valid values are from 0 to 10,000 bytes. The default is 100 bytes. ACE Appliance Release Modification A1(7) This command was introduced.2-846 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) post-content-buffer-limit (ACE appliance only) To set the buffer size of an HTTP POST to a maximum number of kilobytes, use the post-content-buffer-limit command. Use the no form of the command to revert to the default buffer size of 40K. post-content-buffer-limit value no post-content-buffer-limit value Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines An HTTP POST can send a very large (effectively unlimited) amount of data; in an extreme case, the client can keep sending a stream of data for the server to handle. In order to parse and inspect the POST data, the ACE needs to load the data into a buffer in memory. Two types of standard HTTP form POST operations are as follows (they are distinguished by the value in the Content-Type header): • application/x-www-form-urlencoded—This type represents the majority of all HTTP POSTs. This type is just a standard POST of a webpage form. • multipart/form-data—This type is much less common. It allows browser users to upload files to a website or application. For example, if you use a web-based email program, and you want to attach a file to an e-mail that you are sending, the upload of the file is done using this type. Another usage (even less common) of this type of HTTP POST is to send binary data (for example, from a custom browser plug-in, or from a non-browser HTTP client). Examples To specify a buffer size of 1000 KB, enter: host1/Admin(config-parammap-optmz)# post-content-buffer-limit 1000 To revert to the default buffer size of 40 KB, enter: host1/Admin(config-parammap-optmz)# no post-content-buffer-limit Related Commands This command has no related commands. value The buffer size for POST data for the purpose of logging transaction parameters in the statistics log. Valid values are 0 to 1000 KB. The default is 40 KB. Parameters beyond this limit will not be logged by the ACE. ACE Appliance Release Modification A1(7) This command was introduced.2-847 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands (config-parammap-optmz) rebase (ACE appliance only) To control the rebasing of base files by the ACE, use the rebase command. Use the no form of the command to revert to a default rebase setting. rebase {delta-percent value | flashforward-percent value | history-size value | modification-cooloff-period value | reset-period value} no rebase {delta-percent value | flashforward-percent value | history-size value | modification-cooloff-period value | reset-period value} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History delta-percent value Specifies the delta threshold at which rebasing is triggered. This number represents the size of a page delta relative to the page total size, expressed as a percentage. Valid values are from 0 to 10000 percent. The default threshold is 50 percent. flashforward-percent value Specifies a rebase, based on the percent of FlashForwarded URLs in the response. Rebasing is triggered when the difference between the percentages of FlashForwarded URLs in the delta response and the base file exceed the threshold. Valid values are from 0 to 10000 percent. The default is 50 percent. The flashforward-percent keyword provides a threshold control for rebasing based on the percent of FlashForwarded URLs in the response. Where the delta-percent keyword triggers rebasing when the delta response size exceeds the threshold as a percentage of base file size; the flashforward-percent keyword triggers rebasing when the difference between the percentages of FlashForwarded URLs in the delta response and the base file exceed the threshold. history-size value Controls how much history is stored before resetting. Once the sample collection reaches the specified history size, the ACE resets all rebase control parameters to zero and starts over. Using the history-size keyword prevents the base file from becoming too rigid. That is, if a base file has served approximately one million pages, then it would take another half million unfavorable responses before the base file can be rebased. Valid values are from 10 to 2147483647 pages. The default value for this parameter is 1000 pages. modification-cooloff-period value Specifies the time, in seconds, after the last modification before performing a rebase. Valid values are from 1 to 14400 seconds (4 hours).The default is 14400 seconds. reset-period value Specifies the period for performing a meta data refresh Valid values are from 1 to 900 seconds (15 minutes). The default is 900 seconds. ACE Appliance Release Modification A1(7) This command was introduced.2-848 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands Usage Guidelines Rebasing refers to the process of updating the base file that is used for generating deltas between subsequent content retrievals. Because the base content of a site often changes over a period of time, the size of the generated deltas can grow relatively large. To maintain the effectiveness of the delta optimization process, the base files are automatically updated as required. Examples To specify a rebase, based on a percentage of 1000 FlashForwarded URLs in the response, enter: host1/Admin(config-parammap-optmz)# rebase flashforward-percent 1000 To revert to a default rebase setting, enter: host1/Admin(config-parammap-optmz)# no rebase flashforward-percent Related Commands This command has no related commands. (config-parammap-optmz) request-grouping-string (ACE appliance only) To define a string to sort requests for AppScope reporting by the optional Cisco AVS 3180A Management Station, use the request-grouping-string command. Use the no form of the command to re move a request grouping string. request-grouping-string string no request-grouping-string string Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines The string can contain a URL regular expression that defines a set of URLs in which URLs that differ only by their query parameters are to be treated as separate URLs in AppScope reports. Typically, in an AppScope report organized by URL, matching URLs that differ only in their query parameters are treated as the same URL and are not listed on separate lines. Use the request-grouping-string command to specify that all URL variations that are based on query parameters are to be treated as separate URLs for reporting purposes. Each variation will appear on a separate line in the report. string URL regular expression that defines a set of URLs. The string can contain the parameter expander functions listed in the (config-parammap-optmz) cache key-modifier section. ACE Appliance Release Modification A1(7) This command was introduced.2-849 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands For details about the Cisco AVS 3180A Management Station database, management, and reporting features for the ACE optimization functionality, including AppScope reporting, see the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide. Examples To define a string that is used to make the URLs http://server/catalog.asp?region=asia and http://server/catalog.asp?region=america into two separate reporting categories, enter: host1/Admin(config-parammap-optmz)# request-grouping-string http_query_param(region) To remove a request grouping string, enter: host1/Admin(config-parammap-optmz)# no request-grouping-string Related Commands (config-parammap-optmz) appscope optimize-rate-percent (config-actlist-optm) appscope (config-parammap-optmz) server-header (ACE appliance only) To define a user-specified string to be sent in the server header for an HTTP response, use the server-header command in parameter map optimization configuration mode. Use the no form of the command to delete the server header string. server-header string no server-header srting Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command provide you with a method to uniquely tag the context or URL match statement by setting server header value to a particular string. The server header string can be used in cases where a particular URL is not being transmitted to the correct target context or the match statement. Examples To specify a string to be sent in the server header, enter: host1/Admin(config-parammap-optmz)# server-header “Header from Admin Context” string A particular string to be included in the server header. Enter a quoted text string. A maximum of 64 alphanumeric characters are allowed. ACE Appliance Release Modification A1(7) This command was introduced.2-850 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands To delete the server header string, enter: host1/Admin(config-parammap-optmz)# no server-header Related Commands This command has no related commands. (config-parammap-optmz) server-load (ACE appliance only) To control load-based expiration for the cache, use the server-load command. Use the no form of the command to revert to a default setting of 20 percent. server-load {trigger-percent value | ttl-change-percent value} no server-load {trigger-percent value | ttl-change-percent value} Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines Performance assurance with load-based expiration allows an object in the cache to expire (excluding the natural process of cache pruning). The origin server’s load determines when the object expires. This type of expiration allows you to dynamically increase the time to live (TTL) of cached responses if the current response time (average computed over a short time window) from the origin servers is larger than the average response time (average computed over a longer time window) by a threshold amount. Similarly, the TTL is dynamically decreased if the reverse holds true. The starting value for the cache trigger-percent value Defines the threshold that triggers a change in the cache TTL. This keyword enables the ACE to monitor server load in real time and make intelligent “closed loop” content expiration decisions so that site performance is maximized and existing hardware resources are used most efficiently, even during periods of peak traffic load. Valid values are from 0 to 100 percent. The default is 20 percent. ttl-change-percent value Defines the percentage by which the cache TTL is increased or decreased in response to a change in the server load. For example, if you set this value to 20 and the current TTL for a particular response is 300 seconds, and if the current server response time exceeds the trigger threshold, then the cache TTL for the response is raised to 360 seconds (20 percent increase). Valid values are from 0 to 100 percent. The default is 20 percent. ACE Appliance Release Modification A1(7) This command was introduced.2-851 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map Optimization Configuration Mode Commands TTL is the cache ttl min value (see the “(config-parammap-optmz) cache ttl” section) or 0 if you do not specify a value. Moving average-based calculation allows the cache to respond to trends in usage patterns, smoothing out uncharacteristic spikes. Examples To specify a threshold trigger of 50 percent, enter: host1/Admin(config-parammap-optmz)# server-load trigger-percent 50 To revert to a default setting of 20 percent, enter: host1/Admin(config-parammap-optmz)# no server-load trigger-percent Related Commands (config-parammap-optmz) cache ttl2-852 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map RTSP Configuration Mode Commands (config-parammap-optmz) utf8 threshold (ACE appliance only) To determine how many UTF-8 characters on a page constitute a UTF-8 character set page for purposes of UTF-8 detection, use the utf8 threshold command. Use the no form of the command to disable the UTF-8 threshold. utf8 threshold value no utf8 threshold value Syntax Description Command Modes Parameter map optimization configuration mode Admin and user contexts Command History Usage Guidelines This threshold adjusts the detection of multibyte UTF-8 character set pages. Examples To specify a value of 1000 UTF-8 characters on a page, enter: host1/Admin(config-parammap-optmz)# utf8 threshold 1000 To disable the UTF-8 threshold, enter: host1/Admin(config-parammap-optmz)# no utf8 threshold Related Commands This command has no usage guidelines. Parameter Map RTSP Configuration Mode Commands Parameter map RTSP configuration mode commands allow you to specify a Real-Time Streaming Protocol (RTSP-type) parameter map and define its settings. To create an RTSP-type parameter map and access parameter map RTSP configuration mode, use the parameter-map type rtsp command. The prompt changes to (config-parammap-rtsp). Use the no form of this command to remove an RTSP-type parameter map from the configuration. parameter-map type rtsp name no parameter-map type rtsp name value Number of UTF-8 characters on a page that constitute a UTF-8 character set page. Valid values are from 1 to 1,000,000 characters. The default is 5 characters. ACE Appliance Release Modification A1(7) This command was introduced.2-853 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map RTSP Configuration Mode Commands Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create and configure a parameter map, you must associate the parameter map with a policy map to activate it. For details, see the (config-pmap-c) appl-parameter rtsp advanced-options command in the “Policy Map Configuration Mode Commands” section. Examples To create an RTSP-type parameter map called RTSP_MAP, enter: host1/Admin(config)# parameter-map type rtsp RTSP_MAP host1/Admin(config-parammap-rtsp)# Related Commands (config) parameter-map type (config-pmap-c) appl-parameter rtsp advanced-options show parameter-map name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-854 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map RTSP Configuration Mode Commands (config-parammap-rtsp) case-insensitive To disable case-sensitivity matching for RTSP, use the case-insensitive command. Use the no form of this command to reset the ACE to its default of case-sensitive RTSP matching. case-insensitive no case-insensitive Syntax Description This command has no keywords or arguments. Command Modes Parameter map RTSP configuration mode Admin and user contexts Command History Usage Guidelines By default, the ACE CLI is case sensitive. With case-insensitive matching enabled, uppercase and lowercase letters are considered the same. When case sensitivity is disabled, it applies to the following: • RTSP header names and values • RTSP URL strings • RTSP inspection (for details, see the Security Guide, Cisco ACE Application Control Engine) Examples To enable case-insensitive matching, enter: host1/Admin(config-parammap-rtsp)# case-insensitive To reenable case-sensitive matching, enter: host1/Admin(config-parammap-rtsp)# no case-insensitive Related Commands show parameter-map ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-855 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map RTSP Configuration Mode Commands (config-parammap-rtsp) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map RTSP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type rtsp RTSP_MAP host1/Admin(config-parammap-rtsp)# description RTSP-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-rtsp)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-856 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map RTSP Configuration Mode Commands (config-parammap-rtsp) set header-maxparse-length To set the maximum number of bytes to parse for RTSP headers, use the set header-maxparse-length command. Use the no form of this command to reset the RTSP header maximum parse length to the default of 2048 bytes. set header-maxparse-length bytes no set-header maxparse-length Syntax Description Command Modes Parameter map RTSP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set the RTSP header maximum parse length to 16,384 bytes, enter: host1/Admin(config-parammap-rtsp)# set header-maxparse-length 16384 To reset the RTSP header maximum parse length to the default of 2048 bytes, enter: host1/Admin(config-parammap-rtsp)# no set header-maxparse-length 8192 Related Commands show parameter-map bytes Maximum number of bytes to parse for the total length of all RTSP headers. Enter an integer from 1 to 65535. The default is 2048 bytes. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-857 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SCCP Configuration Mode Commands Parameter Map SCCP Configuration Mode Commands Parameter map Skinny Client Control Protocol (SCCP) configuration mode commands allow you to specify an SCCP-type parameter map and configure SCCP packet inspection on the ACE. To configure SCCP packet inspection, use the parameter-map type skinny command in configuration mode. The prompt changes to (config-parammap-skinny). Use the no form of this command to remove the parameter map from the configuration. parameter-map type skinny name no parameter-map type skinny name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines Note the following considerations when you configure SCCP inspection on the ACE: • If the IP address of an internal Cisco CallManager (CCM) is configured for Network Address Translation (NAT) or Port Address Translation (PAT) to a different IP address or port, registrations for external IP phones fail because the ACE does not support NAT or PAT of the file content transferred over TFTP. Although the ACE supports NAT of TFTP messages and opens a secure port for the TFTP file, the ACE cannot translate the CCM IP address and port that are embedded in the IP phone configuration files. The configuration files are transferred using TFTP during phone registration. • If a Skinny phone is in a low security zone and the TFTP server is in a high security zone, the ACE cannot translate the TFTP server IP address. In this case, the ACE opens the TFTP port (69) for Skinny phones. Examples To create an SCCP-type parameter map called SCCP_PARAMMAP, enter: host1/Admin(config)# parameter-map type skinny SCCP_PARAMMAP host1/Admin(config-parammap-skinny)# To remove the parameter map from the configuration, enter: host1/Admin(config)# no parameter-map type skinny SCCP_PARAMMAP name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 32 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-858 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SCCP Configuration Mode Commands Related Commands (config) parameter-map type (config-pmap-c) appl-parameter skinny advanced-options show parameter-map2-859 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SCCP Configuration Mode Commands (config-parammap-skinny) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map SCCP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type skinny SCCP_PARAMMAP host1/Admin(config-parammap-skinny)# description SCCP-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-skinny)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-860 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SCCP Configuration Mode Commands (config-parammap-skinny) enforce-registration To enable registration enforcement, use the enforce-registration command. Use the no form of this command to disable registration enforcement. enforce-registration no enforce-registration Syntax Description This command has no keywords or arguments. Command Modes Parameter map SCCP configuration mode Admin and user contexts Command History Usage Guidelines You can configure the ACE to allow only registered Skinny clients to make calls. To accomplish this task, the ACE maintains the state of each Skinny client. After a client registers with CCM, the ACE opens a secure port (pinhole) to allow that client to make a call. By default, this feature is disabled. Examples To enable registration enforcement for Skinny clients, enter: host1/Admin(config-parammap-skinny)# enforce-registration To disable registration enforcement, enter: host1/Admin(config-parammap-skinny)# no enforce-registration Related Commands (config-pmap-c) appl-parameter skinny advanced-options (config-parammap-skinny) message-id max (config-parammap-skinny) sccp-prefix-len ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-861 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SCCP Configuration Mode Commands (config-parammap-skinny) message-id max To set the maximum SCCP StationMessageID that the ACE allows, use the message-id max command. Use the no form of this command to reset the maximum message ID to the default of 0x181. message-id max number no message-id max number Syntax Description Command Modes Parameter map SCCP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set the maximum SCCP message ID to 0x3000, enter: host1/Admin(config-parammap-skinny)# message-id max 3000 To reset the maximum message ID to the default of 0x181, enter host1/Admin(config-parammap-skinny)# no message-id max 3000 Related Commands (config-pmap-c) appl-parameter skinny advanced-options (config-parammap-skinny) enforce-registration (config-parammap-skinny) sccp-prefix-len number Largest value for the station message ID in hexadecimal that the ACE accepts. Enter a hexadecimal value from 0 to 4000. If a packet arrives with a station message ID greater than the maximum configured value or greater than the default value, the ACE drops the packet and generates a syslog message. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-862 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SCCP Configuration Mode Commands (config-parammap-skinny) sccp-prefix-len To set the minimum and maximum SCCP prefix length, use the sccp-prefix-len command. Use the no form of this command to reset the minimum prefix length to the default behavior. sccp-prefix len {max number | min number} no sccp-prefix len {max number | min number} Syntax Description Command Modes Parameter map SCCP configuration mode Admin and user contexts Command History Usage Guidelines By default, the ACE drops SCCP messages that have an SCCP Prefix length that is less than the message ID. You can configure the ACE to check for a specific minimum prefix length. You can also configure the ACE to check for a maximum prefix length, but this check is disabled by default. The ACE drops any Skinny message packets that fails these checks and generates a syslog message. Examples To set the minimum SCCP prefix length, enter: host1/Admin(config-parammap-skinny)# sccp-prefix-len min 4 To reset the minimum SCCP prefix length to the default behavior, enter: host1/Admin(config-parammap-skinny)# no sccp-prefix-len min 4 Related Commands (config-pmap-c) appl-parameter skinny advanced-options (config-parammap-skinny) enforce-registration (config-parammap-skinny) message-id max max number Enables the check of the maximum SCCP prefix length. Enter an integer from 4 to 4000 bytes. The default is 4 bytes. min number Specifies the minimum SCCP prefix length. Enter an integer from 4 to 4000 bytes. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-863 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands Parameter Map SIP Configuration Mode Commands Parameter map Session Initiation Protocol (SIP) configuration mode commands allow you to specify an SIP-type parameter map and configure a SIP deep packet inspection policy map. To configure SIP deep packet inspection, use the parameter-map type sip command in configuration mode. The prompt changes to (config-parammap-sip). Use the no form of this command to remove the parameter map from the configuration. parameter-map type sip name no parameter-map type sip name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines Note the following considerations when you configure SIP inspection on the ACE: • If the IP address in the owner field (o=) is different from the IP address in the connection field (c=) of the Session Description Protocol (SDP) portion of a SIP packet, the ACE may not translate the IP address properly. This improper IP address translation is caused by a limitation of the SIP protocol, which does not provide a port value in the owner field (o=). • If a remote endpoint attempts to register with a SIP proxy server on a network protected by the ACE, the registration fails under the following conditions: – PAT is configured on the remote endpoint – The SIP registration server is on the outside network The port value is missing in the contact field of the REGISTER message that the endpoint sends to the proxy server. Examples To create an SIP-type parameter map called SIP_PARAMMAP, enter: host1/Admin(config)# parameter-map type sip SIP_PARAMMAP host1/Admin(config-parammap-sip)# name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 32 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-864 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands To remove the parameter map from the configuration, enter: host1/Admin(config)# no parameter-map type sip SIP_PARAMMAP Related Commands (config) parameter-map type (config-pmap-c) appl-parameter sip advanced-options show parameter-map2-865 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands (config-parammap-sip) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map SIP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type sip SIP_PARAMMAP host1/Admin(config-parammap-sip)# description SIP-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-sip)# no description Related Commands show parameter-map (config-parammap-sip) im To enable instant messaging (IM) over SIP, use the im command. Use the no form of this command to disable instant messaging. im no im text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-866 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands Syntax Description This command has no keywords or arguments. Command Modes Parameter map SIP configuration mode Admin and user contexts Command History Usage Guidelines Disabling IM results in the ACE dropping all messages belonging to the IM. Examples To enable instant messaging over SIP, enter: host1/Admin(config-parammap-sip)# im To disable instant messaging, enter: host1/Admin(config-parammap-sip)# no im Related Commands (config-parammap-sip) max-forward-validation (config-parammap-sip) software-version (config-parammap-sip) strict-header-validation (config-parammap-sip) uri-non-sip (config-parammap-sip) max-forward-validation To instruct the ACE to validate the value of the Max-Forwards header field, use the ACE max-forward-validation command. Use the no form of this command to disable maximum forward field validation. max-forward-validation {log} | {{drop| reset} [log]} no max-forward-validation {log} | {{drop| reset} [log]} Syntax Description ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. log Specifies that the ACE log a max forward validation event. drop Specifies that the ACE drop the SIP message. reset Specifies that the ACE reset the SIP connection.2-867 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands Command Modes Parameter map SIP configuration mode Admin and user contexts Command History Usage Guidelines The Max-Forwards header field limits the number of hops that a SIP request can take on the way to its destination. This header field contains an integer that is decremented by one at each hop. If the Max-Forwards value reaches zero before the request reaches its destination, the request is rejected with a 483 Too Many Hops error response. You can instruct the ACE to validate the Max-Forwards header field value and to take appropriate action if the validation fails. Examples To enable Max-Forwards header field validation, enter: host1/Admin(config-parammap-sip)# max-forward-validation drop log To disable maximum forward field validation, enter: host1/Admin(config-parammap-sip)# no max-forward-validation Related Commands (config-parammap-sip) im (config-parammap-sip) software-version (config-parammap-sip) strict-header-validation (config-parammap-sip) uri-non-sip (config-parammap-sip) software-version To enable user agent (UA) software version options, use the software-version command. Use the no form of this command to reset the software version to the default behavior. software-version {log} | {mask [log]} no software-version {log} | {mask [log]} Syntax Description ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. log Specifies that the ACE log the UA software version. mask Specifies that the ACE mask the UA software version.2-868 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands Command Modes Parameter map SIP configuration mode Admin and user contexts Command History Usage Guidelines If the software version of a user agent (UA) were exposed, the UA may be more vulnerable to attacks from hackers who exploit the security holes present in that particular version of software. To protect the UA from such attacks, the ACE allows you to log or mask the UA software version. Examples To configure the ACE to mask the UA software version, enter: host1/Admin(config-parammap-sip)# software-version mask To return the ACE behavior to the default of not masking the UA software version, enter: host1/Admin(config-parammap-sip)# no software-version mask Related Commands (config-parammap-sip) im (config-parammap-sip) max-forward-validation (config-parammap-sip) strict-header-validation (config-parammap-sip) uri-non-sip (config-parammap-sip) strict-header-validation To enable strict header validation and the action that you want the ACE to perform if a SIP header does not meet the validation requirements, use the strict-header-validation command. Use the no form of this command to disable strict header validation. strict-header-validation {log} | {{drop | reset} [log]} no strict-header-validation {log} | {{drop| reset} [log]} Syntax Description ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. drop Specifies that the ACE drop the SIP message. reset Specifies that the ACE reset the connection. log Specifies that the ACE log the header validation event.2-869 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands Command Modes Parameter map SIP configuration mode Admin and user contexts Command History Usage Guidelines You can ensure the validity of SIP packet headers by configuring the ACE to check for the presence of the following mandatory SIP header fields: • From • To • Call-ID • CSeq • Via • Max-Forwards If one of these header fields is missing in a SIP packet, the ACE considers that packet invalid. The ACE also checks for forbidden header fields, according to RFC 3261. Use care if you plan to enable the drop option to ensure the validity of SIP packet headers. The drop option results in dropping requests which do not include the mandatory headers of that request. In some cases, the use of the drop option can lead to problems with some phones which do not utilize the mandatory headers in the request. For example, when a call is made and then cancelled, the phone receives a 487 Request Terminated cancel status request and transmits an ACK. However, for the Cisco IP Phone 7960, the transmitted ACK does not contain the MAX-FORWARDS header, which is a mandatory header for ACK. The ACE will then drop this packet, which can result in operational issues with the phone. Examples To enable strict header validation, instruct the ACE to drop the connection if the packet header does not meet the header validation requirements, and log the event, enter: host1/Admin(config-parammap-sip)# strict-header-validation drop log To disable strict header validation, enter: host1/Admin(config-parammap-sip)# no strict-header-validation drop log Related Commands (config-parammap-sip) im (config-parammap-sip) max-forward-validation (config-parammap-sip) software-version (config-parammap-sip) uri-non-sip ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-870 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands (config-parammap-sip) timeout To prevent a hacker from exploiting this port, set a timeout for SIP media by using the timeout command in parameter map SIP configuration mode. Use the no form of this command to return the streaming media port timeout value to the default of 5 seconds. timeout sip-media number no timeout sip-media number Syntax Description Command Modes Parameter map SIP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify a secure streaming media port timeout value of 1 hour, enter: host1/Admin(config)# parameter-map type sip SIP_PARAMMAP host1/Admin(config-parammap-sip)# timeout sip-media 3600 To return the streaming media port timeout value to the default of 5 seconds, enter: host1/Admin(config-parammap-sip)# no timeout sip-media 3600 Related Commands (config-parammap-sip) im (config-parammap-sip) max-forward-validation (config-parammap-sip) software-version (config-parammap-sip) uri-non-sip number The timeout in seconds for the media port. Enter an integer from 1 to 65535 seconds. The default is 5 seconds. Be sure to provide a timeout value that is large enough for streaming media applications to complete. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-871 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SIP Configuration Mode Commands (config-parammap-sip) uri-non-sip To enable the detection of non-SIP URIs in SIP messages, use the uri-non-sip command. Use the no form of this command to disable the detection of non-SIP URIs. uri-non-sip {log} | {mask [log]} no uri-non-sip {log} | {mask [log]} Syntax Description Command Modes Parameter map SIP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To enable the detection of non-SIP URIs in SIP messages and log the event, enter: host1/Admin(config-parammap-sip)# uri-non-sip log To disable the detection of non-SIP URIs in SIP messages, enter: host1/Admin(config-parammap-sip)# no uri-non-sip log Related Commands (config-parammap-sip) im (config-parammap-sip) max-forward-validation (config-parammap-sip) software-version (config-parammap-sip) strict-header-validation log Specifies the ACE log the non-SIP URI. mask Specifies that the ACE mask the non-SIP URI. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-872 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands Parameter Map SSL Configuration Mode Commands Parameter map Secure Sockets Layer (SSL) configuration mode commands allow you to specify an SSL-type parameter map and configure SSL settings for the map. To create an SSL-type parameter map and access parameter map SSL configuration mode, use the parameter-map type ssl command in configuration mode. The prompt changes to (config-parammap-ssl). Use the no form of this command to remove the parameter map from the configuration. parameter-map type ssl name no parameter-map type ssl name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the connection or SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create and configure an SSL parameter map, you must associate the parameter map with a policy map to activate it. For details, see the (config-ssl-proxy) ssl advanced-options command in the “SSL Proxy Configuration Mode Commands” section. Examples To create an SSL-type parameter map called SSL_MAP, enter: host1/Admin(config)# parameter-map type ssl SSL_MAP host1/Admin(config-parammap-ssl)# Related Commands (config) parameter-map type (config-ssl-proxy) ssl advanced-options show parameter-map name Name assigned to the parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-873 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) authentication-failure To configure the ACE to continue an SSL handshake when certificate failure occurs, use the authentication-failure command. This command applies when client or server authentication is enabled. Use the no form of this command to reset the default behavior of terminating an SSL handshake when a certificate failure occurs. authentication-failure {ignore | redirect reason {serverfarm serverfarm_name | url URL_string {301|302}}} no authentication-failure Syntax Description ignore Ignores any client or server certificate failure during the SSL handshake in a SSL termination or initiation configuration, respectively. redirect reason (SSL termination only) Performs a redirect to the specified redirect server farm or URL when the ACE encounters a client certificate failure. When you configure this keyword, after the handshake is completed, the redirect occurs to the redirect server farm or the URL. If multiple failures cause a redirect, the ACE performs a redirect on the first failure that it encounters. If that failure is corrected, the ACE performs a redirect on the next failure that it encounters. For the reason argument, enter of the following to associate the client certificate failure with a redirect: • cert-not-yet-valid—Associates a certificate that is not yet valid failure with the redirect. • cert-expired—Associates an expired certificate failure with a redirect. • unknown-issuer—Associates an unknown issuer certificate failure with a redirect. • cert-revoked—Associates a revoked certificate failure with a redirect. • no-client-cert—Associates no client certificate failure with a redirect. • crl-not-available—Associates a CRL that is not available failure with a redirect. • crl-has-expired—Associates an expired CRL failure with a redirect. • cert-signature-failure—Associates a certificate signature failure with a redirect. • cert-other-error—Associates a all other certificate failures with a redirect. • any—Associates any of the certificate failures with the redirect.2-874 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines By default, when the ACE encounters one of the following certificate failures during the setup of the front-end connection in an SSL termination configuration or back-end connection in an SSL initiation configuration when authentication is enabled, it terminates the SSL handshake: • Certificate is not yet valid • Certificate has expired • Unable to get issuer certificate • Certificate is revoked • No client certificate is sent • Certificate signature failure • CRL is not available during the revocation check • CRL is expired during revocation check • All other certificate errors serverfarm serverfarm_name Specifies the name of a configured server farm for the redirect as follows: • ACE software version A4(1.0) or later—Enter the name of a configured host or redirect server farm. • All earlier ACE software versions—Enter the name of a configured redirect server farm only. url URL_string Specifies the static URL path for the redirect. Enter a string with a maximum of 255 characters and no spaces. 301|302 Specifies the redirect code that is sent back to the client. Enter one of the following: • 301, the status code for a resource permanently moving to a new location. • 302, the status code for a resource temporarily moving to a new location. ACE Module Release Modification A2(1.1) This command was introduced. A2(3.0) Added the redirect keyword. ACE Appliance Release Modification A1(8) This command was introduced. A4(1.0) Added the ignore keyword for client authentication and the redirect keyword.2-875 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands For client certificate failures, you can configure the ACE to either ignore these failures or perform a redirect to a server farm or URL. For server certificate failures, you can only configure the ACE to ignore these failures. Examples For example, to ignore all certificate failures during the SSL handshake, enter: host1/Admin(config)# parameter-map type ssl SSL_PARAMMAP_SSL host1/Admin(config-parammap-ssl)# authentication-failure ignore To perform a redirect to the INVALID-CERT server farm when a cert-not-yet-valid failure occurs with a client certificate, enter: host1/Admin(config-parammap-ssl)# authentication-failure redirect cert-not-yet-valid serverfarm INVALID-CERT To perform a redirect to a static URL with a 302 status code when an unknown-issuer failure occurs with a client certificate, enter: host1/Admin(config-parammap-ssl)# authentication-failure redirect unknown-issuer url https://www.example.com/NewCertRequest.html 302 To reset the default behavior of terminating an SSL handshake when a certificate failure occurs, use the no form of the command: host1/Admin(config-parammap-ssl)# no authentication-failure redirect unknown-issuer Related Commands (config-ssl-proxy) authgroup2-876 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) cdp-errors ignore When the crl best-effort command is configured, to configure the ACE to allow the SSL connection if CRL distribution point (CDP) errors occur in the presented certificates or errors occur during a CRL download, use the cdp-errors ignore command. Use the no form of this command to reset the default behavior where the ACE rejects an SSL connection when CDP or CRL-download errors occur. cdp-errors ignore no cdp-errors ignore Syntax Description This command has no keywords or arguments. Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines By default, when you configure the crl best-effort command for client or server certificate revocation checks, if the ACE detects CRL distribution point (CDP) errors in the presented certificates or errors occur during a CRL download, the ACE rejects the SSL connection. The cdp-errors ignore command allows you to configure the ACE to ignore CDP errors when the crl best-effort command is configured. When you configure the cdp-errors ignore command, the ACE allows SSL connections when it detects CDP errors in the presented certificates or it could not download a valid certificate revocation list (CRL) from valid CDPs on the certificates. Examples For example, to configure the ACE to ignore CDP or CRL-download errors, enter: host1/Admin(config)# parameter-map type ssl PARAMMAP_SSL host1/Admin(config-parammap-ssl)# cdp-errors ignore To reset the default behavior where the ACE rejects an SSL connection when CDP or CRL-download errors occur, enter: host1/Admin(config-parammap-ssl)# no cdp-errors ignore Related Commands show crypto (config-ssl-proxy) crl ACE Module Release Modification A2(2.1) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.2-877 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) cipher To define each of the cipher suites that you want the ACE to support during a secure session, use the cipher command. Use the no form of this command to delete a cipher suite from the SSL parameter map. cipher cipher_name [priority cipher_priority] no cipher cipher_name Syntax Description Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines Table 1-19 lists the available cipher suites that the ACE supports and indicates which of the supported cipher suites are exportable from the ACE. Table 1-19 also lists the authentication certificate and encryption key required by each cipher suite. cipher_name Name of the cipher suite. See the “Usage Guidelines” section for the TCP options available for the available cipher suites that the ACE supports. Enter one of the supported cipher suites from Table 1-19. The default setting is all. priority (Optional) Assigns a priority level to the cipher suite. The priority level represents the preference-for-use ranking of the cipher suite, with 10 being the most preferred and 1 being the least preferred. By default, all configured cipher suites have a priority level of 1. cipher_priority Priority level of the cipher suite. Enter a value from 1 to 10. The default priority value is 1. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. Ta b l e 1-19 Supported Cipher Suites Cipher Suite Exportable Authentication Certificate Used Key Exchange Algorithm Used RSA_WITH_RC4_128_MD5 No RSA certificate RSA key exchange RSA_WITH_RC4_128_SHA No RSA certificate RSA key exchange RSA_WITH_DES_CBC_SHA No RSA certificate RSA key exchange RSA_WITH_3DES_EDE_CBC_SHA No RSA certificate RSA key exchange RSA_EXPORT_WITH_RC4_40_MD5 Yes RSA certificate RSA key exchange2-878 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands Repeat the cipher command for each cipher suite that you want to include in the SSL parameter map. The ACE chooses a cipher suite with the highest priority level from the client list. For SSL termination applications, the ACE uses the priority level to match cipher suites in the client’s ClientHello handshake message. For SSL initiation applications, the priority level represents the order in which the ACE places the cipher suites in its ClientHello handshake message to the server. The default “all cipher suites” setting works only when you do not configure the SSL parameter map with any specific ciphers. To return to using the “all cipher suites” setting, you must delete each of the specifically defined ciphers from the parameter map using the no form of the command. Examples To add the cipher suite RSA_WITH _AES_128_CBC_SHA and assign it a priority 2 level, enter: host1/Admin(config-parammap-ssl)# cipher RSA_WITH_AES_128_CBC_SHA priority 2 To delete the cipher suite RSA_WITH _AES_128_CBC_SHA from the SSL parameter map, enter: host1/Admin(config-parammap-ssl)# no cipher RSA_WITH_AES_128_CBC_SHA Related Commands (config-parammap-ssl) queue-delay timeout (config-parammap-ssl) session-cache timeout (config-parammap-ssl) version show parameter-map RSA_EXPORT_WITH_DES40_CBC_SHA Yes RSA certificate RSA key exchange RSA_EXPORT1024_WITH_RC4_56_MD5 Yes RSA certificate RSA key exchange RSA_EXPORT1024_WITH_DES_CBC_SHA Yes RSA certificate RSA key exchange RSA_EXPORT1024_WITH_RC4_56_SHA Yes RSA certificate RSA key exchange RSA_WITH_AES_128_CBC_SHA No RSA certificate RSA key exchange RSA_WITH_AES_256_CBC_SHA No RSA certificate RSA key exchange Table 1-19 Supported Cipher Suites (continued) Cipher Suite Exportable Authentication Certificate Used Key Exchange Algorithm Used2-879 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) close-protocol To configure how the ACE handles the sending of close-notify messages, use the close-protocol command. By default, the ACE sends a close-notify alert message to its peer when closing a session but has no expectation of receiving one back from the peer. Use the no form of this command to reset the the default behavior. close-protocol {disabled | none} no close-protocol Syntax Description Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To set close-protocol to disabled, enter: host1/Admin(config)# parameter-map type ssl SSL_PARAMMAP_SSL host1/Admin(config-parammap-ssl)# close-protocol disabled To configure the close-protocol command with the default setting of none, enter: host1/Admin(config-parammap-ssl)# no close-protocol Related Commands show parameter-map disabled Configures the ACE not to send a close-notify alert message to its peer when closing a session with no expectation of receiving one back from the peer. none Configures the ACE to send a close-notify alert message to its peer when closing a session, but the ACE has no expectation of receiving one back from the peer. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-880 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) description To add a description for the parameter map, use the description command. Use the no form of this command to remove the description from the parameter map. description text_string no description Syntax Description Command Modes Parameter map SSL configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for the parameter map, enter: host1/Admin(config)# parameter-map type ssl SSL_PARAMMAP host1/Admin(config-parammap-ssl)# description SSL-TYPE PARAMETER MAP To remove the description from the parameter map, enter: host1/Admin(config-parammap-ssl)# no description Related Commands show parameter-map text_string Description for the action list. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.3) This command was introduced.2-881 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) expired-crl reject To configure the ACE to reject a client or server certificate when the CRL in use has expired, use the expired-crl reject command. For the ACE module, you can also configure the ACE to reject a server certificate. Use the no form of this command to reset the default behavior of the ACE accepting a client certificate after the CRL in use has expired. expired-crl reject no expired-crl reject Syntax Description This command has no keywords or arguments. Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines When you configure certificate revocation lists (CRLs) on the ACE, the CRLs contain an update field that specifies the date when a new version would be available. By default, the ACE does not continue to use CRLs that contain an update field with an expired date and, thus, does not reject incoming certificates using the CRL. Examples To configure the ACE to reject a client certificate when the CRL in use has expired, enter: host1/Admin(config-parammap-ssl)# expired-crl reject To reset the default behavior of the ACE accepting a client certificate after the CRL in use has expired, enter: host1/Admin(config-parammap-ssl)# no expired-crl reject Related Commands show parameter-map (config-ssl-proxy) crl ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-882 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) purpose-check disabled To disable the ACE from performing purpose checking during the authentication of the client or server certificates, use the purpose-check disabled command.By default, during client authentication of a chain of certificates, the ACE performs a purpose check on the basicContraint field for the following: • The client or server certificate has a CA FALSE setting. • The intermediate certificates have the CA TRUE setting. If the field does not have these settings, the certificate fails authentication. Use the no form of this command to reset the default behavior. purpose-check disabled no purpose-check disabled Syntax Description This command has no keywords or arguments. Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To disable purpose checking on the certificates, enter: host1/Admin(config)# parameter-map type ssl SSL_PARAMMAP_SSL host1/Admin(config-parammap-ssl)# purpose-check disabled To reenable the default behavior, enter: host1/Admin(config-parammap-ssl)# no purpose-check disabled Related Commands show parameter-map ACE Module/Appliance Release Modification A4(1.0) This command was introduced.2-883 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) queue-delay timeout To set the delay time, use the queue-delay timeout command. The queue delay time is the amount of time that the ACE waits before emptying the queued data for encryption. Use the no form of this command to disable the queue delay time to its default value of 0. By default, the queue delay timer is disabled. queue-delay timeout milliseconds no queue-delay Syntax Description Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines The queue delay applies only to data that the ACE sends to the client. Examples To set the queue delay time to 500 milliseconds, enter: host1/Admin(config-parammap-ssl)# queue-delay timeout 500 To disable the queue delay time to its default value of 0, enter: host1/Admin(config-parammap-ssl)# no queue-delay Related Commands show parameter-map milliseconds Delay time in milliseconds before the data is emptied from the queue. Enter an integer from 0 to 10000. A value of 0 disables the delay timer, causing the ACE to encrypt data from the server as it arrives and then sends the encrypted data to the client. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-884 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) rehandshake enabled To enable the SSL session rehandshake function, use the rehandshake enabled command in the parameter map SSL configuration mode. By default, SSL session rehandshake is disabled. Use the no form of this command to reset the default behavior. rehandshake enabled no rehandshake enabled Syntax Description This command has no keywords or arguments. Command Modes SSL parameter-map configuration mode Command History Usage Guidelines The crypto rehandshake enabled configuration mode command to enable SSL rehandshake in all contexts overrides the rehandshake enable parameter map command. Examples To enable the SSL rehandshake function, enter: host1/Admin(config)# parameter-map type ssl PARAMMAP_SSL host1/Admin(config-parammap-ssl)# rehandshake enabled To disable the rehandshake function, enter: host1/Admin(config-parammap-ssl)# no rehandshake enabled Related Commands show parameter-map (config) crypto rehandshake enabled ACE Module Release Modification A2(2.3) This command was introduced. ACE Appliance Release Modification A3(2.5) This command was introduced.2-885 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) session-cache timeout To set the session cache timeout, use the session-cache timeout command. Use the no form of this command to disable the timer and ensure that the full SSL handshake occurs for each new connection with the ACE. session-cache timeout seconds no session-cache timeout Syntax Description Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines A SSL session ID is created every time the client and the ACE perform a full SSL key exchange and establish a new master secret key. To quicken the SSL negotiation process between the client and the ACE, the SSL session ID reuse feature allows the ACE to reuse the secret key information in the session cache. On subsequent connections with the client, the ACE reuses the key stored in the cache from the last negotiated session. You can enable session ID reuse by setting a session cache timeout value for the total amount of time that the SSL session ID remains valid before the ACE requires a full SSL handshake to establish a new session. Examples To set the session cache timeout to 600 milliseconds, enter: host1/Admin(config-parammap-ssl)# session-cache timeout 600 To disable the timer and ensure that the full SSL handshake occurs for each new connection with the ACE, enter: host1/Admin(config-parammap-ssl)# no session-cache timeout seconds Time in seconds that the ACE reuses the key stored in the cache before removing the session IDs. Enter an integer from 0 to 72000 (20 hours). By default, session ID reuse is disabled. A value of 0 causes the ACE to remove the session IDs from the cache when the cache is full and to implement the least-recently-used (LRU) timeout policy. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-886 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands Related Commands show parameter-map2-887 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Parameter Map SSL Configuration Mode Commands (config-parammap-ssl) version To specify the versions of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) that the ACE supports when it uses the SSL proxy parameter map during the handshake process, use the version command. Use the no form of the command to remove a version from the SSL proxy parameter map. version {all | ssl3 | tls1} no version Syntax Description Command Modes SSL parameter map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify the version SSL3, enter: host1/Admin(config-parammap-ssl)# version SSL3 To remove the version TLS1 from the SSL proxy parameter map, enter: host1/Admin(config-parammap-ssl)# no version Related Commands (config-parammap-ssl) cipher (config-parammap-ssl) queue-delay timeout (config-parammap-ssl) session-cache timeout show parameter-map all Specifies that the ACE supports both SSL (version SSL3) and TLS (version TLS1). This is the default setting. ssl3 Specifies that the ACE supports only SSL version SSL3. tls1 Specifies that the ACE supports only TLS version TLS1. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-888 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Configuration Mode Commands Policy Map Configuration Mode Commands Policy map configuration mode commands allow you to configure a Layer 3 and Layer 4 policy map that defines the different actions applied to traffic that passes through the ACE. The ACE attempts to match multiple classes within the Layer 3 and Layer 4 policy map to allow a multifeature Layer 3 and Layer 4 policy map. The ACE executes the action for only one matching class within each of the class sets. The definition of which classes are in the same class set depends on the actions applied to the classes; the ACE associates each policy map action with a specific set of classes. To create a Layer 3 and Layer 4 policy map and access policy map configuration mode, use the policy-map multi-match command in configuration mode. When you access the policy map configuration mode, the prompt changes to (config-pmap). Use the no form of this command to remove a Layer 3 and Layer 4 policy map from the ACE. For a Layer 3 and Layer 4 traffic classification, you create Layer 3 and Layer 4 policy maps with actions that configure the following: • Server load balancing based on Layer 3 and Layer 4 connection information (virtual IP address) • (ACE appliance only) Application acceleration and optimization • Secure Sockets Layer (SSL) security services between a web browser (the client) and the HTTP connection (the server) • Static or dynamic Network Address Translation (NAT) • Application protocol inspection (also known as protocol fixup) • TCP termination, normalization, and reuse • IP normalization and fragment reassembly Use the no form of the policy-map multimatch command to remove a policy map from the ACE. policy-map multi-match map_name no policy-map multi-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History map_name Name assigned to the Layer 3 and Layer 4 policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-889 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Configuration Mode Commands Usage Guidelines The commands in this mode require the loadbalance, inspect, connection, NAT, or SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To perform HTTP load balancing, HTTP deep packet inspection, or FTP command inspection functions, you associate a previously created Layer 7 policy map within a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies and can be associated only within a Layer 3 and Layer 4 policy map. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. For example, to associate a Layer 7 HTTP load-balancing policy map, you nest the Layer 7 load-balancing policy map by using the Layer 3 and Layer 4 (config-pmap-c) loadbalance policy command. The ACE supports a system-wide maximum of 4096 policy maps. Examples To create a Layer 3 and Layer 4 server load balancing (SLB) policy map named L4_SLB_POLICY, enter: host1/Admin(config)# policy-map multi-match L4_SLB_POLICY host1/Admin(config-pmap)# To create a Layer 3 and Layer 4 application protocol inspection policy map named L4_HTTP_APP_INSPECTION_POLICY, enter: host1/Admin(config)# policy-map multi-match L4_HTTP_APP_INSPECTION_POLICY host1/Admin(config-pmap)# Related Commands show startup-config (config) class-map2-890 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Configuration Mode Commands (config-pmap) class To associate a Layer 3 and Layer 4 class map with a Layer 3 and Layer 4 policy map, use the class command. The prompt changes from (config-pmap) to (config-pmap-c). For information about commands in this mode, see the “Policy Map Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default-v6 | class-default} no class {name1 [insert-before name2] | class-default-v6 | class-default}} Syntax Description Command Modes Policy map configuration mode Admin and user contexts Command History name1 Name of a previously defined Layer 3 and Layer 4 traffic class configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current named class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy-map configuration. The ACE does not save the sequence reordering as part of the configuration. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. class-default-v6 class-default-v6—Specifies the reserved, well-known IPv6 class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications match the traffic, then the ACE performs the action specified under the class class-default-v6 command. The class-default-v6 class map has an implicit match any statement in it enabling it to match all IPv6 traffic. class-default Associates the reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added the class-default-v6 keyword. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added the class-default-v6 keyword.2-891 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Configuration Mode Commands Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 3 and Layer 4 class map with a Layer 3 and Layer 4 policy map, enter: host1/Admin(config)# policy-map multi-match L4_SLB_POLICY host1/Admin(config-pmap)# class L4_SLB_CLASS host1/Admin(config-pmap-c)# Related Commands (config-pmap) description (config-pmap) description To provide a brief summary about the Layer 3 and Layer 4 policy map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Policy map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the class map is to perform Layer 3 and Layer 4 server load balancing, enter: host1/Admin(config)# policy-map multi-match L4_SLB_POLICY host1/Admin(config-pmap)# description Policy map for L3/L4 SLB Related Commands (config-pmap) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-892 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands Policy Map Class Configuration Mode Commands Policy map class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 3 and Layer 4 class map. To access policy map class configuration mode, use the class command in policy map configuration mode (see the (config-pmap) class command for details). The prompt changes from (config-pmap) to (config-pmap-c). The features required in your user role to execute a specific command in policy map class configuration mode are described in the “Usage Guidelines” section of the command. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-893 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) appl-parameter dns advanced-options To associate a DNS parameter map with a Layer 3 and Layer 4 policy map, use the appl-parameter dns advanced-options command. Use the no form of this command to disassociate the DNS parameter map as an action from the Layer 3 and Layer 4 generic application inspection policy map. appl-parameter dns advanced-options name no appl-parameter dns advanced-options name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a DNS parameter map with a Layer 3 and Layer 4 policy map, enter: host1/Admin(config)# policy-map multi-match DNS_INSPECT_L4POLICY host1/Admin(config-pmap)# class DNS_INSPECT_L4CLASS host1/Admin(config-pmap-c)# appl-parameter dns advanced-options DNS_PARAM_MAP1 To disassociate the DNS parameter map from the Layer 3 and Layer 4 policy map, enter: host1/Admin(config-pmap-c)# no appl-parameter dns advanced-options DNS_PARAM_MAP1 Related Commands show parameter-map (config) parameter-map type name Name of an existing DNS parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-894 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) appl-parameter generic advanced-options To associate a generic Layer 7 parameter map with a Layer 3 and Layer 4 policy map, use the appl-parameter generic advanced-options command. Use the no form of this command to disassociate the generic Layer 7 parameter map as an action from the Layer 3 and Layer 4 generic application inspection policy map. appl-parameter generic advanced-options name no appl-parameter generic advanced-options name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a generic Layer 7 parameter map with the Layer 3 and Layer 4 policy map, enter: host1/Admin(config)# policy-map multi-match GEN_L7_INSPECT_L4POLICY host1/Admin(config-pmap)# class GEN_L7_INSPECT_L4CLASS host1/Admin(config-pmap-c)# appl-parameter generic advanced-options GEN_L7_PARAM_MAP1 To disassociate the generic Layer 7 parameter map from the Layer 3 and Layer 4 policy map, enter: host1/Admin(config-pmap-c)# no appl-parameter generic advanced-options GEN_L7_PARAM_MAP1 Related Commands show parameter-map (config) parameter-map type name Name of an existing generic Layer 7 parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-895 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) appl-parameter http advanced-options To associate an HTTP parameter map with a Layer 3 and Layer 4 policy map, use the appl-parameter http advanced-options command. A parameter map is a means to combine related actions for use in a Layer 3 and Layer 4 HTTP policy map. Use the no form of this command to disassociate the HTTP parameter map as an action from the policy map. appl-parameter http advanced-options name no appl-parameter http advanced-options name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the loadbalance and inspect features in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To associate an HTTP parameter map with a Layer 3 and Layer 4 policy map, enter: host1/Admin(config)# policy-map multi-match L4SLBPOLICY host1/Admin(config-pmap)# class FILTERHTTP host1/Admin(config-pmap-c)# appl-parameter http advanced-options http_param_map1 Related Commands show parameter-map (config) parameter-map type name Name of an existing HTTP parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-896 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) appl-parameter rtsp advanced-options To associate a Real-Time Streaming Protocol (RTSP) parameter map with a Layer 3 and Layer 4 policy map, use the appl-parameter rtsp advanced-options command. A parameter map is a means to combine related actions for use in a Layer 3 and Layer 4 RTSP policy map. Use the no form of this command to disassociate the RTSP parameter map from the policy map. appl-parameter rtsp advanced-options name no appl-parameter rtsp advanced-options name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the loadbalance and inspect features in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To associate an RTSP parameter map with a Layer 3 and Layer 4 policy map, enter: host1/Admin(config)# policy-map multi-match L4SLBPOLICY host1/Admin(config-pmap)# class FILTERHTTP host1/Admin(config-pmap-c)# appl-parameter rtsp advanced-options rtsp_param_map1 Related Commands show parameter-map (config) parameter-map type name Name of an existing RTSP parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-897 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) appl-parameter sip advanced-options To associate a Session Initiation Protocol (SIP) application protocol inspection parameter map with a Layer 3 and Layer 4 policy map, use the appl-parameter sip advanced-options command. Use the no form of this command to disassociate the SIP parameter map as an action from the Layer 3 and Layer 4 SIP application inspection policy map. appl-parameter sip advanced-options name no appl-parameter sip advanced-options name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a SIP parameter map with a SIP packet inspection policy map, enter: host1/Admin(config)# policy-map multi-match SIP_INSPECT_L4POLICY host1/Admin(config-pmap)# class SIP_INSPECT_L4CLASS host1/Admin(config-pmap-c)# appl-parameter sip advanced-options SIP_PARAM_MAP1 To disassociate the SIP parameter map from the SIP packet inspection policy map, enter: host1/Admin(config-pmap-c)# no appl-parameter sip advanced-options SIP_PARAM_MAP1 Related Commands show parameter-map (config) parameter-map type name Name of an existing SIP parameter map. Parameter maps aggregate SIP traffic-related actions together. Enter the name of an existing SIP parameter map as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-898 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) appl-parameter skinny advanced-options To associate a Skinny Client Control Protocol (SCCP) parameter map with a Layer 3 and Layer 4 policy map, use the appl-parameter skinny advanced-options command. Use the no form of this command to disassociate the SCCP parameter map as an action from the Layer 3 and Layer 4 SCCP application inspection policy map. appl-parameter skinny advanced-options name no appl-parameter skinny advanced-options name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate an SCCP parameter map with the SCCP deep packet inspection policy map, enter: host1/Admin(config)# policy-map multi-match SCCP_INSPECT_L4POLICY host1/Admin(config-pmap)# class SCCP_INSPECT_L4CLASS host1/Admin(config-pmap-c)# appl-parameter skinny advanced-options SCCP_PARAM_MAP1 To disassociate the SCCP parameter map from the SCCP packet inspection policy map, enter: host1/Admin(config-pmap-c)# no appl-parameter skinny advanced-options SCCP_PARAM_MAP1 Related Commands show parameter-map (config) parameter-map type name Name of an existing SCCP parameter map. Parameter maps aggregate SCCP traffic-related actions together. Enter the name of an existing SCCP parameter map as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-899 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) connection advanced-options To associate a connection parameter map with a Layer 3 and Layer 4 policy map, use the connection advanced-options command. Use the no form of this command to disassociate the parameter map from a policy map. connection advanced-options name no connection advanced-options name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the connection feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. For details about configuring a connection parameter map, see the Security Guide, Cisco ACE Application Control Engine. Examples To associate the connection parameter map IP_MAP with a Layer 3 and Layer 4 TCP/IP policy map: host1/Admin(config)# policy-map multi-match TCPIP_POLICY host1/Admin(config-pmap)# class TCP_CLASS host1/Admin(config-pmap-c)# connection advanced-options IP_MAP Related Commands This command has no related commands. name Name of an existing connection parameter map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-900 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) inspect To define the Layer 3 and Layer 4 HTTP deep packet inspection, File Transfer Protocol (FTP) command inspection, or application protocol inspection policy actions, use the inspect command. Application inspection involves the examination of protocols such as Domain Name System (DNS), FTP, HTTP, Internet Control Message Protocol (ICMP), and Real Time Streaming Protocol (RTSP) to verify the protocol behavior and identify unwanted or malicious traffic that passes through the ACE. Use the no form of this command to remove an associated class map from a policy map. inspect {dns [maximum-length bytes]} | {ftp [strict policy name1 | sec-param conn_parammap_name1]} | {http [policy name4 | url-logging]} | {icmp [error]} | ils | {rtsp [sec-param conn_parammap_name3]} | {sip [sec-param conn_parammap_name4] [policy name5]} | {skinny [sec-param conn_parammap_name5] [policy name6]} no inspect {dns [maximum-length bytes]} | {ftp [strict policy name1 | sec-param conn_parammap_name1]} | {http [policy name4 | url-logging]} | {icmp [error]} | ils | {rtsp [sec-param conn_parammap_name3]} | {sip [sec-param conn_parammap_name4] [policy name5]} | {skinny [sec-param conn_parammap_name5] [policy name6]} Syntax Description dns Enables DNS query inspection. DNS requires application inspection so that DNS queries will not be subject to the generic UDP handling based on activity timeouts. Instead, the UDP connections associated with DNS queries and responses are torn down as soon as a reply to a DNS query has been received. The ACE performs the reassembly of DNS packets to verify that the packet length is less than the configured maximum length. maximum-length bytes (Optional) Sets the maximum length of a DNS reply. Valid entries are from 512 to 65535 bytes. The default is 512 bytes. ftp Enables FTP inspection. The ACE inspects FTP packets, translates the address and the port that are embedded in the payload, and opens up a secondary channel for data. strict (Optional) Checks for protocol RFC compliance and prevents web browsers from sending embedded commands in FTP requests. The strict keyword prevents an FTP client from determining valid usernames that are supported on an FTP server. When an FTP server replies to the USER command, the ACE intercepts the 530 reply code from the FTP server and replaces it with the 331 reply code. Specifying an FTP inspection policy allows selective command filtering and also prevents the display of the FTP server system type to the FTP client. The ACE intercepts the FTP server 215 reply code and message to the SYST command, and then replaces the text following the reply code with asterisks. policy name1 Specifies the name assigned to a previously created Layer 7 FTP command inspection policy map to implement the inspection of Layer 7 FTP commands by the ACE. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Use the inspect ftp command in policy map class configuration mode to define the FTP command request inspection policy. Note If you do not specify a Layer 7 policy map, the ACE performs a general set of Layer 3 and Layer 4 FTP fixup actions.2-901 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands sec-param conn_parammap_name1 (Optional) Specifies the name of a previously created connection parameter map used to define parameters for FTP inspection. http Enables enhanced Hypertext Transfer Protocol (HTTP) inspection on the HTTP traffic. The inspection checks are based on configured parameters in an existing Layer 7 policy map and internal RFC compliance checks performed by the ACE. By default, the ACE allows all request methods. policy name4 (Optional) Specifies the name assigned to a previously created Layer 7 HTTP application inspection policy map to implement the deep packet inspection of Layer 7 HTTP application traffic by the ACE. The inspection checks are based on configured parameters in an existing Layer 7 policy map and internal RFC compliance checks performed by the ACE. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Note If you do not specify a Layer 7 policy map, the ACE performs a general set of Layer 3 and Layer 4 HTTP fixup actions and internal RFC compliance checks. url-logging (Optional) Enables the monitoring of Layer 3 and Layer 4 traffic. This function logs every URL request that is sent in the specified class of traffic, including the source or destination IP address and the URL that is accessed. icmp Enables ICMP payload inspection. ICMP inspection allows ICMP traffic to have a “session” so it can be inspected similarly to TCP and UDP traffic. error (Optional) Performs a Network Address Translation (NAT) of ICMP error messages. The ACE creates translation sessions for intermediate or endpoint nodes that send ICMP error messages based on the NAT configuration. The ACE overwrites the packet with the translated IP addresses. ils Enables Internet Locator Service (ILS) protocol inspection. rtsp Enables RTSP packet inspection. RTSP is used by RealAudio, RealNetworks, Apple QuickTime 4, RealPlayer, and Cisco IP/TV connections. The ACE monitors Setup and Response (200 OK) messages in the control channel established using TCP port 554 (no UDP support). sec-param conn_parammap_name3 (Optional) Specifies the name of a previously created connection parameter map used to define parameters for RTSP inspection. sip Enables Session Initiation Protocol (SIP) inspection. SIP is used for call handling sessions and instant messaging. The ACE inspects signaling messages for media connection addresses, media ports, and embryonic connections. The ACE also uses NAT to translate IP addresses that are embedded in the user-data portion of the packet. sec-param conn_parammap_name4 (Optional) Specifies the name of a previously created connection parameter map used to define parameters for SIP inspection.2-902 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To perform the deep packet inspection of Layer 7 HTTP application traffic by the ACE, you should create a Layer 7 HTTP deep packet inspection policy using the policy-map type inspect http command (see the Security Guide, Cisco ACE Application Control Engine). Nest the Layer 7 deep packet inspection policy name5 (Optional) Specifies the name of a previously created Layer 7 SIP application inspection policy map to implement packet inspection of Layer 7 SIP application traffic by the ACE. The inspection checks are based on configured parameters in an existing Layer 7 policy map and internal RFC compliance checks performed by the ACE. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Note If you do not specify a Layer 7 policy map, the ACE performs a general set of Layer 3 and Layer 4 HTTP fixup actions and internal RFC compliance checks. skinny Enables Cisco Skinny Client Control Protocol (SCCP) inspection. The SCCP is a Cisco proprietary protocol that is used between Cisco CallManager and CIsco VOiP phones. The ACE uses NAT to translate embedded IP addresses and port numbers in SCCP packet data. sec-param conn_parammap_name5 (Optional) Specifies the name of a previously created connection parameter map used to define parameters for SCCP inspection. policy name6 (Optional) Specifies the name of a previously created deep packet inspection of Layer 7 SCCP application traffic by the ACE. The inspection checks are based on configured parameters in an existing Layer 7 policy map and internal RFC compliance checks performed by the ACE. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Note If you do not specify a Layer 7 policy map, the ACE performs a general set of Layer 3 and Layer 4 HTTP fixup actions and internal RFC compliance checks. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-903 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands policy using the Layer 3 and Layer 4 inspect http command. If you do not specify a Layer 7 HTTP policy map, the ACE performs a general set of Layer 3 and Layer 4 HTTP fixup actions and internal RFC compliance checks. To perform checks for protocol RFC compliance and to prevent web browsers from sending embedded commands in FTP requests, you should create a Layer 7 FTP policy using the policy-map type inspect ftp command (see the Security Guide, Cisco ACE Application Control Engine). Nest the Layer 7 FTP inspection traffic policy using the Layer 3 and Layer 4 inspect ftp command. If you do not specify a Layer 7 FTP policy map, the ACE performs a general set of Layer 3 and Layer 4 FTP fixup actions. Examples To specify the inspect http command as an action for an HTTP application protocol inspection policy map, enter: host1/Admin(config)# policy-map multi-match HTTP_INSPECT_L4POLICY host1/Admin(config-pmap)# class HTTP_INSPECT_L4CLASS host1/Admin(config-pmap-c)# inspect http policy HTTP_DEEPINSPECT_L7POLICY Related Commands This command has no related commands.2-904 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) kal-ap primary-oos To enable the ACE to report the maximum load value of 255 to a GSS when the primary server farm is down and the backup server farm is in use, use the kal-ap primary-oos command in policy map class configuration mode. Use the no form of this command to disable the reporting of a load value of 255 when the primary server is down and the backup server is in use. kal-ap primary-oos no kal-ap primary-oos Syntax Description This command has no keywords or arguments. Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you configure a server farm as a backup server farm on the ACE and the primary server farm fails, the backup server farm redirects the client requests to another data center. However, the VIP remains in the INSERVICE state. When you configure the ACE to communicate with a GSS, the ACE reports the availability of the server to a GSS by sending a load number. To inform the GSS that the primary server farm is down and a backup server farm is in use, the ACE needs to send a load value that the server is unavailable. When you configure the kal-ap primary-oos command, the ACE reports a load value of 255 when the primary server is down and the backup server is in use. When the GSS receives the load value of 255, it recognizes that the primary server farm is down and sends future DNS requests with the IP address of the other data center. Examples To enable the reporting of a load value of 255 when the primary server is down and the backup server is in use, enter: host1/Admin(config-pmap-c)# kal-ap primary-oos To disable the reporting of a load value of 255 when the primary server is down and the backup server is in use, enter: host1/Admin(config-pmap-c)# no kal-ap primary-oos ACE Module Release Modification A2(3.1) This command was introduced. ACE Appliance Release Modification A3(2.6) This command was introduced.2-905 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands Related Commands This command has no related commands.2-906 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) kal-ap-tag To associate a KAL-AP tag to a VIP address in a Layer 3 and Layer 4 SLB policy map configuration, use the kal-ap-tag command. Use the no form of this command to disassociate the KAL-AP tag from the Layer 3 and Layer 4 SLB policy map. kal-ap-tag tag_name no kal-ap-tag Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To associate the associate a VIP tag to a policy map configuration, enter: host1/Admin(config)# policy-map multi-match l4_policy20 host1/Admin(config-pmap)# class VIP-20 host1/Admin(config-pmap-c)# kal-ap-tag KAL-AP-TAG2 To remove the KAL-AP-TAG2 tag from the class map, enter: host1/Admin(config-pmap-c)# no kal-ap-tag Related Commands show kalap udp load tag_name Name of the KAL-AP tag. Enter the name as an unquoted text string with no spaces and a maximum of 76 alphanumeric characters. Note the following restrictions: • You cannot configure a tag name for a VIP address that is already configured in a different policy map. • You cannot associate the same tag name to a domain and a VIP address. ACE Module Release Modification A2(2.0) This command was introduced. ACE Appliance Release Modification A4(1.0) This command was introduced.2-907 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) loadbalance policy To associate a Layer 7 server load balancing (SLB) policy map with a Layer 3 and Layer 4 SLB policy map, use the loadbalance policy command. Use the no form of this command to disassociate the Layer 7 SLB policy from the Layer 3 and Layer 4 SLB policy map. loadbalance policy name no loadbalance policy name Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE treats all Layer 7 policy maps as child policies, so you must always associate a Layer 7 SLB policy map with a Layer 3 and Layer 4 SLB policy map. Examples To reference the Layer 7 L7SLBPOLICY policy map within the Layer 3 and Layer 4 L4SLBPOLICY policy map, enter: host1/Admin(config)# policy-map type loadbalance first-match L7SLBPOLICY host1/Admin(config-pmap)# class L7SLBCLASS host1/Admin(config-pmap-c)# serverfarm FARM2 host1/Admin(config)# policy-map multi-match L4SLBPOLICY host1/Admin(config-pmap)# class L4SLBCLASS host1/Admin(config-pmap-c)# loadbalance policy L7SLBPOLICY Related Commands This command has no related commands. name Name of an existing Layer 7 SLB policy map. Enter the name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-908 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) loadbalance vip advertise (ACE module only) To allow the ACE to advertise the IP address of the virtual server as the host route, use the loadbalance vip advertise command. This function is used with route health injection (RHI) to allow the ACE to advertise the availability of a VIP address throughout the network. Use the no form of this command to stop advertising the host route as an action from the policy map. loadbalance vip advertise [active] | [metric number] no loadbalance vip advertise [active] | [metric number] Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You must enable the advertising of a VIP using the loadbalance vip advertise command before you can enter a distance metric value for the route. Otherwise, the ACE returns an error message. If you configured the loadbalance vip advertise metric command and then you enter the no loadbalance vip advertise [active] command, the ACE resets the metric value to the default of 77. Examples To advertise as an action for the SLB policy map, enter: host1/Admin(config)# policy-map multi-match L4SLBPOLICY host1/Admin(config-pmap)# class FILTERHTTP host1/Admin(config-pmap-c)# loadbalance vip advertise active Related Commands This command has no related commands. active (Optional) Allows the ACE to advertise the IP address of the virtual server (VIP) as the host route only if there is at least one active real server in the server farm. Without the active option, the ACE always advertises the VIP whether or not there is any active real server associated with this VIP. metric number (Optional) Specifies the distance metric for the route. Enter the metric value that needs to be entered in the routing table. Valid values are from 1 through 254. The default is 77. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-909 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) loadbalance vip icmp-reply To enable a VIP to reply to ICMP requests, use the loadbalance vip icmp-reply command. For example, if a user sends an ICMP ECHO request to a VIP, this command instructs the VIP to send an ICMP ECHO-REPLY. Use the no form of this command to disable a VIP reply to ICMP requests as an action from the policy map. loadbalance vip icmp-reply [active [primary-inservice]] no loadbalance vip icmp-reply [active [primary-inservice]] Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To complete the configuration when you configure the active option of this command, be sure to configure a Telnet probe and associate it with the server farm. The probe monitors the health of all the real servers in the server farm and ensures that the VIP responds with an ICMP ECHO REPLY only if the server port is active. If the server port is down or unreachable, the probe fails and the VIP stops responding to the ECHO request. For details about configuring probes, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. The loadbalance vip icmp-reply active command alone controls a ping to a VIP on the ACE. This command implicitly downloads an ICMP access control list entry for the VIP. When you configure this command on the ACE, any configured ACLs that deny ICMP traffic have no effect on a client’s ability to ping the VIP. active (Optional) Instructs the ACE to reply to an ICMP request only if the configured VIP is active. If the VIP is not active and the active option is specified, the ACE discards the ICMP request and the request times out. primary-inservice (Optional) Instructs the ACE to reply to an ICMP ping only if the primary server farm state is UP, regardless of the state of the backup server farm. If this option is enabled and the primary server farm state is DOWN, the ACE discards the ICMP request and the request times out. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(6.3) The primary-inservice option was added. ACE Appliance Release Modification A1(7) This command was introduced.2-910 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands Examples To enable a VIP to reply to ICMP requests, enter: host1/Admin(config)# policy-map multi-match L4SLBPOLICY host1/Admin(config-pmap)# class FILTERHTTP host1/Admin(config-pmap-c)# loadbalance vip icmp-reply active Related Commands This command has no related commands. (config-pmap-c) loadbalance vip inservice To enable a VIP for server load-balancing operations, use the loadbalance vip inservice command. Use the no form of this command to disable a VIP. loadbalance vip inservice no loadbalance vip inservice Syntax Description This command has no keywords or arguments. Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To specify the loadbalance vip inservice command as an action for a server load-balancing policy map, enter: host1/Admin(config)# policy-map multi-match L4SLBPOLICY host1/Admin(config-pmap)# class FILTERHTTP host1/Admin(config-pmap-c)# loadbalance vip oos-arpreply enable host1/Admin(config-pmap-c)# loadbalance vip inservice Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-911 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) loadbalance vip udp-fast-age To close the connection immediately after a response is sent back to the client, enabling per-packet load balancing for UDP DNS A-record (IPv4) or AAAA-record (IPv6) traffic, use the loadbalance vip udp-fast-age command. Use the no form of this command to reset the ACE default behavior. loadbalance vip udp-fast-age no loadbalance vip udp-fast-age Syntax Description This command has no keywords or arguments. Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you use this command, the ACE load balances all new requests to a new real server in the server farm according to the predictor algorithm. All retransmitted UDP packets from the client go to the same real server. By default, the ACE load balances UDP packets using the same tuple to the same real server on an existing connection. Examples To configure the ACE to perform per-packet load balancing for UDP traffic, enter: host1/Admin(config)# policy-map multi-match L4SLBPOLICY host1/Admin(config-pmap)# class FILTERHTTP host1/Admin(config-pmap-c)# loadbalance vip udp-fast-age To reset the default ACE handling of UDP traffic, enter: host1/Admin(config-pmap-c)# no loadbalance vip udp-fast-age Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A3(1.0) This command was introduced. A5(1.0) Added IPv6 support.2-912 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) nat dynamic To configure dynamic Network Address Translation (NAT) and Port Address Translation (PAT) as an action in a policy map, use the nat dynamic command. The ACE applies the dynamic NAT from the interface attached to the traffic policy (through the service-policy interface configuration command) to the interface specified in the nat dynamic command. Use the no form of this command to remove a dynamic NAT action from a policy map. nat dynamic nat_id vlan number no nat dynamic nat_id vlan number Syntax Description Command Modes Policy map class configuration mode Admin and user contexts Command History Usage Guidelines This command requires the NAT feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If a packet egresses an interface that you have not configured for NAT, the ACE transmits the packet untranslated. Examples To specify the nat dynamic command as an action for a dynamic NAT policy map, enter: host1/Admin(config)# policy-map multi-action NAT_POLICY host1/Admin(config-pmap)# class NAT_CLASS host1/Admin(config-pmap-c)# nat dynamic 1 vlan 200 Related Commands This command has no related commands. nat dynamic nat_id Refers to a global pool of IP addresses that exists under the VLAN number. Dynamic NAT translates a group of local source IP addresses to a pool of global IP addresses that are routable on the destination network. All packets going from the interface attached to the traffic policy have their source address translated to one of the available addresses in the global pool. Enter an integer from 1 to 2147483647. vlan number Specifies the VLAN number of an existing interface for which you are configuring NAT. Enter an integer from 2 to 4094. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-913 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) nat static To configure static Network Address Translation (NAT) and static port redirection in a policy map, use the nat static command. Static NAT allows you to identify local traffic for address translation by specifying the source and destination addresses in an extended access control list (ACL) that is referenced as part of the class map traffic classification. The ACE applies static NAT from the interface attached to the traffic policy (through the service-policy interface configuration command) to the interface specified in the nat static command. Use the no form of this command to remove a NAT action from a policy map. nat static [ipv6_address/prefix_length | ipv4_address netmask mask] {port1 | tcp eq port2 | udp eq port3} vlan number no nat static [ipv6_address/prefix_length | ipv4_address netmask mask] {port1 | tcp eq port2 | udp eq port3} vlan number Syntax Description Command Modes Policy map class configuration mode Admin and user contexts ipv6_address IPv6 address for a single static translation. This argument establishes the globally unique IP address of a host as it appears to the outside world. The policy map performs the global IP address translation for the source IP address specified in the ACL (as part of the class map traffic classification). /prefix_length Prefix length of the IPv6 address. ip_address IP address for a single static translation. This argument establishes the globally unique IP address of a host as it appears to the outside world. The policy map performs the global IP address translation for the source IP address specified in the ACL (as part of the class map traffic classification). netmask mask Specifies the subnet mask for the IP address. Enter a subnet mask in dotted-decimal notation (for example, 255.255.255.0). port1 Global TCP or UDP port for static port redirection. Enter an integer from 0 to 65535. tcp eq port2 Specifies a TCP port name or number. Enter an integer from 0 to 65535. A value of 0 instructs the ACE to match any port. Alternatively, you can enter a protocol keyword that corresponds to a TCP port number. See the “Usage Guidelines” section for a list of supported well-known TCP port names and numbers. udp eq port3 Specifies a UDP port name or number. Enter an integer from 0 to 65535. A value of 0 instructs the ACE to match any port. Alternatively, you can enter a protocol keyword that corresponds to a UDP port number. See the “Usage Guidelines” section for a list of supported well-known UDP port names and numbers. vlan number Specifies the interface for the global IP address. This interface must be different from the interface that the ACE uses to filter and receive traffic that requires NAT.2-914 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands Command History Usage Guidelines This command requires the NAT feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The ACE supports static NAT only for IPv6 to IPv6 and IPv4 to IPv4 translations. Mixed mode is not supported. Table 1-20 provides a list of supported well-known TCP and UDP port names and numbers. Examples To specify the nat command as an action for a static NAT and port redirection policy map, enter: host1/Admin(config)# policy-map multi-action NAT_POLICY host1/Admin(config-pmap)# class NAT_CLASS host1/Admin(config-pmap-c)# nat static 192.168.12.15 255.255.255.0 8080 vlan 200 ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. Ta b l e 1-20 Supported TCP and UDP Ports Well-Known TCP Port Numbers and Keywords Keyword Port Number Description ftp 21 File Transfer Protocol http 80 Hyper Text Transfer Protocol https 443 HTTP over TLS/SSL irc 194 Internet Relay Chat matip-a 350 Mapping of Airline Traffic over Internet Protocol (MATIP) Type A nntp 119 Network News Transport Protocol pop2 109 Post Office Protocol v2 pop3 110 Post Office Protocol v3 rtsp 554 Real Time Streaming Protocol smtp 25 Simple Mail Transfer Protocol telnet 23 Telnet Well-Known UDP Port Numbers and Keywords dns 53 Domain Name System wsp 9200 Connectionless Wireless Session Protocol (WSP) wsp-wtls 9202 Secure Connectionless WSP wsp-wtp 9201 Connection-based WSP wsp-wtp-wtls 9203 Secure Connection-based WSP2-915 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands Related Commands This command has no related commands.2-916 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Class Configuration Mode Commands (config-pmap-c) ssl-proxy To associate the Secure Sockets Layer (SSL) client or server proxy service with the policy map, use the ssl-proxy command. Use the no form of this command to remove the SSL proxy service from the policy map. ssl-proxy {client | server} ssl_service_name no ssl-proxy {client | server} ssl_service_name Syntax Description Command Modes Policy map configuration mode Admin and user contexts Command History Usage Guidelines This command requires the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To associate the SSL proxy service with the policy map, enter: host1/C1(config-pmap-c)# ssl-proxy server SSL_SERVER_PROXY_SERVICE host1/C1(config-pmap-c)# Related Commands This command has no related commands. client Associates an SSL client proxy service with the policy map. This keyword is available only when building a Layer 7 policy map, where the ACE acts as an SSL client device. server Associates an SSL server proxy service with the policy map. This keyword is available only when building a Layer 2 or Layer 3 policy map, where the ACE acts as an SSL server device. ssl_service_name Name of an existing SSL proxy service. Enter the name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-917 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Configuration Mode Commands Policy Map FTP Inspection Configuration Mode Commands Policy map FTP inspection configuration mode commands allow you to configure a Layer 7 policy map that defines the inspection of the File Transfer Protocol (FTP) commands by the ACE. The ACE executes the action for the first matching classification. To create an FTP command request inspection policy map and access policy map FTP inspection configuration mode, use the policy-map type inspect ftp first-match command in configuration mode. When you access the policy map FTP inspection configuration mode, the prompt changes to (config-pmap-ftp-ins). Use the no form of this command to remove an FTP command request inspection policy map from the ACE. policy-map type inspect ftp first-match map_name no policy-map type inspect ftp first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 FTP command request inspection policy map within a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies and can be associated only within a Layer 3 and Layer 4 policy map. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. To associate the Layer 7 FTP inspection policy map, you nest it by using the Layer 3 and Layer 4 inspect ftp strict command (see the (config-pmap-c) inspect command). Examples To create a Layer 7 FTP command inspection policy map, enter: host/Admin(config)# policy-map type inspect ftp first-match FTP_INSPECT_L7POLICY host/Admin(config-pmap-ftp-ins) # map_name Name assigned to the Layer 7 FTP command request class map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-918 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Configuration Mode Commands Related Commands show startup-config (config) class-map2-919 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Configuration Mode Commands (config-pmap-ftp-ins) class To associate a Layer 7 File Transfer Protocol (FTP) inspection class map with a Layer 7 FTP inspection policy map, use the class command. The prompt changes from (config-pmap-ftp-ins) to (config-pmap-ftp-ins-c). For information about commands in this mode, see the “Policy Map FTP Inspection Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class name no class name Syntax Description Command Modes Policy map FTP inspection configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 FTP inspection class map with a Layer 7 FTP inspection policy map, enter: host/Admin(config)# policy-map type inspect ftp first-match FTP_INSPECT_L7POLICY host/Admin(config-pmap-ftp-ins)# class FTP_INSPECT_L7CLASS host1/Admin(config-pmap-ftp-ins-c)# Related Commands (config-pmap-ftp-ins) description name Name of a previously defined Layer 7 FTP command inspection class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-920 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Configuration Mode Commands (config-pmap-ftp-ins) description To provide a brief summary about the Layer 7 File Transfer Protocol (FTP) command inspection policy map, use the description command. Use the no form of this command to remove the description from the class map. description text no description text Syntax Description Command Modes Policy map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform FTP command inspection, enter: host1/Admin(config-pmap-ftp-ins)# description FTP command inspection of incoming traffic To remove d a description from the FTP policy map, enter: host1/Admin(config-pmap-ftp-ins)# no description FTP command inspection of incoming traffic Related Commands (config-pmap-ftp-ins) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-921 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Configuration Mode Commands (config-pmap-ftp-ins) match request-method To configure the Layer 7 FTP inspection policy map to define FTP command inspection decisions performed by the ACE, use the match request-method command. The prompt changes from (config-pmap-ftp-ins) to (config-pmap-ftp-ins-m). For information about commands in this mode, see the “Policy Map FTP Inspection Match Configuration Mode Commands” section. Use the no form of this command to clear the FTP inspection request method from the policy map. match name request-method ftp_command no match name Syntax Description Command Modes Policy map FTP inspection configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). ftp_command FTP command in the class map to be subjected to FTP inspection by the ACE. The FTP commands are as follows: • appe—Appends to a file. • cd—Change to the specified directory. • cdup—Changes to the parent of the current directory. • dele—Deletes a file at the server side. • get—Retrieves a file. • help—Retrieves Help information from the server. • mkd—Creates a directory. • put—Stores a file. • rmd—Removes a directory. • rnfr—Renames from. • rnto—Renames to. • site—Specifies the server-specific command. • stou—Stores a file with a unique name. • syst—Gets system information. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-922 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Class Configuration Mode Commands Usage Guidelines The match command identifies the FTP command that you want filtered by the ACE. You can specify multiple match request-method commands within a class map. Examples To add an inline match command to a Layer 7 FTP command policy map, enter: host/Admin(config-pmap-ftp-ins)# match FTP_REQUEST_MATCH request-method mkdir host/Admin(config-pmap-ftp-ins-m)# Related Commands This command has no related commands. Policy Map FTP Inspection Class Configuration Mode Commands Use the policy map File Transfer Protocol (FTP) inspection class configuration mode to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 FTP inspection class map. To access policy map FTP inspection class configuration mode, use the class command in the policy map FTP inspection configuration mode (see the (config-pmap-ftp-ins) class command for details). The prompt changes from (config-pmap-ftp-ins) to (config-pmap-ftp-ins-c). The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ACE Appliance Release Modification A1(7) This command was introduced.2-923 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Class Configuration Mode Commands (config-pmap-ftp-ins-c) deny To deny the FTP request commands specified in the class map by resetting the FTP session, use the deny command. Use the no form of this command to return to the default state and permit all FTP request commands to pass. deny no deny Command Modes Policy map FTP inspection class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to deny the FTP request commands specified in the Layer 7 FTP inspection class map by resetting the FTP session, enter: host1/Admin(config)# policy-map type inspect ftp first-match FTP_INSPECT_L7POLICY host1/Admin(config-pmap-ftp-ins)# class FTP_INSPECT_L7CLASS host1/Admin(config-pmap-ftp-ins-c)# deny Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-924 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Match Configuration Mode Commands (config-pmap-ftp-ins-c) mask-reply To instruct the ACE to mask the reply to the FTP SYST command by filtering sensitive information from the command output, use the mask-reply command. Use the no form of this command to disable the masking of the system reply to the FTP SYST command. mask-reply no mask-reply Syntax Description This command has no keywords or arguments. Command Modes Policy map FTP inspection class configuration mode Admin and user contexts Command History Usage Guidelines The mask-reply command is applicable only to the FTP SYST command and its associated reply. The SYST command is used to find out the FTP server’s operating system type. Examples To instruct the ACE to mask the reply to the FTP SYST command, enter: host1/Admin(config)# policy-map type inspect ftp first-match FTP_INSPECT_L7POLICY host1/Admin(config-pmap-ftp-ins)# class FTP_INSPECT_L7CLASS host1/Admin(config-pmap-ftp-ins-c)# mask-reply Related Commands This command has no related commands. Policy Map FTP Inspection Match Configuration Mode Commands Policy map FTP inspection match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map FTP inspection match configuration mode, use the match request-method command in policy map FTP inspection configuration mode (see the (config-pmap-ftp-ins) match request-method command for details). The prompt changes from (config-pmap-ftp-ins) to (config-pmap-ftp-ins-m). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-925 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Match Configuration Mode Commands The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The match commands function the same as with the Layer 7 class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the Layer 7 policy map. The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-926 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map FTP Inspection Match Configuration Mode Commands (config-pmap-ftp-ins-m) deny To deny the FTP request commands specified in the inline match command by resetting the FTP session, use the deny command. By default, the ACE allows all FTP commands to pass. Use the no form of this command to return to the default state and permit all FTP request commands to pass. deny no deny Syntax Description This command has no keywords or arguments. Command Modes Policy map FTP inspection match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to deny the FTP request commands specified in the Layer 7 FTP inspection class map by resetting the FTP session, enter: host1/Admin(config)# policy-map type inspect ftp first-match FTP_INSPECT_L7POLICY host/Admin(config-pmap-ftp-ins)# match FTP_REQUEST_MATCH request-method mkdir host/Admin(config-pmap-ftp-ins-m)# deny Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-927 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ftp-ins-m) mask-reply To instruct the ACE to mask the system’s reply to the FTP SYST command by filtering sensitive information from the command output, use the mask-reply command. Use the no form of this command to disable the masking of the system reply to the FTP SYST command. mask-reply no mask-reply Syntax Description This command has no keywords or arguments. Command Modes Policy map FTP inspection match configuration mode Admin and user contexts Command History Usage Guidelines The mask-reply command is applicable only to the FTP SYST command and its associated reply. The SYST command is used to find out the FTP server’s operating system type. Examples To instruct the ACE to mask the system’s reply to the FTP SYST command, enter: host1/Admin(config)# policy-map type inspect ftp first-match FTP_INSPECT_L7POLICY host/Admin(config-pmap-ftp-ins)# match FTP_REQUEST_MATCH request-method syst host/Admin(config-pmap-ftp-ins-m)# mask-reply Related Commands This command has no related commands. Policy Map Inspection HTTP Configuration Mode Commands Policy map inspection HTTP configuration mode commands allow you to define a policy map that initiates the deep packet inspection of the HTTP protocol by the ACE. The ACE attempts to match all specified conditions against the matching classification and executes the actions of all matching classes until it encounters a deny for a match request. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-928 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands To create an HTTP deep packet inspection policy map and access policy map inspection HTTP configuration mode, use the policy-map type inspect http all-match command in configuration mode. When you access the policy map inspection HTTP configuration mode, the prompt changes to (config-pmap-ins-http). Use the no form of this command to remove an HTTP deep packet inspection policy map from the ACE. policy-map type inspect http all-match map_name no policy-map type inspect http all-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 HTTP deep packet inspection policy map within a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies and can only be associated within a Layer 3 and Layer 4 policy map. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. To associate the Layer 7 HTTP inspection policy map, you nest it by using the Layer 3 and Layer 4 inspect http command (see the (config-pmap-c) inspect command). Examples To create a Layer 7 HTTP deep packet inspection policy map, enter: host/Admin(config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host/Admin(config-pmap-ins-http)# Related Commands show startup-config (config) class-map map_name Name assigned to the Layer 7 HTTP deep packet inspection policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-929 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) class To associate a Layer 7 HTTP inspection class map with a Layer 7 HTTP inspection policy map, use the class command. The prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-c). Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 HTTP inspection class map with a Layer 7 HTTP inspection policy map, enter: host/Admin(config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# class HTTP_INSPECT_L7CLASS name1 Name of a previously defined Layer 7 HTTP inspection class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. class-default Associates a reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. Note By default, all matches are applied to both HTTP request and response messages, but the class class-default command is applied only to HTTP requests. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-930 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands host1/Admin(config-pmap-ins-http-c)# Related Commands (config-pmap-ins-http) description2-931 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) description To provide a brief summary about the Layer 7 HTTP inspection policy map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Policy map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform HTTP deep packet inspection, enter: host1/Admin(config-pmap-ins-http)# description HTTP protocol deep inspection of incoming traffic Related Commands (config-pmap-ins-http) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-932 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) match content To configure the Layer 7 HTTP inspection policy map to define HTTP application inspection decisions based on content expressions contained within the HTTP entity body, use the match content command. Use the no form of this command to clear content expression-checking match criteria from the policy map. match name content expression [offset number] [insert-before map_name] no match name Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match content command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression Content expression contained within the HTTP entity body. The range is from 1 to 255 alphanumeric characters. See the “Usage Guidelines” section for a list of the supported characters that you can use in regular expressions. offset number (Optional) Provides an absolute offset where the content expression search string starts. The offset starts at the first byte of the message body, after the empty line (CR, LF, CR, LF) between the headers and the body of the message. The offset value is from 1 to 4000 bytes. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-933 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands The ACE supports regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces, if the spaces are escaped or quoted. Table 1-21 lists the supported characters that you can use in regular expressions. Examples To specify a content expression contained within the entity body sent with an HTTP request, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH1 content .*newp2psig host1/Admin(config-pmap-ins-http-m) Related Commands This command has no related commands. Ta b l e 1-21 Characters Supported in Regular Expressions Convention Description .* Zero or more characters. . Exactly one character. \ . Escaped character. \xhh Any ASCII character as specified in two-digit hex notation. () Expression grouping. Bracketed range [for example, 0-9] Matches any single character from the range. A leading ^ in a range [^charset] Does not match any character in the range; all other characters represent themselves. (expr1 | expr2) OR of expressions. (expr)* 0 or more of expressions. (expr)+ 1 or more of expressions. (expr{m,n} Matches the previous item between m and n times; valid entries are from 0 to 255. (expr{m} Matches the previous item exactly m times; valid entries are from 1 to 255. (expr{m,} Matches the previous item m or more times; valid entries are from 1 to 255. \a Alert (ASCII 7). \b Backspace (ASCII 8). \f Form-feed (ASCII 12). \n New line (ASCII 10). \r Carriage return (ASCII 13). \t Tab (ASCII 9). \v Vertical tab (ASCII 11). \0 Null (ASCII 0). .\\ Backslash.2-934 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) match content length To configure the Layer 7 HTTP inspection policy map to define application inspection decisions in the HTTP content up to the configured maximum content parse length, use the match content length command. Use the no form of this command to clear the HTTP content length match criteria from the policy map. match name content length {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} [insert-before map_name] no match name Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). eq bytes Specifies a value for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length equal to the specified value. Valid entries are from 1 to 65535 bytes. gt bytes Specifies a minimum value for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length greater than the specified value. Valid entries are from 1 to 65535 bytes. lt bytes Specifies a maximum value for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length less than the specified value. Valid entries are from 1 to 65535 bytes. range bytes1 bytes Specifies a size range for the content parse length in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a content length within this range. The range is from 1 to 65535 bytes. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-935 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Usage Guidelines Messages that meet the specified criteria will be either allowed or denied based on the Layer 7 HTTP deep packet inspection policy map action. When you use the match content length command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. Examples To define application inspection decisions in the HTTP content up to the configured maximum content parse length, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH2 content length eq 3495 host1/Admin(config-pmap-ins-http-m) Related Commands This command has no related commands. (config-pmap-ins-http) match content-type-verification To verify the content MIME-type messages with the header MIME type, use the match content-type-verification command. Use the no form of this command to clear the MIME-type match criteria from the policy map. match name content-type-verification [insert-before map_name] no match name Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts ACE Appliance Release Modification A1(7) This command was introduced. name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration.2-936 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Command History Usage Guidelines When you use the match content-type-verification command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. This inline match condition limits the MIME types in HTTP messages allowed through the ACE. It verifies that the header MIME-type value is in the internal list of supported MIME types and that the header MIME type matches the actual content in the data or entity body portion of the message. If they do not match, the ACE performs either the permit or reset policy map action. The MIME-type HTTP inspection process searches the entity body of the HTTP message, which may degrade performance of the ACE. Examples To verify the content MIME-type messages with the header MIME type, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH3 content-type-verification host1/Admin(config-pmap-ins-http-m) Related Commands This command has no related commands. (config-pmap-ins-http) match cookie secondary To configure a policy map to define HTTP inspection decisions based on the name or prefix and value of a secondary cookie (URL query string), use the match cookie secondary command. Use the no form of this command to clear secondary cookie match criteria from the class map. match name cookie secondary [name cookie_name | prefix prefix_name] value expression [insert-before map_name] no match name cookie secondary [name cookie_name | prefix prefix_name] value expression ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-937 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines The following configuration guidelines apply when you configure a secondary cookie inline match statement for HTTP inspection: • Ensure that secondary cookie names do not overlap with other secondary cookie names in the same match-all class map. For example, the following configuration is not allowed because the two match statements have overlapping cookie names: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-insp-http)# match cookie secondary prefix id value .* host1/Admin(config-pmap-insp-http-m)# exit host1/Admin(config-pmap-insp-http)# match cookie secondary name identity value bob • When you configure a secondary cookie value match across all secondary cookie names in a match-all class map, you cannot configure any other secondary cookie match in the same class map. That is because a secondary cookie match on value alone is equivalent to a wildcard match on name. In the following example, the second match statement is not allowed: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-insp-http)# match cookie secondary value bob host1/Admin(config-pmap-insp-http-m)# exit host1/Admin(config-pmap-insp-http)# match cookie secondary name identity value jane name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). name cookie_name Identifier of the secondary cookie to match. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. prefix prefix_name Prefix of the secondary cookie to match. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. value expression Regular expression of the secondary cookie to match. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-938 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Examples To match a secondary cookie called “matchme” with a regular expression value of .*abc123, enter the following commands: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-insp-http)# match cookie secondary name matchme value .*abc123 Related Commands (config-cmap-http-insp) match cookie secondary2-939 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) match header To define HTTP deep packet inspection decisions based on the name and value in an HTTP header, use the match header command. The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP header expression.Use the no form of this command to clear an HTTP header match criteria from the policy map. match name header {header_name | header_field} header-value expression [insert-before map_name] no match name header Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). header_name Name of the HTTP header to match (for example, www.example1.com). The range is from 1 to 64 alphanumeric characters. Note The header_name argument cannot include the colon in the name of the HTTP header; the ACE rejects the colon as an invalid token. 2-940 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands header_field Standard HTTP/1.1 header field. Valid selections include request-header fields, general-header fields, and entity-header fields. Selections also include two lower-level header-matching commands: “length” and “mime-type.” The supported selections are as follows: • Accept—Semicolon-separated list of representation schemes (content type metainformation values) that will be accepted in the response to the request. • Accept-Charset—Character sets that are acceptable for the response. This field allows clients capable of understanding more comprehensive or special-purpose character sets to signal that capability to a server that can represent documents in those character sets. • Accept-Encoding—Restricts the content encoding that a user will accept from the server. • Accept-Language—ISO code for the language in which the document is written. The language code is an ISO 3316 language code with an optional ISO639 country code to specify a national variant. • Authorization—Specifies that the user agent wants to authenticate itself with a server, usually after receiving a 401 response. • Cache-Control—Directives that must be obeyed by all caching mechanisms along the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. • Connection—Allows the sender to specify connection options. • Content-MD5—MD5 digest of the entity body that provides an end-to-end integrity check. Only a client or an origin server can generate this header field. • Expect—Used by a client to inform the server about the behaviors that the client requires. • From—Contains the e-mail address of the person that controls the requesting user agent. • Host—Internet host and port number of the resource being requested, as obtained from the original URI given by the user or referring resource. The Host field value must represent the naming authority of the origin server or gateway given by the original URL. • If-Match—Used with a method to make it conditional. A client that has one or more entities previously obtained from the resource can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field. This feature allows efficient updates of cached information with a minimum amount of transaction overhead. It is also used on updating requests to prevent inadvertent modification of the wrong version of a resource. As a special case, the value “*” matches any current entity of the resource.2-941 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History • length —See the (config-pmap-ins-http) match header length command for details. • mime-type—See the (config-pmap-ins-http) match header mime-type command for details. • Pragma—Pragma directives that are understood by servers to whom the directives are relevant. The syntax is the same as for other multiple-value fields in HTTP. For example, the accept field is a comma-separated list of entries for which the optional parameters are separated by semicolons. • Referer—Address (URI) of the resource from which the URI in the request was obtained. • Transfer-Encoding—Indicates what (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient. • User-Agent—Information about the user agent (for example, a software program that originates the request). This information is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents. • Via—Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests and between the origin server and the client on responses. header-value expression Specifies the header value expression string to compare against the value in the specified field in the HTTP header. The range is from 1 to 255 alphanumeric characters. For a list of supported characters that you can use in regular expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-942 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Usage Guidelines When you use the match header command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces, if the spaces are escaped or quoted. For a list of supported characters that you can use in regular expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. Examples To filter on the content and allow HTTL headers that contain the expression html, enter: host1/Admin(config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH4 header accept header-value html host1/Admin(config-pmap-ins-http-m) Related Commands This command has no related commands. (config-pmap-ins-http) match header length To limit the HTTP traffic allowed through the ACE based on the length of the entity body in the HTTP message, use the match header length command. Messages will be either allowed or denied based on the Layer 7 HTTP deep packet inspection policy map action. Use the no form of this command to clear an HTTP header length match criteria from the policy map. match name header length {request | response} {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} [insert-before map_name] no match name Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). request Specifies the size of the HTTP header request message that can be received by the ACE. response Specifies the size of the HTTP header response message sent by the ACE. eq bytes Specifies a value for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with an entity body size equal to the specified value. Valid entries are from 1 to 65535 bytes.2-943 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match header length command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. By default, the maximum header length for HTTP deep packet inspection is 2048 bytes. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. Examples To specify that the policy map match on HTTP traffic received with a length less than or equal to 3600 bytes in the entity body of the HTTP message, enter: host1/Admin(config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-http-insp)# match MATCH4 header length request eq 3600 host1/Admin(config-pmap-ins-http-m) Related Commands This command has no related commands. gt bytes Specifies a minimum value for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with an entity body size greater than the specified value. Valid entries are from 1 to 65535 bytes. lt bytes Specifies a maximum value for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with an entity body size less than the specified value. Valid entries are from 1 to 65535 bytes. range bytes1 bytes 2 Specifies a size range for the entity body in an HTTP message received by the ACE. Based on the policy map action, the ACE allows or denies messages with a entity body size within this range. The range is from 1 to 65535 bytes. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-944 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) match header mime-type To specify a subset of the MIME-type messages that the ACE permits or denies based on the actions in the policy map, use the match header mime-type command. Use the no form of this command to deselect the specified Multipurpose Internet Mail Extension (MIME) message match criteria from the policy map. match name header mime-type mime_type [insert-before map_name] no match name 2-945 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). mime_type MIME type. The ACE includes a predefined list of MIME types, such as image\Jpeg, text\html, application\msword, or audio\mpeg. Choose whether only the MIME types included in this list are permitted through the ACE firewall or whether all MIME types are acceptable. The default behavior is to allow all MIME types. The supported MIME types are as follows: • application\msexcel • application\mspowerpoint • application\msword • application\octet-stream • application\pdf • application\postscript • application\x-gzip • application\x-java-archive • application\x-java-vm • application\x-messenger • application\zip • audio\* • audio\basic • audio\midi • audio\mpeg • audio\x-adpcm • audio\x-aiff • audio\x-ogg • audio\x-wav image \* • image\gifimage\jpeg • image\png 2-946 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History • image\tiff • image\x-3ds • image\x-bitmap • image\x-niff • image\x-portable-bitmap • image\x-portable-greymap • image\x-xpm • text\* • text\css • text\html • text\plain • text\richtext • text\sgml • text\xmcd • text\xml • video\* • video\flc • video\mpeg • video\quicktime • video\sgi • video\x-fli insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-947 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Usage Guidelines When you use the match header mime-type command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. MIME-type validation extends the format of Internet mail to allow non-US-ASCII textual messages, nontextual messages, multipart message bodies, and non-US-ASCII information in message headers. Examples To specify that the policy map permits MIME-type audio/midi messages through the ACE, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH5 header mime-type audio\midi host1/Admin(config-pmap-ins-http-m)# Related Commands This command has no related commands. (config-pmap-ins-http) match port-misuse To define HTTP deep packet inspection compliance decisions that restrict certain HTTP traffic from passing through the ACE, use the match port-misuse command. Use the no form of this command to clear the HTTP restricted application category match criteria from the policy map. match name port-misuse {im | p2p | tunneling} [insert-before map_name] no match name Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). im Defines the instant messaging application category. The ACE checks for the Yahoo Messenger instant messaging application. p2p Defines the peer-to-peer application category. The applications checked include Kazaa and Gnutella. (ACE appliance only) The applications checked also include GoToMyPC. tunneling Defines the tunneling application category. The applications checked include HTTPort/HTTHost, GNU httptunnel, and FireThru. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration.2-948 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines The policy map detects the misuse of port 80 (or any other port running HTTP) for tunneling protocols such as peer-to-peer (p2p) applications, tunneling applications, and instant messaging. When you use the match port-misuse command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. The port misuse application inspection process searches the entity body of the HTTP message, which may degrade performance of the ACE. The ACE disables the match port-misuse command by default. If you do not configure a restricted HTTP application category, the default action by the ACE is to allow the applications without generating a log. Examples To specify that the policy map identifies peer-to-peer applications as restricted HTTP traffic, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH6 port-misuse p2p host1/Admin(config-pmap-ins-http-m)# Related Commands This command has no related commands. (config-pmap-ins-http) match request-method To define HTTP deep packet inspection compliance decisions based on the request methods defined in RFC 2616 and by HTTP extension methods, use the match request-method command. If the HTTP request method or extension method compliance checks fails, the ACE denies or resets the specified HTTP traffic based on the policy map action. Use the no form of this command to clear the HTTP request method match criteria from the policy map. match name request-method {ext method | rfc method} [insert-before map_name] no match name ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-949 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match request-method command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. For unsupported HTTP request methods, include the inspect http strict command as an action in the Layer 3 and Layer 4 policy map (see (config-pmap-c) inspect command). The ACE disables the match request-method command by default. If you do not configure a request method, the default action by the ACE is to allow the RFC 2616 HTTP request method without generating a log. By default, the ACE allows all request and extension methods. name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). ext method Specifies an HTTP extension method. If the RFC request messages does not contain one of the RFC 2616 HTTP request methods, the ACE verifies if it is an extension method. The ACE supports the inspection of the following HTTP request extension methods: bcopy, bdelete, bmove, bpropfind, bproppatch, copy, edit, getattr, getattrname, getprops, index, lock, mkcol, mkdir, move, propfind, proppatch, revadd, revlabel, revlog, revnum, save, search, setattr, startrev, stoprev, unedit, and unlock. (ACE module only) The ACE also supports the inspection of the following HTTP request extension methods: notify, poll, subscribe, unsubscribe, and x-ms-emumatts. rfc method Specifies an RFC 2616 HTTP request method that you want to perform an RFC compliance check. The ACE supports the inspection of the following RFC 2616 HTTP request methods: connect, delete, get, head, options, post, put, and trace. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-950 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Examples To specify that the policy map identifies the index HTTP RFC 2616 protocol for application inspection, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH7 request-method ext index host1/Admin(config-pmap-ins-http-m)# Related Commands This command has no related commands. (config-pmap-ins-http) match strict-http To ensure that the internal compliance checks verify message compliance with the HTTP RFC standard, RFC 2616, use the match strict-http command. If the HTTP message is not compliant, the ACE denies or resets the specified HTTP traffic based on the policy map action. Use the no form of this command to clear the HTTP RFC standard, RFC 2616, match criteria from the policy map. match name strict-http [insert-before map_name] no match name Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-951 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Examples When you use the match strict-http command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. To configure the policy map to ensure that the internal compliance checks verify message compliance with the HTTP RFC standard, RFC 2616, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH8 strict-http host1/Admin(config-pmap-ins-http-m)# Related Commands This command has no related commands.2-952 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) match transfer-encoding To define HTTP deep packet inspection decisions that limit the HTTP transfer-encoding types that can pass through the ACE, use the match transfer-encoding command. Use the no form of this command to clear the HTTP transfer-encoding type match criteria from the policy map. match name transfer-encoding coding_types [insert-before map_name] no match name Syntax Descriptionh Policy map inspection HTTP configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). transfer-encoding coding_types Specifies the HTTP transfer-encoding type for the class map. The possible values for coding_types are as follows: • chunked—Message body transferred as a series of chunks. • compress—Encoding format produced by the common UNIX file compression program “compress.” This format is an adaptive Lempel-Ziv-Welch coding (LZW). • deflate—.zlib format defined in RFC 1950 with the deflate compression mechanism described in RFC 1951. • gzip—Encoding format produced by the file compression program gzip (GNU zip) as described in RFC 1952. This format is a Lempel-Ziv coding (LZ77) with a 32-bit CRC. • identity—Default (identity) encoding, which does not require the use of transformation. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-953 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Usage Guidelines When you use the match transfer-encoding command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. The transfer-encoding general-header field indicates the type of transformation, if any, that has been applied to the HTTP message body to safely transfer it between the sender and the recipient. When an HTTP request message contains the configured transfer-encoding type, the ACE performs the configured action in the policy map. Each match transfer-encoding command configures a single application type. The ACE disables the match transfer-encoding command by default. Examples To configure the policy map to specify a chunked HTTP transfer encoding type to limit the HTTP traffic that flows through the ACE, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH9 transfer-encoding chunked host1/Admin(config-pmap-ins-http-m)# Related Commands This command has no related commands. (config-pmap-ins-http) match url To define HTTP deep packet inspection decisions based on the URL name and, optionally, the HTTP method, use the match url command. HTTP performs regular expression matching against the received packet data from a particular connection based on the URL expression. Use the no form of this command to remove the URL name match criteria from the policy map. match name url expression [insert-before map_name] no match name Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression URL, or portion of a URL, to match. The URL string range is from 1 to 256 characters. Include only the portion of the URL that follows www.hostname.domain in the match statement. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration.2-954 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match url command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. Include only the portion of the URL that follows www.hostname.domain in the match statement. For example, in the URL www.anydomain.com/latest/whatsnew.html, include only /latest/whatsnew.html. To match the www.anydomain.com portion, the URL string can take the form of a URL regular expression. The ACE supports the use of regular expressions for matching. For a list of the supported characters that you can use in regular expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. The period (.) does not have a literal meaning in regular expressions. Use either brackets ([]) or the backslash (\) character to match this symbol. For example, specify www[.]xyz[.]com instead of www.xyz.com. Examples To configure the policy map to define application inspection decisions based on a URL, enter (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH_URL url whatsnew/latest.* host1/Admin(config-pmap-ins-http-m)# Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-955 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Configuration Mode Commands (config-pmap-ins-http) match url length To limit the HTTP traffic allowed through the ACE by specifying the maximum length of a URL in a request message that can be received by the ACE, use the match url length command. Messages will be either allowed or denied based on the Layer 7 HTTP deep packet inspection policy map action. Use the no form of this command to clear a URL length match criteria from the policy map. match name url length {eq bytes | gt bytes | lt bytes | range bytes1 bytes 2} [insert-before map_name] no match name Syntax Description Command Modes Policy map inspection HTTP configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). eq bytes Specifies a value for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length equal to the specified value. Valid entries are from 1 to 65535 bytes. gt bytes Specifies a minimum value for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length greater than the specified value. Valid entries are from 1 to 65535 bytes. lt bytes Specifies a maximum value for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length less than the specified value. Valid entries are from 1 to 65535 bytes. range bytes1 bytes Specifies a size range for the HTTP URL length received by the ACE. Based on the policy map action, the ACE allows or denies messages with an HTTP URL length within this range. The range is from 1 to 65535 bytes. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-956 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Class Configuration Mode Commands Usage Guidelines When you use the match url length command, you access the policy map inspection HTTP match configuration mode and the prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). You can then specify the actions that the ACE should take when network traffic matches the specified inline match command. For information about commands in this mode, see the “Policy Map Inspection HTTP Match Configuration Mode Commands” section. Examples To specify that the policy map is to match on a URL with a length less than or equal to 10,000 bytes in the request message, enter: (config)# policy-map type inspect http all-match HTTP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH10 url length eq 10000 host1/Admin(config-pmap-ins-http-m)# Related Commands This command has no related commands. Policy Map Inspection HTTP Class Configuration Mode Commands Policy map inspection HTTP class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 HTTP deep packet inspection class map. To access policy map inspection HTTP class configuration mode, use the class command in policy map inspection HTTP configuration mode (see the (config-pmap-ins-http) class command for details). The prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-c). The default of the ACE is to permit HTTP traffic. For example, if a policy map explicitly permits the HTTP GET method, other methods such as PUT will also be permitted. Only an explicit deny through the reset command is capable of dropping traffic. The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ACE Appliance Release Modification A1(7) This command was introduced.2-957 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Class Configuration Mode Commands (config-pmap-ins-http-c) passthrough log To prevent a reset from being sent to the client and the server, the ACE bypasses the HTTP 1.1 parsing after a CONNECT request is received, use the passthrough command. The ACE uses this pass-through action when there is a match on a port misuse configuration with a pass-through action and a CONNECT request. Use the no form of this command to . passthrough log no passthrough log Syntax Description Command Modes Policy map inspection HTTP class configuration mode Admin and user contexts Command History Usage Guidelines By default, with HTTP 1.1, the ACE performs strict header parsing, which may cause a reset (RST) to be sent to the client and the server when the ACE is unable to parse the encrypted packet over a CONNECT request. This issue is not seen with HTTP 1.0 because the ACE skips the header parsing. Examples Create a Layer 7 class map for tunneling protocols and the policy-map action as pass through using the passthrough log command as follows: class-map type http inspect match-any c2 2 match port-misuse tunneling policy-map type inspect http all-match SECURITY class c2 passthrough log Related Commands This command has no related commands. log (Optional) Generates a log message for traffic that matches the class map. ACE Module Release Modification A4(1.1) This command was introduced. ACE Appliance Release Modification A4(1.1) This command was introduced.2-958 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Class Configuration Mode Commands (config-pmap-ins-http-c) permit To allow the specified HTTP traffic to be received by the ACE if it passes the HTTP deep packet inspection match criteria specified in the class map, use the permit command. Use the no form of this command to disallow the specified HTTP traffic to be received by the ACE. permit [log] no permit Syntax Description Command Modes Policy map inspection HTTP class configuration mode Admin and user contexts Command History Usage Guidelines By default, HTTP inspection allows traffic that does not match any of the configured Layer 7 HTTP deep packet inspection matches. You can modify this behavior by including the class class-default command with the reset action to deny the specified Layer 7 HTTP traffic. In this case, if none of the class matches configured in the Layer 7 HTTP deep packet inspection policy map are hit, the class-default action will be taken by the ACE. For example, you can include a class map to allow the HTTP GET method and use the class class-default command to block all of the other requests. Note By default, all matches are applied to both HTTP request and response messages, but the class class-default command is applied only to HTTP requests. Examples To allow the specified HTTP traffic to be received by the ACE if the class map match criteria in class map L7HTTP_CHECK are met, enter: host1/Admin(config)# policy-map type inspect http all-match HTTP_DEEPINSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# class L7HTTP_CHECK host1/Admin(config-pmap-ins-http-c)# permit Related Commands This command has no related commands. log (Optional) Generates a log message for traffic that matches the class map. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-959 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Match Configuration Mode Commands (config-pmap-ins-http-c) reset To deny the specified HTTP traffic by sending a TCP reset message to the client or server to close the connection, use the reset command. Use the no form of this command to allow the specified HTTP traffic to be received by the ACE. reset [log] no reset Syntax Description Command Modes Policy map inspection HTTP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To deny the specified HTTP traffic to be received by the ACE if the class map match criteria in class map L7HTTP_CHECK are met, enter: host1/Admin(config)# policy-map type inspect http all-match HTTP_DEEPINSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# class http_check host1/Admin(config-pmap-ins-http-c)# reset Related Commands This command has no related commands. Policy Map Inspection HTTP Match Configuration Mode Commands Policy map inspection HTTP match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map inspection HTTP match configuration mode, use one of the match commands in policy map log (Optional) Generates a log message for traffic that matches the class map. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-960 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Match Configuration Mode Commands inspection HTTP configuration mode (see the “Policy Map Inspection HTTP Configuration Mode Commands” section for command details). The prompt changes from (config-pmap-ins-http) to (config-pmap-ins-http-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The match commands function the same as with the Layer 7 class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the Layer 7 policy map. The default of the ACE is to permit HTTP traffic. For example, if a policy map explicitly permits the HTTP GET method, other methods such as PUT will also be permitted. Only an explicit deny through the reset command is capable of dropping traffic. The commands in this mode requires the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-961 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Match Configuration Mode Commands (config-pmap-ins-http-m) passthrough log To prevent a reset from being sent to the client and the server, the ACE bypasses the HTTP 1.1 parsing after a CONNECT request is received, use the passthrough command. The ACE uses this pass-through action when there is a match on a port misuse configuration with a pass-through action and a CONNECT request. Use the no form of this command to . passthrough log no passthrough log Syntax Description Command Modes Policy map inspection HTTP class configuration mode Admin and user contexts Command History Usage Guidelines By default, with HTTP 1.1, the ACE performs strict header parsing, which may cause a reset (RST) to be sent to the client and the server when the ACE is unable to parse the encrypted packet over a CONNECT request. This issue is not seen with HTTP 1.0 because the ACE skips the header parsing. Examples Create a Layer 7 class map for tunneling protocols and the policy-map action as pass through using the passthrough log command as follows: class-map type http inspect match-any c2 2 match port-misuse tunneling policy-map type inspect http all-match SECURITY class c2 passthrough log Related Commands This command has no related commands. log (Optional) Generates a log message for traffic that matches the class map. ACE Module Release Modification A4(1.1) This command was introduced. ACE Appliance Release Modification A4(1.1) This command was introduced.2-962 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Match Configuration Mode Commands (config-pmap-ins-http-m) permit To allow the specified HTTP traffic to be received by the ACE if it passes inspection of the match criteria in an inline match condition, use the permit command. Use the no form of this command to disallow the specified HTTP traffic to be received by the ACE. permit [log] no permit Syntax Description Command Modes Policy map inspection HTTP match configuration mode Admin and user contexts Command History Usage Guidelines The default of the ACE is to permit HTTP traffic. For example, if a policy map explicitly permits the HTTP GET method, other methods such as PUT will also be permitted. Only an explicit deny through the reset command is capable of dropping traffic. Examples To allow the specified HTTP traffic to be received by the ACE if the match criteria are met, enter: host1/Admin(config)# policy-map type inspect http all-match HTTP_DEEPINSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH5 transfer-encoding chunked host1/Admin(config-pmap-ins-http-m)# permit Related Commands This command has no related commands. log (Optional) Generates a log message for traffic that matches the inline match command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-963 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection HTTP Match Configuration Mode Commands (config-pmap-ins-http-m) reset To deny the specified HTTP traffic by sending a TCP reset message to the client or server to close the connection, use the reset command. Use the no form of this command to allow the specified HTTP traffic to be received by the ACE. reset [log] no reset Syntax Description Command Modes Policy map inspection HTTP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To deny the specified HTTP traffic to be received by the ACE if the match criteria are met, enter: host1/Admin(config)# policy-map type inspect http all-match HTTP_DEEPINSPECT_L7POLICY host1/Admin(config-pmap-ins-http)# match MATCH5 transfer-encoding chunked host1/Admin(config-pmap-ins-http-m)# reset Related Commands This command has no related commands. log (Optional) Generates a log message for traffic that matches the inline match command. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-964 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands Policy Map Inspection SIP Configuration Mode Commands Policy map inspection SIP configuration mode commands allow you to define a policy map that initiates the inspection of the SIP protocol packets by the ACE. The ACE attempts to match all specified conditions against the matching classification and executes the actions of all matching classes until it encounters a deny for a match request. To create a SIP policy map and access policy map inspection SIP configuration mode, use the policy-map type inspect sip all-match command in configuration mode. When you access the policy map inspection SIP configuration mode, the prompt changes to (config-pmap-ins-sip). Use the no form of this command to remove a SIP inspection policy map from the ACE. policy-map type inspect sip all-match map_name no policy-map type inspect sip all-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The Layer 7 policy map configures the applicable SIP inspection actions executed on the network traffic that match the classifications defined in a class map. You then associate the completed Layer 7 SIP inspection policy with a Layer 3 and Layer 4 policy map to activate the operation on a VLAN interface. Examples To create a Layer 7 SIP inspection policy map, enter: host1/Admin(config)# policy-map type inspect sip all-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# sip all-match Specifies the policy map that initiates the inspection of the SIP protocol packets by the ACE. The ACE attempts to match all specified conditions against the matching classification and executes the actions of all matching classes until it encounters a deny for a match request. map_name Name assigned to the Layer 7 SIP inspection policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-965 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands To remove the SIP inspection policy map from the configuration, enter: host1/Admin(config)# no policy-map type inspect sip all-match SIP_INSPECT_L7POLICY Related Commands show startup-config2-966 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands (config-pmap-ins-sip) class To associate a Layer 7 SIP inspection class map with a Layer 7 SIP inspection policy map, use the class command. The prompt changes from (config-pmap-sip-ins) to (config-pmap-sip-ins-c). Use the no form of this command to remove an associated class map from a policy map. class map_name [insert-before map_name] no class map_name Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 SIP inspection class map with a Layer 7 SIP inspection policy map, enter: host/Admin(config-pmap-ins-sip)# class SIP_INSPECT_L7CLASS host/Admin(config-pmap-ins-sip-c)# To disassociate the class map from the policy map, enter: host/Admin(config-pmap-ins-sip)# no class SIP_INSPECT_L7CLASS Related Commands (config-pmap-ins-sip) description (config-pmap-ins-sip-c) drop (config-pmap-ins-sip-c) log (config-pmap-ins-sip-c) permit (config-pmap-ins-sip-c) reset map_name Name of a previously defined Layer 7 SIP inspection class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before map_name (Optional) Places the class map ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-967 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands (config-pmap-ins-sip) description To provide a brief summary about the Layer 7 SIP inspection policy map, use the description command. Use the no form of this command to remove the description from the policy map. description text no description Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description for a Layer 7 SIP inspection policy map, enter: host1/Admin(config-pmap-ins-sip)# description layer 7 sip inspection policy To remove the description from the policy map, enter: host1/Admin(config-pmap-ins-sip)# no description Related Commands (config-pmap-ins-sip) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-968 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands (config-pmap-ins-sip) match called-party To filter SIP traffic based on the called party, use the match called-party command. Use the no form of this command to remove the match statement from the policy map. match name called-party expression [insert-before map_name] no match name called-party expression Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines You can filter SIP traffic based on the called party (callee or destination) as specified in the URI of the SIP To header. The ACE does not include the display name or tag part of the field. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. Table 1-21 lists the supported characters that you can use in regular expressions. Examples To identify the called party in the SIP To header, enter: host1/Admin(config-pmap-ins-sip)# match MATCH_CALLED called-party sip:some-user@somenetwork.com To remove the match statement from the policy map, enter: name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression Called party in the URI of the SIP To header. Enter a regular expression from 1 to 255 alphanumeric characters. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-969 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands host1/Admin(config-pmap-ins-sip)# no match MATCH_CALLED called-party sip:some-user@somenetwork.com Related Commands (config-pmap-ins-sip) match calling-party (config-pmap-ins-sip) match content (config-pmap-ins-sip) match im-subscriber (config-pmap-ins-sip) match message-path (config-pmap-ins-sip) match request-method (config-pmap-ins-sip) match third-party registration (config-pmap-ins-sip) match uri (config-pmap-ins-sip) match calling-party To filter SIP traffic based on the calling party, use the match calling-party command. Use the no form of this command to remove the description from the policy map. match name calling-party expression [insert-before map_name] no match name calling-party expression Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression Calling party in the URI of the SIP From header. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-970 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands Usage Guidelines You can filter SIP traffic based on the calling party (caller or source) as specified in the URI of the SIP From header. The ACE does not include the display name or tag part of the field. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-21 for a list of the supported characters that you can use in regular expressions. Examples To identify the calling party in the SIP From header, enter: host1/Admin(config-pmap-ins-sip)# match MATCH_CALLING calling-party sip:this-user@thisnetwork.com;tag=745g8 To remove the match statement from the policy map, enter: host1/Admin(config-pmap-ins-sip)# no match MATCH_CALLING calling-party sip:this-user@thisnetwork.com;tag=745g8 Related Commands (config-pmap-ins-sip) match called-party (config-pmap-ins-sip) match content (config-pmap-ins-sip) match im-subscriber (config-pmap-ins-sip) match message-path (config-pmap-ins-sip) match request-method (config-pmap-ins-sip) match third-party registration (config-pmap-ins-sip) match uri (config-pmap-ins-sip) match content To define SIP content checks, use the match content command. Use the no form of this command to remove the match statement from the policy map. match name content {length gt number} | {type sdp | expression} [insert-before map_name] no match name content {length gt number} | {type sdp | expression} Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). length Specifies the SIP message body length. gt Specifies the greater than operator. number Maximum size of a SIP message body that the ACE allows. Enter an integer from 0 to 65534 bytes. If the message body is greater than the configured value, the ACE performs the action that you configure in the policy map. type Specifies a content type check.2-971 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines You can configure the ACE to perform SIP content checks based on content length or content type. By default, the ACE allows all content types. Examples To configure the ACE to drop SIP packets that have content with a length greater than 4000 bytes in length, enter: host1/Admin(config)# class-map type sip inspect match-all SIP_INSP_CLASS host1/Admin(config-pmap-ins-sip)# match MATCH_CONTENT content length gt 200 host1/Admin(config)# policy-map type inspect sip all-match SIP_INSP_POLICY host1/Admin(config-pmap-ins-sip)# class SIP_INSP_CLASS host1/Admin(config-pmap-ins-sip-c)# deny To remove the match statement from the policy map, enter: host1/Admin(config-cmap-sip-insp)# no match MATCH_CONTENT content length gt 200 Related Commands (config-pmap-ins-sip) match called-party (config-pmap-ins-sip) match calling-party (config-pmap-ins-sip) match im-subscriber (config-pmap-ins-sip) match message-path (config-pmap-ins-sip) match request-method (config-pmap-ins-sip) match third-party registration (config-pmap-ins-sip) match uri sdp Specifies that the traffic must be of type Session Description Protocol (SDP) to match the policy map. expression Regular expression that identifies the content type in the SIP message body that is required to match the policy map. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. See Table 1-21 for a list of the supported characters that you can use in regular expressions. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-972 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands (config-pmap-ins-sip) match im-subscriber To filter SIP traffic based on the IM subscriber, use the match im-subscriber command. Use the no form of this command to remove the description from the policy map. match name im-subscriber expression [insert-before map_name] no match name im-subscriber expression Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-21 for a list of the supported characters that you can use in regular expressions. Examples To filter SIP traffic based on the IM subscriber, John Q. Public, enter: host1/Admin(config-pmap-ins-sip)# match MATCH_IM im-subscriber John_Q_Public To remove the match statement from the policy map, enter: host1/Admin(config-pmap-ins-sip)# no match MATCH_IM im-subscriber John_Q_Public name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression Calling party. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-973 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands Related Commands (config-pmap-ins-sip) match called-party (config-pmap-ins-sip) match calling-party (config-pmap-ins-sip) match content (config-pmap-ins-sip) match message-path (config-pmap-ins-sip) match request-method (config-pmap-ins-sip) match third-party registration (config-pmap-ins-sip) match uri (config-pmap-ins-sip) match message-path To filter SIP traffic based on the message path, use the match message-path command. Use the no form of this command to remove the match statement from the policy map. match name message-path expression [insert-before map_name] no match name message-path expression Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines SIP inspection allows you to filter messages coming from or transiting through certain SIP proxy servers. The ACE maintains a list of unauthorized SIP proxy IP addresses or URIs in the form of regular expressions and then checks this list against the VIA header field in each SIP packet. The default action is to drop SIP packets with VIA fields that match regex list. name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression SIP proxy server. Enter a regular expression from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-974 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-21 for a list of the supported characters that you can use in regular expressions. Examples To filter SIP traffic based on the message path 192.168.12.3:5060, enter: host1/Admin(config-pmap-ins-sip)# match MATCH_PATH message-path 192.168.12.3:5060 To remove the match statement from the policy map, enter: host1/Admin(config-pmap-ins-sip)# no match MATCH_PATH message-path 192.168.12.3:5060 Related Commands (config-pmap-ins-sip) match called-party (config-pmap-ins-sip) match calling-party (config-pmap-ins-sip) match content (config-pmap-ins-sip) match im-subscriber (config-pmap-ins-sip) match request-method (config-pmap-ins-sip) match third-party registration (config-pmap-ins-sip) match uri (config-pmap-ins-sip) match request-method To filter SIP traffic based on the request method, use the match request-method command. Use the no form of this command to remove the description from the policy map. match name request-method method_name [insert-before map_name] no match name request-method method_name2-975 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To filter SIP traffic based on the INVITE request method, enter: host1/Admin(config-pmap-ins-sip)# match MATCH_REQUEST request-method invite To remove the match statement from the policy map, enter: host1/Admin(config-pmap-ins-sip)# no match MATCH_REQUEST request-method invite method_name Supported SIP method using one of the following keywords: • ack • bye • cancel • info • invite • message • notify • options • prack • refer • register • subscribe • unknown • update Use the unknown keyword to permit or deny unknown or unsupported SIP methods. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-976 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands Related Commands (config-pmap-ins-sip) match called-party (config-pmap-ins-sip) match calling-party (config-pmap-ins-sip) match content (config-pmap-ins-sip) match im-subscriber (config-pmap-ins-sip) match message-path (config-pmap-ins-sip) match third-party registration (config-pmap-ins-sip) match uri (config-pmap-ins-sip) match third-party registration To filter SIP traffic based on third-party registrations or deregistrations, use the match third-party-registration command. Use the no form of this command to remove the match statement from the policy map. match name third-party registration expression [insert-before map_name] no match name third-party registration expression Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines SIP allows users to register other users on their behalf by sending REGISTER messages with different values in the From and To header fields. This process may pose a security threat if the REGISTER message is actually a DEREGISTER message. A malicious user could cause a Denial of Service (DoS) attack by deregistering all users on their behalf. To prevent this security threat, you ACE can specify a name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression Privileged user that is authorized for third-party registrations. Enter a regular expression from 1 to 255 alphanumeric characters. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-977 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands list of privileged users who can register or unregister someone else on their behalf. The ACE maintains the list as a regex table. If you configure this policy, the ACE drops REGISTER messages with mismatched From and To headers and a From header value that does not match any of the privileged user IDs. The ACE supports the use of regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. See Table 1-21 for a list of the supported characters that you can use in regular expressions. Examples To filter SIP traffic based on SIP registrations or deregistrations, enter: host1/Admin(config-pmap-ins-sip)# match MATCH_REG third-party-registration USER1 To remove the match statement from the policy map, enter: host1/Admin(config-pmap-ins-sip)# no match MATCH_REG third-party-registration USER1 Related Commands (config-pmap-ins-sip) match called-party (config-pmap-ins-sip) match calling-party (config-pmap-ins-sip) match content (config-pmap-ins-sip) match im-subscriber (config-pmap-ins-sip) match message-path (config-pmap-ins-sip) match request-method (config-pmap-ins-sip) match uri2-978 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Configuration Mode Commands (config-pmap-ins-sip) match uri To filter SIP traffic based on URIs, use the match uri command. Use the no form of this command to remove the match statement from the policy map. match name uri {sip | tel} length gt value [insert-before map_name] no match name uri {sip | tel} length gt value Syntax Description Command Modes Policy map inspection SIP configuration mode Admin and user contexts Command History Usage Guidelines You can configure the ACE to validate the length of SIP URIs or Tel URIs. A SIP URI is a user identifier that a calling party (source) uses to contact the called party (destination). A Tel URI is a telephone number that identifies the endpoint of a SIP connection. For more information about SIP URIs and Tel URIs, see RFC 2534 and RFC 3966, respectively. Examples To instruct the ACE to filter traffic based on SIP URIs, enter: host1/Admin(config-pmap-ins-sip)# match MATCH_URI uri sip length gt 100 name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). sip Specifies that the ACE validates the length of a SIP URI. tel Specifies that the ACE validates the length of a Tel URI. length Specifies the length of the SIP or Tel URI. gt Specifies the greater than operator. value Maximum value for the length of the SIP URI or Tel URI in bytes. Enter an integer from 0 to 254 bytes. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-979 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Class Configuration Mode Commands To remove the match statement from the policy map, enter: host1/Admin(config-pmap-ins-sip)# no match MATCH_URI uri sip length gt 100 Related Commands (config-pmap-ins-sip) match called-party (config-pmap-ins-sip) match calling-party (config-pmap-ins-sip) match content (config-pmap-ins-sip) match im-subscriber (config-pmap-ins-sip) match message-path (config-pmap-ins-sip) match request-method (config-pmap-ins-sip) match third-party registration Policy Map Inspection SIP Class Configuration Mode Commands Use the policy map SIP inspection class configuration mode to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 SIP inspection class map. To access policy map SIP inspection class configuration mode, use the class command in the policy map SIP inspection configuration mode (see the (config-pmap-ins-sip) class command for details). The prompt changes from (config-pmap-ins-sip) to (config-pmap-ins-sip-c). The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-980 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Class Configuration Mode Commands (config-pmap-ins-sip-c) drop To discard the SIP traffic that matches the traffic specified in the class map, use the drop command. Use the no form of this command to return the ACE behavior to the default of permitting all SIP traffic to pass. drop [log] no drop Syntax Description Command Modes Policy map inspection SIP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To discard the SIP traffic that matches the class map, enter: host1/Admin(config)# policy-map type inspect sip first-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# class SIP_INSPECT_L7CLASS host1/Admin(config-pmap-ins-sip-c)# drop Related Commands This command has no related commands. (config-pmap-ins-sip-c) log To log all SIP traffic that matches the class map, use the log command. Use the no form of this command to return the ACE behavior to the default of not logging SIP traffic. log no log log (Optional) Generates a log message for traffic that matches the class map. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-981 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Class Configuration Mode Commands Syntax Description This command has no keywords or arguments. Command Modes Policy map inspection SIP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To log the SIP traffic that matches the class map, enter: host1/Admin(config)# policy-map type inspect sip first-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# class SIP_INSPECT_L7CLASS host1/Admin(config-pmap-ins-sip-c)# log Related Commands This command has no related commands. (config-pmap-ins-sip-c) permit To permit the SIP traffic that matches the class map to pass through the ACE, use the permit command. Use the no form of this command to return the ACE behavior to the default of permitting all SIP traffic to pass. permit [log] no permit Syntax Description Command Modes Policy map inspection SIP class configuration mode Admin and user contexts ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. log (Optional) Generates a log message for traffic that matches the class map.2-982 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Class Configuration Mode Commands Command History Usage Guidelines This command has no usage guidelines. Examples To permit the SIP traffic that matches the class map to pass through the ACE, enter: host1/Admin(config)# policy-map type inspect sip first-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# class SIP_INSPECT_L7CLASS host1/Admin(config-pmap-ins-sip-c)# permit Related Commands This command has no related commands. (config-pmap-ins-sip-c) reset To instruct the ACE to deny the SIP traffic that matches the class map and to reset the connection using the TCP RESET message, use the reset command. Use the no form of this command to return the ACE behavior to the default of permitting all SIP traffic to pass. reset [log] no reset Syntax Description Command Modes Policy map inspection SIP class configuration mode Admin and user contexts Command History ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. log (Optional) Generates a log message for traffic that matches the class map. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-983 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Match Configuration Mode Commands Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to deny the traffic that matches the class map and to reset the connection, enter: host1/Admin(config)# policy-map type inspect sip first-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# class SIP_INSPECT_L7CLASS host1/Admin(config-pmap-ins-sip-c)# reset Related Commands This command has no related commands. Policy Map Inspection SIP Match Configuration Mode Commands Policy map inspection SIP match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map inspection SIP match configuration mode, use the match command in policy map inspection SIP configuration mode. The prompt changes from (config-pmap-ins-sip) to (config-pmap-ins-sip-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The match commands function the same as with the Layer 7 class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the Layer 7 policy map. The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-984 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Match Configuration Mode Commands (config-pmap-ins-sip-m) drop To discard the SIP traffic that matches the traffic specified in the single inline match command, use the drop command. Use the no form of this command to return the ACE behavior to the default of permitting all SIP traffic to pass. drop [log] no drop Syntax Description Command Modes Policy map inspection SIP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To discard the SIP traffic that matches the traffic specified in the single inline match command, enter: host1/Admin(config)# policy-map type inspect sip all-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# match MATCH_URI uri sip length gt 100 host1/Admin(config-pmap-ins-sip-m)# drop Related Commands This command has no related commands. log (Optional) Generates a log message for traffic that matches the single inline match command. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-985 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection SIP Match Configuration Mode Commands (config-pmap-ins-sip-m) permit To permit the SIP traffic that matches the traffic specified in the single inline match command to pass through the ACE, use the permit command. Use the no form of this command to return to the default state and permit all SIP traffic to pass. permit [log] no permit Syntax Description Command Modes Policy map inspection SIP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To permit the SIP traffic specified in the single inline match command to pass through the ACE, enter: host1/Admin(config)# policy-map type inspect sip all-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# match MATCH_URI uri sip length gt 100 host1/Admin(config-pmap-ins-sip-m)# permit Related Commands This command has no related commands. log (Optional) Generates a log message for traffic that matches the inline match command. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-986 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection Skinny Configuration Mode Commands (config-pmap-ins-sip-m) reset To instruct the ACE to deny SIP traffic that matches the single inline match command and to reset the connection using the TCP RESET message, use the reset command. Use the no form of this command to return the ACE behavior to the default of permitting all SIP traffic to pass. reset [log] no reset Syntax Description Command Modes Policy map inspection SIP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to deny the traffic that matches the single inline match command and to reset the connection, enter: host1/Admin(config)# policy-map type inspect sip all-match SIP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-sip)# match MATCH_URI uri sip length gt 100 host1/Admin(config-pmap-ins-sip-m)# reset Related Commands This command has no related commands. Policy Map Inspection Skinny Configuration Mode Commands Policy map inspection Skinny configuration mode commands allow you to define a policy map that initiates inspection of the Skinny Client Control Protocol (SCCP) by the ACE. The ACE uses the SCCP inspection policy to filter traffic based on the message ID and to perform user-configurable actions on that traffic. log (Optional) Generates a log message for traffic that matches the single inline match command. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-987 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection Skinny Configuration Mode Commands To create an SCCP inspection policy map and access policy map inspection Skinny configuration mode, use the policy-map type inspect skinny command in configuration mode. When you access the policy map inspection skinny configuration mode, the prompt changes to (config-pmap-ins-skinny). Use the no form of this command to remove an SCCP inspection policy map from the ACE. policy-map type inspect skinnny map_name no policy-map type inspect skinny map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Layer 7 SCCP inspection policy map, enter: host1/Admin(config)# policy-map type inspect skinny SCCP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-skinny)# Related Commands This command has no related commands. map_name Name assigned to the Layer 7 SCCP inspection policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-988 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection Skinny Configuration Mode Commands (config-pmap-ins-skinny) description To provide a brief summary about the Layer 7 SCCP inspection policy map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Policy map inspection Skinny configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description about the SCCP policy map, enter: host1/Admin(config-pmap-ins-skinny)# description this is an SCCP inspection policy map To remove the inline match statement from the policy map, enter: host1/Admin(config-pmap-ins-skinny)# no match SCCP_MATCH message-id range 100 500 Related Commands (config-pmap-ins-skinny-m) reset (config-pmap-ins-skinny) match message-id text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-989 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection Skinny Configuration Mode Commands (config-pmap-ins-skinny) match message-id To include a single inline match criteria in the policy map without specifying a traffic class, use the match message-id command. Use the no form of this command to remove the inline match statement from the policy map. match name message-id {number1 | range {number2 number3}} [insert-before name] no match name Syntax Description Command Modes Policy map inspection skinny configuration mode Admin and user contexts Command History Usage Guidelines When you use an inline match command, you can specify an action for only a single match statement in the Layer 7 policy map. Examples To specify an inline match command for a Layer 7 SCCP inspection policy map, enter: host1/Admin(config-pmap-ins-skinny)# match SCCP_MATCH message-id range 100 500 host1/Admin(config-pmap-ins-skinny-m)# Related Commands (config-pmap-ins-skinny) description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). number1 Numerical identifier of the SCCP message. Enter an integer from 0 to 65535. range {number2 number3} Specifies a range of SCCP message IDs. Enter an integer from 0 to 65535 for the lower and the upper limits of the range. The upper limit must be greater than or equal to the lower limit. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-990 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection Skinny Match Configuration Mode Commands Policy Map Inspection Skinny Match Configuration Mode Commands Policy map inspection Skinny match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map inspection Skinny match configuration mode, use the match message-id command in policy map inspection Skinny configuration mode (see the (config-pmap-ins-skinny) match message-id command for details). The prompt changes from (config-pmap-ins-skinny) to (config-pmap-ins-skinny-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The match commands function the same as with the Layer 7 class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the Layer 7 policy map. The commands in this mode require the inspect feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-991 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Inspection Skinny Match Configuration Mode Commands (config-pmap-ins-skinny-m) reset To instruct the ACE to deny SCCP traffic that matches the single inline match command and to reset the connection using the TCP RESET message, use the reset command as the policy map action. By default, the ACE allows all SCCP packets to pass through it. Use the no form of this command to reset the ACE behavior to the default of allowing all SCCP traffic to pass. reset [log] no reset Syntax Description Command Modes Policy map inspection Skinny match configuration mode Admin and user contexts Command History Usage Guidelines You apply the specified action against the single inline match command. The reset command causes the ACE to drop the SCCP traffic that matches the inline match command and reset the connection. Examples To specify that the ACE drop SCCP traffic that matches the match message-id inline command, enter: host1/Admin(config)# policy-map type inspect sccp SCCP_INSPECT_L7POLICY host1/Admin(config-pmap-ins-skinny)# match SCCP_MATCH message-id range 100 500 host1/Admin(config-pmap-ins-skinny-m)# reset Related Commands (config-pmap-ins-skinny) description (config-pmap-ins-skinny) match message-id log (Optional) Generates a log message for traffic that matches the single inline match command. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-992 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Configuration Mode Commands Policy Map Load Balancing Generic Configuration Mode Commands Policy map load balancing generic configuration mode commands allow you to specify a generic Layer 7 policy map for server load-balancing decisions. The ACE executes the specified action only against the first matching load-balancing classification. To create a generic Layer 7 server load balancing (SLB) policy map and access policy map load balancing generic configuration mode, use the policy-map type loadbalance generic first-match command. When you access the policy map load balancing generic configuration mode, the prompt changes to (config-pmap-lb-generic). Use the no form of this command to remove a generic Layer 7 SLB policy map from the ACE. policy-map type loadbalance generic first-match map_name no policy-map type loadbalance generic first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 load balancing policy map with a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. To associate the Layer 7 load-balancing policy map, you nest it by using the Layer 3 and Layer 4 (config-pmap-c) loadbalance policy command. Examples To create a generic SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# map_name Name assigned to the generic SLB policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-993 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Configuration Mode Commands Related Commands show running-config (config) policy-map2-994 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Configuration Mode Commands (config-pmap-lb-generic) class To associate a Layer 7 server load balancing (SLB) class map with a Layer 7 SLB policy map, use the class command. The prompt changes from (config-pmap-lb-generic) to (config-pmap-lb-generic-c). For information about commands in this mode, see the “Policy Map Load Balancing Generic Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Policy map load balancing generic configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 SLB class map with a Layer 7 SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# class L7LOADBALNCE_CLASS name1 Name of a previously defined Layer 7 SLB class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current named class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-995 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Configuration Mode Commands Related Commands (config-pmap-lb-generic) description2-996 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Configuration Mode Commands (config-pmap-lb-generic) description To provide a brief description of the generic server load balancing (SLB) policy map, use the description command. Use the no form of this command to remove the description from the policy map. description text no description Syntax Description Command Modes Policy map load balancing generic configuration mode Admin role in any user context Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform server load balancing, enter: host/Admin(config-pmap-lb-generic)# description GENERIC_LOAD_BALANCE_PROTOCOL Related Commands (config-pmap-lb-generic) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-997 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Configuration Mode Commands (config-pmap-lb-generic) match layer4-payload To make server load balancing (SLB) decisions based on the Layer 4 payload, use the match layer4-payload command. Use the no form of this command to remove the Layer 4 payload match statement from the policy map. match name layer4-payload [offset bytes] regex expression [insert-before map_name] no match name layer4-payload [offset bytes] regex expression [insert-before map_name] Syntax Description Command Modes Policy map load balancing generic configuration mode Admin and user contexts Command History Usage Guidelines To specify actions for multiple match statements, use a class map as described in the “Class Map Generic Configuration Mode Commands” section. Generic data parsing begins at Layer 4 with the TCP or UDP payload, which allows you the flexibility to match Layer 5 data (in the case of the Lightweight Directory Access Protocol (LDAP) or the Domain Name System (DNS) or any Layer 7 header or payload (for example, HTTP). name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). offset bytes (Optional) Specifies an absolute offset in the data where the Layer 4 payload expression search string starts. The offset starts at the first byte of the TCP or UDP body. Enter an integer from 0 to 999. The default is 0. regex expression Specifies the Layer 4 payload expression that is contained within the TCP or UDP entity body. Enter a string from 1 to 255 alphanumeric characters. For a list of the supported characters that you can use in regular expression strings, see Table 1-21. insert-before map_name (Optional) Places the inline match command ahead of an existing class map or other match statement specified by the map_name argument. The ACE does not save the sequence reordering as part of the configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-998 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Configuration Mode Commands When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). When you use the match layer4-payload command, you access the policy map load balancing generic match configuration mode and the prompt changes to (config-pmap-lb-generic-m). For information about commands in this mode, see the “Policy Map Load Balancing Generic Match Configuration Mode Commands” section. Examples To define Layer 4 payload match criteria for a generic policy map, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# match L4_MATCH layer4-payload offset 10 regex abc12.* host1/Admin(config-pmap-lb-generic-m)# Related Commands (config-cmap-generic) match layer4-payload (config-pmap-lb-generic) match source-address To specify a client source host IP address and subnet mask as the network traffic matching criteria, use the match source-address command. You configure the associated policy map to permit or restrict management traffic to the ACE from the specified source network or host. Use the no form of this command to clear the source IP address and subnet mask match criteria from the policy map. match name source-address ip_address mask [insert-before map_name] no match name source-address ip_address mask Syntax Description Command Modes Policy map load balancing generic configuration mode Admin and user contexts name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). mask Subnet mask of the client entry in dotted-decimal notation (for example, 255.255.255.0). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration.2-999 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Class Configuration Mode Commands Command History Usage Guidelines When you use the match source-address command, you access the policy map load balancing generic match configuration mode and the prompt changes from (config-pmap-lb-generic) to (config-pmap-lb-generic-m). For information about commands in this mode, see the “Policy Map Load Balancing Generic Match Configuration Mode Commands” section. Examples To specify that the Layer 7 SLB policy map matches on source IP address 192.168.10.1 255.255.0.0, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# match match3 source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-generic-m)# Related Commands (config-cmap-generic) match source-address Policy Map Load Balancing Generic Class Configuration Mode Commands Policy map load balancing generic class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 server load balancing (SLB) class map. To access policy map load balancing generic class configuration mode, use the class command in policy map load balancing generic configuration mode (see the (config-pmap-lb-generic) class command for details). The prompt changes to (config-pmap-lb-generic-c). The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1000 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Class Configuration Mode Commands (config-pmap-lb-generic-c) drop To instruct the ACE to discard packets that match a particular load-balancing criterion in the class map, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing generic class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the class map, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# class L7SLBCLASS host1/Admin(config-pmap-lb-generic-c)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1001 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Class Configuration Mode Commands (config-pmap-lb-generic-c) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing generic class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# class L7SLBCLASS host1/Admin(config-pmap-lb-generic-c)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1002 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Class Configuration Mode Commands (config-pmap-lb-generic-c) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load-balancing policy map. serverfarm name1 [backup name2] [aggregate-state] no serverfarm name1 [backup name2] [aggregate-state] Syntax Description Command Modes Policy map load balancing generic class configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# class L7SLBCLASS host1/Admin(config-pmap-lb-generic-c)# serverfarm FARM2 backup FARM3 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1003 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Class Configuration Mode Commands Related Commands This command has no related commands. (config-pmap-lb-generic-c) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing generic class configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples The following example specifies the set ip tos command as a QoS action in the Layer 7 load-balancing policy map. All packets that satisfy the match criteria of L7SLBCLASS are marked with the IP DSCP value of 8. How packets marked with the IP DSCP value of 8 are treated is determined by the network configuration. host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# class L7SLBCLASS host1/Admin(config-pmap-lb-generic-c)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1004 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Match Configuration Mode Commands (config-pmap-lb-generic-c) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing generic class configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a generic Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# class L7SLBCLASS host1/Admin(config-pmap-lb-generic-c)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. Policy Map Load Balancing Generic Match Configuration Mode Commands Policy map load balancing generic match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map load balancing generic match configuration mode, use one of the match commands in policy name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1005 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Match Configuration Mode Commands map load balancing generic configuration mode (see the “Policy Map Load Balancing Generic Configuration Mode Commands” section for details). The prompt changes to (config-pmap-lb-generic-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The inline match commands function the same way as the Layer 7 server load balancing (SLB) class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the generic SLB policy map. The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-1006 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Match Configuration Mode Commands (config-pmap-lb-generic-m) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in an inline match command, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing generic match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the inline match command, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# match MATCH_SLB1 source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-generic-m)# drop Related Commands This command has no related commands. (config-pmap-lb-generic-m) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1007 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Match Configuration Mode Commands Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing generic match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# match MATCH_SLB1 source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-generic-m)# forward Related Commands This command has no related commands. (config-pmap-lb-generic-m) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load balancing policy map. serverfarm name1 [backup name2] [aggregate-state] no serverfarm name1 [backup name2] [aggregate-state] Syntax Description ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1008 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Match Configuration Mode Commands Command Modes Policy map load balancing generic match configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# match MATCH_SLB1 source-address 192.168.11.2 255.255.255.0 host1/Admin(config-pmap-lb-generic-m)# serverfarm FARM2 backup FARM3 Related Commands This command has no related commands. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1009 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Match Configuration Mode Commands (config-pmap-lb-generic-m) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing generic match configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples To specify the set ip tos command as a QoS action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# match MATCH_SLB1 source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-generic-m)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1010 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing Generic Match Configuration Mode Commands (config-pmap-lb-generic-m) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing generic match configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance generic first-match L7SLBPOLICY host1/Admin(config-pmap-lb-generic)# match MATCH_SLB1 source-address 192.168.11.2 255.255.255.0 host1/Admin(config-pmap-lb-generic-m)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1011 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands Policy Map Load Balancing HTTP Configuration Mode Commands Policy map load balancing HTTP configuration mode commands allow you to specify an HTTP Layer 7 policy map for server load-balancing decisions. The ACE executes the specified action only against the first matching load-balancing classification. To create an HTTP Layer 7 server load balancing (SLB) policy map and access policy map load balancing HTTP configuration mode, use the policy-map type loadbalance http first-match command. When you access the policy map load balancing HTTP configuration mode, the prompt changes to (config-pmap-lb). Use the no form of this command to remove an HTTP SLB policy map from the ACE. policy-map type loadbalance [http] first-match map_name no policy-map type loadbalance [http] first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 load balancing policy map with a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. To associate the Layer 7 load-balancing policy map, you nest it by using the Layer 3 and Layer 4 (config-pmap-c) loadbalance policy command. Examples To create an HTTP SLB policy map, enter: http (Optional) Specifies an HTTP Layer 7 load-balancing policy map. HTTP is the default type of load-balancing policy map. If you enter policy-map type loadbalance first-match map_name, the ACE creates an HTTP load-balancing policy map. map_name Name assigned to the HTTP SLB policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1012 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# Related Commands show running-config (config) policy-map (config-pmap-lb) class To associate a Layer 7 server load balancing (SLB) class map with a Layer 7 SLB policy map, use the class command. The prompt changes from (config-pmap-lb) to (config-pmap-lb-c). For information about commands in this mode, see the “Policy Map Load Balancing HTTP Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Policy map load balancing HTTP configuration mode Admin and user contexts Command History name1 Name of a previously defined Layer 7 SLB class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current named class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1013 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 SLB class map with a Layer 7 SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7LOADBALNCE_CLASS Related Commands (config-pmap-lb) description (config-pmap-lb) description To provide a brief description of the HTTP server load balancing (SLB) policy map, use the description command. Use the no form of this command to remove the description from the policy map. description text no description Syntax Description Command Modes Policy map load balancing HTTP configuration mode Admin role in any user context Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform server load balancing, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host/Admin(config-pmap-lb)# description HTTP LOAD BALANCE PROTOCOL Related Commands (config-pmap-lb) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1014 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands (config-pmap-lb) match cipher To make server load-balancing (SLB) decisions based on a specific SSL cipher or cipher strength used to initiate a connection, use the match cipher command. Use the no form of this command to remove an SSL cipher content match statement from the policy map. match name cipher {equal-to cipher | less-than cipher_strength} no match name cipher {equal-to cipher | less-than cipher_strength} Syntax Description Command Modes Policy map load balancing HTTP configuration mode name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). equal-to cipher Specifies the SSL cipher. The possible values for cipher are as follows: • RSA_EXPORT1024_WITH_DES_CBC_SHA • RSA_EXPORT1024_WITH_RC4_56_MD5 • RSA_EXPORT1024_WITH_RC4_56_SHA • RSA_EXPORT_WITH_DES40_CBC_SHA • RSA_EXPORT_WITH_RC4_40_MD5 • RSA_WITH_3DES_EDE_CBC_SHA • RSA_WITH_AES_128_CBC_SHA • RSA_WITH_AES_256_CBC_SHA • RSA_WITH_DES_CBC_SHA • RSA_WITH_RC4_128_MD5 • RSA_WITH_RC4_128_SHA less-than cipher_strength Specifies a noninclusive minimum SSL cipher bit strength. For example, if you specify a cipher strength value of 128, any SSL cipher that was no greater than 128 would hit the traffic polkcy. If the SSL cipher was 128-bit or greater, the connection would miss the policy. The possible values for cipher_strength are as follows: • 128 • 168 • 256 • 562-1015 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands Admin and user contexts Command History Usage Guidelines To specify actions for multiple match statements, use a class map as described in the “Class Map HTTP Load Balancing Configuration Mode Commands” section. When you use the match cipher command, you access the policy map load balancing match configuration mode and the prompt changes to (config-pmap-lb-generic-m). For information about commands in this mode, see the “Policy Map Load Balancing Generic Match Configuration Mode Commands” section. Examples To specify that the Layer 7 SLB policy map load balances on a specific SSL cipher, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match match3 cipher equal-to RSA_WITH_RC4_128_CBC_SHA host1/Admin(config-pmap-lb-m)# Related Commands This command has no related commands. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1016 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands (config-pmap-lb) match http content To make server load-balancing (SLB) decisions based on the HTTP packet content, use the match http content command. Use the no form of this command to remove an HTTP content match statement from the policy map. match name http content expression [offset bytes] [insert-before map_name] no match name http content expression Syntax Description Command Modes Policy map load balancing HTTP configuration mode Admin and user contexts Command History Usage Guidelines To specify actions for multiple match statements, use a class map as described in the “Class Map HTTP Load Balancing Configuration Mode Commands” section. When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression Regular expression content to match. Enter a string from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching data strings. For a list of the supported characters that you can use in regular expressions, see Table 1-21. offset number (Optional) Specifies the byte at which the ACE begins parsing the packet data. Enter an integer from 1 to 255. The default is 0. insert-before map_name (Optional) Places the inline match command ahead of an existing class map or other match statement specified by the map_name argument. The ACE does not save the sequence reordering as part of the configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1017 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands The ACE can perform regular expression matching against the received packet data from a particular connection based on a regular expression string in HTTP packet data (not the header). When you use the match http content command, you access the policy map load balancing match configuration mode and the prompt changes to (config-pmap-lb-generic-m). For information about commands in this mode, see the “Policy Map Load Balancing Generic Match Configuration Mode Commands” section. Examples To specify that the Layer 7 SLB policy map load balances on a specific URL, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match match3 http content abc*123 offset 50 host1/Admin(config-pmap-lb-m)# Related Commands (config-cmap-http-lb) match http content (config-pmap-lb) match http cookie To make server load balancing (SLB) decisions based on the name and string of a cookie, use the match http cookie command. Use the no form of this command to remove an HTTP cookie match statement from the policy map. match name1 http cookie {name2 | secondary name3} cookie-value expression [insert-before map_name] no match name1 http cookie {name2 | secondary name3} cookie-value expression Syntax Description name1 Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). name2 Unique cookie name. Enter an unquoted text string with no spaces and a maximum of 63 alphanumeric characters. secondary name3 Specifies a cookie in a URL string. You can specify the delimiters for cookies in a URL string using a command in an HTTP parameter map. cookie-value expression Specifies a unique cookie value expression. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. The ACE supports regular expressions for matching string expressions. For a list of supported characters that you can use for matching string expressions, see Table 1-21. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration.2-1018 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands Command Modes Policy map load balancing HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match http cookie command, you access the policy map load balancing HTTP match configuration mode and the prompt changes from (config-pmap-lb) to (config-pmap-lb-m). For information about commands in this mode, see the “Policy Map Load Balancing HTTP Match Configuration Mode Commands” section. The ACE performs regular expression matching against the received packet data from a particular connection based on the cookie expression. You can configure a maximum of five cookie names per VIP. The ACE supports regular expressions for matching string expressions. For a list of supported characters that you can use for matching string expressions, see Table 1-21. For details on defining a list of ASCII-character delimiter strings that you can use to separate the cookies in a URL string, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that the Layer 7 SLB policy map load balances on a cookie with the name of testcookie1, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host/Admin(config-pmap-lb)# match MATCH2 http cookie testcookie1 cookie-value 123456 host1/Admin(config-pmap-lb-m)# Related Commands (config-parammap-http) set content-maxparse-length (config-parammap-http) set secondary-cookie-delimiters ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1019 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands (config-pmap-lb) match http header To make server load balancing (SLB) decisions based on the name and value of an HTTP header, use the match http header command. The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP header expression. Use the no form of this command to clear an HTTP header match criteria from the policy map. match name http header {header_name | header_field} header-value expression [insert-before map_name] no match name http header {header_name | header_field} header-value expression Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). header_name Name of the HTTP header to match (for example, www.example1.com.) The range is from 1 to 64 alphanumeric characters. Note The header_name argument cannot include the colon in the name of the HTTP header; the ACE rejects the colon as an invalid token. header_field A standard HTTP/1.1 header field. Valid selections include request-header fields, general-header fields, and the entity-header field. The supported selections are the following: • Accept—Semicolon-separated list of representation schemes (content type metainformation values) that will be accepted in the response to the request.2-1020 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands • Accept-Charset—Character sets that are acceptable for the response. This field allows clients capable of understanding more comprehensive or special-purpose character sets to signal that capability to a server that can represent documents in those character sets. • Accept-Encoding—Restricts the content encoding that a user will accept from the server. • Accept-Language—ISO code for the language in which the document is written. The language code is an ISO 3316 language code with an optional ISO639 country code to specify a national variant. • Authorization—Specifies that the user agent wants to authenticate itself with a server, usually after receiving a 401 response. • Cache-Control—Directives that must be obeyed by all caching mechanisms along the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. • Connection—Allows the sender to specify connection options. • Content-MD5—MD5 digest of the entity body that provides an end-to-end integrity check. Only a client or an origin server can generate this header field. • Expect—Used by a client to inform the server about the behaviors that the client requires. • From—Contains the e-mail address of the person that controls the requesting user agent. • Host—Internet host and port number of the resource being requested, as obtained from the original URI given by the user or referring resource. The Host field value must represent the naming authority of the origin server or gateway given by the original URL. • If-Match—Used with a method to make it conditional. A client that has one or more entities previously obtained from the resource can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field. This feature allows efficient updates of cached information with a minimum amount of transaction overhead. It is also used on updating requests to prevent inadvertent modification of the wrong version of a resource. As a special case, the value “*” matches any current entity of the resource. • Pragma—Pragma directives that are understood by servers to whom the directives are relevant. The syntax is the same as for other multiple-value fields in HTTP. For example, the Accept field is a comma-separated list of entries for which the optional parameters are separated by semicolons.2-1021 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands Command Modes Policy map load balancing HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match http header command, you access the policy map load balancing HTTP match configuration mode and the prompt changes from (config-pmap-lb) to (config-pmap-lb-m). For information about commands in this mode, see the “Policy Map Load Balancing HTTP Match Configuration Mode Commands” section. The ACE supports regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. For a list of supported characters that you can use in regular expressions, see Table 1-21. Examples To specify that the Layer 7 SLB policy map load balances on an HTTP header named Host, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match match3 http header Host header-value .*cisco.com host1/Admin(config-pmap-lb-m)# • Referer—Address (URI) of the resource from which the URI in the request was obtained. • Transfer-Encoding—Indicates what (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient. • User-Agent—Information about the user agent (for example, a software program that originates the request). This information is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents. • Via—Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests and between the origin server and the client on responses. header-value expression Specifies the header value expression string to compare against the value in the specified field in the HTTP header. The range is from 1 to 255 alphanumeric characters. For a list of supported characters that you can use in regular expressions, see Table 1-21. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1022 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands Related Commands (config-parammap-http) set header-maxparse-length2-1023 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands (config-pmap-lb) match http url To make server load balancing (SLB) decisions based on the URL name and, optionally, the HTTP method, use the match http url command. The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP URL string. Use the no form of this command to remove a URL match statement from the policy map. match name http url expression [method name] [insert-before map_name] no match name http url expression [method name] Syntax Description Command Modes Policy map load balancing HTTP configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression URL, or portion of a URL, to match. Enter a URL string from 1 to 255 alphanumeric characters. Include only the portion of the URL that follows www.hostname.domain in the match statement. For a list of supported characters that you can use in regular expressions, see Table 1-21. method name (Optional) Specifies the HTTP method to match. Enter a method name as an unquoted text string with no spaces and a maximum of 15 alphanumeric characters. The method can either be one of the standard HTTP 1.1 method names (OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, or CONNECT) or a text string that must be matched exactly (for example, PROTOPLASM). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1024 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Configuration Mode Commands Usage Guidelines When you use the match http url command, you access the policy map load balancing HTTP match configuration mode and the prompt changes from (config-pmap-lb) to (config-pmap-lb-m). For information about commands in this mode, see the “Policy Map Load Balancing HTTP Match Configuration Mode Commands” section. Include only the portion of the URL that follows www.hostname.domain in the match statement. For example, in the URL www.anydomain.com/latest/whatsnew.html, include only /latest/whatsnew.html. To match the www.anydomain.com portion, the URL string can take the form of a URL regular expression. For a list of supported characters that you can use in regular expressions, see Table 1-21. When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). Examples To specify that the Layer 7 SLB policy map load balances on a specific URL, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match match3 http url whatsnew/latest.* To use regular expressions to emulate a wildcard search to match on any .gif file, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match match3 http url .*.gif host1/Admin(config-pmap-lb-m)# Related Commands (config-parammap-http) set content-maxparse-length (config-pmap-lb) match source-address To specify a client source host IP address and subnet mask from which the ACE accepts traffic as the network traffic matching criteria, use the match source-address command. You configure the associated policy map to permit or restrict management traffic to the ACE from the specified source network or host. Use the no form of this command to clear the source IP address and subnet mask match criteria from the policy map. match name source-address ip_address mask [insert-before map_name] no match name source-address ip_address mask Syntax Description name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). 2-1025 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands Command Modes Policy map load balancing HTTP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match source-address command, you access the policy map load balancing HTTP match configuration mode and the prompt changes from (config-pmap-lb) to (config-pmap-lb-m). For information about commands in this mode, see the “Policy Map Load Balancing HTTP Match Configuration Mode Commands” section. Examples To specify that the Layer 7 SLB policy map matches on source IP address 192.168.10.1 255.255.0.0, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match match3 source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-m)# Related Commands (config-cmap-http-lb) match source-address Policy Map Load Balancing HTTP Class Configuration Mode Commands Policy map load balancing HTTP class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 server load balancing (SLB) class map. To access policy map load balancing HTTP class configuration mode, use the class command in policy map load balancing HTTP configuration mode (see the (config-pmap-lb) class command for details). The prompt changes to (config-pmap-lb-c). The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. mask Subnet mask of the client entry in dotted-decimal notation (for example, 255.255.255.0). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1026 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) action To associate an action list with an HTTP load-balancing policy map, use the action command. Use the no form of this command to remove the action list association. action name no action Syntax Description Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines You use action lists to group several ACE actions (for example, HTTP header insert, rewrite, or delete) together in a named list under a Layer 7 policy map. For information about action list commands, see the “Action List Modify Configuration Mode Commands” section. Examples To associate an action list for HTTP header rewrite, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class HTTP_CLASS host1/Admin(config-pmap-lb-c)# action HTTP_MODIFY_ACTLIST To disassociate the action list from the policy map, enter: host1/Admin(config-pmap-lb-c)# no action Related Commands This command has no related commands. name Identifier of an existing action list. Enter an unquoted text string with a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1027 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) compress To instruct the ACE to compress and encode packets that match a Layer 7 SLB policy map, use the compress command. Use the no form of this command to disable HTTP compression. compress default-method {deflate | gzip} no compress default-method {deflate | gzip} Syntax Description Command Modes Policy map load balancing class configuration mode Admin and user contexts Command History Usage Guidelines The compress command option displays only when you associate an HTTP-type class map with a policy map. When a client request specifies deflate or gzip encoding in the Accept-Encoding field, the ACE uses either deflate or gzip to compress and encode the response content to the client. If both encoding formats are specified in the Accept-Encoding field, the response from the ACE will be encoded according to the compress default-method command in the Layer 7 SLB policy map. HTTP compression is intended primarily for text-based content types. For example, the following are text-based content types: • text/html • text/plain • text/xml • text/css • application/x-javascript (ACE module only) By default, the ACE supports HTTP compression at a rate of 1 Gbps. Installing an optional license bundle allows you to increase this value to a maximum of 6 Gbps. See the Administration Guide, Cisco ACE Application Control Engine for information on ACE licensing options. deflate Specifies the deflate compression method as the method to use when the client browser supports both deflate and gzip compression methods. gzip Specifies the gzip compression method as the method to use when the client browser supports both deflate and gzip compression methods. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1028 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (ACE appliance only) By default, the ACE supports HTTP compression at a rate of 100 megabits per second (Mbps). Installing an optional HTTP compression license allows you to increase this value to a maximum of 2 Gbps. See the Administration Guide, Cisco ACE Application Control Engine for information on ACE licensing options. When you enable HTTP compression, the ACE compresses the packets using the following default compression parameter values: • Multipurpose Internet Mail Extension (MIME) type—All text formats (text/.*) • Minimum content length size—512 bytes • User agent exclusion—No user agent is excluded You can create an HTTP parameter map to modify the compression parameters that the ACE uses (see the “Parameter Map Connection Configuration Mode Commands” section). Examples To enable compression and specify gzip as the HTTP compression method when both formats are included in the Accept-Encoding client request, enter, enter: host1/Admin(config-pmap-lb-c)# compress default-method gzip Related Commands (config-parammap-http) compress2-1029 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in the class map, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the class map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# drop Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1030 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# forward Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1031 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) insert-http To specify the name and value of a generic header field that you want the ACE to insert in the HTTP header, use the insert-http command. Use the no form of this command to delete the HTTP header name and value from the policy map. insert-http name header-value expression no insert-http name header-value expression Syntax Description Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines To identify a client whose source IP address has been mapped to another IP address using NAT, you can instruct the ACE to insert a generic header and string value in the client HTTP request. (For information about NAT, see the Security Guide, Cisco ACE Application Control Engine.) For the name argument, you can specify any custom header name that you want, subject to the maximum character length. You can also enter any of the predefined header names described for the (config-pmap-lb) match http header command, regardless of whether that header name already exists in the client request header. The ACE does not overwrite any existing header information in the client request. You can enter a maximum of 255 bytes of data for the header expression. If you enter more than 255 bytes, the ACE does not insert the header name and expression in the client request. You can also specify the following special header-value expressions by using the following special parameter values: • %is—Inserts the source IP address in the HTTP header. • %id—Inserts the destination IP address in the HTTP header. • %ps—Inserts the source port in the HTTP header. name Name of the generic header field that you want the ACE to insert in the HTTP header. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. header-value expression Specifies the header-value expression string to insert in the specified field in the HTTP header. Enter a text string with a maximum of 255 alphanumeric characters. See the Server Load-Balancing Guide, Cisco ACE Application Control Engine for details. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1032 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands • %pd—Inserts the destination port in the HTTP header. For IPv6 to IPv4 and Ipv4 to IPv6 load balancing, use the X-FORWARDED-FOR header. For details, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. For Microsoft Outlook Web Access (OWA), specify the field name as HTTP_FRONT_END_HTTPS with a value of ON. If either TCP server reuse or persistence rebalance is enabled, the ACE inserts a header in every client request. Examples For example, to specify the insert-http command as an action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# insert-http Host header-value www.cisco.com Related Commands (config-parammap-http) server-conn reuse (config-parammap-http) persistence-rebalance (config-pmap-lb-c) nat dynamic To configure server farm-based dynamic NAT as an action in a Layer 7 load-balancing policy map, use the nat dynamic command. The syntax of this command is as follows: nat dynamic pool_id vlan number serverfarm {primary | backup} no nat dynamic pool_id vlan number serverfarm {primary | backup} Syntax Description Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History pool_id Identifier of the NAT pool of global IP addresses. Enter an integer from 1 to 2147483647. vlan number Specifies the server interface for the global IP address. This interface must be different from the interface that the ACE uses to filter and receive traffic that requires NAT, unless the network design operates in one-arm mode. In that case, the VLAN number is the same. serverfarm {primary | backup} Specifies that the dynamic NAT applies to either the primary server farm or the backup server farm. ACE Module Release Modification A2(1.0) This command was introduced.2-1033 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands Usage Guidelines Typically, you use dynamic NAT for SNAT. Dynamic NAT allows you to identify local traffic for address translation by specifying the source and destination addresses in an extended ACL, which is referenced as part of the class map traffic classification. The ACE applies dynamic NAT from the interface to which the traffic policy is attached (through the service-policy interface configuration command) to the interface specified in the nat dynamic command. Examples For example, to specify the nat-dynamic command as an action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# nat dynamic serverfarm primary 1 vlan 200 Related Commands show parameter-map (config-if) nat-pool (config-pmap-lb-c) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load-balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description ACE Appliance Release Modification A3(1.0) This command was introduced. name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state (Optional) This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service.2-1034 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. By default, the ACE takes into account the state of all the real servers in the backup server farm before taking the VIP out of service. If all the real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# serverfarm FARM2 backup FARM3 Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(5) The aggregate-state option was deprecated. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) The aggregate-state option was deprecated.2-1035 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples The following example specifies the set ip tos command as a QoS action in the Layer 7 load-balancing policy map. All packets that satisfy the match criteria of L7SLBCLASS are marked with the IP DSCP value of 8. How packets marked with the IP DSCP value of 8 are treated is determined by the network configuration. host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1036 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) ssl-proxy client To specify a Secure Sockets Layer (SSL) proxy service in a Layer 7 load-balancing policy map, use the ssl-proxy command. The ACE uses an SSL proxy service in a Layer 7 policy map to load balance outbound SSL initiation requests to SSL servers. In this case, the ACE acts as an SSL client that sends an encrypted request to an SSL server. Use the no form of this command to remove the SSL proxy service from the policy map. ssl-proxy client name no ssl-proxy client name Syntax Description Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines For more information about configuring SSL, see the SSL Guide, Cisco ACE Application Control Engine. Examples To associate an SSL proxy service with a Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# ssl-proxy client SSL_SERVER_PROXY_SERVICE Related Commands This command has no related commands. name Name of an existing SSL proxy service. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1037 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Class Configuration Mode Commands (config-pmap-lb-c) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing HTTP class configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# class L7SLBCLASS host1/Admin(config-pmap-lb-c)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1038 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands Policy map load balancing HTTP match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map load balancing HTTP match configuration mode, use one of the match commands in policy map load balancing HTTP configuration mode (see the “Policy Map Load Balancing HTTP Configuration Mode Commands” section for details). The prompt changes to (config-pmap-lb-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The inline match commands function the same way as the Layer 7 server load balancing (SLB) class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the HTTP SLB policy map. The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. (config-pmap-lb-m) action To associate an action list with an HTTP load-balancing policy map, use the action command. Use the no form of this command to remove the action list association. action name no action Syntax Description Command Modes Policy map load balancing HTTP match configuration mode Admin and user contexts Command History Usage Guidelines You use action lists to group several ACE actions (for example, HTTP header insert, rewrite, or delete) together in a named list under a Layer 7 policy map. For information about action list commands, see the “Action List Modify Configuration Mode Commands” section. name Identifier of an existing action list. Enter an unquoted text string with a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1039 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands Examples To associate an action list for HTTP header rewrite, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match match3 source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-m)# action HTTP_MODIFY_ACTLIST To disassociate the action list from the policy map, enter: host1/Admin(config-pmap-lb-m)# no action Related Commands This command has no related commands.2-1040 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands (config-pmap-lb-m) compress To instruct the ACE to compress and encode packets that match a Layer 7 SLB policy map, use the compress command. Use the no form of this command to disable HTTP compression. compress default-method {deflate | gzip} no compress default-method {deflate | gzip} Syntax Description Command Modes Policy map load balancing class configuration mode Admin and user contexts Command History Usage Guidelines The compress command option displays only when you associate an HTTP-type class map with a policy map. When a client request specifies deflate or gzip encoding in the Accept-Encoding field, the ACE uses either deflate or gzip to compress and encode the response content to the client. If both encoding formats are specified in the Accept-Encoding field, the response from the ACE will be encoded according to the compress default-method command in the Layer 7 SLB policy map. HTTP compression is intended primarily for text-based content types. For example, the following are text-based content types: • text/html • text/plain • text/xml • text/css • application/x-javascript By default, the ACE supports HTTP compression at rates of 100 megabits per second (Mbps). Installing an optional HTTP compression license allows you to increase this value to a maximum of 2 Gbps. See the Administration Guide, Cisco ACE Application Control Engine for information on ACE licensing options. deflate Specifies the deflate compression method as the method to use when the client browser supports both deflate and gzip compression methods. gzip Specifies the gzip compression method as the method to use when the client browser supports both deflate and gzip compression methods. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1041 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands When you enable HTTP compression, the ACE compresses the packets using the following default compression parameter values: • Multipurpose Internet Mail Extension (MIME) type—All text formats (text/.*) • Minimum content length size—512 bytes • User agent exclusion—No user agent is excluded You can create an HTTP parameter map to modify the compression parameters that the ACE uses (see the “Parameter Map Connection Configuration Mode Commands” section). Examples To enable compression and specify gzip as the HTTP compression method when both formats are included in the Accept-Encoding client request, enter, enter: host1/Admin(config-pmap-lb-c)# compress default-method gzip Related Commands (config-parammap-http) compress (config-pmap-lb-m) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in an inline match command, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing HTTP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1042 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands Examples To instruct the ACE to discard packets that match the load-balancing criteria in the inline match command, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match MATCH_SLB1 http header Host header-value .*cisco.com host1/Admin(config-pmap-lb-m)# drop Related Commands This command has no related commands.2-1043 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands (config-pmap-lb-m) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing HTTP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match MATCH_SLB1 http header Host header-value .*cisco.com host1/Admin(config-pmap-lb-m)# forward Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1044 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands (config-pmap-lb-m) insert-http To specify the name and value of a generic header field that you want the ACE to insert in the HTTP header, use the insert-http command. Use the no form of this command to delete the HTTP header name and value from the policy map. insert-http name header-value expression no insert-http name header-value expression Syntax Description Command Modes Policy map load balancing HTTP match configuration mode Admin and user contexts Command History Usage Guidelines To identify a client whose source IP address has been mapped to another IP address using NAT, you can instruct the ACE to insert a generic header and string value in the client HTTP request. (For information about NAT, see the Security Guide, Cisco ACE Application Control Engine.) For the name argument, you can specify any custom header name that you want, subject to the maximum character length. You can also enter any of the predefined header names described for the (config-pmap-lb) match http header command, regardless of whether that header name already exists in the client request header. The ACE does not overwrite any existing header information in the client request. You can enter a maximum of 255 bytes of data for the header expression. If you enter more than 255 bytes, the ACE does not insert the header name and expression in the client request. You can also specify the following special header-value expressions by using the following special parameter values: • %is—Inserts the source IP address in the HTTP header. • %id—Inserts the destination IP address in the HTTP header. • %ps—Inserts the source port in the HTTP header. name Name of the generic header field that you want the ACE to insert in the HTTP header. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. header-value expression Specifies the header-value expression string to insert in the specified field in the HTTP header. Enter a text string with a maximum of 255 alphanumeric characters. See the Server Load-Balancing Guide, Cisco ACE Application Control Engine for details. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1045 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands • %pd—Inserts the destination port in the HTTP header. For Microsoft Outlook Web Access (OWA), specify the field name as HTTP_FRONT_END_HTTPS with a value of ON. If either TCP server reuse or persistence rebalance is enabled, the ACE inserts a header in every client request. Examples For example, to specify the insert-http command as an action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match MATCH_SLB1 http header Host header-value .*test.com host1/Admin(config-pmap-lb-m)# insert-http Host header-value .*cisco.com The header name and value will appear in the HTTP header as follows: Host: www.cisco.com Related Commands (config-parammap-http) server-conn reuse (config-parammap-http) persistence-rebalance (config-pmap-lb-m) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description Command Modes Policy map load balancing HTTP match configuration mode name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service.2-1046 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match MATCH_SLB1 source-address 192.168.11.2 255.255.255.0 host1/Admin(config-pmap-lb-m)# serverfarm FARM2 backup FARM3 Related Commands This command has no related commands. (config-pmap-lb-m) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing HTTP match configuration mode Admin and user contexts ACE Module Release Modification 3.0(0)A1(2) This command was introduced. 3.0(0)A1(5) The aggregate-state option was deprecated. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) The aggregate-state option was deprecated. value IP DSCP value. Enter an integer from 0 to 255. The default is 0.2-1047 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples To specify the set ip tos command as a QoS action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match MATCH_SLB1 http header Via header-value 192.* host1/Admin(config-pmap-lb-m)# set ip tos 8 Related Commands This command has no related commands. (config-pmap-lb-m) ssl-proxy client To specify a Secure Sockets Layer (SSL) proxy service in a Layer 7 load-balancing policy map, use the ssl-proxy client command. The ACE uses an SSL proxy service in a Layer 7 policy map to load balance outbound SSL initiation requests to SSL servers. In this case, the ACE acts as an SSL client that sends an encrypted request to an SSL server. Use the no form of this command to remove the SSL proxy service from the policy map. ssl-proxy client name no ssl-proxy client name Syntax Description Command Modes Policy map load balancing HTTP match configuration mode Admin and user contexts Command History ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. name Name of an existing SSL proxy service. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1048 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing HTTP Match Configuration Mode Commands Usage Guidelines For more information about configuring SSL, see the SSL Guide, Cisco ACE Application Control Engine. Examples To associate an SSL proxy service with a Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match MATCH_SLB1 http header Host header-value .*cisco.com host1/Admin(config-pmap-lb-m)# ssl-proxy client SSL_SERVER_PROXY_SERVICE Related Commands This command has no related commands. (config-pmap-lb-m) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing HTTP match configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance http first-match L7SLBPOLICY host1/Admin(config-pmap-lb)# match MATCH_SLB1 source-address 192.168.11.2 255.255.255.0 name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1049 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Configuration Mode Commands host1/Admin(config-pmap-lb-m)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. Policy Map Load Balancing RADIUS Configuration Mode Commands Policy map load balancing RADIUS configuration mode commands allow you to specify a RADIUS Layer 7 policy map for server load-balancing decisions. The ACE executes the specified action only against the first matching load-balancing classification. To create a RADIUS Layer 7 server load balancing (SLB) policy map and access policy map load balancing RADIUS configuration mode, use the policy-map type loadbalance radius first-match command. When you access the policy map load balancing RADIUS configuration mode, the prompt changes to (config-pmap-lb-radius). Use the no form of this command to remove a RADIUS Layer 7 SLB policy map from the ACE. policy-map type loadbalance radius first-match map_name no policy-map type loadbalance radius first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 load balancing policy map with a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. map_name Name assigned to the RADIUS SLB policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1050 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Configuration Mode Commands To associate the Layer 7 load-balancing policy map, you nest it by using the Layer 3 and Layer 4 (config-pmap-c) loadbalance policy command. Examples To create a RADIUS SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance radius first-match L7SLBPOLICY host1/Admin(config-pmap-lb-radius)# Related Commands show running-config (config) policy-map2-1051 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Configuration Mode Commands (config-pmap-lb-radius) class To associate a Layer 7 server load balancing (SLB) class map with a Layer 7 SLB policy map, use the class command. The prompt changes from (config-pmap-lb-radius) to (config-pmap-lb-radius-c). For information about commands in this mode, see the “Policy Map Load Balancing RADIUS Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Policy map load balancing RADIUS configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 SLB class map with a Layer 7 SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance radius first-match L7SLBPOLICY host1/Admin(config-pmap-lb-radius)# class L7LOADBALNCE_CLASS host1/Admin(config-pmap-lb-radius-c)# name1 Name of a previously defined Layer 7 SLB class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current named class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1052 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Configuration Mode Commands Related Commands (config-pmap-lb-radius) description2-1053 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Configuration Mode Commands (config-pmap-lb-radius) description To provide a brief description of the RADIUS server load balancing (SLB) policy map, use the description command. Use the no form of this command to remove the description from the policy map. description text no description Syntax Description Command Modes Policy map load balancing RADIUS configuration mode Admin role in any user context Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform server load balancing, enter: host/Admin(config-pmap-lb-radius)# description RADIUS_LOAD_BALANCE_PROTOCOL Related Commands (config-pmap-lb-radius) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1054 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Configuration Mode Commands (config-pmap-lb-radius) match radius attribute To make server load balancing (SLB) decisions based on the calling-station-ID or username RADIUS attribute, use the match radius attribute command. Use the no form of this command to remove the RADIUS attribute match statement from the policy map. match name radius attribute {calling-station-id | username} expression [insert-before map_name] no match name radius attribute {calling-station-id | username} expression [insert-before map_name] Syntax Description Command Modes Policy map load balancing RADIUS configuration mode Admin and user contexts Command History Usage Guidelines To specify actions for multiple match statements, use a class map as described in the “Class Map RADIUS Load Balancing Configuration Mode Commands” section. When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). calling-station-id Specifies the unique identifier of the calling station. username Specifies the name of the RADIUS user who initiated the connection. expression Calling station ID or username to match. Enter a string from 1 to 64 alphanumeric characters. The ACE supports the use of regular expressions for matching strings. For a list of the supported characters that you can use in regular expressions, see Table 1-21. insert-before map_name (Optional) Places the inline match command ahead of an existing class map or other match statement specified by the map_name argument. The ACE does not save the sequence reordering as part of the configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1055 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Class Configuration Mode Commands When you use the match radius attribute command, you access the policy map load balancing RADIUS match configuration mode and the prompt changes to (config-pmap-lb-radius-m). For information about commands in this mode, see the “Policy Map Load Balancing RADIUS Match Configuration Mode Commands” section. Examples To configure RADIUS match criteria for a RADIUS policy map based on the calling station ID attribute, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RADIUS_POLICY host1/Admin(config-pmap-lb-radius)# match CALL_ID radius attribute calling-station-id 122* host1/Admin(config-pmap-lb-radius-m)# To remove the RADIUS attribute match statement from the RADIUS policy map, enter: host1/Admin(config-pmap-lb-radius)# no match CALL_ID radius attribute calling-station-id 122* Related Commands (config-cmap-radius-lb) match radius attribute Policy Map Load Balancing RADIUS Class Configuration Mode Commands Policy map load balancing RADIUS class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 server load balancing (SLB) class map. To access policy map load balancing RADIUS class configuration mode, use the class command in policy map load balancing RADIUS configuration mode (see the (config-pmap-lb-radius) class command for details). The prompt changes to (config-pmap-lb-radius-c). The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-1056 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Class Configuration Mode Commands (config-pmap-lb-radius-c) drop To instruct the ACE to discard packets that match a particular load-balancing criterion in the class map, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RADIUS class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the class map, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RAD_POLICY host1/Admin(config-pmap-lb-radius)# class RAD_CLASS host1/Admin(config-pmap-lb-radius-c)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1057 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Class Configuration Mode Commands (config-pmap-lb-radius-c) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RADIUS class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RAD_POLICY host1/Admin(config-pmap-lb-radius)# class RAD_CLASS host1/Admin(config-pmap-lb-radius-c)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1058 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Class Configuration Mode Commands (config-pmap-lb-radius-c) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load-balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description Command Modes Policy map load balancing RADIUS class configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RAD_POLICY host1/Admin(config-pmap-lb-radius)# class RAD_CLASS host1/Admin(config-pmap-lb-radius-c)# serverfarm FARM2 backup FARM3 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1059 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Class Configuration Mode Commands Related Commands This command has no related commands. (config-pmap-lb-radius-c) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing RADIUS class configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples The following example specifies the set ip tos command as a QoS action in the Layer 7 load-balancing policy map. All packets that satisfy the match criteria of the class map RAD_CLASS are marked with the IP DSCP value of 8. How packets marked with the IP DSCP value of 8 are treated is determined by the network configuration. host1/Admin(config)# policy-map type loadbalance radius first-match RAD_POLICY host1/Admin(config-pmap-lb-radius)# class RAD_CLASS host1/Admin(config-pmap-lb-radius-c)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1060 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Match Configuration Mode Commands (config-pmap-lb-radius-c) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing RADIUS class configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a RADIUS Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RAD_POLICY host1/Admin(config-pmap-lb-radius)# class RAD_CLASS host1/Admin(config-pmap-lb-radius-c)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. Policy Map Load Balancing RADIUS Match Configuration Mode Commands Policy map load balancing RADIUS match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map load balancing RADIUS match configuration mode, use one of the match commands name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1061 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Match Configuration Mode Commands in policy map load balancing RADIUS configuration mode (see the “Policy Map Load Balancing RADIUS Configuration Mode Commands” section for details). The prompt changes to (config-pmap-lb-radius-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The inline match commands function the same way as the Layer 7 server load balancing (SLB) class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the RADIUS SLB policy map. The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-1062 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Match Configuration Mode Commands (config-pmap-lb-radius-m) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in an inline match command, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RADIUS match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the inline match command, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RADIUS_POLICY host1/Admin(config-pmap-lb-radius)# match CALL_ID radius attribute calling-station-id 122* host1/Admin(config-pmap-lb-radius-m)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1063 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Match Configuration Mode Commands (config-pmap-lb-radius-m) forward To instruct the ACE to forward requests that match a particular load-balancing criteria in an inline match command without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RADIUS match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RADIUS_POLICY host1/Admin(config-pmap-lb-radius)# match CALL_ID radius attribute calling-station-id 122* host1/Admin(config-pmap-lb-radius-m)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1064 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Match Configuration Mode Commands (config-pmap-lb-radius-m) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description Command Modes Policy map load balancing RADIUS match configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the RADIUS load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RADIUS_POLICY host1/Admin(config-pmap-lb-radius)# match CALL_ID radius attribute calling-station-id 122* host1/Admin(config-pmap-lb-radius-m)# serverfarm FARM2 backup FARM3 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1065 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RADIUS Match Configuration Mode Commands Related Commands This command has no related commands. (config-pmap-lb-radius-m) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing RADIUS match configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples To specify the set ip tos command as a QoS action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RADIUS_POLICY host1/Admin(config-pmap-lb-radius)# match CALL_ID radius attribute calling-station-id 122* host1/Admin(config-pmap-lb-radius-m)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1066 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Configuration Mode Commands (config-pmap-lb-radius-m) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing RADIUS match configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a RADIUS policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance radius first-match RADIUS_POLICY host1/Admin(config-pmap-lb-radius)# match CALL_ID radius attribute calling-station-id 122* host1/Admin(config-pmap-lb-radius-m)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. Policy Map Load Balancing RDP Configuration Mode Commands Policy map load balancing Reliable Datagram Protocol (RDP) configuration mode commands allow you to specify an RDP Layer 7 policy map for server load-balancing decisions. The ACE executes the specified action only against the first matching load-balancing classification. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1067 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Configuration Mode Commands To create an RDP Layer 7 server load balancing (SLB) policy map and access policy map load balancing RDP configuration mode, use the policy-map type loadbalance rdp first-match command. When you access the policy map load balancing RDP configuration mode, the prompt changes to (config-pmap-lb-rdp). Use the no form of this command to remove an RDP Layer 7 SLB policy map from the ACE. policy-map type loadbalance rdp first-match map_name no policy-map type loadbalance rdp first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 load balancing policy map with a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. To associate the Layer 7 load-balancing policy map, you nest it by using the Layer 3 and Layer 4 (config-pmap-c) loadbalance policy command. Examples To create an RDP SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance rdp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rdp)# Related Commands show running-config (config) policy-map map_name Name assigned to the RDP SLB policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1068 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Configuration Mode Commands (config-pmap-lb-rdp) class To associate a Layer 7 server load balancing (SLB) class map with a Layer 7 SLB policy map, use the class command. The prompt changes from (config-pmap-lb-rdp) to (config-pmap-lb-rdp-c). For information about commands in this mode, see the “Policy Map Load Balancing RDP Class Configuration Mode Commands” section. Use the no form of this command to remove the associated class map from a policy map. class class-default no class class-default Syntax Description Command Modes Policy map load balancing RDP configuration mode Admin and user contexts Command History Usage Guidelines For RDP load-balancing policy maps, you can only assign the class-default class map. Examples To associate the Layer 7 class-default class map with the RDP SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance rdp first-match RDP_POLICY host/Admin(config-pmap-lb-rdp)# class class-default host/Admin(config-pmap-lb-rdp-c)# Related Commands (config-pmap-lb-rdp) description class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class map. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1069 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Class Configuration Mode Commands (config-pmap-lb-rdp) description To provide a brief description of the RDP server load balancing (SLB) policy map, use the description command. Use the no form of this command to remove the description from the policy map. description text no description Syntax Description Command Modes Policy map load balancing RDP configuration mode Admin role in any user context Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform server load balancing, enter: host/Admin(config-pmap-lb-rdp)# description RDP_LOAD_BALANCE_PROTOCOL Related Commands (config-pmap-lb-rdp) class Policy Map Load Balancing RDP Class Configuration Mode Commands Policy map load balancing RDP class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 server load balancing (SLB) class map. To access policy map load balancing RDP class configuration mode, use the class command in policy map load balancing RDP configuration mode (see the (config-pmap-lb-rdp) class command for details). The prompt changes to (config-pmap-lb-rdp-c). text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1070 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Class Configuration Mode Commands The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-1071 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Class Configuration Mode Commands (config-pmap-lb-rdp-c) drop To instruct the ACE to discard packets that match a particular load-balancing criterion in the class map, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RDP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the class map, enter: host1/Admin(config)# policy-map type loadbalance rdp first-match RDP_POLICY host1/Admin(config-pmap-lb-rdp)# class class-default host1/Admin(config-pmap-lb-rdp-c)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1072 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Class Configuration Mode Commands (config-pmap-lb-rdp-c) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RDP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance rdp first-match RDP_POLICY host1/Admin(config-pmap-lb-rdp)# class class-default host1/Admin(config-pmap-lb-rdp-c)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1073 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Class Configuration Mode Commands (config-pmap-lb-rdp-c) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load-balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description Command Modes Policy map load balancing RDP class configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance rdp first-match RDP_POLICY host1/Admin(config-pmap-lb-rdp)# class class-default host1/Admin(config-pmap-lb-rdp-c)# serverfarm FARM2 backup FARM3 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1074 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Class Configuration Mode Commands Related Commands This command has no related commands. (config-pmap-lb-rdp-c) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing RDP class configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples The following example specifies the set ip tos command as a QoS action in the Layer 7 load-balancing policy map. All packets that satisfy the match criteria of the class-default class map are marked with the IP DSCP value of 8. How packets marked with the IP DSCP value of 8 are treated is determined by the network configuration. host1/Admin(config)# policy-map type loadbalance rdp first-match RDP_POLICY host1/Admin(config-pmap-lb-rdp)# class class-default host1/Admin(config-pmap-lb-rdp-c)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1075 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RDP Class Configuration Mode Commands (config-pmap-lb-rdp-c) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing RDP class configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match an RDP Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance rdp first-match RDP_POLICY host1/Admin(config-pmap-lb-rdp)# class class-default host1/Admin(config-pmap-lb-rdp-c)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1076 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands Policy Map Load Balancing RTSP Configuration Mode Commands Policy map load balancing RTSP configuration mode commands allow you to specify a Real-Time Streaming Protocol (RTSP) Layer 7 policy map for server load-balancing decisions. The ACE executes the specified action only against the first matching load-balancing classification. To create an RTSP Layer 7 server load balancing (SLB) policy map and access policy map load balancing RTSP configuration mode, use the policy-map type loadbalance rtsp first-match command. When you access the policy map load balancing RTSP configuration mode, the prompt changes to (config-pmap-lb-rtsp). Use the no form of this command to remove an RTSP SLB policy map from the ACE. policy-map type loadbalance rtsp first-match map_name no policy-map type loadbalance rtsp first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 load balancing policy map with a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. To associate the Layer 7 load-balancing policy map, you nest it by using the Layer 3 and Layer 4 (config-pmap-c) loadbalance policy command. Examples To create an RTSP SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# map_name Name assigned to the RTSP SLB policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1077 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands Related Commands show running-config (config) policy-map2-1078 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands (config-pmap-lb-rtsp) class To associate a Layer 7 server load balancing (SLB) class map with a Layer 7 SLB policy map, use the class command. The prompt changes from (config-pmap-lb-rtsp) to (config-pmap-lb-rtsp-c). For information about commands in this mode, see the “Policy Map Load Balancing RTSP Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Policy map load balancing RTSP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 SLB class map with a Layer 7 SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# class L7LOADBALNCE_CLASS host1/Admin(config-pmap-lb-rtsp-c)# name1 Name of a previously defined Layer 7 SLB class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current named class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1079 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands Related Commands (config-pmap-lb-rtsp) description (config-pmap-lb-rtsp) description To provide a brief description of the RTSP server load balancing (SLB) policy map, use the description command. Use the no form of this command to remove the description from the policy map. description text no description Syntax Description Command Modes Policy map load balancing RTSP configuration mode Admin role in any user context Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform server load balancing, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host/Admin(config-pmap-lb-rtsp)# description RTSP_LOAD_BALANCE_PROTOCOL Related Commands (config-pmap-lb-rtsp) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1080 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands (config-pmap-lb-rtsp) match rtsp header To make server load balancing (SLB) decisions based on the name and value of an RTSP header, use the match rtsp header command. The ACE performs regular expression matching against the received packet data from a particular connection based on the RTSP header expression. Use the no form of this command to clear an RTSP header match criteria from the policy map. match name rtsp header header_name header-value expression [insert-before map_name] no match name rtsp header header_name header-value expression Syntax Description Command Modes Policy map load balancing RTSP configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). header_name Name of the field in the RTSP header. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks (“ ”). You can enter any header field name, including a standard RTSP header field name or any user-defined header field name. Because RTSP is similar in syntax and operation to HTTP/1.1, you can use any HTTP header listed in Table 1-10 if the RTSP server supports it. For a complete list of RTSP headers, see RFC 2326. header-value expression Specifies the expression string to compare against the value in the specified field in the RTSP header. Enter a text string with a maximum of 255 alphanumeric characters. The ACE supports the use of regular expressions for header matching. Header expressions allow spaces if the entire string that contains spaces is quoted. For a list of the supported characters that you can use in regular expressions, see Table 1-21. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1081 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands Usage Guidelines When you use the match rtsp header command, you access the policy map load balancing RTSP match configuration mode and the prompt changes from (config-pmap-lb-rtsp) to (config-pmap-lb-rtsp-m). For information about commands in this mode, see the “Policy Map Load Balancing RTSP Match Configuration Mode Commands” section. The ACE supports regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. For a list of supported characters that you can use in regular expressions, see Table 1-21. Examples To specify that the Layer 7 SLB policy map load balances on an RTSP header named Host, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match match3 rtsp header Host header-value .*cisco.com host1/Admin(config-pmap-lb-rtsp-m)# Related Commands (config-parammap-rtsp) set header-maxparse-length2-1082 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands (config-pmap-lb-rtsp) match rtsp source-address To specify a client source host IP address and subnet mask from which the ACE accepts traffic as the network traffic matching criteria, use the match rtsp source-address command. You configure the associated policy map to permit or restrict management traffic to the ACE from the specified source network or host. Use the no form of this command to clear the source IP address and subnet mask match criteria from the policy map. match name rtsp source-address ip_address mask [insert-before map_name] no match name rtsp source-address ip_address mask Syntax Description Command Modes Policy map load balancing RTSP configuration mode Admin and user contexts Command History Usage Guidelines When you use the match rtsp source-address command, you access the policy map load balancing RTSP match configuration mode and the prompt changes from (config-pmap-lb-rtsp) to (config-pmap-lb-rtsp-m). For information about commands in this mode, see the “Policy Map Load Balancing RTSP Match Configuration Mode Commands” section. name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). mask Subnet mask of the client entry in dotted-decimal notation (for example, 255.255.255.0). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1083 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Configuration Mode Commands Examples To specify that the Layer 7 SLB policy map matches on source IP address 192.168.10.1 255.255.0.0, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match match3 rtsp source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-rtsp-m)# Related Commands (config-cmap-rtsp-lb) match source-address (config-pmap-lb-rtsp) match rtsp url To make server load balancing (SLB) decisions based on the URL name and, optionally, the RTSP method, use the match rtsp url command. The ACE performs regular expression matching against the received packet data from a particular connection based on the RTSP URL string. Use the no form of this command to remove a URL match statement from the policy map. match name rtsp url expression [method name] [insert-before map_name] no match name rtsp url expression [method name] Syntax Description Command Modes Policy map load balancing RTSP configuration mode Admin and user contexts name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression URL, or portion of a URL, to match. Enter a URL string from 1 to 255 alphanumeric characters. The ACE supports the use of regular expressions for matching URL strings. For a list of supported characters that you can use in regular expressions, see Table 1-21. method name (Optional) Specifies the RTSP method to match. Enter a method name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. The method can either be one of the standard RTSP method names (OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, or CONNECT) or it can be a text string that must be matched exactly (for example, STINGRAY). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration.2-1084 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Class Configuration Mode Commands Command History Usage Guidelines When you use the match rtsp url command, you access the policy map load balancing RTSP match configuration mode and the prompt changes from (config-pmap-lb-rtsp) to (config-pmap-lb-rtsp-m). For information about commands in this mode, see the “Policy Map Load Balancing RTSP Match Configuration Mode Commands” section. When matching data strings, note that the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). Examples To specify that the Layer 7 SLB policy map load balances on a specific URL, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match match3 rtsp url whatsnew/latest.* host1/Admin(config-pmap-lb-rtsp-m)# To use regular expressions to emulate a wildcard search to match on any .gif file, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match match3 rtsp url .*.gif Related Commands (config-cmap-rtsp-lb) match rtsp url Policy Map Load Balancing RTSP Class Configuration Mode Commands Policy map load balancing RTSP class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 server load balancing (SLB) class map. To access policy map load balancing RTSP class configuration mode, use the class command in policy map load balancing RTSP configuration mode (see the (config-pmap-lb-rtsp) class command for details). The prompt changes to (config-pmap-lb-rtsp-c). The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1085 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Class Configuration Mode Commands (config-pmap-lb-rtsp-c) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in the class map, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RTSP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the class map, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# class L7SLBCLASS host1/Admin(config-pmap-lb-rtsp-c)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1086 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Class Configuration Mode Commands (config-pmap-lb-rtsp-c) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RTSP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# class L7SLBCLASS host1/Admin(config-pmap-lb-rtsp-c)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1087 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Class Configuration Mode Commands (config-pmap-lb-rtsp-c) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load-balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description Command Modes Policy map load balancing RTSP class configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# class L7SLBCLASS host1/Admin(config-pmap-lb-rtsp-c)# serverfarm FARM2 backup FARM3 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1088 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Class Configuration Mode Commands Related Commands This command has no related commands. (config-pmap-lb-rtsp-c) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing RTSP class configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples The following example specifies the set ip tos command as a QoS action in the Layer 7 load-balancing policy map. All packets that satisfy the match criteria of L7SLBCLASS are marked with the IP DSCP value of 8. How packets marked with the IP DSCP value of 8 are treated is determined by the network configuration. host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# class L7SLBCLASS host1/Admin(config-pmap-lb-rtsp-c)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1089 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Class Configuration Mode Commands (config-pmap-lb-rtsp-c) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing RTSP class configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# class L7SLBCLASS host1/Admin(config-pmap-lb-rtsp-c)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1090 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Match Configuration Mode Commands Policy Map Load Balancing RTSP Match Configuration Mode Commands Policy map load balancing RTSP match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map load balancing RTSP match configuration mode, use one of the match commands in policy map load balancing RTSP configuration mode (see the “Policy Map Load Balancing RTSP Configuration Mode Commands” section for details). The prompt changes to (config-pmap-lb-rtsp-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The inline match commands function the same way as the Layer 7 server load balancing (SLB) class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the RTSP SLB policy map. The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-1091 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Match Configuration Mode Commands (config-pmap-lb-rtsp-m) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in an inline match command, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RTSP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the inline match command, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match MATCH_SLB1 rtsp header Host header-value .*cisco.com host1/Admin(config-pmap-lb-rtsp-m)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1092 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Match Configuration Mode Commands (config-pmap-lb-rtsp-m) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing RTSP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match the criteria in the inline match command without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match MATCH_SLB1 rtsp header Host header-value .*cisco.com host1/Admin(config-pmap-lb-rtsp-m)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1093 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Match Configuration Mode Commands (config-pmap-lb-rtsp-m) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load balancing policy map. serverfarm name1 [backup name2] [aggregate-state] no serverfarm name1 [backup name2] [aggregate-state] Syntax Description Command Modes Policy map load balancing RTSP match configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match MATCH_SLB1 rtsp source-address 192.168.11.2 255.255.255.0 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1094 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing RTSP Match Configuration Mode Commands host1/Admin(config-pmap-lb-rtsp-m)# serverfarm FARM2 backup FARM3 Related Commands This command has no related commands. (config-pmap-lb-rtsp-m) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing RTSP match configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples To specify the set ip tos command as a QoS action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match MATCH_SLB1 rtsp header Via header-value 192.* host1/Admin(config-pmap-lb-rtsp-m)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1095 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Configuration Mode Commands (config-pmap-lb-rtsp-m) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing RTSP match configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance rtsp first-match L7SLBPOLICY host1/Admin(config-pmap-lb-rtsp)# match MATCH_SLB1 rtsp source-address 192.168.11.2 255.255.255.0 host1/Admin(config-pmap-lb-rtsp-m)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. Policy Map Load Balancing SIP Configuration Mode Commands Policy map load balancing SIP configuration mode commands allow you to specify a SIP Layer 7 policy map for server load-balancing decisions. The ACE executes the specified action only against the first matching load-balancing classification. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1096 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Configuration Mode Commands To create a SIP Layer 7 server load balancing (SLB) policy map and access policy map load balancing SIP configuration mode, use the policy-map type loadbalance sip first-match command. When you access the policy map load balancing SIP configuration mode, the prompt changes to (config-pmap-lb-sip). Use the no form of this command to remove a SIP SLB policy map from the ACE. policy-map type loadbalance sip first-match map_name no policy-map type loadbalance sip first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You associate the Layer 7 load balancing policy map with a Layer 3 and Layer 4 policy map to provide an entry point for the traffic classification. Layer 7 policy maps are considered to be child policies. Only a Layer 3 and Layer 4 policy map can be activated on a VLAN interface. A Layer 7 policy map cannot be directly applied on a VLAN (or any) interface. To associate the Layer 7 load-balancing policy map, you nest it by using the Layer 3 and Layer 4 (config-pmap-c) loadbalance policy command. Examples To create a SIP SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# Related Commands show running-config (config) policy-map map_name Name assigned to the SIP SLB policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1097 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Configuration Mode Commands (config-pmap-lb-sip) class To associate a Layer 7 server load balancing (SLB) class map with a Layer 7 SLB policy map, use the class command. The prompt changes from (config-pmap-lb-sip) to (config-pmap-lb-sip-c). For information about commands in this mode, see the “Policy Map Load Balancing SIP Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Policy map load balancing SIP configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate a Layer 7 SLB class map with a Layer 7 SLB policy map, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# class L7LOADBALNCE_CLASS host1/Admin(config-pmap-lb-sip-c)# name1 Name of a previously defined Layer 7 SLB class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current named class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1098 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Configuration Mode Commands Related Commands (config-pmap-lb-sip) description2-1099 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Configuration Mode Commands (config-pmap-lb-sip) description To provide a brief description of the SIP server load balancing (SLB) policy map, use the description command. Use the no form of this command to remove the description from the policy map. description text no description Syntax Description Command Modes Policy map load balancing SIP configuration mode Admin role in any user context Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform server load balancing, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host/Admin(config-pmap-lb-sip)# description SIP_LOAD_BALANCE_PROTOCOL Related Commands (config-pmap-lb-sip) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1100 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Configuration Mode Commands (config-pmap-lb-sip) match sip header To make server load balancing (SLB) decisions based on the name and value of a SIP header, use the match sip header command. The ACE performs regular expression matching against the received packet data from a particular connection based on the SIP header expression. Use the no form of this command to clear a SIP header match criteria from the policy map. match name sip header header_name header-value expression [insert-before map_name] no match name sip header header_name header-value expression Syntax Description Command Modes Policy map load balancing SIP configuration mode Admin and user contexts Command History name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). header_name Name of the field in the SIP header. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. You can enter a text string if you enclose the entire string in quotation marks (“ ”). You can enter any header field name, including a standard SIP header field name or any user-defined header field name. For a list of standard SIP header field names, see Table 1-11. Because SIP is similar in syntax and operation to HTTP/1.1, you can use any HTTP header listed in Table 1-10 if the SIP server supports it. For a complete list of SIP headers, see RFC 3261. header-value expression Specifies the expression string to compare against the value in the specified field in the SIP header. Enter a text string with a maximum of 255 alphanumeric characters. The ACE supports the use of regular expressions for header matching. Header expressions allow spaces if the entire string that contains spaces is quoted. For a list of the supported characters that you can use in regular expressions, see Table 1-21. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1101 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Configuration Mode Commands Usage Guidelines When you use the match sip header command, you access the policy map load balancing SIP match configuration mode and the prompt changes from (config-pmap-lb-sip) to (config-pmap-lb-sip-m). For information about commands in this mode, see the “Policy Map Load Balancing SIP Match Configuration Mode Commands” section. The ACE supports regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces if the spaces are escaped or quoted. For a list of supported characters that you can use in regular expressions, see Table 1-21. Examples To specify that the Layer 7 SLB policy map load balances on the standard SIP header Via, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# match SIP_MATCH sip header Via header-value 192.* host1/Admin(config-pmap-lb-sip-m)# Related Commands (config-cmap-sip-lb) match sip header (config-pmap-lb-sip) match source-address To specify a client source host IP address and subnet mask from which the ACE accepts traffic as the network traffic matching criteria, use the match source-address command. You configure the associated policy map to permit or restrict management traffic to the ACE from the specified source network or host. Use the no form of this command to clear the source IP address and subnet mask match criteria from the policy map. match name source-address ip_address mask [insert-before map_name] no match name source-address ip_address mask Syntax Description Command Modes Policy map load balancing SIP configuration mode Admin and user contexts name Name of the inline match condition. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). ip_address Source IP address of the client. Enter the IP address in dotted-decimal notation (for example, 192.168.11.1). mask Subnet mask of the client entry in dotted-decimal notation (for example, 255.255.255.0). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration.2-1102 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Class Configuration Mode Commands Command History Usage Guidelines When you use the match source-address command, you access the policy map load balancing SIP match configuration mode and the prompt changes from (config-pmap-lb-sip) to (config-pmap-lb-sip-m). For information about commands in this mode, see the “Policy Map Load Balancing SIP Match Configuration Mode Commands” section. Examples To specify that the Layer 7 SLB policy map matches on source IP address 192.168.10.1 255.255.0.0, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# match match3 source-address 192.168.10.1 255.255.0.0 host1/Admin(config-pmap-lb-sip-m)# Related Commands (config-cmap-sip-lb) match source-address Policy Map Load Balancing SIP Class Configuration Mode Commands Policy map load balancing SIP class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 7 server load balancing (SLB) class map. To access policy map load balancing SIP class configuration mode, use the class command in policy map load balancing SIP configuration mode (see the (config-pmap-lb-sip) class command for details). The prompt changes to (config-pmap-lb-sip-c). The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1103 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Class Configuration Mode Commands (config-pmap-lb-sip-c) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in the class map, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing SIP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the class map, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# class L7SLBCLASS host1/Admin(config-pmap-lb-sip-c)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1104 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Class Configuration Mode Commands (config-pmap-lb-sip-c) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing SIP class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# class L7SLBCLASS host1/Admin(config-pmap-lb-sip-c)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1105 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Class Configuration Mode Commands (config-pmap-lb-sip-c) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load-balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description Command Modes Policy map load balancing SIP class configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# class L7SLBCLASS host1/Admin(config-pmap-lb-sip-c)# serverfarm FARM2 backup FARM3 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1106 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Class Configuration Mode Commands Related Commands This command has no related commands. (config-pmap-lb-sip-c) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing SIP class configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples The following example specifies the set ip tos command as a QoS action in the Layer 7 load-balancing policy map. All packets that satisfy the match criteria of L7SLBCLASS are marked with the IP DSCP value of 8. How packets marked with the IP DSCP value of 8 are treated is determined by the network configuration. host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# class L7SLBCLASS host1/Admin(config-pmap-lb-sip-c)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1107 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Class Configuration Mode Commands (config-pmap-lb-sip-c) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing SIP class configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# class L7SLBCLASS host1/Admin(config-pmap-lb-sip-c)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1108 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Match Configuration Mode Commands Policy Map Load Balancing SIP Match Configuration Mode Commands Policy map load balancing SIP match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the specified inline match command. To access policy map load balancing SIP match configuration mode, use one of the match commands in policy map load balancing SIP configuration mode (see the “Policy Map Load Balancing SIP Configuration Mode Commands” section for details). The prompt changes to (config-pmap-lb-sip-m). The inline Layer 7 policy map match commands allow you to include a single inline match criteria in the policy map without specifying a traffic class. The inline match commands function the same way as the Layer 7 server load balancing (SLB) class map match commands. However, when you use an inline match command, you can specify an action for only a single match command in the SLB policy map. The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine.2-1109 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Match Configuration Mode Commands (config-pmap-lb-sip-m) drop To instruct the ACE to discard packets that match a particular load-balancing criteria in an inline match command, use the drop command. Use the no form of this command to reset the ACE to its default of accepting packets from the policy map. drop no drop Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing SIP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to discard packets that match the load-balancing criteria in the inline match command, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# match SIP_MATCH sip header Via header-value 192.* host1/Admin(config-pmap-lb-sip-m)# drop Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1110 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Match Configuration Mode Commands (config-pmap-lb-sip-m) forward To instruct the ACE to forward requests that match a particular policy map without performing load balancing on the request, use the forward command. Use the no form of this command to reset the ACE to its default of load balancing packets from the policy map. forward no forward Syntax Description This command has no keywords or arguments. Command Modes Policy map load balancing SIP match configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To instruct the ACE to forward requests that match the criteria in the inline match command without performing load balancing on the request, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# match SIP_MATCH sip header Via header-value 192.* host1/Admin(config-pmap-lb-sip-m)# forward Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1111 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Match Configuration Mode Commands (config-pmap-lb-sip-m) serverfarm To load balance a client request for content to a server farm, use the serverfarm command. Server farms are groups of networked real servers that contain the same content and reside in the same physical location. Use the no form of this command to remove the server-farm action from the Layer 7 load balancing policy map. serverfarm name1 [backup name2 [aggregate-state]] no serverfarm name1 [backup name2 [aggregate-state]] Syntax Description Command Modes Policy map load balancing SIP match configuration mode Admin and user contexts Command History Usage Guidelines If all servers in the server farm fail and you do not configure a backup server farm, the ACE sends a reset (RST) to a client in response to a content request. If all real servers in the primary server farm fail, the ACE sends client requests to the backup server farm. Examples To specify the serverfarm command as an action in the load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# match MATCH_SLB1 source-address 192.168.11.2 255.255.255.0 name1 Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm goes down, the ACE sends all connections to the configured backup server farm. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. aggregate-state This option has been deprecated and no longer has an effect on the state of the VIP. By default, the ACE takes into account the state of all real servers in the backup server farm before taking the VIP out of service. If all real servers in the primary server farm fail, but there is at least one real server in the backup server farm that is operational, the ACE keeps the VIP in service. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1112 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Load Balancing SIP Match Configuration Mode Commands host1/Admin(config-pmap-lb-sip-m)# serverfarm FARM2 backup FARM3 Related Commands This command has no related commands. (config-pmap-lb-sip-m) set ip tos To specify the IP differentiated services code point (DSCP) of packets in a server load balancing (SLB) policy map, use the set ip tos command. This command marks a packet by setting the IP DSCP bit in the Type of Service (ToS) byte. Once the IP DSCP bit is set, other Quality of Service (QoS) services can then operate on the bit settings. Use the no form of this command to reset the IP DSCP value to the default of 0. set ip tos value no set ip tos value Syntax Description Command Modes Policy map load balancing SIP match configuration mode Admin and user contexts Command History Usage Guidelines For details about the ToS byte, see RFC 791, RFC 1122, RFC 1349, and RFC 3168. Examples To specify the set ip tos command as a QoS action in the Layer 7 load-balancing policy map, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# match MATCH_SLB1 sip header Via header-value 192.* host1/Admin(config-pmap-lb-sip-m)# set ip tos 8 Related Commands This command has no related commands. value IP DSCP value. Enter an integer from 0 to 255. The default is 0. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1113 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Management Configuration Mode Commands (config-pmap-lb-sip-m) sticky-serverfarm To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, use the sticky-serverfarm command. Use the no form of this command to remove a sticky group from the policy map. sticky-serverfarm name no sticky-serverfarm name Syntax Description Command Modes Policy map load balancing SIP match configuration mode Admin and user contexts Command History Usage Guidelines For information about sticky groups, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that all requests that match a Layer 7 policy map are load balanced to a sticky server farm, enter: host1/Admin(config)# policy-map type loadbalance sip first-match L7SLBPOLICY host1/Admin(config-pmap-lb-sip)# match MATCH_SLB1 source-address 192.168.11.2 255.255.255.0 host1/Admin(config-pmap-lb-sip-m)# sticky-serverfarm STICKY_GROUP1 Related Commands This command has no related commands. Policy Map Management Configuration Mode Commands Policy map management configuration mode commands allow you to specify a Layer 3 and Layer 4 policy map that identifies the network management protocols that can be received by the ACE. The ACE executes the specified action only for traffic that meets the first matching classification with a policy map. The ACE does not execute any additional actions. name Name of an existing sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1114 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Management Configuration Mode Commands To create a Layer 3 and Layer 4 network management policy map and access the policy map management configuration mode, use the policy-map type management first-match command in configuration mode. You can classify network traffic based on the following management protocols: HTTP, HTTPS, ICMP, SNMP, SSH, or Telnet. When you access this mode, the prompt changes to (config-pmap-mgmt). Use the no form of this command to remove a Layer 3 and Layer 4 network management policy map from the ACE. policy-map type management first-match map_name no policy-map type management first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the context Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Layer 3 and Layer 4 network traffic management policy map, enter: host1/Admin(config)# policy-map type management first-match L4_REMOTE_MGMT_ALLOW_POLICY host1/Admin(config-pmap-mgmt)# Related Commands (config) class-map map_name Name assigned to the Layer 3 and Layer 4 network management policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1115 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Management Configuration Mode Commands (config-pmap-mgmt) class To associate a Layer 3 and Layer 4 management protocol class map with a Layer 3 and Layer 4 traffic management policy map, use the class command. The prompt changes from (config-pmap-mgmt) to (config-pmap-mgmt-c). For information about commands in this mode, see the “Policy Map Management Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Management policy map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To permit remote Secure Shell (SSH) access, enter: host1/Admin(config)# policy-map type management first-match L4_REMOTE_MGMT_ALLOW_POLICY host1/Admin(config-pmap-mgmt)# class SSH-ALLOW_CLASS name1 Name of a previously defined Layer 3 and Layer 4 management protocol class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it enabling it to match all traffic. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1116 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Management Configuration Mode Commands Related Commands (config) class-map (config-pmap-mgmt) description2-1117 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Management Class Configuration Mode Commands (config-pmap-mgmt) description To provide a brief summary about the Layer 3 and Layer 4 management protocol policy map, use the description command. Use the no form of this command to remove the description from the class map. description text no description Syntax Description Command Modes Policy map configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to allow remote Telnet access, enter: host1/Admin(config-pmap-mgmt)# description Allow Telnet access to the ACE Related Commands (config-pmap-mgmt) class Policy Map Management Class Configuration Mode Commands Policy map management class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches one or more match statements in the associated Layer 3 and Layer 4 network management protocol class map. To access policy map management class configuration mode, use the class command in policy map management configuration mode (see the (config-pmap-mgmt) class command for details). The prompt changes from (config-pmap-mgmt) to (config-pmap-mgmt-c). The commands in this mode require the context Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1118 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Management Class Configuration Mode Commands (config-pmap-mgmt-c) deny To deny the specified IP network management protocol, use the deny command. Use the no form of this command to allow the specified IP network management protocol to be received by the ACE. deny no deny Syntax Description This command has no keywords or arguments. Command Modes Policy map management class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To deny the specified IP network management protocol by the ACE, enter: host1/Admin(config-pmap-mgmt)# class SSH_CLASS host1/Admin(config-pmap-mgmt-c)# deny Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1119 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands (config-pmap-mgmt-c) permit To allow the IP network management protocols listed in the associated Layer 3 and Layer 4 management class map to be received by the ACE, use the permit command. Use the no form of this command to disallow the specified IP network management protocols to be received by the ACE. permit no permit Syntax Description This command has no keywords or arguments. Command Modes Policy map management class configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To permit the specified IP network management protocol by the ACE, enter: host1/Admin(config-pmap-mgmt)# class SSH_CLASS host1/Admin(config-pmap-mgmt-c)# permit Related Commands This command has no related commands. Policy Map Optimization Configuration Mode Commands (ACE appliance only) Policy map optimization configuration mode commands allow you to associate an HTTP optimization action list and, optionally, a parameter map to perform the specified application acceleration optimization actions. The ACE executes the specified action only for traffic that meets the first matching classification with a policy map. The ACE does not execute any additional actions. To create a Layer 7 optimization policy map and access the policy map optimization configuration mode, use the policy-map type optimization http first-match command in configuration mode. When you access this mode, the prompt changes to (config-pmap-optmz). Use the no form of the command to remove a Layer 3 and Layer 4 network management policy map from the ACE. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1120 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands policy-map type optimization http first-match map_name no policy-map type optimization http first-match map_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a Layer 7 optimization HTTP policy map named L7OPTIMIZATION_POLICY, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY host/Admin(config-pmap-optmz)# Related Commands (config) class-map map_name Name assigned to the Layer 7 optimization HTTP policy map. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Appliance Release Modification A1(7) This command was introduced.2-1121 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands (config-pmap-optmz) class (ACE appliance only) To associate a Layer 7 SLB class map with a Layer 7 optimization HTTP policy map, use the class command. The prompt changes from (config-pmap-optmz) to (config-pmap-optmz-c). For information on commands in this mode, see the “Policy Map Optimization Class Configuration Mode Commands” section. Use the no form of this command to remove an associated class map from a policy map. class {name1 [insert-before name2] | class-default} no class {name1 [insert-before name2] | class-default} Syntax Description Command Modes Policy map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To specify an existing Layer SLB class map, enter: host1/Admin(config-pmap-optmz)# class L7SLBCLASS host1/Admin(config-pmap-optmz-c)# Related Commands (config) class-map (config-pmap-optmz) description name1 Name of a previously defined Layer 7 SLB class map configured with the class-map command. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. insert-before name2 (Optional) Places the current class map ahead of an existing class map or inline match condition specified by the name2 argument in the policy map configuration. The ACE does not save the sequence reordering as part of the configuration. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. class-default Reserved, well-known class map created by the ACE. You cannot delete or modify this class. All traffic that fails to meet the other matching criteria in the named class map belongs to the default traffic class. If none of the specified classifications matches the traffic, then the ACE performs the action specified under the class class-default command. The class-default class map has an implicit match any statement in it that enables it to match all traffic. ACE Appliance Release Modification A1(7) This command was introduced.2-1122 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands (config-pmap-optmz) description (ACE appliance only) To provide a brief summary about the Layer 7 optimization HTTP policy map, use the description command. Use the no form of the command to remove the description from the class map. description text no description Syntax Description Command Modes Policy map optimization configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To add a description that the policy map is to perform delta optimization, enter: host1/Admin(config-pmap-optmz)# description This policy map performs delta optimization To remove the description from the policy map, enter: host1/Admin(config-pmap-optmz)# no description Related Commands (config-pmap-mgmt) class text Description for the policy map. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Appliance Release Modification A1(7) This command was introduced.2-1123 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands (config-pmap-optmz) match http cookie (ACE appliance only) To make server load balancing (SLB) decisions based on the name and string of a cookie, use the match http cookie command. Use the no form of the command to remove an HTTP cookie match statement from the policy map. match name1 http cookie {name2 | secondary name3} cookie-value expression [insert-before map_name] no match name1 http cookie {name2 | secondary name3} cookie-value expression Syntax Description Command Modes Policy map optimization configuration mode Admin and user contexts Command History Usage Guidelines When you use the match http cookie command, you access the policy map optimization match configuration mode and the prompt changes from (config-pmap-optmz) to (v-m). For information on the load-balancing commands in this mode, see the “Policy Map Load Balancing HTTP Match Configuration Mode Commands” section. The ACE performs regular expression matching against the received packet data from a particular connection based on the cookie expression. You can configure a maximum of five cookie names per VIP. name1 Name assigned to the inline match command. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). name2 A unique cookie name. Enter an unquoted text string with no spaces and a maximum of 63 alphanumeric characters. secondary name3 Specifies a cookie in a URL string. You can specify the delimiters for cookies in a URL string using a command in an HTTP parameter map. cookie-value expression Specifies a unique cookie value expression. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. The ACE supports regular expressions for matching string expressions. For a list of supported characters that you can use for matching string expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Appliance Release Modification A1(7) This command was introduced.2-1124 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands The ACE supports regular expressions for matching string expressions. For a list of supported characters that you can use for matching string expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. For details on defining a list of ASCII-character delimiter strings that you can use to separate the cookies in a URL string, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To specify that the Layer 7 optimization policy map load balances on a cookie with the name of testcookie1, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY host/Admin(config-pmap-optmz)# match MATCH2 http cookie testcookie1 cookie-value 123456 Related Commands (config-parammap-http) set content-maxparse-length (config-parammap-http) set secondary-cookie-delimiters (config-pmap-optmz) match http header (ACE appliance only) To define application inspection decisions based on the name and value in an HTTP header, use the match http header command. Use the no form of the command to clear an HTTP header match criteria from the policy map. match name http header {header_name | header_field} header-value expression [insert-before map_name] no match name http header {header_name | header_field} header-value expression Syntax Description name Name assigned to the inline match command. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). header_name Name of the HTTP header to match (for example, www.example1.com.) The range is from 1 to 64 alphanumeric characters. Note The header_name argument cannot include the colon in the name of the HTTP header; the ACE rejects the colon as an invalid token. header_field A standard HTTP/1.1 header field. Valid selections include request-header fields, general-header fields, and the entity-header field. Selections also include two lower-level header-matching commands: “length” and “mime-type.” The supported selections are the following: • Accept—Specifies a semicolon-separated list of representation schemes (content type metainformation values) that will be accepted in the response to the request.2-1125 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands • Accept-Charset—Specifies the character sets that are acceptable for the response. This field allows clients capable of understanding more comprehensive or special-purpose character sets to signal that capability to a server that can represent documents in those character sets. • Accept-Encoding—Restricts the content encoding that a user will accept from the server. • Accept-Language—Specifies the ISO code for the language in which the document is written. The language code is an ISO 3316 language code with an optional ISO639 country code to specify a national variant. • Authorization—Specifies that the user agent wants to authenticate itself with a server, usually after receiving a 401 response. • Cache-Control—Specifies the directives that must be obeyed by all caching mechanisms in the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. • Connection—Allows the sender to specify connection options. • Content-MD5—Specifies the MD5 digest of the entity body that provides an end-to-end integrity check. Only a client or an origin server can generate this header field. • Expect—Used by a client to inform the server about the behaviors that the client requires. • From—Contains the e-mail address of the person who controls the requesting user agent. • Host—Specifies the internet host and port number of the resource that is requested, as obtained from the original URI given by the user or referring resource. The Host field value must represent the naming authority of the origin server or gateway given by the original URL. • If-Match—Used with a method to make it conditional. A client that has one or more entities previously obtained from the resource can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field. This feature allows efficient updates of cached information with a minimum amount of transaction overhead. It is also used on updating requests to prevent inadvertent modification of the wrong version of a resource. As a special case, the value “*” matches any current entity of the resource. • Pragma—Specifies the pragma directives that are understood by servers to whom the directives are relevant. The syntax is the same as for other multiple-value fields in HTTP. For example, the Accept field is a comma-separated list of entries for which the optional parameters are separated by semicolons.2-1126 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands Command Modes Policy map optimization configuration mode Admin and user contexts Command History Usage Guidelines The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP header expression. When you use the match http header command, you access the policy map optimization match configuration mode and the prompt changes from (config-pmap-optmz) to (config-pmap-optmz-m). For information on the load-balancing commands in this mode, see the “Policy Map Load Balancing HTTP Match Configuration Mode Commands” section. The ACE supports regular expressions for matching. Expressions are stored in a header map in the form header-name: expression. Header expressions allow spaces, if the spaces are escaped or quoted. For a list of supported characters that you can use in regular expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. Examples To specify that the Layer 7 optimization policy map load balances on an HTTP header named Host, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY host1/Admin(config-pmap-optmz)# match match3 http header Host header-value .*cisco.com Related Commands (config-parammap-http) set content-maxparse-length • Referer—Specifies the address (URI) of the resource from which the URI in the request was obtained. • Transfer-Encoding—Indicates what (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient. • User-Agent—Specifies the information about the user agent (for example, a software program that originates the request). This information is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents. • Via—Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests and between the origin server and the client on responses. header-value expression Specifies the header value expression string to compare against the value in the specified field in the HTTP header. The range is from 1 to 255 alphanumeric characters. For a list of supported characters that you can use in regular expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Appliance Release Modification A1(7) This command was introduced.2-1127 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Configuration Mode Commands (config-pmap-optmz) match http url (ACE appliance only) To make server load balancing (SLB) decisions based on the URL name and, optionally, the HTTP method, use the match http url command. Use the no form of the command to remove a URL match statement from the policy map. match name http url expression [method name] [insert-before map_name] no match name http url expression [method name] Syntax Description Command Modes Policy map optimization configuration mode Admin and user contexts Command History Usage Guidelines The ACE performs regular expression matching against the received packet data from a particular connection based on the HTTP URL string. When you use the match http url command, you access the policy map optimization match configuration mode and the prompt changes from (config-pmap-optmz) to (config-pmap-optmz-m). For information on the load-balancing commands in this mode, see the “Policy Map Load Balancing HTTP Match Configuration Mode Commands” section. name Name assigned to the inline match command. Enter an unquoted text string with no spaces. The length of the inline match statement name plus the length of the policy map name with which it is associated cannot exceed a total maximum of 64 alphanumeric characters. For example, if the policy map name is L7_POLICY (nine characters), an inline match statement name under this policy cannot exceed 55 alphanumeric characters (64 - 9 = 55). expression URL, or portion of a URL, to match. Enter a URL string from 1 to 255 alphanumeric characters. Include only the portion of the URL that follows www.hostname.domain in the match statement. For a list of supported characters that you can use in regular expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. method name (Optional) Specifies the HTTP method to match. Enter a method name as an unquoted text string with no spaces and a maximum of 15 alphanumeric characters. The method can either be one of the standard HTTP 1.1 method names (OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, or CONNECT) or a text string that must be matched exactly (for example, PROTOPLASM). insert-before map_name (Optional) Places the inline match command ahead of an existing class map in the policy map configuration. ACE Appliance Release Modification A1(7) This command was introduced.2-1128 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Class Configuration Mode Commands Include only the portion of the URL that follows www.hostname.domain in the match statement. For example, in the URL www.anydomain.com/latest/whatsnew.html, include only /latest/whatsnew.html. To match the www.anydomain.com portion, the URL string can take the form of a URL regular expression. For a list of supported characters that you can use in regular expressions, see the “Usage Guidelines” section for the (config-pmap-ins-http) match content command. The period (.) does not have a literal meaning in regular expressions. Use either brackets ([]) or the backslash (\) character to match this symbol. For example, specify www[.]xyz[.]com instead of www.xyz.com. Examples To specify that the Layer 7 optimization policy map load balances on a specific URL, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY host1/Admin(config-pmap-optmz)# match match3 http url whatsnew/latest.* To use regular expressions to emulate a wildcard search to match on any .gif file, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY host1/Admin(config-pmap-optmz)# match match3 http url .*.gif Related Commands (config-parammap-http) set content-maxparse-length Policy Map Optimization Class Configuration Mode Commands (ACE appliance only) Policy map optimization class configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the Layer 7 optimization HTTP action statement. To access policy map optimization class configuration mode, use the class command in policy map optimization configuration mode (see the (config-pmap-optmz) class command for details). The prompt changes from (config-pmap-optmz) to (config-pmap-optmz-c). The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. (config-pmap-optmz-c) action (ACE appliance only) To perform a specific set of application acceleration actions, use the action command. The Layer 7 optimization HTTP policy map activates the use of an optimization HTTP action list to configure the specified application acceleration and optimization actions. See Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide for details on creating an optimization HTTP action list. Use the no form of the command to remove the action list from the policy map. action list_name [parameter map_name] no action list_name [parameter map_name]2-1129 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Match Configuration Mode Commands Syntax Description Command Modes Policy map optimization class configuration mode Admin and user contexts Command History Usage Guidelines Optionally, you can specify an optimization HTTP parameter list in an optimization HTTP policy map to identify the association between the action list and the parameter map. The optimization HTTP action list defines what to do while the optimization HTTP parameter map defines the specific details about how to accomplish the application acceleration action. Refer to Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide for details on creating an optimization HTTP parameter map. Examples To associate an existing action list with an existing parameter map to control the actions in the Layer 7 HTTP optimization policy map, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY host1/Admin(config-pmap-optmz)# class L7SLBCLASS host1/Admin(config-pmap-optmz-c)# action ACT_LIST1 parameter OPTIMIZE_PARAM_MAP To remove the action list from the Layer 7 HTTP optimization policy map, enter: host1/Admin(config-pmap-optmz-c)# no action ACT_LIST1 parameter OPTIMIZE_PARAM_MAP Related Commands (config) action-list type modify http (config) parameter-map type Policy Map Optimization Match Configuration Mode Commands (ACE appliance only) Policy map optimization match configuration mode commands allow you to specify the actions that the ACE should take when network traffic matches the Layer 7 optimization HTTP action statement. To access policy map optimization match configuration mode, use a match command in policy map optimization configuration mode (see the “Policy Map Optimization Match Configuration Mode Commands” section). The prompt changes from (config-pmap-optmz) to (config-pmap-optmz-m). list_name Unique name of an existing action list as an unquoted text string with a maximum of 64 alphanumeric characters. The action command groups the application acceleration functions associated with the specified action list that apply to a specific type of operation. parameter map_name (Optional) Specifies optimization-related commands that pertain to application acceleration performed by the ACE. A parameter map groups the application acceleration functions that adjust or control the actions specified in an associated action list. The map_name argument specifies a unique name of an existing parameter map as an unquoted text string with a maximum of 64 alphanumeric characters. ACE Appliance Release Modification A1(7) This command was introduced.2-1130 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Match Configuration Mode Commands The commands in this mode require the loadbalance feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. (config-pmap-optmz-m) action (ACE appliance only) To perform a specific set of application acceleration actions, use the action command. The Layer 7 optimization HTTP policy map activates the use of an optimization HTTP action list to configure the specified application acceleration optimization actions. Refer to the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide for details on creating an optimization HTTP action list. Use the no form of the command to remove the action list from the policy map. action list_name [parameter map_name] no action list_name [parameter map_name] Syntax Description Command Modes Policy map optimization match configuration mode Admin and user contexts Command History Usage Guidelines Optionally, you can specify an optimization HTTP parameter list in an optimization HTTP policy map to identify the association between the action list and the parameter map. In this case, the optimization HTTP action list defines what to do while the optimization HTTP parameter map defines the specific details about how to accomplish the application acceleration action. Refer to the Cisco 4700 Series Application Control Engine Appliance Application Acceleration and Optimization Configuration Guide for details on creating an optimization HTTP parameter map. Examples To associate an existing action list with an existing parameter map to control the match command action in the Layer 7 HTTP optimization policy map, enter: host/Admin(config)# policy-map type optimization http first-match L7OPTIMIZATION_POLICY list_name Unique name of an existing action list as an unquoted text string with a maximum of 64 alphanumeric characters. The action command groups the application acceleration functions associated with the specified action list that apply to a specific type of operation. parameter map_name (Optional) Specifies optimization-related commands that pertain to application acceleration performed by the ACE. A parameter map groups the application acceleration functions that adjust or control the actions specified in an associated action list. The map_name argument specifies a unique name of an existing parameter map as an unquoted text string with a maximum of 64 alphanumeric characters. ACE Appliance Release Modification A1(7) This command was introduced.2-1131 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Policy Map Optimization Match Configuration Mode Commands host1/Admin(config-pmap-optmz)# match match3 http url .*.gif host1/Admin(config-pmap-optmz-m)# action ACT_LIST1 parameter OPTIMIZE_PARAM_MAP To remove the action list from the Layer 7 HTTP optimization policy map, enter: host1/Admin(config-pmap-optmz-m)# no action ACT_LIST1 parameter OPTIMIZE_PARAM_MAP Related Commands (config) action-list type modify http (config) parameter-map type2-1132 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Probe Configuration Mode Commands Probe configuration mode commands allow you to configure health monitoring on the ACE to track the state of a server by sending out probes. Also referred to as out-of-band health monitoring, the ACE verifies the server response or checks for any network problems that can prevent a client from reaching a server. Based on the server response, the ACE can place the server in or out of service and can make reliable load-balancing decisions. You can also use health monitoring to detect failures for a gateway or host in high availability configurations. The ACE identifies the health of a server in the following categories: • Passed—The server returns a valid response. • Failed—The server fails to provide a valid response to the ACE or the ACE is unable to reach a server for a specified number of retries. By configuring the ACE for health monitoring, the ACE sends active probes periodically to determine the server state. The ACE supports 4096 (ACE module) or 1000 (ACE appliance) unique probe configurations, which includes ICMP, TCP, HTTP, and other predefined health probes. The ACE can execute only up to 200 concurrent script probes at a time. The ACE also allows the opening of 2048 sockets simultaneously. You can associate the same probe with multiple real servers or server farms. Each time that you use the same probe again, the ACE counts it as another probe instance. You can allocate a maximum of 16 K (ACE module) or 4000 (ACE appliance) probe instances. To configure probes and access probe configuration mode for that probe type, use the probe command. The CLI prompt changes to (config-probe-probe_type). For information about the commands in all probe configuration modes, see the commands in this section. See the “Command Modes” section for each command to find out to which probe-type configuration modes a specific command applies. Use the no form of this command to remove a probe from the configuration. probe probe_type probe_name no probe probe_type probe_name Syntax Description probe_type Type of probe to configure. The probe type determines what the probe sends to the server. Enter one of the following types: • dns—Sends a request to a DNS server that passes a configured domain to the server (by default, the domain is www.cisco.com). To determine whether the server is up, the ACE must receive one of the configured IP addresses for that domain. • echo {tcp | udp}—Sends a specified string to the server and compares the response to the original string. You must configure the string that needs to be echoed. If the response string matches the original string, the server is marked as passed. If you do not configure a string, the probe behaves like a TCP or UDP probe. • finger—Uses a Finger query to a server for an expected response string. The ACE searches the response for the configured string. If the ACE finds the expected response string, the server is marked as passed. If you do not configure an expected response string, the ACE ignores the server response. 2-1133 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands • ftp —Establishes a TCP connection to the server and then issues a quit command. • http—Establishes a TCP connection and issues an HTTP request to the server for an expected string and status code. The ACE can compare the received response with configured codes, looking for a configured string in the received HTTP page, or verifying hash for the HTTP page. If any of these checks fail, the server is marked as failed. For example, if you configure an expected string and status code and the ACE finds them both in the server response, the server is marked as passed. However, if the ACE does not receive either the server response string or the expected status code, it marks the server as failed. If you do not configure a status code, any response code from the server is marked as failed. • https—Similar to an HTTP probe except that it uses Secure Sockets Layer (SSL) to generate encrypted data. • icmp—Sends an ICMP echo request and listens for a response. If a server returns a response, the ACE marks the server as passed. If the server does not send a response, causing the probe to time out, or if the server sends an unexpected ICMP echo response type, the ACE marks the probe as failed. • imap—Makes a server connection and sends user credential (login, password, and mailbox) information. The ACE can send a configured command. Based on the server response, the ACE marks the probe as passed or failed. • pop—Initiates a session and sends the configured credentials. The ACE can send a configured command. Based on the server response, the ACE marks the probe as passed or failed. • radius—Sends a query using a configured username, password, and shared secret to a RADIUS server. If the server is up, it is marked as passed. If you configure a Network Access Server (NAS) address, the ACE uses it in the outgoing packet. Otherwise, the ACE uses the IP address associated with the outgoing interface as the NAS address. • rtsp—Establishes a TCP connection and sends a request packet to the server. The ACE compares the response with the configured response code to determine whether the probe has succeeded. • scripted—Allows you to run a script to execute the probe that you created for health monitoring. You can author specific scripts with features not present in standard health probes. • sip {tcp | udp}—Establishes a TCP or UDP connection and sends an OPTIONS request packet to the user agent on the server. The ACE compares the response with the configured response code or expected string, or both, to determine whether the probe has succeeded. If you do not configure an expected status code, any response from the server is marked as failed. • smtp—Initiates an SMTP session by logging into the server, sends a HELLO message, and then disconnects from the server.2-1134 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. • snmp—Establishes a UDP connection and sends a maximum of eight SMNP OID queries to probe the server. The ACE weighs and averages the load information that is retrieved and uses it as input to the least-loaded algorithm for load-balancing decisions. If the retrieved value is within the configured threshold, the server is marked as passed. If the threshold is exceeded, the server is marked as failed. • tcp—Initiates a TCP 3-way handshake (SYN, SYN-ACK, ACK) and expects the server to send a response. By default, a successful response causes the probe to mark the server as passed and send a FIN to end the session. If the response is not valid or if there is no response, the probe marks the server as failed. • telnet—Establishes a connection to the server and verifies that a greeting from the application was received. • udp—Sends a UDP packet to a server and marks the server as failed only if the server returns an ICMP Port Unreachable message. If the ACE does not receive any ICMP errors for the UDP request that was sent, the probe is marked as passed. Optionally, you can configure this probe to send specific data and expect a specific response to mark the server as passed. If the IP interface of the server is down or disconnected, the UDP probe by itself would not know that the UDP application is not reachable. • vm—Sends a query to the VM controller (Vcenter) to obtain the load information of the local VMs. probe_name Identifier for the probe. Use the probe name to associate the probe to the server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A4(2.0) Added the VM probe type. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A4(2.0) Added the VM probe type. A5(1.0) Added IPv6 support.2-1135 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands You can associate only IPv4 probes with IPv4 real servers and only IPv6 probes wth IPv6 real servers. For IPv6, the ACE supports the following probe types: • DNS • HTTP • HTTPs • ICMP • TCP • UDP • Scripted Examples To define a TCP probe named PROBE, and access its mode, enter: host1/Admin(config)# probe tcp PROBE1 host1/Admin(config-probe-tcp)# To delete the TCP probe named PROBE1 for TCP and access its mode, enter: host1/Admin(config)# probe tcp PROBE1 Related Commands clear stats show probe show running-config show stats (config-probe-probe_type) append-port-hosttag (ACE appliance only) To append port information in the HTTP Host header when you configure a non-default destination port for an HTTP or HTTPS probe, use the append-port-hosttag command.Use the no form of this command to reset the default behavior of not appending the port information in the HTTP Host header. append-port-hosttag no append-port-hosttag Syntax Description This command has no keywords or arguments. Command Modes HTTP and HTTPS probe configuration mode Admin and user contexts Command History ACE Appliance Release Modification A3(2.7). Not applicable for A4(1.0) or A4(2.0). This command was introduced.2-1136 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Usage Guidelines This command has no usage guidelines. Examples To configure the ACE to append the port information, enter the following command: host1/Admin(config-probe-http)# append-port-hosttag To reset the default behavior, enter the following: host1/Admin(config-probe-http)# no append-port-hosttag Related Commands This command has no related commands.2-1137 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) community To change the community string used by an SNMP probe, use the community command. Use the no form of this command to remove the community string. community text no community Syntax Description Command Modes SNMP probe configuration mode Admin and user contexts Command History Usage Guidelines An ACE Simple Network Management Protocol (SNMP) probe accesses the server through its community string. By default, the community string is not set. Examples To configure the private community string, enter: host1/Admin(config-probe-snmp)# community private To reset the community string to its default value of public, enter: host1/Admin(config-probe-snmp)# no community Related Commands show probe text Name of the SNMP community string for the server. Enter a text string with a maximum of 255 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1138 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) connection term To configure the ACE to terminate a TCP connection by sending a RST, use the connection term command. Use the no form of this command to reset its default of graceful termination. connection term forced no connection term forced Syntax Description This command has no keywords or arguments. Command Modes ECHO TCP, Finger, FTP, HTTP, HTTPS, IMAP, POP, RTSP, SIP TCP, SMTP, TCP, and Telnet probe configuration modes Admin and user contexts Command History Usage Guidelines This command applies only to TCP-based probes. By default, the ACE terminates a TCP connection gracefully by sending a FIN to the server. Examples To terminate a TCP connection by sending a RST for a TCP probe, enter: host1/Admin(config-probe-tcp)# connection term forced To reset the method to terminate a connection gracefully, enter: host1/Admin(config-probe-tcp)# no connection term forced Related Commands show probe ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1139 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) credentials To configure the credentials for username and password authentication of a probe to access a server, use the credentials command. For a Remote Authentication Dial-In User Service (RADIUS) probe, a shared secret may also be required. For an Internet Message Access Protocol (IMAP) probe, you can provide a mailbox username. Use the no form of this command to remove the credentials from the configuration. For HTTP, HTTPS, and POP probes, the syntax is as follows: credentials username [password] For RADIUS probes, the syntax is as follows: credentials username password [secret shared_secret] For IMAP probes, the syntax is as follows: credentials {username password} | {mailbox name} For HTTP, HTTPS, POP, and RADIUS probes, the syntax is as follows: no credentials For IMAP probes, the syntax is as follows: no credentials {username | mailbox} Syntax Description Command Modes HTTP, HTTPS, IMAP, POP, and RADIUS probe configuration modes Admin and user contexts Command History username User identifier used for authentication. Enter an unquoted text string with a maximum of 64 alphanumeric characters. password (Optional except for RADIUS and IMAP probes) Password used for authentication. Enter an unquoted text string with a maximum of 64 alphanumeric characters. mailbox name (IMAP probe) Specifies the user mailbox name from which to retrieve e-mail for an IMAP probe. Enter an unquoted text string with a maximum of 64 alphanumeric characters. secret shared_secret (RADIUS probe) Specifies the password used for the MD5 hash encryption algorithm. Enter an unquoted text string with a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1140 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Usage Guidelines You must configure the credentials for an IMAP probe using the credentials command before you configure the mailbox or the ACE will ignore the specified user mailbox name. Examples To configure the username ENG1 and a password TEST for an HTTP probe, enter: host1/Admin(config-probe-http)# credentials ENG1 TEST To delete the credentials for a probe, enter: host1/Admin(config-probe-http)# no credentials To configure the user mailbox LETTERS for an IMAP probe, enter: host1/Admin(config-probe-imap)# credentials mailbox LETTERS To delete the mailbox for the IMAP probe, enter: host1/Admin(config-probe-imap)# no credentials mailbox Related Commands show probe (config-probe-probe_type) description To provide a description for a probe, use the description command. Use the no form of this command to remove the description for the probe. description text no description Syntax Description Command Modes All probe-type configuration modes Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. text Description for the probe. Enter a text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1141 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Examples To configure a description THIS PROBE IS FOR TCP SERVERS for a TCP probe, enter: host1/Admin(config-probe-tcp)# description THIS PROBE IS FOR TCP SERVERS To remove the description THIS PROBE IS FOR TCP SERVERS for a TCP probe, enter: host1/Admin(config-probe-tcp)# no description Related Commands show probe2-1142 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) domain To configure the domain name that the probe sends to the DNS server to resolve, use the domain command. Use the no form of this command to reset the default domain (www.cisco.com) that the probe sends to the server. domain name no domain Syntax Description Command Modes DNS probe configuration mode Admin and user contexts Command History Usage Guidelines The DNS probe sends a domain name for the DNS server to resolve. By default, the probe uses the www.cisco.com domain name. Examples To configure the domain name of MARKET, enter: host1/Admin(config-probe-dns)# domain MARKET To reset the default domain that the probe sends to the DNS server, enter: host1/Admin(config-probe-dns)# no domain Related Commands show probe name Domain that the probe sends to the DNS server. Enter an unquoted text string with a maximum of 255 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1143 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) expect address To configure one or more IPv6 or IPv4 addresses that the ACE expects as a server response to a DNS request, use the expect address command. The probe matches the received IP address with the configured addresses. Use the no form of this command to remove the expected IP address from the configuration. expect address ip_address no expect address ip_address Syntax Description Command Modes DNS probe configuration mode Admin and user contexts Command History Usage Guidelines A DNS probe sends a request for a domain to a DNS server. The ACE uses the IP address specified in the expect address command to decide whether to pass or fail the DNS probe for the server based on the server response. You can specify multiple IP addresses with this command by entering the command with a different address separately. Examples IPv6 Example To configure an expected IPv6 address of 2001:DB8:15::/64, enter: host1/Admin(config-probe-dns)# expect address 2001:DB8:15::/64 To remove an IPv6 address, use the no expect address command. For example, enter: host1/Admin(config-probe-dns)# no expect address 2001:DB8:15::/64 IPv4 Example To configure an expected IPv4 address of 192.8.12.15, enter: host1/Admin(config-probe-dns)# expect address 192.8.12.15 To remove an IPv4 address, use the no expect address command. For example, enter: ip_address IPv6 or IPv4 address expected from the DNS server in response to the DNS probe request for a domain. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-1144 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands host1/Admin(config-probe-dns)# no expect address 192.8.12.15 Related Commands show probe2-1145 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) expect regex To configure what the ACE expects as a response from the probe destination server, use the expect regex command. Use the no form of this command to remove the expectation of a response expression. expect regex string [offset number] [cache [length]] For TCP and UDP probes, the syntax is as follows: no expect For Finger, HTTP, HTTPS, and SIP probes, the syntax is as follows: no expect regex Syntax Description Command Modes Finger, HTTP, HTTPS, SIP, TCP, and UDP probe configuration modes Admin and user contexts Command History string Expected response string from the probe destination. Enter an unquoted text string with no spaces. If the string includes spaces, enclose the string in quotes. The string can be a maximum of 255 alphanumeric characters. offset number (Optional) Sets the number of characters into the received message or buffer where the probe starts searching for the defined expression. Enter an number from 1 to 4000. (ACE appliance only) If you do not include the cache keyword when entering this command, the number argument is from 1 to 4000. However, if you include the cache keyword, the offset maximum number is 163840. cache (ACE appliance only, Optional for HTTP and HTTPS probes only) Enables caching when regex parsing long web pages . By default, when you configure the expect regex command for HTTP or HTTPS probes in probe configuration mode, the ACE does not cache the web page parsed by the probes. If the web page is longer than 4kBytes and the regex matching string exceeds this length, the probe fails. length (ACE appliance only, Optional) Cache length. Enter a number from 1 to 1000. The default cache length is 1000. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.7). Not applicable to A4(1.0) or A4(2.0). Added the cache [length] option for regex parsing of long web pages.2-1146 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Usage Guidelines When you configure a probe to expect a string from a server, it searches the response for a configured string. If the ACE finds the expected string, the server is marked as passed. If you do not configure an expected string, the ACE ignores the server response. If you configure the expect regex command for TCP probes, you must configure the send-data command. Otherwise, the probe performs a connection open and close without checking the response from the server. For HTTP or HTTPS probes, the server response must include the Content-Length header for the expect regex command to function. Otherwise, the probe does not attempt to parse the regex. (ACE appliance only) For the cache option, consider the following: • The HTML file configured with the request method command cannot exceed the length of the offset plus the length of the cache. If the file exceeds this length, the probes fail. • For HTTP and HTTPS probes with active and standby ACEs that are running different software versions, any incremental changes made for the expect regex command are not synchronized. Any synchronization changes to the other ACE occur through bulk synchronization. Bulk synchronization takes place as expected. Examples To configure a TCP probe to expect an ACK response, enter: host1/Admin(config-probe-tcp)# expect regex ack (ACE appliance only) To configure the expected response string with caching with the default cache length of 1000, enter: host1/Admin(config-probe-http)# expect regex test cache To remove the expectation of a response expression for a TCP probe, enter: host1/Admin(config-probe-tcp)# no expect To remove the expectation of a response expression for an HTTP probe, enter: host1/Admin(config-probe-http)# no expect regex Related Commands show probe2-1147 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) expect status To configure a single status code or a range of status code responses that the ACE expects from the probe destination, use the expect status command. You can specify multiple status code ranges with this command by entering the command with different ranges separately. Use the no form of this command to remove the expected status code or codes from the configuration. expect status min_number max_number no expect status min_number max_number Syntax Description Command Modes FTP, HTTP, HTTPS, RTSP, SIP, and SMTP probe configuration modes Admin and user contexts Command History Usage Guidelines When the ACE receives a response from the server, it expects a status code to mark a server as passed. By default, no status codes are configured on the ACE. If you do not configure a status code, any response code from the server is marked as failed. For HTTP and HTTPS, if you configure the expect-regex command without configuring a status code, the probe will pass if the regular expresion response string is present. You can specify multiple status code ranges with this command by entering the command with different ranges one at a time. Both the min_number and the max_number values can be any integer between 0 and 999 if the max_number is greater than or equal to the min_number. When the min_number and max_number values are the same, the ACE uses a single status code number. Examples To configure an expected status code of 200 that indicates that the HTTP request was successful, enter: host1/Admin(config-probe-http)# expect status 200 200 To configure a range of expected status codes from 200 to 202, enter: host1/Admin(config-probe-rtsp)# expect status 200 202 min_number Single status code or the lower limit of a range of status codes. Enter an integer from 0 to 999. max_number Upper limit of a range of status codes. Enter an integer from 0 to 999. When configuring a single code, reenter the min_number value. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1148 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands To configure multiple ranges of expected status codes from 200 to 202 and 204 to 205, configure each range separately. Enter: host1/Admin(config-probe-http)# expect status 200 202 host1/Admin(config-probe-http)# expect status 204 205 To remove a single expected status code of 200, enter: host1/Admin(config-probe-sip-udp)# no expect status 200 200 To remove a range of expected status codes, enter: host1/Admin(config-probe-http)# no expect status 200 202 To remove multiple ranges of expected status codes, you must remove each range separately. If you have set two different ranges (200 to 202 and 204 to 205), enter: host1/Admin(config-probe-http)# no expect status 200 202 host1/Admin(config-probe-http)# no expect status 204 205 Related Commands show probe (config-probe-probe_type) faildetect To change the number of consecutive failed probes, use the faildetect command. Use the no form of this command to reset the number of probe retries to its default. faildetect retry-count no faildetect Syntax Description Command Modes All probe-type configuration modes Admin and user contexts Command History Usage Guidelines Before the ACE marks a server as failed, it must detect that probes have failed a consecutive number of times. By default, when three consecutive probes have failed, the ACE marks the server as failed. retry_count Consecutive number of failed probes before marking the server as failed. Enter a number from 1 to 65535. The default is 3. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1149 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Examples To set the number of failed probes to 5 before declaring the server as failed for a TCP probe, enter: host1/Admin(config-probe-tcp)# faildetect 5 To reset the number of probe failures to the default of 3, enter: host1/Admin(config-probe-tcp)# no faildetect Related Commands show probe (config-probe-probe_type) hash To configure the ACE to dynamically generate the MD5 hash value or manually configure the value, use the hash command. By default, no hash value is configured on the ACE. Use the no form of this command to configure the ACE to no longer compare the referenced hash value to the computed hash value. hash [value] no hash Syntax Description Command Modes HTTP and HTTPS probe configuration mode Admin and user contexts Command History Usage Guidelines If you do not use this command to configure the hash value, the ACE does not calculate a hash value on the HTTP data returned by the probe. When you enter this command with no argument, the ACE generates the hash on the HTTP data returned by the first successful probe. If subsequent HTTP server hash responses match the generated hash value, the ACE marks the server as passed. If a mismatch occurs due to changes to the HTTP data, the probe fails and the show probe ... detail command displays an MD5 mismatch error in the Last disconnect error field. To clear the reference hash and have the ACE recalculate the hash value at the next successful probe, change the URL or method by using the request method command. value (Optional) The MD5 hash value that you want to manually configure. Enter the MD5 hash value as a hexadecimal string with exactly 32 characters (16 bytes). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1150 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands The server response must include the Content-Length header for the hash command to function. Otherwise, the probe does not attempt to parse the hash value. You can configure the hash command on a probe using the HEAD method, however there is no data to hash and has no effect causing the probe to always succeed. Examples To configure the ACE to generate the hash on the HTTP data returned by the first successful probe, enter: host1/Admin(config-probe-http)# hash To manually configure a hash value, enter: host1/Admin(config-probe-http)# hash 0123456789abcdef0123456789abcdef To configure the ACE to no longer compare the referenced hash value to the computed hash value, enter: host1/Admin(config-probe-http)# no hash Related Commands show probe (config-probe-probe_type) request method (config-probe-probe_type) header To configure a header field value for a probe, use the header command. Use the no form of this command to remove the header field from the probe configuration. For HTTP and HTTPS probes, the syntax is as follows: header field_name header-value field_value no header field_name For RTSP probes, the syntax is as follows: header {require | proxy-require} header-value field_value no header {require | proxy-require} Syntax Description field_name (HTTP and HTTPS probes) Identifier for a standard header field. Enter a text string with a maximum of 64 alphanumeric characters. If the header field includes spaces, enclose the string in quotation marks (“). You can also enter one of the following header keywords: • Accept—Accept request header • Accept-Charset—Accept-Charset request header • Accept-Encoding—Accept-Encoding request header • Accept-Language—Accept-Language request header • Authorization—Authorization request header • Cache-Control—Cache-Control general header • Connection—Connection general header2-1151 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Command Modes HTTP, HTTPS, and RTSP probe configuration mode Admin and user contexts Command History Usage Guidelines For each HTTP or HTTPS probe in your configuration, you can configure multiple header fields. Examples To configure the Accept-Encoding HTTP header with a value of identity, enter: host1/Admin(config-probe-http)# header Accept-Encoding header-value identity To remove the header with the Accept-Encoding field name from the probe, enter: host1/Admin(config-probe-http)# no header Accept-Encoding To configure the RTSP REQUIRE header with a field value of implicit-play, enter: host1/Admin(config-probe-rtsp)# header require header-value implicit-play • Content-MD5—Content-MD5 entity header • Expect—Expect request header • From—From request header • Host—Host request header • If-Match—If-Match request header • Pragma—Pragma general header • Referer—Referer request header • Transfer-Encoding—Transfer-Encoding general header • User-Agent—User-Agent request header • Via—Via general header header-value field_value (HTTP and HTTPS probes) Specifies the value assigned to the header field. Enter a text string with a maximum of 255 alphanumeric characters. If the value string includes spaces, enclose the string in quotation marks (“). require (RTSP probes) Specifies the Require header. proxy-require (RTSP probes) Specifies the Proxy-Require header. header-value field_value (RTSP probes) Specifies the value assigned to the header field. Enter an alphanumeric string with no spaces and a maximum of 255 characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-1152 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands To remove the header configuration for the RTSP probe, enter: host1/Admin(config-probe-rtsp)# no header require To remove a Proxy-Require header, enter: host1/Admin(config-probe-rtsp)# no header proxy-require Related Commands show probe2-1153 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) interval To change the time interval between probes, use the interval command. The time interval between probes is the frequency that the ACE sends probes to the server marked as passed. Use the no form of this command to reset the default time interval of 15 seconds. interval seconds no interval Syntax Description Command Modes All probe-type configuration modes Admin and user contexts Command History Usage Guidelines The open timeout value for TCP-based probes and the receive timeout value can impact the execution time for a probe. When the probe interval is less than or equal to these timeout values and the server takes a long time to respond or it fails to reply within the timeout values, the probe is skipped. When the probe is skipped, the No. Probes skipped counter through the show probe detail command increments. Examples To configure a time interval of 50 seconds for a TCP probe, enter: host1/Admin(config-probe-tcp)# interval 50 To reset the time interval to the default of 15 seconds, enter: host1/Admin(config-probe-tcp)# no interval Related Commands show probe seconds Time interval in seconds. Enter a number from 2 to 65535. The default is 15. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The default is 15. Previously, it was 120. A4(2.0) Added the interval command for VM probes. ACE Appliance Release Modification A1(7) This command was introduced. A4(2.0) Added the interval command for VM probes.2-1154 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) ip address To override the destination address that the probe uses, use the ip address command. By default, the probe uses the IP address from the real server or server farm configuration for the destination IP address. Use the no form of this command to reset the default of the probe. ip address ip_address [routed] no ip address Syntax Description Command Modes All probe-type configuration modes except scripted probe configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples IPv6 Example To configure an IPv6 address of 2001:DB8:12::15, enter: host1/Admin(config-probe-type)# ip address 2001:DB8:12::15 To reset the default behavior of the probe using the IPv6 address from the real server or server farm configuration, use the no ip address command. For example, enter: host1/Admin(config-probe-type)# no ip address ip_address Destination IP address. The default is the IP address from the real server or server farm configuration. Enter a unique IPv4 address in dotted-decimal notation (for example, 192.168.12.15). routed (Optional) Routes the address according to the ACE internal routing table. If you are configuring a probe under a redirect server, you must configure this option. (ACE module only) Hardware-initiated SSL probes do not support this option. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.7). Not applicable for A4(1.0). Support added to configure a probe under a redirect server or server farm. A5(1.0) Added IPv6 support.2-1155 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands IPv4 Example To configure an IP address of 192.8.12.15, enter: host1/Admin(config-probe-type)# ip address 192.8.12.15 To reset the default behavior of the probe using the IP address from the real server or server farm configuration, use the no ip address command. For example, enter: host1/Admin(config-probe-type)# no ip address Related Commands show probe2-1156 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) nas ip address To configure a Network Access Server (NAS) address, use the nas ip address command. Use the no form of this command to remove the NAS address. nas ip address ip_address no nas ip address Syntax Description Command Modes RADIUS probe configuration mode Admin and user contexts Command History Usage Guidelines If a NAS address is not configured for the RADIUS probe, the ACE performs a route lookup on the RADIUS server IP address. Examples To configure a NAS address of 192.168.12.15, enter: host1/Admin(config-probe-radius)# nas ip address 192.168.12.15 To remove the NAS IP address, enter: host1/Admin(config-probe-radius)# no nas ip address Related Commands show probe ip_address NAS IP address. Enter a unique IPv4 address in dotted-decimal notation (for example, 192.168.12.15). By default, if a NAS address is not configured for the Remote Authentication Dial-In User Service (RADIUS) probe, the ACE uses the IP address associated with the outgoing interface as the NAS address. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1157 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) oid To configure an Object Identifier (OID) for an SNMP probe, use the oid command. When you enter this command, the CLI prompt changes to (config-probe-snmp-oid). For information about the commands available in probe SNMP OID configuration mode, see the Probe SNMP OID Configuration Mode Commands section. Use the no form of this command to remove the OID from the probe configuration. oid string no oid string Syntax Description Command Modes SNMP probe configuration mode Admin and user contexts Command History Usage Guidelines When the ACE sends a probe with an SNMP OID query, the ACE uses the retrieved value as input to the least-loaded algorithm for load-balancing decisions. Least-loaded load balancing bases the server selection on the server with the lowest load value. If the retrieved value is within the configured threshold, the server is marked as passed. If the threshold is exceeded, the server is marked as failed. You can configure a maximum of eight OID queries to probe the server. Examples To configure the OID string .1.3.6.1.4.1.2021.10.1.3.1 and access probe SNMP OID configuration mode, enter: host1/Admin(config-probe-snmp)# oid .1.3.6.1.4.1.2021.10.1.3.1 host1/Admin(config-probe-snmp-oid)# To remove the OID string, enter: host1/Admin(config-probe-snmp)# no oid .1.3.6.1.4.1.2021.10.1.3.1 string OID that the probe uses to query the server for a value. Enter an unquoted string with a maximum of 255 alphanumeric characters in dotted-decimal notation. The OID string is based on the server type. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1158 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Related Commands show probe (config-probe-snmp-oid) threshold (config-probe-snmp-oid) type absolute max (config-probe-snmp-oid) weight2-1159 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) open To configure the time interval for a connection to be established through a TCP three-way handshake, use the open command. By default, when the ACE sends a probe, it waits 1 second to open and establish the connection with the server. Use the no form of this command to reset its default of 1 second. open timeout no open Syntax Description Command Modes Echo TCP, Finger, FTP, HTTP, HTTPS, IMAP, POP, RTSP, scripted, SIP TCP, SMTP, TCP, and Telnet probe configuration mode Admin and user contexts Command History Usage Guidelines The open timeout value for TCP-based probes and the receive timeout value can impact the execution time for a probe. When the probe interval is less than or equal to these timeout values and the server takes a long time to respond or it fails to reply within the timeout values, the probe is skipped. When the probe is skipped, the No. Probes skipped counter increments through the show probe detail command. Examples To configure the wait time interval to 25 seconds for a TCP probe, enter: host1/Admin(config-probe-tcp)# open 25 To reset the time interval to its default of 1 second, enter: host1/Admin(config-probe-tcp)# no open Related Commands show probe timeout Time in seconds. Enter an integer from 1 to 65535. The default is 1. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The default is 1. Previously, it was 10. ACE Appliance Release Modification A1(7) This command was introduced.2-1160 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) passdetect To configure the time interval to send a probe to a failed server and the number of consecutive successful probe responses required to mark the server as passed, use the passdetect command. Use the no form of this command to reset the default of waiting 60 seconds before sending out a probe to a failed server and marking a server as passed if it receives 3 consecutive successful responses. passdetect {interval seconds | count number} no passdetect {interval | count} Syntax Description Command Modes All probe-type configuration modes except scripted probe configuration mode Admin and user contexts Command History Usage Guidelines For best results, we recommend that you do not configure a passdetect interval value of less than 30 seconds. If you configure a passdetect interval value of less than 30 seconds, the open timeout and receive timeout values are set to their default values, and a real server fails to respond to a probe, overlapping probes may result, which can cause management resources to be consumed unnecessarily and the No. Probes skipped counter to increase. After the ACE marks a server as failed, it waits a period of time and then sends a probe to the failed server. When the ACE receives a number of consecutive successful probes, it marks the server as passed. By default, the ACE waits 60 seconds before sending out a probe to a failed server and marks a server as passed if it receives 3 consecutive successful responses. The receive timeout value can impact the execution time for a probe. When the probe interval is less than or equal to this timeout value and the server takes a long time to respond or it fails to reply within the timeout value, the probe is skipped. When the probe is skipped, the No. Probes skipped counter increments through the show probe detail command. Examples To configure a wait interval of 10 seconds for a TCP probe, enter: host1/Admin(config-probe-tcp)# passdetect interval 10 interval seconds Specifies the wait time interval in seconds. Enter a number from 2 to 65535. The default is 60. count number Specifies the number of successful probe responses from the server. Enter a number from 1 to 65535. The default is 3. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The default is 60. Previously, it was 300. ACE Appliance Release Modification A1(7) This command was introduced.2-1161 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands To configure five success probe responses from the server before declaring it as passed, enter: host1/Admin(config-probe-tcp)# passdetect count 5 To reset the wait interval to its default, enter: host1/Admin(config-probe-tcp)# no passdetect interval To reset the successful probe responses to its default, enter: host1/Admin(config-probe-tcp)# no passdetect count Related Commands show probe2-1162 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) port To configure the port number that the probe uses, use the port command. Use the no form of this command to reset the port number based on the probe type. port port-number no port Syntax Description Command Modes All probe-type configuration modes except ICMP probe configuration mode Admin and user contexts Command History Usage Guidelines Table 1-22 lists the default port numbers for each probe type. port-number Port number for the probe. Enter an integer from 1 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) This command was revised to support probe port inheritance. ACE Appliance Release Modification A1(7) This command was introduced. Ta b l e 1-22 Default Port Numbers for Probe Types Probe Type Default Port Number DNS 53 Echo 7 Finger 79 FTP 21 HTTP 80 HTTPS 443 ICMP Not applicable IMAP 143 POP 110 RADIUS 1812 RTSP 554 SIP (TCP and UDP) 5060 SMTP 25 2-1163 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands If you choose not to specify a port number for a probe, the ACE can dynamically inherit the port number specified: • From the real server specified in a server farm (see the (config-sfarm-host) rserver command). • From the VIP specified in a Layer 3 and Layer 4 class map (see the (config-cmap) match virtual-address command). In this case, all you need is a single probe configuration, which will be sufficient to probe a real server on multiple ports or on all VIP ports. The same probe inherits all of the real server’s ports or all of the VIP ports and creates probe instances for each port. Note Probe port inheritance is not applicable for the server farm predictor method, a probe assigned to a standalone real server, or a probe configured on the active FT group member in a redundant configuration. For a Layer 3 and Layer 4 class map, a VIP port will be inherited only if a match command consists of a single port. If you specify a wildcard value for the IP protocol value (the any keyword) or a port range for the port, port inheritance does not apply for those match statements. The order of precedence for inheriting the probe's port number is as follows: 1. Probe's configured port 2. Server farm real server's configured port 3. VIP's configured port 4. Probe's default port For example, if the configured probe does not contain a specified port number, the ACE will look for the configured port associated with the real server specified in a server farm. If a port number is not configured, the ACE looks for the configured port associated with the VIP specified in a Layer 3 and Layer 4 class map. If a port number is also not configured, the ACE then uses the probe's default port to perform health monitoring on the back-end real server. Examples To configure a port number of 88 for an HTTP probe, enter: host1/Admin(config-probe-HTTP)# port 88 To reset the port number to its default, in this case, port 80 for an HTTP probe, enter: host1/Admin(config-probe-HTTP)# no port Related Commands show probe Telnet 23 TCP 80 UDP 53 Table 1-22 Default Port Numbers for Probe Types Probe Type Default Port Number2-1164 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) receive To configure the time period that the ACE expects to receive a server response to the probe, use the receive command. Use the no form of this command to reset its default of 10 seconds. receive seconds no receive Syntax Description Command Modes All probe-type configuration modes Admin and user contexts Command History Usage Guidelines By default, when the ACE sends a probe, it expects a response within a time period of 10 seconds. For example, for an HTTP probe, the timeout period is the number of seconds to receive an HTTP reply for a GET or HEAD request. If the server fails to respond to the probe, the ACE marks the server as failed. The open timeout value for TCP-based probes and the receive timeout value can impact the execution time for a probe. When the probe interval is less than or equal to these timeout values and the server takes a long time to respond or it fails to reply within the timeout values, the probe is skipped. When the probe is skipped, the No. Probes skipped counter increments through the show probe detail command. Examples To configure the timeout period for a response at 5 seconds for a TCP probe, enter: host1/Admin(config-probe-TCP)# receive 5 To reset the time period to receive a response from the server to its default of 10 seconds, enter: host1/Admin(config-probe-TCP)# no receive Related Commands show probe seconds Time to wait in seconds. Enter an integer from 1 to 65535. The default is 10. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1165 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) request command To configure the request command used by an Internet Message Access Protocol (IMAP) or POP probe, use the request command command. Use the no form of this command to remove the request command from the configuration. request command command no request Syntax Description Command Modes IMAP and POP probe configuration modes Admin and user contexts Command History Usage Guidelines You must configure the name of the mailbox using the (config-probe-probe_type) credentials command before you configure the request command used by an IMAP probe or the ACE will ignore the specified request command. Examples To configure the last request command for an IMAP probe, enter: host1/Admin(config-probe-imap)# request command last To remove the request command for the probe, enter: host1/Admin(config-probe-imap)# no request Related Commands show probe command Request command for the probe. Enter a text string with a maximum of 32 alphanumeric characters with no spaces. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-1166 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) request method To configure the request method and URL used by a probe, use the request method command. Use the no form of this command to reset the default request method. For HTTP and HTTPS probes, the syntax is as follows: request method {get | head} [url url_string] no request method {get | head} [url url_string] For RTSP probes, the syntax is as follows: request method {options | describe url url_string} no request method For SIP probes, the syntax is as follows: request method options no request method Syntax Description Command Modes HTTP, HTTPS, RTSP, and SIP probe configuration modes Admin and user contexts Command History get (HTTP or HTTPS probe) Configures the HTTP GET request method to direct the server to get the page. This method is the default. head (HTTP or HTTPS probe) Configures the HTTP HEAD request method to direct the server to get only the header for the page. url url_string (HTTP or HTTPS probe) Specifies the URL string used by the probe. Enter an alphanumeric string with a maximum of 255 characters. The default string is a forward slash (/). options (RTSP or SIP probe) Specifies the OPTIONS request method. This is the default method. The ACE uses the asterisk (*) request URL for this method. describe url url_string (RTSP probe) Specifies the DESCRIBE request method. The url_string is the URL request for the RTSP media stream on the server. Enter an alphanumeric string with a maximum of 255 characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised.2-1167 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Usage Guidelines By default, the HTTP request method is a GET with the URL of a forward slash (/). If you do not configure a URL, the HTTP or HTTPS probe functions as a TCP probe. By default, the RTSP request method is the OPTIONS method. You can also configure the DESCRIBE method. By default, the SIP request method is the OPTIONS method; this method is the only method available for SIP probes. Examples To configure the HTTP HEAD request method and the /digital/media/graphics.html URL used by an HTTP probe, enter: host1/Admin(config-probe-http)# request method head url /digital/media/graphics.html To reset the HTTP method for the probe to HTTP GET with a URL of “/”, enter: host1/Admin(config-probe-http)# no request method head url /digital/media/graphics.html To configure an RTSP probe to use the URL rtsp:///media/video.smi, enter: host1/Admin(config-probe-rtsp)# request method describe url rtsp://192.168.10.1/media/video.smi To reset the default RTSP request method (OPTIONS), use the no request method or the request method options command. For example, enter: host1/Admin(config-probe-rtsp)# no request method Related Commands show probe (config-probe-probe_type) hash (config-probe-probe_type) script To specify the script name and the arguments to be passed to a scripted probe, use the script command. Use the no form of this command to remove the script and its arguments from the configuration. script script_name [script_arguments] no script ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-1168 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Syntax Description Command Modes Scripted probe configuration mode Admin and user contexts Command History Usage Guidelines Scripted probes run probes from a configured script to perform health probing. You can also configure arguments that are passed to the script. Before you can associate a script file with a probe, you must copy and load the script on the ACE. For information about TCL scripts and instructions for copying and loading script files on the ACE, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. The ACE allows the configuration of 256 unique script files. The ACE can simultaneously execute only 200 scripted probe instances. When this limit is exceeded, the show probe detail command displays the “Out-of Resource: Max. script-instance limit reached” error message in the Last disconnect err field and the out-of-sockets counter increments. Examples To configure the script name of PROBE-SCRIPT and arguments of double question marks (??), enter: host1/Admin(config-probe-scrptd)# script PROBE-SCRIPT ?? To remove the script and its arguments from the configuration, enter: host1/Admin(config-probe-scrptd)# no script Related Commands show probe show script (config) script file name (config-probe-probe_type) send-data To configure the ASCII data that the probe sends when the ACE connects to the server, use the send-data command. Use the no form of this command to remove the data from the configuration. script_name Name of the script. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. script_arguments (Optional) Data sent to the script. Enter a text string with a maximum of 255 alphanumeric characters including spaces and quotes. Separate each argument by a space. If a single argument contains spaces, enclose the argument string in quotes. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1169 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands send-data expression no send-data Syntax Description Command Modes ECHO, Finger, TCP, and UDP probe configuration modes Admin and user contexts Command History Usage Guidelines If you do not configure the send-data command for a UDP probe, the probe sends one byte, 0x00. When you configure the expect regex command for a TCP probe, you must configure the send-data command for the expect function to work. Otherwise, the TCP probe makes a socket connection and disconnects without checking the data. Examples To configure a TCP probe to send TEST as the data, enter: host1/Admin(config-probe-tcp)# send-data TEST To remove the data, enter: host1/Admin(config-probe-tcp)# no send-data Related Commands show probe (config-probe-probe_type) ssl cipher To configure the probe to expect a specific type of RSA cipher suite from the back-end server, use the ssl cipher command. Use the no form of this command to reset its default of accepting any RSA configured cipher suites. ssl cipher {RSA_ANY | cipher_suite} no ssl cipher expression ASCII data that the probe sends. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1170 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Syntax Description Command Modes HTTPS probe configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the HTTPS probes with the RSA_WITH_RC4_128_SHA cipher suite, enter: host1/Admin(config-probe-https)# ssl cipher RSA_WITH_RC4_128_SHA To reset the default of the HTTPS probes accepting any RSA cipher suite, enter: host1/Admin(config-probe-https)# ssl cipher RSA_ANY To reset the default by using the no ssl cipher command, enter: host1/Admin(config-probe-https)# no ssl cipher Related Commands show probe RSA_ANY Specifies that the probe accepts any of the RSA configured cipher suites. This is the default. cipher_suite RSA cipher suite that the probe expects from the back-end server. Enter one of the following keywords: RSA_EXPORT1024_WITH_DES_CBC_SHA RSA_EXPORT1024_WITH_RC4_56_MD5 RSA_EXPORT1024_WITH_RC4_56_SHA RSA_EXPORT_WITH_DES40_CBC_SHA RSA_EXPORT_WITH_RC4_40_MD5 RSA_WITH_3DES_EDE_CBC_SHA RSA_WITH_AES_128_CBC_SHA RSA_WITH_AES_256_CBC_SHA RSA_WITH_DES_CBC_SHA RSA_WITH_RC4_128_MD5 RSA_WITH_RC4_128_SHA ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1171 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-probe_type) ssl version To configure the version of Secure Sockets Layer (SSL) that the probe supports, use the ssl version command. Use the no form of this command to reset the default to SSL version 3. ssl version {all | SSLv3 | TLSv1} no ssl version Syntax Description Command Modes HTTPS probe configuration mode Admin and user contexts Command History Usage Guidelines The version in the ClientHello message sent to the server indicates the highest supported version. Examples To configure the probe to support all SSL versions, enter: host1/Admin(config-probe-https)# ssl version all To reset the default of SSL version 3, enter: host1/Admin(config-probe-https)# no ssl version Related Commands show probe (config-probe-probe_type) version To configure the version of SNMP that the probe supports, use the version command. Use the no form of this command to reset the version to its default value of SNMP version 1. version {1 | 2c} no version all Configures the probe to support all SSL versions. SSLv3 Configures the probe to support SSL version 3. This is the default. TLSv1 Configures the probe to support TLS version 1. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1172 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands Syntax Description Command Modes SNMP probe configuration mode Admin and user contexts Command History Usage Guidelines The version in the SNMP OID query sent to the server indicates the supported SNMP version. By default, the probe supports SNMP version 1. Examples To configure the probe to use SNMP version 2c, enter: host1/Admin(config-probe-snmp)# version 2c To reset the version of SNMP to the default value, SNMP version 1, enter: host1/Admin(config-probe-snmp)# no version Related Commands show probe 1 Configures the probe to support SNMP version 1. This is the default. 2c Configures the probe to support SNMP version 2c. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1173 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe Configuration Mode Commands (config-probe-sip-udp) rport enable To force the SIP server to send the 200 OK message from the same port as the destination port of the probe request OPTIONS method per RFC 3581 when you configure the ACE for SIP UDP, use the rport enable command. By default, if the SIP server sends the 200 OK message from a port that is different from the destination port of the probe request, the ACE discards the response packet from the server. Use the no form of this command to reset the default behavior. rport enable no rport enable Syntax Description This command has no keywords or arguments. Command Modes SIP UDP probe configuration modes Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To force the SIP server to send the 200 OK message from the destination port of the probe request OPTIONS method, enter: host1/Admin(config-probe-sip-udp)# rport enable To reset the ACE behavior to the default, enter: host1/Admin(config-probe-sip-udp)# no rport enable Related Commands show probe ACE Module Release Modification A2(2.3) This command was introduced. ACE Appliance Release Modification A3(2.5) This command was introduced.2-1174 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe SNMP OID Configuration Mode Commands Probe SNMP OID Configuration Mode Commands Probe SNMP OID configuration mode commands allow you to configure an OID for an SNMP probe. To configure an OID for an SNMP probe and access probe SNMP OID configuration mode, use the oid command in SNMP probe configuration mode. The CLI prompt changes to (config-probe-snmp-oid). For information about the commands in this mode, see the following commands. Use the no form of this command to remove the OID from the SNMP probe configuration. oid string no oid string Syntax Description Command Modes SNMP probe configuration mode Admin and user contexts Command History Usage Guidelines When the ACE sends a probe with an SNMP OID query, the ACE uses the retrieved value as input to the least-loaded algorithm for load-balancing decisions. Least-loaded load balancing bases the server selection on the server with the lowest load value. If the retrieved value is within the configured threshold, the server is marked as passed. If the threshold is exceeded, the server is marked as failed. You can configure a maximum of eight OID queries to probe the server. Examples To configure the OID string .1.3.6.1.4.2021.10.1.3.1 and access probe SNMP OID configuration mode, enter: host1/Admin(config-probe-snmp)# oid .1.3.6.1.4.2021.10.1.3.1 host1/Admin(config-probe-snmp-oid)# To remove the OID string, enter: host1/Admin(config-probe-snmp)# no oid .1.3.6.1.4.2021.10.1.3.1 string OID that the probe uses to query the server for a value. Enter an unquoted string with a maximum of 255 alphanumeric characters in dotted-decimal notation. The OID string is based on the server type. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1175 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe SNMP OID Configuration Mode Commands Related Commands show probe (config-probe-snmp-oid) threshold (config-probe-snmp-oid) type absolute max (config-probe-snmp-oid) weight2-1176 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe SNMP OID Configuration Mode Commands (config-probe-snmp-oid) threshold To specify the threshold value for an OID, use the threshold command. Use the no form of this command to remove the threshold value. threshold integer no threshold integer Syntax Description Command Modes Probe SNMP OID configuration mode Admin and user contexts Command History Usage Guidelines You can configure a threshold for an OID value so that when the threshold is exceeded, the server is taken out of service. When the ACE sends a probe with an SNMP OID query, the ACE uses the retrieved value as input to the least-loaded algorithm for load-balancing decisions. Least-loaded load balancing bases the server selection on the server with the lowest load value. If the retrieved value is within the configured threshold, the server is marked as passed. If the threshold is exceeded, the server is marked as failed. By default, the OID value is based on a percentile. If you use the type absolute maximum command to base the OID on an absolute value, the threshold range is from 1 to the maximum value specified with the type absolute maximum command. Examples To configure a threshold of 90 for the OID, enter: host1/Admin(config-probe-snmp-oid)# threshold 90 To remove the threshold from the OID, enter: host1/Admin(config-probe-snmp-oid)# no threshold integer Threshold value to take the server out of service. When the OID value is based on a percentile, enter an integer from 0 to 100, with a default value of 100. When the OID is based on an absolute value, the threshold range is from 1 to the maximum value specified using the type absolute max command. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1177 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe SNMP OID Configuration Mode Commands Related Commands show probe (config-probe-probe_type) oid (config-probe-snmp-oid) type absolute max (config-probe-snmp-oid) weight2-1178 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe SNMP OID Configuration Mode Commands (config-probe-snmp-oid) type absolute max To specify that the retrieved OID value is an absolute value, use the type absolute max command. Use the no form of this command to remove the absolute value. type absolute max integer no type Syntax Description Command Modes Probe SNMP OID configuration mode Admin and user contexts Command History Usage Guidelines When the ACE sends a probe with an SNMP OID query, the ACE uses the retrieved value as input to the least-loaded algorithm for load-balancing decisions. By default, the ACE assumes that the retrieved OID value is a percentile value. Least-loaded load balancing bases the server selection on the server with the lowest load value. If the retrieved value is within the configured threshold, the server is marked as passed. If the threshold is exceeded, the server is marked as failed. When you configure the type absolute max command, we recommend that you also configure the value for the threshold command because the default threshold value is 100 and is not automatically adjusted with respect to the type absolute max value. The no type command resets the values of both the type absolute max command and the threshold command to a value of 100. Examples To specify that the retrieved maximum OID value is 597, enter: host1/Admin(config-probe-snmp-oid)# type absolute max 597 To remove the OID value and reset the expected OID to a percentile, enter: host1/Admin(config-probe-snmp-oid)# no type integer Expected OID value. Enter an integer from 1 through 4294967295. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1179 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe SNMP OID Configuration Mode Commands Related Commands show probe (config-probe-probe_type) oid (config-probe-snmp-oid) threshold (config-probe-snmp-oid) weight2-1180 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe SNMP OID Configuration Mode Commands (config-probe-snmp-oid) weight To configure the weight to be assigned to this OID for the SNMP probe, use the weight command. Use the no form of this command to remove the weight. weight number no weight Syntax Description Command Modes Probe SNMP OID configuration mode Admin and user contexts Command History Usage Guidelines If you configure more than one OID and they are used in a load-balancing decision, you must configure a weight value. When the ACE sends a probe with an SNMP OID query, the ACE uses the retrieved value as input to the least-loaded algorithm for load-balancing decisions. Least-loaded load balancing bases the server selection on the server with the lowest load value. If the retrieved value is within the configured threshold, the server is marked as passed. If the threshold is exceeded, the server is marked as failed. Examples To configure a weight of 90 for the OID, enter: host1/Admin(config-probe-snmp-oid)# weight 90 To remove the threshold from the OID, enter: host1/Admin(config-probe-snmp-oid)# no weight Related Commands show probe (config-probe-probe_type) oid (config-probe-snmp-oid) threshold (config-probe-snmp-oid) type absolute max number Weight value assigned to this OID for the SNMP probe. Enter an integer from 0 to 16000. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1181 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe VM Configuration Mode Commands Probe VM Configuration Mode Commands Probe VM configuration mode commands allow you to configure a VM probe that the ACE uses to poll the local VM controller for the load of the local virtual machines (VMs) in a dynamic workload scaling (DWS) configuration. To configure a VM probe and access probe VM configuration mode, use the probe vm command in configuration mode. The CLI prompt changes to (config-probe-vm). For information about the commands in this mode, see the commands in this section. Use the no form of this command to remove the VM probe from the ACE configuration. probe vm probe_name no probe vm probe_name Syntax Description Command Modes VM probe configuration mode Admin and user contexts Command History Usage Guidelines All commands in this mode require the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When the ACE sends a VM probe to a VM controller to retrieve the load of the local VMs, the ACE uses the retrieved load value to make a decision about bursting traffic to the remote data center. If the retrieved load equals or exceeds the configured load threshold, the ACE bursts traffic to the remote data center while it continues to load balance traffic to the local data center. When the VM load drops below the configured threshold for CPU and memory usage, the ACE load balances traffic only to the local data center. The VM probe is not supported with IPv6. Examples To configure a VM probe, enter the following command: host1/Admin(config)# probe vm VM_PROBE host1/Admin(config-probe-vm)# To remove the VM probe and all its attributes from the ACE configuration, enter the following command: host1/Admin(config)# no probe vm probe_name Unique identifier of the probe that the ACE uses to poll the vCenter for the load of the local VMs. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-1182 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe VM Configuration Mode Commands Related Commands show probe (config-probe-vm) interval (config-probe-vm) vm-controller (config-probe-vm) load (config-probe-vm) interval To specify the frequency with which the ACE sends probes to the VM controller, use the interval command. Use the no form of this command to remove the threshold value. interval value no interval value Syntax Description Command Modes Probe VM configuration mode Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure the ACE to send a probe to the VM controller every 420 seconds (7 minutes), enter the following command: host1/Admin(config-probe-vm)# interval 420 To reset VM probe interval to the default value of 300 seconds (5 minutes), enter the following command: host1/Admin(config-probe-vm)# no interval Related Commands show probe (config-probe-vm) vm-controller (config-probe-vm) load value Specifies the elapsed time between probes. Enter the time interval in seconds as an integer from 300 to 65535. The default is 300 seconds (5 minutes). ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-1183 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe VM Configuration Mode Commands (config-probe-vm) load To specify the interesting load of the local VMs, use the load command. You can specify CPU usage, memory usage, or both. Use the no form of this command to remove the load from the configuration. load {cpu | mem} burst-threshold {max value min value} no load {cpu | mem} burst-threshold {max value min value} Syntax Description Command Modes Probe VM configuration mode Admin and user contexts Command History load {cpu | mem} Specifies the type of load information that the VM controller sends back to the ACE in response to the VM probe. You can specify that the probe poll the VM controller for load information based on CPU usage, memory usage, or both. The default behavior is for the probe to check either the CPU usage or the memory usage against the maximum threshold value. Whichever load type reaches its maximum threshold value first causes the ACE to burst traffic to the remote data center. The VM controller returns the load information of each VM in the local data center to the probe. The ACE ignores any physical servers in the server farm. burst-threshold {max value min value} Specifies the threshold values that determine when the ACE starts and stops bursting traffic through the local DCI device over the DCI link to the remote data center. Enter a maximum and a minimum threshold value as a load percentage from 1 to 99. The default value is 99 percent for both the max and the min keywords. A maximum burst threshold value of 1 percent instructs the ACE to always burst traffic to the remote data center. A maximum burst threshold value of 99 percent instructs the ACE to always load balance traffic to the local VMs unless the load value is equal to 100 percent or the VMs are not in the OPERATIONAL state. If the average load value returned by the VM controller is greater than or equal to the maximum threshold value, the ACE starts bursting traffic to the remote data center. When the load value returned by the VM controller is less than the minimum threshold value, the ACE stops bursting traffic to the remote data center and load balances traffic to the local VMs. Any active connections to the remote data center are allowed to complete. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-1184 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe VM Configuration Mode Commands Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To instruct the ACE to start bursting traffic to the remote datacenter when the local average VM load exceeds 80 percent CPU usage and to stop bursting traffic when the local average CPU usage drops below 50 percent, enter the following command: host1/Admin(config-probe-vm)# load cpu burst-threshold max 80 min 50 You can configure an additional load command under the same VM probe to create an OR statement between the CPU usage and the memory usage of the local VMs. Whichever load type reaches its maximum threshold first will cause the ACE to burst traffic to the remote data center. For example, enter the following commands: host1/Admin(config-probe-vm)# load cpu burst-threshold max 80 min 50 host1/Admin(config-probe-vm)# load mem burst-threshold max 70 min 40 In this case, if the average CPU usage reaches 80 percent or the average memory usage reaches 70 percent, the ACE bursts traffic to the remote data center. The ACE does not stop bursting traffic to the remote data center until both the CPU load and the memory load drop below their respective minimum configured values. To reset the VM probe behavior to the default of checking the average VM CPU usage and memory usage against the maximum and minimum threshold values of 99 percent each, enter the following command: host1/Admin(config-probe-vm)# no load cpu burst-threshold max 80 min 50 host1/Admin(config-probe-vm)# no load mem burst-threshold max 70 min 40 Related Commands show probe (config-probe-vm) interval (config-probe-vm) vm-controller2-1185 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Probe VM Configuration Mode Commands (config-probe-vm) vm-controller To identify the VM controller for the probe, use the vm-controller command . Use the no form of this command to remove the VM controller name from the VM probe configuration. vm-controller name no vm-controller name Syntax Description Command Modes Probe VM configuration mode Admin and user contexts Command History Usage Guidelines This command requires the probe feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure the VM controller called VCENTER_1, enter the following command: host1/Admin(config-probe-vm)# vm-controller VCENTER_1 To remove the VM controller name from the VM probe configuration, enter the following command: host1/Admin(config-probe-vm)# no vm-controller VCENTER_1 Related Commands show probe (config-probe-vm) interval (config-probe-vm) load name Identifier of the existing VM controller that you previously configured. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-1186 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands RADIUS Configuration Mode Commands RADIUS Configuration Mode Commands RADIUS configuration mode commands allow you to configure multiple Remote Access Dial-In User Service (RADIUS) servers as a named AAA server group. You specify the IP address of one or more previously configured RADIUS servers that you want added to or removed from a AAA server group, along with a dead-time interval for the RADIUS server group. For details about creating a RADIUS server group, see the Security Guide, Cisco ACE Application Control Engine. To create a RADIUS server group and access RADIUS server configuration mode, enter the aaa group server radius command. The CLI prompt changes to (config-radius). Use the no form of this command to remove a RADIUS server group. aaa group server radius group_name no aaa group server radius group_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A server group is a list of server hosts. The ACE allows you to configure multiple AAA servers as a named server group. You group the different AAA server hosts into distinct lists. The ACE searches for the server hosts in the order in which you specify them within a group. You can configure a maximum of 10 server groups for each context in the ACE. You can configure server groups at any time, but you must enter the aaa authentication login or the aaa accounting default command to apply them to the AAA service. Examples To create a RADIUS server group, enter: host1/Admin(config) aaa group server radius RADIUS_Server_Group1 host1/Admin(config-radius)# server 172.16.56.76 host1/Admin(config-radius)# server 172.16.56.79 host1/Admin(config-radius)# server 172.16.56.82 group_name Group of RADIUS servers. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1187 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands RADIUS Configuration Mode Commands Related Commands (config) aaa accounting default (config) aaa authentication login2-1188 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands RADIUS Configuration Mode Commands (config-radius) deadtime To specify a dead-time interval for the Remote Authentication Dial-In User Service (RADIUS) server group, use the deadtime command. Use the no form of this command to reset the RADIUS server group dead-time request to its default of 0. deadtime minutes no deadtime minutes Syntax Description Command Modes RADIUS configuration mode Admin and user contexts Command History Usage Guidelines Use of the deadtime command causes the ACE to mark as dead any RADIUS servers that fail to respond to authentication requests. Entering this command prevents the wait for the request to time out before trying the next configured server. The ACE skips a RADIUS server that is marked as dead by additional requests for the duration of minutes. During the dead-time interval, the ACE sends probe access-request packets to verify that the RADIUS server is available and can receive authentication requests. The dead-time interval starts when the server does not respond to an authentication request transmission. When the server responds to a probe access-request packet, the ACE retransmits the authentication request to the server. Examples To globally configure a 15-minute dead-time interval for RADIUS servers that fail to respond to authentication requests, enter: host1/Admin(config) aaa group server radius RADIUS_Server_Group1 host1/Admin(config-radius)# deadtime 15 To reset the RADIUS server dead-time request to the default of 0, enter: host1/Admin(config-radius)# no deadtime 15 Related Commands (config) aaa group server minutes Length of time that the ACE skips a nonresponsive RADIUS server for transaction requests. Valid entries are from 0 to 1440 (24 hours). The default is 0. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1189 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands RADIUS Configuration Mode Commands (config-radius) server To specify the IP address of one or more previously configured Remote Authentication Dial-In User Service (RADIUS) servers that you want added to or removed from a server group, use the server command. Use the no form of this command to remove the RADIUS server from the AAA server group. server ip_address no server ip_address Syntax Description Command Modes RADIUS configuration mode Admin and user contexts Command History Usage Guidelines You can add multiple RADIUS servers to the AAA server group by entering multiple server commands in this mode. The same server can belong to multiple server groups. Examples To add servers to a RADIUS server group, enter: host1/Admin(config-radius)# server 172.16.56.76 host1/Admin(config-radius)# server 172.16.56.79 host1/Admin(config-radius)# server 172.16.56.82 To remove a server from a RADIUS server group, enter: host1/Admin(config) aaa group server radius RADIUS_Server_Group1 host1/Admin(config-radius)# no server 172.16.56.76 Related Commands (config) aaa group server ip_address IP address of the RADIUS server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1190 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands Real Server Host Configuration Mode Commands Real server host configuration mode commands allow you to create and configure host real servers that are used in server load balancing (SLB). The parameters that you configure determine how the ACE interacts with the servers used for web content and services. For details about SLB, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. To create a host real server and access real server host configuration mode, use the rserver host command in configuration mode. The CLI prompt changes to (config-rserver-host). For information about commands available in this mode, see the following commands. Use the no form of this command to remove an existing real server from the configuration. rserver [host] name no rserver name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the rserver feature in your user role unless otherwise specified. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. All servers in a server farm should be of the same type: host or redirect. Examples To create a host server named SERVER1, enter: host1/Admin(config)# rserver SERVER1 host1/Admin(config-rserver-host)# To delete the host server named SERVER1, enter: host1/Admin(config)# no rserver SERVER1 name Unique identifier of the real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. host (Optional) Specifies that the real server is a typical server that provides web services and content. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1191 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands Related Commands (config-sfarm-host) rserver (config-rserver-host) conn-limit To configure the maximum and minimum number of connections that you want to allow for a host real server, use the conn-limit command. Use the no form of this command to reset the maximum number of connections and the minimum connection threshold for a real server to the default of 4000000. conn-limit max max-conns min min-conns no conn-limit max Syntax Description Command Modes Real server host configuration mode Admin and user contexts Command History Usage Guidelines Use this command to specify the maximum number of connections and the minimum connection threshold for a real server. The minconns value must be less than or equal to the maxconns value. When the number of connections to a real server reaches the maxconns value, the ACE stops sending connections to that server and assigns it a state of OUTOFSERVICE. The ACE uses the minconns value as a threshold for load balancing to start accepting connections again after the maxconns limit is reached. max maxconns Specifies the maximum number of connections allowed for this real server. • For the ACE module, enter an integer from 2 to 4000000. • For the ACE appliance, enter an integer from 1 to 4000000. The default is 4000000. min minconns Specifies the connection threshold below which the real server will start accepting connections again after the number of connections exceeds the configured maximum number of connections. • For the ACE module, enter an integer from 2 to 4000000. • For the ACE appliance, enter an integer from 1 to 4000000. The default is minconns equal to maxconns. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1192 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands Examples To configure the maximum number of connections and the minimum connection threshold for a real server, enter: host1/Admin(config-rserver-host)# conn-limit max 65535 min 40000 To reset the maximum number of connections and the minimum connection threshold for a real server to the default of 4000000, enter: host1/Admin(config-rserver-host)# no conn-limit Related Commands (config-rserver-host) rate-limit2-1193 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands (config-rserver-host) description To configure a description for a real server, use the description command. Use the no form of this command to remove the real server description from the configuration. description text no description Syntax Description Command Modes Real server host configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure a description for a real server, enter: host1/Admin(config-rserver-host)# description database application server To delete a description for a real server, enter: host1/Admin(config-rserver-host)# no description Related Commands This command has no related commands. text User-defined description of the real server and related information. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1194 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands (config-rserver-host) fail-on-all To configure a real server to remain in the OPERATIONAL state unless all probes associated with it fail (AND logic), use the fail-on-all command in real server host configuration mode. This command is applicable to all probe types. The syntax of this command is: fail-on-all no fail-on-all Syntax Description This command has no keywords or arguments. Command Modes Real server host configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure the SERVER1 real server to remain in the OPERATIONAL state unless all associated probes fail, enter the following commands: host1/Admin(config)# rserver SERVER1 host1/Admin(config-rserver-host)# ip address 2001:DB8:1::1 or host1/Admin(config-rserver-host)# ip address 192.168.12.15 host1/Admin(config-rserver-host)# probe HTTP_PROBE host1/Admin(config-rserver-host)# probe ICMP_PROBE host1/Admin(config-rserver-host)# fail-on-all To remove the AND probe logic from the real server and return the behavior to the default of OR logic, enter the following command: host1/Admin(config-rserver-host)# no fail-on-all Related Commands This command has no related commands. ACE Module Release Modification A2(1.0) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A3(1.0) This command was introduced. A5(1.0) Added IPv6 support.2-1195 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands (config-rserver-host) inservice To place a real server in service, use the inservice command in real server host configuration mode. Use the no form of this command to gracefully shut down a real server. inservice no inservice Syntax Description This command has no keywords or arguments. Command Modes Real server host configuration mode Admin and user contexts Command History Usage Guidelines This command requires the real-inservice feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the no form of this command to shut down a real server gracefully for maintenance or software upgrades. When you enter this command, the ACE tears down all non-TCP connections. For TCP connections, the ACE allows existing connections to end before taking the server out of service. No new connections are allowed. To place the real server back in service, use the inservice command. The ACE resets all SSL connections to a particular real server when you enter the no inservice command for that server. Examples To place a real server in service, enter: host1/Admin(config-rserver-host)# inservice To take a real server out of service, enter: host1/Admin(config-rserver-host)# no inservice Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1196 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands (config-rserver-host) ip address To configure an IPv6 or an IPv4 address for a real server, use the ip address command in real server host configuration mode. Use the no form of this command to remove the real server IP address from the configuration. ip address ip-address no ip address Syntax Description Command Modes Real server host configuration mode Admin and user contexts Command History Usage Guidelines Use this command to provide a unique IP address for a real server. The address that you choose must not be a VIP of an existing virtual server. Caution Do not configure under a real server a peer IPv6 address that is calculated from EUI64. In a redundant configuration, if you configure a peer IPv6 address as EUI64 on an interface, the address will not be learned by the active member of an FT group because the address is calculated only on the peer. If you then configure the same calculated IPv6 address on the active under a real server, the CLI accepts it because it does not calculate it. This IPv6 address is not synced to the standby because it conflicts with the interface address. If you subsequently apply a probe to the real server, the state of the real server is PROBE-FAILED on the active and OUTOFSERVICE on the the standby. This same check applies to VIPs, routes, interfaces, and probes. Examples IPv6 Example To configure the IPv6 address of a real server, enter: host1/Admin(config-rserver-host)# ip address 2001:DB8:1::1 To delete the real server IPv6 address from the configuration, enter: host1/Admin(config-rserver-host)# no ip address 2001:DB8:1::1 IPv4 Example To configure the IPv4 address of a real server, enter: ip-address IP address for the real server of type host. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1197 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands host1/Admin(config-rserver-host)# ip address 192.168.12.6 To delete the real server IPv4 address from the configuration, enter: host1/Admin(config-rserver-host)# no ip address 192.168.12.6 Related Commands This command has no related commands.2-1198 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands (config-rserver-host) probe To configure a probe to monitor the health of a real server, use the probe command. Use the no form of this command to remove the probe from the real server. probe probe-name no probe probe-name Syntax Description Command Modes Real server host configuration mode Admin and user contexts Command History Usage Guidelines You can associate multiple probes with each real server. Examples To configure a probe for a real server of type host, enter: host1/Admin(config-rserver-host)# probe SERVER1_PROBE To remove a probe from a real server of type host, enter: host1/Admin(config-rserver-host)# no probe SERVER1_PROBE Related Commands This command has no related commands. probe-name Identifier of an existing probe that you want to assign to a real server to monitor its health. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1199 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands (config-rserver-host) rate-limit To configure a limit for the connection rate and the bandwidth rate of a real server, use the rate-limit command. The connection rate is the number of connections per second received by the ACE and applies only to the new connections destined to a real server. The bandwidth rate is the number of bytes per second and applies to the network traffic exchanged between the ACE and the real server in both directions. Use the no form of this command to revert to the ACE default of not limiting the connection rate or bandwidth rate of real servers. rate-limit {connection number1 | bandwidth number2} no rate-limit {connection | bandwidth} Syntax Description Command Modes Real server host configuration mode Admin and user contexts Command History Usage Guidelines For a real server that is associated with more than one server farm, the ACE uses the aggregated connection rate or bandwidth rate to determine whether the real server has exceeded its rate limits. If the connection rate or the bandwidth rate of incoming traffic destined for a particular server exceeds the configured rate of the server, the ACE blocks any further traffic destined to that real server until the connection rate or bandwidth rate drops below the configured limit. Also, the ACE removes the blocked real server from future load-balancing decisions. You can also limit the connection rate and the bandwidth rate at the virtual server level in a connection parameter map. For details, see the Security Guide, Cisco ACE Application Control Engine. connection number1 Specifies the real server connection-rate limit in connections per second. • For the ACE module, enter an integer from 2 to 350000. • For the ACE appliance, enter an integer from 1 to 350000. There is no default value. bandwidth number2 Specifies the real server bandwidth-rate limit in bytes per second. • For the ACE module, enter an integer from 4 to 300000000. • For the ACE appliance, enter an integer from 1 to 300000000. There is no default value. ACE Module Release Modification A2(1.0) This command was introduced. A4(1.0) The lowest real server bandwidth-rate limit was changed from 2 to 4. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1200 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands Examples To limit the connection rate of a real server to 100,000 connections per second, enter: host1/Admin(config-rserver-host)# rate-limit connection 100000 To revert to the ACE default of not limiting the real-server connection rate, enter: host1/Admin(config-rserver-host)# no rate-limit connection To limit the real-server bandwidth rate to 5,000,000 bytes per second, enter: host1/Admin(config-rserver-host)# rate-limit bandwidth 5000000 To revert to the ACE default of not limiting real-server bandwidth, enter: host1/Admin(config-rserver-host)# no rate-limit bandwidth Related Commands (config-rserver-host) conn-limit2-1201 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Host Configuration Mode Commands (config-rserver-host) weight To configure the capacity of a real server in relation to other servers in a server farm, use the weight command. The weight value that you specify for a server is used in the weighted round-robin and least-connections predictor load-balancing methods. Use the no form of this command to reset the real server weight to the default. weight number no weight Syntax Description Command Modes Real server host configuration mode. Admin and user contexts Command History Usage Guidelines Servers with a higher configured weight value have a higher priority with respect to connections than servers with a lower weight. For example, a server with a weight of 5 would receive five connections for every one connection received by a server with a weight of 1. To specify different weight values for a real server in a server farm, you can assign multiple IP addresses to the server. You can also use the same IP address of a real server with different port numbers. Server weights take effect only when there are open connections to the servers. When there are no sustained connections to any of the servers, the leastconns predictor method behaves like the roundrobin method. Examples To configure a weight value for a real server, enter: host1/Admin(config-rserver-host)# weight 50 To reset the weight of a real server to the default of 8, enter: host1/Admin(config-rserver-host)# no weight Related Commands This command has no related commands. number Weight value assigned to a real server in a server farm. This value is used in the weighted round-robin and least-connections predictor load-balancing algorithms. Enter an integer from 0 to 100. The default is 8. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1202 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands Real Server Redirect Configuration Mode Commands Real server redirect configuration mode commands allow you to configure parameters for redirection real servers used in server load balancing (SLB). A redirection real server is used only for redirecting network traffic to another server as indicated in the Webhost redirection string. See the (config-rserver-redir) webhost-redirection command. The parameters that you configure determine how the ACE interacts with the servers used for redirection. Redirection servers are useful for content that has physically moved to another location, either temporarily or permanently. For details about SLB and redirection, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. To create a redirect real server and access real server configuration mode, use the rserver redirect command in configuration mode. The CLI prompt changes to (config-rserver-redir). For information about commands available in this mode, see the commands that follow this section. Use the no form of this command to remove an existing real server from the configuration. rserver redirect name no rserver redirect name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines All commands in this mode require the Real feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. All servers in a server farm should be of the same type: host or redirect. Examples To create a redirect server named SERVER1, enter: host1/Admin(config)# rserver redirect SERVER1 To delete the redirect server named SERVER1, enter: host1/Admin(config)# no rserver redirect SERVER1 name Unique identifier of the real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1203 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands Related Commands (config-rserver-redir) webhost-redirection2-1204 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands (config-rserver-redir) conn-limit To configure the maximum and minimum number of connections that you want to allow for a real server, use the conn-limit command. Use the no form of this command to reset the maximum number of connections and the minimum connection threshold for a real server to the default of 4000000. conn-limit max max-conns min min-conns no conn-limit max Syntax Description Command Modes Real server redirect configuration mode Admin and user contexts Command History Usage Guidelines Use this command to specify the maximum number of connections and the minimum connection threshold for a real server. The minconns value must be less than or equal to the maxconns value. When the number of connections to a real server reaches the maxconns value, the ACE stops sending connections to that server and assigns it a state of OUTOFSERVICE. The ACE uses the minconns value as a threshold for load balancing to start accepting connections again after the maxconns limit is reached. Examples To configure the maximum number of connections and the minimum connection threshold for a real server, enter: host1/Admin(config-rserver-redir)# conn-limit maxconns 65535 minconns 40000 max max-conns Specifies the maximum number of connections allowed for this real server. • For the ACE module, enter an integer from 2 to 4000000. • For the ACE appliance, enter an integer from 1 to 4000000. The default is 4000000. min min-conns Specifies the connection threshold below which the real server will start accepting connections again after the number of connections exceeds the configured maximum number of connections. • For the ACE module, enter an integer from 2 to 4000000. • For the ACE appliance, enter an integer from 1 to 4000000. The default is minconns equal to maxconns. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1205 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands To reset the maximum number of connections and the minimum connection threshold for a real server of type redirect to the default of 4000000, enter: host1/Admin(config-rserver-redir)# no conn-limit Related Commands This command has no related commands.2-1206 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands (config-rserver-redir) description To configure a description for a real server, use the description command. Use the no form of this command to remove the real server description from the configuration. description text no description Syntax Description Command Modes Real server redirect configuration mode Admin and user contexts Command History Usage Guidelines Use this command to provide a unique description for the real server with a maximum of 240 characters. Examples To configure a real server description, enter: host1/Admin(config-rserver-redir)# description database application server To delete a real server description, enter: host1/Admin(config-rserver-redir)# no description Related Commands This command has no related commands. text User-defined description of the real server and related information. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1207 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands (config-rserver-redir) inservice To place a real server in service, use the inservice command. Use the no form of this command to remove the real server from service. inservice no inservice Syntax Description This command has no keywords or arguments. Command Modes Real server redirect configuration mode Admin and user contexts Command History Usage Guidelines This command requires the real-inservice feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Use the no form of this command to shut down a real server gracefully for maintenance or software upgrades. When you enter this command, the ACE tears down all non-TCP connections. For TCP connections, the ACE allows existing connections to end before taking the server out of service. No new connections are allowed. To place the real server back in service, use the inservice command. Examples To place a real server in service, enter: host1/Admin(config-rserver-redir)# inservice To take a real server out of service, enter: host1/Admin(config-rserver-redir)# no inservice Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1208 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands (config-rserver-redir) probe To configure a probe to monitor the health of a real server, use the probe command. Use the no form of this command to remove the probe from the real server. probe probe-name no probe probe-name Syntax Description Command Modes Real server redirect configuration mode Admin and user contexts Command History Usage Guidelines You can associate multiple probes with each real server. You can only configure probes with an IP address in routed mode under a redirect server. You cannot associate a scripted probe with a redirect server. Examples To configure a probe for a real server, enter: host1/Admin(config-rserver-redir)# probe SERVER1_PROBE To remove a probe from a real server, enter: host1/Admin(config-rserver-redir)# no probe SERVER1_PROBE Related Commands (config-probe-probe_type) ip address probe-name Identifier of an existing probe that you want to assign to a real server to monitor its health. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(3.2). Not applicable for A4(1.0). This command was introduced. ACE Appliance Release Modification A3(2.7). Not applicable for A4(1.0). This command was introduced.2-1209 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands (config-rserver-redir) rate-limit To configure a limit for the connection rate and the bandwidth rate of a real server, use the rate-limit command. The connection rate is the number of connections per second received by the ACE and applies only to the new connections destined to a real server. The bandwidth rate is the number of bytes per second and applies to the network traffic exchanged between the ACE and the real server in both directions. Use the no form of this command to revert to the ACE default of not limiting the connection rate or bandwidth rate of real servers. rate-limit {connection number1 | bandwidth number2} no rate-limit {connection | bandwidth} Syntax Description Command Modes Real server redirect configuration mode Admin and user contexts Command History Usage Guidelines For a real server that is associated with more than one server farm, the ACE uses the aggregated connection rate or bandwidth rate to determine whether the real server has exceeded its rate limits. If the connection rate or the bandwidth rate of incoming traffic destined for a particular server exceeds the configured rate of the server, the ACE blocks any further traffic destined to that real server until the connection rate or bandwidth rate drops below the configured limit. Also, the ACE removes the blocked real server from future load-balancing decisions. You can also limit the connection rate and the bandwidth rate at the virtual server level in a connection parameter map. For details, see the Security Guide, Cisco ACE Application Control Engine. Examples To limit the connection rate of a real server to 100,000 connections per second, enter: host1/Admin(config-rserver-redir)# rate-limit connection 100000 To revert to the ACE default of not limiting the real-server connection rate, enter: host1/Admin(config-rserver-redir)# no rate-limit connection connection number1 Specifies the real server connection-rate limit in connections per second. Enter an integer from 2 to 350000. There is no default value. bandwidth number2 Specifies the real server bandwidth-rate limit in bytes per second. Enter an integer from 2 to 300000000. There is no default value. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1210 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands To limit the real-server bandwidth rate to 5,000,000 bytes per second, enter: host1/Admin(config-rserver-redir)# rate-limit bandwidth 5000000 To revert to the ACE default of not limiting real-server bandwidth, enter: host1/Admin(config-rserver-redir)# no rate-limit bandwidth Related Commands (config-rserver-redir) conn-limit (config-rserver-redir) webhost-redirection To configure the relocation URL string used for redirection, use the webhost-redirection command. You can configure a port number to redirect a request in the relocation string. Use the no form of this command to remove the real server redirection URL string from the configuration. webhost-redirection relocation_string [301 | 302] no webhost-redirection Syntax Description Command Modes Real server redirect configuration mode Admin and user contexts relocation_string URL string used to redirect requests to another server. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. The redirection string supports the following special characters: • %h—Inserts the hostname from the request Host header • %p—Inserts the URL path string from the request Note To insert a question mark (?) in the relocation string, press Ctrl-v before you type the question mark. [301 | 302] (Optional) Specifies the redirection status code returned to a client. The codes indicate the following: • 301—The requested resource has been moved permanently. For future references to this resource, the client should use one of the returned URIs. • 302—(Default) The requested resource has been found but has been moved temporarily to another location. For future references to this resource, the client should continue to use the request URI because the resource may be moved to other locations from time to time. For more information about redirection status codes, see RFC 2616.2-1211 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Real Server Redirect Configuration Mode Commands Command History Usage Guidelines Enter this command only on a real server that you have configured as a redirection server. Examples To configure a redirection string on a real server, enter: host1/Admin(config-rserver-redir)# webhost-redirection www.acme.com/common/images/*.jpg 301 To remove the redirection string from a real server, enter: host1/Admin(config-rserver-redir)# no webhost-redirection Related Commands This command has no related commands. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1212 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Resource Configuration Mode Commands Resource Configuration Mode Commands Resource configuration mode commands allow you to limit the usage of resources by one or more contexts. To create a resource class and access resource configuration mode, enter the resource-class command. The CLI prompt changes to (config-resource). For information about the commands in resource configuration mode, see the commands in this section. Use the no form of this command to delete a resource class. resource-class name no resource-class name Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines The commands in this mode require the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. After you create and configure the class, use the (config-context) member command in context configuration mode to assign a context to the class. Examples To create a resource-class called RC1 and enter resource configuration mode, enter: host1/C1(config)# resource-class RC1 host1/C1(config-resource) To remove the RC1 resource class from the configuration, enter: host1/C1(config)# no resource-class RC1 Related Commands (config-context) member name Name assigned to the new resource class. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. You can also use the resource class called default. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1213 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Resource Configuration Mode Commands (config-resource) limit-resource To limit system resources for all members of a resource class, use the limit-resource command. Use the no form of this command to restore the default resource settings for all resources or individual resources for all members (contexts) of a resource class. limit-resource {acl-memory | all | buffer syslog | conc-connections | http-comp | mgmt-connections | proxy-connections | rate {bandwidth | connections | inspect-conn | mac-miss | mgmt-traffic | ssl-connections | syslog} | regexp | sticky | xlates} {minimum number} {maximum {equal-to-min | unlimited}} no limit-resource {acl-memory | all | buffer {syslog} | conc-connections | http-comp | mgmt-connections | proxy-connections | rate {bandwidth | connections | inspect-conn | mac-miss | mgmt-traffic | ssl-connections | syslog | to-cp-ipcp} | regexp | sticky | xlates} Syntax Description acl-memory Limits memory allocated for ACLs. all Limits all resources to the specified value for all contexts assigned to this resource class. buffer syslog Limits the amount of buffering for syslog messages. conc-connections Limits the number of simultaneous connections. http-comp Limits the HTTP compression rate. mgmt-connections Limits the number of management connections. proxy-connections Limits the number of proxy connections. rate Limits the resource as a number per second for the following: • bandwidth—Limits context throughput in bytes per second. • connections—Limits the number of connections of any kind per second. • inspect conn—Limits the number of application protocol inspection connections per second for Domain Name System (DNS), File Transfer Protocol (FTP), HTTP Deep Packet, Internet Control Message Protocol (ICMP), Internet Locator Service (ILS), Real-Time Streaming Protocol (RTSP)Skinny Client Control Protocol (SCCP), and Session Initiation Protocol (SIP). • mac-miss—Limits the ACE traffic sent to the control plane when the encapsulation is not correct in packets per second. • mgmt-traffic—Limits the management traffic in bytes per second. • ssl-connections—Limits the number of SSL connections per second. • syslog—Limits the number of syslog messages per second. • to-cp-ipcp—(ACE module only) Limits the IPCP traffic from the DP to the CP in packets per second. This keyword prevents the overwhelming of the CP under high syslog rate conditions (for example, level 7 messages). regexp Limits the amount of regular expression memory.2-1214 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Resource Configuration Mode Commands Command Modes Resource configuration mode Admin context only Command History Usage Guidelines You can limit all resources or individual resources for all members (contexts) of a resource class. For example, you can limit only concurrent connections, probes, or sticky table entries. For details about the system resource maximum values when you use the limit-resource command, see the Virtualization Guide, Cisco ACE Application Control Engine If you lower the limits for one context (context A) to increase the limits of another context (context B), you may experience a delay in the configuration change because the ACE will not lower the limits of context A until the resources are no longer being used by the context. The limit that you set for individual resources when you use the limit-resource command overrides the limit that you set for all resources when you use the limit-resource all command. When you enter the no limit-resource all command, all ACE contexts associated with the resource class are left without resources that are not separately configured with a minimum limit in the resource class. The CLI displays the following message: Warning: The context(s) associated with this resource-class will be denied of all the resources that are not explicitly configured with minimum limit in this resource-class sticky Limits the number of entries in the sticky table. You must configure a minimum value for sticky to allocate resources for sticky entries, because the sticky software receives no resources under the unlimited setting. xlates Limits the number of network and port address translations entries. minimum number Specifies the lowest acceptable value. Enter an integer from 0.00 to 100.00 percent (two-decimal places of granularity). The number argument specifies a percentage value for all contexts that are members of the class. When used with the rate keyword, the number argument specifies a value per second. maximum {equal-to-min | unlimited} Specifies the maximum resource value: either the same as the minimum value or no limit. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) This command was modified to add the http-comp keyword for compression. Also, added the rate to-cp-ipcp keyword. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) Added the rate to-cp-ipcp keyword.2-1215 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Resource Configuration Mode Commands Examples To allocate 20 percent of all resources (minimum and maximum) to all member contexts of the resource class, enter: (config-resource)# limit-resource all minimum 20% maximum equal-to-min To restore resource allocation to the default of 0 percent minimum and 100 percent maximum for all resources to all member contexts, enter: (config-resource)# no limit-resource all Related Commands This command has no related commands.2-1216 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Role Configuration Mode Commands Role Configuration Mode Commands Role configuration mode commands allow you to define various rules for users who are assigned a role and optionally, to describe a role definition. Roles determine the privileges that a user has, the commands a user can enter, and the actions that a user can perform in a particular context. To assign a role and access role configuration mode, enter the role command in configuration mode. The CLI prompt changes to (config-role). For information about the commands in role configuration mode, see the commands in this section. Use the no form of this command to remove the user role assignment. role name no role name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the context Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. If you do not assign a user role to a new user, the default user role is Network-Monitor. For users that you create in the Admin context, the default scope of access is the entire device. For users that you create in other contexts, the default scope of access is the entire context. If you need to restrict a user’s access, you must assign a role-domain pair using the (config) username command. Examples To assign a role, enter: host1/C1(config)# role TECHNICIAN host1/C1(config-role)# To remove the role from the configuration, enter: host1/C1(config)# no role TECHNICIAN Related Commands This command has no related commands. name Identifier associated with a user role. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1217 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Role Configuration Mode Commands (config-role) description To enter a description for the role, use the description command. Use the no form of this command to remove the role description from the configuration. description text no description Syntax Description Command Modes Role configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples This example shows how to provide an additional description about a role: host1/C1(config-role)# description DEFINES TECHNICIAN ROLE To remove the description from the configuration, enter: host1/C1(config)# no description DEFINES TECHNICIAN ROLE Related Commands This command has no related commands. text Description for the role. Enter a description as an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1218 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Role Configuration Mode Commands (config-role) rule To assign privileges on a per-feature basis to a role, use the rule command. You can limit the features that a user has access to and the commands that the user can enter for that feature by configuring rules for roles. Use the no form of this command to remove the rule from a user role. rule number {{permit | deny} {create | debug | modify | monitor} [feature {AAA | access-list | changeto | config-copy | connection | dhcp | exec-commands | fault-tolerant | inspect | interface | loadbalance | nat | pki | probe | real-inservice | routing | rserver | serverfarm | ssl | sticky | syslog | vip}]} no rule number Syntax Description number Identifier of the rule and order of precedence. Enter a unique integer from 1 to 16. The rule number determines the order in which the ACE applies the rules, with a higher-numbered rule applied after a lower-numbered rule. permit Allows the role to perform the operations defined by the rest of the command keywords. deny Disallows the role to perform the operations defined by the rest of the command keywords. create Specifies commands for the creation of new objects or the deletion of existing objects (includes modify, debug, and monitor commands). debug Specifies commands for debugging problems (includes monitor commands). modify Specifies commands for modifying existing configurations (includes debug and monitor commands). monitor Specifies commands for monitoring resources and objects (show commands). feature (Optional) Specifies a particular ACE feature for which you are configuring this rule. The available features are listed below. AAA Specifies commands for authentication, authorization, and accounting. access-list Specifies commands for access control lists (ACLs). Includes ACL configuration, class maps for ACLs, and policy maps that contain ACL class maps. changeto Specifies the changeto command for user-defined roles. Users retain their privileges when accessing different contexts. By default, this command is disabled for user-defined roles. config-copy Specifies commands for copying the running-config to the startup-config, startup-config to the running-config, and copying both config files to the Flash disk (disk0:) or a remote server. connection Specifies commands for network connections. dhcp Specifies commands for Dynamic Host Configuration Protocol (DHCP). exec-commands Specifies the following command for user-defined roles: capture, debug, delete, gunzip, mkdir, move, rmdir, set, setup, system, tac-pac, untar, write, and undebug commands. By default, these command are disabled for user-defined roles. fault-tolerant Specifies commands for redundancy. inspect Specifies commands for packet inspection used in data-center security.2-1219 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Role Configuration Mode Commands Command Modes Role configuration mode. Command History Usage Guidelines (ACE appliance only) To allow a user with a customized role to work from the ACE Appliance Device Manager, you must configure the role with rules that permit the create operation for the config-copy and exec-commands features. Examples To configure a rule that allows a role to create and configure real servers, enter: host1/C1(config-role)# rule 1 permit create rserver To remove the rule from a role, enter: host1/C1(config-role)# no rule 1 permit create rserver interface Specifies all interface commands. loadbalance Specifies commands for load balancing (for the ACE appliance, this includes the application acceleration and optimization functions). Allows adding a load-balancing action in a policy map. nat Specifies commands for Network Address Translation (NAT) associated with a class map in a policy map used in data-center security. pki Specifies commands for Public Keyword Infrastructures (PKIs). probe Specifies commands for keepalives for real servers. real-inservice Specifies commands for placing a real server in service. routing Specifies all commands for routing, both global and per interface. rserver Specifies commands for physical servers. serverfarm Specifies commands for server farms. ssl Specifies commands for SSL. sticky Specifies commands for server persistence. syslog Specifies the system logging facility setup commands. vip Specifies commands for virtual IP addresses. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.3) The changeto and exec-commands options were added to this command. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) The changeto and exec-commands options were added to this command.2-1220 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Role Configuration Mode Commands Related Commands This command has no related commands.2-1221 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Server Farm Host Configuration Mode Commands Serverfarm host configuration mode commands allow you to create and configure host server farms and associate host real servers with the server farm. Host server farms are clusters of real servers that provide web content or services in a data center. You must configure a real server using the (config) rserver command in configuration mode before you can associate it with a server farm. To create a host server farm and access serverfarm host configuration mode, use the serverfarm command. Note that host is the default server-farm type, so you do not need to enter the host option. The CLI prompt changes to (config-sfarm-host). For information about the commands in this mode, see the following commands. Use the no form of this command to remove a server farm from the configuration. serverfarm [host] name no serverfarm name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the server-farm feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a host server farm named SFARM1, enter: host1/Admin(config)# serverfarm SFARM1 host1/Admin(config-sfarm-host)# To delete the server farm named SFARM1, enter: host1/Admin(config)# no serverfarm SFARM1 host (Optional) Specifies a server farm of mirrored real servers that provide web content or services. name Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1222 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Related Commands show serverfarm show running-config (config) rserver2-1223 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) description To configure the description of a server farm, use the description command. Use the no form of this command to delete the description of a server farm. description text no description Syntax Description Command Modes Serverfarm host configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure a description of a server farm, enter: host1/Admin(config-sfarm-host)# description CURRENT EVENTS ARCHIVE To delete the description of a server farm, enter: host1/Admin(config-sfarm-host)# no description Related Commands This command has no related commands. text Text description of a server farm. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1224 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) dws To enable a server farm for the dynamic workload scaling (DWS) feature, use the dws command. Use the no form of this command to disable the DWS feature on a server farm. dws {local | burst probe name} no dws {local | burst probe name} Syntax Description Command Modes Serverfarm host configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To enable DWS on a server farm, enter the following command: host1/Admin(config-sfarm-host)# dws burst probe VM_PROBE To disable DWS on a server farm, enter the following command: host1/Admin(config-sfarm-host)# no dws burst probe VM_PROBE Related Commands This command has no related commands. local Specifies that only the local pool of VMs are taken into account for load balancing decisions burst Specifies that remote VMs are taken into account for load balancing decisions when the configured threshold for the load of the local pool of VMs is reached or exceeded. probe name Existing VM probe associated with this server farm. For details about configuring a VM probe, see the (config-sfarm-host) probe command. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-1225 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) failaction To configure the action that the ACE takes if a real server in a server farm goes down, use the failaction command. Use the no form of this command to reset the ACE to its default of taking no action when a server fails. failaction {purge | reassign [across-interface]} no failaction Syntax Description Command Modes Serverfarm host configuration mode Admin and user contexts Command History Usage Guidelines If you do not configure this command, the ACE takes the real server out of rotation for new connections and allows existing connections to complete. The ACE does not send the connections to a backup server in the server farm or to a backup server farm if all servers in the primary server farm fail. To clear connections to servers that have failed prior to entering the failaction command, use the clear conn command. This feature is required for stateful firewall load balancing (FWLB). For details about FWLB, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine purge Specifies that the ACE remove the connections to a real server if that real server in the server farm fails after you configure this command. The ACE sends a reset (RST) both to the client and to the server that failed. reassign Specifies that the ACE reassigns existing server connections to the backup real server, if a backup real server is configured. If no backup real server is configured, this keyword has no effect. across-interface (Optional) Instructs the ACE to reassign all connections from the failed real server to a backup real server on a different VLAN that is commonly referred to as a bypass VLAN. By default, this feature is disabled. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised (reassign keyword added). A2(3.0) The across-interface option was added. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised (reassign keyword added). A4(1.0) The across-interface option was added.2-1226 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands The use of the failaction reassign command requires that you enable the transparent command (see (config-sfarm-host) transparent) to instruct the ACE not to use NAT to translate the ACE VIP address to the server IP address. The failaction reassign command is intended for use in FWLB where the destination IP address for the connection coming in to the ACE is for the end-point real server, and the ACE reassigns the connection so that it is transmitted through a different next hop. Follow these configuration requirements and restrictions when you use the across-interface option: • You must configure identical policies on the primary interface and the backup-server interface. The backup interface must have the same feature configurations as the primary interface. • If you configure a policy on the backup-server interface that is different from the policies on the primary-server interface, that policy will be effective only for new connections. The reassigned connection will always have only the primary-server interface policies. • Interface-specific features (for example, NAT, application protocol inspection, outbound ACLs, or SYN cookie) are not supported. • You cannot reassign connections to the failed real server after it comes back up. This restriction also applies to same-VLAN backup servers. • You must connect real servers directly to the ACE. This requirement also applies to same-VLAN backup servers. • You must disable sequence number randomization on the firewall. • Probe configurations should be similar on both ACEs and the interval values should be low. For example, if you configure a high interval value on ACE1 and a low interval value on ACE2, the reassigned connections may become stuck because of the probe configuration mismatch. ACE2 with the low interval value will detect the primary server failure first and will reassign all its incoming connections to the backup-server interface VLAN. ACE1 with the high interval value may not detect the failure before the primary server comes back up and will still point to the primary server. To minimize packet loss, we recommend the following probe parameter values on both ACEs: – Interval: 2 – Faildetect: 2 – Passdetect interval: 2 – Passdetect count: 5 Examples To instruct the ACE to remove connections from a failed server in the server farm, enter: host1/Admin(config-sfarm-host)# failaction purge To specify that the ACE reassign the existing server connections to a backup real server in a different VLAN, enter: host1/Admin(config-sfarm-host)# failaction reassign across-interface host1/Admin(config-sfarm-host)# transparent To specify that the ACE reassign the existing server connections to the backup real server, enter: host1/Admin(config-sfarm-host)# failaction reassign host1/Admin(config-sfarm-host)# transparent To reset the ACE to its default of taking no action if a real server fails, enter: host1/Admin(config-sfarm-host)# no failaction2-1227 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Related Commands (config-sfarm-host) transparent2-1228 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) fail-on-all To configure the real servers in a server farm to use AND logic with respect to multiple server farm probes, use the fail-on-all command in server farm host configuration mode. This command is applicable to all probe types. The syntax of this command is: fail-on-all no fail-on-all Syntax Description This command has no keywords or arguments. Command Modes Server farm host configuration mode Admin and user contexts Command History Usage Guidelines By default, real servers that you configure in a server farm inherit the probes that you configure directly on that server farm. When you configure multiple probes on a server farm, the real servers in the server farm use an OR logic with respect to the probes. This means that if one of the probes configured on the server farm fails, all the real servers in that server farm fail and enter the PROBE-FAILED state. With AND logic, if one server farm probe fails, the real servers in the server farm remain in the OPERATIONAL state. If all the probes associated with the server farm fail, then all the real servers in that server farm fail and enter the PROBE-FAILED state. You can also configure AND logic for probes that you configure directly on real servers in a server farm. For more information, see the command in server farm host real server configuration mode. Examples To configure the SERVER1 real server to remain in the OPERATIONAL state unless all associated probes fail, enter the following commands: host1/Admin(config)# rserver SERVER1 host1/Admin(config-rserver-host)# ip address 192.168.12.15 host1/Admin(config-rserver-host)# probe HTTP_PROBE host1/Admin(config-rserver-host)# probe ICMP_PROBE host1/Admin(config-rserver-host)# fail-on-all To remove the AND probe logic from the real server and return the behavior to the default of OR logic, enter the following command: host1/Admin(config-rserver-host)# no fail-on-all ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1229 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Related Commands This command has no related commands.2-1230 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) inband-health check To enable inband health monitoring for each real server in a server farm, use the inband-health check command. Use the no form of this command to disable inband health monitoring. inband-health check {count | {log fail_threshold_count [reset milliseconds]} | {remove fail_threshold_count [reset milliseconds] [resume-service seconds]}} no inband-health Syntax Description Command Modes Server-farm host configuration mode Admin and user contexts Command History count Tracks the total number of TCP or UDP failures, and increments the counters as displayed by the show serverfarm name inband command. log Logs a syslog error message when the number of events reaches the configured connection failure threshold. remove Specifies a syslog error message when the number of events reaches the threshold specified by the threshold_number argument and the ACE removes the server from service. fail-threshold The maximum number of connection failures that a real server can have during the configurable reset-time interval before the ACE marks the real server as failed. • For the ACE module, enter an integer from 4 to 4294967295. • For the ACE appliance, enter an integer from 1 to 4294967295. reset milliseconds Specifies the reset-time interval in milliseconds. For the milliseconds argument, enter an integer from 100 to 300000. The default interval is 100. This interval starts when the ACE detects a connection failure. If the connection failure threshold is reached during this interval, the ACE generates a syslog message. If you configure the remove keyword, the ACE also removes the real server from service. remove Logs a syslog error message when the number of events reaches the configured threshold and removes the real server from service. resume-service seconds (Optional) Specifies the number of seconds after a server has been marked as failed for the ACE to reconsider sending live connections. For the seconds argument, enter an integer from 30 to 3600. The default setting is 0. ACE Module/Appliance Release Modification A4(1.0) This command was introduced.2-1231 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Usage Guidelines By default, the ACE monitors the health of all real servers in a configuration through the use of ARPs and health probes. However, there is latency period between when the real server goes down and when the ACE becomes aware of the state. When you configure the inband health monitoring feature, it informs the ACE load balancer of connection failures on the real servers in a server farm. These connection failures are as follows: • For TCP, resets (RSTs) from the server or SYN timeouts • For UDP, ICMP Host, Network, Port, Protocol, and Source Route unreachable messages When you configure the failure-count threshold and the number of these failures exceeds the threshold within the reset-time interval, the ACE immediately marks the server as failed, takes it out of service, and removes it from load balancing. The server is not considered for load balancing until the optional resume-service interval expires. Inband health monitoring has the following considerations and restrictions: • When you configure inband health monitoring, the setting of the resume-service option for the inband-health check command affects the behavior of the real server in the INBAND-HM-FAILED state. • Inband health monitoring works with connection reuse only when the ACE to server connection is torn down, not for every request that is sent out on the reused connection. • The state of the real server is not synchronized to the standby ACE when the state of the real server changes due to inband health monitoring. • If you configure a different port for probes than what is used for traffic forwarding (for example, when you configure port inheritance or specify the port under the probe configuration), out-of-band and inband health monitoring monitor different ports. • If a server farm is attached to two different VIPs, one servicing TCP and the other servicing UDP requests, and both TCP and UDP inband health monitoring are enabled on that server farm, the inband probe that goes down first takes the real server down. We recommend that you configure two different server farms, and enable both with inband health monitoring. • When you configure inband health monitoring with a Layer 7 configuration containing a Layer 4 or Layer 7 class map, you must configure the inactivity timeout using the set timeout inactivity command to a time greater than the time to teardown the connection. The teardown time is based on the number of SYN retries configured by the set tcp syn-retry command. Otherwise, inband health monitoring does not track the syn-timeout failures. For example, if you configure the set tcp syn-retry command to 4, the connection teardown takes 45 seconds. You must configure the set timeout inactivity command to greater than 45 seconds. • You can configure inband health monitoring to work with health probes to monitor a server. If you do, both sets of health checks are required to keep a real server in service within a server farm. If either detects a server is out of service, the ACE does not select the server for load balancing. • You can configure inband health monitoring with HTTP return codes under the same server farm. The reset interval starts when the ACE detects a connection failure. If the connection failure threshold is reached during this interval, the ACE generates a syslog message. If you configure the remove keyword, the ACE also removes the real server from service. Changing the setting of the reset option affects the behavior of the real server, as follows: • When the real server is in the OPERATIONAL state, even if several connection failures have occurred, the new reset-time interval takes effect the next time that a connection error occurs. • When the real server in the INBAND-HM-FAILED state, the new reset-time interval takes effect the next time that a connection error occurs after the server transitions to the OPERATIONAL state. 2-1232 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands • The default setting is 0. The setting of this option affects the behavior of the real server in the INBAND-HM-FAILED state, as follows: – When the resume-service option is not configured and has the default setting of 0, the real server remains in the failed state until you manually enter the no inservice command followed by the inservice command. – When this option is not configured and has the default setting of 0 and then you configure this option with an integer between 30 and 3,600, the failed real server immediately transitions to the Operational state. – When you configure this option and then increase the value, the real server remains in the failed state for the duration of the previously-configured value. The new value takes effect the next time the real server transitions to the failed state. When you configure the resume-service option and then decrease the value, the failed real server immediately transitions to the Operational state. • When you configure this option with an integer between 30 and 3,600 and then reset it to the default of 0, the real server remains in the failed state for the duration of the previously-configured value. The default setting takes effect the next time the real server transitions to the failed state. Then the real server remains in the failed state until you manually enter the no inservice command followed by the inservice command. • When you change this option within the reset-time interval and the real server is in the OPERATIONAL state with several connection failures, the new threshold interval takes effect the next time that a connection error occurs, even if it occurs within the current reset-time interval. Examples To track the total number of TCP or UDP failures for the real servers on a server farm and increment the show serverfarm name inband command counters, enter: host1/Admin(config)# serverfarm host SF1 host1/Admin(config-sfarm-host)# inband-health check count To configure the ACE to remove a real server at a failure threshold of 400, and resume service to it after 300 seconds, enter: host1/Admin(config-sfarm-host)# inband-health check remove 400 resume-service 300 To disable inband health monitoring, enter: host1/Admin(config-sfarm-host)# no inband-health Related Commands show serverfarm2-1233 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) partial-threshold By default, if you configured a backup server farm and all real servers in the primary server farm go down, the primary server farm fails over to the backup server farm. Partial server farm failover allows you to specify a failover threshold. If the percentage of active real servers in a server farm falls below the specified threshold, the primary server farm fails over to the backup server farm (if configured). To enable partial server farm failover, use the partial-threshold command in server farm host configuration mode. Use the no form of this command to disable partial server farm failover. partial-threshold percentage1 back-inservice percentage2 no partial-threshold Syntax Description Command Modes Server-farm host configuration mode Admin and user contexts Command History Usage Guidelines Each time that a server is taken out of service (for example, by an administrator using the CLI, because of a probe failure, or because the retcode threshold is exceeded), the ACE is updated. If the percentage of active real servers in a server farm falls below the specified threshold, the primary server farm fails over to the backup server farm (if a backup server farm is configured). With partial server farm failover configured, the ACE allows current connections on the remaining active servers in the failed primary server farm to complete. The ACE redirects any new connection requests to the backup server farm. Examples To configure partial server farm failover, enter: host1/Admin(config-sfarm-host)# partial-threshold 40 back-inservice 60 percentage1 Minimum percentage of real servers in the primary server farm that must remain active for the server farm to stay up. If the percentage of active real servers falls below this threshold, the ACE takes the server farm out of service. Enter an integer from 0 to 99. back-inservice percentage2 Specifies the percentage of real servers in the primary server farm that must be active again for the ACE to place the server farm back into service. Enter an integer from 0 to 99. The percentage configured with the back-inservice keyword must be greater than or equal to the percentage1 value. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1234 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands To disable partial server farm failover, enter: host1/Admin(config-sfarm-host)# no partial-threshold Related Commands show serverfarm (config-sfarm-host) predictor To configure the load-balancing algorithm for the server farm, use the predictor command. Use the no form of this command to revert to the default load-balancing algorithm (the round-robin algorithm). predictor {hash {address [destination | source] [netmask]} | {content [offset number1] [length number2] [begin-pattern expression1] [end-pattern expression2]} | {cookie [secondary] name1} | {header name2} | {layer4-payload [offset number3] [length number4] [begin-pattern expression3] [end-pattern expression4]} | {url [begin-pattern expression5] [end-pattern expression6]}} | {least-bandwidth [samples number5] [assess-time seconds]} | {least-loaded probe name3 [samples number6]} | {leastconns [slowstart seconds]} | {response {app-req-to-resp | syn-to-close | syn-to-synack} [samples number7]} | {roundrobin} no predictor Syntax Description hash address Selects the server using a hash value based on the source and destination IP addresses. Use the hash address source and hash address destination methods for firewall load balancing (FWLB). destination (Optional) Selects the server using a hash value based on the destination IP address. source (Optional) Selects the server using a hash value based on the source IP address. netmask (Optional) Bits in the IP address to use for the hash. If not specified, the default is 255.255.255.255. hash content Selects the server using a hash value based on the specified content string of the HTTP packet body. offset number1 (Optional) Specifies the portion of the content that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the payload. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the content.2-1235 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands length number2 (Optional) Specifies the length of the portion of the content (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire payload. The offset and length can vary from 0 to 1000 bytes. If the payload is longer than the offset but shorter than the offset plus the length of the payload, the ACE sticks the connection based on that portion of the payload starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. Note: You cannot specify both the length and the end-pattern options in the same hash content command. begin-pattern expression1 (Optional) Specifies the beginning pattern of the content string and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing the HTTP body immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, note that the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). end-pattern expression2 (Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an end pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. Note: You cannot specify both the length and the end-pattern options in the same hash content command. hash cookie Selects the server using a hash value based on the cookie name or based on the name in the cookie name of the URL query string. secondary (Optional) Selects the server by using the hash value based on the specified name in the cookie name in the URL query string, not the cookie header. If you do not include this option, the ACE selects a real server using the hash value of the cookie name. name1 Cookie name. Enter a cookie name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1236 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands hash header name2 Selects the server using a hash value based on the header name. Enter a header name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters, or enter one of the following standard headers: • Accept • Accept-Charset • Accept-Encoding • Accept-Language • Authorization • Cache-Control • Connection • Content-MD5 • Expect • From • Host • If-Match • Pragma • Referrer • Transfer-Encoding • User-Agent • Via hash layer4-payload Specifies a Layer 4 generic protocol load-balancing method. Use this predictor to load balance packets from protocols that are not explicitly supported by the ACE. offset number3 (Optional) Specifies the portion of the payload that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the payload. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the payload. length number4 (Optional) Specifies the length of the portion of the payload (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire payload. The offset and length can vary from 0 to 1000 bytes. If the payload is longer than the offset but shorter than the offset plus the length of the payload, the ACE sticks the connection based on that portion of the payload starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. Note: You cannot specify both the length and the end-pattern options in the same hash layer4-payload command.2-1237 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands begin-pattern expression3 (Optional) Specifies the beginning pattern of the Layer 4 payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing the HTTP body immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, note that the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). end-pattern expression4 (Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an end pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. Note: You cannot specify both the length and the end-pattern options in the same hash layer4-payload command. hash url Selects the server using a hash value based on the requested URL. Use this predictor method to load balance cache servers. Cache servers perform better with the URL hash method because you can divide the contents of the caches evenly if the traffic is random enough. In a redundant configuration, the cache servers continue to work even if the active ACE switches over to the standby ACE. For information about configuring redundancy, see the Administration Guide, Cisco ACE Application Control Engine. begin-pattern expression5 (Optional) Specifies the beginning pattern of the URL and the pattern string to match before hashing. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. If you want to match a URL that contains spaces, you must use \x20 for each space character.2-1238 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands end-pattern expression6 (Optional) Specifies the pattern that marks the end of hashing. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. If you want to match a URL that contains spaces, you must use \x20 for each space character. least-bandwidth Selects the server that processed the least amount of network traffic over a specified sampling period. Use this predictor for heavy traffic use, such as downloading a video clip. The ACE measures traffic statistics between itself and the real servers in the server farm in both directions and calculates the bandwidth over the sampling period. Then, it creates an ordered list of real servers based on the sampling results and selects the server that used the least amount of bandwidth during the sampling period. samples number5 (Optional) Specifies the number of samples over which you want to weight and average the results of the probe query to calculate the final load value. Enter an integer from 1 to 16. Each value must be a power of 2, so the valid values are as follows: 1, 2, 4, 8, and 16. The default is 8. assess-time seconds (Optional) Specifies the sampling period over which the ACE measures traffic for all the servers in the server farm. Enter an integer from 1 to 10. The default is 2 seconds. least-loaded Selects the server with the lowest load based on information obtained from SNMP probes. To use this predictor, you must associate an SNMP probe with the server farm. The ACE queries one user-specified OID (for example, CPU utilization or memory utilization). The ACE uses the retrieved value directly to determine the server with the lowest load. probe name3 Specifies the name of the SNMP probe that you want to query. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. samples number6 (Optional) Specifies the number of samples over which you want to weight and average the results of the probe query to calculate the final load value. Enter an integer from 1 to 16. Each value must be a power of 2, so the valid values are as follows: 1, 2, 4, 8, and 16. The default is 8. leastconns Selects the real server with the fewest number of active connections based on the server weight. Use this predictor for processing light user requests (for example, browsing simple static web pages). For information about setting real server weight, see the (config-sfarm-host-rs) weight section. slowstart seconds (Optional) Specifies that the connections to the real server be in a slow-start mode for the duration indicated by the seconds value. Use the slow-start mechanism to avoid sending a high rate of new connections to servers that you have recently put into service. Enter an integer from 1 to 65535, where 1 is the slowest ramp-up value. By default, slowstart is disabled.2-1239 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Command Modes Server-farm host configuration mode Admin and user contexts Command History Usage Guidelines Use this command to specify the load-balancing algorithm that the ACE uses in choosing a real server in the server farm. If you do not specify the predictor command, the default algorithm is roundrobin. Using the no form of this command changes the configured predictor algorithm to the default algorithm. The weight assigned to the real servers is used only in the roundrobin and leastconns predictor methods. The hash and the response predictor methods do not recognize the weight for the real servers. For information about setting real server weight, see the (config-sfarm-host-rs) weight section. response Selects the server with the lowest response time for the requested response-time measurement. If you do not specify a response-time measurement method, the ACE uses the HTTP app-req-to-response method. app-req-to-resp (Default) Measures the response time from when the ACE sends an HTTP request to a server to the time that the ACE receives a response from the server for that request. The ACE does not allow you to configure this predictor response in a generic load-balancing policy map. syn-to-close Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives a CLOSE from the server. syn-to-synack Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives the SYN-ACK from the server. samples number7 (Optional) Number of samples over which you want to average the results of the response time measurement. Enter an integer from 1 to 16 in powers of 2. Valid values are: 1, 2, 4, 8, and 16. The default is 8. roundrobin (Default) Selects the next server in the list of real servers based on server weight (weighted round-robin). For information about setting real server weight, see the (config-sfarm-host-rs) weight section. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A2(1.4) and A2(2.1) This secondary option for the hash cookie keywords was added. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised. A3(2.2) This secondary option for the hash cookie keywords was added.2-1240 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands If you configure the leastconns predictor, you can use a slowstart mechanism (ramp-up) to avoid sending a high rate of new connections to the servers that have just been put in service. The real server with the fewest number of active connections will get the next connection request for the server farm with the leastconns predictor. The ramp-up stops when the duration timer that you specify expires. The only time that the sequence of servers starts over at the beginning (with the first server) is when there is a configuration or server state change (for example, a probe failure). Server weights take effect only when there are open connections to the servers. When there are no sustained connections to any of the servers, the leastconns predictor method behaves like the roundrobin method. The secondary option allows the ACE to correctly load balance in cases when the query string identifies the actual resource, instead of the URL. Examples To configure the ACE to select the real server with the lowest number of connections in the server farm, enter: host1/Admin(config-sfarm-host)# predictor leastconns slowstart 300 To reset the load-balancing algorithm to the default of roundrobin, enter: host1/Admin(config-sfarm-host)# no predictor Related Commands (config-sfarm-host-rs) weight (config-sfarm-host) probe Use probes to monitor the health of real servers in a server farm. To associate a probe with a server farm, use the probe command. Use the no form of this command to dissociate a probe from a server farm. probe probe-name no probe probe-name Syntax Description Command Modes Serverfarm host configuration mode Admin and user contexts Command History probe-name Identifier of an existing probe that you want to associate with a server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-1241 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Usage Guidelines The probe must already exist. (To create a probe, see the (config) probe command.) You can associate multiple probes of the same or different protocols with each server farm. Examples To associate a probe with a server farm, enter: host1/Admin(config-sfarm-host)# probe TCP1 To dissociate a probe from a server farm, enter: host1/Admin(config-sfarm-host)# no probe TCP1 Related Commands (config) probe ACE Appliance Release Modification A1(7) This command was introduced.2-1242 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) retcode To configure HTTP return-code checking (retcode map) for a server farm, use the retcode command. Use the no form of this command to dissociate a return code map. You can specify a single return code number or a range of return code numbers. For example, you can instruct the ACE to check for and count the number of occurrences of such return codes as HTTP/1.1 200 OK, HTTP/1.1 100 Continue, or HTTP/1.1 404 Not Found. retcode number1 number2 check {count | {log threshold_number reset seconds1 | {remove threshold_number reset seconds1 [resume-service seconds2]}} no retcode number1 number2 Syntax Description Command Modes Server-farm host configuration mode Admin and user contexts number1 Minimum value for an HTTP return code. Enter an integer from 100 to 599. The minimum value must be less than or equal to the maximum value. number2 Maximum value for an HTTP return code. Enter an integer from 100 to 599. The maximum value must be greater than or equal to the minimum value. check Checks for HTTP return codes associated with the server farm. count Tracks the total number of return codes received for each return code number that you specify. log Specifies a syslog error message when the number of events reaches the threshold specified by the threshold_number argument. remove Specifies a syslog error message when the number of events reaches the threshold specified by the threshold_number argument and the ACE removes the server from service. threshold_number Threshold for the number of events that the ACE receives before it performs the log or remove action. • For the ACE module, enter an integer from 4 to 4294967295. • For the ACE appliance, enter an integer from 1 to 4294967295. reset seconds1 Specifies the time interval in seconds over which the ACE checks for the return code for the log or remove action. • For the ACE module, enter an integer from 1 to 4294967295. • For the ACE appliance, enter an integer from 1 to 2147483647. resume-service seconds2 (Optional) Specifies the number of seconds that the ACE waits before it resumes service for the real server automatically after taking the real server out of service because the remove option is configured. Enter an integer from 30 to 3600. The default setting is 0.2-1243 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands Command History Usage Guidelines You can configure multiple return code maps on each server farm. You can view hitcounts for return code checking by using the show serverfarm command. The setting of the remove option affects the behavior of the real server in the failed state, as follows: • When the resume-service option is not configured and has the default setting of 0, the real server remains in the failed state until you manually enter the no inservice command followed by the inservice command. • When this option is not configured and has the default setting of 0 and then you configure this option with an integer between 30 and 3600, the failed real server transitions to the Operational state. • When you configure this option and then increase the value, the real server remains in the failed state for the duration of the previously configured value. The new value takes effect the next time the real server transitions to the failed state. • When you configure this option and then decrease the value, the failed real server transitions to the Operational state. • When you configure this option with an integer between 30 and 3600 and then reset it to the default of 0, the real server remains in the failed state for the duration of the previously configured value. The default setting takes effect the next time the real server transitions to the failed state. Then the real server remains in the failed state until you manually enter the no inservice command followed by the inservice command. The ACE performs the log or remove actions only if the threshold_number value for a particular retcode is reached within a specified period of time. The time period is defined from the receipt of a retcode until the next reset time. Examples To check for and count the number of return code hits for all return codes from 200 to 500 inclusive, enter: host1/Admin(config-sfarm-host)# retcode 200 500 check count To remove the HTTP return-code map from the configuration, enter: host1/Admin(config-sfarm-host)# no retcode 200 500 Related Commands show serverfarm ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A4(1.0) The lowest integer for the threshold_number argument was changed from 2 to 4. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised.2-1244 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands (config-sfarm-host) rserver To associate one or more existing host real servers with a server farm and access serverfarm host real server configuration mode, use the rserver command. The CLI prompt changes to (config-sfarm-host-rs). For information on commands in serverfarm host real server configuration mode, see the “Server Farm Host Real Server Configuration Mode Commands” section. Use the no form of this command to dissociate the real server from the server farm. rserver name [port] no rserver name [port] Syntax Description Command Modes Serverfarm host configuration mode Admin and user contexts Command History Usage Guidelines The real server must already exist. To create a real server, see the (config) rserver command. You can associate a maximum of 16,384 real servers with a server farm. You can configure a combination of IPv6 and IPv4 servers in a server farm (mixed mode), but a mixed mode server farm will have limited feature support. Caution Do not configure under a real server a peer IPv6 address that is calculated from EUI64. In a redundant configuration, if you configure a peer IPv6 address as EUI64 on an interface, the address will not be learned by the active member of an FT group because the address is calculated only on the peer. If you then configure the same calculated IPv6 address on the active under a real server, the CLI accepts it because it does not calculate it. This IPv6 address is not synced to the standby because it conflicts with the interface address. If you subsequently apply a probe to the real server, the state of the real server is PROBE-FAILED on the active and OUTOFSERVICE on the the standby. This same check applies to VIPs, routes, interfaces, and probes. If you choose not to assign a port number for the real server association with the server farm, the default behavior by the ACE is to automatically assign the same destination port that was used by the inbound connection to the outbound server connection. For example, if the incoming connection to the ACE is a name Unique identifier of the real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. port (Optional) Port number used for the real server Port Address Translation (PAT). Enter an integer from 1 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1245 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Configuration Mode Commands secure client HTTPS connection, the connection is typically made on port 443. If you do not assign a port number to the real server, the ACE will automatically use port 443 to connect to the server, which results in the ACE making a clear-text HTTP connection over port 443. In this case, you would typically define an outbound destination port of 80, 81, or 8080 for the backend server connection. Examples To associate a real server with a server farm, enter: host1/Admin(config-sfarm-host)# rserver server1 80 To dissociate a real server from a server farm, enter: host1/Admin(config-sfarm-host)# no rserver server1 80 Related Commands (config) rserver (config-sfarm-host) transparent To configure the ACE not to use Network Address Translation (NAT) to translate the ACE VIP address to the server IP address, use the transparent command. Use the no form of this command to reset the ACE to its default of using NAT to translate the VIP address to the server IP address. transparent no transparent Syntax Description This command has no keywords or arguments. Command Modes Serverfarm host configuration mode Admin and user contexts Command History Usage Guidelines Use this command in firewall load balancing (FWLB) when you configure the insecure and secure sides of the firewall as a server farm. For details about FWLB, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1246 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Host Predictor Configuration Mode Commands Examples To prevent the ACE from using NAT to translate the ACE VIP address to the server IP address, enter: host1/Admin(config-sfarm-host)# transparent host1/Admin(config-sfarm-host)# To reset the ACE to its default of using NAT to translate the VIP address to the server IP address, enter: host1/Admin(config-sfarm-host)# no transparent host1/Admin(config-sfarm-host)# Related Commands This command has no related commands. Serverfarm Host Predictor Configuration Mode Commands Serverfarm host predictor configuration mode commands allow you to configure additional parameters for some of the server farm predictor methods. To configure these additional predictor parameters, use the predictor least-loaded or the predictor response command in serverfarm host configuration mode. The CLI prompt changes to (config-sfarm-host-predictor). For information about the commands in this mode, see the following commands. Use the no form of this command to remove the predictor from the server farm. predictor {least-loaded probe name} | {response {app-req-to-resp | syn-to-close | syn-to-synack}[samples number]}} no predictor Syntax Description least-loaded Selects the server with the lowest load based on information obtained from SNMP probes. To use this predictor, you must associate an SNMP probe with the server farm. The ACE queries one user-specified OID (for example, CPU utilization or memory utilization). The ACE uses the retrieved value directly to determine the server with the lowest load. probe name Specifies the name of the SNMP probe that you want to query. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. response Selects the server with the lowest response time for the requested response-time measurement. If you do not specify a response-time measurement method, the ACE uses the HTTP app-req-to-response method. app-req-to-resp (Default) Measures the response time from when the ACE sends an HTTP request to a server to the time that the ACE receives a response from the server for that request. The ACE does not allow you to configure this predictor response in a generic load-balancing policy map. syn-to-close Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives a CLOSE from the server.2-1247 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Host Predictor Configuration Mode Commands Command Modes Serverfarm host configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the server-farm feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To specify the least-loaded predictor method with a probe called SNMP_PROBE for the server farm, enter: host1/Admin(config-sfarm-host)# predictor least-loaded probe SNNMP_PROBE host1/Admin(config-sfarm-host-predictor)# To remove the least-loaded predictor from the server farm, enter: host1/Admin(config-sfarm-host)# no predictor To specify the response predictor method that measures the response time from when the ACE sends an HTTP request to a server to the time that the ACE receives a response from the server for that request, enter: host1/Admin(config-sfarm-host)# predictor response app-req-to-resp host1/Admin(config-sfarm-host-predictor)# To remove the response predictor from the server farm, enter: host1/Admin(config-sfarm-host)# no predictor Related Commands show serverfarm detail (config-sfarm-host) predictor (config-sfarm-host-predictor) autoadjust (config-sfarm-host-predictor) weight connection syn-to-synack Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives the SYN-ACK from the server. samples number (Optional) Number of samples over which you want to average the results of the response time measurement. Enter an integer from 1 to 16 in powers of 2. Valid values are: 1, 2, 4, 8, and 16. The default is 8. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1248 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Host Predictor Configuration Mode Commands (config-sfarm-host-predictor) autoadjust After you specify the predictor least-loaded command, use the autoadjust command to instruct the ACE to apply the maximum load of 16000 to a real server whose load reaches zero or override the default behavior. Use the no form of this command to return the ACE behavior to the reset the behavior of the ACE to the default of average load of the server farm to a real server whose load is zero. autoadjust {average | maxload | off} no autoadjust Syntax Description Command Modes Serverfarm host predictor configuration mode Admin and user contexts Command History average Applies the average load of the server farm to a real server whose load is zero. This setting allows the server to participate in load balancing, while preventing it from being flooded by new connections. This is the default setting. maxload Instructs the ACE to apply the maximum load of 16000 to a real server whose load reaches zero. off Overrides the default behavior of the ACE of applying the average load of the server farm to a real server whose load is zero. When you configure this command, the ACE sends all new connections to the server that has a load of zero until the next load update arrives from the SNMP probe for this server. If two servers have the same lowest load (either zero or nonzero), the ACE load balances the connections between the two servers in a round-robin manner. ACE Module Release Modification A2(1.0) This command was introduced. A2(2.4) The average load became the default autoadjust setting for the least-loaded predictor. Previously, the default setting was maximum load. The maxload keyword was added to set the least-loaded predictor to maximum load. ACE Appliance Release Modification A3(1.0) This command was introduced. A4(1.0) The average load became the default autoadjust setting for the least-loaded predictor. Previously, the default setting was maximum load. The maxload keyword was added to set the least-loaded predictor to maximum load. 2-1249 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Host Predictor Configuration Mode Commands Usage Guidelines Whenever a server’s load reaches zero, by default, the ACE uses the autoadjust feature to assign an average load value to that server to prevent it from being flooded with new incoming connections. The ACE periodically adjusts this load value based on feedback from the server’s SNMP probe and other configured options. Using the least-loaded predictor with the configured server weight and the current connection count option enabled, the ACE calculates the final load of a real server as follows: final load = weighted load × static weight × current connection count where: • weighted load is the load reported by the SNMP probe • static weight is the configured weight of the real server • current connection count is the total number of active connections to the real server The ACE recalculates the final load whenever the connection count changes, provided that the weight connection command is configured. If the weight connection command is not configured, the ACE updates the final load when the next load update arrives from the SNMP probe. Examples To instruct the ACE to apply the maximum load of 16000 to a real server whose load reaches zero, enter: host1/Admin(config-sfarm-host-predictor)# autoadjust maxload To turn off the autoadjust feature for all servers in a server farm so that servers with a load of zero receive all new connections, enter: host1/Admin(config-sfarm-host-predictor)# autoadjust off To reset the behavior of the ACE to the default of applying the average load of the server farm to a real server whose load is zero, enter: host1/Admin(config-sfarm-host-predictor)# no autoadjust You can also reset the behavior of the ACE to the default by entering the following: host1/Admin(config-sfarm-host-predictor)# autoadjust average Related Commands show serverfarm detail (config-sfarm-host) predictor (config-sfarm-host-predictor) weight connection2-1250 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Host Predictor Configuration Mode Commands (config-sfarm-host-predictor) weight connection After you specify the predictor least-loaded or the predictor response command, use the weight connection command to instruct the ACE to use the current connection count in the final load calculation for each real server in the server farm. Use the no form of this command to reset the behavior of the ACE to the default of excluding the current connection count from the load calculation. weight connection no weight connection Syntax Description This command has no keywords or arguments. Command Modes Serverfarm host predictor configuration mode Admin and user contexts Command History Usage Guidelines To see how the weight connection command affects the (config-sfarm-host-predictor) autoadjust command for the least-loaded predictor, see the Usage Guidelines section of the (config-sfarm-host-predictor) autoadjust command. Examples To instruct the ACE to use the current connection count in the final load calculation for each real server in the server farm, enter: host1/Admin(config-sfarm-host-predictor)# weight connection To reset the behavior of the ACE to the default of excluding the current connection count from the load calculation, enter: host1/Admin(config-sfarm-host-predictor)# no weight connection Related Commands show serverfarm detail (config-sfarm-host) predictor (config-sfarm-host-predictor) autoadjust ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1251 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands Server Farm Host Real Server Configuration Mode Commands Serverfarm host real server configuration mode commands allow you to associate a host real server with a host server farm and configure the real server attributes. To associate one or more existing host real servers with a host server farm and access serverfarm host real server configuration mode, use the rserver command in serverfarm host configuration mode. The CLI prompt changes to (config-sfarm-host-rs). For information about the commands in this mode, see the following commands. Use the no form of this command to remove the real server from the server farm. rserver name [port] no rserver name Syntax Description Command Modes Serverfarm host configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the server-farm feature in your user role unless otherwise specified. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The real server must already exist. To create a real server, see the (config) rserver command. You can associate a maximum of 16,384 real servers with a server farm. Examples To associate a real server with a server farm, enter: host1/Admin(config-sfarm-host)# rserver SERVER1 To dissociate a real server from a server farm, enter: host1/Admin(config-sfarm-host)# no rserver SERVER1 name Unique identifier of the real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. port (Optional) Port number used for the real server Port Address Translation (PAT). Enter an integer from 1 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1252 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands Related Commands This command has no related commands.2-1253 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) backup-rserver To configure a backup real server for a real server in a server farm, use the backup-rserver command. If a real server associated with a server farm becomes unavailable, the ACE directs flows to the configured backup real server. Use the no form of this command to remove a backup real server from the configuration. backup-rserver name [port] no backup-rserver Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines The real server used as a backup server must already exist. To create a real server, see the (config) rserver command. Examples To associate a backup real server with a server farm, enter: host1/Admin(config-sfarm-host-rs)# backup-rserver BACKUP_SERVER1 3500 To dissociate a backup real server from a server farm, enter: host1/Admin(config-sfarm-host-rs)# no backup-rserver Related Commands (config) rserver (config-sfarm-host-rs) inservice name Unique identifier of an existing real server that you want to configure as a backup server in a server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. port (Optional) Port number used for the backup real server Port Address Translation (PAT). Enter an integer from 0 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) This command now supports cyclic backup of real servers in a server farm.2-1254 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) conn-limit To configure the maximum and minimum number of connections that you want to allow for a host real server in a server farm, use the conn-limit command. Use the no form of this command to reset the limits for the real server maximum connections and minimum connections to the default of 4000000. conn-limit max maxconns min minconns no conn-limit Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines Use this command to specify the maximum number of connections and the minimum connection threshold for a host real server in a server farm. The minconns value must be less than or equal to the maxconns value. The ACE uses the minconns value as a threshold to start accepting connections again after the maxconns limit is exceeded. Examples To configure the maximum number of connections and the minimum connection threshold for a host real server, enter: host1/Admin(config-sfarm-host-rs)# conn-limit max 65535 min 40000 To reset the maximum number of connections and the minimum connection threshold for a host real server to the default of 4000000, enter: host1/Admin(config-sfarm-host-rs)# no conn-limit Related Commands (config-sfarm-host-rs) rate-limit max maxconns Specifies the maximum number of connections allowed for this real server. Enter an integer from 2 to 4000000. The default is 4000000. min minconns Specifies the connection threshold below which the real server will start accepting connections again after the number of connections exceeds the configured maximum number of connections. Enter an integer from 2 to 4000000. The default is minconns equal to maxconns. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1255 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) cookie-string To configure a cookie string value of the real server for HTTP cookie insertion when establishing a sticky connection, use the cookie-string command. Use the no form of this command to remove the user-defined cookie string value of the real server for cookie insertion and have the ACE generate the cookie string for the associated real server. cookie-string text_string no cookie-string Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines Use cookie insertion when you want to use a session cookie for persistence if the server is not currently setting the appropriate cookie. When you configure a cookie string value, the ACE inserts the cookie in the Set-Cookie header of the response from the server to the client. If you do not configure a cookie string value, when you enable cookie insertion for a sticky group, the ACE generates the cookie string for each real server after sending a connection to it. The ACE-generated cookie string appears as “Rxxxxxxx” (for example, R2148819051). When configuring a cookie string value, consider the following: • You can configure one cookie string for each real server. • The ACE automatically uses the user-defined cookie string for cookie insertion for a sticky group instead of the ACE-generated cookie string. • Ensure that there are no duplicate strings configured for real servers. If there are duplicate cookie strings, the old entry will be removed and sticky database will use the latest configured cookie string for the real server. If you remove the user-defined cookie string from a real server, the ACE generates the cookie string for the associated real server after sending a connection. text_string Cookie string value for the real server. Enter a text string with a maximum of 32 alphanumeric characters. When you include spaces and special characters in a cookie string value, enter a quoted text string (for example, “test cookie string”). The quotes appear in the running-configuration file. ACE Module Release Modification A4(1.0) This command was introduced. ACE Appliance Release Modification A3(2.2) This command was introduced.2-1256 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands Examples To configure a cookie string value of the real server for HTTP cookie insertion, enter: host1/Admin(config-sfarm-host-rs)# cookie-string ABC123 To remove the configured cookie string value, enter: host1/Admin(config-sfarm-host-rs)# no cookie-string Related Commands show sticky database2-1257 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) description To configure the description of a real server in a server farm, use the description command. Use the no form of this command to delete the description of a real server. description text no description Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure a description of a real server in a server farm, enter: host1/Admin(config-sfarm-host-rs)# description "CURRENT EVENTS: EDITION 1" To delete the description, enter: host1/Admin(config-sfarm-host-rs)# no description Related Commands This command has no related commands. text Text description of a server farm. Enter an unquoted text string with a maximum of 240 alphanumeric characters. If the text string includes spaces, enclose the string in quotes/ ACE Module Release Modification A2(2.1) This command was introduced. ACE Appliance Release Modification A3(2.4) This command was introduced.2-1258 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) fail-on-all To configure a real server in a server farm to remain in the OPERATIONAL state unless all probes associated with it fail (AND logic), use the fail-on-all command in server farm host real server configuration mode. This command is applicable to all probe types. The syntax of this command is: fail-on-all no fail-on-all Syntax Description This command has no keywords or arguments. Command Modes Server farm host real server configuration mode Admin and user contexts Command History Usage Guidelines By default, multiple probes that you configure directly on a real server in a server farm have an OR logic associated with them. This means that, if one of the real server probes fails, then the real server fails and enters the PROBE-FAILED state. You can selectively configure this command on only certain real servers in the server farm to give those server ADN logic. Any real server that you do not configure with the fail-on-all command, maintains its default OR logic with respect to probes. Examples For example, to configure the SERVER1 real server in SFARM1 to remain in the OPERATIONAL state unless all associated probes fail, enter the following commands: host1/Admin(config)# serverfarm SFARM1 host1/Admin(config-sfarm-host)# rserver SERVER1 host1/Admin(config-sfarm-host-rs)# inservice host1/Admin(config-sfarm-host-rs)# probe HTTP_PROBE host1/Admin(config-sfarm-host-rs)# probe ICMP_PROBE host1/Admin(config-sfarm-host-rs)# fail-on-all If either HTTP_PROBE or ICMP_PROBE fails, the SERVER1 real server remains in the OPERATIONAL state. If both probes fail, the real server fails and enters the PROBE-FAILED state. To remove the AND probe logic from the real server in a server farm and return the behavior to the default of OR logic, enter the following command: host1/Admin(config-rserver-host)# no fail-on-all ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1259 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands Related Commands This command has no related commands.2-1260 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) inservice To place a real server associated with a server farm in service, use the inservice command. Use the no form of this command to take a real server out of service. inservice [standby] no inservice Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines This command requires the real-inservice feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To start load balancing connections to a real server in a server farm, you must place the real server in service by using the inservice command. You can modify the attributes of a real server in a server farm without taking the server out of service. In addition to putting a backup real server in service standby, another use of the inservice standby command is to provide the graceful shutdown of primary real servers. Use this command to gracefully shut down servers with sticky connections. When you enter this command for a primary real server, the ACE does the following: • Tears down existing non-TCP connections to the server • Allows current TCP connections to complete • Allows new sticky connections for existing server connections that match entries in the sticky database • Load balances all new connections (other than the matching sticky connections mentioned above) to the other servers in the server farm • Eventually takes the server out of service standby (Optional) Used with backup real servers, specifies that a backup real server remain inactive unless the primary real server fails. If the primary fails, the backup server becomes active and starts accepting connections. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1261 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands Examples To place a real server in service, enter: host1/Admin(config-sfarm-host-rs)# inservice To take a real server out of service, enter: host1/Admin(config-sfarm-host-rs)# no inservice To perform a graceful shutdown on a primary real server with sticky connections in a server farm, enter: host1/Admin(config-sfarm-host-rs)# inservice standby Related Commands This command has no related commands.2-1262 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) probe To configure a probe to monitor the health of a host real server in a host server farm, use the probe command. Use the no form of this command to remove the probe from the real server. probe probe-name no probe probe-name Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines You can associate multiple probes with each real server. The ACE periodically sends the probes to the real servers. If the ACE receives the appropriate responses from the servers, the ACE includes the servers in load-balancing decisions. If not, the ACE marks the servers as out of service, depending on the configured number of retries. Examples To configure a probe for a host real server, enter: host1/Admin(config-sfarm-host-rs)# probe SERVER1_PROBE To remove a probe from a host real server, enter: host1/Admin(config-sfarm-host-rs)# no probe SERVER1_PROBE Related Commands This command has no related commands. probe-name Identifier of an existing probe that you want to assign to a real server to monitor its health. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1263 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands (config-sfarm-host-rs) rate-limit To configure a limit for the connection rate and the bandwidth rate of a real server in a host server farm, use the rate-limit command. The connection rate is the number of connections per second received by the ACE and destined to a particular real server. The bandwidth rate is the number of bytes per second received by the ACE and destined for a particular real server. Use the no form of this command to revert to the ACE default of not limiting the connection rate or bandwidth rate of real servers in a server farm. rate-limit {connection number1 | bandwidth number2} no rate-limit {connection | bandwidth} Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines If the connection rate or the bandwidth rate of incoming traffic destined for a particular real server exceeds the configured rate for the server, the ACE blocks any further traffic destined to that real server until the connection rate or bandwidth rate drops below the configured limit. Also, the ACE removes the blocked real server from future load-balancing decisions. By default, the ACE does not limit the connection rate or the bandwidth rate of real servers in a server farm. Examples To limit the connection rate of a real server to 100,000 connections per second, enter: host1/Admin(config-sfarm-host-rs)# rate-limit connection 100000 connection number1 Specifies the real server connection-rate limit in connections per second. • For the ACE module, enter an integer from 2 to 350000. • For the ACE appliance, enter an integer from 1 to 350000. There is no default value. bandwidth number2 Specifies the real server bandwidth-rate limit in bytes per second. • For the ACE module, enter an integer from 4 to 300000000. • For the ACE appliance, enter an integer from 1 to 300000000. There is no default value. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A4(1.0) The lowest real server bandwidth-rate limit was changed from 2 to 4. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1264 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Host Real Server Configuration Mode Commands To revert to the ACE default of not limiting the real-server connection rate, enter: host1/Admin(config-sfarm-host-rs)# no rate-limit connection To limit the real-server bandwidth rate to 5,000,000 bytes per second, enter: host1/Admin(config-sfarm-host-rs)# rate-limit bandwidth 5000000 To revert to the ACE default of not limiting real-server bandwidth, enter: host1/Admin(config-sfarm-host-rs)# no rate-limit bandwidth Related Commands (config-sfarm-host-rs) conn-limit (config-sfarm-host-rs) weight To configure the capacity of a real server in relation to other servers in a server farm, use the weight command. The weight value that you specify for a server is used in the weighted round-robin and least-connections predictor load-balancing methods. Use the no form of this command to reset the real server weight to the default. weight number no weight Syntax Description Command Modes Serverfarm host real server configuration mode Admin and user contexts Command History Usage Guidelines Servers with higher weight values receive a proportionally higher number of connections than servers with lower weight values. If you do not specify a weight in serverfarm host real server configuration mode, the ACE uses the weight that you configured for the global real server in real server host configuration mode. number Weight value assigned to a real server in a server farm. This value is used in the weighted round-robin and least-connections predictor load-balancing algorithms. Enter an integer from 1 to 100. The default is 8. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1265 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands To specify different weight values for a host real server in a server farm, you can assign multiple IP addresses to the server. You can also use the same IP address of a real server with different port numbers. Server weights take effect only when there are open connections to the servers. When there are no sustained connections to any of the servers, the leastconns predictor method behaves like the roundrobin method. Examples To configure a weight value for a real server, enter: host1/Admin(config-sfarm-host-rs)# weight 50 To reset the weight of a real server to the default of 8, enter: host1/Admin(config-sfarm-host-rs)# no weight Related Commands (config-rserver-host) weight (config-sfarm-host) predictor Server Farm Redirect Configuration Mode Commands Serverfarm redirect configuration mode commands allow you to create and configure redirect server farms and associate redirect real servers with the server farm. Redirect server farms are clusters of real servers that redirect users to alternative URLs where content has been moved, either temporarily or permanently. The server farm consists only of real servers that redirect client requests to alternative locations specified by the relocation string or port number in the real server configuration. You must configure a redirect real server using the (config) rserver redirect command in configuration mode before you can associate it with a server farm. To create a redirect server farm and access serverfarm redirect configuration mode, use the serverfarm redirect command. The CLI prompt changes to (config-sfarm-redirect). For information about the commands in this mode, see the following commands. Use the no form of this command to remove a server farm from the configuration. serverfarm redirect name no serverfarm redirect name Syntax Description Command Modes Configuration mode Admin and user contexts Command History name Unique identifier of the server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-1266 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands Usage Guidelines The commands in this mode require the server-farm feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To create a redirect server farm named SFARM2, enter: host1/Admin(config)# serverfarm redirect SFARM2 host1/Admin(config-sfarm-redirect)# To delete the redirect server farm named SFARM2, enter: host1/Admin(config)# no serverfarm redirect SFARM2 Related Commands show serverfarm show running-config (config) rserver ACE Appliance Release Modification A1(7) This command was introduced.2-1267 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands (config-sfarm-redirect) description To configure the text description of a server farm, use the description command. Use the no form of this command to delete the description of a server farm. description text no description Syntax Description Command Modes Serverfarm redirect configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To configure a description of a server farm, enter: host1/Admin(config-sfarm-redirect)# description REDIRECT_NEW_SITE To delete the description of a server farm, enter: host1/Admin(config-sfarm-redirect)# no description Related Commands This command has no related commands. text Text description of a server farm. Enter an unquoted text string with a maximum of 240 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1268 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands (config-sfarm-redirect) failaction To configure the action that the ACE takes if a real server in a server farm goes down, use the failaction command. Use the no form of this command to reset the ACE to its default of taking no action when a server fails. failaction {purge | reassign [across-interface]} no failaction Syntax Description Command Modes Serverfarm redirect configuration mode Admin and user contexts Command History Usage Guidelines If you do not configure this command, the ACE takes the real server out of rotation for new connections and allows existing connections to complete. The ACE does not send the connections to a backup server in the server farm or to a backup server farm if all servers in the primary server farm fail. This feature is required for stateful firewall load balancing (FWLB). For details about FWLB, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. purge Specifies that the ACE removes the connections to a real server in the server farm if that real server fails. The ACE sends a reset (RST) both to the client and to the server that failed. reassign Specifies that the ACE reassigns existing server connections to the backup real server if a backup real server is configured. If no backup real server is configured, this keyword has no effect. across-interface (Optional) Instructs the ACE to reassign all connections from the failed real server to a backup real server on a different VLAN that is commonly referred to as a bypass VLAN. By default, this feature is disabled. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised (reassign keyword added). A2(3.0) The across-interface option was added. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised (reassign keyword added). A4(1.0) The across-interface option was added. A5(1.0) Added IPv6 support.2-1269 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands Examples To instruct the ACE to remove connections from a failed server in the server farm, enter: host1/Admin(config-sfarm-redirect)# failaction purge To reset the ACE to its default of taking no action if a real server fails, enter: host1/Admin(config-sfarm-redirect)# no failaction Related Commands This command has no related commands.2-1270 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands (config-sfarm-redirect) predictor To configure the load-balancing algorithm for the server farm, use the predictor command. Use the no form of this command to revert to the default load-balancing algorithm (the round-robin algorithm). predictor {hash {address [destination | source] [prefix-length | netmask]} | {content [offset number1] [length number2] [begin-pattern expression1] [end-pattern expression2]} | {cookie [secondary] name1} | {header name2} | {layer4-payload [offset number3] [length number4] [begin-pattern expression3] [end-pattern expression4]} | {url [begin-pattern expression5] [end-pattern expression6]}} | {least-bandwidth [samples number5] [assess-time seconds]} | {least-loaded probe name3 [samples number6]} | {leastconns [slowstart seconds]} | {response {app-req-to-resp | syn-to-close | syn-to-synack} [samples number7] [threshold milliseconds [resume-timer seconds]]} | {roundrobin} no predictor Syntax Description hash address Selects the server using a hash value based on the source and destination IP addresses. Use the hash address source and hash address destination methods for firewall load balancing (FWLB). destination (Optional) Selects the server using a hash value based on the destination IP address. source (Optional) Selects the server using a hash value based on the source IP address. v6-prefix prefix-length (Optional) Specifies how many of the most significant bits (MSBs) of the IPv6 address are used for the network identifier. Enter an integer from 1 to 128. netmask (Optional) Bits in the IP address to use for the hash. If not specified, the default is 255.255.255.255. hash content Selects the server using a hash value based on the specified content string of the HTTP packet body. offset number1 (Optional) Specifies the portion of the content that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the payload. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the content. length number2 (Optional) Specifies the length of the portion of the content (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire payload. The offset and length can vary from 0 to 1000 bytes. If the payload is longer than the offset but shorter than the offset plus the length of the payload, the ACE sticks the connection based on that portion of the payload starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. You cannot specify both the length and the end-pattern options in the same hash content command.2-1271 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands begin-pattern expression1 (Optional) Specifies the beginning pattern of the content string and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing the HTTP body immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, note that the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). end-pattern expression2 (Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an end pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. You cannot specify both the length and the end-pattern options in the same hash content command. hash cookie Selects the server using a hash value based on the cookie name or based on the name in the cookie name of the URL query string. secondary (Optional) Selects the server by using the hash value based on the specified name in the cookie name in the URL query string, not the cookie header. If you do not include this option, the ACE selects a real server using the hash value of the cookie name. name1 Cookie name. Enter a cookie name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1272 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands hash header name2 Selects the server using a hash value based on the header name. Enter a header name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters, or enter one of the following standard headers: • Accept • Accept-Charset • Accept-Encoding • Accept-Language • Authorization • Cache-Control • Connection • Content-MD5 • Expect • From • Host • If-Match • Pragma • Referrer • Transfer-Encoding • User-Agent • Via hash layer4-payload Specifies a Layer 4 generic protocol load-balancing method. Use this predictor to load balance packets from protocols that are not explicitly supported by the ACE. offset number3 (Optional) Specifies the portion of the payload that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the payload. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the payload. length number4 (Optional) Specifies the length of the portion of the payload (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire payload. The offset and length can vary from 0 to 1000 bytes. If the payload is longer than the offset but shorter than the offset plus the length of the payload, the ACE sticks the connection based on that portion of the payload starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. You cannot specify both the length and the end-pattern options in the same hash layer4-payload command.2-1273 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands begin-pattern expression3 (Optional) Specifies the beginning pattern of the Layer 4 payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing the HTTP body immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, note that the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). end-pattern expression4 (Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an end pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. Note: You cannot specify both the length and the end-pattern options in the same hash layer4-payload command. hash url Selects the server using a hash value based on the requested URL. Use this predictor method to load balance cache servers. Cache servers perform better with the URL hash method because you can divide the contents of the caches evenly if the traffic is random enough. In a redundant configuration, the cache servers continue to work even if the active ACE switches over to the standby ACE. For information about configuring redundancy, see the Administration Guide, Cisco ACE Application Control Engine. begin-pattern expression5 (Optional) Specifies the beginning pattern of the URL and the pattern string to match before hashing. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. If you want to match a URL that contains spaces, you must use \x20 for each space character.2-1274 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands end-pattern expression6 (Optional) Specifies the pattern that marks the end of hashing. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. If you want to match a URL that contains spaces, you must use \x20 for each space character. least-bandwidth Selects the server that processed the least amount of network traffic over a specified sampling period. Use this predictor for heavy traffic use, such as downloading a video clip. The ACE measures traffic statistics between itself and the real servers in the server farm in both directions and calculates the bandwidth over the sampling period. Then, it creates an ordered list of real servers based on the sampling results and selects the server that used the least amount of bandwidth during the sampling period. samples number5 (Optional) Specifies the number of samples over which you want to weight and average the results of the probe query to calculate the final load value. Enter an integer from 1 to 16. Each value must be a power of 2, so the valid values are as follows: 1, 2, 4, 8, and 16. The default is 8. assess-time seconds (Optional) Specifies the sampling period over which the ACE measures traffic for all the servers in the server farm. Enter an integer from 1 to 10. The default is 4 seconds. least-loaded Selects the server with the lowest load based on information obtained from SNMP probes. To use this predictor, you must associate an SNMP probe with the server farm. The ACE queries one user-specified OID (for example, CPU utilization or memory utilization). The ACE uses the retrieved value directly to determine the server with the lowest load. This predictor is not supported with IPv6. probe name3 Specifies the name of the SNMP probe that you want to query. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. samples number6 (Optional) Specifies the number of samples over which you want to weight and average the results of the probe query to calculate the final load value. Enter an integer from 1 to 16. Each value must be a power of 2, so the valid values are as follows: 1, 2, 4, 8, and 16. The default is 8. leastconns Selects the real server with the fewest number of active connections based on the server weight. Use this predictor for processing light user requests (for example, browsing simple static web pages). For information about setting real server weight, see the (config-sfarm-redirect-rs) weight section. slowstart seconds (Optional) Specifies that the connections to the real server be in a slow-start mode for the duration indicated by the seconds value. Use the slow-start mechanism to avoid sending a high rate of new connections to servers that you have recently put into service. Enter an integer from 1 to 65535, where 1 is the slowest ramp-up value. By default, slowstart is disabled.2-1275 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands Command Modes Server-farm redirect configuration mode Admin and user contexts Command History response Selects the server with the lowest response time for the requested response-time measurement. If you do not specify a response-time measurement method, the ACE uses the HTTP app-req-to-response method. app-req-to-resp (Default) Measures the response time from when the ACE sends an HTTP request to a server to the time that the ACE receives a response from the server for that request. The ACE does not allow you to configure this predictor response in a generic load-balancing policy map. syn-to-close Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives a CLOSE from the server. syn-to-synack Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives the SYN-ACK from the server. samples number7 (Optional) Specifies the number of samples that you want to average from the results of the response time measurement. Enter an integer from 1 to 16 in powers of 2. Valid values are 1, 2, 4, 8, and 16. The default is 8. threshold milliseconds (Optional) Specifies the required minimum average response time for a server. If the server response time is greater than the specified threshold value, the ACE removes the server from the load-balancing decision process (takes the server out of service). Enter an integer from 1 to 300000 milliseconds (5 minutes). The default is no threshold (servers are not taken out of service). resume-timer seconds (Optional) Specifies the number of seconds after which the ACE sends traffic again to a server that was taken out of the load-balancing decision process. The ACE monitors the server’s response time. If that response time is less than or equal to the value set with the threshold keyword, the ACE places the server back in service. Enter an integer from 30 to 3600 seconds (1 hour). The default value is 300 seconds (5 minutes) if you configure a threshold without specifying the resume timer. roundrobin (Default) Selects the next server in the list of real servers based on server weight (weighted round-robin). For information about setting the real server weight, see the (config-sfarm-redirect-rs) weight section. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(1.0) This command was revised. A2(1.4) and A2(2.1) This secondary option for the hash cookie keywords was added.2-1276 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands Usage Guidelines Use this command to specify the load-balancing algorithm that the ACE uses in choosing a real server in the server farm. If you do not specify the predictor command, the default algorithm is roundrobin. Using the no form of this command changes the configured predictor algorithm to the default algorithm. The weight assigned to the real servers is used only in the roundrobin and leastconns predictor methods. The hash and the response predictor methods do not recognize the weight for the real servers. For information about setting the real server weight, see the (config-sfarm-redirect-rs) weight section. If you configure the leastconns predictor, you can use a slowstart mechanism (ramp-up) to avoid sending a high rate of new connections to the servers that have just been put in service. The real server with the fewest number of active connections will get the next connection request for the server farm with the leastconns predictor. The ramp-up stops when the duration timer that you specify expires. The only time that the sequence of servers starts over at the beginning (with the first server) is when there is a configuration or server state change (for example, a probe failure). The secondary option allows the ACE to correctly load balance in cases when the query string identifies the actual resource, instead of the URL. Examples To configure the ACE to select the real server with the lowest number of connections in the server farm, enter: host1/Admin(config-sfarm-redirect)# predictor leastconns slowstart 300 To reset the load-balancing algorithm to the default round-robin algorithm, enter: host1/Admin(config-sfarm-redirect)# no predictor Related Commands (config-sfarm-redirect-rs) weight (config-sfarm-redirect) probe Use probes to monitor the health of real servers in a server farm. To associate a probe with a server farm, use the probe command. Use the no form of this command to dissociate a probe from a server farm. probe probe-name no probe probe-name Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. A3(1.0) This command was revised (reassign keyword added). A3(2.2) This secondary option for the hash cookie keywords was added. probe-name Identifier of an existing probe that you want to associate with a server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1277 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands Command Modes Serverfarm redirect configuration mode Admin and user contexts Command History Usage Guidelines The probe must already exist. (To create a probe, see the (config) probe command.) You can associate multiple probes of the same or different protocols with each server farm. You can only configure probes with an IP address in routed mode under a redirect server. You cannot associate a scripted probe with a redirect server. Examples To associate a probe with a server farm, enter: host1/Admin(config-sfarm-redirect)# probe TCP1 To dissociate a probe from a server farm, enter: host1/Admin(config-sfarm-redirect)# no probe TCP1 Related Commands (config) probe (config-probe-probe_type) ip address (config-sfarm-redirect) rserver To associate one or more existing redirect real servers with a server farm and access serverfarm redirect real server configuration mode, use the rserver command. The CLI prompt changes to (config-sfarm-redirect-rs). For information on commands in serverfarm redirect real server configuration mode, see the “Server Farm Redirect Real Server Configuration Mode Commands” section. Use the no form of this command to dissociate the real server from the server farm. rserver name [port] no rserver name [port] ACE Module Release Modification A2(3.2). Not applicable for A4(1.0). This command was introduced. ACE Appliance Release Modification A3(2.7). Not applicable for A4(1.0). This command was introduced.2-1278 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Configuration Mode Commands Syntax Description Command Modes Serverfarm redirect configuration mode Admin and user contexts Command History Usage Guidelines The real server must already exist. To create a real server, see the (config) rserver command. You can associate a maximum of 16,384 real servers with a server farm. Examples To associate a real server with a server farm, enter: host1/Admin(config-sfarm-redirect)# rserver server1 4000 host1/Admin(config-sfarm-redirect-rs)# To dissociate a real server from a server farm, enter: host1/Admin(config-sfarm-redirect)# no rserver server1 host1/Admin(config-sfarm-redirect)# Related Commands (config) rserver name Unique identifier of the real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. port (Optional) Port number used for the real server Port Address Translation (PAT). Enter an integer from 1 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1279 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Redirect Predictor Configuration Mode Commands Serverfarm Redirect Predictor Configuration Mode Commands Serverfarm redirect predictor configuration mode commands allow you to configure additional parameters for some of the server farm predictor methods. To configure these additional predictor parameters, use the predictor least-loaded or the predictor response command in serverfarm host configuration mode. The CLI prompt changes to (config-sfarm-host-predictor). For information about the commands in this mode, see the following commands. Use the no form of this command to remove the predictor from the server farm. predictor {least-loaded probe name} | {response {app-req-to-resp | syn-to-close | syn-to-synack} [samples number]}} no predictor Syntax Description Command Modes Serverfarm redirect configuration mode Admin and user contexts least-loaded Selects the server with the lowest load based on information obtained from SNMP probes. To use this predictor, you must associate an SNMP probe with the server farm. The ACE queries one user-specified OID (for example, CPU utilization or memory utilization). The ACE uses the retrieved value directly to determine the server with the lowest load. probe name Specifies the name of the SNMP probe that you want to query. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. response Selects the server with the lowest response time for the requested response-time measurement. If you do not specify a response-time measurement method, the ACE uses the HTTP app-req-to-response method. app-req-to-resp (Default) Measures the response time from when the ACE sends an HTTP request to a server to the time that the ACE receives a response from the server for that request. The ACE does not allow you to configure this predictor response in a generic load-balancing policy map. syn-to-close Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives a CLOSE from the server. syn-to-synack Measures the response time from when the ACE sends a TCP SYN to a server to the time that the ACE receives the SYN-ACK from the server. samples number (Optional) Number of samples over which you want to average the results of the response time measurement. Enter an integer from 1 to 16 in powers of 2. Valid values are: 1, 2, 4, 8, and 16. The default is 8.2-1280 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Redirect Predictor Configuration Mode Commands Command History Usage Guidelines The commands in this mode require the server-farm feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To specify the least-loaded predictor method with a probe called SNMP_PROBE for the server farm, enter: host1/Admin(config-sfarm-redirect)# predictor least-loaded probe SNNMP_PROBE host1/Admin(config-sfarm-redirect-predictor)# To remove the least-loaded predictor from the server farm, enter: host1/Admin(config-sfarm-redirect)# no predictor To specify the response predictor method that measures the response time from when the ACE sends an HTTP request to a server to the time that the ACE receives a response from the server for that request, enter: host1/Admin(config-sfarm-redirect)# predictor response app-req-to-resp host1/Admin(config-sfarm-redirect-predictor)# To remove the response predictor from the server farm, enter: host1/Admin(config-sfarm-redirect)# no predictor Related Commands show serverfarm detail (config-sfarm-redirect) predictor (config-sfarm-redirect-predictor) autoadjust (config-sfarm-redirect-predictor) weight connection ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1281 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Redirect Predictor Configuration Mode Commands (config-sfarm-redirect-predictor) autoadjust After you specify the predictor least-loaded command, use the autoadjust command to instruct the ACE to apply the maximum load of 16000 to a real server whose load reaches zero or override the default behavior. Use the no form of this command to return the ACE behavior to the reset the behavior of the ACE to the default of average load of the server farm to a real server whose load is zero. autoadjust {average | maxload | off} no autoadjust Syntax Description Serverfarm redirect predictor configuration mode Admin and user contexts Command History average Applies the average load of the server farm to a real server whose load is zero. This setting allows the server to participate in load balancing, while preventing it from being flooded by new connections. This is the default setting. maxload Instructs the ACE to apply the maximum load of 16000 to a real server whose load reaches zero. off Overrides the default behavior of the ACE of applying the average load of the server farm to a real server whose load is zero. When you configure this command, the ACE sends all new connections to the server that has a load of zero until the next load update arrives from the SNMP probe for this server. If two servers have the same lowest load (either zero or nonzero), the ACE load balances the connections between the two servers in a round-robin manner. ACE Module Release Modification A2(1.0) This command was introduced. A2(2.4) The average keyword became the default autoadjust setting for the least-loaded predictor. Previously, the default setting was maximum load. The maxload keyword was added to set the least-loaded predictor to maximum load. ACE Appliance Release Modification A3(1.0) This command was introduced. A4(1.0) The average keyword became the default autoadjust setting for the least-loaded predictor. Previously, the default setting was maximum load. The maxload keyword was added to set the least-loaded predictor to maximum load. 2-1282 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Redirect Predictor Configuration Mode Commands Usage Guidelines Whenever a server’s load reaches zero, by default, the ACE uses the autoadjust feature to assign an average load value to that server to prevent it from being flooded with new incoming connections. The ACE periodically adjusts this load value based on feedback from the server’s SNMP probe and other configured options. Using the least-loaded predictor with the configured server weight and the current connection count option enabled, the ACE calculates the final load of a real server as follows: final load = weighted load × static weight × current connection count where: • weighted load is the load reported by the SNMP probe • static weight is the configured weight of the real server • current connection count is the total number of active connections to the real server The ACE recalculates the final load whenever the connection count changes, provided that the weight connection command is configured. If the weight connection command is not configured, the ACE updates the final load when the next load update arrives from the SNMP probe. Examples To instruct the ACE to apply the maximum load of the server farm to a real server whose load value reaches zero, enter: host1/Admin(config-sfarm-redirect-predictor)# autoadjust maxload To turn off the autoadjust feature for all servers in a server farm so that servers with a load of zero receive all new connections, enter: host1/Admin(config-sfarm-redirect-predictor)# autoadjust off To reset the behavior of the ACE to the default of applying the average load value of 16000 to a real server whose load is zero, enter: host1/Admin(config-sfarm-redirect-predictor)# no autoadjust Related Commands show serverfarm detail (config-sfarm-redirect) predictor (config-sfarm-redirect-predictor) weight connection2-1283 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Serverfarm Redirect Predictor Configuration Mode Commands (config-sfarm-redirect-predictor) weight connection After you specify the predictor least-loaded or the predictor response command, use the weight connection command to instruct the ACE to use the current connection count in the final load calculation for each real server in the server farm. Use the no form of this command to reset the behavior of the ACE to the default of excluding the current connection count from the load calculation. weight connection no weight connection Syntax Description This command has no keywords or arguments. Command Modes Serverfarm redirect predictor configuration mode Admin and user contexts Command History Usage Guidelines To see how the weight connection command affects the (config-sfarm-redirect-predictor) autoadjust command for the least-loaded predictor, see the Usage Guidelines section of the (config-sfarm-redirect-predictor) autoadjust command. Examples To instruct the ACE to use the current connection count in the final load calculation for each real server in the server farm, enter: host1/Admin(config-sfarm-redirect-predictor)# weight connection To reset the behavior of the ACE to the default of excluding the current connection count from the load calculation, enter: host1/Admin(config-sfarm-redirect-predictor)# no weight connection Related Commands show serverfarm detail (config-sfarm-redirect) predictor (config-sfarm-redirect-predictor) autoadjust ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1284 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands Server Farm Redirect Real Server Configuration Mode Commands Serverfarm redirect real server configuration mode commands allow you to associate a redirect real server with a redirect server farm and configure the real server attributes. To associate one or more existing redirect real servers with a redirect server farm and access serverfarm redirect real server configuration mode, use the rserver command in serverfarm redirect configuration mode. The CLI prompt changes to (config-sfarm-redirect-rs). For information about the commands in this mode, see the following commands. Use the no form of this command to remove the real server from the server farm. rserver name no rserver name Syntax Description Command Modes Serverfarm redirect configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the server-farm feature in your user role unless otherwise specified. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. The redirect real server must already exist. To create a real server, see the (config) rserver redirect command. You can associate a maximum of 16,384 real servers with a server farm. Examples To associate a real server with a server farm, enter: host1/Admin(config-sfarm-redirect)# rserver server1 To dissociate a real server from a server farm, enter: host1/Admin(config-sfarm-redirect)# no rserver server1 name Unique identifier of the real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1285 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands Related Commands This command has no related commands.2-1286 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands (config-sfarm-redirect-rs) backup-rserver To configure a backup real server for a real server in a server farm, use the backup-rserver command. If a real server associated with a server farm becomes unavailable, the ACE directs flows to the configured backup real server. Use the no form of this command to remove a backup real server from the configuration. backup-rserver name no backup-rserver Syntax Description Command Modes Serverfarm redirect real server configuration mode Admin and user contexts Command History Usage Guidelines The real server used as a backup server must already exist. To create a redirect real server, see the (config) rserver redirect command. IPv6 servers can back up IPv4 servers, but only for the HTTP and the HTTPS protocols. Examples To associate a backup real server with a server farm, enter: host1/Admin(config-sfarm-redirect-rs)# backup-rserver BACKUP_SERVER1 To dissociate a backup real server from a server farm, enter: host1/Admin(config-sfarm-redirect-rs)# no backup-rserver Related Commands (config) rserver name Unique identifier of an existing real server that you want to configure as a backup server in a server farm. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added support for IPv6. ACE Appliance Release Modification A1(7) This command was introduced. A3(2.2) This command supports cyclic backup of real servers in a server farm. A5(1.0) Added support for IPv6.2-1287 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands (config-sfarm-redirect-rs) conn-limit To configure the maximum and minimum number of connections that you want to allow for a redirect real server in a server farm, use the conn-limit command. Use the no form of this command to reset the real server maximum connections and minimum connections threshold to the default of 4000000. conn-limit max maxconns min minconns no conn-limit Syntax Description Command Modes Serverfarm redirect real server configuration mode Admin and user contexts Command History Usage Guidelines Use this command to specify the maximum number of connections and the minimum connection threshold for a redirect real server in a server farm. The minconns value must be less than or equal to the maxconns value. The ACE uses the minconns value as a threshold to start accepting connections again after the maxconns limit is exceeded. Examples To configure the maximum number of connections and the minimum connection threshold for a redirect real server, enter: host1/Admin(config-sfarm-redirect-rs)# conn-limit max 65535 min 40000 To reset the maximum number of connections and the minimum connection threshold for a redirect real server to the default of 4000000, enter: host1/Admin(config-sfarm-redirect-rs)# no conn-limit Related Commands (config-sfarm-redirect-rs) rate-limit max maxconns Specifies the maximum number of connections allowed for this real server. Enter an integer from 2 to 4000000. The default is 4000000. min minconns Specifies the connection threshold below which the real server will start accepting connections again after the number of connections exceeds the configured maximum number of connections. Enter an integer from 2 to 4000000. The default is minconns equal to maxconns. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1288 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands (config-sfarm-redirect-rs) inservice To place a real server associated with a server farm in service, use the inservice command. Use the no form of this command to take a real server out of service. inservice [standby] no inservice Syntax Description Command Modes Serverfarm redirect real server configuration mode Admin and user contexts Command History Usage Guidelines This command requires the real-inservice feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. To start load-balancing connections to a real server in a server farm, you must place the real server in service by using the inservice command. You can modify the attributes of a real server in a server farm without taking the server out of service. In addition to putting a backup real server in service standby, another use of the inservice standby command is to provide the graceful shutdown of primary real servers. Use this command to gracefully shut down servers with sticky connections. When you enter this command for a primary real server, the ACE does the following: • Tears down existing non-TCP connections to the server • Allows current TCP connections to complete • Allows new sticky connections for existing server connections that match entries in the sticky database • Load balances all new connections (other than the matching sticky connections mentioned above) to the other servers in the server farm • Eventually takes the server out of service standby (Optional) Used with backup real servers, specifies that a backup real server remain inactive unless the primary real server fails. If the primary fails, the backup server becomes active and starts accepting connections. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1289 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands Examples To place a real server in service, enter: host1/Admin(config-sfarm-redirect-rs)# inservice To perform a graceful shutdown on a primary real server with sticky connections in a server farm, enter: host1/Admin(config-sfarm-host-rs)# inservice standby To take a real server out of service, enter: host1/Admin(config-sfarm-redirect-rs)# no inservice Related Commands This command has no related commands.2-1290 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands (config-sfarm-host-rs) probe To configure a probe to monitor the health of a redirect real server in a redirect server farm, use the probe command. Use the no form of this command to remove the probe from the real server. probe probe-name no probe probe-name Syntax Description Command Modes Serverfarm redirect real server configuration mode Admin and user contexts Command History Usage Guidelines You can associate multiple probes with each real server. The ACE periodically sends the probes to the real servers. If the ACE receives the appropriate responses from the servers, the ACE includes the servers in load-balancing decisions. If not, the ACE marks the servers as out of service, depending on the configured number of retries. You can only configure probes with an IP address in routed mode under a redirect server. You cannot associate a scripted probe with a redirect server. Examples To configure a probe for a redirect real server, enter: host1/Admin(config-sfarm-host-rs)# probe SERVER1_PROBE To remove a probe from a redirect real server, enter: host1/Admin(config-sfarm-host-rs)# no probe SERVER1_PROBE Related Commands (config-probe-probe_type) ip address probe-name Identifier of an existing probe that you want to assign to a real server to monitor its health. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(3.2). Not applicable for A4(1.0). This command was introduced. ACE Appliance Release Modification A3(2.7). Not applicable for A4(1.0). This command was introduced.2-1291 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands (config-sfarm-redirect-rs) rate-limit To configure a limit for the connection rate and the bandwidth rate of a real server in a redirect server farm, use the rate-limit command. The connection rate is the number of connections per second received by the ACE and destined to a particular redirect real server. The bandwidth rate is the number of bytes per second received by the ACE and destined for a particular redirect real server. Use the no form of this command to revert to the ACE default of not limiting the connection rate or bandwidth rate of real servers in a server farm. rate-limit {connection number1 | bandwidth number2} no rate-limit {connection | bandwidth} Syntax Description Command Modes Serverfarm redirect real server configuration mode Admin and user contexts Command History Usage Guidelines If the connection rate or the bandwidth rate of incoming traffic destined for a particular real server exceeds the configured rate for the server, the ACE blocks any further traffic destined to that real server until the connection rate or bandwidth rate drops below the configured limit. Also, the ACE removes the blocked real server from future load-balancing decisions. By default, the ACE does not limit the connection rate or the bandwidth rate of real servers in a server farm. Examples To limit the connection rate of a real server to 100,000 connections per second, enter: host1/Admin(config-sfarm-redir-rs)# rate-limit connection 100000 To revert to the ACE default of not limiting the real-server connection rate, enter: host1/Admin(config-sfarm-redir-rs)# no rate-limit connection To limit the real-server bandwidth rate to 5,000,000 bytes per second, enter: host1/Admin(config-sfarm-redir-rs)# rate-limit bandwidth 5000000 connection number1 Specifies the real server connection-rate limit in connections per second. Enter an integer from 2 to 350000. There is no default value. bandwidth number2 Specifies the real server bandwidth-rate limit in bytes per second. Enter an integer from 2 to 300000000. There is no default value. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1292 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands To revert to the ACE default of not limiting real-server bandwidth, enter: host1/Admin(config-sfarm-redir-rs)# no rate-limit bandwidth Related Commands (config-sfarm-redirect-rs) conn-limit (config-sfarm-redirect-rs) weight To configure the capacity of a real server in relation to other servers in a server farm, use the weight command. The weight value that you specify for a server is used in the weighted round-robin and least-connections predictor load-balancing methods. Use the no form of this command to reset the real server weight to the default. weight number no weight Syntax Description Command Modes Serverfarm redirect real server configuration mode Admin and user contexts Command History Usage Guidelines Servers with higher weight values receive a proportionally higher number of connections than servers with lower weight values. To specify different weight values for a redirect real server in a server farm, you can assign multiple IP addresses to the server. Examples To configure a weight value for a real server, enter: host1/Admin(config-sfarm-redirect-rs)# weight 50 To reset the weight of a real server to the default of 8, enter: host1/Admin(config-sfarm-redirect-rs)# no weight number Weight value assigned to a real server in a server farm. This value is used in the weighted round-robin and least-connections predictor load-balancing algorithms. Enter an integer from 1 to 100. The default is 8. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1293 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Server Farm Redirect Real Server Configuration Mode Commands Related Commands (config-sfarm-redirect) predictor2-1294 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands SSL Proxy Configuration Mode Commands SSL proxy configuration mode commands allow you to define the Secure Sockets Layer (SSL) parameters that the ACE SSL proxy service uses in either SSL termination (proxy server service) or SSL initiation (proxy client service) during the SSL handshake. To create a new proxy service (or edit an existing proxy service) and access SSL proxy configuration mode, use the ssl-proxy service command in configuration mode. The CLI prompt changes to (config-ssl-proxy). Use the no form of this command to delete an existing SSL proxy service. ssl-proxy service pservice_name no ssl-proxy service pservice_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the SSL feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. When you create a SSL proxy service, the CLI changes to the SSL proxy configuration mode, where you define the following SSL proxy service attributes: • Client authentication group—See the (config-ssl-proxy) authgroup command. • Certificate—See the (config-ssl-proxy) cert command. • Client authentication using CRLs—See the (config-ssl-proxy) crl command • Chain group—See the (config-ssl-proxy) chaingroup command. • Key pair—See the (config-ssl-proxy) key command. • Parameter map—See the (config-ssl-proxy) ssl advanced-options command. Examples To create the SSL proxy service PSERVICE_SERVER, enter: host1/Admin(config)# ssl-proxy service PSERVICE_SERVER host1/Admin(config-ssl-proxy)# pservice_name Name of the SSL proxy service. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1295 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands To delete an existing SSL proxy service, enter: host1/Admin(config)# no ssl-proxy PSERVICE_SERVER Related Commands (config-ssl-proxy) authgroup (config-ssl-proxy) cert (config-ssl-proxy) chaingroup (config-ssl-proxy) key (config-ssl-proxy) ssl advanced-options (config-ssl-proxy) authgroup To specify the certificate authentication group that the ACE uses during the Secure Sockets Layer (SSL) handshake and enable client authentication on this SSL-proxy service, use the authgroup command. Use the no form of this command to delete a certificate authentication group from the SSL proxy service. authgroup group_name no authgroup group_name Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines When you enable client authentication, a significant performance decrease may occur in the ACE ACE. Examples To specify the certificate authentication group AUTH-CERT1, enter: host1/Admin(config-ssl-proxy)# authgroup AUTH-CERT1 To delete the certificate authentication group AUTH-CERT1 from the SSL proxy service, enter: host1/Admin(config-ssl-proxy)# no authgroup AUTH-CERT1 Related Commands (config) crypto chaingroup group_name Name of an existing certificate authentication group. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1296 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-parammap-ssl) authentication-failure (config-ssl-proxy) cert (config-ssl-proxy) key (config-ssl-proxy) ssl advanced-options2-1297 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) cert To specify the certificate that the ACE uses during the Secure Sockets Layer (SSL) handshake to prove its identity, use the cert command. Use the no form of this command to delete a certificate file from the SSL proxy service. cert cert_filename | cisco-sample-key no cert cert_filename | cisco-sample-key Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines The public key embedded in the certificate that you select must match the public key in the key pair file that you select. To verify that the public keys in the two files match, use the crypto verify command in the Exec mode. Examples To specify the certificate in the certificate file MYCERT.PEM, enter: host1/Admin(config-ssl-proxy)# cert MYCERT.PEM To delete the certificate in the certificate file MYCERT.PEM from the SSL proxy service, enter: host1/Admin(config-ssl-proxy)# no cert MYCERT.PEM Related Commands crypto verify name Name of an existing certificate file loaded on the ACE. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. To display a list of available certificate files, use the do show crypto files command. cisco-sample-cert Specifies the self-signed certificate named cisco-sample-cert that is preinstalled on the ACE. This file is available for use in any context with the filename remaining the same in each context. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.0) Added the sample-cisco-cert keyword. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) Added the sample-cisco-cert keyword.2-1298 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config) crypto chaingroup (config-ssl-proxy) authgroup (config-ssl-proxy) chaingroup (config-ssl-proxy) key (config-ssl-proxy) ssl advanced-options2-1299 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) chaingroup To specify the certificate chain group that the ACE sends to its peer during the Secure Sockets Layer (SSL) handshake, use the chaingroup command. Use the no form of this command to delete a certificate chain group from the SSL proxy service. chaingroup group_name no chaingroup group_name Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines The ACE includes the certificate chain with the certificate that you specified for the SSL proxy service. When a change occurs in a chain-group certificate, the change takes effect when you read the associated chain group through the chaingroup command. Examples To configure the ACE SSL proxy service to send the certificate chain group MYCHAINGROUP to its peer during the SSL handshake, enter: host1/Admin(config-ssl-proxy)# chaingroup MYCHAINGROUP To delete the certificate chain group MYCHAINGROUP from the SSL proxy service, enter: host1/Admin(config-ssl-proxy)# no chaingroup MYCHAINGROUP Related Commands (config) crypto chaingroup (config-ssl-proxy) authgroup (config-ssl-proxy) cert (config-ssl-proxy) key (config-ssl-proxy) ssl advanced-options group_name Name of an existing certificate chain group. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1300 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) crl To determine which certificate revocation lists (CRLs) to use for client or server authentication, use the crl command. Use the no form of this command to disable the use of CRL certificates during authentication. crl crl_name | best- effort no crl crl_name | best-effort Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines By default, the ACE does not use CRLs during client or server authentication. You can configure the SSL proxy service to use a CRL by either of the following methods: • The ACE can scan each certificate for the service to determine if it contains a CRL Distribution Point (CDP) pointing to a CRL in the certificate extension and then retrieve the CRL from that location if the CDP is valid. If the CDP has an http:// or ldap:// based URL, it uses the URL to download the CRL to the ACE module. • You can manually configure the download location for the CRL from which the ACE retrieves it. You can configure a maximum of eight CRLs per context. By default, the ACE does not reject certificates when the CRL in use has passed its update date. To configure the ACE to reject certificates when the CRL is expired, use the expired-crl reject command in parameter map SSL configuration mode. crl_name Name that you assigned to the CRL when you downloaded it using the configuration mode crypto crl command. See (config) crypto crl for more information. best-effort Specifies that the ACE scans each certificate to determine if it contains a CDP pointing to a CRL in the certificate extension and then retrieves the CRLs from that location, if the CDP is valid. ACE Module Release Modification A2(1.0) This command was introduced. A2(2.0) This command was revised for server authentication. ACE Appliance Release Modification A3(1.0) This command was introduced. A4(1.0) This command was revised for server authentication and the CRLs per context were increased from four to eight.2-1301 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands When attempting to download a CRL when best-effort CRLs are configured: • The ACE considers only the first four CDPs. From the CDPs obtained from certificate, the ACE only considers valid and complete CDPs for the downloading of the CRLs. If a CDP leads to the successful downloading of the CRL, ACE does not consider the subsequent CDPs for CRL downloads. • If none of the first four CDPs present in the certificate are valid to proceed with the downloading of the CRL, the ACE considers the certificate as revoked unless you configured the authentication-failure ignore command in parameter map SSL configuration mode. • If the ACE fails to download a CRL after trying four valid CDPs, the ACE aborts its initiated SSL connection unless you configured the authentication-failure ignore command in parameter map SSL configuration mode. • If the ACE detects CDP errors in the presented certificates or errors that occur during a CRL download, the ACE rejects the SSL connection unless you configured the cdp-errors ignore command in parameter map SSL configuration mode • The ACE skips malformed CDPs and processes subsequent CDPs. To display CDP error statistics including the number of malformed CDPs, use the show crypto cdp-errors command. Examples To enable the CRL1 CRL for authentication on an SSL proxy service, enter: host1/Admin(config-ssl-proxy)# crl CRL1 To scan the client certificate for CRL information, enter: host1/Admin(config-ssl-proxy)# crl best-effort To disable the use of a downloaded CRL during authentication, enter: host1/Admin(config-ssl-proxy)# no crl CRL1 To disable the use of CRL client certificates during authentication, enter: host1/Admin(config-ssl-proxy)# no crl best-effort Related Commands crypto crlparams (config) crypto crl (config-parammap-ssl) authentication-failure (config-parammap-ssl) cdp-errors ignore (config-parammap-ssl) expired-crl reject (config-ssl-proxy) authgroup (config-ssl-proxy) cert (config-ssl-proxy) chaingroup (config-ssl-proxy) key (config-ssl-proxy) ssl advanced-options2-1302 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) key To specify the key pair that the ACE uses during the Secure Sockets Layer (SSL) handshake for data encryption, use the key command. Use the no form of this command to delete a private key from the SSL proxy service. key key_filename | cisco-sample-key no key key_filename | cisco-sample-key Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines The public key in the key pair file that you select must match the public key embedded in the certificate that you select. To verify that the public keys in the two files match, use the crypto verify command in the Exec mode. Examples To specify the private key in the key pair file MYKEY.PEM for the SSL proxy service, enter: host1/Admin(config-ssl-proxy)# key MYKEY.PEM To delete the private key in the key pair file MYKEY.PEM from the SSL proxy service, enter: host1/Admin(config-ssl-proxy)# no key MYKEY.PEM Related Commands crypto verify (config-ssl-proxy) authgroup (config-ssl-proxy) cert key_filename Name of an existing key pair file loaded on the ACE. Enter an unquoted text string with no spaces and a maximum of 40 alphanumeric characters. cisco-sample-key Specifies the sample RSA 1024-bit key pair named cisco-sample-key that is preinstalled on the ACE. This file is available for use in any context with the filename remaining the same in each context. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A2(3.0) Added the sample-cisco-key keyword. ACE Appliance Release Modification A1(7) This command was introduced. A4(1.0) Added the sample-cisco-key keyword.2-1303 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) chaingroup (config-ssl-proxy) ssl advanced-options2-1304 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) ocspserver To apply an OCSP server to an SSL proxy service, use the ocspserver command. Use the no form of this command to remove the association of an OCSP server with the SSL proxy service. ocspserver ocsp_server_name | best-effort no ocspserver ocsp_server_name | best-effort Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines You can apply a maximum of 10 OCSP servers to an SSL proxy service. The format of the AIA extension is as follows: authorityInfoAccess = OCSP;URI: http://test1.ocsp.ve/,OCSP;URI:http://test2.ocsp.ve/ If this extension is missing from a certificate when best-effort is configured, the certificate is considered to be revoked. Examples to apply the OCSP_SERVER1 OCSP server to the PSERVICE_SERVER SSL proxy service, enter the following commands: host1/Admin(config)# ssl-proxy service PSERVICE_SERVER host1/Admin(config-ssl-proxy)# ocspserver OCSP_SERVER1 To apply a best-effort OCSP server to an SSL proxy service, enter the following commands: host1/Admin(config)# ssl-proxy service PSERVICE_SERVER ocsp_server_name Identifier of an OCSP server that you want to apply to this SSL proxy service. Enter the name of an existing OCSP server as a text string with no spaces and a maximum of 64 alphanumeric characters. best-effort Specifies that the ACE attempts to obtain certificate revocation information from an OCSP server on a best-effort basis. When you configure this keyword, the ACE extracts the OCSP server information (up to four OCSP server information elements) from the client certificate. This keyword forces the ACE to look for the AuthorityInfoAccess (AIA) extension in the incoming client or server certificates. ACE Module Release Modification A5(1.0) This command was introduced. ACE Appliance Release Modification A5(1.0) This command was introduced.2-1305 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands host1/Admin(config-ssl-proxy)# ocspserver best-effort To remove an OCSP server from an SSL proxy service, enter the following command; host1/Admin(config-ssl-proxy)# no ocspserver OCSP_SERVER1 Related Commands show crypto (config) crypto ocspserver2-1306 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) revcheckprio When you configure both OCSP and CRLs in the same SSL proxy service, you can control the order in which the ACE uses these two resources to check the revocation status of SSL certificates. To configure the order of revocation checking, use the revcheckprio command. Use the no form of this command to reset the ACE behavior to the default of checking the OCSP server first and then the CRLs for certificate revocation. revcheckprio crl-ocsp | ocsp-crl no revcheckprio crl-ocsp | ocsp-crl Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines If either OCSP or CRLs, but not both methods, are applied to an SSL proxy service, this command is not configurable. The coexistence of CRLs and OCSP server information and traversal through them may lead to extended handshake completion time and the overall performance of the ACE may degrade. You can apply a maximum of 10 OCSP servers to an SSL proxy service. The format of the AIA extension is as follows: authorityInfoAccess = OCSP;URI: http://test1.ocsp.ve/,OCSP;URI:http://test2.ocsp.ve/ If this extension is missing from a certificate when best-effort is configured, the certificate is considered to be revoked. The default revocation check priority order (revcheckprio ocsp-crl) is not displayed in the output of the show running-config command even if that priority order is configured. Examples To configure the ACE to check revocation status with CRLs first and then OCSP, enter the following commands: crl-ocsp Instructs the ACE to use a CRLs first and then OCSP to determine the revocation status of a client SSL certificate. ocsp-crl (Default) Instructs the ACE to use OSCP first and then CRLs to determine the revocation status of a client SSL certificate. ACE Module Release Modification A5(1.0) This command was introduced. ACE Appliance Release Modification A5(1.0) This command was introduced.2-1307 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands host1/Admin(config)# ssl-proxy service PSERVICE_SERVER host1/Admin(config-ssl-proxy)# revcheckprio crl-ocsp To reset the ACE behavior to the default of checking the OCSP server first and then the CRLs for certificate revocation, enter the following command: host1/Admin(config-ssl-proxy)# no revcheckprio crl-ocsp Related Commands show crypto (config) crypto ocspserver2-1308 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands SSL Proxy Configuration Mode Commands (config-ssl-proxy) ssl advanced-options To associate a context Secure Sockets Layer (SSL) parameter map with the SSL proxy server service, use the ssl advanced-options command. Use the no form of this command to remove the association of an SSL parameter map with the SSL proxy service. ssl advanced-options parammap_name no ssl advanced-options parammap_name Syntax Description Command Modes SSL proxy configuration mode Admin and user contexts Command History Usage Guidelines This command has no usage guidelines. Examples To associate the parameter map PARAMMAP_SSL with the SSL proxy service, enter: host1/Admin(config-ssl-proxy)# ssl advanced-options PARAMMAP_SSL To remove the association of an SSL parameter map PARAMMAP_SSL with the SSL proxy service, enter: host1/Admin(config-ssl-proxy)# no ssl advanced-options PARAMMAP_SSL Related Commands (config) parameter-map type (config-ssl-proxy) authgroup (config-ssl-proxy) cert (config-ssl-proxy) chaingroup (config-ssl-proxy) key parammap_name Name of an existing SSL parameter map. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1309 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands Sticky HTTP Cookie Configuration Mode Commands Sticky cookie configuration mode commands allow you to configure the ACE to learn a cookie from either the HTTP header of a client request or the Set-Cookie message sent by the server to a client. The ACE then uses the learned cookie to provide stickiness between a client and a server for the duration of a transaction. To configure the ACE to use HTTP cookies for stickiness, use the sticky http-cookie command in configuration mode. This command creates a sticky cookie group and allows you to access sticky cookie configuration mode. The prompt changes to (config-sticky-cookie). To remove the sticky cookie group from the configuration, use the no form of this command. sticky http-cookie name1 name2 no sticky http-cookie name1 name2 Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups in the ACE. By default, the maximum number of bytes that the ACE parses to check for a cookie, HTTP header, or URL is 2048. If a cookie, HTTP header, or URL exceeds the default value, the ACE drops the packet and sends a RST (reset) to the client browser. You can increase the number of bytes that the ACE parses using the (config-parammap-http) set header-maxparse-length command in HTTP parameter-map configuration mode. You can also change the default behavior of the ACE when a cookie, header, or URL exceeds the maximum parse length using the (config-parammap-http) length-exceed command in HTTP parameter-map configuration mode. name1 Cookie value from the HTTP header of the client request or from the Set-Cookie message from the server. Enter a unique identifier for the cookie with a maximum of 64 alphanumeric characters. name2 Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1310 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands Examples To create a sticky group for cookie stickiness, enter: host1/Admin(config)# sticky http-cookie cisco.com GROUP3 host1/Admin(config-sticky-cookie)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky http-cookie cisco.com GROUP3 Related Commands show running-config show sticky database (config) sticky http-header (config) sticky ip-netmask (config-sticky-cookie) cookie insert To enable cookie insertion, use the cookie insert command. Use cookie insertion when you want to use a session cookie for persistence if the server is not currently setting the appropriate cookie. Use the no form of this command to disable cookie insertion. cookie insert [browser-expire] no cookie insert [browser-expire] Syntax Description Command Modes Sticky cookie configuration mode Admin and user contexts Command History Usage Guidelines With cookie insertion enabled, the ACE inserts the cookie in the Set-Cookie header of the response from the server to the client. The ACE selects a cookie value that identifies the original server from which the client received a response. For subsequent connections of the same transaction, the client uses the cookie to stick to the same server. With either TCP server reuse or persistence rebalance enabled, the ACE inserts a cookie in every client request. See the (config-parammap-http) server-conn reuse or (config-parammap-http) persistence-rebalance commands. browser-expire (Optional) Allows the client’s browser to expire a cookie when the session ends. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1311 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands Examples To enable cookie insertion, enter: host1/Admin(config-sticky-cookie)# cookie insert To disable cookie insertion, enter: host1/Admin(config-sticky-cookie)# no cookie insert Related Commands show sticky cookie-insert group (config) sticky http-cookie (config-sticky-cookie) cookie To configure the cookie offset and length, use the cookie command. Use the no form of this command to remove the cookie offset and length from the configuration. cookie offset number1 [length number2] no cookie offset number1 [length number2] Syntax Description Command Modes Sticky cookie configuration mode Admin and user contexts Command History Usage Guidelines An HTTP cookie value may change over time with only a portion remaining constant throughout a transaction between the client and a server. You can configure the ACE to use the constant portion of a cookie to make persistent connections to a specific server. The ACE stores cookie offset and length values in the sticky table. offset number1 Specifies the portion of the cookie that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the cookie. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the cookie. length number2 (Optional) Specifies the length of the portion of the cookie (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is 1000. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1312 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands The offset and length can vary from 0 to 1000 bytes. If the content string is longer than the offset but shorter than the offset plus the length of the string, the ACE sticks the connection based on that portion of the content starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. Examples To configure the cookie offset and length, enter: host1/Admin(config-sticky-cookie)# cookie offset 300 length 900 To remove the cookie offset and length from the configuration, enter: host1/Admin(config-sticky-cookie)# no cookie offset 300 length 900 Related Commands (config) sticky http-cookie (config-sticky-cookie) cookie secondary To configure a secondary cookie, use the cookie secondary command. Use the no form of this command to remove a secondary cookie from the configuration. cookie secondary name no cookie secondary Syntax Description Command Modes Sticky cookie configuration mode Admin and user contexts Command History Usage Guidelines You can configure an alternative cookie name that appears in the URL string of the web page on the server. The ACE uses this cookie to maintain a sticky connection between a client and a server and adds a secondary entry in the sticky table. name Name of the secondary cookie. Enter a cookie name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1313 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands Examples To configure a secondary cookie, enter: host1/Admin(config-sticky-cookie)# cookie secondary mysite.com To remove a secondary cookie from the configuration, enter: host1/Admin(config-sticky-cookie)# no cookie secondary Related Commands (config) sticky http-cookie (config-sticky-cookie) replicate sticky To instruct the ACE to replicate HTTP cookie sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating HTTP cookie sticky table entries. replicate sticky no replicate sticky Command Modes Sticky cookie configuration mode Admin and user contexts Command History Usage Guidelines If you are using redundancy, you can configure the ACE to replicate HTTP cookie sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate HTTP cookie sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-cookie)# replicate sticky To restore the ACE to its default of not replicating HTTP cookie sticky table entries, enter: host1/Admin(config-sticky-cookie)# no replicate sticky Related Commands (config) sticky http-cookie ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1314 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands (config-sticky-cookie) serverfarm To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description Command Modes Sticky cookie configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1315 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with a sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-cookie)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from a sticky group, enter: host1/Admin(config-sticky-cookie)# no serverfarm Related Commands (config) sticky http-cookie (config-sticky-cookie) static cookie-value To configure a static cookie, use the static cookie-value command. Use the no form of this command to remove a static cookie from the configuration. static cookie-value value rserver name [number] no static cookie-value value rserver name [number] Syntax Description Command Modes Sticky cookie configuration mode Admin and user contexts Command History value Cookie string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. Alternatively, you can enter a text string with spaces provided that you enclose the string in quotation marks (“). rserver name Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. number (Optional) Port number of the real server. Enter an integer from 1 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-1316 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Cookie Configuration Mode Commands Usage Guidelines You can configure the ACE to use static cookies from entries based on cookie values and, optionally, real server names and ports. Static cookie values remain constant over time. You can configure multiple static cookie entries, but only one unique real-server name can exist for a given static cookie value. When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE. Examples To configure a static cookie, enter: host1/Admin(config-sticky-cookie)# static cookie-value CORVETTE rserver SERVER1 4000 To remove a static cookie form the configuration, enter: host1/Admin(config-sticky-cookie)# no static cookie-value CORVETTE rserver SERVER1 4000 Related Commands (config) sticky http-cookie (config-sticky-cookie) timeout To configure an HTTP cookie sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes. timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky cookie configuration mode Admin and user contexts Command History ACE Appliance Release Modification A1(7) This command was introduced. minutes Length of time in minutes that the ACE ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 0 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that a sticky entry is timed out when the timer expires even if there are active connections associated with the sticky entry. ACE Module Release Modification 3.0(0)A1(2) This command was introduced.2-1317 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps the HTTP cookie sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry. When you configure sticky timeout for an HTTP cookie, the timeout translates into the expiration date for the cookie. This expiration date can be longer than the actual timeout specified in the timeout command, with sometimes as much as 20 to 25 minutes added to the expiration date. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out HTTP cookie sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To set the duration for sticky connections between a client and a real server to 720 minutes, enter: host1/Admin(config-sticky-cookie)# timeout 720 To configure the ACE to time out HTTP cookie sticky entries even if active connections exist for those entries, enter: host1/Admin(config-sticky-cookie)# timeout activeconns To restore the ACE to its default of not timing out HTTP cookie sticky entries if active connections exist for those entries, enter: host1/Admin(config-sticky-cookie)# no timeout activeconns Related Commands (config) sticky http-cookie Sticky HTTP Content Configuration Mode Commands Sticky HTTP content configuration mode commands allow you to configure the ACE to stick client connections to the same real server based on a string in the data portion of the HTTP packet. To create an HTTP content sticky group and access sticky HTTP content configuration mode, use the sticky http-content command. The prompt changes to (config-sticky-content). Use the no form of this command to remove the sticky group from the configuration. sticky http-content name no sticky http-content name Syntax Description ACE Appliance Release Modification A1(7) This command was introduced. name Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1318 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups on the ACE. Examples To create a sticky group for HTTP packet content stickiness, enter: host1/Admin(config)# sticky http-content HTTP_CONTENT_GROUP host1/Admin(config-sticky-content)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky http-content HTTP_CONTENT_GROUP Related Commands show running-config show sticky database (config-sticky-content) content To define the portion of the HTTP packet contents that you want the ACE to match, use the content command. Using this command, you can specify offset and length values and a beginning and ending pattern based on a regular expression. The ACE stores these values in the sticky table and uses them to stick a client to a particular server. Use the no form of this command to remove the HTTP content specification from the sticky table. content [offset number1] [length number2] [begin-pattern expression1] [end-pattern expression2] no content [offset number1] [length number2] [begin-pattern expression1] [end-pattern expression2] ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1319 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands Syntax Description Command Modes Sticky HTTP content configuration mode offset number1 (Optional) Specifies the portion of the content that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the content. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the content. length number2 (Optional) Specifies the length of the portion of the content (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire content. The offset and length can vary from 0 to 1000 bytes. If the content string is longer than the offset but shorter than the offset plus the length of the string, the ACE sticks the connection based on that portion of the content starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. You cannot specify both the length and the end-pattern options in the same content command. begin-pattern expression1 (Optional) Specifies the beginning pattern of the HTTP packet content payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?). end-pattern expression2 (Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an ending pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. You cannot specify both the length and the end-pattern options in the same content command.2-1320 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands Admin and user contexts Command History Usage Guidelines The contents of an HTTP packet may change over time with only a portion remaining constant throughout a transaction between the client and a server. You can configure the ACE to use the constant portion of the HTTP packet content to make persistent connections to a specific server. To define the portion of the packet content that you want the ACE to use, you specify offset and length values and a beginning and ending pattern. The ACE stores these values in the sticky table. Examples To create an HTTP packet content specification that the ACE will use to stick traffic to a server, enter: host1/Admin(config-sticky-content)# content offset 250 length 750 begin-pattern abc123.* To remove the HTTP packet content specification from the configuration, enter: host1/Admin(config-sticky-content)# no content Related Commands (config) sticky http-content (config-sticky-content) replicate sticky To instruct the ACE to replicate HTTP content sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating HTTP content sticky table entries. replicate sticky no replicate sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky HTTP content configuration mode Admin and user contexts Command History ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced. ACE Module Release Modification A2(1.0) This command was introduced.2-1321 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands Usage Guidelines If you are using redundancy, you can configure the ACE to replicate HTTP content sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate HTTP content sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-content)# replicate sticky To restore the ACE default of not replicating HTTP content sticky table entries, enter: host1/Admin(config-sticky-content)# no replicate sticky Related Commands (config) sticky http-content (config-sticky-content) serverfarm To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description ACE Appliance Release Modification A3(1.0) This command was introduced. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1322 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands Command Modes Sticky HTTP content configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with an HTTP content sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-content)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from an HTTP content sticky group, enter: host1/Admin(config-sticky-content)# no serverfarm Related Commands (config) sticky http-content sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1323 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands (config-sticky-content) static content To configure a static HTTP content sticky table entry, use the static content command. Use the no form of this command to remove the static entry from the sticky table. static content value rserver name [number] no static content value rserver name [number] Syntax Description Command Modes Sticky HTTP content configuration mode Admin and user contexts Command History Usage Guidelines You can configure the ACE to use static sticky table entries based on the HTTP content and optionally, the real server name and port. Static sticky HTTP content entries remain constant over time. You can configure multiple static content entries, but only one unique real-server name can exist for a given static content string. When you configure a static entry, the ACE enters it into the sticky table immediately. You can configure a maximum of 4096 static sticky entries in the ACE. Examples To configure a static sticky entry based on the HTTP content and the server name and port number, enter: host1/Admin(config-sticky-content)# static content STINGRAY rserver SERVER1 4000 To remove the static HTTP content entry from the sticky table, enter: host1/Admin(config-sticky-content)# no static content STINGRAY rserver SERVER1 4000 Related Commands (config) sticky http-content value Content string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks (“). rserver name Specifies that the static entry is based on the real server name. Enter the name of an existing real server as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. number (Optional) Port number of the real server. Enter an integer from 1 to 65535. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1324 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Content Configuration Mode Commands (config-sticky-content) timeout To configure an HTTP content sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours). timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky HTTP content configuration mode Admin and user contexts Command History Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps the HTTP content sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out HTTP content sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To specify a timeout value of 720 minutes, enter: host1/Admin(config-sticky-content)# timeout 720 To reset the timeout to the default value of 1440 minutes (24 hours), enter: host1/Admin(config-sticky-content)# no timeout 720 To specify that the ACE time out HTTP content sticky table entries even if active connections exist after the sticky timer expires, enter: host1/Admin(config-sticky-content)# timeout activeconns minutes Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that sticky entries are timed out when the sticky timer expires even if there are active connections. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1325 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands To restore the ACE to its default of not timing out HTTP content sticky entries if active connections exist for those entries, enter: host1/Admin(config-sticky-content)# no timeout activeconns Related Commands (config) sticky http-content Sticky HTTP Header Configuration Mode Commands Sticky HTTP header configuration mode commands allow you to create an HTTP header sticky group to enable the ACE to stick client connections to the same real server based on HTTP headers. To access sticky HTTP header configuration mode, use the sticky http-header command. The prompt changes to (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration. sticky http-header name1 name2 no sticky http-header name1 name2 Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups in the ACE. name1 HTTP header name. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. Alternatively, you can enter one of the standard HTTP headers described in Table 1-23. name2 Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1326 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands By default, the maximum number of bytes that the ACE parses to check for a cookie, HTTP header, or URL is 2048. If a cookie, HTTP header, or URL exceeds the default value, the ACE drops the packet and sends a RST (reset) to the client browser. You can increase the number of bytes that the ACE parses using the (config-parammap-http) set header-maxparse-length command in HTTP parameter-map configuration mode. You can also change the default behavior of the ACE when a cookie, header, or URL exceeds the maximum parse length using the (config-parammap-http) length-exceed command in HTTP parameter-map configuration mode. Table 1-23 lists and describes the standard HTTP header names. Ta b l e 1-23 HTTP Header Names Field Name Description Accept Semicolon-separated list of representation schemes (content type metainformation values) that will be accepted in the response to the request. Accept-Charset Character sets that are acceptable for the response. This field allows clients that can understand more comprehensive or special-purpose character sets to signal that capability to a server that can represent documents in those character sets. Accept-Encoding Restricts the content encoding that a user will accept from the server. Accept-Language ISO code for the language in which the document is written. The language code is an ISO 3316 language code with an optional ISO 639 country code to specify a national variant. Authorization Specifies that the user agent wants to authenticate itself with a server, usually after receiving a 401 response. Cache-Control Directives that must be obeyed by all caching mechanisms on the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. Connection Allows the sender to specify connection options. Content-MD5 MD5 digest of the entity body that provides an end-to-end integrity check. Only a client or an origin server can generate this header field. Expect Used by a client to inform the server about the behaviors that the client requires. From E-mail address of the person who controls the requesting user agent. Host Internet host and port number of the resource being requested, as obtained from the original URI given by the user or referring resource. The Host field value must represent the naming authority of the origin server or gateway given by the original URL. If-Match Used with a method to make it conditional. A client that has one or more entities previously obtained from the resource can verify that one of those entities is current by including a list of their associated entity tags in the If-Match header field. This feature allows efficient updates of cached information with a minimum amount of transaction overhead. It is also used, on updating requests, to prevent inadvertent modification of the wrong version of a resource. As a special case, the asterisk (*) value matches any current entity of the resource.2-1327 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands Examples To create a group for HTTP header stickiness, enter: host1/Admin(config-sticky-header)# sticky http-header Host GROUP4 To remove the sticky group from the configuration, enter: host1/Admin(config-sticky-header)# no sticky http-header Host GROUP4 Related Commands show running-config show sticky database (config) sticky http-cookie (config) sticky ip-netmask (config-sticky-header) header To configure the HTTP header offset and length, use the header command. Use the no form of this command to remove the HTTP header offset and length values from the configuration. header offset number1 [length number2] no header offset number1 [length number2] Pragma Pragma directives that are understood by servers to which the directives are relevant. The syntax is the same as for other multiple-value fields in HTTP. For example, the accept field is a comma-separated list of entries for which the optional parameters are separated by semicolons. Referer Address (URI) of the resource from which the URI in the request was obtained. Transfer-Encoding What (if any) type of transformation has been applied to the message body in order to safely transfer it between the sender and the recipient. User-Agent Information about the user agent (for example, a software program originating the request). This information is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents for tailoring responses to avoid user agent limitations. Via Used by gateways and proxies to indicate the intermediate protocols and recipients between the user agent and the server on requests and between the origin server and the client on responses. Table 1-23 HTTP Header Names (continued) Field Name Description2-1328 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands Syntax Description Command Modes Sticky HTTP header configuration mode Admin and user contexts Command History Usage Guidelines The ACE stores header offset and length values in the sticky table. You can configure the ACE to use a portion of an HTTP header to make persistent connections to a specific server. To define the portion of the HTTP header that you want the ACE to use, you specify HTTP header offset and length values. The offset and length can vary from 0 to 1000 bytes. The ACE sticks the connection based on that portion of the HTTP header that starts with the byte after the offset value and ends with the byte specified by the offset plus the length. The total bytes represented by the header offset and length cannot exceed 1000. Examples To configure the header offset and length, enter: host1/Admin(config-sticky-header)# header offset 300 length 900 To remove the HTTP header offset and length values from the configuration, enter: host1/Admin(config-sticky-header)# no header offset 300 length 900 Related Commands (config) sticky http-header offset number1 Specifies the portion of the HTTP header that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the HTTP header. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the header. length number2 (Optional) Specifies the length of the portion of the HTTP header (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is 1000. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1329 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands (config-sticky-header) replicate sticky To instruct the ACE to replicate HTTP header sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating HTTP header sticky table entries. replicate sticky no replicate sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky HTTP header configuration mode Admin and user contexts Command History Usage Guidelines If you are using redundancy, you can configure the ACE to replicate HTTP header sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate HTTP header sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-header)# replicate sticky To restore the ACE to its default of not replicating HTTP header sticky table entries, enter: host1/Admin(config-sticky-header)# no replicate sticky Related Commands (config) sticky http-header ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1330 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands (config-sticky-header) serverfarm To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description Command Modes Sticky HTTP header configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1331 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with a sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-header)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from a sticky group, enter: host1/Admin(config-sticky-header)# no serverfarm Related Commands (config) serverfarm (config) sticky http-header2-1332 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands (config-sticky-header) static header-value To configure a static header, use the static header-value command. Use the no form of this command to remove a static header from the configuration. static header-value value rserver name [number] no static header-value value rserver name [number] Syntax Description Command Modes Sticky HTTP header configuration mode Admin and user contexts Command History Usage Guidelines You can configure the ACE to use static header sticky entries based on HTTP header values and optionally, real server names and ports. Static sticky header values remain constant over time. You can configure multiple static header entries, but only one unique real-server name can exist for a given static header sticky value. When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE. Examples To configure a static header, enter: host1/Admin(config-sticky-header)# static header-value CORVETTE rserver SERVER1 4000 To remove a static header from the configuration, enter: host1/Admin(config-sticky-header)# no static header-value CORVETTE rserver SERVER1 4000 Related Commands (config) sticky http-header value Header string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. Alternatively, you can enter a text string with spaces provided that you enclose the entire string in quotation marks (“). rserver name Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. number (Optional) Port number of the real server. Enter an integer from 1 to 65535. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1333 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky HTTP Header Configuration Mode Commands (config-sticky-header) timeout To configure an HTTP header sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes. timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky HTTP header configuration mode Admin and user contexts Command History Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps the HTTP header sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out HTTP header sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To specify a timeout value of 720 minutes, enter: host1/Admin(config-sticky-header)# timeout 720 To reset the timeout to the default value of 1440 minutes (24 hours), enter: host1/Admin(config-sticky-header)# no timeout 720 To specify that the ACE time out HTTP header sticky table entries even if active connections exist after the sticky timer expires, enter: host1/Admin(config-sticky-content)# timeout activeconns minutes Length of time in minutes that the ACE ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that sticky entries are timed out when the timer expires even if there are active connections. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1334 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands To restore the ACE to its default of not timing out HTTP header sticky entries if active connections exist for those entries, enter: host1/Admin(config-sticky-header)# no timeout activeconns Related Commands (config) sticky http-header Sticky IP Configuration Mode Commands Sticky IP configuration mode commands allow you to create a sticky group for IP address stickiness. To create a sticky group and access sticky IP configuration mode, use the sticky ip-netmask command. The prompt changes to (config-sticky-ip). Use the no form of this command to remove the sticky group from the configuration. sticky {v6-prefix prefix_length | ip-netmask netmask} address {source | destination | both} name no sticky {v6-prefix prefix_length | ip-netmask netmask} address {source | destination | both} name Syntax Description Command Modes Configuration mode v6-prefix prefix_length IPv6 prefix that specifies how many of the most significant bits (MSBs) of the IPv6 address are used for the network identifier. Enter an integer from 1 to 128. netmask Network mask that the ACE applies to the IP address. Enter a network mask in dotted-decimal notation (for example, 255.255.255.0). Note (ACE module only) If you configure a network mask other than 255.255.255.255 (/32), the ACE may populate the sticky entries only on one of its two network processors which may reduce the number of available sticky entries by 50 percent. This reduction in resources can cause problems when heavy sticky use occurs on the ACE. address {source | destination | both} Specifies the IP address used for stickiness. Enter one of the following keywords: • source—Specifies that the ACE use the client source IP address to stick the client to a server. You use this keyword in web application environments. • destination—Specifies that the ACE use the destination address specified in the client request to stick the client to a server. You use this keyword in caching environments. • both—Specifies that the ACE use both the source IP address and the destination IP address to stick the client to a server. name Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1335 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands Admin and user contexts Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups on the ACE. Examples IPv6 Example To create a sticky group that uses IPv6 address stickiness based on both the source IPv6 address and the destination IPv6 address, enter: host1/Admin(config)# sticky v6-prefix 64 address both GROUP1 host1/Admin(config-sticky-ip)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky v6-prefix 64 address both GROUP1 IPv4 Example To create a sticky group that uses IPv4 address stickiness based on both the source IP address and the destination IPv4 address, enter: host1/Admin(config)# sticky ip-netmask 255.255.255.255 address both GROUP1 host1/Admin(config-sticky-ip)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky ip-netmask 255.255.255.255 address both GROUP1 Related Commands show running-config show sticky database (config) sticky http-cookie (config) sticky http-header ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added the v6-prefix keyword and argument. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added the v6-prefix keyword and argument.2-1336 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands (config-sticky-ip) replicate sticky To instruct the ACE to replicate IP address sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating IP address sticky table entries. replicate sticky no replicate sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky IP configuration mode Admin and user contexts Command History Usage Guidelines If you are using redundancy, you can configure the ACE to replicate IP address sticky table entries on the standby ACE so that, if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate IP address sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-ip)# replicate sticky To restore the ACE default of not replicating IP address sticky table entries, enter: host1/Admin(config-sticky-ip)# no replicate sticky Related Commands (config) sticky ip-netmask ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1337 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands (config-sticky-ip) serverfarm To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description Command Modes Sticky IP configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1338 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with a sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-ip)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from a sticky group, enter: host1/Admin(config-sticky-ip)# no serverfarm Related Commands (config) sticky ip-netmask (config-sticky-ip) static client source To configure static sticky-IP table entries for IPv6 or IPv4, use the static client command. Use the no form of this command to remove the static entry from the sticky table. The syntax of this command varies according to the address option that you chose when you created the sticky group using the (config) sticky ip-netmask command. If you configured the sticky group with the source option, the syntax of this command is as follows: static client source ip_address rserver name [number] no static client source ip_address rserver name [number] If you configured the sticky group with the destination option, the syntax of this command is as follows: static client destination ip_address rserver name [number] no static client destination ip_address rserver name [number] If you configured the sticky group with the both option, the syntax of this command is as follows: static client source ip_address destination ip_address rserver name [number] no static client source ip_address destination ip_address rserver name [number] Syntax Description source ip-address Specifies that the static entry is based on the source IP address. Enter an IP address in dotted-decimal notation (for example, 192.168.12.15). rserver name Specifies that the static entry is based on the real server name. Enter the name of an existing real server as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1339 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands Command Modes Sticky IP configuration mode Admin and user contexts Command History Usage Guidelines You can configure static sticky table entries based on the IPv6 or IPv4 source IP address, the destination IP address, or the real server name and port. Static sticky-IP values remain constant over time and you can configure multiple static entries. When you configure a static entry, the ACE enters it into the sticky table immediately. You can configure a maximum of 4096 static sticky entries in the ACE. Examples IPv6 Example To configure a static sticky entry based on the source IP address, the destination IP address, and the server name and port number, enter: host1/Admin(config-sticky-ip)# static client source 2001:DB8:12::15 destination 2001:DB8:27::3 rserver SERVER1 2000 To remove the static entry from the sticky table, enter: host1/Admin(config-sticky-ip)# no static client source 2001:DB8:12::15 destination 2001:DB8:27::3 rserver SERVER1 2000 IPv4 Example To configure a static sticky entry based on the source IP address, the destination IP address, and the server name and port number, enter: host1/Admin(config-sticky-ip)# static client source 192.168.12.15 destination 172.16.27.3 rserver SERVER1 2000 To remove the static entry from the sticky table, enter: host1/Admin(config-sticky-ip)# no static client source 192.168.12.15 destination 172.16.27.3 rserver SERVER1 2000 number (Optional) Port number of the real server. Enter an integer from 1 to 65535. destination ip-address Specifies that the static entry is based on the destination IP address. Enter an IP address in dotted-decimal notation (for example, 172.16.27.3). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. A5(1.0) Added IPv6 support. ACE Appliance Release Modification A1(7) This command was introduced. A5(1.0) Added IPv6 support.2-1340 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands Related Commands (config) sticky ip-netmask2-1341 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky IP Configuration Mode Commands (config-sticky-ip) timeout To configure an IP address sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours). timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky IP configuration mode Admin and user contexts Command History Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps (if possible) the IP address sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection or receives a new HTTP GET on an existing connection matching that entry. High connection rates may cause the sticky table entries to age out prematurely. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out IP address sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To specify a timeout value of 720 minutes, enter: host1/Admin(config-sticky-ip)# timeout 720 To specify that the ACE time out IP address sticky table entries even if active connections exist after the sticky timer expires, enter: host1/Admin(config-sticky-ip)# timeout activeconns To restore the ACE to its default of not timing out IP address sticky entries if active connections exist, enter: host1/Admin(config-sticky-ip)# no timeout activeconns minutes Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that sticky entries are timed out when the timer expires even if there are active connections. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1342 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands Related Commands (config) sticky ip-netmask Sticky Layer 4 Payload Configuration Mode Commands Sticky Layer 4 payload configuration mode commands allow you to configure the ACE to stick client connections to the same real server based on a string in the payload portion of the Layer 4 protocol packet. To create a Layer 4 payload sticky group and access sticky Layer 4 payload configuration mode, use the sticky layer4-payload command. The prompt changes to (config-sticky-l4payloa). Use the no form of this command to remove the sticky group from the configuration. sticky layer4-payload name no sticky layer4-payload name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups on the ACE. Examples To create a sticky group that uses Layer 4 payload stickiness, enter: host1/Admin(config)# sticky layer4-payload L4_PAYLOAD_GROUP host1/Admin(config-sticky-l4payloa)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky layer4-payload L4_PAYLOAD_GROUP name Unique identifier of the sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1343 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands Related Commands show running-config show sticky database2-1344 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands (config-sticky-l4payloa) layer4-payload To define the portion of the payload that you want the ACE to match, use the layer4-payload command. Using this command, you can specify payload offset and length values and a beginning and ending pattern based on a regular expression. The ACE stores these values in the sticky table and uses them to stick a client to a particular server. Use the no form of this command to remove the Layer 4 payload specification from the sticky table. layer4-payload [offset number1] [length number2] [begin-pattern expression1] [end-pattern expression2] no layer4-payload [offset number1] [length number2] [begin-pattern expression1] [end-pattern expression2] Syntax Description offset number1 (Optional) Specifies the portion of the payload that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the payload. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the payload. length number2 (Optional) Specifies the length of the portion of the payload (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is the entire payload. The offset and length can vary from 0 to 1000 bytes. If the payload is longer than the offset but shorter than the offset plus the length of the payload, the ACE sticks the connection based on that portion of the payload starting with the byte after the offset value and ending with the byte specified by the offset plus the length. The total of the offset and the length cannot exceed 1000. You cannot specify both the length and the end-pattern options in the same layer4-payload command. begin-pattern expression1 (Optional) Specifies the beginning pattern of the Layer 4 payload and the pattern string to match before hashing. If you do not specify a beginning pattern, the ACE starts parsing immediately following the offset byte. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. When matching data strings, the period (.) and question mark (?) characters do not have a literal meaning in regular expressions. Use brackets ([]) to match these symbols (for example, enter www[.]xyz[.]com instead of www.xyz.com). You can also use a backslash (\) to escape a dot (.) or a question mark (?).2-1345 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands Command Modes Sticky Layer 4 payload configuration mode Admin and user contexts Command History Usage Guidelines A Layer 4 payload may change over time with only a portion remaining constant throughout a transaction between the client and a server. You configure the ACE to use either a specific portion or the constant portion of a Layer 4 payload to make persistent connections to a specific server. To define the portion of the payload that you want the ACE to use, you specify payload offset and length values and a beginning and ending pattern. The ACE stores these values in the sticky table. Examples To create a Layer 4 payload specification that the ACE will use to stick traffic to a server, enter: host1/Admin(config-sticky-l4payloa)# layer4-payload offset 250 length 750 begin-pattern abc123.* To remove the Layer 4 payload specification from the configuration, enter: host1/Admin(config-sticky-l4payloa)# no layer4-payload Related Commands (config) sticky layer4-payload end-pattern expression2 (Optional) Specifies the pattern that marks the end of hashing. If you do not specify either a length or an ending pattern, the ACE continues to parse the data until it reaches the end of the field or the end of the packet, or until it reaches the maximum body parse length. You cannot configure different beginning and ending patterns for different server farms that are part of the same traffic classification. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters for each pattern that you configure. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). The ACE supports the use of regular expressions for matching string expressions. You cannot specify both the length and the end-pattern options in the same layer4-payload command. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1346 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands (config-sticky-l4payloa) replicate sticky To instruct the ACE to replicate Layer 4 payload sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating Layer 4 payload sticky table entries. replicate sticky no replicate sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky Layer 4 payload configuration mode Admin and user contexts Command History Usage Guidelines If you are using redundancy, you can configure the ACE to replicate Layer 4 payload sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate Layer 4 payload sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-l4payloa)# replicate sticky To restore the ACE default of not replicating Layer 4 payload sticky table entries, enter: host1/Admin(config-sticky-l4payloa)# no replicate sticky Related Commands (config) sticky layer4-payload ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1347 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands (config-sticky-l4payloa) response sticky To instruct the ACE to parse the response bytes from a server and perform sticky learning, use the response sticky command. Use the no form of this command to restore the ACE to its default of not parsing the response from a server. response sticky no response sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky Layer 4 payload configuration mode Admin and user contexts Command History Usage Guidelines Use this command when you want the ACE to parse both the request from the client and the response from the server. Sticky learning allows the ACE to populate the sticky database with a hash of the response bytes from a server. The next time a client request arrives with those same bytes, then the ACE sticks the client to the same server. Examples To instruct the ACE to perform sticky learning on responses from a server, enter: host1/Admin(config-sticky-l4payloa)# response sticky To restore the ACE default of not performing sticky learning on responses from a server, enter: host1/Admin(config-sticky-l4payloa)# no response sticky Related Commands (config) sticky layer4-payload ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1348 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands (config-sticky-l4payloa) serverfarm To complete a sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description Command Modes Sticky Layer 4 payload configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1349 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with a Layer 4 payload sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-l4payloa)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from a Layer 4 payload sticky group, enter: host1/Admin(config-sticky-l4payloa)# no serverfarm Related Commands (config) sticky layer4-payload (config-sticky-l4payloa) static layer4-payload To configure static Layer 4 payload sticky table entries, use the static layer4-payload command. Use the no form of this command to remove the static entry from the sticky table. static layer4-payload value rserver name [number] no static layer4-payload value rserver name [number] Syntax Description Command Modes Sticky Layer 4 payload configuration mode Admin and user contexts Command History value Payload string value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces if you enclose the entire string in quotation marks (“). rserver name Specifies that the static entry is based on the real server name. Enter the name of an existing real server as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. number (Optional) Port number of the real server. Enter an integer from 1 to 65535. ACE Module Release Modification A2(1.0) This command was introduced.2-1350 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky Layer 4 Payload Configuration Mode Commands Usage Guidelines You can configure static sticky table entries based on the Layer 4 payload and optionally, the real server name and port. Static sticky Layer 4 payload values remain constant over time. You can configure multiple static payload entries, but only one unique real-server name can exist for a given static payload value. When you configure a static entry, the ACE enters it into the sticky table immediately. You can configure a maximum of 4096 static sticky entries in the ACE. Examples To configure a static sticky entry based on the Layer 4 payload and the server name and port number, enter: host1/Admin(config-sticky-l4payloa)# static layer4-payload STINGRAY rserver SERVER1 4000 To remove the static Layer 4 payload entry from the sticky table, enter: host1/Admin(config-sticky-l4payloa)# no static layer4-payload STINGRAY rserver SERVER1 4000 Related Commands (config) sticky layer4-payload (config-sticky-l4payloa) timeout To configure a Layer 4 payload sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours). timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky Layer 4 payload configuration mode Admin and user contexts Command History ACE Appliance Release Modification A3(1.0) This command was introduced. minutes Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that sticky entries are timed out when the sticky timer expires even if there are active connections. ACE Module Release Modification A2(1.0) This command was introduced.2-1351 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RADIUS Configuration Mode Commands Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps the Layer 4 payload sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out Layer 4 payload sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To specify a timeout value of 720 minutes, enter: host1/Admin(config-sticky-l4payloa)# timeout 720 To specify that the ACE time out Layer 4 payload sticky table entries even if active connections exist after the sticky timer expires, enter: host1/Admin(config-sticky-l4payloa)# timeout activeconns To restore the ACE to its default of not timing out Layer 4 payload sticky entries if active connections exist, enter: host1/Admin(config-sticky-l4payloa)# no timeout activeconns Related Commands (config) sticky layer4-payload Sticky RADIUS Configuration Mode Commands Sticky RADIUS configuration mode commands allow you to configure the ACE to stick client connections to the same real server based on a RADIUS attribute. To create a RADIUS attribute sticky group and access sticky RADIUS configuration mode, use the sticky radius framed-ip command. The prompt changes to (config-sticky-radius). Use the no form of this command to remove the sticky group from the configuration. sticky radius framed-ip [calling-station-id | username] name no sticky radius framed-ip [calling-station-id | username] name Syntax Description ACE Appliance Release Modification A3(1.0) This command was introduced. calling-station-id (Optional) Specifies stickiness based on the RADIUS framed IP attribute and the calling station ID attribute.2-1352 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RADIUS Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups on the ACE. Examples To create a sticky group that uses RADIUS attribute stickiness, enter: host1/Admin(config)# sticky radius framed-ip calling-station-id RADIUS_GROUP host1/Admin(config-sticky-radius)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky radius framed-ip calling-station-id RADIUS_GROUP Related Commands show running-config show sticky database username (Optional) Specifies stickiness based on the RADIUS framed IP attribute and the username attribute. name Unique identifier of the RADIUS sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1353 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RADIUS Configuration Mode Commands (config-sticky-radius) replicate sticky To instruct the ACE to replicate RADIUS attribute sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating RADIUS sticky group table entries. replicate sticky no replicate sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky RADIUS configuration mode Admin and user contexts Command History Usage Guidelines If you are using redundancy, you can configure the ACE to replicate RADIUS attribute sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate RADIUS attribute sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-radius)# replicate sticky To restore the ACE default of not replicating RADIUS attribute sticky table entries, enter: host1/Admin(config-sticky-radius)# no replicate sticky Related Commands (config) sticky radius framed-ip ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1354 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RADIUS Configuration Mode Commands (config-sticky-radius) serverfarm To complete a RADIUS attribute sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description Command Modes Sticky RADIUS configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1355 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RADIUS Configuration Mode Commands • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with a RADIUS attribute sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-radius)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from a RADIUS attribute sticky group, enter: host1/Admin(config-sticky-radius)# no serverfarm Related Commands (config) sticky radius framed-ip (config-sticky-radius) timeout To configure a RADIUS sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes (24 hours). timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky RADIUS configuration mode Admin and user contexts Command History minutes Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that sticky entries are timed out when the sticky timer expires even if there are active connections. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1356 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps the RADIUS attribute sticky group information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out RADIUS sticky group table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To specify a timeout value of 720 minutes, enter: host1/Admin(config-sticky-radius)# timeout 720 To specify that the ACE time out RADIUS sticky group table entries even if active connections exist after the sticky timer expires, enter: host1/Admin(config-sticky-radius)# timeout activeconns To restore the ACE to its default of not timing out RADIUS sticky group entries if active connections exist, enter: host1/Admin(config-sticky-radius)# no timeout activeconns Related Commands (config) sticky radius framed-ip Sticky RTSP Header Configuration Mode Commands Sticky RTSP header configuration mode commands allow you to create an RTSP header sticky group to enable the ACE to stick client connections to the same real server based on the RTSP Session header field. To access sticky RTSP header configuration mode, use the sticky rtsp-header command. The prompt changes to (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration. sticky rtsp-header Session name1 no sticky rtsp-header Session name1 Syntax Description Command Modes Configuration mode Admin and user contexts Session RTSP Session header field. The ACE supports only the RTSP Session header field for stickiness. name1 Unique identifier of the RTSP sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1357 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups in the ACE. Examples To create a group for RTSP header stickiness, enter: host1/Admin(config)# sticky rtsp-header Session RTSP_GROUP host1/Admin(config-sticky-header)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky rtsp-header Session RTSP_GROUP Related Commands show running-config show sticky database ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1358 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands (config-sticky-header) header To configure the RTSP Session header offset and length, use the header command. Use the no form of this command to remove the RTSP Session header offset and length values from the configuration. header offset number1 [length number2] no header offset number1 [length number2] Syntax Description Command Modes Sticky RTSP header configuration mode Admin and user contexts Command History Usage Guidelines The ACE stores header offset and length values in the sticky table. You can configure the ACE to use a portion of the RTSP header to make persistent connections to a specific server. To define the portion of the RTSP header that you want the ACE to use, you specify RTSP header offset and length values. The offset and length can vary from 0 to 1000 bytes. The ACE sticks the connection based on that portion of the RTSP header that starts with the byte after the offset value and ends with the byte specified by the offset plus the length. The total bytes represented by the header offset and length cannot exceed 1000. Examples To configure the header offset and length, enter: host1/Admin(config-sticky-header)# header offset 300 length 900 To remove the RTSP header offset and length values from the configuration, enter: host1/Admin(config-sticky-header)# no header offset 300 length 900 offset number1 Specifies the portion of the RTSP Session header that the ACE uses to stick the client on a particular server by indicating the bytes to ignore starting with the first byte of the RTSP header. Enter an integer from 0 to 999. The default is 0, which indicates that the ACE does not exclude any portion of the header. length number2 (Optional) Specifies the length of the portion of the RTSP header (starting with the byte after the offset value) that the ACE uses for sticking the client to the server. Enter an integer from 1 to 1000. The default is 1000. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1359 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands Related Commands (config) sticky http-header2-1360 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands (config-sticky-header) replicate sticky To instruct the ACE to replicate RTSP header sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating RTSP header sticky table entries. replicate sticky no replicate sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky RTSP header configuration mode Admin and user contexts Command History Usage Guidelines If you are using redundancy, you can configure the ACE to replicate RTSP header sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate RTSP header sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-header)# replicate sticky To restore the ACE to its default of not replicating RTSP header sticky table entries, enter: host1/Admin(config-sticky-header)# no replicate sticky Related Commands (config) sticky rtsp-header ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1361 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands (config-sticky-header) serverfarm To complete an RTSP header sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description Command Modes Sticky RTSP header configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1362 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with a sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-header)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from a sticky group, enter: host1/Admin(config-sticky-header)# no serverfarm Related Commands (config) serverfarm (config) sticky rtsp-header (config-sticky-header) static header-value To configure a static header, use the static header-value command. Use the no form of this command to remove a static header from the configuration. static header-value value rserver name [number] no static header-value value rserver name [number] Syntax Description Command Modes Sticky RTSP header configuration mode Admin and user contexts Command History value Header value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks (“). rserver name Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. number (Optional) Port number of the real server. Enter an integer from 1 to 65535. ACE Module Release Modification A2(1.0) This command was introduced.2-1363 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky RTSP Header Configuration Mode Commands Usage Guidelines You can configure the ACE to use static header sticky entries based on the value of the RTSP Session header field and optionally, real server names and ports. Static sticky header values remain constant over time. You can configure multiple static header entries, but only one unique real-server name can exist for a given static header sticky value. When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE. Examples To configure a static RTSP header sticky entry, enter: host1/Admin(config-sticky-header)# static header-value 12345678 rserver SERVER1 3000 To remove the static RTSP header entry from the sticky table, enter: host1/Admin(config-sticky-header)# no static header-value 12345678 rserver SERVER1 3000 Related Commands (config) sticky rtsp-header (config-sticky-header) timeout To configure an RTSP header sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes. timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky RTSP header configuration mode Admin and user contexts Command History ACE Appliance Release Modification A3(1.0) This command was introduced. minutes Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that sticky entries are timed out when the timer expires even if there are active connections. ACE Module Release Modification A2(1.0) This command was introduced.2-1364 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky SIP Header Configuration Mode Commands Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps the RTSP header sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out RTSP header sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To specify a timeout value of 720 minutes, enter: host1/Admin(config-sticky-header)# timeout 720 To reset the timeout to the default value of 1440 minutes (24 hours), enter: host1/Admin(config-sticky-header)# no timeout 720 To specify that the ACE time out RTSP header sticky table entries even if active connections exist after the sticky timer expires, enter: host1/Admin(config-sticky-content)# timeout activeconns To restore the ACE to its default of not timing out RTSP header sticky entries if active connections exist for those entries, enter: host1/Admin(config-sticky-header)# no timeout activeconns Related Commands (config) sticky rtsp-header Sticky SIP Header Configuration Mode Commands Sticky SIP header configuration mode commands allow you to create a SIP header sticky group to enable the ACE to stick client connections to the same real server based on the SIP Call-ID header field. To access sticky SIP header configuration mode, use the sticky sip-header command. The prompt changes to (config-sticky-header). Use the no form of this command to remove the sticky group from the configuration. sticky sip-header name1 name2 no sticky sip-header name1 name2 Syntax Description ACE Appliance Release Modification A3(1.0) This command was introduced. name1 SIP header field. The ACE supports only the SIP Call-ID header field for stickiness. Enter Call-ID. name2 Unique identifier of the SIP sticky group. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters.2-1365 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky SIP Header Configuration Mode Commands Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the sticky feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. You can create a maximum of 4096 sticky groups in the ACE. Examples To create a group for SIP header stickiness, enter: host1/Admin(config)# sticky sip-header Call-ID SIP_GROUP host1/Admin(config-sticky-header)# To remove the sticky group from the configuration, enter: host1/Admin(config)# no sticky sip-header Call-ID SIP_GROUP Related Commands show running-config show sticky database ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1366 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky SIP Header Configuration Mode Commands (config-sticky-header) replicate sticky To instruct the ACE to replicate SIP header sticky table entries on the standby ACE, use the replicate sticky command. Use the no form of this command to restore the ACE to its default of not replicating SIP header sticky table entries. replicate sticky no replicate sticky Syntax Description This command has no keywords or arguments. Command Modes Sticky SIP header configuration mode Admin and user contexts Command History Usage Guidelines If you are using redundancy, you can configure the ACE to replicate SIP header sticky table entries on the standby ACE so if a switchover occurs, the new active ACE can maintain existing sticky connections. The timer of a sticky table entry on the standby ACE is reset every time the entry is synchronized with the active ACE entry. Thus, the standby sticky entry may have a lifetime up to twice as long as the active entry. However, if the entry expires on the active ACE or a new real server is selected and a new entry is created, the old entry on the standby ACE is replaced. Examples To instruct the ACE to replicate SIP header sticky table entries on the standby ACE, enter: host1/Admin(config-sticky-header)# replicate sticky To restore the ACE to its default of not replicating SIP header sticky table entries, enter: host1/Admin(config-sticky-header)# no replicate sticky Related Commands (config) sticky sip-header ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1367 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky SIP Header Configuration Mode Commands (config-sticky-header) serverfarm To complete a SIP header sticky group configuration, you must configure a server farm entry for the group. To configure a server farm entry for a sticky group, use the serverfarm command. Use the no form of this command to dissociate a server farm from a sticky group. serverfarm name1 [backup name2 [sticky] [aggregate-state]] no serverfarm Syntax Description Command Modes Sticky SIP header configuration mode Admin and user contexts Command History Usage Guidelines If all the servers in the primary server farm fail, the ACE sends all connections to the backup server farm. When the primary server farm comes back up (at least one server becomes active): • If the sticky option is enabled, then: – All new sticky connections that match existing sticky table entries for the real servers in the backup server farm are stuck to the same real servers in the backup server farm. – All new non-sticky connections and those sticky connections that do not have an entry in the sticky table are load balanced to the real servers in the primary server farm. name1 Identifier of an existing server farm that you want to associate with the sticky group. You can associate one server farm with each sticky group. Enter a name as an unquoted text string with no spaces and a maximum of 64 characters. backup name2 (Optional) Specifies the identifier of an existing server farm that you want the ACE to use as a backup server farm. If the primary server farm is unavailable, the ACE uses the configured backup server farm. The backup server farm becomes sticky when you enter the sticky keyword. Enter a name as an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. sticky (Optional) Specifies that the backup server farm is sticky. aggregate-state (Optional) Specifies that the state of the primary server farm is tied to the state of all the real servers in that server farm and in the backup server farm, if configured. The ACE declares the primary server farm down if all real servers in the primary server farm and all real servers in the backup server farm are down. ACE Module Release Modification A2(1.0) This command was introduced. ACE Appliance Release Modification A3(1.0) This command was introduced.2-1368 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky SIP Header Configuration Mode Commands • If the sticky option is not enabled, then the ACE load balances all new connections to the real servers in the primary server farm. • Existing non-sticky connections to the servers in the backup server farm are allowed to complete in the backup server farm. You can fine-tune the conditions under which the primary server farm fails over and returns to service by configuring a partial server farm failover. For details about partial server farm failover, see the Server Load-Balancing Guide, Cisco ACE Application Control Engine. Examples To associate a server farm with a sticky group and specify a sticky backup server farm, enter: host1/Admin(config-sticky-header)# serverfarm SFARM1 backup BKUP_SFARM2 sticky aggregate-state To dissociate a server farm from a sticky group, enter: host1/Admin(config-sticky-header)# no serverfarm Related Commands (config) serverfarm (config) sticky sip-header (config-sticky-header) static header-value To configure a static header, use the static header-value command. Use the no form of this command to remove a static header from the configuration. static header-value value rserver name [number] no static header-value value rserver name [number] Syntax Description Command Modes Sticky SIP header configuration mode Admin and user contexts Command History value SIP header value. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You can enter a text string with spaces provided that you enclose the entire string in quotation marks (“). rserver name Specifies the hostname of an existing real server. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. number (Optional) Port number of the real server. Enter an integer from 1 to 65535. ACE Module Release Modification A2(1.0) This command was introduced.2-1369 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky SIP Header Configuration Mode Commands Usage Guidelines You can configure the ACE to use static header sticky entries based on the value of the SIP Call-ID header field and optionally, real server names and ports. Static sticky header values remain constant over time. You can configure multiple static SIP header entries, but only one unique real-server name can exist for a given static SIP header sticky value. When you configure a static entry, the ACE enters it into the sticky table immediately. You can create a maximum of 4096 static sticky entries in the ACE. Examples To configure a static SIP header sticky entry, enter: host1/Admin(config-sticky-header)# static header-value 12345678 rserver SERVER1 3000 To remove the static SIP header entry from the sticky table, enter: host1/Admin(config-sticky-header)# no static header-value 12345678 rserver SERVER1 3000 Related Commands (config) sticky sip-header (config-sticky-header) timeout To configure a SIP header sticky timeout, use the timeout minutes command. Use the no form of this command to reset the sticky timeout to the default of 1440 minutes. timeout {minutes | activeconns} no timeout {minutes | activeconns} Syntax Description Command Modes Sticky SIP header configuration mode Admin and user contexts Command History ACE Appliance Release Modification A3(1.0) This command was introduced. minutes Number of minutes that the ACE remembers the last real server to which a client made a sticky connection. Enter an integer from 1 to 65535. The default timeout value is 1440 minutes (24 hours). activeconns Specifies that sticky entries are timed out when the timer expires even if there are active connections. ACE Module Release Modification A2(1.0) This command was introduced.2-1370 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands Sticky SIP Header Configuration Mode Commands Usage Guidelines The sticky timeout specifies the period of time that the ACE keeps the SIP header sticky information for a client connection in the sticky table after the latest client connection terminates. The ACE resets the sticky timer for a specific sticky-table entry each time that the ACE opens a new connection matching that entry. By default, the ACE times out a sticky table entry when the timeout for that entry expires and no active connections matching that entry exist. To specify that the ACE time out SIP header sticky table entries even if active connections exist after the sticky timer expires, use the timeout activeconns command. Examples To specify a timeout value of 720 minutes, enter: host1/Admin(config-sticky-header)# timeout 720 To reset the timeout to the default value of 1440 minutes (24 hours), enter: host1/Admin(config-sticky-header)# no timeout 720 To specify that the ACE time out SIP header sticky table entries even if active connections exist after the sticky timer expires, enter: host1/Admin(config-sticky-content)# timeout activeconns To restore the ACE to its default of not timing out SIP header sticky entries if active connections exist for those entries, enter: host1/Admin(config-sticky-header)# no timeout activeconns Related Commands (config) sticky sip-header ACE Appliance Release Modification A3(1.0) This command was introduced.2-1371 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands TACACS+ Configuration Mode Commands TACACS+ Configuration Mode Commands TACACS+ configuration mode commands allow you to configure multiple Terminal Access Controller Access Control System Plus (TACACS+) servers as a named AAA server group. You can specify the IP address of one or more previously configured TACACS+ servers that you want added to or removed from a AAA server group, with a dead-time interval for the TACACS+ server group. For details about creating a TACACS+ server group, see the Security Guide, Cisco ACE Application Control Engine. To create a TACACS+ server group and access TACACS+ server configuration mode, enter the aaa group server tacacs+ command in configuration mode. The CLI prompt changes to (config-tacacs+). Use the no form of this command to remove a TACACS+ server group. aaa group server tacacs+ group_name no aaa group server tacacs+ group_name Syntax Description Command Modes Configuration mode Admin and user contexts Command History Usage Guidelines The commands in this mode require the AAA feature in your user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. A server group is a list of server hosts. The ACE allows you to configure multiple AAA servers as a named server group. You group the different AAA server hosts into distinct lists. The ACE searches for the server hosts in the order in which you specify them within a group. You can configure a maximum of 10 server groups for each context in the ACE. You can configure server groups at any time, but you must enter the aaa authentication login or the aaa accounting default commands to apply the groups to the AAA service. Examples To create a TACACS+ server group, enter: host1/Admin(config) aaa group server tacacs+ TACACS+_Server_Group1 host1/Admin(config-tacacs+)# server 172.16.56.76 group_name Name assigned to the group of TACACS+ servers. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1372 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands TACACS+ Configuration Mode Commands host1/Admin(config-tacacs+)# server 172.16.56.79 host1/Admin(config-tacacs+)# server 172.16.56.82 Related Commands (config) aaa accounting default (config) aaa authentication login (config-tacacs+) deadtime To specify a dead-time interval for the TACACS+ server group, use the deadtime command. Use the no form of this command to reset the TACACS+ server group dead-time request to the default of 0. deadtime minutes no deadtime minutes Syntax Description Command Modes TACACS+ configuration mode Admin and user contexts Command History Usage Guidelines During the dead-time interval, the ACE sends probe access-request packets to verify that the TACACS+ server is available and can receive authentication requests. The dead-time interval starts when the server does not respond to an authentication request transmission. When the server responds to a probe access-request packet, the ACE retransmits the authentication request to the server. Use of the deadtime command causes the ACE to mark as dead any TACACS+ servers that fail to respond to authentication requests. Using this command prevents the wait for the request to time out before trying the next configured server. The ACE skips a TACACS+ server that is marked as dead by additional requests for the duration of minutes. Examples To globally configure a 15-minute dead-time for TACACS+ servers that fail to respond to authentication requests, enter: host1/Admin(config-tacacs+)# deadtime 15 minutes Length of time that the ACE skips a nonresponsive TACACS+ server for transaction requests. Valid entries are from 0 to 1440 (24 hours). The default is 0. ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1373 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands TACACS+ Configuration Mode Commands To reset the TACACS+ server dead-time request to the default of 0, enter: host1/Admin(config-tacacs+)# no deadtime 15 Related Commands (config) aaa group server2-1374 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands TACACS+ Configuration Mode Commands (config-tacacs+) server To specify the IP address of one or more previously configured TACACS+ servers that you want added to or removed from a AAA server group, use the server command. Use the no form of this command to remove the TACACS+ server from the AAA server group. server ip_address no server ip_address Syntax Description Command Modes TACACS+ configuration mode Admin and user contexts Command History Usage Guidelines You can add multiple TACACS+ servers to the AAA server group by entering multiple server commands in this mode. The same server can belong to multiple server groups. Examples To add servers to a TACACS+ server group, enter: host1/Admin(config-tacacs+)# server 172.16.56.76 host1/Admin(config-tacacs+)# server 172.16.56.79 host1/Admin(config-tacacs+)# server 172.16.56.82 To remove a server from a TACACS+ server group, enter: host1/Admin(config-tacacs+)# no server 172.16.56.76 Related Commands (config) aaa group server ip_address IP address of the TACACS+ server. Enter the address in dotted-decimal IP notation (for example, 192.168.11.1). ACE Module Release Modification 3.0(0)A1(2) This command was introduced. ACE Appliance Release Modification A1(7) This command was introduced.2-1375 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands TACACS+ Configuration Mode Commands2-1376 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands VM Configuration Mode Commands VM Configuration Mode Commands The VM configuration commands allow you to create a VM controller (VMware vCenter Server) and configure its attributes on the ACE for the dynamic workload scaling (DWS) feature. The ACE uses the VM controller to obtain load information about the local virtual machines (VMs). To configure a VM controller, use the vm-controller command. The CLI prompt changes to (config-vm). For information about the commands in VM configuration mode, see the commands in this section. Use the no form of this command to remove the VM controller from the configuration. vm-controller name no vm-controller name Syntax Description Command Modes Configuration mode Admin context only Command History Usage Guidelines All commands in this mode require the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure a VM controller, enter: host1/Admin(config)# vm-controller VCENTER1 To remove a VM controller from the configuration, enter: host1/Admin(config)# no vm-controller VCENTER1 Related Commands show vm-controller (config-vm) credentials (config-vm) url name Name of an existing VM controller (vCenter) that the ACE queries for VM load information. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-1377 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands VM Configuration Mode Commands (config-vm) credentials To configure the credentials that the ACE uses to log in to the VM controller in a DWS configuration, use the credentials command. Use the no form of this command to remove the VM controller credentials from the ACE configuration. credentials {username} {[encrypted] password} no credentials {username} {[encrypted] password} Syntax Description Command Modes VM configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure the credentials that the ACE uses to log in to the VM controller, enter: host1/Admin(config-vm)# credentials admin encrypted myvmpassphrase To remove the VM controller login credentials from the ACE configuration, enter: host1/Admin(config-vm)# no credentials admin encrypted myvmpassphrase Related Commands show vm-controller (config-vm) url username Username that the ACE uses to access the VM controller. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. encrypted (Optional) Specifies that the ACE encrypts the VM controller password. password Password that the ACE uses to access the VM controller. The password does not appear in the output of the show running-config command whether the password is encrypted or not. Enter an unquoted text string with no spaces and a maximum of 64 alphanumeric characters. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.2-1378 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Chapter 2 CLI Commands VM Configuration Mode Commands (config-vm) url To configure the URL of the VM controller (vCenter) in a DWS configuration, use the url command. Use the no form of this command to remove the URL of the local VM controller from the ACE configuration. url string no url string Syntax Description Command Modes VM configuration mode Admin context only Command History Usage Guidelines This command requires the Admin user role. For details about role-based access control (RBAC) and user roles, see the Virtualization Guide, Cisco ACE Application Control Engine. Examples To configure the URL of the VM controller, enter: host1/Admin(config-vm)# url https://192.168.12.15/sdk To remove the URL of the VM controller from the ACE configuration, enter the following command: host1/Admin(config-vm)# no url https://192.168.12.15/sdk Related Commands show vm-controller (config-vm) credentials string Specifies the host name or IP address of the local VM controller. Enter an unquoted text string with no spaces and a maximum of 255 alphanumeric characters. You must append “/sdk” at the end of the host name or IP address string. ACE Module/Appliance Release Modification A4(2.0) This command was introduced.IN-1 Command Reference, Cisco ACE Application Control Engine OL-25339-01 C L I C O M M A N D S U M M A R Y B Y M O D E Action List Modify Configuration Mode Commands 2-457 (config-actlist-modify) description 2-458 (config-actlist-modify) header delete 2-459 (config-actlist-modify) header insert 2-461 (config-actlist-modify) header rewrite 2-462 (config-actlist-modify) ssl header-insert 2-464 (config-actlist-modify) ssl url rewrite location 2-473 Action List Optimization Configuration Mode Commands (config-actlist-optm) appscope 2-475 (config-actlist-optm) cache 2-476 (config-actlist-optm) delta 2-478 (config-actlist-optm) description 2-479 (config-actlist-optm) dynamic etag 2-480 (config-actlist-optm) flashforward 2-481 (config-actlist-optm) flashforward-object 2-481 Authentication Group Configuration Mode Commands 2-483 (config-authgroup) cert 2-484 Chaingroup Configuration Mode Commands 2-485 (config-chaingroup) cert 2-486 Class Map Configuration Mode Commands 2-488 (config-cmap) description 2-490 (config-cmap) match access-list 2-491 (config-cmap) match any 2-493 (config-cmap) match anyv6 2-494 (config-cmap) match destination-address 2-495 (config-cmap) match port 2-497, 2-500 (config-cmap) match source-address 2-502 (config-cmap) match virtual-address 2-504 Class Map FTP Inspection Configuration Mode Commands 2-507 (config-cmap-ftp-insp) description 2-508 (config-cmap-ftp-insp) match request-method 2-509 Class Map Generic Configuration Mode Commands 2-510 (config-cmap-generic) description 2-511 (config-cmap-generic) match class-map 2-513 (config-cmap-generic) match layer4-payload 2-514 (config-cmap-generic) match source-address 2-516 Class Map HTTP Inspection Configuration Mode Commands 2-517 (config-cmap-http-insp) description 2-519 (config-cmap-http-insp) match content 2-520 (config-cmap-http-insp) match content length 2-522 (config-cmap-http-insp) match cookie secondary 2-523, 2-936CLI Command Summary By Mode IN-2 Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-cmap-http-insp) match header 2-524 (config-cmap-http-insp) match header length 2-528 (config-cmap-http-insp) match header mime-type 2-530 (config-cmap-http-insp) match port-misuse 2-533 (config-cmap-http-insp) match request-method 2-534 (config-cmap-http-insp) match transfer-encoding 2-535 (config-cmap-http-insp) match url 2-537 (config-cmap-http-insp) match url length 2-538 Class Map HTTP Load Balancing Configuration Mode Commands 2-539 (config-cmap-http-lb) description 2-541 (config-cmap-http-lb) match cipher 2-544 (config-cmap-http-lb) match class-map 2-542 (config-cmap-http-lb) match http content 2-545 (config-cmap-http-lb) match http cookie 2-546 (config-cmap-http-lb) match http header 2-547 (config-cmap-http-lb) match http url 2-550 (config-cmap-http-lb) match source-address 2-552 Class Map Management Configuration Mode Commands 2-553 (config-cmap-mgmt) description 2-554 (config-cmap-mgmt) match protocol 2-556 Class Map RADIUS Load Balancing Configuration Mode Commands 2-558 (config-cmap-radius-lb) description 2-560 (config-cmap-radius-lb) match radius attribute 2-561 Class Map RTSP Load Balancing Configuration Mode Commands 2-562 (config-cmap-rtsp-lb) description 2-564 (config-cmap-rtsp-lb) match class-map 2-565 (config-cmap-rtsp-lb) match rtsp header 2-566 (config-cmap-rtsp-lb) match rtsp url 2-567 (config-cmap-rtsp-lb) match source-address 2-570 Class Map SIP Inspection Configuration Mode Commands 2-571 (config-cmap-sip-insp) description 2-572 (config-cmap-sip-insp) match called-party 2-573 (config-cmap-sip-insp) match calling-party 2-575 (config-cmap-sip-insp) match content 2-577 (config-cmap-sip-insp) match im-subscriber 2-578 (config-cmap-sip-insp) match message-path 2-579 (config-cmap-sip-insp) match request-method 2-582 (config-cmap-sip-insp) match third-party registration 2-583 (config-cmap-sip-insp) match uri 2-585 Class Map SIP Load Balancing Configuration Mode Commands 2-586 (config-cmap-sip-lb) description 2-588 (config-cmap-sip-lb) match class-map 2-589 (config-cmap-sip-lb) match sip header 2-590 (config-cmap-sip-lb) match source-address 2-593 Clear Exec Mode Commands clear access-list 2-9 clear accounting log 2-10 clear acl-merge statistics 2-10 clear arp 2-11 clear buffer stats 2-12 clear capture 2-13 clear cde 2-14 clear cfgmgr internal history 2-14 clear conn 2-16 clear cores 2-17 clear crypto session-cache 2-19 clear dc 2-20CLI Command Summary By Mode IN-3 Command Reference, Cisco ACE Application Control Engine OL-25339-01 clear debug-logfile 2-20 clear fifo stats 2-21 clear ft 2-23 clear icmp statistics 2-24 clear interface 2-25 clear ip 2-26, 2-27 clear line 2-27 clear logging 2-29 clear netio stats 2-29 clear np 2-31 clear ntp 2-32 clear probe 2-32 clear processes log 2-34 clear rserver 2-34 clear rtcache 2-35 clear screen 2-37 clear serverfarm 2-37 clear service-policy 2-38 clear ssh 2-40 clear startup-config 2-41 clear stats 2-42 clear sticky database 2-44 clear syn-cookie 2-46 clear tcp statistics 2-46 clear telnet 2-47 clear udp statistics 2-48 clear user 2-48 clear vnet stats 2-49 clear xlate 2-51 clock set 2-53 Configuration Mode Commands 2-262 (config) aaa accounting default 2-263 (config) aaa authentication login 2-265 (config) aaa group server 2-266 (config) access-group 2-267 (config) access-list ethertype 2-270 (config) access-list extended 2-272 (config) access-list remark 2-281 (config) access-list resequence 2-282 (config) action-list type modify http 2-283 (config) arp 2-287 (config) banner 2-289 (config) boot system image 2-290 (config) buffer threshold 2-292 (config) class-map 2-294 (config) clock summer-time 2-300 (config) clock timezone 2-297 (config) config-register 2-301 (config) context 2-303 (config) crypto chaingroup 2-304, 2-305 (config) crypto csr-params 2-309 (config) crypto ocspserver 2-310 (config) crypto rehandshake enabled 2-312 (config) dci-device 2-377 (config) domain 2-313 (config) end 2-314 (config) exit 2-314 (config) ft auto-sync 2-315 (config) ft connection-sync disable 2-317 (config) ft group 2-318 (config) ft interface vlan 2-320 (config) ft peer 2-321 (config) ft track host 2-322 (config) ft track hsrp 2-323 (config) ft track interface 2-324 (config) hostname 2-314, 2-325, 2-326, 2-385 (config) hw-module 2-326 (config) interface 2-327 (config) ip dhcp relay 2-330 (config) ip domain-list 2-332 (config) ip domain-lookup 2-333 (config) ip domain-name 2-335 (config) ip name-server 2-337 (config) ip route 2-338 (config) ipv6 nd learned-interval 2-341 (config) ipv6 nd retries 2-342CLI Command Summary By Mode IN-4 Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config) ipv6 nd sync disable 2-343 (config) ipv6 nd sync-interval 2-344 (config) kalap udp 2-345 (config) ldap-server host 2-346 (config) ldap-server port 2-347 (config) ldap-server timeout 2-348 (config) line console 2-349 (config) line vty 2-350 (config) logging buffered 2-353 (config) logging console 2-355 (config) logging device-id 2-357 (config) logging enable 2-359 (config) logging facility 2-360 (config) logging fastpath 2-361 (config) logging history 2-362 (config) logging host 2-364 (config) logging message 2-366 (config) logging monitor 2-368 (config) logging persistent 2-369 (config) logging queue 2-370 (config) logging standby 2-373 (config) logging supervisor 2-374 (config) logging timestamp 2-375 (config) logging trap 2-376 (config) login timeout 2-352 (config) ntp 2-379 (config) object-group 2-380 (config) optimize 2-382 (config) parameter-map type 2-285, 2-382 (config) peer hostname 2-385 (config) peer shared-vlan-hostid 2-386 (config) policy-map 2-388 (config) probe 2-392 (config) radius-server attribute nas-ipaddr 2-395 (config) radius-server deadtime 2-396 (config) radius-server host 2-397 (config) radius-server key 2-400 (config) radius-server retransmit 2-401 (config) radius-server timeout 2-402 (config) rate-limit 2-371 (config) regex compilation-timeout 2-403 (config) resource-class 2-404 (config) role 2-405 (config) rserver 2-406 (config) script file 2-407 (config) serverfarm 2-408 (config) service-policy 2-409 (config) shared-vlan-hostid 2-411 (config) snmp-server community 2-412 (config) snmp-server contact 2-414 (config) snmp-server enable traps 2-415 (config) snmp-server engineid 2-418 (config) snmp-server host 2-420 (config) snmp-server location 2-421 (config) snmp-server trap link ietf 2-422 (config) snmp-server trap-source vlan 2-423 (config) snmp-server unmask-community 2-424 (config) snmp-server user 2-425 (config) ssh key 2-428 (config) ssh maxsessions 2-429 (config) ssl-proxy service 2-430 (config) static 2-431 (config) sticky http-content 2-433 (config) sticky http-cookie 2-434 (config) sticky http-header 2-436 (config) sticky ip-netmask 2-438 (config) sticky layer4-payload 2-439 (config) sticky radius framed-ip 2-440 (config) sticky rtsp-header 2-441 (config) sticky sip-header 2-442 (config) switch-mode 2-443 (config) tacacs-server deadtime 2-445 (config) tacacs-server host 2-446 (config) tacacs-server key 2-448 (config) tacacs-server timeout 2-449 (config) telnet maxsessions 2-451 (config) timeout xlate 2-452, 2-453 (config) username 2-454CLI Command Summary By Mode IN-5 Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config) vm-controller 2-456 Console Configuration Mode Commands 2-595 (config-console) databits 2-596 (config-console) parity 2-597 (config-console) speed 2-598 (config-console) stopbits 2-599 Context Configuration Mode Commands 2-600 (config-context) allocate-interface 2-601 (config-context) description 2-603 (config-context) member 2-604 CSR Parameters Configuration Mode Commands 2-605 (config-csr-params) common-name 2-606 (config-csr-params) country 2-607 (config-csr-params) email 2-608 (config-csr-params) locality 2-609 (config-csr-params) organization-name 2-611 (config-csr-params) organization-unit 2-612 (config-csr-params) serial-number 2-613 (config-csr-params) state 2-614 DCI Configuration Mode Commands 2-615 (config-dci) credentials 2-616 (config-dci) ip-address 2-617 Domain Configuration Mode Commands 2-618 (config-domain) add-object 2-620 Exec Mode Commands 2-2 backup 2-3 capture 2-5 changeto 2-6 checkpoint 2-8 clear (See Clear Exec Mode Commands) compare 2-54 configure 2-55 copy capture 2-56 copy checkpoint 2-57 copy core 2-59 copy disk0 2-60 copy ftp 2-62 copy image 2-63 copy licenses 2-65 copy probe 2-66 copy running-config 2-68 copy sftp 2-70 copy startup-config 2-69 copy tftp 2-72 crypto crlparams 2-73 crypto delete 2-74 crypto export 2-75 crypto generate csr 2-76 crypto generate key 2-77 crypto import 2-78 crypto verify 2-82 debug 2-83 delete 2-86 dir 2-87 dm 2-89 exit 2-90 format flash 2-91 ft switchover 2-93 gunzip 2-94 invoke context 2-95 license 2-96 mkdir disk0 2-97CLI Command Summary By Mode IN-6 Command Reference, Cisco ACE Application Control Engine OL-25339-01 move disk0 2-98 np session 2-99 ping 2-101 reload 2-103 reprogram bootflash 2-104 restore 2-105 rmdir disk0 2-107 set dc 2-110 set sticky-ixp 2-111 setup 2-108 show (See Show Exec Mode Commands) 2-112 ssh 2-246 system internal 2-248 system watchdog 2-249 tac-pac 2-251 telnet 2-253 terminal 2-254 traceroute 2-255 undebug all 2-256 untar disk0 2-258 write 2-259 xml-show 2-260 FT Group Configuration Mode Commands 2-622 (config-ft-group) associate-context 2-623 (config-ft-group) inservice 2-624 (config-ft-group) peer 2-625 (config-ft-group) peer priority 2-626 (config-ft-group) preempt 2-627 (config-ft-group) priority 2-628 FT Interface Configuration Mode Commands 2-629 (config-ft-intf) ip 2-630 (config-ft-intf) peer ip 2-632 (config-ft-intf) shutdown 2-633 FT Peer Configuration Mode Commands 2-634 (config-ft-peer) ft-interface vlan 2-635 (config-ft-peer) heartbeat 2-636 (config-ft-peer) query-interface 2-637 FT Track Host Configuration Mode Commands 2-638 (config-ft-track-host) peer priority 2-640 (config-ft-track-host) peer probe 2-641 (config-ft-track-host) peer track-host 2-643 (config-ft-track-host) priority 2-645 (config-ft-track-host) probe 2-646 (config-ft-track-host) track-host 2-647 FT Track HSRP Configuration Mode Commands 2-648 (config-ft-track-hsrp) peer priority 2-649 (config-ft-track-hsrp) peer track-hsrp 2-650 (config-ft-track-hsrp) priority 2-651 (config-ft-track-hsrp) track-hsrp 2-652 FT Track Interface Configuration Mode Commands 2-653 (config-ft-track-interface) peer priority 2-654 (config-ft-track-interface) peer track-interface vlan 2-655 (config-ft-track-interface) priority 2-656 (config-ft-track-interface) track-interface vlan 2-657 ICMP types 2-277, 2-765CLI Command Summary By Mode IN-7 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Interface Configuration Mode Commands 2-658 (config) ipv6 nd interval 2-340 (config-if) access-group 2-660 (config-if) alias 2-661 (config-if) arp 2-663, 2-664 (config-if) bridge-group 2-666 (config-if) carrier-delay 2-667 (config-if) channel-group 2-668 (config-if) description 2-669 (config-if) duplex 2-670, 2-732 (config-if) fragment chain 2-671 (config-if) fragment min-mtu 2-672 (config-if) fragment timeout 2-673 (config-if) ft-port 2-674 (config-if) icmp-guard 2-675 (config-if) ip address 2-677 (config-if) ip df 2-680 (config-if) ip dhcp relay enable 2-681 (config-if) ip dhcp relay server 2-682 (config-if) ip options 2-683 (config-if) ip route inject vlan 2-684 (config-if) ip ttl minimum 2-685 (config-if) ipv6 dhcp relay enable 2-687 (config-if) ipv6 dhcp relay fwd-interface 2-688 (config-if) ipv6 dhcp relay server 2-689 (config-if) ipv6 enable 2-691 (config-if) ipv6 extension-header 2-692 (config-if) ipv6 fragment chain 2-693 (config-if) ipv6 fragment min-mtu 2-694 (config-if) ipv6 fragment timeout 2-695 (config-if) ipv6 mtu 2-698 (config-if) ipv6 nd dad-attempts 2-699 (config-if) ipv6 nd icmp-guard 2-696 (config-if) ipv6 nd managed-config-flag 2-700 (config-if) ipv6 nd ns-interval 2-701 (config-if) ipv6 nd other config flag 2-702 (config-if) ipv6 nd prefix 2-703 (config-if) ipv6 nd ra hop-limit 2-705 (config-if) ipv6 nd ra interval 2-706 (config-if) ipv6 nd ra lifetime 2-707 (config-if) ipv6 nd ra suppress 2-708 (config-if) ipv6 nd reachable-time 2-709 (config-if) ipv6 nd retransmission-time 2-710 (config-if) ipv6 neighbor 2-711 (config-if) ipv6 normalization 2-712 (config-if) ipv6 route inject vlan 2-714 (config-if) ipv6 verify reverse-path 2-715 (config-if) ip verify reverse-path 2-686 (config-if) mac address autogenerate 2-716 (config-if) mac-sticky enable 2-717 (config-if) mtu 2-719 (config-if) nat-pool 2-720 (config-if) normalization 2-721 (config-if) normalization send-reset 2-723 (config-if) peer ip address 2-723 (config-if) port-channel load-balance 2-726 (config-if) qos trust cos 2-727 (config-if) remove-eth-pad 2-728 (config-if) service-policy input 2-729 (config-if) shutdown 2-730 (config-if) switchport access vlan 2-734 (config-if) switchport trunk allowed vlan 2-736 (config-if) switchport trunk native vlan 2-738 (config-if) syn-cookie 2-739 (config-if) udp 2-741 KAL-AP UDP Configuration Mode Commands 2-743 (config-kalap-upd) ip address 2-744 LDAP Configuration Mode Commands 2-745 (config-ldap) attribute user-profile 2-746 (config-ldap) baseDN 2-748CLI Command Summary By Mode IN-8 Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-ldap) filter search-user 2-749 (config-ldap) server 2-750 Line Configuration Mode Commands 2-751 (config-line) session-limit 2-752 Object Group Configuration Mode Commands 2-753 (config-objgrp-netw) description 2-754 (config-objgrp-netw) host 2-755 (config-objgrp-netw) ip_address 2-757 (config-objgrp-serv) description 2-759, 2-760 Optimize Configuration Mode Commands 2-474, 2-767 (config-optimize) appscope-log 2-768 (config-optimize) concurrent-connections 2-769 (config-optimize) debug-level 2-770 Parameter Map Connection Configuration Mode Commands 2-772 (config-parammap-conn) description 2-774 (config-parammap-conn) exceed-mss 2-775 (config-parammap-conn) nagle 2-776 (config-parammap-conn) random-sequence-number 2-777 (config-parammap-conn) rate-limit 2-778 (config-parammap-conn) reserved-bits 2-779 (config-parammap-conn) set ip tos 2-780 (config-parammap-conn) set tcp ack-delay 2-781 (config-parammap-conn) set tcp buffer-share 2-782 (config-parammap-conn) set tcp mss min 2-784 (config-parammap-conn) set tcp reassembly-timeout 2-786 (config-parammap-conn) set tcp syn-retry 2-786 (config-parammap-conn) set tcp timeout 2-787 (config-parammap-conn) set tcp wan-optimization 2-788 (config-parammap-conn) set tcp window-scale 2-790 (config-parammap-conn) set timeout inactivity 2-791 (config-parammap-conn) slowstart 2-792 (config-parammap-conn) syn-data 2-793 (config-parammap-conn) tcp-options 2-794 (config-parammap-conn) urgent-flag 2-798 (config-parammap-dns) description 2-800 (config-parammap-generi) description 2-804 (config-parammap-http) cookie-error-ignore 2-809 (config-parammap-http) description 2-810 (config-parammap-optmz) description 2-838 (config-parammap-rtsp) description 2-855 (config-parammap-sip) description 2-865 (config-parammap-skinny) description 2-859 (config-parammap-ssl) description 2-880 Parameter Map DNS Configuration Mode Commands 2-799 (config-parammap-dns) timeout query 2-801 Parameter Map Generic Configuration Mode Commands 2-801 (config-parammap-generi) case-insensitive 2-803 (config-parammap-generi) set max-parse-length 2-805 Parameter Map HTTP Configuration Mode Commands 2-806 (config-parammap-http) case-insensitive 2-808 (config-parammap-http) compress 2-811 (config-parammap-http) header modify per-request 2-813 (config-parammap-http) length 2-815 (config-parammap-http) parsing non-strict 2-816CLI Command Summary By Mode IN-9 Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-parammap-http) persistence-rebalance 2-817 (config-parammap-http) server-conn reuse 2-819 (config-parammap-http) set content-maxparse-length 2-820 (config-parammap-http) set header-maxparse-length 2-822 (config-parammap-http) set secondary-cookie-delimiters 2-823 (config-parammap-http) set secondary-cookie-start 2-824 Parameter Map Optimization HTTP Configuration Mode Commands 2-825 (config-parammap-optmz) appscope optimize-rate-percent 2-826 (config-parammap-optmz) basefile anonymous-level 2-827 (config-parammap-optmz) cache key-modifier 2-828 (config-parammap-optmz) cache parameter 2-831 (config-parammap-optmz) cache-policy request 2-834 (config-parammap-optmz) cache-policy response 2-835 (config-parammap-optmz) cache ttl 2-833 (config-parammap-optmz) canonical-url 2-836 (config-parammap-optmz) clientscript-default 2-837 (config-parammap-optmz) delta 2-839 (config-parammap-optmz) expires-setting 2-841 (config-parammap-optmz) extract meta 2-842 (config-parammap-optmz) flashforward refresh-policy 2-843 (config-parammap-optmz) ignore-server-content 2-844 (config-parammap-optmz) parameter-summary parameter-value-limit 2-845 (config-parammap-optmz) post-content-buffer-limit 2-846 (config-parammap-optmz) rebase 2-847 (config-parammap-optmz) request-grouping-string 2-848 (config-parammap-optmz) server-header 2-849 (config-parammap-optmz) server-load 2-850 (config-parammap-optmz) utf8 threshold 2-852 Parameter Map RTSP Configuration Mode Commands 2-852 (config-parammap-rtsp) case-insensitive 2-854 (config-parammap-rtsp) set header-maxparse-length 2-856 Parameter Map SCCP Configuration Mode Commands 2-857 (config-parammap-skinny) enforce-registration 2-860 (config-parammap-skinny) message-id max 2-861 (config-parammap-skinny) sccp-prefix-len 2-862 Parameter Map SIP Configuration Mode Commands 2-863 (config-parammap-sip) im 2-865 (config-parammap-sip) max-forward-validation 2-866 (config-parammap-sip) software-version 2-867 (config-parammap-sip) strict-header-validation 2-868 (config-parammap-sip) timeout 2-870 (config-parammap-sip) uri-non-sip 2-871 Parameter Map SSL Configuration Mode Commands 2-872 (config-parammap-ssl) authentication-failure 2-873 (config-parammap-ssl) cdp-errors ignore 2-876 (config-parammap-ssl) cipher 2-877 (config-parammap-ssl) close-protocol 2-879 (config-parammap-ssl) expired-crl reject 2-881 (config-parammap-ssl) purpose-check disabled 2-882 (config-parammap-ssl) queue-delay timeout 2-883 (config-parammap-ssl) session-cache timeout 2-885 (config-parammap-ssl) version 2-887CLI Command Summary By Mode IN-10 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Policy Map Class Configuration Mode Commands 2-892 (config-pmap-c) appl-parameter generic advanced-options 2-893, 2-894 (config-pmap-c) appl-parameter http advanced-options 2-895 (config-pmap-c) appl-parameter rtsp advanced-options 2-896 (config-pmap-c) appl-parameter sip advanced-options 2-897 (config-pmap-c) appl-parameter skinny advanced-options 2-898 (config-pmap-c) connection 2-899 (config-pmap-c) inspect 2-900 (config-pmap-c) kal-ap primary-oos 2-904 (config-pmap-c) kal-ap-tag 2-906 (config-pmap-c) loadbalance policy 2-907 (config-pmap-c) loadbalance vip advertise 2-908 (config-pmap-c) loadbalance vip icmp-reply 2-909 (config-pmap-c) loadbalance vip inservice 2-910 (config-pmap-c) loadbalance vip udp-fast-age 2-911 (config-pmap-c) nat dynamic 2-912 (config-pmap-c) nat static 2-913 (config-pmap-c) ssl-proxy 2-916 Policy Map Configuration Mode Commands 2-888 (config-pmap) class 2-890 (config-pmap) description 2-891 Policy Map FTP Inspection Class Configuration Mode Commands 2-922 (config-pmap-ftp-ins-c) deny 2-923 (config-pmap-ftp-ins-c) mask-reply 2-924 Policy Map FTP Inspection Configuration Mode Commands 2-917 (config-pmap-ftp-ins) class 2-919 (config-pmap-ftp-ins) description 2-920 (config-pmap-ftp-ins) match request-method 2-921 Policy Map FTP Inspection Match Configuration Mode Commands 2-924 (config-pmap-ftp-ins-m) deny 2-926 (config-pmap-ftp-ins-m) mask-reply 2-927 Policy Map Inspection HTTP Class Configuration Mode Commands 2-956 (config-pmap-ins-http-c) passthrough log 2-957 (config-pmap-ins-http-c) permit 2-958 (config-pmap-ins-http-c) reset 2-959 (config-pmap-ins-http-m) passthrough log 2-961 Policy Map Inspection HTTP Configuration Mode Commands 2-927 (config-pmap-ins-http) class 2-929 (config-pmap-ins-http) description 2-931 (config-pmap-ins-http) match content 2-932 (config-pmap-ins-http) match content length 2-934 (config-pmap-ins-http) match content-type-verification 2-935 (config-pmap-ins-http) match header 2-939 (config-pmap-ins-http) match header length 2-942 (config-pmap-ins-http) match header mime-type 2-944 (config-pmap-ins-http) match port-misuse 2-947 (config-pmap-ins-http) match request-method 2-948 (config-pmap-ins-http) match strict-http 2-950 (config-pmap-ins-http) match transfer-encoding 2-952 (config-pmap-ins-http) match url 2-953 (config-pmap-ins-http) match url length 2-955CLI Command Summary By Mode IN-11 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Policy Map Inspection HTTP Match Configuration Mode Commands 2-959 (config-pmap-ins-http-m) permit 2-962 (config-pmap-ins-http-m) reset 2-963 Policy Map Inspection SIP Class Configuration Mode Commands 2-979 (config-pmap-ins-sip-c) log 2-980 (config-pmap-ins-sip-c) reset 2-982 (config-pmap-sip-ins-c) drop 2-980 (config-pmap-sip-ins-c) permit 2-981 Policy Map Inspection SIP Configuration Mode Commands 2-964 (config-pmap-ins-sip) class 2-966 (config-pmap-ins-sip) description 2-967 (config-pmap-ins-sip) match called-party 2-968 (config-pmap-ins-sip) match calling-party 2-969 (config-pmap-ins-sip) match content length 2-970 (config-pmap-ins-sip) match im-subscriber 2-972 (config-pmap-ins-sip) match message-path 2-973 (config-pmap-ins-sip) match request-method 2-974 (config-pmap-ins-sip) match third-party registration 2-976 (config-pmap-ins-sip) match uri 2-978 Policy Map Inspection SIP Match Configuration Mode Commands 2-983 (config-pmap-ins-sip-m) drop 2-984 (config-pmap--ins-sip-m) permit 2-985 (config-pmap-ins-sip-m) reset 2-986 Policy Map Inspection Skinny Configuration Mode Commands 2-986 (config-pmap-ins-skinny) description 2-988 (config-pmap-ins-skinny) match message-id 2-989 Policy Map Inspection Skinny Match Configuration Mode Commands 2-990 (config-pmap-ins-skinny-m) reset 2-991 Policy Map Load Balancing Class Configuration Mode Commands (config-pmap-lb-c) compress 2-1027 Policy Map Load Balancing Generic Class Configuration Mode Commands 2-999 (config-pmap-lb-generic-c) drop 2-1000 (config-pmap-lb-generic-c) forward 2-1001 (config-pmap-lb-generic-c) serverfarm 2-1002 (config-pmap-lb-generic-c) set ip tos 2-1003 (config-pmap-lb-generic-c) sticky-serverfarm 2-1004 Policy Map Load Balancing Generic Configuration Mode Commands 2-992 (config-pmap-lb-generic) class 2-994 (config-pmap-lb-generic) description 2-996 (config-pmap-lb-generic) match layer4-payload 2-997 (config-pmap-lb-generic) match source-address 2-998 Policy Map Load Balancing Generic Match Configuration Mode Commands 2-1004 (config-pmap-lb-generic-m) drop 2-1006 (config-pmap-lb-generic-m) forward 2-1006CLI Command Summary By Mode IN-12 Command Reference, Cisco ACE Application Control Engine OL-25339-01 (config-pmap-lb-generic-m) serverfarm 2-1007 (config-pmap-lb-generic-m) set ip tos 2-1009 (config-pmap-lb-generic-m) sticky-serverfarm 2-1010 Policy Map Load Balancing HTTP Class Configuration Mode Commands 2-1025 (config-pmap-lb-c) action 2-1026 (config-pmap-lb-c) drop 2-1029 (config-pmap-lb-c) forward 2-1030 (config-pmap-lb-c) insert-http 2-1031 (config-pmap-lb-c) nat dynamic 2-1032 (config-pmap-lb-c) serverfarm 2-1033 (config-pmap-lb-c) set ip tos 2-1035 (config-pmap-lb-c) ssl-proxy client 2-1036 (config-pmap-lb-c) sticky-serverfarm 2-1037 Policy Map Load Balancing HTTP Configuration Mode Commands 2-1011 (config-pmap-lb) class 2-1012 (config-pmap-lb) description 2-1013 (config-pmap-lb) match cipher 2-1014 (config-pmap-lb) match http content 2-1016 (config-pmap-lb) match http cookie 2-1017 (config-pmap-lb) match http header 2-1019 (config-pmap-lb) match http url 2-1023 (config-pmap-lb) match source-address 2-1024 Policy Map Load Balancing HTTP Match Configuration Mode Commands 2-1038 (config-pmap-lb-m) action 2-1038, 2-1040 (config-pmap-lb-m) drop 2-1041 (config-pmap-lb-m) forward 2-1043 (config-pmap-lb-m) insert-http 2-1044 (config-pmap-lb-m) serverfarm 2-1045 (config-pmap-lb-m) set ip tos 2-1046 (config-pmap-lb-m) ssl-proxy client 2-1047 (config-pmap-lb-m) sticky-serverfarm 2-1048 Policy Map Load Balancing RADIUS Class Configuration Mode Commands 2-1055 (config-pmap-lb-radius-c) drop 2-1056 (config-pmap-lb-radius-c) forward 2-1057 (config-pmap-lb-radius-c) serverfarm 2-1058 (config-pmap-lb-radius-c) set ip tos 2-1059 (config-pmap-lb-radius-c) sticky-serverfarm 2-1060 Policy Map Load Balancing RADIUS Configuration Mode Commands 2-1049 (config-pmap-lb-radius) class 2-1051 (config-pmap-lb-radius) description 2-1053 (config-pmap-lb-radius) match radius attribute 2-1054 Policy Map Load Balancing RADIUS Match Configuration Mode Commands 2-1060 (config-pmap-lb-radius-m) drop 2-1062 (config-pmap-lb-radius-m) forward 2-1063 (config-pmap-lb-radius-m) serverfarm 2-1064 (config-pmap-lb-radius-m) set ip tos 2-1065 (config-pmap-lb-radius-m) sticky-serverfarm 2-1066 Policy Map Load Balancing RDP Class Configuration Mode Commands 2-1069 (config-pmap-lb-rdp-c) drop 2-1071 (config-pmap-lb-rdp-c) forward 2-1072 (config-pmap-lb-rdp-c) serverfarm 2-1073 (config-pmap-lb-rdp-c) set ip tos 2-1074 (config-pmap-lb-rdp-c) sticky-serverfarm 2-1075CLI Command Summary By Mode IN-13 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Policy Map Load Balancing RDP Configuration Mode Commands 2-1066 (config-pmap-lb-rdp) class 2-1068 (config-pmap-lb-rdp) description 2-1069 Policy Map Load Balancing RTSP Class Configuration Mode Commands 2-1084 (config-pmap-lb-rtsp-c) drop 2-1085 (config-pmap-lb-rtsp-c) forward 2-1086 (config-pmap-lb-rtsp-c) serverfarm 2-1087 (config-pmap-lb-rtsp-c) set ip tos 2-1088 (config-pmap-lb-rtsp-c) sticky-serverfarm 2-1089 Policy Map Load Balancing RTSP Configuration Mode Commands 2-1076 (config-pmap-lb-rtsp) class 2-1078 (config-pmap-lb-rtsp) description 2-1079 (config-pmap-lb-rtsp) match rtsp header 2-1080 (config-pmap-lb-rtsp) match rtsp source-address 2-1082 (config-pmap-lb-rtsp) match rtsp url 2-1083 Policy Map Load Balancing RTSP Match Configuration Mode Commands 2-1090 (config-pmap-lb-rtsp-m) drop 2-1091 (config-pmap-lb-rtsp-m) forward 2-1092 (config-pmap-lb-rtsp-m) serverfarm 2-1093 (config-pmap-lb-rtsp-m) set ip tos 2-1094 (config-pmap-lb-rtsp-m) sticky-serverfarm 2-1095 Policy Map Load Balancing SIP Class Configuration Mode Commands 2-1102 (config-pmap-lb-sip-c) drop 2-1103 (config-pmap-lb-sip-c) forward 2-1104 (config-pmap-lb-sip-c) serverfarm 2-1105 (config-pmap-lb-sip-c) set ip tos 2-1106 (config-pmap-lb-sip-c) sticky-serverfarm 2-1107 Policy Map Load Balancing SIP Configuration Mode Commands 2-1095 (config-pmap-lb-sip) class 2-1097 (config-pmap-lb-sip) description 2-1099 (config-pmap-lb-sip) match sip header 2-1100 (config-pmap-lb-sip) match source-address 2-1101 Policy Map Load Balancing SIP Match Configuration Mode Commands 2-1108 (config-pmap-lb-sip-m) drop 2-1109 (config-pmap-lb-sip-m) forward 2-1110 (config-pmap-lb-sip-m) serverfarm 2-1111 (config-pmap-lb-sip-m) set ip tos 2-1112 (config-pmap-lb-sip-m) sticky-serverfarm 2-1113 Policy Map Management Class Configuration Mode Commands 2-1117 (config-pmap-mgmt-c) deny 2-1118 (config-pmap-mgmt-c) permit 2-1119 Policy Map Management Configuration Mode Commands 2-1113 (config-pmap-mgmt) class 2-1115 (config-pmap-mgmt) description 2-1117 Policy Map Optimization Class Configuration Mode Commands 2-1128 (config-pmap-optmz-c) action 2-1128CLI Command Summary By Mode IN-14 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Policy Map Optimization Configuration Mode Commands 2-1119 (config-pmap-optmz) class 2-1121 (config-pmap-optmz) description 2-1122 (config-pmap-optmz) match http cookie 2-1123 (config-pmap-optmz) match http header 2-1124 (config-pmap-optmz) match http url 2-1127 Policy Map Optimization Match Configuration Mode Commands 2-1129 (config-pmap-optmz-m) action 2-1130 Probe Configuration Mode Commands 2-1132 (config-probe-probe_type) append-port-hosttag 2-1135 (config-probe-probe_type) community 2-1137 (config-probe-probe_type) connection term 2-1138 (config-probe-probe_type) credentials 2-1139 (config-probe-probe_type) description 2-1140 (config-probe-probe_type) domain 2-1142 (config-probe-probe_type) expect address 2-1143 (config-probe-probe_type) expect regex 2-1145 (config-probe-probe_type) expect status 2-1147 (config-probe-probe_type) faildetect 2-1148 (config-probe-probe_type) hash 2-1149 (config-probe-probe_type) header 2-1150 (config-probe-probe_type) interval 2-1153 (config-probe-probe_type) ip address 2-1154 (config-probe-probe_type) nas ip address 2-1156 (config-probe-probe_type) oid 2-1157 (config-probe-probe_type) open 2-1159 (config-probe-probe_type) passdetect 2-1160 (config-probe-probe_type) port 2-1162 (config-probe-probe_type) receive 2-1164 (config-probe-probe_type) request command 2-1165 (config-probe-probe_type) request method 2-1166 (config-probe-probe_type) script 2-1167 (config-probe-probe_type) send-data 2-1168 (config-probe-probe_type) ssl cipher 2-1169 (config-probe-probe_type) ssl version 2-1171 (config-probe-probe_type) version 2-1171 (config-probe-sip-udp) rport enable 2-1173 Probe SNMP OID Configuration Mode Commands 2-1174 (config-probe-snmp-oid) threshold 2-1176 (config-probe-snmp-oid) type absolute max 2-1178 (config-probe-snmp-oid) weight 2-1180 Probe VM Configuration Mode Commands 2-1181 (config-probe-vm) interval 2-1182 (config-probe-vm) load 2-1183 (config-probe-vm) vm-controller 2-1185 Radius Configuration Mode Commands 2-1186 (config-radius) deadtime 2-1188 (config-radius) server 2-1189 Real Server Host Configuration Mode Commands 2-1190 (config-rserver-host) conn-limit 2-1191 (config-rserver-host) description 2-1193 (config-rserver-host) fail-on-all 2-1194 (config-rserver-host) inservice 2-1195 (config-rserver-host) ip address 2-1196 (config-rserver-host) probe 2-1198 (config-rserver-host) rate-limit 2-1199 (config-rserver-host) weight 2-1201CLI Command Summary By Mode IN-15 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Real Server Redirect Configuration Mode Commands 2-1202 (config-rserver-redir) conn-limit 2-1204 (config-rserver-redir) description 2-1206 (config-rserver-redir) inservice 2-1207 (config-rserver-redir) probe 2-1208 (config-rserver-redir) rate-limit 2-1209 (config-rserver-redir) webhost-redirection 2-1210 Resource Configuration Mode Commands 2-1212 (config-resource) limit-resource 2-1213 Role Configuration Mode Commands 2-1216 (config-role) description 2-1217 (config-role) rule 2-1218 Server Farm Host Configuration Mode Commands 2-1221 (config-sfarm-host) description 2-1223, 2-1224, 2-1257 (config-sfarm-host) failaction 2-1225 (config-sfarm-host) fail-on-all 2-1228 (config-sfarm-host) inband-health check 2-1230 (config-sfarm-host) partial-threshold 2-1233 (config-sfarm-host) predictor 2-1234 (config-sfarm-host) probe 2-1240 (config-sfarm-host) retcode 2-1242 (config-sfarm-host) rserver 2-1244 (config-sfarm-host) transparent 2-1245 Server Farm Host Predictor Configuration Mode Commands 2-1246 (config-sfarm-host-predictor) autoadjust 2-1248 (config-sfarm-host-predictor) weight connection 2-1250 Server Farm Host Real Server Configuration Mode Commands 2-1251 (config-sfarm-host-rs) backup-rserver 2-1253 (config-sfarm-host-rs) conn-limit 2-1254 (config-sfarm-host-rs) cookie-string 2-1255 (config-sfarm-host-rs) fail-on-all 2-1258 (config-sfarm-host-rs) inservice 2-1260 (config-sfarm-host-rs) probe 2-1262 (config-sfarm-host-rs) rate-limit 2-1263 (config-sfarm-host-rs) weight 2-1264 Server Farm Redirect Configuration Mode Commands 2-1265 (config-sfarm-redirect) description 2-1267 (config-sfarm-redirect) failaction 2-1268 (config-sfarm-redirect) predictor 2-1270 (config-sfarm-redirect) probe 2-1276 (config-sfarm-redirect) rserver 2-1277 Server Farm Redirect Predictor Configuration Mode Commands 2-1279 (config-sfarm-redirect-predictor) autoadjust 2-1281 (config-sfarm-redirect-predictor) weight connection 2-1283 Server Farm Redirect Real Server Configuration Mode Commands 2-1284 (config-sfarm-redirect-rs) backup-rserver 2-1286 (config-sfarm-redirect-rs) conn-limit 2-1287 (config-sfarm-redirect-rs) inservice 2-1288 (config-sfarm-redirect-rs) probe 2-1290 (config-sfarm-redirect-rs) rate-limit 2-1291 (config-sfarm-redirect-rs) weight 2-1292CLI Command Summary By Mode IN-16 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Show Exec Mode Commands 2-112 show aaa 2-113 show access-list 2-114 show accounting log 2-115 show acl-merge 2-117 show action-list 2-118 show arp 2-119 show backup 2-121 show banner motd 2-122 show bootvar 2-123 show buffer 2-125 show capture 2-127 show cde 2-129 show cfgmgr 2-130 show checkpoint 2-132 show clock 2-134 show conn 2-135 show conn sticky 2-228 show context 2-136 show copyright 2-137 show crypto 2-138 show dc 2-141 show debug 2-145 show domain 2-148 show download information 2-149 show eobc 2-150 show fifo 2-152 show file 2-153 show fragment 2-155 show ft 2-156 show hardware 2-158 show hyp 2-159 show icmp statistics 2-159 show interface 2-161 show inventory 2-163 show ip 2-164 show ipcp 2-167 show ipv6 2-168 show kalap udp load 2-170 show lcp event-history 2-172 show ldap-server 2-173 show license 2-174 show line 2-176 show logging 2-177 show login timeout 2-179 show nat-fabric 2-180 show netio 2-181 show nexus-device 2-182 show np 2-184 show ntp 2-188 show optimization-global 2-189 show parameter-map 2-190 show probe 2-191 show processes 2-192 show pvlans 2-193 show radius-server 2-194 show resource allocation 2-195 show resource internal 2-196 show resource usage 2-198 show restore 2-201 show role 2-203 show rserver 2-204 show running-config 2-206 show scp 2-208 show script 2-209 show security internal event-history 2-211 show serverfarm 2-212 show service-policy 2-214 show snmp 2-216 show ssh 2-218 show startup-config 2-220 show stats 2-221 show sticky cookie-insert group 2-223 show sticky database 2-224 show sticky hash 2-227 show syn-cookie 2-229 show system 2-230CLI Command Summary By Mode IN-17 Command Reference, Cisco ACE Application Control Engine OL-25339-01 show tacacs-server 2-232 show tcp statistics 2-233 show tech-support 2-234 show telnet 2-235 show terminal 2-236 show udp statistics 2-237 show user-account 2-238 show users 2-239 show version 2-240 show vlans 2-242 show vm-controller 2-243 show vnet 2-244 show xlate 2-245 SSL Parameter-Map Configuration Mode Commands (config-parammap-ssl) rehandshake enable 2-884 SSL Proxy Configuration Mode Commands 2-1294 (config-ssl-proxy) authgroup 2-1295 (config-ssl-proxy) cert 2-1297 (config-ssl-proxy) chaingroup 2-1299 (config-ssl-proxy) crl 2-1300 (config-ssl-proxy) key 2-1302 (config-ssl-proxy) ocspserver 2-1304 (config-ssl-proxy) revcheckprio 2-1306 (config-ssl-proxy) ssl advanced-options 2-1308 Sticky Cookie Configuration Mode Commands 2-1309 (config-sticky-cookie) cookie insert 2-1310 (config-sticky-cookie) cookie offset 2-1311 (config-sticky-cookie) cookie secondary 2-1312 (config-sticky-cookie) replicate sticky 2-1313 (config-sticky-cookie) serverfarm 2-1314 (config-sticky-cookie) static cookie-value 2-1315 (config-sticky-cookie) timeout 2-1316 Sticky HTTP Content Configuration Mode Commands 2-1317 (config-sticky-content) content 2-1318 (config-sticky-content) replicate sticky 2-1320 (config-sticky-content) serverfarm 2-1321 (config-sticky-content) static content 2-1323 (config-sticky-content) timeout 2-1324 Sticky HTTP Header Configuration Mode Commands 2-1325 (config-sticky-header) header offset 2-1327 (config-sticky-header) replicate sticky 2-1329 (config-sticky-header) serverfarm 2-1330 (config-sticky-header) static header-value 2-1332 (config-sticky-header) timeout 2-1333 Sticky IP Configuration Mode Commands 2-1334 (config-sticky-ip) replicate sticky 2-1336 (config-sticky-ip) serverfarm 2-1337 (config-sticky-ip) static client source 2-1338 (config-sticky-ip) timeout 2-1341 Sticky Layer 4 Payload Configuration Mode Commands 2-1342 (config-sticky-l4payloa) layer4-payload 2-1344 (config-sticky-l4payloa) replicate sticky 2-1346, 2-1347 (config-sticky-l4payloa) serverfarm 2-1348 (config-sticky-l4payloa) static layer4-payload 2-1349 (config-sticky-l4payloa) timeout 2-1350CLI Command Summary By Mode IN-18 Command Reference, Cisco ACE Application Control Engine OL-25339-01 Sticky RADIUS Configuration Mode Commands 2-1351 (config-sticky-radius) replicate sticky 2-1353 (config-sticky-radius) serverfarm 2-1354 (config-sticky-radius) timeout 2-1355 Sticky RTSP Header Configuration Mode Commands 2-1356 (config-sticky-header) replicate sticky 2-1358, 2-1360 (config-sticky-header) serverfarm 2-1361 (config-sticky-header) static header-value 2-1362 (config-sticky-header) timeout 2-1363 Sticky SIP Header Configuration Mode Commands 2-1364 (config-sticky-header) replicate sticky 2-1366 (config-sticky-header) serverfarm 2-1367 (config-sticky-header) static header-value 2-1368 (config-sticky-header) timeout 2-1369 TACACS+ Configuration Mode Commands 2-1371 (config-tacacs+) deadtime 2-1372 (config-tacacs+) server 2-1374 VM Configuration Mode Commands 2-1376 (config-vm) credentials 2-1377 (config-vm) url 2-1378 © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 73 Reference Guide Cisco Aironet Antennas and Accessories Overview Executive Overview This antenna reference guide explains issues and concerns about antennas used with a Cisco ® Aironet ® wireless LAN system or wireless bridge system. It details deployment and design, limitations and capabilities, and basic theories of antennas. This document also contains information about the Cisco antennas and accessories, as well as installation scenarios, regulatory information, and technical specifications and diagrams of the available antennas. Overview of Antennas Each Cisco Aironet radio product is designed to perform in a variety of environments. Implementing the antenna system can greatly improve coverage and performance. To optimize the overall performance of a Cisco wireless LAN, it is important to understand how to maximize radio coverage with the appropriate antenna selection and placement. An antenna system comprises numerous components, including the antenna, mounting hardware, connectors, antenna cabling, and in some cases, a lightning arrestor. For a consultation, please contact a Cisco Aironet partner at: http://tools.cisco.com/WWChannels/LOCATR/jsp/partner_locator.jsp. Cisco partners can provide onsite engineering assistance for complex requirements. Radio Technologies In the mid-1980s, the U.S. Federal Communications Commission (FCC) modified Part 15 of the radio spectrum regulation, which governs unlicensed devices. The modification authorized wireless network products to operate in the industrial, scientific, and medical (ISM) bands using spread spectrum modulation. This type of modulation had formerly been classified and permitted only in military products. The ISM frequencies are in three different bands, located at 900 MHz, 2.4 GHz, and 5 GHz. This document covers both the 2.4- and 5-GHz bands. The ISM bands typically allow users to operate wireless products without requiring specific licenses, but this will vary in some countries. In the United States, there is no requirement for FCC licenses. The products themselves must meet certain requirements to be certified for sale, such as operation under 1-watt transmitter output power (in the United States) and maximum antenna gain or effective isotropic radiated power (EIRP) ratings. The Cisco Aironet product lines utilize both the 2.4- and 5-GHz bands. In the United States, three bands are defined as unlicensed and known as the ISM bands. The ISM bands are as follows: ? 900 MHz (902-928 MHz) ? 2.4 GHz (2.4-2.4835 GHz) - IEEE 802.11b ? 5 GHz (5.15-5.35 and 5.725-5.825 GHz) - IEEE 802.11a, HIPERLAN/1 and HIPERLAN/2. This band is also known as the UNII band, and has three subbands: UNII1 (5.150-5.250 GHz), UNII2 (5.250-5.350 GHz), and UNII3 (5.725-5.825 GHz). © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 73 Each set of bands has different characteristics. The lower frequencies exhibit better range, but with limited bandwidth and hence lower data rates. The higher frequencies have less range and are subject to greater attenuation from solid objects. 802.11 Modulation Techniques The IEEE 802.11 standard makes provisions for the use of several different modulation techniques to encode the transmitted data onto the RF signal. These modulation techniques are used to enhance the probability of the receiver correctly receiving the data and thus reducing the need for retransmissions. The techniques vary in their complexities and robustness to RF signal propogation impairments. Direct-Sequence Spread Spectrum The direct-sequence spread spectrum (DSSS) approach involves encoding redundant information into the RF signal. Every data bit is expanded to a string of chips called a chipping sequence or Barker sequence. The chipping rate, as mandated by the U.S. FCC, is 10 chips at the 1- and 2-Mbps rates and 8 chips at the 11-Mbps rate. So, at 11 Mbps, 8 bits are transmitted for every one bit of data. The chipping sequence is transmitted in parallel across the spread spectrum frequency channel. Frequency-Hopping Spread Spectrum Frequency-hopping spread spectrum (FHSS) uses a radio that moves or hops from one frequency to another at predetermined times and channels. The regulations require that the maximum time spent on any one channel is 400 milliseconds. For the 1- and 2-Mb FHSS systems, the hopping pattern must include 75 different channels, and must use every channel before reusing any one. For wide-band frequency hopping (WBFH) systems, which permit up to 10-Mb data rates, the rules require the use of at least 15 channels, and they cannot overlap. With only 83 MHz of spectrum, WBFH limits the systems to 15 channels, thus causing scalability issues. In every case, for the same transmitter power and antennas, a DSSS system will have greater range, scalability, and throughput than an FHSS system. For this reason, Cisco has chosen to support only direct-sequence systems in the spread spectrum products. Orthogonal Frequency Division Multiplexing The orthogonal frequency division multiplexing (OFDM) used in 802.11a and 802.11g data transmissions offers greater performance than the older direct-sequence systems. In the OFDM system, each tone is orthogonal to the adjacent tones and therefore does not require the frequency guard band needed for direct sequence. This guard band lowers the bandwidth efficiency and wastes up to 50 percent of the available bandwidth. Because OFDM is composed of many narrow-band tones, narrow-band interference degrades only a small portion of the signal, with little or no effect on the remainder of the frequency components. Antenna Properties and Ratings An antenna gives the wireless system three fundamental properties - gain, direction, and polarization. Gain is a measure of increase in power. Direction is the shape of the transmission pattern. A good analogy for an antenna is the reflector in a flashlight. The reflector concentrates and intensifies the light beam in a particular direction similar to what a parabolic dish antenna would do to a RF source in a radio system. Antenna gain is measured in decibels, which is a ratio between two values. The gain of a specific antenna is compared to the gain of an isotropic antenna. An isotropic antenna is a theoretical antenna with a uniform threedimensional radiation pattern (similar to a light bulb with no reflector). dBi is used to compare the power level of a © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 73 given antenna to the theoretical isotropic antenna. The U.S. FCC uses dBi in its calculations. An isotropic antenna is said to have a power rating of 0 dB, meaning that it has zero gain/loss when compared to itself. Unlike isotropic antennas, dipole antennas are real antennas. Dipole antennas have a different radiation pattern compared to isotropic antennas. The dipole radiation pattern is 360 degrees in the horizontal plane and 75 degrees in the vertical plane (assuming the dipole antenna is standing vertically) and resembles a donut in shape. Because the beam is “slightly” concentrated, dipole antennas have a gain over isotropic antennas of 2.14 dB in the horizontal plane. Dipole antennas are said to have a gain of 2.14 dBi (in comparison to an isotropic antenna). Some antennas are rated in comparison to dipole antennas. This is denoted by the suffix dBd. Hence, dipole antennas have a gain of 0 dBd (= 2.14 dBi). Note that the majority of documentation refers to dipole antennas as having a gain of 2.2 dBi. The actual figure is 2.14 dBi, but is often rounded up. Types of Antennas Cisco offers several different styles of antennas for use with access points and bridges in both 2.4-GHz and 5-GHz products. Every antenna offered for sale has been FCC-approved. Each type of antenna will offer different coverage capabilities. As the gain of an antenna increases, there is some tradeoff to its coverage area. Usually high-gain antennas offer longer coverage distances, but only in a certain direction. The radiation patterns below will help to show the coverage areas of the styles of antennas that Cisco offers: omnidirectional, Yagi, and patch antennas. Omnidirectional Antennas An omnidirectional antenna (Figure 1) is designed to provide a 360-degree radiation pattern. This type of antenna is used when coverage in all directions from the antenna is required. The standard 2.14-dBi “Rubber Duck” is one style of omnidirectional antenna. Figure 1. Omnidirectional Antenna Directional Antennas Directional antennas come in many different styles and shapes. An antenna does not offer any added power to the signal; it simply redirects the energy it receives from the transmitter. By redirecting this energy, it has the effect of providing more energy in one direction, and less energy in all other directions. As the gain of a directional antenna increases, the angle of radiation usually decreases, providing a greater coverage distance, but with a reduced coverage angle. Directional antennas include patch antennas (Figure 2), Yagi antennas (Figure 3), and parabolic dishes. Parabolic dishes have a very narrow RF energy path, and the installer must be accurate in aiming these types of antennas these at each other. © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 73 Figure 2. Directional Patch Antenna Figure 3. Yagi Antenna Diversity Antenna Systems Diversity antenna systems are used to overcome a phenomenon known as multipath distortion or multipath interference. A diversity antenna system uses two identical antennas, located a small distance apart, to provide coverage to the same physical area. Multipath Distortion Multipath interference occurs when an RF signal has more than one path between a receiver and a transmitter. This occurs in sites that have a large amount of metallic or other RF reflective surfaces. Just as light and sound bounce off of objects, so does RF. This means there can be more than one path that RF takes when going from a transmit (TX) and receive (RX) antenna. These multiple signals combine in the RX antenna and receiver to cause distortion of the signal. Multipath interference can cause the RF energy of an antenna to be very high, but the data would be unrecoverable. Changing the type of antenna and location of the antenna can eliminate multipath distortion (Figure 4). © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 73 Figure 4. Multipath Distortion You can relate multipath distortion to a common occurrence in your car. As you pull up to a stop, you may notice static on the radio. But as you move forward a few inches or feet, the station starts to come in more clearly. By rolling forward, you move the antenna slightly, out of the point where the multiple signals converge. How Diversity Antenna Systems Reduce Multipath Distortion A diversity antenna system can be compared to a switch that selects one antenna or another, never both at the same time. The radio in receive mode will continually switch between antennas listening for a valid radio packet. After the beginning sync of a valid packet is heard, the radio will evaluate the sync signal of the packet on one antenna, and then switch to the other antenna and evaluate. Then the radio will select the best antenna and use only that antenna for the remaining portion of that packet. On transmit, the radio will select the same antenna it used the last time it communicated to that given radio. If a packet fails, it will switch to the other antenna and retry the packet. One caution with diversity antenna systems is that they are not designed for using two antennas covering two different coverage cells. The problem in using it this way is that if antenna number 1 is communicating to device number 1 while device number 2 (which is in the antenna number 2 cell) tries to communicate, antenna number 2 is not connected (due to the position of the switch), and the communication fails. Diversity antennas should cover the same area from only a slightly different location. With the introduction of the latest direct-spread physical layer chips, and the use of diversity antenna systems, direct-spread systems have equaled or surpassed frequency-hopping systems in handling multipath interference. While the introduction of WBFH does increase the bandwidth of frequency-hopping systems, it drastically affects the ability to handle multipath issues, further reducing its range compared to present direct-spread systems in sites that are highly RF reflective. Wireless LAN Design Before the physical environment is examined, it is critical to identify the mobility of the application, the means for coverage, and system redundancy. An application such as point-to-point, which connects two or more stationary users, may be best served by a directional antenna, while mobile users will generally require a number of omnidirectional micro cells. These individual micro cells can be linked together through the wired LAN infrastructure or by using the wireless repeater functionality built into every Cisco Aironet access point. The Physical Environment After mobility issues are resolved, the physical environment must be examined. While the area of coverage is the most important factor for antenna selection, it is not the sole decision criterion. Building construction, ceiling height, internal obstructions, available mounting locations, and the customer’s aesthetic desires also must be considered. © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 73 Cement and steel construction have different radio propagation characteristics. Internal obstructions such as product inventory and racking in warehousing environments are factors. In outdoor environments, many objects can affect antenna patterns, including trees, vehicles, and buildings, to name a few. The Network Connections Cisco Aironet access points use a 10/100/1000-Mb Ethernet connection. Typically the access point is in the same location as the antenna. While it may seem that the best place to put the access point is in a wiring closet with the other network components, such as switches, hubs, and routers, this is not the case. The antenna must be placed in an area that provides the best coverage (determined by a site survey). Many people new to wireless LANs want to locate the access points in the wiring closet and connect the antenna using RF coax. Antenna cable introduces losses in the antenna system on both the transmitter and the receiver. As the length of cable increases, so does the amount of loss introduced. To operate at optimum efficiency, cable runs should be kept as short as possible. (See the Cabling section in this document for more information.) Building Construction The density of the materials used in a building's construction determines the number of walls the RF signal can pass through and still maintain adequate coverage. Following are a few examples. The actual effect on the RF must be tested at the site, and therefore a site survey is recommended. Paper and vinyl walls have very little effect on signal penetration. Solid walls and floors and precast concrete walls can limit signal penetration to one or two walls without degrading coverage. This may vary widely based on any steel reinforcing within the concrete. Concrete and concrete block walls may limit signal penetration to three or four walls. Wood or drywall typically allow for adequate penetration through five or six walls. A thick metal wall reflects signals, resulting in poor penetration. Steel-reinforced concrete flooring will restrict coverage between floors to perhaps one or two floors. Recommendations for some common installation environments are outlined below: ? Warehousing/manufacturing: In most cases, these installations require a large coverage area. Experience has shown that an omnidirectional antenna mounted at 20 to 25 feet typically provides the best overall coverage. Of course, this also depends upon the height of the racking, material on the rack, and ability to locate the antenna at this height. Mounting the antenna higher will sometimes actually reduce coverage, as the angle of radiation from the antenna is more outward than down. The antenna should be placed in the center of the desired coverage cell and in an open area for best performance. In cases where the radio unit will be located against a wall, a directional antenna such as a patch or Yagi can be used for better penetration of the area. The coverage angle of the antenna will affect the coverage area. ? Small office/small retail store: The standard dipole may provide adequate coverage in these areas depending on the location of the radio device. However, in a back corner office a patch antenna may provide better coverage. It can be mounted to the wall above most obstructions for best performance. Coverage of this type antenna depends on the surrounding environment. ? Enterprise/large retail store: In most cases, these installations require a large coverage area. Experience has shown that omnidirectional antennas mounted just below the ceiling girders or just below the drop ceiling typically provide the best coverage (this will vary with stocking, type of material, and building construction). The antenna should be placed in the center of the desired coverage cell and in an open area for best performance. In cases where the radio unit will be located in a corner, or at one end of the building, a directional antenna such as a patch or Yagi can be used for better penetration of the area. © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 73 Also, for areas that are long and narrow - such as long rows of racking - a directional antenna at one end may provide better coverage. The radiation angle of the antennas will also affect the coverage area. ? Point-to-point: When connecting two points together (such as a wireless bridge), the distance, obstructions, and antenna location must be considered. If the antennas can be mounted indoors and the distance is very short (several hundred feet), the standard dipole or mast mount 5.2 dBi omnidirectional may be used. An alternative is to use two patch antennas. For very long distances (1/2 mi. or more), directional high-gain antennas must be used. These antennas should be installed as high as possible, and above obstructions such as trees, buildings, and so on; and if directional antennas are used, they must be aligned so that their main radiated power lobes are directed at each other. With a line-of-site configuration, distances of up to 25 miles at 2.4 GHz and 12 miles at 5 GHz can be reached using parabolic dish antennas, if a clear line-of-site is maintained. With the use of directional antennas, fewer interference possibilities exist and there is less possibility of causing interference to anyone else. ? Point-to-multipoint bridge: In this case (in which a single point is communicating to several remote points), the use of an omnidirectional antenna at the main communication point must be considered. The remote sites can use a directional antenna that is directed at the main point antenna. Cabling As stated above, cabling introduces losses into the system, negating some of the gain an antenna introduces and reducing range of the RF coverage. Interconnect Cable Attached to all antennas (except the standard dipoles), this cable provides a 50 ohm impedance to the radio and antenna, with a flexible connection between the two items. It has a high loss factor and should not be used except for very short connections (usually less than 10 feet). Typical length on all antennas is 36 in. (or 12 in. on some outdoor antennas). Low-Loss/Ultra-Low-Loss Cable Cisco offers two styles of cables for use with the 2.4-GHz and 5-GHz product lines. These cables provide a much lower loss factor than standard interconnect cable, and they can be used when the antenna must be placed at any distance from the radio device. While these are low-loss cables, they should still be kept to a minimum length. There are two types of cable supplied by Cisco for mounting the antenna away from the radio unit. The 100- and 150-foot cables are LMR600 type cable, while the 20- and 50-foot cables are LMR400 type cables. All four lengths are supplied with one RP-TNC plug and one RP-TNC jack connector attached. This allows for connection to the radio unit and to the interconnect cable supplied on the antennas. Connectors According to the U.S. Federal Code of Regulations, products used in the 2.4- and 5-GHz ISM bands manufactured after June 1994 must either use connectors that are unique and nonstandard (meaning not readily available on the market by the average user) or be designed to be professionally installed (“professional” here indicates a person trained in RF installation and regulations). Since many of the 2.4-GHz products are installed by non-RF trained personnel, these products must comply with the unique connector ruling. The Cisco outdoor access and bridge products are designed for installation by a RF professional, and therefore may use a standard N style connector. Cisco Aironet indoor products use reverse polarity-TNC (RP-TNC) connectors. While they are similar to the normal TNC connectors, they cannot be mated to the standard connectors. To ensure compatibility with Cisco Aironet products, use antennas and cabling from Cisco. © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 73 Mounting Hardware Each antenna requires some type of mounting. The standard dipole antenna simply connects to the RP-TNC connector on the unit. Mast mount antennas are designed to mount to a variety of mast diameters and each comes with mounting hardware for attachment. The Yagi antennas have an articulating mount option. Patch antennas are designed to mount flat against a wall or ceiling, and ceiling-mount antennas are equipped with a drop-ceiling cross-member attachment. The 2.4-GHz 21-dBi parabolic dish mounts to a 1.625- up to a 2.375-in. mast. In this dish antenna, fine-threaded turn-buckles allow accurate aiming of the antenna. For most indoor applications, a .75- or 1-in. electrical conduit provides a suitable mounting. For outdoor applications, use a heavy galvanized or aluminum wall mast that will withstand the wind-loading rating of the selected antenna. Lightning Arrestors When using outdoor antenna installations, it is always possible that an antenna will suffer damage from potential charges developing on the antenna and cable, or surges induced from nearby lightning strikes. The Cisco Aironet lightning arrestor is designed to protect 2.4-GHz to 5.8- GHz radio equipment from static electricity and lightninginduced surges that travel on coaxial transmission lines. Both systems need to be properly grounded as identified in the hardware installation manuals of the products. These protection mechanisms will not prevent damage in the event of a direct lightning hit. Theory of Operation The Cisco Aironet Lightning Arrestor (Figure 5) prevents energy surges from reaching the RF equipment by the shunting effect of the device. Surges are limited to less than 50 volts, in about .0000001 seconds (100 nanoseconds). A typical lightning surge is about .000002 (2 micro seconds). Figure 5. Cisco Aironet Lightning Arrestor The accepted IEEE transient (surge) suppression is .000008 seconds (8 micro seconds). The Cisco Aironet Lightning Arrestor is a 50-ohm transmission line with a gas discharge tube positioned between the center conductor and ground. This gas discharge tube changes from an open circuit to a short circuit almost instantaneously in the presence of voltage and energy surges, providing a path to ground for the energy surge. © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 9 of 73 Installation This arrestor is designed to be installed between your antenna cable and the Cisco Aironet access point. Installation should be indoors, or inside a protected area. A good ground must be attached to the arrestor. This can be accomplished by attaching a ground lug to the arrestor and using a heavy wire (number 6 solid copper) to connect the lug to a good earth ground (see Figure 6). Understanding RF Power Values Radio frequency (RF) signals are subject to various losses and gains as they pass from transmitter through cable to antenna, through air (or solid obstruction), to receiving antenna, cable, and receiving radio. With the exception of solid obstructions, most of these figures and factors are known and can be used in the design process to determine whether an RF system such as a WLAN will work. Decibels The decibel (dB) scale is a logarithmic scale used to denote the ratio of one power value to another. For example: X1`dB = 10 log10 (Power A/Power B) An increase of 3 dB indicates a doubling (2x) of power. An increase of 6 dB indicates a quadrupling (4x) of power. Conversely, a decrease of 3 dB reduces power by one half, and a decrease of 6 dB results in a one fourth of the power. Some examples are shown below in Table 1. Table 1. Decibel Values and Corresponding Factors Increase Factor Decrease Factor 0 dB 1 x (same) 0 dB 1 x (same) 1 dB 1.25 x -1 dB 0.8 x 3 dB 2 x -3 dB 0.5 x 6 dB 4 x -6 dB 0.25 x 10 dB 10 x -10 dB 0.10 x 12 dB 16 x -12 dB 0.06 x 20 dB 100 x -20 dB 0.01 x 30 dB 1000 x -30 dB 0.001 x 40 dB 10,000 x -40 dB 0.0001 x Power Ratings WLAN equipment is usually specified in decibels compared to known values. Transmit Power and Receive Sensitivity are specified in “dBm,” where “m” means 1 milliwatt (mW). So, 0 dBm is equal to 1 mW; 3 dBm is equal to 2 mW; 6 dBm is equal to 4 mW, and so on, as shown in Table 2. Table 2. Common mW Values to dBm Values dBm mW dBm mW 0 dBm 1 mW 0 dBm 1 mW 1 dBm 1.25 mW -1 dBm 0.8 mW 3 dBm 2 mW -3 dBm 0.5 mW 6 dBm 4 mW -6 dBm 0.25 mW 7 dBm 5 mW -7 dBm 0.20 mW 10 dBm 10 mW -10 dBm 0.10 mW © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 10 of 73 dBm mW dBm mW 12 dBm 16 mW -12 dBm 0.06 mW 13 dBm 20 mW -13 dBm 0.05 mW 15 dBm 32 mW -15 dBm 0.03 mW 17 dBm 50 mW -17 dBm 0.02 mw 20 dBm 100 mW -20 dBm 0.01 mW 30 dBm 1000 mW (1 W) -30 dBm 0.001 mW 40 dBm 10,000 mW (10 W) -40 dBm 0.0001 mW Outdoor Range The range of a wireless link is dependent upon the maximum allowable path loss. For outdoor links, this is a straightforward calculation as long as there is clear line of sight between the two antennas with sufficient clearance for the Fresnel zone. For line of sight, you should be able to visibly see the remote locations antenna from the main site. (Longer distances may require the use of binoculars). There should be no obstructions between the antennas themselves. This includes trees, buildings, hills, and so on. As the distance extends beyond six miles, the curve of the earth (commonly called earth bulge) affects installation, requiring antennas to be placed at higher elevations. Fresnel Zone Fresnel zone is an elliptical area immediately surrounding the visual path. It varies depending on the length of the signal path and the frequency of the signal. The Fresnel zone can be calculated, and it must be taken into account when designing a wireless link (Figure 6). Figure 6. Fresnel Zone Based on both line-of-sight and Fresnel zone requirements, Table 3 provides a guideline on height requirements for 2.4-GHz antennas as various distances. This refers to height above any obstacles located in the middle of the RF path. Table 3. Guideline on Height Requirements for 2.4-GHz Antennas Wireless Link Distance (miles) Approx. Value “F” (60% Fresnel Zone) Ft. at 2.4 GHz Approx. Value “C” (Earth Curvature) Value “H” (mounting Ht.) Ft. with No Obstructions 1 10 3 13 5 30 5 35 10 44 13 57 15 55 28 83 20 65 50 115 25 72 78 150 © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 11 of 73 Cisco.com provides an Outdoor Bridge Range Calculation Utility for both 2.4-GHz and 5-GHz products. This utility calculates the Fresnel zone and maximum range based upon cable types and lengths, transmitter and receiver models, and antennas. The utility can be found at: http://www.cisco.com/en/US/products/hw/wireless/ps458/products_tech_note09186a008009459b.shtml A 10-dB fade margin is included for 2.4-GHz calculations, while the included 5-dB fade margin for 5-GHz calculations is sufficient for dependable communications in all weather conditions. The distances given are only theoretical and should only be used to determine the feasibility of a particular design. Outdoors, every increase of 6-dB will double the distance. Every decrease of 6-dB will halve the distance. Shortercable runs and higher-gain antennas can make a significant difference to the range. The following links provide range calculations for the outdoor mesh products: ? Cisco Aironet 1520 Series: http://www.cisco.com/en/US/partner/products/ps11451/products_implementation_design_guides_list.htm ? Cisco Aironet 1550 Series: http://www.cisco.com/en/US/partner/products/ps8368/products_implementation_design_guides_list.html Regulations North America Connectors In 1985, the FCC enacted standards for the commercial use of spread-spectrum technology in the ISM frequency bands. Spread spectrum is currently allowed in the 900-, 2400-, and 5200- MHz bands. In 1989, the FCC drafted an amendment governing spread-spectrum systems in the unlicensed ISM band, and Congress enacted this amendment into law in 1990. This amendment is commonly referred to as the “new rules” or “’94 rules” because it impacts all spread-spectrum products manufactured after June 23, 1994. Products manufactured before June 23, 1994, are not affected by the amendment. The FCC 1994 rules are intended to discourage use of amplifiers, high-gain antennas, or other means of significantly increasing RF radiation. The rules are further intended to discourage “home brew” systems that are installed by inexperienced users and that - either accidentally or intentionally - do not comply with FCC regulations for use in the ISM band. Both the original rules and the amendments sought to enable multiple RF networks to “coexist” with minimum impact on one another by exploiting properties of spread-spectrum technology. Fundamentally, the FCC 1994 rules intend to limit RF communications in the ISM band to a well-defined region, while ensuring multiple systems can operate with minimum impact on one another. These two needs are addressed by limiting the type and gain of antennas used with a given system, and by requiring a greater degree of RF energy “spreading.” Antenna Gain and Power Output FCC regulations specify maximum power output and antenna gain. For the UNII3 band, the FCC limits the transmitter power to 1 watt or 30 dBm, and the antenna gain of an omnidirectional antenna to 6 dBi. For directional antennas operating in a point-to-point system, gains of up to 23 dBi are permitted. For antennas with gain higher than 23 dBi, the transmitter output power must be reduced 1 dB for every 1 dB above 23 dBi increase in the antenna gain. © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 12 of 73 At 2.4 GHz, the maximum transmitter power is also 1 watt. Using this maximum power, the maximum antenna gain is 6 dBi. However, the regulations also define the maximum values in regards to the following two different system scenarios. Point-to-Point and Point-to-Multipoint Systems In point-to-multipoint systems, the FCC has limited the maximum EIRP to 36 dBm. EIRP = TX power + antenna gain. For every dB that the transmitter power is reduced, the antenna may be increased by 1 dB. Thus, 29 dBm TX, +7 dB antenna = 36 dBm EIRP; 28 dBm TX +8 dB antenna = 36 dBm EIRP. The Cisco Aironet 2.4-GHz bridge transmitter power is 20 dBm, which is 10 dBm lower than maximum. This then allows the use of antennas up to 10 dB over the initial 6 dBi limit, or 16 dBi. In point-to-point systems for 2.4-GHz systems using directional antennas, the rules have changed. Because a high-gain antenna has a narrow beamwidth, the likelihood is great that it will cause interference to other area users. Under the rule change, for every dB the transmitter is reduced below 30 dBm, the antenna may be increased from the initial 6 dBi, by 3 dB. Thus, a 29-dB transmitter means 9-dBi antenna; a 28-dB transmitter means 12-dBi antenna. Because we are operating at 20 dBm, which is 10 dB below the 30 dBm level, we can increase the antenna gain by 30 dB. Note that Cisco has never tested, and therefore has not certified, any antenna with gain greater than 21 dBi. The main issue that comes up here is: What differentiates a point-to-point from a multipoint system. In Figure 7, point A communicates to a single point (point B), and point B communicates to a single point A; therefore, it is simple to see that both locations see this as a point-to-point installation. In Figure 8, point A communicates to more than one (or multiple) points; therefore, point A is operating in a multipoint configuration, and the largest antenna permitted is 16 dBi. Point B or point C can each communicate to only one point (point A); therefore, point B and point C actually operate in a single-point or point-to-point operation, and a larger antenna may be used. Figure 7. Point-to-Point Wireless Bridge Solution Figure 8. Point-to-Multipoint Wireless Bridge Solution © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 13 of 73 Amplifiers In the FCC rules, Section 15.204-Part C states: “External radio frequency power amplifiers shall not be marketed as separate products.” Part D states: “Only the antenna with which an intentional radiator (transmitter) is originally authorized may be used with the intentional radiator." This means that unless the amplifier manufacturer submits the amplifier for testing with the radio and antenna, it cannot be sold in the United States. If it has been certified, it must be marketed and sold as a complete system, including transmitter, antenna, and coaxial cable. It also must be installed exactly this way. If you are using a system that includes an amplifier, remember that these rules concerning power are still in effect. If the amplifier is one-half (.5) watt (27 dBm), this means in a multipoint system, the maximum antenna gain is only 9 dBi, and in a point-to-point system it is only 15 dBi. ETSI The European Telecommunication Standardization Institute (ETSI) has developed standards that have been adopted by many European countries as well as many others. Under the ETSI regulations, the power output and EIRP regulations are much different than in the United States. Antenna Gain and Power Output The ETSI regulations specify maximum EIRP as 20 dBm. Since this includes antenna gain, this limits the antennas that can be used with a transmitter. To use a larger antenna, the transmitter power must be reduced so that the overall gain of the transmitter, plus the antenna gain, less any losses in coax, is equal to or less than +20 dBm. This drastically reduces the overall distance an outdoor link can operate. Amplifiers Since the ETSI regulation has such a low EIRP, the use of amplifiers is typically not permitted in any ETSI system. Frequencies and Channel Sets IEEE 802.11b/g Direct Sequence Channels Fourteen channels are defined in the IEEE 802.11b/g direct-sequence channel set. Each direct-sequence channel as transmitted is 22 MHz wide; however, the channel center separation is only 5 MHz. This leads to channel overlap such that signals from neighboring channels can interfere with each other. In a 14-channel directsequence system (11 usable in the United States), only three nonoverlapping (and hence, noninterfering) channels, 25 MHz apart, are possible (for example, channels 1, 6, and 11). This channel spacing governs the use and allocation of channels in a multiple-access-point environment such as an office or campus. Access points are usually deployed in “cellular” fashion within an enterprise, where adjacent access points are allocated nonoverlapping channels. Alternatively, access points can be collocated using channels 1, 6, and 11 to deliver 33 Mbps bandwidth to a single area (but only 11 Mbps to a single client). The channel allocation scheme is illustrated in Figure 9, and the available channels in the different regulatory domains are defined in Table 4. © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 14 of 73 Figure 9. IEEE 802.11b/g DSSS Channel Allocations Table 4 shows the channels permitted in the corresponding approval areas. Table 4. DSSS PHY Frequency Channel Plan Channel Regulatory Domains (Maximum Conducted Average Power Levels in dBm) ID Frequency (MHz) -A -C -E -I -J -K -N -P -S -T 2400-2484 MHz Mode B G B G B G B G B G B G B G B G B G B G 1 2412 X X X X X X X X X X X X X X X X X X 2 2417 X X X X X X X X X X X X X X X X X X 3 2422 X X X X X X X X X X X X X X X X X X 4 2427 X X X X X X X X X X X X X X X X X X 5 2432 X X X X X X X X X X X X X 17 X X X X X X 6 2437 X X X X X X X X X X X X X X X X X X X X 7 2442 X X X X X X X X X X X X X X X X X X X X 8 2447 X X X X X X X X X X X X X X X X X X X X 9 2452 X X X X X X X X X X X X X X X X X X X 17 10 2457 X X X X X X X X X X X X X X X X X X X X 11 2462 X X X X X X X X X X X X X X X X X X X X 12 2467 X X X X X X X X X X X X X X 13 2472 X X X X X X X X X X X X X X 14 2484 X X © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 15 of 73 IEEE 802.11a Channels The 802.11a specification today specifies four channels for the UNII1 band, four channels for the UNII2 band, and four channels for the UNII3 band. These channels are spaced at 20 MHz apart and are considered noninterfering; however, they do have a slight overlap in frequency spectrum. It is possible to use adjacent channels in adjacent cell coverage, but it is recommended when possible to separate adjacent cell channels by at least 1 channel. Figure 10 shows the channel scheme for the 802.11 bands, and Table 5 lists the North American frequency allocations. Figure 10. 802.11a Channel Allocation Table 5. 802.11a Frequency Plan Regulatory Domain Frequency Band Channel Number Centre Frequencies USA ? UNII lower band ? 5.15-5.25 GHz ? 36 ? 40 ? 44 ? 48 ? 5.180 GHz ? 5.200 GHz ? 5.220 GHz ? 5.240 GHz USA ? UNII middle + extended ? 5.25-5.700 GHz ? 52 ? 56 ? 60 ? 64 ? 100 ? 104 ? 108 ? 112 ? 116 ? 120 * ? 124 * ? 128 * ? 132 ? 5.260 GHz ? 5.280 GHz ? 5.300 GHz ? 5.320 GHz ? 5.500 GHz ? 5.520 GHz ? 5.540 GHz ? 5.560 GHz ? 5.580 GHz ? 5.600 GHz ? 5.620 GHz ? 5.640 GHz ? 5.660 GHz © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 16 of 73 Regulatory Domain Frequency Band Channel Number Centre Frequencies ? 136 ? 140 ? 5.680 GHz ? 5.700 GHz USA ? UNII upper band ? 5.725-5.825 GHz ? 149 ? 153 ? 157 ? 161 ? 5.745 GHz ? 5.765 GHz ? 5.785 GHz ? 5.805 GHz USA ? ISM band ? 5.725-5.825 GHz ? 149 ? 153 ? 157 ? 161 ? 165 ? 5.745 GHz ? 5.765 GHz ? 5.785 GHz ? 5.805 GHz ? 5.825 GHz * Not supported in US due to weather radars. Cisco Aironet Antenna Descriptions Table 6 below defines the various 2.4 GHz antennas that are offered by Cisco for the Cisco Aironet product line, and Table 7 lists the available antennas for the Cisco Aironet 5 GHz bridge products. Table 8 defines the 2 antennas that are offered for use with the Cisco Aironet 1250 Series Access Points. Table 6. 2.4 GHz Antennas with RP-TNC connectors Cisco Part Number Antenna Type Description Gain AIR-ANT2422DB-R AIR-ANT4941 Black dipole, 1 port Single black dipole antenna with an RP-TNC connector. The antenna provides indoor omnidirectional coverage and is designed for use in the 2400- 2500 MHz frequency band. It has a 90-degree articulation radius. It can be used with all radios that utilize an RP-TNC antenna connector. 2.2 dBi AIR-ANT2422DW-R AIR-ANT2422DW-R= White dipole, 1 port Single white dipole antenna with an RP-TNC connector. The antenna provides indoor omnidirectional coverage and is designed for use in the 2400- 2500 MHz frequency band. It has a 90-degree articulation radius. It can be used with all radios that utilize an RP-TNC antenna connector. 2.2 dBi AIR-ANT2422DG-R AIR-ANT2422DG-R= Gray dipole, 1 port Single gray dipole antenna with an RP-TNC connector. The antenna provides indoor omnidirectional coverage and is designed for use in the 2400-2500 MHz frequency band. It does not articulate as the other dipole antennas. It can be used with all radios that utilize an RP-TNC antenna connector. 2.2 dBi AIR-ANT2422SDW-R AIR-ANT2422SDW-R= White monopole, 1 port Single white monopole antenna with RP-TNC connector. The antenna provides indoor omnidirectional coverage and is designed for use in the 2400- 2500 MHz frequency band. It does not articulate as the other dipole antennas. It can be used with the 1260 and 3500 access points. 2.2 dBi AIR-ANT2450S-R Sector, 1 port Wall mount indoor/outdoor antenna with RP-TNC connector for use with any 2.4 GHz radio. Capable of covering large areas. The plenum rated cable is 36” long. 5 dBi AIR-ANT1728 Omnidirectional Ceiling-mount indoor antenna with RP-TNC connector - This antenna was designed for WLAN applications with frequencies of 2400-2500 MHz. The antenna is omni directional and has a nominal gain of 5.2 dBi. It comes with a clip that allows it to be mounted to a drop-ceiling cross member. 5.2 dBi AIR-ANT2506 Omnidirectional, 1 port Mast-mount indoor/outdoor antenna with a RP-TNC connector - This antenna was designed for WLAN applications for frequencies of 2400-2500 MHz. The antenna is omnidirectional and has a nominal gain of 5.2 dBi. It is designed to be mounted on a round mast. 5.2 dBi AIR-ANT2460P-R Patch, 1 port Wall mount, indoor/outdoor directional patch antenna. Designed for use with any radio that features an RP-TNC antenna connector. For use in the 2400- 2500 MHz frequency band. The pigtail cable is plenum rated, 36”long. 6 dBi AIR-ANT2485P-R Patch, 1 port Wall mount indoor/outdoor antenna with a RP-TNC connector-Designed for use with any radio that features a RP-TNC connector. For use in the 2400- 2500 MHz frequency band. The plenum rated pigtail cable is 36”long. 8.5 dBi © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 17 of 73 Cisco Part Number Antenna Type Description Gain AIR-ANT2410Y-R Yagi, 1 port High-gain outdoor directional antenna with a RP-TNC connector - This WLAN antenna is a completely enclosed yagi. It is designed to be used as a bridge antenna between two networks or for point-to-point communications The gain is 10 dBi and the half-power beamwidth is 55 degrees. This antenna is normally mounted on a mast and is vertically polarized. 10 dBi AIR-ANT24120 Omnidirectional, 1 port Mast mount outdoor high gain antenna with a RP-TNC connector - This antenna was designed for WLAN applications for frequencies of 2400-2500 MHz. The antenna is omni directional and has a nominal gain of 12 dBi. This design uses an elevated center-feed to produce an elevation pattern with very little “squint” or beam-tilt. It is designed to be mounted on a round mast. 12 dBi AIR-ANT1949 Yagi, 1 port High-gain outdoor directional antenna with a RP-TNC connector - This WLAN antenna is a completely enclosed 16-element yagi. It is designed to be used as a bridge antenna between two networks or for point-to-point communications The gain is 13.5 dBi and the half-power beamwidth is 30 degrees. This antenna is normally mounted on a mast and is vertically polarized. 13.5 dBi AIR-ANT2414S-R Sector, 1 port Mast mount outdoor sector antenna with a RP-TNC connector - This antenna was designed for WLAN applications for frequencies of 2400-2500 MHz. The antenna is directional and has a nominal gain of 14 dBi. Its flexible mounting bracket allows for either mast or wall mounting options. 14 dBi AIR-ANT3338 Dish, 1 port Very high-gain outdoor antenna with a RP-TNC connector - This WLAN antenna is a parabolic dish designed to be used as a bridge antenna between two networks or for point-to-point communications. It consists of an aluminum parabolic reflector and feed antenna. The antenna features a rugged mount. It also offers 20 degree fine adjustment for both horizontal and vertical planes. The antenna is provided with hardware for mast mounting. 21 dBi AIR-ANT24020V-R= Omnidirectional, 2 port Ceiling mount indoor antenna with two RP-TNC connectors. Supports diversity antennas in a single package for areas where multipath problems exist. The pigtail cable is plenum rated and 36” long. 2.0 dBi AIR-ANT2452V-R Omnidirectional, 2 port Pillar-mount diversity, indoor antenna with two RP-TNC connectors. Antenna is ideal for the retail or hospital environment. Includes 36 in. of white RG-58 cable with a separation of coaxial cables that are joined together to form a 10 in. length. Included are two mounting brackets that will keep the antenna 6 in. off the wall. 5.2 dBi AIR-ANT2465P-R Patch, 2 port Wall-mount indoor/outdoor antenna with two RP-TNC connectors-Similar to AIR-ANT2460P-R, but providing diversity antennas in the same package for areas where multipath problems exist. The pigtail cable is plenum rated and 36” long. 6.5 dBi AIR-ANT2430V-R= Omnidirectional, 3 port Ceiling-mount indoor omni-directional antenna with three cables terminating in RP-TNC connectors. For use with 802.11n access points. For use in the 2400-2500 MHz frequency band. The pigtail cables are plenum rated and 36” long each. 3 dBi Air-ANT2440NV-R= Omnidirectional, 3 port Wall or mast -mount 2.4 GHz indoor/outdoor omni-directional antenna with three cables terminating in RP-TNC connectors. For use with 802.11n access points. The pigtail cables are plenum rated and 36” long each. 4 dBi AIR-ANT2460NP-R= Patch, 3 port Wall or mast -mount 2.4 GHz indoor/outdoor patch antenna with three cables terminating in RP-TNC connectors. For use with 802.11n access points. The pigtail cables are plenum rated and 36” long each. 6 dBi Table 7. 5 GHz Antennas with RP-TNC connectors Cisco Part Number Antenna Type Description Gain AIR-ANT5135DB-R AIR-ANT5135D-R Omnidirectional, 1 port Single black dipole antenna with an RP-TNC connector. The antenna provides indoor omnidirectional coverage and is designed for use in the 5 GHz frequency band. It has a 90-degree articulation radius. It can be used with radios that utilize an RP-TNC antenna connector. 3.5 dBi AIR-ANT5135DW-R AIR-ANT5135DW-R= Omnidirectional, 1 port Single white dipole antenna with an RP-TNC connector. The antenna provides indoor omnidirectional coverage and is designed for use in the 5 GHz frequency band. It has a 90-degree articulation radius. It can be used with radios that utilize an RP-TNC antenna connector. 3.5 dBi AIR-ANT5135DG-R AIR-ANT5135DG-R= Omnidirectional, 1 port Indoor-only gray, non-articulating dipole like omnidirectional antenna for 5 GHz. It can be used with radios that utilize an RP-TNC antenna connector. 3.5 dBi © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 18 of 73 Cisco Part Number Antenna Type Description Gain AIR-ANT5160V-R Omnidirectional, 1 port Indoor or outdoor use omnidirectional 5 GHz antenna for use with the 1200 Series and the 802.11a module (AIR-RM22A). Can be mast or ceiling mounted. 6 dBi AIR-ANT5195P-R Patch, 1 port Wall or Mast Mount Patch Antenna - Designed for use indoor or outdoors, this antenna comes with a wall mount and a plate that adapts to articulating mounting hardware (AIR-ACC2662), which is sold separately. It has a plenum rated pigtail cable of 36 in. 9.5 dBi AIR-ANT5145V-R Omnidirectional, 2 port Indoor-only ceiling mounted diversity omnidirectional 5 GHz antenna 4.5 dBi AIR-ANT5170P-R Patch, 2 port Wall Mount diversity patch antenna with RP-TNC Connectors - Designed for use in both indoor and outdoor applications. It comes with wall mount hardware, and has a gain of 7 dBi. It has a plenum rated pigtail cable of 36”. 7 dBi AIR-ANT5140V-R= Omnidirectional, 3 port Ceiling mount indoor omni-directional antenna with three cables terminating in RP-TNC connectors. Designed for use with 802.11n access points. The plenum rated pigtail cables are 36” long each. 4 dBi AIR-ANT5140NV-R= Omnidirectional, 3 port Wall or mast mount 5GHz indoor/outdoor omni-directional antenna with three cables terminating in RP-TNC connectors. Designed for use with 802.11n access points. The plenum rated pigtail cables are 36” long each. 4 dBi AIR-ANT5160NP-R= Patch, 3 port Indoor or outdoor wall mounted 5 GHz patch antenna. with three cables terminating in RP-TNC connectors. Designed for use with 802.11n access points. The plenum rated pigtail cables are 36” long each. 6 dBi Table 8. Dual Band Antennas for 2.4 and 5 GHz Access Points with RP-TNC Connectors Cisco Part Number Antenna Type Description Gain AIR-ANT2451V-R= Omnidirectional 4 port Ceiling Mount Omni-directional Antenna - Designed for use indoor, this antenna comes with ceiling mount hardware. It has 4 plenum rated pigtail cables, 18 inches each, with 4 right angle RP-TNC connectors. 2.4 GHz: 2 dBi 5 GHz: 3 dBi AIR-ANT2451NV-R= Omnidirectional, 6 port Ceiling Mount Omni-directional Antenna - Designed for use indoor, this antenna comes with ceiling mount hardware. It has 6 plenum rated pigtail cables, 18 inches each, with 6 RP-TNC connectors. 2.4 GHz: 2 dBi 5 GHz: 3 dBi AIR-ANT25137NP-R= Patch, 6 port Designed for high density wireless applications such as stadiums and arena. Wall mounted patch antenna with 6 plenum rated pigtail cables, 36 inches each and 6 RP-TNC connectors. Only certified for use with AP3502P access point 2.4 GHz: 13 dBi 5 GHz: 7 dBi Table 9. 2.4 GHz and 5 GHz Access Point and Bridge Antennas with N Type Connectors Cisco Part Number Antenna Type Description Gain AIR-ANT2420V-N Omnidirectional 2.4 GHz omnidirectional antenna for mesh access points. Suitable for use on Cisco Aironet 1520 Series Mesh Access Points. It is only 5 inches long, mounts directly to the access point, and has no cable attachments. 2 dBi AIR-ANT2450V-N (=) Omnidirectional 2.4 GHz omnidirectional antenna for mesh access points. Suitable for use on Cisco Aironet 1520 Series Mesh Access Points. It mounts directly to the access point and has no cable attachments. 5 dBi AIR-ANT2455V-N= Omnidirectional 2.4 GHz omnidirectional antenna for mesh access points. Suitable for use on Cisco Aironet 1520 Series Mesh Access Points. It mounts directly to the access point and has no cable attachments. 5.5 dBi AIR-ANT2480V-N (=) Omnidirectional 2.4 GHz omnidirectional antenna for mesh access points. Suitable for use on Cisco Aironet 1520 Series Mesh Access Points. It mounts directly to the access point and has no cable attachments 8 dBi AIR-ANT5140V-N (=) Omnidirectional 5 GHz omnidirectional antenna for mesh access points. Suitable for use on Cisco Aironet 1520 Series Mesh Access Points. It mounts directly to the access point and has no cable attachments. 4 dBi AIR-ANT5175V-N (=) Omnidirectional A 7.5 dBi antenna which supports 4900-5825 MHz. It has a 12” pigtail cable and a N-type connector. 7.5 dBi AIR-ANT5180V-N (=) Omnidirectional 5 GHz omnidirectional antenna for mesh access points. Suitable for use on Cisco Aironet 1520 Series Mesh Access Points. It mounts directly to the access point and has no cable attachments. 8 dBi © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 19 of 73 Cisco Part Number Antenna Type Description Gain AIR-ANT58G9VOA-N Omnidirectional An omnidirectional antenna, for use with the Cisco Aironet 1400 Series Wireless Bridge. This non-diversity, vertically polarized antenna operates in the UNII-3 band (5725 to 5825 MHz). The antenna is designed to be mast mounted in an outdoor environment. The antenna is not compatible with other Cisco Aironet radio products operating in the 5 GHz frequency band. 9 dBi AIR-ANT58G10SSA-N Sector A sector antenna for use with the Cisco Aironet 1400 Series Wireless Bridge. This non-diversity symmetric antenna operates in the UNII-3 band (5725-5825 MHz). The antenna is designed to be mounted outdoors on a mast or a suitable vertical surface. The antenna is not compatible with other Cisco Aironet radio products operating in the 5 GHz frequency band. 9.5 dBi AIR-ANT5114P-N= Patch 5 GHz, 14 dBi patch antenna for use in the 4950-5850 MHz frequency band. The antenna has an N-type connector, and will require a separate low loss cable for mounting to the access point. Articulating mount included. Fits mast pole sizes 2” diameter maximum 14 dBi AIR-ANT5117S-N= Sector 5 GHz, 17 dBi sector antenna for use in the 4950-5850 MHz frequency band. The antenna has an N-type connector, and will require a separate low loss cable for mounting to the access point. Fits mast pole sizes 1.5 to 3” diameter maximum. 17 dBi AIR-ANT58G28SDA-N Dish A parabolic dish antenna for use with the Cisco Aironet 1400 Series Wireless Bridge. This non-diversity parabolic antenna operates in the UNII-3 band (5725-5825 MHz). The antenna is designed to be mounted outdoors on a mast. The antenna is designed to be used at the hub or client site of a point-to-point installation, or point-to-multipoint client sites, providing extended range. The antenna is not compatible with other Cisco Aironet radio products operating in the 5 GHz frequency band. 28 dBi Table 10. 2.4 GHz and 5 GHz Dual-band Antennas with N Type Connectors Cisco Part Number Antenna Type Description Gain AIR-ANT2547V-N (=) Omnidirectional 2.4 GHz, 4 dBi and 5 GHz 7 dBi dual band omnidirectional antenna. which utilizes an N-type connector. It mounts directly to the access point and has no cable attachments 2.4 GHz: 4 dBi 5 GHz: 7 dBi Table 11. 2.4 GHz and 5 GHz Access Point and Bridge Integrated Antennas Cisco Part Number Antenna Type Description Gain Integrated AP1130AG Antenna Omnidirectional Diversity antenna package for both 2.4 GHz and 5 GHz designed for high performance in both ceiling and wall mount applications. Antennas provide hemispherical coverage and cannot be removed from the Access Point. No connectors are offered for additional external antennas. 2.4 GHz: 3 dBi 5 GHz: 4.5 dBi Integrated AP 1040 Antenna 2.4 GHz: 2 dBi 5 Ghz: 4 dBi 802.11n antenna package for both 2.4 GHz and 5 GHz designed for high performance in both ceiling and wall mount applications. Antennas provide hemispherical coverage and cannot be removed from the Access Point. No connectors are offered for additional external antennas. 2.4 GHz: 4 dBi 5 Ghz: 3 dBi Integrated AP 1140 Antenna Omnidirectional 802.11n antenna package for both 2.4 GHz and 5 GHz designed for high performance in both ceiling and wall mount applications. Antennas provide hemispherical coverage and cannot be removed from the Access Point. No connectors are offered for additional external antennas. 2.4 GHz: 4 dBi 5 Ghz: 3 dBi Integrated AP 3500i Antenna Omnidirectional 802.11n antenna package for both 2.4 GHz and 5 GHz designed for high performance in both ceiling and wall mount applications. Antennas provide hemispherical coverage and cannot be removed from the Access Point. No connectors are offered for additional external antennas. 2.4 GHz: 4 dBi 5 Ghz: 3 dBi Integrated OEAP600 Antenna Omnidirectional 802.11n antenna package for both 2.4 GHz and 5 GHz designed for high performance in both ceiling and wall and desk mount applications. Antennas provide hemispherical coverage and cannot be removed from the Access Point. No connectors are offered for additional external antennas. 2.4 GHz: 2 dBi 5 Ghz: 2 dBi © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 20 of 73 Cisco Part Number Antenna Type Description Gain Integrated BR1310G Patch Antenna Integrated Patch 2402-2497 MHz Patch Array Antenna. When the captured antenna version is ordered, this antenna is attached to the 1300 AP/Bridge and provides an integrated solution with exceptional gain. This antenna cannot be removed for use with other radios. 13 dBi Integrated BR1410 Patch Antenna Integrated Patch 5.8 GHz UNII-3 Patch antenna. When the captured antenna version is ordered, this antenna is attached to the BR1410 bridge and provides for an integrated solution with exceptional gain. The antenna is not compatible with other Cisco Aironet radio products operating in the 5 GHz frequency band. 22.5 dBi Integrated AP 1550 Antenna Omnidirectional 802.11n antenna package for both 2.4 GHz and 5 GHz When the integrate antenna version is ordered, this antenna is attached to the Access Point and provides omnidirectional coverage in a low-profile package. No connectors are offered for additional external antennas. 2.4 GHz: 4 dBi 5 Ghz: 3 dBi Cisco Aironet Cable Descriptions Table 12 below defines the cables available for interconnecting the antennas and the radio devices for the Cisco Aironet product line. Table 12. Cisco Cables Cisco Part Number Type of Cable Description Loss at 2.4 GHz Loss at 5.8 GHz AIR-CAB005LL-N Interconnect 5-ft low loss cable, one straight N connector, one 90-degree N connector 0.5 dB 0.8 dB AIR-CAB005LL-R Interconnect 5-ft low loss cable, one RP-TNC plug, one RP-TNC jack 0.5 dB 0.8 dB AIR-CAB010LL-N Interconnect 10-ft low loss cable, one straight N connector, one 90-degree N connector 0.9 dB 1.5 dB AIR-CAB020LL-R Interconnect 20-ft low loss cable, one RP-TNC plug, one RP-TNC jack 1.3 dB 2.5 dB AIR-CAB050LL-R Interconnect 50-ft low loss cable, one RP-TNC plug, one RP-TNC jack 3.4 dB 5.75 dB AIR-CAB100ULL-R Interconnect 100-ft ultra low loss cable, one RP-TNC plug, one RP-TNC jack 4.4 dB 7.25 dB AIR-CAB150ULL-R Interconnect 150-ft ultra low loss cable, one RP-TNC plug, one RP-TNC jack 6.6 dB 11 dB AIR-ACC2537-060 Bulkhead Extender 5-ft (60 inches) RG-58 type cable with one RP-TNC plug and one RP-TNC jack 2 dB 3 dB Table 13. Accessories Cisco Part Number Name Description AIR-ACC2662 Yagi Articulating Mount This mount permits the Yagi antenna to be mounted to a flat surface or a mast, and then be adjusted in both horizontal and vertical angles. AIR-ACC245LA-R Lightning Arrestor Supports both 2.4 GHz and 5 GHz operation. Provides lightning and related energy surges at the antenna from reaching the radio circuitry. A ground ring is included. Cisco Aironet Antenna Specifications The following section provides detailed descriptions, including physical and electrical specifications for the antennas offered by Cisco for the Cisco Aironet product line. Full detailed installation guides for each antenna can be found at the following: http://www.cisco.com/en/US/products/hw/wireless/ps469/prod_installation_guides_list.html© 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 21 of 73 2.2 dBi Dipole AIR-AT2422DB-R=/AIR-ANT4941 Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.484 GHz VSWR Less than 2:1 Power 5 watts Gain 2.2 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 65 degrees Antenna Connector RP-TNC Cable Length none Dimensions 5.5 in. Mounting To RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 22 of 73 2.2 dBi Dipole AIR-ANT2422DW-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.484 GHz VSWR Less than 2:1 Power 5 watts Gain 2.2 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 65 degrees Antenna Connector RP-TNC Cable Length None Dimensions 5.5 in. Mounting To RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 23 of 73 2.2 dBi Dipole AIR-ANT2422DG-R Dimensions And Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.484 GHz VSWR Less than 2:1 Power 5 watts Gain 2.2 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 65 degrees Antenna Connector RP-TNC Cable Length None Dimensions 3.9 in. Mounting To RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 24 of 73 2.2 dBi Monopole AIR-ANT2422SDW-R Dimensions And Mounting Specifications Azimuth and Elevation Plane Radiation Pattern Frequency Range 2400 - 2500 MHz VSWR Less than 2:1 Gain 2.2 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 50 degrees Antenna Connector RP-TNC Cable Length None Dimensions 1.7 in. Mounting To RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 25 of 73 5 dBi Sector AIR-ANT2450S-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.5 GHz VSWR 1.5 or less Gain 5.0 dBi Polarization Linear vertical Azimuth 3dB Beamwidth 135 degrees Elevations 3dB Beamwidth 54 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 6 x 3 x 2 in (15.2 x 7.6 x 5 cm) Mounting Wall Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 26 of 73 5.2 dBi Ceiling Mount Omnidirectional AIR-ANT1728 Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.83 GHz VSWR Less than 2:1, 1.5:1 Nominal Gain 5.2 dBi Polarization Vertical Azimuth 3dB Beamwidth Omnidirectional 360 degrees Elevations Plan (3dB Beamwidth) 36 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 m) Dimensions 11.25 in. x 1 in. (28.57 cm x 2.54) Mounting Drop ceiling cross member - indoor only © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 27 of 73 5.2 dBi Mast Mount Omnidirectional AIR-ANT2506 Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.83 GHz VSWR Less than 2:1, 1.5:1 Nominal Gain 5.2 dBi Polarization Vertical Azimuth 3dB Beamwidth Omnidirectional 360 degrees Elevations Plan (3dB Beamwidth) 36 degrees Antenna Connector RP-TNC Cable Length 3 ft (91 m) Dimensions 11.5 in. x 1.125 in. (29.21 cm x 2.85 cm) Mounting Mast mount - indoor/outdoor © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 28 of 73 6 dBi Wall Mount Directional AIR-ANT2460P-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.5 GHz VSWR Less than 2:1 Gain 6 dBi Polarization Vertical Azimuth 3dB Beamwidth 75 degrees Elevation Plan (3dB Beamwidth) 73 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 4.1 in. x 3.9 in. x .75 in. (10.41 cm x 9.90 cm x 1.90 cm) Mounting Wall Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 29 of 73 8.5 dBi Wall Mount AIR-ANT2485P-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.5 GHz VSWR 2:1 Max, 1.5:1 Nominal Gain 8.5 dBi Polarization Vertical Azimuth 3dB Beamwidth 66 degrees Elevations 3dB Beamwidth 56 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 5.3 in. x 5.3 in. x .90 in. (13.5 cm x 13.5 cm x 2.2 cm) Mounting Wall Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 30 of 73 10 dBi Wall/Mast Mount YAGI AIR-ANT2410Y-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.483 GHz VSWR Less than 2:1 Gain 10 dBi Polarization Vertical Azimuth 3dB Beamwidth 55 degrees Elevations Plan 3dB Beamwidth 47 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 3 in. x 7.25 in. (7.62 cm x 18.42 cm) Mounting Wall/Mast Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 31 of 73 12 dBi Mast Mount Omnidirectional AIR-ANT24120 Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2400-2500 MHz VSWR 1.5:1 Gain 12 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omnidirectional 360 degrees Elevation (3dB Beamwidth) 7 degrees Antenna Connector RP-TNC Cable Length 1 ft. (30.48 cm) Dimensions 42 in. x 1.25 in. (106.68 cm x 3.17 cm) Wind Rating 125 MPH Mounting Mast Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 32 of 73 13.5 dBi Mast/Wall Mount YAGI AIR-ANT1949 Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.83 GHz VSWR Less than 2:1, 1.5:1 Nominal Gain 13.5 dBi Front to Back Ratio Greater than 25 dB Polarization Vertical Azimuth 3dB Beamwidth 30 degrees Elevations 3dB Beamwidth 25 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 18 in. x 3 in. (45.72 cm x 7.62 cm) Wind Rating 110 MPH Mounting Mast/Wall Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 33 of 73 14 dBi Mast Mount Sector AIR-ANT2414S-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.5 GHz VSWR 1.5:1 Gain 14 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth 90 degrees Elevations 3dB Beamwidth 8.5 degrees Antenna Connector RP-TNC Cable Length 5 ft. (152.4 cm) Dimensions 36 in. x 6 in. x 4 in. (91.44 cm x 15.24 cm x 10.16 cm) Mounting Mast Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 34 of 73 21 dBi Mast Mount Parabolic Dish AIR-ANT3338 Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.83 GHz VSWR Less than 1.8:1, 15:1 Nominal Power 5 watts Gain 21 dBi Front to Back Ratio Greater than 25 dB Maximum Side Lobe -17 dB Polarization Vertical Azimuth 3dB Beamwidth 12 degrees Elevation 3dB Beamwidth 12 degrees Antenna Connector RP-TNC Cable Length 2 ft. (60.96 cm) Dimensions 24 in. x 15.5 in. (60.96 cm x 39.37 cm) Wind Rating 110 MPH Mounting Mast Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 35 of 73 2 dBi Omnidirectional, 2 element AIR-ANT24020V-R= Dimensions and Mounting Specifications Left Antenna Patterns Right Antenna Patterns Frequency Range 2.4-2.5 GHz VSWR 1.5:1 Gain 2.2 dBi Polarization Vertical Azimuth 3dB Beamwidth 360 degrees Elevations Plan (3dB Beamwidth) 97 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 6.9 in. x 3 in. x .90 in. (17.5 cm x 7.6 cm x 2.5 cm) Mounting Ceiling Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 36 of 73 5.2 dBi Wall Mount AIR-ANT2452V-R Dimensions and Mounting Specifications Left Antenna Patterns Right Antenna Patterns Frequency Range 2.4-2.5 GHz VSWR < 2:1 Gain 5 dBi Polarization Vertical Azimuth 3dB Beamwidth 360 degrees Elevations Plan (3dB Beamwidth) 27 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 11 in. x 5 in. x 1 in. (27.2 cm x 12.7 cm x 2.5 cm) Mounting Wall Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 37 of 73 6.5 dBi Wall Mount AIR-ANT2465P-R Dimensions and Mounting Specifications Left Antenna Patterns Right Antenna Patterns Frequency Range 2.4-2.5 GHz VSWR 1.7:1 Nominal Gain 6.5 dBi Polarization Vertical Azimuth 3dB Beamwidth 75 degrees Elevations Plan (3dB Beamwidth) 57 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 5 in. x 6.7 in. x .90 in. (12.7 cm x 17.0 cm x 2.2 cm) Mounting Wall Mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 38 of 73 Omnidirectional, 3 element Ceiling Mount AIR-ANT2430V-R= Antenna A Radiation Pattern Antenna B Radiation Pattern Antenna C Radiation Pattern Frequency Range 2402 - 2485 MHz; VSWR 2:1 Gain 3 dBi Polarization Linear Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth 60 Antenna Connector (3) RP-TNC male Cable Length 36 in (91.4 cm) plenum rated Dimensions 12.1in . x 4.2 in x 1.6 in (30.7 cm x 10.6cm x 4.0 cm) Mounting Ceiling © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 39 of 73 Omnidirectional, 3 element Wall Mount AIR-ANT2440NV-R= Antenna A Radiation Pattern Antenna B Radiation Pattern Antenna C Radiation Pattern Frequency Range 2402 - 2484 MHz; VSWR 2:1 Gain 4 dBi Polarization Linear Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth 36 Antenna Connector (3) RP-TNC male Cable Length 36 in (91.4 cm) plenum rated Dimensions 8.6 in x 6.3 in dia. (21.8 cm x 16 cm dia.) Mounting Wall mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 40 of 73 6 dBi Patch, 3 element Wall Mount AIR-ANT2460NP-R= Antenna A Radiation Pattern Antenna B Radiation Pattern Antenna C Radiation Pattern Frequency Range 2402 - 2484 MHz; VSWR 2:1 Gain 6 dBi Polarization Linear Azimuth 3dB Beamwidth 80 degrees Elevations 3dB Beamwidth 75 degrees Antenna Connector (3) RP-TNC male Cable Length 36 in (91.4 cm) plenum rated Dimensions 5.8 in x 11.25 in x 1.13 in (14.7 cm x 28.6 cm x 2.9 cm) Mounting Wall mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 41 of 73 3.5 dBi Dipole AIR-ANT5135D-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.15-5.85 GHz VSWR 2:1 or better Gain 3.5 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 40 degrees Antenna Connector RP-TNC Cable Length none Dimensions 5.3 in. (13.46 cm) Mounting RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 42 of 73 3.5 dBi Dipole AIR-ANT5135DW-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.15-5.85 GHz VSWR 2:1 or better Gain 3.5 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 40 degrees Antenna Connector RP-TNC Cable Length none Dimensions 5.3 in. (13.46 cm) Mounting RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 43 of 73 3.5 dBi Dipole AIR-ANT5135DG-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.15-5.85 GHz VSWR 2:1 or better Gain 3.5 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 40 degrees Antenna Connector RP-TNC Cable Length none Dimensions 3.6 in. (9.14 cm) Mounting RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 44 of 73 2.2 dBi Monopole AIR-ANT5135SDW-R Dimensions And Mounting Specifications Azimuth and Elevation Plane Radiation Pattern Frequency Range 5150 - 5850 MHz VSWR Less than 2:1 Gain 2.2 dBi Polarization Linear Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 40 degrees Antenna Connector RP-TNC Cable Length None Dimensions 1.7 in. Mounting To RP-TNC Connector © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 45 of 73 6 dBi Omnidirectional AIR-ANT5160V-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.15-5.85 GHz VSWR 2:1 or better Gain 6 dBi Polarization Vertical Azimuth 3dB Beamwidth Omnidirectional 360 degrees Elevation 3dB Beamwidth 17 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 12 in. x 1 in. (30.48 cm x 2.54 cm) © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 46 of 73 9.5 dBi Patch Wall or Articulating Mast Mount AIR-ANT5195P-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.1-5.8 GHz VSWR 2:1 or better Gain 9.5 dBi Polarization Linear and vertical Azimuth Plane 50 degrees Elevation Plane 43 degrees Connectors RP-TNC Cable Length 3 ft. (91 cm) Dimensions 5.1 in. x 5.1 in. x 1.0 in. (12.9 cm x 12.9 cm x 2.5 cm) Mounting Wall mount or articulating mast mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 47 of 73 4.5 dBi Diversity Omnidirectional AIR-ANT5145V-R Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.15-5.85 GHz VSWR 2:1 or better Gain 4.5 dBi Polarization Linear Azimuth 3dB Beamwidth Diversity Omnidirectional Elevations 3dB Beamwidth 50 degrees Antenna Connector RP-TNC Cable Length 3 ft. (91 cm) Dimensions 6.75 in. x 4.1 in. x 1 in. (17.15 cm x 10.41 x 2.54 cm) Mounting Drop ceiling cross member mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 48 of 73 7 dBi Diversity Patch Wall Mount AIR-ANT5170P-R Dimensions and Mounting Specifications Left Antenna Radiation Pattern Right Antenna Radiation Pattern Frequency Range 5.1-5.8 GHz VSWR 2:1 or better Gain 7 dBi Polarization Linear and vertical Azimuth Plane 70 degrees Elevation Plane 50 degrees Connectors RP-TNC Cable Length 3 ft. (91 cm) Dimensions 5.7 in x 4.3 in. x 0.7 in. (14.5 cm x 10.9 cm x 1.8 cm) Mounting Wall mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 49 of 73 Omnidirectional, 3 element Ceiling Mount AIR-ANT5140V-R= Antenna A Radiation Pattern Antenna B Radiation Pattern Antenna C Radiation Pattern Frequency Range 4900 - 5850 MHz VSWR 1.5:1 Gain 4 dBi Polarization Linear Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth 45 degrees Antenna Connector (3) RP-TNC male Cable Length 36 in (91.4 cm) plenum rated Dimensions 6.9 in . x 3 in x 1 in (17.5 cm x 7.6cm x 2.5 cm) Mounting Ceiling © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 50 of 73 Omnidirectional, 3 element Wall Mount AIR-ANT5140NV-R= Antenna A Radiation Pattern Antenna B Radiation Pattern Antenna C Radiation Pattern Frequency Range 5150 - 5850 MHz VSWR 2:1 Gain 4 dBi Polarization Linear Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth 36 Antenna Connector (3) RP-TNC male Cable Length 36 in (91.4 cm) plenum rated Dimensions 8.6in x 6.3 in dia. (21.8 cm dia x 16 cm dia.) Mounting Wall mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 51 of 73 6 dBi Patch, 3 element Wall Mount AIR-ANT5160NP-R= Antenna A Radiation Pattern Antenna B Radiation Pattern Antenna C Radiation Pattern Frequency Range 5150 - 5850 MHz VSWR 2:1 Gain 6 dBi Polarization Linear Azimuth 3dB Beamwidth 65 degrees Elevations 3dB Beamwidth 65 degrees Antenna Connector (3) RP-TNC male Cable Length 36 in (91.4 cm) plenum rated Dimensions 4 in x 7 in x 1 in (10.2 cm x 17.8 cm x 2.5 cm) Mounting Wall mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 52 of 73 Dual Band Ceiling Mount Omnidirectional, 2 element AIR-ANT2451V-R= Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.5 GHz; 5.1-5.8GHz VSWR 2:1 Gain ? 2 dBi in 2.4 GHz ? 3 dBi in 5 GHz Polarization Linear Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth ? 80 degrees in 2.4 GHz ? 50 degrees in 5 GHz Antenna Connector (4) Right angle RP-TNC male Cable Length 18in (45.7 cm) plenum rated Dimensions 8.5 in. x 6 in. x .93 in (21.5 cm x 15.2 cm x 2.4cm) Mounting Ceiling © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 53 of 73 Dual Band Ceiling Mount Omnidirectional, 3 element AIR-ANT2451NV-R= 2.4 GHz Radiation Pattern 2.4 GHz Radiation Pattern 2.4 GHz Radiation Pattern 5 GHz Radiation Pattern 5 GHz Radiation Pattern 5 GHz Radiation Pattern Frequency Range 2.400 - 2.500 GHz; 5.150 - 5.850 GHz VSWR 2:1 Gain ? 2.5 dBi in 2.4 GHz ? 3.5 dBi in 5 GHz Polarization Linear Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth ? 63 degrees in 2.4 GHz ? 55 degrees in 5 GHz Antenna Connector (6) Right angle RP-TNC male Cable Length 36 in (91.4 cm) plenum rated Dimensions 8.6 in dia. x 1.8 in (21.8 cm x 4.6cm) Mounting Ceiling © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 54 of 73 Dual Band Patch Antenna AIR-ANT25137NP-R= 2.4 GHz, 4 dBi Azimuth Plane Radiation Pattern 5 GHz, 3 dBi Azimuth Plane Radiation Pattern 2.4 GHz, 4 dBi Elevation Plane Radiation Pattern 5 GHz, 3 dBi Elevation Plane Radiation Pattern Frequency Range ? 2.4-2.5GHz ? 5.15-5.85 GHz Gain ? 2.4 GHz: 13 dBi ? 5 GHz: 7 dBi Polarization Cable A = Horizontal, Cables B and C = Vertical Azimuth 3dB Beamwidth 2.4 GHz = 36 degrees 5 GHz = 55 degrees Elevations 3dB Beamwidth 2.4 GHz = 36 degrees 5 GHz = 48 degrees Antenna Connector RP-TNC Mounting Integrated Dimensions (w/out mount) 18 in x 13 in x 2 in (45.7 cm x 33 cm x 5.1 cm) Antenna Type MIMO Patch Array © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 55 of 73 2 dBi Direct Mount Omnidirectional AIR-ANT2420V-N Dimensions and Mounting Specifications Frequency Range 2.4-2.5 GHz VSWR <2:1 Gain 2 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth TBD degrees Antenna Connector N-male Cable Length none Dimensions 5 in. x 1 in. (12.7 cm x 2.54 cm) Mounting Direct Mount Wind Rating (Operational) 125 mph Wind Rating (Survival) 165 mph © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 56 of 73 5 dBi Direct Mount Omnidirectional AIR-ANT2450V-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.5 GHz VSWR 1:7:1 Gain 5dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth 30 degrees Antenna Connector N-male Cable Length none Dimensions 11 in. x 1 in. (27.93 cm x 2.54 cm) Mounting Direct Mount Wind Rating (Operational) 125 mph Wind Rating (Survival) 165 mph © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 57 of 73 5.5 dBi Omnidirectional AIR-ANT2455V-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.83 GHz VSWR 2:1 or better Gain 5.5 dBi Polarization Linear Azimuth Plane Omnidirectional Elevation Plane 25 degrees Connectors N Cable Length none Dimensions 12.5 in. x 1 in. (31.75 cm x 2.54 cm) Mounting Direct mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 58 of 73 8 dBi Omnidirectional AIR-ANT2480V-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.5 GHz VSWR 1:6:1 Gain 8 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth 10 degrees Elevations Plan (3dB Beamwidth) Omnidirectional Antenna Connector N-male Cable Length none Dimensions 19.5 in. x 7/8 in. (49.52 cm x 2.22 cm) Mounting Direct Mount Wind Rating (operational) 100 mph Wind Rating (survival) 165 mph © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 59 of 73 4 dBi Direct Mount Omnidirectional AIR-ANT5140V-N Dimensions and Mounting Specifications Frequency Range 5.25 - 5.875 GHz VSWR <2:1 Gain 4 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth TBD degrees Antenna Connector N-male Cable Length none Dimensions 5 in. x 1 in. (12.7 cm x 2.54 cm) Mounting Direct Mount Wind Rating (Operational) 125 mph Wind Rating (Survival) 165 mph © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 60 of 73 7.5 dBi Omnidirectional AIR-ANT5175V-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 4.9-5.8 GHz VSWR 2:1 or better Gain 7.5 dBi for 5GHz bands. 6 dBi for 4.9GHz bands. Polarization Linear Azimuth Plane Omnidirectional Elevation Plane 16 degrees Connectors N Cable Length 1 ft. (0.30 m) Dimensions 11.65 in. x 1 in. (29.5 cm x 2.54 cm) Mounting Direct mount © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 61 of 73 8 dBi Direct Mount Omnidirectional AIR-ANT5180V-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 4.9-5.85 GHz VSWR 1:7:1 Gain 8 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omnidirectional Elevations Plane (3dB Beamwidth) 16 degrees Antenna Connector N-male Cable Length none Dimensions 11 in. x 1 in. (27.93 cm x 2.54 cm) Mounting Direct Mount Wind Rating (operational) 125 mph Wind Rating (survival) 165 mph © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 62 of 73 9 dBi MAST Mount Omnidirectional AIR-ANT58G9VOA-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.725-5.825 GHz Antenna Connector N-Male VSWR 1.5:1 Nominal Maximum Power 4 watts Gain 9 dBi Polarization Vertical Dimensions 20.25 in x .64 in. Cable Length 4.9 ft. (1.5 m) Mounting 1.5-2.5 in. Mast mount Azimuth 3dB Beamwidth Omnidirectional Wind Speed (operational) 100 MPH Elevations Plan (3dB Beamwidth) 6 degrees Wind Speed (survival) 125 MPH Beamtilt © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 63 of 73 9.5 dBi Mast Mount Sector AIR-ANT58G10SSA-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.725-5.825 GHz VSWR 1.5:1 Nominal Gain 9.5 dBi Polarization H or V Azimuth 3dB Beamwidth 60 degrees Elevations Plan (3dB Beamwidth) 60 degrees Antenna Connector N-Male Dimensions 4.9 ft. (1.5 m) Maximum Power 4 watts Temperature (Operating) -20°F Min, +60°C Max Mounting 1.5-2.5 in. Mast mount Wind Speed (Operational) 100 MPH Wind Speed (Survival) 125 MPH © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 64 of 73 14 dBi Patch AIR-ANT5114P-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 4.9-5.85 GHz VSWR 2:1 Gain ? 4.9-5.4 GHz: 13 dBi ? 5.4-5.85 GHz: 14 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth 25 degrees Elevations Plane (3dB Beamwidth) 29 degrees Antenna Connector N-female Cable Length 1 ft. (0.30 m) Dimensions 4 1/8 in. x 4 1/8 in. (1.27 cm x 1.27 cm) Mounting Wall or mast © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 65 of 73 17 dBi Sector AIR-ANT5117S-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 4.9-5.85 GHz VSWR 2:1 Gain 17 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth 90 degrees Elevations Plane (3dB Beamwidth) 8 degrees Antenna Connector N-female Cable Length None Dimensions 24 1/2 in. x 2 1/2 in. (30.48 cm x 2.54 cm) Mounting Mast mount Wind Rating (Operational) 125 mph Wind Rating (Survival) 165 mph © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 66 of 73 28 dBi Mast Mount Dish - 5.8 GHz AIR-ANT58G28SDA-N Dimensions and Mounting Specifications Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.725-5.825 GHz Wind Speed (survival) 125 MPH VSWR 1.5:1 Nominal Antenna Connector N-Male Dimensions 4.9 ft (1.5 m) Gain 28 dBi Maximum Power 4 watts Polarization V or H Azimuth 3dB Beamwidth 4.75 degrees Mounting 1.5-2.5 in. Mast mount Elevations Plan (3dB BW) 4.75 degrees Wind Speed (operational) 100 MPH Dimensions 29 in. Diameter © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 67 of 73 Dual Band Omnidirectional AIR-ANT2547V-N= 2.4 GHz Azimuth Plane Radiation Pattern 2.4 GHz Elevation Plane Radiation Pattern 5 GHz Azimuth Plane Radiation Pattern 5 GHz Elevation Plane Radiation Pattern Frequency Range 2400-2483 MHz 5150 - 5875 MHz VSWR 2:1 Gain ? 4 dBi in 2.4 GHz ? 7 dBi in 5 GHz Polarization Linear, vertical Azimuth 3dB Beamwidth Omni Elevations 3dB Beamwidth ? 30 degrees in 2.4 GHz ? 14 degrees in 5 GHz Antenna Connector N-type male Cable Length none Dimensions 11.1 in. x 1.25 in.dia. (28.2 cm x 3.2 cm dia) Mounting Direct mount Wind Rating (operational) 100 mph (161 km/h) Wind Rating (survival) 165 mph (265 km/h) © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 68 of 73 Cisco Aironet 1130 Series Integrated Antenna 2.4 GHz, 3 dBi Azimuth Plane Radiation Pattern 5 GHz, 4.5 dBi Azimuth Plane Radiation Pattern 2.4 GHz, 3 dBi Elevation Plane Radiation Pattern 5 GHz, 4.5 dBi Elevation Plane Radiation Pattern Frequency Range ? 2.4-2.5GHz ? 5.15-5.8 GHz Gain ? 2.4 GHz: 3 dBi ? 5 GHz: 4.5 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 50 degrees Antenna Connector Integrated Mounting Integrated Antenna Type Omnidirectional © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 69 of 73 Cisco Aironet 1040, 1140, 3500i Series Integrated Antennas * 2.4 GHz, 4 dBi Azimuth Plane Radiation Pattern 5 GHz, 3 dBi Azimuth Plane Radiation Pattern 2.4 GHz, 4 dBi Elevation Plane Radiation Pattern 5 GHz, 3 dBi Elevation Plane Radiation Pattern Frequency Range ? 2.4-2.5GHz ? 5.15-5.85 GHz Gain ? 2.4 GHz: 4 dBi ? 5 GHz: 3 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 2.4 GHz = 120 degrees, 5 GHz = 120 degrees Antenna Connector Integrated Mounting Integrated Antenna Type Omnidirectional Note: Same integrated antennas used on these devices but AP-1040 only has two elements per band © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 70 of 73 Cisco Aironet OEAP600 Series Integrated Antenna 2.4 GHz, 4 dBi Azimuth Plane Radiation Pattern 5 GHz, 3 dBi Azimuth Plane Radiation Pattern 2.4 GHz, 4 dBi Elevation Plane Radiation Pattern 5 GHz, 3 dBi Elevation Plane Radiation Pattern Frequency Range ? 2.4-2.5GHz ? 5.15-5.85 GHz Gain ? 2.4 GHz: 2 dBi ? 5 GHz: 2 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 2.4 GHz = 120 degrees, 5 GHz = 120 degrees Antenna Connector Integrated Mounting Integrated Antenna Type Omnidirectional © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 71 of 73 Cisco Aironet 1300 Series Integrated Antenna Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 2.4-2.83 GHz Antenna Type 2 x 2 Patch Array Gain 13 dBi Polarization Linear Vertical VSWR 1.5:1 VSWR Nominal E-Plane 3 dB Beamwidth 36 degrees H-Plane 3 dB Beamwidth 38 degrees © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 72 of 73 Cisco Aironet 1400 Series Integrated Antenna Azimuth Plane Radiation Pattern Elevation Plane Radiation Pattern Frequency Range 5.725 to 5.825 GHz Antenna Type Patch Array Gain 22.5 dBi Polarization Linear Vertical VSWR 1.5:1 VSWR Nominal E-Plane 3 dB Beamwidth 10 degrees H-Plane 3 dB Beamwidth 12 degrees © 2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 73 of 73 Cisco Aironet 1550 Series Integrated Antenna 2.4 GHz, 4 dBi Azimuth Plane Radiation Pattern 5 GHz, 3 dBi Azimuth Plane Radiation Pattern 2.4 GHz, 4 dBi Elevation Plane Radiation Pattern 5 GHz, 3 dBi Elevation Plane Radiation Pattern Frequency Range ? 2.4-2.5GHz ? 5.15-5.85 GHz Gain ? 2.4 GHz: 4 dBi ? 5 GHz: 3 dBi Polarization Linear, Vertical Azimuth 3dB Beamwidth Omnidirectional Elevations 3dB Beamwidth 2.4 GHz = 120 degrees, 5 GHz = 120 degrees Antenna Connector Integrated Mounting Integrated Antenna Type Omnidirectional Printed in USA C07-60002-16 06/11 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Cisco SAFE Reference Guide Cisco Validated Design Revised: July 8, 2010, OL-19523-01 Text Part Number: OL-19523-01Cisco Validated Design The CVD program consists of systems and solutions designed, tested, and documented to facilitate faster, more reliable, and more predictable customer deployments. For more information visit www.cisco.com/go/designzone. ALL DESIGNS, SPECIFICATIONS, STATEMENTS, INFORMATION, AND RECOMMENDATIONS (COLLECTIVELY, "DESIGNS") IN THIS MANUAL ARE PRESENTED "AS IS," WITH ALL FAULTS. CISCO AND ITS SUPPLIERS DISCLAIM ALL WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THE DESIGNS, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE DESIGNS ARE SUBJECT TO CHANGE WITHOUT NOTICE. USERS ARE SOLELY RESPONSIBLE FOR THEIR APPLICATION OF THE DESIGNS. THE DESIGNS DO NOT CONSTITUTE THE TECHNICAL OR OTHER PROFESSIONAL ADVICE OF CISCO, ITS SUPPLIERS OR PARTNERS. USERS SHOULD CONSULT THEIR OWN TECHNICAL ADVISORS BEFORE IMPLEMENTING THE DESIGNS. RESULTS MAY VARY DEPENDING ON FACTORS NOT TESTED BY CISCO. CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0809R) Cisco SAFE Reference Guide © 2009 Cisco Systems, Inc. All rights reserved.iii Cisco SAFE Reference Guide OL-19523-01 C O N T E N T S Preface i-i C H A P T E R 1 SAFE Overview 1-1 Executive Summary 1-1 SAFE Introduction 1-2 Cisco Security Control Framework (SCF) 1-2 Architecture Lifecycle 1-3 SAFE Architecture 1-5 Architecture Principles 1-5 SAFE Axioms 1-6 SAFE Design Blueprint 1-10 Enterprise Core 1-12 Intranet Data Center 1-12 Enterprise Campus 1-13 Enterprise Internet Edge 1-13 Enterprise WAN Edge 1-14 Enterprise Branch 1-14 Management 1-14 C H A P T E R 2 Network Foundation Protection 2-1 Key Threats in the Infrastructure 2-1 Infrastructure Device Access Best Practices 2-2 Protect Local Passwords 2-2 Implement Notification Banners 2-3 Enforce Authentication, Authorization and Accounting (AAA) 2-4 Secure Administrative Access 2-6 Routing Infrastructure Best Practices 2-8 Restrict Routing Protocol Membership 2-8 Control Route Propagation 2-10 Logging of Status Changes 2-11 Device Resiliency and Survivability Best Practices 2-12 Disable Unnecessary Services 2-12 Infrastructure Protection ACLs (iACLs) 2-14Contents iv Cisco SAFE Reference Guide OL-19523-01 Control Plane Policing (CoPP) 2-14 Port Security 2-15 Redundancy 2-16 Network Telemetry Best Practices 2-16 Time Synchronization (NTP) 2-17 NTP Design for Remote Offices 2-17 NTP Design at the Headquarters 2-18 Local Device Traffic Statistics 2-20 Per-Interface Statistics 2-20 Per-Interface IP Feature Information 2-20 Global IP Traffic Statistics 2-21 System Status Information 2-21 Memory, CPU and Processes 2-21 Memory and CPU Threshold Notifications 2-22 System Logging (Syslog) 2-22 SNMP 2-23 Network Policy Enforcement Best Practices 2-24 Access Edge Filtering 2-24 IP Spoofing Protection 2-24 Switching Infrastructure Best Practices 2-25 Restrict Broadcast Domains 2-26 Spanning Tree Protocol Security 2-26 Port Security 2-27 VLAN Best Common Practices 2-27 Threats Mitigated in the Infrastructure 2-28 C H A P T E R 3 Enterprise Core 3-1 Key Threats in the Core 3-1 Enterprise Core Design 3-1 Design Guidelines for the Core 3-2 Threats Mitigated in the Core 3-3 C H A P T E R 4 Intranet Data Center 4-1 Key Threats in the Intranet Data Center 4-3 Data Center Design 4-3 Data Center Core 4-4 IP Routing Design and Recommendations 4-5 Data Center Aggregation Layer 4-6Contents v Cisco SAFE Reference Guide OL-19523-01 IP Routing Design and Recommendations 4-7 Aggregation Layer and Firewalls 4-9 Leveraging Device Virtualization to Integrate Security 4-9 Virtual Context Details 4-10 Deployment Recommendations 4-12 Caveats 4-13 Services Layer 4-13 Server Load Balancing 4-14 Application Control Engine 4-14 Web Application Security 4-15 Web Application Firewall 4-15 Cisco ACE and Web Application Firewall Deployment 4-16 IPS Deployment 4-18 Caveats 4-20 Cisco ACE, Cisco ACE Web Application Firewall, Cisco IPS Traffic Flows 4-21 Access Layer 4-23 Recommendations 4-23 Virtual Access Layer 4-24 Server Virtualization and Network Security 4-24 Policy Enforcement 4-26 Visibility 4-27 Isolation 4-30 Endpoint Security 4-33 Infrastructure Security Recommendations 4-33 Attack Prevention and Event Correlation Examples 4-34 Virtual Context on ASA for ORACLE DB Protection 4-34 Web Application Firewall Preventing Application Attacks 4-35 Using Cisco ACE and Cisco ACE WAF to Maintain Real Client IP Address as Source in Server Logs 4-37 Using IDS for VM-to-VM Traffic Visibility 4-40 Using IDS and Cisco Security MARS for VM Traffic Visibility 4-41 Alternative Design 4-42 Threats Mitigated in the Intranet Data Center 4-44 C H A P T E R 5 Enterprise Campus 5-1 Key Threats in the Campus 5-2 Enterprise Campus Design 5-2 Multi-Tier 5-4 Virtual Switch System (VSS) 5-6Contents vi Cisco SAFE Reference Guide OL-19523-01 Routed Access 5-7 Campus Access Layer 5-8 Campus Access Layer Design Guidelines 5-9 Endpoint Protection 5-9 Access Security Best Practices 5-10 Campus Distribution Layer 5-16 Campus Distribution Layer Design Guidelines 5-18 Campus IPS Design 5-18 Campus Distribution Layer Infrastructure Security 5-19 Campus Services Block 5-21 Network Access Control in the Campus 5-22 Cisco Identity-Based Networking Services 5-23 Deployment Considerations 5-23 Deployment Best Practices 5-28 NAC Appliance 5-33 Deployment Considerations 5-34 Deployment Best Practices 5-36 NAC Operation and Traffic Flow 5-42 NAC Profiler 5-45 Deployment Best Practices 5-46 Threat Mitigated in the Enterprise Campus 5-50 C H A P T E R 6 Enterprise Internet Edge 6-1 Key Threats in Internet Edge 6-3 Design Guidelines for the Enterprise Internet Edge 6-3 Edge Distribution Layer 6-5 Design Guidelines and Best Practices 6-5 Infrastructure Protection Best Practices 6-6 Internet Edge Cisco IPS Design Best Practices 6-6 Corporate Access/DMZ Block 6-8 Design Guidelines for Corporate Access/DMZ Block 6-9 E-mail and Web Security 6-15 IronPort SensorBase 6-16 Web Security Appliance Best Practices 6-17 The E-mail Security Appliance 6-21 E-mail Data Flow 6-22 Redundancy and Load Balancing of an E-mail Security Appliance 6-23 Best Practices and Configuration Guidelines for ESA Implementation 6-24Contents vii Cisco SAFE Reference Guide OL-19523-01 Service Provider Block 6-27 Design Guidelines and Best Practices for the SP Edge Block 6-28 Security Features for BGP 6-29 Infrastructure ACL Implementation 6-33 Remote Access Block 6-34 Design Guidelines for the Remote Access Block 6-35 Threats Mitigated in the Internet Edge 6-38 C H A P T E R 7 Enterprise WAN Edge 7-1 Key Threats in the Enterprise WAN Edge 7-3 WAN Edge Aggregation 7-4 Design Guidelines for the WAN Edge Aggregation 7-5 Secure WAN Connectivity in the WAN Edge 7-5 Technology Options 7-6 Routing Security in the WAN Edge Aggregation 7-7 Design Considerations 7-9 Service Resiliency in the WAN Edge Aggregation 7-10 IKE Call Admission Control 7-11 QoS in the WAN Edge 7-11 Network Policy Enforcement in the WAN Edge Aggregation 7-13 Design Considerations 7-13 WAN Edge ACLs 7-14 Firewall Integration in the WAN Edge 7-15 uRPF on the WAN Edge 7-15 Secure Device Access in the WAN Edge Aggregation 7-15 Telemetry in the WAN Edge Aggregation 7-16 Design Considerations 7-17 NetFlow on the WAN Edge 7-17 WAN Edge Distribution 7-18 Design Guidelines for the WAN Edge Distribution 7-19 IPS Integration in the WAN Edge Distribution 7-19 Design Considerations 7-22 Implementation Options 7-23 Routing Security in the WAN Edge Distribution 7-23 Service Resiliency in the WAN Edge Distribution 7-24 Switching Security in the WAN Edge Distribution 7-25 Secure Device Access in the WAN Edge Distribution 7-25 Telemetry in the WAN Edge Distribution 7-26 Design Considerations 7-26Contents viii Cisco SAFE Reference Guide OL-19523-01 Threats Mitigated in the Enterprise WAN Edge 7-27 C H A P T E R 8 Enterprise Branch 8-1 Key Threats in the Enterprise Branch 8-3 Design Guidelines for the Branch 8-4 Secure WAN Connectivity in the Branch 8-4 Routing Security in the Branch 8-5 Design Considerations 8-7 Service Resiliency in the Branch 8-8 QoS in the Branch 8-9 Design Considerations 8-11 Network Policy Enforcement in the Branch 8-11 Additional Security Technologies 8-12 Design Considerations 8-12 WAN Edge ACLs 8-12 Access Edge iACLs 8-13 Design Considerations 8-14 Firewall Integration in the Branch 8-14 IOS Zone-based Firewall (ZBFW) Integration in a Branch 8-14 Design Considerations 8-16 ASA Integration in a Branch 8-17 IPS Integration in the Branch 8-18 Design Considerations 8-19 Implementation Option 8-20 IPS Module Integration in a Cisco ISR 8-20 IPS Module Integration in a Cisco ASA 8-21 Switching Security in the Branch 8-23 Design Considerations 8-26 DHCP Protection 8-26 ARP Spoofing Protection 8-26 Endpoint Security in the Branch 8-27 Design Considerations 8-27 Complementary Technology 8-28 Secure Device Access in the Branch 8-28 Design Considerations 8-29 Telemetry in the Branch 8-29 Design Considerations 8-30 Threats Mitigated in the Enterprise Branch 8-30Contents ix Cisco SAFE Reference Guide OL-19523-01 C H A P T E R 9 Management 9-1 Key Threats in the Management Module 9-2 Management Module Deployment Best Practices 9-3 OOB Management Best Practices 9-5 IB Management Best Practices 9-6 Remote Access to the Management Network 9-9 Network Time Synchronization Design Best Practices 9-10 Management Module Infrastructure Security Best Practices 9-11 Terminal Server Hardening Considerations 9-12 Firewall Hardening Best Practices 9-13 Threats Mitigated in the Management 9-14 C H A P T E R 10 Monitoring, Analysis, and Correlation 10-1 Key Concepts 10-2 Access and Reporting IP address 10-3 Access Protocols 10-3 Reporting Protocols 10-4 Events, Sessions and Incidents 10-4 CS-MARS Monitoring and Mitigation Device Capabilities 10-5 Cisco IPS 10-5 Event Data Collected from Cisco IPS 10-5 Verify that CS-MARS Pulls Events from a Cisco IPS Device 10-5 IPS Signature Dynamic Update Settings 10-6 Cisco ASA Security Appliance 10-7 Event Data Collected from Cisco ASA 10-8 Verify that CS-MARS Pulls Events from a Cisco ASA Security Appliance 10-9 Cisco IOS 10-9 Event Data Collected from a Cisco IOS Router or Switch 10-9 Verify that CS-MARS Pulls Events from a Cisco IOS Device 10-10 Cisco Security Agent (CSA) 10-10 Verify that CS-MARS Receives Events from CSA 10-13 Cisco Secure ACS 10-14 Verify that CS-MARS Receives Events from CS-ACS 10-16 CS-MARS Design Considerations 10-17 Global/Local Architecture 10-17 CS-MARS Location 10-18 CS-MARS Sizing 10-18 Deployment Best Practices 10-19Contents x Cisco SAFE Reference Guide OL-19523-01 Network Foundation Protection (NTP) 10-19 Monitoring and Mitigation Device Selection 10-19 Cisco IPS 10-19 Cisco ASA 10-20 Cisco IOS Devices 10-22 Deployment Table 10-23 Analysis and Correlation 10-24 Network Discovery 10-24 Data Reduction 10-26 Attack Path and Topological Awareness 10-28 NetFlow 10-30 C H A P T E R 11 Threat Control and Containment 11-1 Endpoint Threat Control 11-1 Network-Based Threat Control 11-2 Network-Based Cisco IPS 11-2 Deployment Mode 11-3 Scalability and Availability 11-3 Maximum Threat Coverage 11-3 Cisco IPS Blocking and Rate Limiting 11-4 Cisco IPS Collaboration 11-4 Network-Based Firewalls 11-5 Cisco IOS Embedded Event Manager 11-5 Global Threat Mitigation 11-5 Cisco IPS Enhanced Endpoint Visibility 11-7 CSA and Cisco IPS Collaborative Architecture 11-8 Deployment Considerations 11-9 Inline Protection (IPS) and Promiscuous (IDS) Modes 11-9 One CSA-MC to Multiple Cisco IPS Sensors 11-10 One Sensor to Two CSA-MCs 11-10 Virtualization 11-10 IP Addressing 11-10 Deployment Best Practices 11-10 Cisco Security Agent MC Administrative Account 11-11 Cisco Security Agent Host History Collection 11-11 Adding CSA-MC System as a Trusted Host 11-12 Configuring Cisco IPS External Product Interface 11-13 Leveraging Endpoint Posture Information 11-14 Cisco Security Agent Watch Lists 11-16Contents xi Cisco SAFE Reference Guide OL-19523-01 Cisco IPS Event Action Override 11-17 Validating Cisco Secure Agent and Cisco IPS Integration 11-18 Unified Management and Control 11-20 CSM and CS-MARS Cross-Communication Deployment Considerations 11-22 Registering CSM with CS-MARS 11-23 Registering CS-MARS in CSM 11-24 CSM and CS-MARS Linkage Objectives 11-26 Firewall Cross Linkages 11-27 Cisco IPS Cross Linkages 11-29 Cisco IPS Event Action Filter 11-31 CSM Automatic Cisco IPS Updates 11-32 Cisco IPS Threat Identification and Mitigation 11-33 C H A P T E R 12 Cisco Security Services 12-1 Strategy and Assessments 12-2 Deployment and Migration 12-2 Remote Management 12-2 Security Intelligence 12-2 Security Optimization 12-2 A P P E N D I X A Reference Documents A-1Contents xii Cisco SAFE Reference Guide OL-19523-01i Cisco SAFE Reference Guide OL-19523-01 Preface Document Purpose This guide discusses the Cisco SAFE best practices, designs and configurations, and provides network and security engineers with the necessary information to help them succeed in designing, implementing and operating secure network infrastructures based on Cisco products and technologies. Document Audience While the target audience is technical in nature, business decision makers, senior IT leaders, and systems architects can benefit from understanding the design driving principles and fundamental security concepts. Document Organization The following table lists and briefly describes the chapters and appendices of this guide: Chapter Description Chapter 1, “SAFE Overview.” Provides high-level overview of the Cisco SAFE design. Chapter 2, “Network Foundation Protection.” Describes the best practices for securing the enterprise network infrastructure. This includes setting a security baseline for protecting the control and management planes as well as setting a strong foundation on which more advanced methods and techniques can subsequently be built on. Chapter 3, “Enterprise Core.” Describes the core component of the Cisco SAFE design. It describes types of threats that targets the core and the best practices for implementing security within the core network. Chapter 4, “Intranet Data Center.” Describes the intranet data center component of the Cisco SAFE design. It provide guidelines for integrating security services into Cisco recommended data center architectures. Chapter 5, “Enterprise Campus.” Describes the enterprise campus component of the Cisco SAFE design. It covers the threat types that affect the enterprise campus and the best practices for implementing security within the campus network.ii Cisco SAFE Reference Guide OL-19523-01 Preface Chapter 6, “Enterprise Internet Edge.” Describes the enterprise Internet edge component of the Cisco SAFE design. It covers the threat types that affect the Internet edge and the best practices for implementing security within the enterprise Internet edge network. Chapter 7, “Enterprise WAN Edge.” Describes the enterprise WAN edge component of the Cisco SAFE design. It covers the threat types that affect the enterprise WAN edge and the best practices for implementing security within the WAN edge network. Chapter 8, “Enterprise Branch.” Describes enterprise branch component of the Cisco SAFE design. It covers the threat types that affect the enterprise branch and the best practices for implementing security within the branch network. Chapter 9, “Management.” Describes the management component of the Cisco SAFE design. It covers the threat types that affects the management module and the best practices for mitigation those threats. Chapter 10, “Monitoring, Analysis, and Correlation.” Describes the security tools used for monitoring, analysis, and correlations of the network SAFE design network resources. Chapter 11, “Threat Control and Containment.” Describes the threat control and containment attributes of the Cisco SAFE design. Chapter 12, “Cisco Security Services.” Describes the security services designed to support the continuous solution lifecycle. Chapter A, “Reference Documents.” Provides a list of reference documents where users can obtain additional information. Glossary Lists and defines key terms and acronyms used in this guide. Chapter Descriptioniii Cisco SAFE Reference Guide OL-19523-01 Preface About the Authors This section provides information about the authors who developed the content of this guide. Justin Chung, Manager, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Justin is a Technical Marketing Manager with over twelve years of experience in the networking industry. During his eleven years at Cisco, he managed various security solutions such as Dynamic Multipoint VPN (DMVPN), Group Encrypted Transport VPN (GET VPN), VRF-Aware IPSec, Network Admission Control (NAC), and others. He is a recipient of the Pioneer Award for the GET VPN solution. He is currently managing the Enterprise WAN Edge, Branch, and Security solutions. Martin Pueblas, CCIE#2133, CISSP#40844—Technical Leader, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Martin is the lead system architect of the Cisco SAFE Security Reference Architecture. He is a network security expert with over 17 years of experience in the networking industry. He obtained his CCIE certification in 1996 and CISSP in 2004. Martin joined Cisco in 1998 and has held a variety of technical positions. Started as a Customer Support Engineer in Cisco’s Technical Assistance Center (TAC) in Brussels, Belgium. In 1999 moved to the United States where soon became technical leader for the Security Team. Martin’s primary job responsibilities included acting as a primary escalation resource for the team and delivering training for the support organization. At the end of 2000, he joined the Advanced Engineering Services team as a Network Design Consultant, where he provided design and security consulting services to large corporations and Service Providers. During this period, Martin has written a variety of technical documents including design guides and white papers that define Cisco’s best practices for security and VPNs. Martin joined Cisco’s Central Marketing Organization in late 2001, where as a Technical Marketing Engineer, he focused on security and VPN technologies. In late 2004, he joined his current position acting as a security technical leader. As part of his current responsibilities, Martin is leading the development of security solutions for enterprises. Alex Nadimi, Technical Marketing Engineer, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Alex has been at Cisco for 14 years. His expertise include security, VPN technologies, MPLS, and Multicast. Alex has authored several design guides and technical notes. Alex has over 15 years experience in the computer, communications, and networking fields. He is a graduate of University of London and Louisiana State University.iv Cisco SAFE Reference Guide OL-19523-01 Preface Dan Hamilton, CCIE #4080 —Technical Leader, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Dan has over 15 years experience in the networking industry. He has been with Cisco for 9 years. He joined Cisco in 2000 as a Systems Engineer supporting a large Service Provider customer. In 2004, he became a Technical Marketing Engineer in the Security Technology Group (STG) supporting IOS security features such as infrastructure security, access control and Flexible Packet Matching (FPM) on the Integrated Security Routers (ISRs), mid-range routers and the Catalyst 6500 switches. He moved to a Product Manager role in STG in 2006, driving the development of new IOS security features before joining the ESE Team in 2008. Prior to joining Cisco, Dan was a network architect for a large Service Provider, responsible for designing and developing their network managed service offerings. Dan has a Bachelor of Science degree in Electrical Engineering from the University of Florida. Sherelle Farrington, Technical Leader, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Sherelle is a technical leader at Cisco Systems with over fifteen years experience in the networking industry, encompassing service provider and enterprise environments in the US and Europe. During her more than ten years at Cisco, she has worked on a variety of service provider and enterprise solutions, and started her current focus on network security integration over four years ago. She has presented and published on a number of topics, most recently as co-author of the Wireless and Network Security Integration Solution design guide, and the Network Security Baseline paper. v Cisco SAFE Reference Guide OL-19523-01 Preface David Anderson, CCIE #7660, CISSP#57547—Senior Technical Marketing Engineer, CMO Enterprise Solutions Engineering (ESE), Cisco Systems David is a Senior Technical Marketing Engineer in CMO - Enterprise Solutions Engineering (ESE), Cisco Systems. In this role, David focuses on security and virtualization in data center solutions. David also works cross-functionally to develop data center solutions with Cisco business units and partners. David joined Cisco in 1999 as a solution engineer for service provider dial-access architectures. His roles at Cisco include Systems Engineer, Technical Marketing Engineer, and Senior Product Manager. In 2001 David was part of the initial team that began focusing on data center related solutions for Cisco. After several years, he moved to the role of Senior Technical Marketing Engineer and Product Manager to help establish and grow the Cisco Network Admission Control product line. David is a frequent speaker at Cisco Live (Networkers) and other industry events and forums. Prior to joining Cisco, David was a Senior Network Engineer for the Department of Emergency Communications and E-911 Center in San Francisco. David holds CCIE and CISSP certifications and has a Bachelor of Science degree in Management Information Systems from Florida State University. Srinivas Tenneti, CCIE#10483—Technical Marketing Engineer, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Srinivas is a Technical Marketing Engineer for WAN and branch architectures in Cisco's ESE team. Prior to joining the ESE team, Srinivas worked two years in Commercial System Engineering team where he worked on producing design guides, and SE presentations for channel partners and SEs. Before that, he worked for 5 years with other Cisco engineering teams. Srinivas has been at Cisco for 8 years.vi Cisco SAFE Reference Guide OL-19523-01 PrefaceC H A P T E R 1-1 Cisco SAFE Reference Guide OL-19523-01 1 SAFE Overview Executive Summary The ever-evolving security landscape presents a continuous challenge to organizations. The fast proliferation of botnets, the increasing sophistication of network attacks, the alarming growth of Internet-based organized crime and espionage, identity and data theft, more innovative insider attacks, and emerging new forms of threats on mobile systems are examples of the diverse and complex real threats that shape today's security landscape. As a key enabler of the business activity, networks must be designed and implemented with security in mind to ensure the confidentiality, integrity, and availability of data and system resources supporting the key business functions. The Cisco SAFE provides the design and implementation guidelines for building secure and reliable network infrastructures that are resilient to both well-known and new forms of attacks. Achieving the appropriate level of security is no longer a matter of deploying point products confined to the network perimeters. Today, the complexity and sophistication of threats mandate system-wide intelligence and collaboration. To that end, the Cisco SAFE takes a defense-in-depth approach, where multiple layers of protection are strategically located throughout the network, but under a unified strategy. Event and posture information is shared for greater visibility and response actions are coordinated under a common control strategy. The Cisco SAFE uses modular designs that accelerate deployment and that facilitate the implementation of new solutions and technologies as business needs evolve. This modularity extends the useful life of existing equipment, protecting capital investments. At the same time, the designs incorporate a set of tools to facilitate day-to-day operations, reducing overall operational expenditures. This guide discusses the Cisco SAFE best practices, designs and configurations, and aims to provide network and security engineers with the necessary information to help them succeed in designing, implementing and operating secure network infrastructures based on Cisco products and technologies. While the target audience is technical in nature, business decision makers, senior IT leaders and systems architects can benefit from understanding the design driving principles and fundamental security concepts.1-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction SAFE Introduction The Cisco SAFE uses the Cisco Security Control Framework (SCF), a common framework that drives the selection of products and features that maximize visibility and control, the two most fundamental aspects driving security. Also used by Cisco's Continuous Improvement Lifecycle, the framework facilitates the integration of Cisco's rich portfolio of security services designed to support the entire solution lifecycle. Cisco Security Control Framework (SCF) The Cisco SCF is a security framework aimed at ensuring network and service availability and business continuity. Security threats are an ever-moving target and the SCF is designed to address current threat vectors, as well as track new and evolving threats, through the use of best common practices and comprehensive solutions. Cisco SAFE uses SCF to create network designs that ensure network and service availability and business continuity. Cisco SCF drives the selection of the security products and capabilities, and guides their deployment throughout the network where they best enhance visibility and control. SCF assumes the existence of security policies developed as a result of threat and risk assessments, and in alignment to business goals and objectives. The security policies and guidelines are expected to define the acceptable and secure use of each service, device, and system in the environment. The security policies should also determine the processes and procedures needed to achieve the business goals and objectives. The collection of processes and procedures define security operations. It is crucial to business success that security policies, guidelines, and operations do not prevent but rather empower the organization to achieve its goals and objectives. The success of the security policies ultimately depends on the degree they enhance visibility and control. Simply put, security can be defined as a function of visibility and control. Without any visibility, there is no control, and without any control there is no security. Therefore, SCF’s main focus is on enhancing visibility and control. In the context of SAFE, SCF drives the selection and deployment of platforms and capabilities to achieve a desirable degree of visibility and control. SCF defines six security actions that help enforce the security policies and improve visibility and control. Visibility is enhanced through the actions of identify, monitor, and correlate. Control is improved through the actions of harden, isolate, and enforce. See Figure 1-1.1-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction Figure 1-1 Security Actions In an enterprise, there are various places in the network (PINs) such as data center, campus, and branch. The SAFE designs are derived from the application of SCF to each PIN. The result is the identification of technologies and best common practices that best satisfy each of the six key actions for visibility and control. In this way, SAFE designs incorporate a variety of technologies and capabilities throughout the network to gain visibility into network activity, enforce network policy, and address anomalous traffic. As a result, network infrastructure elements such as routers and switches are used as pervasive, proactive policy-monitoring and enforcement agents. Architecture Lifecycle Since business and security needs are always evolving, the Cisco SAFE advocates for the on-going review and adjustment of the implementation in accordance to the changing requirements. To that end, the Cisco SAFE uses the architecture lifecycle illustrated in Figure 1-2. Cisco Security Control Framework Model Identify Total Visibility Identify, Monitor, Collect, Detect and Classify Users, Traffic, Applications and Protocols Complete Control Monitor Correlate Harden Harden, Strengthen Resiliency, Limit Access, and Isolate Devices, Users, Traffic, Applications and Protocols Isolate Enforce • Identify, Classify and Assign TrustLevels to Subscribers, Services and Traffic • Monitor, Performance, Behaviours, Events and Compliance, with Policies • Identify Anomalous Traffic • Collect, Correlate and Analyze System-Wide Events • Identify, Notify and Report on Significant Related Events • Harden Devices, Transport, Services and Applications • Strengthen Infrastructure Resiliency, Redundancy and Fault Tolerance • Isolate Subscribers, Systems and Services • Contain and Protect • Enforce Security Policies • Migrate Security Events • Dynamically Respond to Anomalous Envent 2266581-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction Figure 1-2 SAFE Architecture Lifecycle 1. The cycle starts with planning, which must include a threat and risk assessment aimed at identifying assets and the current security posture. Planning should also include a gap analysis to unveil the strengths and weaknesses of the current architecture. 2. After the initial planning, the cycle continues with the design and selection of the platforms, capabilities, and best practices needed to close the gap and satisfy future requirements. This results in a detailed design to address the business and technical requirements. 3. The implementation follows the design. This includes the deployment and provisioning of platforms and capabilities. Deployment is typically executed in separate phases, which requires a plan sequencing. 4. Once the new implementation is in place, it needs to be maintained and operated. This includes the management and monitoring of the infrastructure as well as security intelligence for threat mitigation. 5. Finally, as business and security requirements are continuously changing, regular assessments need to be conducted to identify and address possible gaps. The information obtained from day-to-day operations and from adhoc assessments can be used for these purposes. As Figure 1-2 illustrates, the process is iterative and each iteration results in an implementation better suited to meet the evolving business and security policy needs. More information on Cisco SCF can be found at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/CiscoSCF.html Optimize Plan Design Implement Operate 2261421-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction SAFE Architecture The Cisco SAFE consists of design blueprints based on the Cisco Validated Designs (CVDs) and proven security best practices that provide the design guidelines for building secure and reliable network infrastructures. The Cisco SAFE design blueprints implement defense-in-depth by strategically positioning Cisco products and capabilities across the network and by leveraging cross platform network intelligence and collaboration. To that end, multiple layers of security controls are implemented throughout the network, but under a common strategy and administration. At the same time, the design blueprints address the unique requirements of the various PINs present in an enterprise; products and capabilities are deployed where they deliver the most value while at the same time best facilitating collaboration and operational efficiency. The Cisco SAFE design blueprints also serve as the foundation for vertical and horizontal security solutions developed to address the requirements of specific industries such as retail, financial, healthcare, and manufacturing. In addition, Cisco security services are embedded as an intrinsic part of Cisco SAFE. The Cisco security services support the entire solution lifecycle and the diverse security products included in the designs. Architecture Principles The Cisco SAFE design blueprints follow the principles described below. Defense-in-Depth In the Cisco SAFE, security is embedded throughout the network by following a defense-in-depth approach, and to ensure the confidentiality, integrity, and availability of data, applications, endpoints, and the network itself. For enhanced visibility and control, a rich set of security technologies and capabilities are deployed in multiple layers, but under a common strategy. The selection of technologies and capabilities is driven by the application of the Cisco SCF. Modularity and Flexibility The Cisco SAFE design blueprints follow a modular design where all components are described by functional roles rather than point platforms. The overall network infrastructure is divided into functional modules, each one representing a distinctive PIN such as the campus and the data center. Functional modules are then subdivided into more manageable and granular functional layers and blocks (for example, access layer, edge distribution block), each serving a specific role in the network. The modular designs result in added flexibility when it comes to deployment, allowing a phased implementation of modules as it best fits the organization's business needs. The fact that components are described by functional roles rather than point platforms facilitate the selection of the best platforms for given roles and their eventual replacement as technology and business needs evolve. Finally, the modularity of the designs also accelerates the adoption of new services and roles, extending the useful life of existing equipment and protecting previous capital investment. Service Availability and Resiliency The Cisco SAFE design blueprints incorporate several layers of redundancy to eliminate single points of failure and to maximize the availability of the network infrastructure. This includes the use of redundant interfaces, backup modules, standby devices, and topologically redundant paths. In addition, the designs also use a wide set of features destined to make the network more resilient to attacks and network failures.1-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction Regulatory Compliance The Cisco SAFE implements a security baseline built-in as intrinsic part of the network infrastructure. The security baseline incorporates a rich set of security practices and functions commonly required by regulations and standards, facilitating the achievement of regulatory compliance. Strive for Operational Efficiency The Cisco SAFE is designed to facilitate management and operations throughout the entire solution lifecycle. Products, capabilities, and topologies were carefully selected to maximize the visibility and control of the individual safeguards, while providing a unified view of the overall status of the network. Designs were conceived with simplicity to accelerate provisioning and to help troubleshoot and isolate problems quickly, effectively reducing the operative expenditures. Central points of control and management are provided with the tools and procedures necessary to verify the operation and effectiveness of the safeguards in place. Auditable Implementations The Cisco SAFE designs accommodate a set of tools to measure and verify the operation and the enforcement of safeguards across the network, providing a current view of the security posture of the network, and helping assess compliance to security policies, standards, and regulations. Global Information Sharing and Collaboration The Cisco SAFE uses the information sharing and collaborative capabilities available on Cisco's products and platforms. Logging and event information generated from the devices in the network is centrally collected, trended, and correlated for maximum visibility. Response and mitigation actions are centrally coordinated for enhanced control. SAFE Axioms Network environments are built out of a variety of devices, services, and information of which confidentiality, integrity, and availability may be compromised. Properly securing the network and its services requires an understanding of these network assets and their potential threats. The purpose of this section is to raise awareness on the different elements in the network that may be at risk. Infrastructure Devices Are Targets Network infrastructures are not only built up with routers and switches, but also with a large variety of in-line devices including, but not limited to, firewalls, intrusion prevention systems, load balancers, and application acceleration appliances. All these infrastructure devices may be subject to attacks designed to target them directly or that indirectly may affect network availability. Possible attacks include unauthorized access, privilege escalation, distributed denial-of-service (DDoS), buffer overflows, traffic flood attacks, and much more. Generally, network infrastructure devices provide multiple access mechanisms, including console and remote access based on protocols such as Telnet, rlogin, HTTP, HTTPS, and SSH. The hardening of these devices is critical to avoid unauthorized access and compromise. Best practices include the use of secure protocols, disabling unused services, limiting access to necessary ports and protocols, and the enforcement of authentication, authorization and accounting (AAA). However, infrastructure devices are not all the same. It is fundamental to understand their unique characteristics and nature in order to properly secure them. The primary purpose of routers and switches is to provide connectivity; therefore, default configurations typically allow traffic without restrictions. 1-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction In addition, the devices may have some of the services enabled by default which may not be required for a given environment. This presents an opportunity for exploitation and proper steps should be taken to disable the unnecessary service. In particular, routers’ responsibilities are to learn and propagate route information, and ultimately to forward packets through the most appropriate paths. Successful attacks against routers are those able to affect or disrupt one or more of those primary functions by compromising the router itself, its peering sessions, and/or the routing information. Because of their Layer-3 nature, routers can be targeted from remote networks. Best practices to secure routers include device hardening, packet filtering, restricting routing-protocol membership, and controlling the propagation and learning of routing information. In contrast to routers, switches’ mission is to provide LAN connectivity; therefore, they are more vulnerable to Layer 2-based attacks, which are most commonly sourced inside the organization. Common attacks on switched environments include broadcast storms, MAC flooding, and attacks designed to use limitations on supporting protocols such as Address Resolution Protocol (ARP), Dynamic Host Configuration Protocol (DHCP), and Spanning Tree Protocol (STP). Best practices for securing switches include device hardening, restricting broadcast domains, SPT security, ARP inspection, anti-spoofing, disabling unused ports, and following VLAN best practices. Firewalls, load balancers, and in-line devices in general are also subject to unauthorized access and compromise; consequently, their hardening is critical. Like any other infrastructure devices, in-line devices have limited resources and capabilities and as a result they are potentially vulnerable to resource exhaustion attacks as well. This sort of attacks is designed to deplete the processing power or memory of the device. This may be achieved by overwhelming the device capacity in terms of connections per second, maximum number of connections, or number of packets per second. Attacks may also target protocol and packet-parsing with malformed packets or protocol manipulation. Security best practices vary depending on the nature of the in-line device. Services Are Targets Network communications depend on a series of services including, but not limited to, Domain Name System (DNS), Network Time Protocol (NTP), and DHCP. The disruption of such services may result in partial or total loss of connectivity, and their manipulation may serve as a platform for data theft, denial-of-service (DoS), service abuse, and other malicious activity. As a result, a growing number and a variety of attacks are constantly targeting infrastructure services. DNS provides for resolution between user-friendly domain names and logical IP addresses. As most services on the Internet and intranets are accessed by their domain names and not their IP addresses, a disruption on DNS most likely results in loss of connectivity. DNS attacks may target the name servers as well as the clients, also known as resolvers. Some common attacks include DNS amplification attacks, DNS cache poisoning and domain name hijacking. DNS amplification attacks typically consist of flooding name servers with unsolicited replies, often in response to recursive queries. DNS cache poisoning consists of maliciously changing or injecting DNS entries in the server caches, often used for phishing and man-in-the-middle attacks. Domain name hijacking refers to the illegal act of someone stealing the control of a domain name from its legal owner. Best practices for mitigation include patch management and the hardening of the DNS servers, using firewalls to control DNS queries and zone traffic, implementing IPS to identify and block DNS-based attacks, etc. NTP, which is used to synchronize the time across computer systems over an IP network, is used for a range of time-based applications such as user authentication, event logging, and process scheduling, etc. The NTP service may be subjected to a variety of attacks ranging from NTP rogue servers, the insertion of invalid NTP information, to DoS on the NTP servers. Best practices for securing NTP include the use of NTP peer authentication, the use of access control lists, and device hardening, etc.1-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction DHCP is the most widely deployed protocol for the dynamic configuration of systems over an IP network. Two of the most common DHCP attacks are the insertion of rogue DHCP servers and DHCP starvation. Rogue DHCP servers are used to provide valid users with incorrect-configuration information to prevent them from accessing the network. Also, rogue DHCP servers are used for man-in-the-middle (MITM) attacks, where valid clients are provided with the IP address of a compromised system as a default gateway. DHCP starvation is another common type of attack. It consists of exhausting the pool of IP addresses available to the DHCP server for a period of time, and it is achieved by the broadcasting of spoofed DHCP requests by one or more compromised systems in the LAN. Best practices for securing DHCP includes server hardening and use of DHCP security features available on switches such as DHCP snooping and port security, etc. Endpoints Are Targets A network endpoint is any system that connects to the network and that communicates with other entities over the infrastructure. Servers, desktop computers, laptops, network storage systems, IP phones, network-enabled mobile devices, and IP-enabled video systems are all examples of endpoints. Due to the immense diversity of hardware platforms, operating systems, and applications, endpoints present some of the most difficult challenges from a security perspective. Updates, patches, and fixes of the various endpoint components typically are available from different sources and at different times, making it more difficult to maintain systems up-to-date. In addition to the platform and software diversity, portable systems like laptops and mobile devices are often used at WiFi-hot-spots, hotels, employee's homes and other environments outside of the corporate controls. In part because of the security challenges mentioned above, endpoints are the most vulnerable and the most successfully compromised devices. The list of endpoint threats is as extensive and diverse as the immense variety of platforms and software available. Examples of common threats to endpoints include malware, worms, botnets, and E-mail spam. Malware is malicious software designed to grant unauthorized access and/or steal data from the victim. Malware is typically acquired via E-mail messages containing a Trojan or by browsing a compromised Web site. Key-loggers and spyware are examples of malware, both designed to record the user behavior and steal private information such as credit card and social security numbers. Worms are another form of malicious software that has the ability to automatically propagate over the network. Botnets are one of the fastest growing forms of malicious software and that is capable of compromising very large numbers of systems for E-mail spam, DoS on web servers and other malicious activity. Botnets are usually economically motivated and driven by organized cyber crime. E-mail spam consists of unsolicited E-mail, often containing malware or that are part of a phishing scam. Securing the endpoints requires paying careful attention to each of the components within the systems, and equally important, ensuring end-user awareness. Best practices include keeping the endpoints up-to-date with the latest updates, patches and fixes; hardening of the operating system and applications; implementing endpoint security software; securing web and E-mail traffic; and continuously educating end-users about current threats and security measures. Networks Are Targets Entire network segments may also be target of attacks such as theft of service, service abuse, DoS, MITM, and data loss to name a few. Theft of service refers to the unauthorized access and use of network resources; a good example is the use of open wireless access points by unauthorized users. Network service abuse costs organizations millions of dollars a year and consists of the use of network resources for other than the intended purposes; for example, employee personal use of corporate resources. Networks may also be subject to DoS attacks designed to disrupt network service and MITM attacks used to steal private data.1-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction Network attacks are among the most difficult to deal with because they typically take advantage of an intrinsic characteristic in the way the network operates. Network attacks may operate at Layer 2 or Layer 3. Layer-2 attacks often take advantage of the trustful nature of certain Layer-2 protocols such as STP, ARP, and CDP. Some other Layer-2 attacks may target certain characteristics of the transport media, such as wireless access. Some Layer-2 attacks may be mitigated through best practices on switches, routers, and wireless access points. Layer 3-based attacks make use of the IP transport and may involve the manipulation of routing protocols. Examples of this type of attacks are distributed DoS (DDoS), black-holing, traffic diversion. DDoS works by causing tens or hundreds of machines to simultaneously send spurious data to a target IP address. The goal of such an attack is not necessarily to shut down a particular host, but also to make an entire network unresponsive. Other frequent Layer-3 attacks consist in the injection of invalid route information into the routing process to intentionally divert traffic bounded to a target network. Traffic may be diverted to a black-hole, making the target network unreachable, or to a system configured to act as a MITM. Security best practices against Layer 3-based network attacks include device hardening, anti-spoofing filtering, routing protocol security, and network telemetry, firewalls, and intrusion prevention systems. Applications Are Targets Applications are coded by people and therefore are subject to numerous errors. Care needs to be taken to ensure that commercial and public domain applications are up-to-date with the latest security fixes. Public domain applications, as well as custom developed applications, also require code review to ensure that the applications are not introducing any security risks caused by poor programming. This may include scenarios such as how user input is sanitized, how an application makes calls to other applications or the operating system itself, the privilege level at which the application runs, the degree of trust that the application has for the surrounding systems, and the method the application uses to transport data across the network. Poor programming may lead to buffer overflow, privilege escalation, session credential guessing, SQL injection, cross-site scripting attacks to name a few. Buffer overflow attacks are designed to trigger an exception condition in the application that overwrites certain parts of memory, causing a DoS or allowing the execution of an unauthorized command. Privilege escalation typically results from the lack of enforcement authorization controls. The use of predictable user credentials or session identifications facilitates session hijacking and user impersonation attacks. SQL injection is a common attack in web environments that use backend SQL and where user-input is not properly sanitized. Simply put, the attack consists in manipulating the entry of data to trigger the execution of a crafted SQL statement. Cross-site scripting is another common form of attack that consists in the injection of malicious code on web pages, and that it gets executed once browsed by other users. Cross-site scripting is possible on web sites where users may post content and that fail to properly validate user's input. Application environments can be secured with the use of endpoint security software and the hardening of the operating system hosting the application. Firewalls, intrusion prevention systems, and XML gateways may also be used to mitigate application-based attacks.1-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction SAFE Design Blueprint The Cisco SAFE designs were created following the architecture principles and in compliance with the SAFE axioms. With increasingly sophisticated attacks, point security solutions are no longer effective. Today's environments require higher degrees of visibility that is only attainable with infrastructure-wide security intelligence and collaboration. To that end, the Cisco SAFE design blueprints use the various forms of network telemetry present on Cisco networking equipment, security appliances, and endpoints to obtain a consistent and accurate view of the network activity. As part of the event monitoring, analysis, and correlation, logging and event information generated by routers, switches, firewalls, intrusion prevention systems, and endpoint protection software are collected, trended, and correlated. The architecture also uses the collaborative nature between security platforms such as intrusion prevention systems, firewalls, and endpoint protection software. SCF defines six security actions that help enforce the security policies and improve visibility and control. Visibility is enhanced through the actions of identify, monitor, and correlate. By delivering infrastructure-wide security intelligence and collaboration, the Cisco SAFE design blueprints can effectively offer the following: • Enhanced visibility—Infrastructure-wide intelligence provides an accurate vision of network topologies, attack paths, and the extent of the damage. • Identify threats—Collecting, trending, correlating, and logging event information help identify the presence of security threats, compromises, and data leak. • Confirm compromises—By being able to track an attack as it transits the network, and by having visibility on the endpoints, the architecture can confirm the success or failure of an attack. • Reduce false positives—Endpoint and system visibility help identify whether a target is in fact vulnerable to a given attack. • Reduce volume of event information—Event correlation dramatically reduces the number of events, saving security operator's precious time and allowing them to focus on what is most important. • Determine the severity of an incident—Enhanced endpoint and network visibility allows the architecture to dynamically increase or reduce the severity level of an incident based on the degree of vulnerability of the target and the context of the attack. • Reduce response times—Having visibility over the entire network makes it possible to determine attack paths and identify the best places to enforce mitigation actions. The Cisco SAFE uses the infrastructure-wide intelligence and collaboration capabilities provided by Cisco products to control and mitigate well-known and zero-day attacks. Under the Cisco SAFE design blueprints, intrusion protection systems, firewalls, network admission control, endpoint protection software, and monitoring and analysis systems work together to identify and dynamically respond to attacks. As part of threat control and containment, the designs have the ability to identify the source of a threat, visualize its attack path, and to suggest, and even dynamically enforce, response actions. Possible response actions include the isolation of compromised systems, rate limiting, packet filtering, and more. Control is improved through the actions of harden, isolate, and enforce. Following are some of the objectives of the Cisco SAFE design blueprints: • Adaptive response to real-time threats—Source threats are dynamically identified and may be blocked in real-time. • Consistent policy enforcement coverage—Mitigation and containment actions may be enforced at different places in the network for defense in-depth. • Minimize effects of attack—Response actions may be dynamically triggered as soon as an attack is detected, minimizing damage.1-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction • Common policy and security management—A common policy and security management platform simplifies control and administration, and reduces operational expense. Enterprise networks are built with routers, switches, and other network devices that keep the applications and services running. Therefore, properly securing these network devices is critical for continued business operation. The network infrastructure is not only often used as a platform for attacks but is also increasingly the direct target of malicious activity. For this reason, the necessary measures must be taken to ensure the security, reliability, and availability of the network infrastructure. The Cisco SAFE provides recommended designs for enhanced security and best practices to protect the control and management planes of the infrastructure. The architecture sets a strong foundation on which more advanced methods and techniques can subsequently be built on. Best practices and design recommendations are provided for the following areas: • Infrastructure device access • Device resiliency and survivability • Routing infrastructure • Switching infrastructure • Network policy enforcement • Network telemetry • Network management The design blueprint follows a modular design where the overall network infrastructure is divided into functional modules, each one representing a distinctive PIN. Functional modules are then subdivided into more manageable and granular functional layers and blocks, each serving a specific role in the network. Figure 1-3 illustrates the Cisco SAFE design blueprint.1-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction Figure 1-3 Cisco SAFE Design Blueprint Each module is carefully designed to provide service availability and resiliency, to facilitate regulatory compliance, to provide flexibility in accommodating new services and adapt with the time, and to facilitate administration. The following is a brief description of the design modules. Each module is discussed in detail later in this guide. Enterprise Core The core is the piece of the infrastructure that glues all the other modules. The core is a high-speed infrastructure whose objective is to provide a reliable and scalable Layer-2/Layer-3 transport. The core is typically implemented with redundant switches that aggregate the connections to the campuses, data centers, WAN edge, and Internet edge. For details about the enterprise core, refer to Chapter 3, “Enterprise Core.” Intranet Data Center Cisco SAFE includes an Intranet data center design capable of hosting a large number of systems for serving applications and storing significant volumes of data. The data center design also hosts the network infrastructure that supports the applications, including routers, switches, load balancers, application acceleration devices to name some. The intranet data center is designed to serve internal users and applications, and that are not directly accessible from the Internet to the general public. Partner Extranet WAN Internet Internet Edge E-Commerce Campus Data Center Management Teleworker Branch M M IP IP IP Core WAN Edge 2266591-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction The following are some of the key security attributes of Cisco SAFE intranet data center design: • Service availability and resiliency • Prevent DoS, network abuse, intrusions, data leak, and fraud • Ensure data confidentiality, integrity, and availability • Content control and application level inspection • Server and application protection and segmentation For details about the intranet data center, refer to Chapter 4, “Intranet Data Center.” Enterprise Campus The enterprise campus provides network access to end users and devices located at the same geographical location. It may span over several floors in a single building, or over multiple buildings covering a larger geographical area. The campus may also host local data, voice, and video services. Cisco SAFE includes a campus design that allows campus users to securely access any corporate or Internet resources from the campus infrastructure. From a security perspective, the following are the key attributes of the Cisco SAFE campus design: • Service availability and resiliency • Prevent unauthorized access, network abuse, intrusions, data leak, and fraud • Ensure data confidentiality, integrity, and availability • Ensure user segmentation • Enforce access control • Protect the endpoints For details about the enterprise campus, refer to Chapter 5, “Enterprise Campus.” Enterprise Internet Edge The Internet edge is the network infrastructure that provides connectivity to the Internet, and that acts as the gateway for the enterprise to the rest of the cyberspace. The Internet edge services include public services DMZ, corporate Internet access and remote access VPN. The Cisco SAFE design blueprint incorporates an Internet edge design that allows users at the campuses to safely access E-mail, instant messaging, web-browsing, and other common services over the Internet. The Cisco SAFE Internet edge design also accommodates Internet access from the branches over a centralized Internet connection at the headquarters, in case the organization's policies mandates it. The following are some of the key security attributes of the Cisco SAFE Internet edge design: • Service availability and resiliency • Prevent intrusions, DoS, data leak, and fraud • Ensure user confidentiality, data integrity, and availability • Server and application protection • Server and application segmentation • Ensure user segmentation • Content control and inspection For details about the enterprise Internet edge, refer to Chapter 6, “Enterprise Internet Edge.”1-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction Enterprise WAN Edge The WAN edge is the portion of the network infrastructure that aggregates the WAN links that connect geographically distant branch offices to a central site or regional hub site. The WAN can be either owned by the same enterprise or provided by a service provider, the later being the most common option. The objective of the WAN is to provide users at the branches the same network services as campus users at the central site. The Cisco SAFE includes a WAN edge design that allows branches and remote offices to securely communicate over a private WAN. The design accommodates the implementation of multiple WAN clouds for redundancy or load balancing purposes. In addition, an Internet connection may also be used as a secondary backup option. From a security perspective, the following are the key attributes of the Cisco SAFE WAN edge design: • Service availability and resiliency • Prevent DoS, network abuse, intrusions, data leak, and fraud • Provide confidentiality, integrity, and availability of data transiting the WAN • Deliver secure Internet WAN backup • Ensure data confidentiality, integrity, and availability • Ensure user segmentation For details about the the enterprise WAN edge, refer to Chapter 7, “Enterprise WAN Edge.” Enterprise Branch Branches provide connectivity to users and devices at the remote location. They typically implement one or more LANs, and connect to the central sites via a private WAN or an Internet connection. Branches may also host local data, voice, and video services. The Cisco SAFE includes several branch designs that allow users and devices to securely access the branch resources. The Cisco SAFE branch designs accommodate one or two WAN clouds, as well as a backup Internet connection. Depending on the enterprise access policies, direct Internet access may be allowed while in other cases Internet access may be only permitted through a central Internet connection at the headquarters or regional office. In the later case, the Internet link at the branch would likely be used solely for WAN backup purposes. The following are the key security attributes of the Cisco SAFE branch designs: • Service availability and resiliency • Prevent unauthorized access, network abuse, intrusions, data leak, and fraud • Provide confidentiality, integrity, and availability of data transiting the WAN • Ensure data confidentiality, integrity, and availability • Ensure user segmentation • Protect the endpoints For details about the enterprise enterprise branch, refer to Chapter 8, “Enterprise Branch.” Management The architecture design includes a management network dedicated to carrying control and management plane traffic such as NTP, SSH, SNMP, syslog, etc. The management network combines out-of-band (OOB) management and in-band (IB) management, spanning all the building blocks. At the headquarters, an OOB management network may be implemented as a collection of dedicated switches or based on VLAN isolation.1-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE Introduction For details about management, refer to Chapter 9, “Management.”1-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 1 SAFE Overview SAFE IntroductionC H A P T E R 2-1 Cisco SAFE Reference Guide OL-19523-01 2 Network Foundation Protection This chapter describes the best practices for securing the network infrastructure itself. This includes setting a security baseline for protecting the control and management planes as well as setting a strong foundation on which more advanced methods and techniques can subsequently be built on. Later in this chapter, each design module is presented with the additional security design elements required to enhance visibility and control and to secure the data plane. The following are the key areas of baseline security: • Infrastructure device access • Routing infrastructure • Device resiliency and survivability • Network telemetry • Network policy enforcement • Switching infrastructure For more detailed information on deployment steps and configurations, refer to the Network Security Baseline document at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Security/securebasebook.ht ml Key Threats in the Infrastructure The following are some of the expected threats to the network infrastructure: • Denial-of-service (DoS) • Distributed DoS (DDoS) • Unauthorized access • Session hijacking • Man-in-the-middle (MITM) attack • Privilege escalation • Intrusions • Botnets • Routing protocol attacks • Spanning tree attacks2-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Infrastructure Device Access Best Practices • Layer 2 attacks Infrastructure Device Access Best Practices Securing the network infrastructure requires securing the management access to these infrastructure devices. If the infrastructure device access is compromised, the security and management of the entire network can be compromised. Consequently, it is critical to establish the appropriate controls in order to prevent unauthorized access to infrastructure devices. Network infrastructure devices often provide a range of different access mechanisms, including console and asynchronous connections, as well as remote access based on protocols such as Telnet, rlogin, HTTP, and SSH. Some mechanisms are typically enabled by default with minimal security associated with them; for example, Cisco IOS software-based platforms are shipped with console and modem access enabled by default. For this reason, each infrastructure device should be carefully reviewed and configured to ensure only supported access mechanisms are enabled and that they are properly secured. The key measures to securing both interactive and management access to an infrastructure device are as follows: • Restrict device accessibility—Limit the accessible ports and restrict the permitted communicators and the permitted methods of access. • Present legal notification—Display legal notice developed in conjunction with company legal counsel for interactive sessions. • Authenticate access—Ensure access is only granted to authenticated users, groups, and services. • Authorize actions—Restrict the actions and views permitted by any particular user, group, or service. • Ensure the confidentiality of data—Protect locally stored sensitive data from viewing and copying. Consider the vulnerability of data in transit over a communication channel to sniffing, session hijacking, and man-in-the-middle (MITM) attacks. • Log and account for all access—Record who accessed the device, what occurred, and when for auditing purposes. Protect Local Passwords Passwords should generally be maintained and controlled by a centralized AAA server. However, the Cisco IOS and other infrastructure devices generally store some sensitive information locally. Some local passwords and secret information may be required such as for local fallback in the case of AAA servers not being available, special-use usernames, secret keys, and other password information. Global password encryption, local user-password encryption, and enable secret are features available in the Cisco IOS to help secure locally stored sensitive information: • Enable automatic password encryption with the service password-encryption global command. Once configured, all passwords are encrypted automatically, including passwords of locally defined users. • Define a local enable password using the enable secret global command. Enable access should be handled with an AAA protocol such as TACACS+. The locally configured enable password will be used as a fallback mechanism after AAA is configured.2-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Infrastructure Device Access Best Practices • Define a line password with the password line command for each line you plan to use to administer the system. Note that line passwords are used for initial configuration and are not in effect once AAA is configured. Also note that some devices may have more than 5 VTYs. Note that the encryption algorithm used by the service password-encryption command is a Vigenere cipher (Type 7) that can be easily reversed. Consequently, this command is primarily useful for keeping unauthorized individuals from viewing passwords in the configuration file simply by looking over the shoulder of an authorized user. Cisco IOS offers support for a stronger encryption algorithm (Type 5) for some locally stored passwords and this should be leveraged whenever available. For example, define local users using the secret keyword instead of the password keyword, and use enable secret instead of enable password. The following configuration fragment illustrates the use of the recommended commands: service password-encryption enable secret line vty 0 4 password Implement Notification Banners It is recommended that a legal notification banner is presented on all interactive sessions to ensure that users are notified of the security policy being enforced and to which they are subject. In some jurisdictions, civil and/or criminal prosecution of an attacker who breaks into a system is easier, or even required, if a legal notification banner is presented, informing unauthorized users that their use is in fact unauthorized. In some jurisdictions, it may also be forbidden to monitor the activity of an unauthorized user unless they have been notified of the intent to do so. Legal notification requirements are complex and vary in each jurisdiction and situation. Even within jurisdictions, legal opinions vary, and this issue should be discussed with your own legal counsel to ensure that it meets company, local, and international legal requirements. This is often critical to securing appropriate action in the event of a security breach. In cooperation with the company legal counsel, statements that may be included in a legal notification banner include the following: • Notification that system access and use is permitted only by specifically authorized personnel, and perhaps information about who may authorize use. • Notification that unauthorized access and use of the system is unlawful, and may be subject to civil and/or criminal penalties. • Notification that access and use of the system may be logged or monitored without further notice, and the resulting logs may be used as evidence in court. • Additional specific notices required by specific local laws. From a security standpoint, rather than a legal, a legal notification banner should not contain any specific information about the device, such as its name, model, software, location, operator, or owner because this kind of information may be useful to an attacker. The following example displays the banner after the user logs in: banner login # UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED You must have explicit, authorized permission to access or configure this device.2-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Infrastructure Device Access Best Practices Unauthorized attempts and actions to access or use this system may result in civil and/or criminal penalties. All activities performed on this device are logged and monitored. # Note In Cisco IOS, a number of banner options are available, including banner motd, banner login, banner incoming, and banner exec. For more information on these commands, refer to the Cisco IOS Command Reference on cisco.com. Enforce Authentication, Authorization and Accounting (AAA) AAA is an architectural framework for configuring the following set of independent security functions in a consistent, modular manner: • Authentication—Enables users to be identified and verified prior to them being granted access to the network and network services. • Authorization—Defines the access privileges and restrictions to be enforced for an authenticated user. • Accounting—Provides the ability to track user access, including user identities, start and stop times, executed commands (such as command-line interface (CLI) commands), number of packets, and number of bytes. AAA is the primary and recommended method for access control. All management access (SSH, Telnet, HTTP, and HTTPS) should be controlled with AAA. Due to the fact that RADIUS does not support command authorization, the protocol is not as useful as TACACS+ when it comes to device administration. TACACS+ supports command authorization, allowing the control of which command can be executed on a device and which cannot. For this reason, this guide focuses on TACACS+ and not on RADIUS. For information on how to configure RADIUS for device management, refer to the Network Security Baseline or the Cisco IOS user documentation on cisco.com. The following are the best practices for enabling TACACS+ on Cisco IOS: • Enable AAA with the aaa new-model global command. Configure the aaa session-id common command to ensure the session ID is maintained across all AAA packets in a session. • Define server groups of all AAA servers. If possible, use a separate key per server. Set source IP address for TACACS+ communications, preferably use the IP address of a loopback or the out-of-band (OOB) management interface. • Define a login authentication method list and apply it to console, VTY, and all used access lines. Use TACACS+ as the primary method and local authentication as fallback. Do not forget to define a local user for local fallback. • Authenticate enable access with TACACS+, and use local enable as fallback method. Configure a TACACS+ enable password per user. • Configure exec authorization to ensure access only to users whose profiles are configured with administrative access. TACACS+ profiles are configured with the Shell (exec) attribute. Define fallback method; use local if local usernames are configured with privilege level, or if authenticated otherwise. To grant automatic enable access to a TACACS+, configure the user or group profile with the “privilege level” attribute to 15.2-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Infrastructure Device Access Best Practices • Enforce console authorization: By default, authorization on the console port is not enforced. It is a good practice to enable console authorization with the aaa authorization console command to ensure access is granted only to users with an administrative access privilege. • Enable command authorization for privilege level 15: By default, administrative access to IOS has a privilege level 15. Enable the command authorization command for the privilege level 15 and any other if defined. • Activate the exec accounting command to monitor shell connections. Enable the accounting command for the privilege levels to be used. Activate system accounting for system-level events. Note Enable access can be automatically granted as a result of exec authorization. To that end, TACACS+ user or group profiles need to be configured to set the privilege level to 15. Console access may still require the use of an enable password. If using Cisco Secure Access Control Server (ACS), each user can be configured with a unique enable password. User profiles may also be configured to use the authentication password as enable. The following configuration fragment illustrate the use of TACACS+: ! Enable AAA aaa new-model ! ! Ensure common session ID aaa session-id common ! ! Define server attributes tacacs-server host single-connection key tacacs-server host single-connection key ! ! Define server group aaa group server tacacs+ server server ! ! Define the source interface to be used to communicate with the TACACS+ servers ip tacacs source-interface ! ! Set method list to enable login authentication aaa authentication login group local-case ! ! Authenticate enable access aaa authentication enable default group enable ! ! Define method list to enforce exec authorization aaa authorization exec group if-authenticated ! ! Enforce console authorization aaa authorization console ! ! Define method list to authorize the execution of administrative level commands aaa authorization commands 15 group none ! ! Enable accounting aaa accounting send stop-record authentication failure aaa accounting exec default start-stop group aaa accounting commands 15 default start-stop group aaa accounting system default start-stop group ! ! Enforce method lists to console and vty access lines line con 0 login authentication 2-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Infrastructure Device Access Best Practices ! line vty 0 4 authorization exec login authentication authorization commands 15 ! Secure Administrative Access Follow these best practices for securing administrative access: • Enable SSH access when available rather the unsecure Telnet. Use at a minimum 768-bit modulus size. • Avoid HTTP access. If possible use HTTPS instead of clear-text HTTP. • Disable unnecessary access lines. Disabled those ports that are not going to be used with the no exec command. • Per used line, explicitly define the protocols allowed for incoming and outgoing sessions. Restricting outgoing sessions prevent the system from being used as a staging host for other attacks. It should be noted, however, that outgoing Telnet may be required to manage integrated modules such as the Cisco IPS Network Module for Cisco ISR routers. • Use access-class ACLs to control the sources from which sessions are going to be permitted. The source is typically the subnet where administrators reside. Use extended ACLs when available and indicate the allowed protocols. • Reserve the last VTY available for last resort access. Configure an access-class to ensure this VTY is only accessed by known and trusted systems. • Set idle and session timeouts—Set idle and session timeouts in every used line. Enable TCP keepalives to detect and close hung sessions. Note HTTP access uses default login authentication and default exec authorization. In addition, privilege level for the user must be set to level 15. Note CS-MARS SSH device discovery does not support 512-byte keys. For compatibility, use SSH modulus size equal to or larger than 768 bits. The following configuration fragments illustrate the best practices for enabling SSH access: ! Prevent hung sessions in case of a loss of connection service tcp-keepalives-in ! ! Define access class ACL to be used to restrict the sources of SSH sessions. access-list remark ACL for SSH access-list permit tcp any eq 22 access-list permit tcp any eq 22 access-list deny ip any any log-input ! ! ACL for last resort access access-list permit tcp host any eq 22 access-list deny ip any any log-input ! Configure a hostname and domain name hostname 2-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Infrastructure Device Access Best Practices ip domain-name ! ! Generate an RSA key pair, automatically enabling SSH. crypto key generate rsa ! ! SSH negotiation timeout of 30 seconds ip ssh timeout 30 ! ! SSH authentication attempts of 2 before an interface reset ip ssh authentication-retries 2 ! ! Enforce line access class ACL, access methods and timeouts for VTYs 0 to 3. line vty 0 3 access-class in ! ! Incoming access via SSH only transport input ssh ! ! No outgoing connections permitted transport output none ! ! Incoming access not permitted if the request does not specify the transport protocol transport preferred none ! ! Idle timeout of 3 minutes session-timeout 3 ! ! EXEC timeout of 3 minutes exec-timeout 3 0 ! ! Enforce access of last resource on VTY 4. line vty 4 access-class in transport input ssh transport output none transport preferred none session-timeout 3 exec-timeout 3 0 ! The following configuration fragments illustrate the best practices for enabling HTTPS access. ! Enforce default login authentication and exec authorization aaa authentication login default group local-case aaa authorization exec default group local ! ! Define ACL to control the sources for HTTPS sessions access-list permit access-list deny any log ! ! Disable HTTP and enable HTTPS no ip http server ip http secure-server ! ! Enforce HTTPS ACL and enable AAA ip http access-class ip http authentication aaa ! ! Restrict access to telnet. HTTPS access mode uses they telnet keyword. line vty 0 4 transport input telnet2-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Routing Infrastructure Best Practices For configuration guidance for Telnet and HTTP, refer to the Network Security Baseline document at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Security/securebasebook.ht ml Routing Infrastructure Best Practices Routing is one of the most important parts of the infrastructure that keeps a network running, and as such, it is absolutely critical to take the necessary measures to secure it. There are different ways routing can be compromised, from the injection of illegitimate updates to DoS specially designed to disrupt routing. Attacks may target the router devices, the peering sessions, and/or the routing information. The Cisco SAFE design blueprints make use of the following measures to effectively secure the routing plane: • Restrict routing protocol membership— Limit routing sessions to trusted peers, validate origin, and integrity of routing updates. • Control route propagation—Enforce route filters to ensure only valid routing information is propagated. Control routing information exchange between routing peers and between redistributing processes. • Log status changes—Log the status changes of adjacency or neighbor sessions. Restrict Routing Protocol Membership Many dynamic routing protocols, particularly interior gateway protocols, implement automatic peer discovery mechanisms that facilitate the deployment and setup of routers. By default, these mechanisms operate under the assumption that all peers are to be trusted, making it possible to establish peering sessions from bogus routers and to inject false routing data. Fortunately, the Cisco IOS provides a series of recommended features designed to restrict routing sessions to trusted peers and that help validate the origin and integrity of routing updates: • Enable neighbor authentication to ensure the authenticity of routing neighbor and the integrity of their routing updates. Available for BGP, IS-IS, OSPF, RIPv2 and EIGRP. Use Message Digest Algorithm Version 5 (MD5) authentication rather than insecure plain text authentication. To function properly, neighbor authentication must be enabled on both ends of the routing session. • Use the passive-interface default command when enabling routing on network ranges matching a large number of interfaces. The passive-interface default command changes the configuration logic to a default passive, preventing the propagation of routing updates on an interface unless the interface is expressly configured with the the no passive-interface command. This allows to selectively enable the propagation of routing updates over the interfaces that are expected to be part of the routing process. • When using BGP, enable TTL security check, also known as Generalized TTL Security Mechanism (GTSM, RFC 3682). TTL security check prevents routing-based DoS attacks, unauthorized peering and session reset attacks launched from systems not directly connected to the same subnet as the victim routers. To work properly, TTL security check must be configured on both ends of the BGP session.2-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Routing Infrastructure Best Practices Note The effects of the passive-interface command vary depending on the routing protocol. In RIP and IGRP, the passive-interface command stops the router from sending updates on the selected interface, but the router continues listening and processing updates received from neighbors on that interface. In EIGRP and OSPF, the passive-interface command prevents neighbor sessions to be established on the selected interface. This stops not only routing updates from being advertised, but it also suppresses incoming routing updates. Note TTL security check needs to be enabled at both ends of the peering session, otherwise BGP sessions will not be established. The following configuration fragment shows how to enable OSPF MD5 neighbor authentication on an IOS router. ! OSPF MD5 authentication interface ip ospf message-digest-key md5 ! router ospf network area area authentication message-digest The following configuration template shows the configuration of EIGRP MD5 neighbor authentication on an IOS router. Note that EIGRP MD5 authentication is enabled on an interface or subinterface, and once configured the router stops processing routing messages received from that interface or subinterface until the peers are also configured for message authentication. This does interrupt routing communications on your network. key chain key 1 key-string ! interface ip authentication mode eigrp md5 ip authentication key-chain eigrp ! router eigrp network ! The following example shows the configuration of BGP MD5 neighbor authentication on an IOS router. Note that once BGP MD5 authentication is enabled for a peer, no peering session will be established until the peer is also configured for message authentication. This interrupts routing communications on your network. router bgp no synchronization bgp log-neighbor-changes network neighbor remote-as neighbor password ! In the following example, all interfaces running EIGRP are configured as passive, while the Serial 0 interface is enabled: router eigrp 10 passive-interface default no passive-interface Serial0 network 10.0.0.02-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Routing Infrastructure Best Practices In Cisco IOS software, the TTL security check can be enabled per peer with the neighbor ttl-security command: router bgp as-number neighbor ip-address ttl-security hops hop-count Control Route Propagation Route filtering is another important tool to secure the routing infrastructure. Most routing protocols allow the configuration of route filters that prevent specific routes from being propagated throughout the network. In terms of security, these filters are useful because they help ensure that only legitimate networks are advertised; and networks that are not supposed to be propagated are never advertised (i.e., networks falling within the private address space (RFC 1918) should not be advertised out to the Internet). Route filtering can be divided in two forms, filtering of routing information exchanged between routing peers and filtering of the routing information exchanged between routing processes in the same router as a result of redistribution. Both forms of route filtering are covered in this chapter. • Implement peer prefix filtering at the edges—Implement inbound filters at the edges to ensure only the expected routes are introduced into the network. Balance between higher control and associated operational burden. Deploy filters at edges where invalid routing information may be most likely introduced from; for example, at the WAN edge. Controlling incoming routing updates at the WAN edge not only mitigates the introduction of bogus routes at the branches, but it also prevents a dual access branch from becoming a transit network. • If route redistribution is required, enforce redistribution filters to strictly control which routes are advertised. Implementing route redistribution filters helps contain the effects of the potential injection of invalid routes, prevents loops, and helps maintain network stability. • Enforce route filters at stub routers—Branches and remote locations with stub networks, enforce route filters to prevent the propagation of invalid routing information. • Neighbor logging—Enable the logging of status changes of neighbor sessions on all routers. The following example illustrates the use of inbound filters at the WAN edge: ! Incoming route filter applied at the WAN edge and that only allows the branch subnet. ! router eigrp network distribute-list 39 in ! access-list 39 permit If using EIGRP, use the eigrp stub connected command to ensure propagation of directly connected networks only: router eigrp network eigrp stub connected If using other protocols, use outbound filters: ! Outbound route filter applied at the branch router. !2-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Routing Infrastructure Best Practices router ospf distribute-list 33 out ! access-list 33 permit The following example illustrates the use of route-map with the redistribute command. In this example, routes are being redistribute between EIGRP and RIP. Route map rip-to-eigrp prevents the import of network 10.0.0.0/8 into EIGRP. Likewise, route map eigrp-to-rip prevents the import of network 20.0.0.0/8 into RIP. route-map rip-to-eigrp deny 10 match ip address 1 route-map rip-to-eigrp permit 20 ! route-map eigrp-to-rip deny 10 match ip address 2 route-map eigrp-to-rip permit 20 ! router eigrp 100 network 10.0.0.0 redistribute rip route-map rip-to-eigrp ! router rip network 20.0.0.0 redistribute eigrp 1 route-map eigrp-to-rip ! access-list 1 permit 10.0.0.0 0.255.255.255 access-list 2 permit 20.0.0.0 0.255.255.255 Logging of Status Changes Frequent neighbor status changes (up or down) and resets are common symptoms of network connectivity and network stability problems that should be investigated. These symptoms may also indicate ongoing attacks against the routing infrastructure. Logging the status changes of neighbor sessions is a good practice that helps identify such problems and that facilitates troubleshooting. In most routing protocols, status change message logging is enabled by default. When enabled, every time a router session goes down, up, or experiences a reset, the router generates a log message. If syslog is enabled, the message is forwarded to the syslog server; otherwise is kept in the router’s internal buffer. Status change message logging is disabled by default in BGP; to enable it, use the bgp log-neighbor-changes router command. By default, EIGRP and OSPF log status changes. If disabled, it can be enabled with use the eigrp log-neighbor-changes router command for EIGRP and the log-adjacency-changes router command for OSPF. The following example logs neighbor changes for BGP in router configuration mode: router bgp 10 bgp log-neighbor-changes2-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Device Resiliency and Survivability Best Practices Device Resiliency and Survivability Best Practices Routers and switches may be subject to attacks designed to or that indirectly affect the network availability. Possible attacks include DoS based on unauthorized and authorized protocols, Distributed DoS, flood attacks, reconnaissance, unauthorized access, and more. This section presents the following collection of best practices destined to preserve the resiliency and survivability of routers and switches, helping the network maintain availability even during the execution of an attack: • Disable unnecessary services • Infrastructure protection ACLs • Control plane policing (CoPP) • Port security • Redundancy Disable Unnecessary Services To facilitate deployment, Cisco routers and switches come out of the box with a list of services turned on that are considered appropriate for most network environments. However, since not all networks have the same requirements, some of these services may not be needed and therefore can be disabled. Disabling these unnecessary services has two benefits: it helps preserve system resources and eliminates the potential of security exploits on the disabled services. Note As an alternative, the Cisco IOS software provides the AutoSecure CLI command that helps disable these unnecessary services, while enabling other security services. Note Before disabling a service, ensure the service is not needed. The following are some general best practices: • Identify open ports—Use the show control-plane host open-ports command to see what UDP/TCP ports the router is listening to and determine which services need to be disabled. • Global services disabled by default—Unless explicitly needed, ensure finger, identification (identd), and TCP and UPD small servers remain disabled on all routers and switches. • Global services enabled by default—Unless explicitly needed, BOOTP, IP source routing, and PAD services should be disabled globally on all routers. • IP directed broadcast—Ensure directed broadcasts remain disabled on all interfaces. • When to disable CDP—Disable CDP on interfaces where the service may represent a risk; for example, on external interfaces such as those at the Internet edge, and data-only ports at the campus and branch access. • Access and externally facing ports—Unless required, disable MOP, IP redirects, and Proxy ARP on all access and externally-facing interfaces. This typically includes access lines at campuses and branches, and externally-facing ports such those at the Internet edge. The following is an example of the show control-plane host open-ports command: cr18-7200-3#show control-plane host open-ports Active internet connections (servers and established)2-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Device Resiliency and Survivability Best Practices Prot Local Address Foreign Address Service State tcp *:22 *:0 SSH-Server LISTEN tcp *:23 *:0 Telnet LISTEN tcp *:63771 172.26.150.206:49 IOS host service ESTABLIS udp *:49 172.26.150.206:0 TACACS service LISTEN udp *:67 *:0 DHCPD Receive LISTEN cr18-7200-3# Note The show control-plane host open-ports command was introduced in the Cisco IOS Release 12.3(4)T. For earlier versions, use the show ip sockets command to identify open UDP ports, and the show tcp brief all and show tcp tcb commands to see open TCP ports. For more information, refer to Chapter 5, “Network Telemetry,” of the Network Security Baseline document at the following URL: https://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Security/sec_chap5.html#w p1057909. ! Global Services disabled by default no ip finger no ip identd no service tcp-small-servers no service udp-small-servers ! ! Disable BOOTP, IP Source Routing and PAD global services no ip source-route no ip bootp server no service pad ! Disable IP directed broadcasts on all interfaces interface no ip directed-broadcast To ensure CDP is disabled on an interface, either use the show cdp interface command or check if the interface configuration contains the no cdp enable command. In the following example, CDP has been left enable on interface FastEthernet 2/1, and it was explicitly disabled on FastEthernet 2/0: Router#show cdp interface FastEthernet 2/1 FastEthernet2/1 is up, line protocol is up Encapsulation ARPA Sending CDP packets every 60 seconds Holdtime is 180 seconds Routershow cdp interface FastEthernet 2/0 Router# Router #sh run int fastEthernet 2/0 Building configuration... Current configuration : 163 bytes ! interface FastEthernet2/0 ip address 198.133.219.5 255.255.255.0 no cdp enable end ! Disable MOP, IP Redirects, interface no mop enabled no ip redirects2-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Device Resiliency and Survivability Best Practices no ip proxy-arp Infrastructure Protection ACLs (iACLs) Infrastructure protection access control lists (iACLs) is an access control technique that shields the network infrastructure from internal and external attacks. The iACLs is a technique based on extended ACLs developed initially by Internet service providers (ISPs) to protect their network infrastructures, but that uses concepts that can be leveraged by enterprises as well In a nutshell, iACLs are extended ACLs designed to explicitly permit authorized control and management traffic bound to the infrastructure equipment such as routers and switches, while denying any other traffic directed to the infrastructure address space. For example, an iACL deployed at an ISP peering edge is configured to explicitly permit BGP sessions from known peers, while denying any other traffic destined to the ISP’s peering router as well as to the rest of the infrastructure address space. iACLs are most useful when deployed at the network edges, where the infrastructure becomes accessible to internal or external users; and at administrative borders, where equipment or links under different administration meet. In an enterprise, iACLs may be deployed at the many network edges: • WAN edge—Protecting the core infrastructure from possible threats coming from remote branch offices and partner locations. • Campus/Branch access—Protecting the infrastructure from possible attacks originated from the LANs. • Internet edge— Edge filters may be designed to function as an iACL to shield the infrastructure from external threats. While there is a common structure for building iACLs, the actual ACL entries will vary dramatically depending the environment. An iACL built without the proper understanding of the protocols and the devices involved may end up being ineffective and may even result in a self-inflecting DoS condition. For this reason, the best approach to building an iACL is to start with a discovery ACL to identify the traffic patterns and not to control access. The iACL should only be enforced once the protocols and ports legitimately used by the infrastructure are well understood. It is also recommended to start with a relaxed iACL first, and then adjust the entries to make it more granular as the effects of the iACL are monitored. Chapter 4 of the Network Security Baseline describes the iACL structure and recommended methodology. Chapter 8 of this document provides a practical example of building an iACL from a discovery ACL. http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Security/securebasebook.ht ml Control Plane Policing (CoPP) Control Plane Policing (CoPP) is a security infrastructure feature that protects the control plane of routers and switches by enforcing QoS policies that regulate the traffic processed by the main system CPU (route or switch processor). With CoPP, these QoS policies are configured to permit, block, or rate-limit the packets handled by the main CPU. This helps protects the control plane of routers and switches from a range of attacks, including reconnaissance and direct DoS. CoPP uses the modular QoS command-line interface (MQC) for its policy configuration. MQC allows the separation of traffic into classes, and allows the user to define and apply distinct QoS policies to each class. The QoS policies can be configured to permit all packets, drop all packets, or drop only those packets exceeding a specific rate-limit.2-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Device Resiliency and Survivability Best Practices CoPP is available on a wide range of Cisco platforms, which all deliver the same basic functionality. However, CoPP has been enhanced on some platforms to use the benefits of the particular hardware architectures. As a result, some platforms provide advanced forms of CoPP. Non-distributed platforms implement a centralized software-based CoPP model, while some distributed platforms provide enhanced versions of CoPP: distributed and hardware-based. In addition, as a result of the hardware differences, CoPP protocol support may vary depending on the platform. Similarly to iACLs, while there is a common structure for configuring CoPP classes, the actual traffic classes and policers will vary dramatically depending the environment. Implementing CoPP without the proper understanding of the protocols and the devices involved may end up being ineffective and may even result in a self-inflecting DoS condition. For this reason the best approach to COPP is to start with a discovery ACL to identify the traffic classes. CoPP policies should only be enforced once the protocols and ports legitimately used by the infrastructure are well understood. It is also recommended to start by not enforcing any rate limits to each one of the traffic classes, and to configure them gradually as the effects of CoPP are monitored. Chapter 4 of the Network Security Baseline describes the CoPP structure and recommended methodology. http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Security/securebasebook.ht ml Port Security An attacker can mount a DoS attack against infrastructure devices by using MAC flooding to cause MAC address table exhaustion, as well as other Layer-2 Content Addressable Memory (CAM) overflow attacks. This type of attack can be addressed with a Cisco feature called Port Security. Port Security helps mitigate MAC flooding and other Layer-2 CAM overflow attacks by restricting the MAC addresses that are allowed to send traffic on a particular port. Once Port Security is enabled on a port, only packets with a permitted source MAC address are allowed to pass through the port. A permitted MAC address is referred to as a secure MAC address. Port Security builds a list of secure MAC addresses in one of two ways, configurable on a per-interface basis: • Dynamic learning of MAC addresses—Defines a maximum number of MAC addresses that will be learnt and permitted on a port. Useful for dynamic environments, such as at the access edge. • Static configuration of MAC addresses—Defines the static MAC addresses permitted on a port. Useful for static environments, such as a serverfarm, a lobby, or a Demilitarized Network (DMZ). Typical deployment scenarios consist of the following: • A dynamic environment, such as an access edge, where a port may have Port Security-enabled with the maximum number of MAC addresses set to one, enabling only one MAC address to be dynamically learnt at any one time, and a protect response action. • A static, controlled environment, such as a serverfarm or a lobby, where a port may have Port Security enabled with the server or lobby client MAC address statically defined and the more severe response action of shutdown. • A Voice-over-IP (VoIP) deployment, where a port may have Port Security enabled with the maximum number of MAC addresses defined as three. One MAC address is required for the workstation, and depending on the switch hardware and software one or two MAC addresses may be required for the phone. In addition, it is generally recommended that the security violation action be set to restrict so that the port is not entirely taken down when a violation occurs.2-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices In Cisco IOS, Port Security can be enabled on an interface using the switchport port-security command. The example below shows dynamic Port Security, restricted to two MAC addresses, being applied to an interface with a security violation mode of restrict, such as may be deployed on a VoIP-enabled port. interface gigabitethernet0/1 switchport port-security maximum 3 switchport port-security violation restrict switchport port-security switchport port-security aging time 2 switchport port-security aging type inactivity The following example illustrates how a port can be restricted for use by only one specific host, with the defined MAC address, such as may be employed in a lobby environment. interface gigabitethernet0/2 switchport port-security maximum 1 switchport port-security mac-address 1000.2000.3000 switchport port-security violation restrict switchport port-security Redundancy Networks are built out of numerous hardware and software components that may fail or that may be subject to attacks. Implementing redundant designs helps eliminate single points-of-failure, improving the availability of the network and making it more resistant to attacks. There are different ways one can implement redundancy, from deploying simple backup interfaces up to building complete redundant topologies. Certainly, making every single component redundant is costly; therefore, design redundancy where most needed and according to the unique requirements of your network. Cisco SAFE design blue prints are built with a wide range of options for redundancy: • Backup and redundant interfaces • Element redundancy—Use of redundant processors and modules. • Standby devices—Active-standby and active-active failover, first the redundancy protocols such as HSRP, VRRP, and GLBP. • Topological redundancy—Designs built with redundant paths at both network and data-link layers. Network Telemetry Best Practices In order to operate and ensure availability of a network, it is critical to have visibility and awareness into what is occurring on the network at any given time. Network telemetry offers extensive and useful detection capabilities that can be coupled with dedicated analysis systems to collect, trend, and correlate observed activity. Baseline network telemetry is both inexpensive and relatively simple to implement. This section highlights the baseline forms of telemetry recommended for network infrastructure devices, including the following: • Time synchronization • Local device traffic statistics • System status information2-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices • CDP best common practices • Syslog • SNMP • ACL logging • Accounting • Archive configuration change logger • Packet capture More information on network telemetry and the critical role it plays in security can be found in the whitepaper How to Build a Cisco Security Operations Center. This whitepaper provides an overview of the principles behind security operations, along with guidance on how to build a security operations center. The whitepaper is available at the following URL: http://www.cisco.com/en/US/solutions/collateral/ns341/ns524/ns546/ns310/net_implementation_white _paper0900aecd80598c16.html Time Synchronization (NTP) Time synchronizations is critical for event analysis and correlation, thus enabling NTP on all infrastructure components is a fundamental requirement. When implementing NTP, considered the following best common practices: • Prefer a hierarchical NTP design versus a flat design. Hierarchical designs are preferred because they are highly stable, scalable, and provide most consistency. A good way to design a hierarchical NTP network is by following the same structure as the routing architecture in place. • Use a common, single time zone across the entire infrastructure to facilitate the analysis and correlation of events. • Control which clients and peers can talk to an NTP server, and enable NTP authentication. NTP Design for Remote Offices Branch offices are typically aggregated at one or more WAN edge routers that can be leveraged in the NTP design. At the headquarters, there is likely an internal time servers at a secured segment. Unless there is an in-house atomic or GPS-based clock, these internal time servers will be synchronized with external time sources. Following the routing design, the WAN edge routers may be configured as time servers with a client/server relationship with the internal time servers, and the branch routers may be configured as clients (non-time servers) with a client/server relationship with the WAN edge routers. This design is depicted in Figure 2-1.2-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices Figure 2-1 NTP Design for the WAN Edge and Remote Offices NTP Design at the Headquarters At the headquarters or main office, an existing OOB management network can be used. Transporting NTP over the OOB network flattens and simplifies the design. In this scenario, all routers and switches may be configured as clients (non-time servers) with a client/server relationship with the internal time servers located at a secured segment. These internal time servers are synchronized with external time sources. This design is illustrated in Figure 2-2. Figure 2-2 NTP Design Leveraging an OOB Management Network The following configuration fragments illustrate the configuration of NTP client: ! Enables timestamp information for debug messages service timestamps debug datetime localtime show-timezone msec ! ! Enables timestamp information for log messages service timestamps log datetime localtime show-timezone msec ! ! Sets the network-wide zone to GMT External Time Source NTP Server OOB Branch Routers NTP Clients Edge Routers NTP Servers with Redundancy 226660 IDS/IPS Routers Firewall NTP Server Switches NTP Clients External Time Source 2266612-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices clock timezone GMT 0 ! ! To periodically update the hardware clock, if present ntp update-calendar ! ! Sets source IP address ntp source ! ! Defines servers ntp server ntp server ! ! Enables authentication ntp authentication-key 10 md5 ntp trusted-key 10 ntp authenticate The following configuration fragments illustrate the configuration of NTP server: ! Enables timestamp information for debug messages service timestamps debug datetime localtime show-timezone msec ! ! Enables timestamp information for log messages service timestamps log datetime localtime show-timezone msec ! ! Sets the network-wide zone to GMT clock timezone GMT 0 ! ! To periodically update the hardware clock, if present ntp update-calendar ! ! Sets source IP address ntp source ! !Restrict the IP addresses of the servers and peers this server will communicate with. access-list remark ACL for NTP Servers and Peers access-list permit ! ntp access-group peer ! ! Restrict the IP addresses of the clients that can communicate with this server. access-list remark ACL for NTP Client access-list permit access-list deny any log ! ntp access-group serve-only ! ! Enables authentication ntp authentication-key 10 md5 ntp trusted-key 10 ntp authenticate ! ! Defines server and peer ntp server ntp peer For more information on NTP design best practices, refer to Network Time Protocol: Best Practices White Paper http://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a0080117070.shtml2-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices Local Device Traffic Statistics Local device statistics are the most basic and ubiquitous form of telemetry available. They provide baseline information such as per-interface throughput and bandwidth statistics, enabled features and global per-protocol traffic statistics. In Cisco IOS, this information is accessed from the CLI. The format of a command output, as well as the command itself and its options, vary by platform. It is important to review and understand these differences. The most commonly used commands can be aliased to enable greater operational ease of use. Per-Interface Statistics In Cisco IOS, per-interface statistics are available, which include throughput (pps) and bandwidth (bps) information. Per-interface statistics can be accessed with the show interface command. Cisco IOS routers are set by default to use a 5-minute decaying average for interface statistics. Setting the decaying average to one-minute provides more granular statistics. The length of time for which data is used to compute load statistics can be changed by using the load-interval interface configuration command. interface load-interval 60 The Cisco IOS pipe command and its parsing options may also be used to target specific information in the interface output. For example, to quickly view the one-minute input and output rates on an interface: Router#show interface | include 1 minute 1 minute input rate 54307000 bits/sec, 17637 packets/sec 1 minute output rate 119223000 bits/sec, 23936 packets/sec Note High input or output rates over a period of a minute or so can be very helpful in detecting anomalous behavior. Clearing the interface counters is often necessary to see what is occurring in a particular instance. However, ensure useful information is not being discarded prior to doing so. To clear interface counters: Router#clear counters Per-Interface IP Feature Information In Cisco IOS, per-interface feature information provides information about the IP features configured on an interface. In particular, this command is useful to identify the number or name of the ACL being enforced, in order to check the ACL counter hits. Per-interface feature information can be accessed with the show ip interface command: Router#show ip interface The show ip interface command also provides per-interface uRPF dropped packet statistics. The Cisco IOS pipe command and its parsing options can be used to quickly access this information, as shown below. Router#show ip interface | include 1 verification !2-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices Router#show ip interface FastEthernet 2/0| include verification IP verify source reachable-via ANY 794407 verification drops 1874428129 suppressed verification drops Global IP Traffic Statistics In Cisco IOS, global IP statistics provide a lot of useful information, including per-protocol counts for ICMP, TCP, UDP, and multicast traffic. Global IP traffic statistics can be accessed with the show ip traffic command. This command is very useful for general troubleshooting, as well as for detecting anomalies. Router#show ip traffic The show ip traffic command also provides global uRPF dropped packet statistics. The Cisco IOS pipe command and its parsing options may be used to quickly access this information, as shown below. Router#show ip traffic | include RPF 0 no route, 124780722 unicast RPF, 0 forced drop System Status Information Memory, CPU and Processes A basic indication of a potential issue on a network infrastructure device is high CPU. In Cisco IOS, information about CPU utilization over a 5-second, 1-minute, and 5-minute window is available with the command show processes cpu. The Cisco IOS pipe command and its parsing options may be used to exclude information which is not consuming any CPU. Router#show processes cpu | exclude 0.00%__0.00%__0.00% CPU utilization for five seconds: 38%/26%; one minute: 40%; five minutes: 43% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 5 192962596 13452649 14343 0.00% 0.52% 0.44% 0 Check heaps 15 4227662201540855414 274 0.65% 0.50% 0.49% 0 ARP Input 26 2629012683680473726 71 0.24% 0.29% 0.36% 0 Net Background 50 9564564 11374799 840 0.08% 0.07% 0.08% 0 Compute load avg 51 15291660 947844 16133 0.00% 0.03% 0.00% 0 Per-minute Jobs 58 15336356 92241638 166 0.08% 0.02% 0.00% 0 esw_vlan_stat_pr 67 10760516 506893631 21 0.00% 0.01% 0.00% 0 Spanning Tree 68 31804659682556402094 1244 7.02% 7.04% 7.75% 0 IP Input 69 25488912 65260648 390 0.00% 0.03% 0.00% 0 CDP Protocol 73 16425564 11367610 1444 0.08% 0.02% 0.00% 0 QOS Stats Export 81 12460616 1020497 12210 0.00% 0.02% 0.00% 0 Adj Manager 82 442430400 87286325 5068 0.65% 0.73% 0.74% 0 CEF process 83 68812944 11509863 5978 0.00% 0.09% 0.11% 0 IPC LC Message H 95 54354632 98373054 552 0.16% 0.12% 0.13% 0 DHCPD Receive 96 61891604 58317134 1061 1.47% 0.00% 4.43% 0 Feature Manager High CPU utilization values for the IP input process is a good indicator that traffic ingressing or egressing the device is contributing meaningfully to the CPU load. The amount of process-driven traffic versus interrupt-driven traffic is also important. Understanding the network devices deployed in your network and their normal status is key to establishing a baseline, from which anomalies may be detected.2-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices Memory and CPU Threshold Notifications Cisco IOS offers the ability to send a notification upon CPU and memory thresholds being exceeded: • Memory threshold—Enable memory threshold syslog notification to alert when available free memory falls below recommended levels. A good practice is to set the free memory threshold to a 10 percent of the total memory. Use the show memory command to see the total memory and available free memory. • Enable critical system logging protection—When a router is overloaded by processes, the amount of available memory might fall to levels insufficient for it to issue critical notifications. Reserve a region of 1000 Kilobytes of memory to be used by the router for the issuing of critical notifications. • Enable CPU threshold SNMP trap notification—Increases in CPU load on routers and switches often indicate an event is taking place, therefore enabling the notification of high CPU conditions is always recommended. However, keep in mind that high CPU is not always an indicator of malicious activity, and other sources of information should be considered. The following configuration fragment illustrates the above concepts: Router#show memory Head Total(b) Used(b) Free(b) Lowest(b) Largest(b) Processor 6572AD00 915231348 27009876 888221472 374721396 361583220 I/O C000000 67108864 5856500 61252364 61233808 61232028 … Router# The total system processor memory is 915,231,348 bytes, so the processor threshold is set to 91,523 Kilobytes. The total system I/O memory is 67,108,864 bytes, therefore the threshold is set to 6,710 Kilobytes: memory free low-watermark processor 91523 memory free low-watermark io 6710 memory reserve critical 1000 snmp-server enable traps cpu threshold snmp-server host traps cpu System Logging (Syslog) Syslog provides invaluable operational information, including system status, traffic statistics, and device access information. For this reason, syslog is recommended on all network devices. Follow these practices when enabling syslog: Step 1 Enable timestamps for debugging and logging messages. Adding timestamps to messages facilitates analysis and correlation. Step 2 Enable system message logging to a local buffer. This allows accessing the logging information directly from the router or switch in case of communication failure with the syslog server. It is important to note that local buffers are circular in nature so that newer messages overwrite older messages after the buffer is filled. Step 3 Set the severity level of messages to be logged. Messages at or numerically lower than the specified level are logged. With respect to the severity level, the more information is logged the better; therefore, logging messages of all severity levels would be ideal. However, this may result in an overwhelming volume of messages. A good practice is to enable more detailed logging on critical systems or systems that may more accessible to external or remote users, such as equipment on the Internet and WAN edges, and only log critical alerts for the rest of the infrastructure.2-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Telemetry Best Practices Step 4 Set the source IP address of syslog messages to the address of an administrative loopback interface or OOB interface. Step 5 Disable the logging of messages to the console. This helps keep the console free of messages. ! Enable timestamps for debugging and logging messages. service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone ! ! Enable system message logging to a local buffer. logging buffered ! ! Logging for critical equipment. logging trap informational logging rate-limit 1 except 3 ! ! Logging for non-critical equipment. logging trap critical ! ! Define the syslog servers to be used. logging facility ! ! Set the source IP address of syslog messages. ! logging source-interface SNMP SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. It provides valuable system and event information, therefore it should be enabled throughout the network infrastructure. In case SNMP access is not required, make sure it is disabled. The no snmp-server command disables all running versions of SNMP (SNMPv1, SNMPv2C, and SNMPv3) on the device. When SNMP is required, follow these best practices: Step 1 Restrict what systems can access the SNMP agent running on the router or switch. Be as specific as possible, for instance, only permitting access from the SNMP management stations. Step 2 If using SNMPv3 (recommended), enforce an SNMP view that restricts the download of full IP routing and ARP tables. Step 3 If SNMP v3 is supported, enable only SNMP v3 and with the maximum security level supported by the SNMP managers, using encrypted communication (priv) where feasible. The engine ID of an SNMP v3 SNMP manager is required in order to enable SNMP v3. Step 4 Set the source IP address for SNMP traps to the address used on the administrative loopback interface of OOB interface. The following configuration example is for SNMPv1 restricting access to read-only and from a single SNMP host. For SNMPv3 configuration, refer to the Network Security Baseline. access-list remark ACL for SNMP access to device access-list permit 2-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Network Policy Enforcement Best Practices access-list deny any log snmp-server community RO Network Policy Enforcement Best Practices Baseline network policy enforcement is primarily concerned with ensuring that traffic entering a network conforms to the network policy, including the IP address range and traffic types. Anomalous packets should be discarded as close to the edge of the network as possible, thereby minimizing the risk of exposure. This section highlights the key steps to implementing baseline network policy enforcement, including the following: • Access edge filtering • IP spoofing protection Access Edge Filtering Network Security Baseline is focused on securing the network infrastructure itself, the control and management planes. Access edge filtering in this context is implemented to enforce policy on what traffic is permitted to be directed towards the network infrastructure devices themselves. In Cisco IOS, access edge filtering for control and the data planes is achieved using ACLs developed to protect the infrastructure. These are referred to as infrastructure protection ACLs (iACLs). For details about iACLs, refer to “Infrastructure Protection ACLs (iACLs)” section on page 2-14. IP Spoofing Protection Spoofing protection involves discarding traffic that has an invalid source address. Network security baseline includes source IP spoofing protection based on BCP38/RFC 2827 ingress traffic filtering. Packets with spoofed source IP addresses represent a security risk as they are often used to conduct an attack, in order to evade traceability and bypass access controls. They may also be used to direct an attack at a spoofed source, something known as a reflection attack. Spoofed traffic with an invalid source IP address may include traffic from either of the following: • RFC1918, DSUA or non-allocated IP address range • Valid IP network address range, but not originating from the associated legitimate network Implementing BCP38/RFC 2827 ingress traffic filtering to address source IP address spoofing renders the use of invalid source IP addresses ineffective, forcing attacks to be initiated from valid, reachable IP addresses. This is beneficial since it enables greater success in tracing the originator of an attack. Cisco offers the following techniques for BCP38 ingress traffic filtering: • Access Control Lists (ACLs) ACLs are the traditional technique for filtering forged source IP addresses. However, ACLs are not dynamic in nature, requiring manual configuration changes, and may have an impact on the performance of a device. It is thus recommended that ACLs are used only in a limited manner, as a complement to uRPF, for strict, static policies, such as filtering RFC 1918, DSUA and non-allocated IP addresses. They may also be used to complement uRPF loose mode for source IP address 2-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Switching Infrastructure Best Practices spoofing protection when uRPF strict mode is not possible. Chapter 6, “Enterprise Internet Edge” and Chapter 7, “Enterprise WAN Edge” provide the guidelines for edge ACLs designed for IP spoofing protection. • uRPF uRPF offers a dynamic technique for enabling BCP38/RFC 2827 ingress traffic filtering, discarding packets with invalid source IP addresses based on a reverse-path look-up. Its dynamic nature provides the key advantages of offering minimal operational overhead and a scalable, timely enforcement technique. In addition, uRPF generally introduces minimal performance impact to a device on which it is enabled. uRPF is typically deployed as an edge technology in order to be most effective, minimizing the valid IP address space range and enforcing the discard of anomalous packets as close to their origin as possible. • IP Source Guard This feature is used in switched environments to prohibit the use of forged MAC and source IP addresses. This feature is deployed on Layer-2 switching devices and is primarily designed for DHCP segments. Hosts with static address may also be supported, though additional operational complexity is introduced by doing so. • DHCP Secured IP Address Assignment and DHCP Authorized ARP These Cisco IOS features are available on routers supported on the T-train and offer similar functionality in a routing environment as IP Source Guard in a switching environment. They are used in routed environments where the local router is also the local DHCP server to prohibit the use of forged MAC and source IP addresses Deploying uRPF at the Internet edge as shown in the following example: ! Configure uRPF strict mode on the internal interfaces interface ip verify unicast source reachable-via rx ! ! Configure uRPF loose mode on Internet facing interfaces interface ip verify unicast source reachable-via any Switching Infrastructure Best Practices Baseline switching security is concerned with ensuring the availability of the Layer-2 switching network. This section highlights the key steps to securing and preserving the switching infrastructure, including the following: • Restrict broadcast domains • Spanning Tree Protocol (STP) security • Port Security • VLAN best common practices2-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Switching Infrastructure Best Practices Restrict Broadcast Domains By definition, LAN switches are responsible for forwarding unknown frames, multicast frames and broadcast frames throughout the LAN segment, forming a broadcast domain. While broadcast domains facilitate Layer-2 connectivity between systems on a LAN segment, designing networks with unnecessarily large broadcast domains has potential drawbacks. First, in large networks, the flooding of unknown, multicast and broadcast frames may degrade performance, even to the point of breaking connectivity. In addition, a broadcast domain defines a failure domain, whereby typically all systems and switches on the same LAN segment suffer during a failure. Therefore, the larger the broadcast domain, the bigger the impact of a failure. Finally, larger broadcast domains increase the chances of security incidents. To avoid the challenges described above, it is a good practice to segment broadcast domains into multiple IP subnets or VLANs using a hierarchical design. The use of hierarchical design principles provides the foundation for implementing scalable and reliable LANs. A hierarchical design like the one proposed in the campus design helps restrict the size of broadcast domains, improving convergence, easing deployments, and reducing the scope of failure domains. This is done by isolating a VLAN to a single wiring closet or single switch. Spanning Tree Protocol Security STP is a link management protocol, defined in the IEEE 802.1D, for bridged networks. STP provides path redundancy while preventing undesirable loops in networks consisting of multiple active paths. STP is a useful protocol but, unfortunately, the existing versions of the protocol were conceived with no security in mind and, as a result, are both vulnerable to several types of attacks. STP does not implement any authentication and encryption to protect the exchange of BPDUs. Because of the lack of authentication, anyone can speak to a STP-enabled device. An attacker could very easily inject bogus BPDUs, triggering a topology recalculation. A forced change to the STP topology could lead to a denial of service condition, or leave the attacker as a man-in-the-middle. In addition, because BPDUs are not encrypted, it is fairly simple to intercept BPDUs in transit, revealing important topology information. STP introduces some security risks but, in topologies where a loop-free design is not possible, STP should be used along with the Cisco features developed to address its risks. Not using STP would result in a loop becoming another attack vector. Cisco IOS offers a number of features that help protect bridged networks using STP against the common attacks. The following are the recommended best practices: • Disable VLAN dynamic trunk negotiation trunking on user ports • Use Per-VLAN Spanning Tree (PVST) • Configure BPDU Guard • Configure STP Root Guard • Disable unused ports and put them into an unused VLAN • Implement Port Security • Enable traffic storm control ! Disable dynamic trunking on all switching access lines interface type slot/port switchport mode access !2-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Switching Infrastructure Best Practices ! Enable BPDU guard on end user ports and other ports not expected to participate in Spanning Tree interface type slot/port spanning-tree portfast spanning-tree bpduguard enable ! ! In some switching platforms interfaces are enabled by default. It is a good practice to disable all unused ports and place them into an unused VLAN interface type slot/port shutdown switchport access vlan Port Security Port Security helps mitigate MAC flooding and other Layer-2 CAM overflow attacks by restricting the MAC addresses that are allowed to send traffic on a particular port. Port Security is covered in more detailed in the “Device Resiliency and Survivability Best Practices” section on page 2-12. VLAN Best Common Practices VLAN hopping is an attack vector which provides a client with unauthorized access to other VLANs on a switch. This type of attack can be easily mitigated by applying the following best common practices: • Always use a dedicated VLAN ID for all trunk ports • Disable all unused ports and put them in an unused VLAN • Do not use VLAN 1 for anything • Configure all user-facing ports as non-trunking (DTP off) • Explicitly configure trunking on infrastructure ports • Use all tagged mode for the native VLAN on trunks • Set the default port status to disable2-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 2 Network Foundation Protection Threats Mitigated in the Infrastructure Threats Mitigated in the Infrastructure Ta b l e 2-1 Infrastructure Threat Mitigation Features Botnets DoS on Infrastructu re DDoS on Infrastru cture Unauthorized Access Intrusions Routing Protocol Attacks L2 Attacks Visibility Control AAA Yes Yes Yes Yes SNMP Authentication Yes Yes Yes Yes SSH Yes Yes Yes Yes Strong Password Policy Yes Yes Yes Session ACLs Yes Yes Yes Yes Yes Yes Router Neighbor Authentication Yes Yes Yes Yes Route Filtering Yes Yes Yes Yes iACL Yes Yes Yes Yes Yes Yes Yes Yes CoPP Yes Yes Yes Yes Yes Yes Yes Yes System and Topological Redundancy Yes Yes Yes Yes Yes YesC H A P T E R 3-1 Cisco SAFE Reference Guide OL-19523-01 3 Enterprise Core The core is the piece of the network infrastructure that glues all the other modules together. The core is a high-speed infrastructure whose objective is to provide a reliable and scalable Layer-2/Layer-3 transport. It routes and switches traffic as fast as possible from one network module to another such as campuses, data center, WAN edge, and Internet edge. The core network is not expected to provide end customer services by itself. Rather, it is a building block used to enable other modules within the network to provide these services to the end devices. External IP traffic is never destined to the core network infrastructure. Generally, the only packets destined to these devices are internal control and management traffic generated by other network elements or management stations within the same administrative domain. Key Threats in the Core The following are some of the threat vectors affecting the enterprise core: • Service disruption—DoS and DDoS attacks on the infrastructure. • Unauthorized access—Intrusions, unauthorized users, escalation of privileges, unauthorized access to restricted infrastructure, and routing protocol attacks. • Data disclosure and modification—Packet sniffing, man-in-the-middle (MITM) attacks of data while in transit. Enterprise Core Design The core module in the SAFE architecture is nearly identical to the core module of any other network architecture. Standard implementation guidelines were followed in accordance with the core, distribution, and access layer deployments commonly seen in well-designed Cisco-based networks. It is implemented with redundant switches that aggregate the connections from the various places in the network (PINs) such as campuses, data centers, WAN edge, and Internet edge as shown in Figure 3-1.3-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 3 Enterprise Core Design Guidelines for the Core Figure 3-1 Enterprise Core Topology Design Guidelines for the Core The primary role of security in the enterprise core module is to protect the core itself, not to apply policy to mitigate transit threats traversing through the core. Such threats should be filtered at the network edge or within other network modules to mitigate transit attack traffic from adversely affecting authorized transit traffic. A well designed network edge security policy will greatly limit the exposure of the network core to attacks. However, human error, misconfiguration, change management, and exception cases dictate that core security mechanisms must be defined and deployed in support of the defense-in-depth principles. These core policies help to mitigate the risk to the core if edge policies are inadvertently bypassed. Effective core security demands the implementation of various security measures in a layered approach and guided under a common strategy. These measures include enabling security at the edge and within the networks connecting to the core and securing the core switches themselves. The core switches are secured following the infrastructure baseline security principles explained in Chapter 2, “Network Foundation Protection.” This includes restricting and controlling administrative device access, securing the routing infrastructure, and protecting the management and control planes. For complete details on implementing and monitoring infrastructure baseline security best practices including configuration examples, refer to Chapter 2, “Network Foundation Protection.” The following summarizes the baseline security best practices specific to securing the enterprise core infrastructure. It lists techniques for securing the control and management planes providing a strong foundation on which more advanced methods and techniques can subsequently be built on. The following are the key areas of the Network Foundation Protection (NFP) baseline security best practices applicable to securing the enterprise core: • Infrastructure device access—Implement dedicated management interfaces to the out-of-band (OOB) management network 1 , limit the accessible ports and restrict the permitted communicators and the permitted methods of access, present legal notification, authenticate and authorize access using AAA, log and account for all access, and protect locally stored sensitive data (such as local passwords) from viewing and copying. • Routing infrastructure—Authenticate routing neighbors, implement route filtering, use default passive interfaces, and log neighbor changes. • Device resiliency and survivability—Disable unnecessary services, filter and rate-limit control-plane traffic, and implement redundancy. Core Campus Data Center WAN Edge Internet Edge 226153 1. For more information on implementing an OOB management network, refer to Chapter 9, “Management.”3-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 3 Enterprise Core Threats Mitigated in the Core • Network telemetry—Implement NTP to synchronize time to the same network clock; maintain device global and interface traffic statistics; maintain system status information (memory, CPU, and process); and log and collect system status, traffic statistics, and device access information. Threats Mitigated in the Core Table 3-1 summarizes the techniques used by the SAFE architecture design to mitigate threats to the enterprise core infrastructure. Ta b l e 3-1 Core Threat Mitigation Features DoS on Infrastructure DDoS on Infrastructure Unauthorized Access Intrusions Routing Protocol Attacks Botnets Visibility Control System and Topological Redundancy Yes Yes Yes Yes Yes Disabling Unneeded Services Yes Yes Yes Yes Yes Yes Strong Password Policy Yes Yes Yes AAA Yes Yes Yes Yes SSH Yes Yes Yes SNMP Authentication Yes Yes Yes Yes Session ACLs Yes Yes Yes Yes Yes Yes Router Neighbor Authentication Yes Yes Yes Yes CoPP Yes Yes Yes Yes Yes Yes Yes NetFlow, Syslog Yes3-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 3 Enterprise Core Threats Mitigated in the CoreC H A P T E R 4-1 Cisco SAFE Reference Guide OL-19523-01 4 Intranet Data Center The Intranet data center houses most of the critical applications and data for the enterprise. Refining the Intranet data center is an act of constant planning. The infrastructure design, power and cooling, cabling, and location must all be carefully thought out. Security is often seen as an add-on service. In reality, security should be considered as part of the core infrastructure requirements. Because a key responsibility of security for the data center is to maintain the availability of services, the ways in which security affects traffic flows, scalability, and failures must be carefully considered. The goal of this chapter is to provide guidelines for integrating security services into Cisco recommended data center architectures. This chapter will focus on three areas of data center security: isolation; policy enforcement; and visibility. These are described briefly in the summaries that follow: • Isolation—Isolation can provide the first layer of security for the data center and server farm. Depending on the goals of the design it can be achieved through the use of firewalls, access lists, VLANs, virtualization, and physical separation. A combination of these can provide the appropriate level of security enforcement to the server farm applications and services. • Policy Enforcement—There is no shortage on the variety of traffic flows, protocols, and ports required to operate within the data center. Traffic flows can be sourced from a variety of locations, including client to server requests, server responses to requests, server originated traffic, and server-to-server traffic. Because of the amount of traffic flows and the variety of sources, policy enforcement in the data center requires a considerable amount of up-front planning. Couple this with a virtualized environment, and the challenges of policy enforcement and visibility become greater. • Visibility—Data centers are becoming very fluid in the way they scale to accommodate new virtual machines and services. Server virtualization and technologies such as VMotion allow new servers to be deployed and to move from one physical location to another with little requirement for manual intervention. When these machines move and traffic patterns change, this can create a challenge for security administrators to maintain visibility and ensure security policy enforcement. The security services described in this document have been integrated into the architecture with these areas in mind. Since security models can differ depending on the business goals of the organization, compliance requirements, the server farm design, and the use of specific features (such as device virtualization), there is no magic blueprint that covers all scenarios. However, the basic principles introduced here for adding security to the data center architecture can hold true for a variety of scenarios. In addition, virtualization is driving change in the way data centers are being architected. Server virtualization is becoming a prevalent tool for consolidation, power savings, and cost reduction. It is also creating new challenges for infrastructure and security teams to be able to provide consistent levels of isolation, monitoring, and policy enforcement—similar to what is available for physical servers and systems today.4-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Device virtualization is providing new design opportunities and options for creating flexible data center architectures. Features that provide control plane and data plane isolation are offering a multitude of design options for device placement, Layer-2 and Layer-3 designs, and service integration. Figure 4-1 illustrates an overview of a typical data center security environment. Figure 4-1 Data Center Security Overview Security for virtualization and virtualized security are not one in the same. Both are key for providing policy enforcement for these new architectures. Both topics are discussed in this chapter with an emphasis placed on design and deployment. Data Center Firewalls Initial filter for DC ingress and egress traffic. Virtual Context used to split policies for server-to-server filtering DC Core Data Center Aggregation Security Services Layer Infrastructure Security Data Center Services Layer Access Layer Virtual Access Layer 226559 VM VM VM VM VM VM L2 Security features are available within the physical server for each VM. Features include ACLs, CISF, Port Security, Netflow ERSPAN, QoS, CoPP, VN Tag ACLs, CISF, Port Security, QoS, CoPP, VN Tag IPS/IDS: provide traffic analysis and forensics Network Analysis: provide traffic monitoring and data analysis Infrastructure Security features are enabled to protect device, traffic plane, and control plane. VDC provides internal/external segmentation XML Gateway: protect and optimize Web-based services Additional Firewall Services for Server Farm specific protection Server Load Balancing masks servers and applications Application Firewall mitigates XSS, HTTP, SQL, XML based attacks4-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Key Threats in the Intranet Data Center Key Threats in the Intranet Data Center Today’s security administrators do not have easy jobs. Threats facing today IT security administrators have grown from the relatively trivial attempts to wreak havoc on networks into sophisticated attacks aimed at profit and the theft of sensitive corporate data. Implementation of robust data center security capabilities to safeguard sensitive mission-critical applications and data is a cornerstone in the effort to secure enterprise networks. The Intranet data center is primarily inward facing and most clients are on the internal enterprise network. The Intranet data center is still subject to external threats, but must also be guarded against threat sources inside of the network perimeter. Attack vectors have moved higher in the stack to subvert network protection and aim directly at applications. HTTP-, XML-, and SQL-based attacks are useful efforts for most attackers because these protocols are usually allowed to flow through the enterprise network and enter the intranet data center. The following are some of the threat vectors affecting the Intranet data center: • Unauthorized access • Interruption of service • Data loss • Data modification Unauthorized access can include unauthorized device access and unauthorized data access. Interruption of service, data loss, and data modification can be the result of targeted attacks. A single threat can target one or more of these areas. Specific threats can include the following: privilege escalation; malware; spyware; botnets; denial-of-service (DoS); traversal attacks (including directory, URL); cross-site scripting attacks; SQL attacks; malformed packets; viruses; worms; and, man-in-the-middle. Data Center Design The architectures discussed in this document are based on the Cisco data center design best practice principles. This multi-layered data center architecture is comprised of the following key components: core, aggregation, services, and access. This architecture allows for data center modules to be added as the demand and load increases. The data center core provides a Layer-3 routing module for all traffic in and out of the data center. The aggregation layer serves as the Layer-3 and Layer-2 boundary for the data center infrastructure. In these design, the aggregation layer also serves as the connection point for the primary data center firewalls. Services such as server load balancers, intrusion prevention systems, application-based firewalls, network analysis modules, and additional firewall services are deployed at the services layer. The data center access layer serves as a connection point for the serverfarm. The virtual-access layer refers to the virtual network that resides in the physical servers when configured for virtualization. A visual overview of this topology is provided in Figure 4-2.4-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Core Figure 4-2 Solution Topology This chapter provides information on the integration of security services within the data center infrastructure. The Layer-2 and Layer-3 infrastructure details are highlighted from a security connection and traffic flow standpoint, but are not be covered in great depth in this document. There are several Cisco Validated Design (CVD) guides that offer a great amount of detail on the underlying data center infrastructure. For more information on the integration of services with a Cisco Nexus 7000, refer to Implementing Nexus 7000 in the Data Center Aggregation Layer with Services at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/nx_7000_dc.html For more information on the integration of dedicated services switches, refer to Data Center Service Integration: Service Chassis Design Guide at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/dc_servchas/service-chassis_ design.html Data Center Core The data center core module provides Layer-3 connectivity between the data center and the campus network. The core is a centralized Layer-3 routing module in which one or more data center aggregation layers connect. This usually serves as the initial entry point from the campus network into the data center infrastructure. Catalyst 6500 Catalyst 6500 Nexus 7000 ASA 5580 Core Aggregation Layer Layer Services Layer ASA 5580 Nexus 7000 Catalyst 6500 Catalyst 4900s Catalyst 6500 VSS Catalyst 3100 VBS Catalyst 6500s Nexus 5000s ACE WAF IDS/IPS IDS/IPS ACE Module ACE Module 226530 Access Layer4-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Core IP Routing Design and Recommendations Routing adjacencies from the core are formed to the campus core and the data center aggregation switches. In this design, the data center core is configured for Enhanced Interior Gateway Routing Protocol (EIGRP) to communicate with the campus core and the network with Open Shortest Path First (OSPF) to communicate with the data center. The core routers are redistributing EIGRP and OSPF. Figure 4-3 illustrates an example data center core routing design. Figure 4-3 Data Center Core Routing Design Routing is critical for the enterprise network and for access to data center services. Routing can be compromised either intentionally or unintentionally in several ways. Incorrect neighbor peering leads to an injection of incorrect routes; this could also lead to routing loops and denial-of-service for the data center. To prevent this problem there are several measures that should be incorporated as part of the data center routing design. These measure include the following: • Route peer authentication • Route filtering • Log neighbor changes Authenticating peers before establishing a routing adjacency will help prevent incorrect neighbor peering that could lead to routing loops, routing manipulation, and service interruption. It is important to also correctly filter routes. It might not always be desirable to have all routes populated on all data center devices. In the example illustrated in Figure 4-3, the Not-So-Stubby Area (NSSA) area is being used to limit the amount of routes being propagated inside the data center. It is also important to properly filter routes when performing any routing redistribution. This means properly setting metrics and Po99 10.8.162.3/24 10.8.152.3/24 10.8.0.x/24 .1 .1 .2 .2 10.8.1.x/24 10.8.2.x/24 RID:8.8.8.1 RID:8.8.8.2 RID:3.3.3.1 RID:3.3.3.2 10.8.162.2/24 10.8.152.2/24 OSPF Area 0 N7k1-VDC1 Data Center Core1 Data Center Core2 N7k2-VDC1 .1 .2 10.8.3.x/24 .24 .26 .25 .27 10.242.10.x/31 10.242.10.x/31 EIGRP 1 Campus Core1 Campus Core2 (SVI 3) (SVI 3) 226560 .1 .24-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Aggregation Layer filtering specific routes from being forwarded during the redistribution between two routing protocols; this prevents routing loops from occurring. If not filtered correctly, routes being exchanged between protocols with different administrative distances and metrics can cause the route to be repeatedly redistributed and re-advertised via each protocol. Logging all neighbor changes provides visibility into the occurrence of peering problems and alerts administrators to possible issues. The following output provides an example of the authentication configurations being for both EIGRP and OSPF. Enhanced IGRP Interface Configuration ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 eigrp-chain logging event link-status OSPF Global Configuration router ospf 8 area 0 authentication message-digest passive-interface default Interface X/X ip ospf authentication message-digest ip ospf authentication-key 3 9125d59c18a9b015 logging event link-status For more information on secure routing, refer to the Network Security Baseline document located at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Security/securebaseboo k.html Data Center Aggregation Layer The aggregation switches used in this design are a pair of Cisco Nexus 7000 Series switches. They serve as a high performance 10-Gigabit aggregation point for data center traffic and services. The Cisco Nexus 7000 introduces the concept of Virtual Device Context (VDC). The VDC feature allows for the virtualization of the control plane, data plane, and management plane of the Cisco Nexus 7000. From a security standpoint this virtualization capability can provide an enhanced security model. Because the VDCs are logically separate devices, each can have different access, data, and management policies defined. Note In-depth details on VDCs and how they fit into the overall data center design can be found in the data center best practice guides For more information on the integration of services with a Cisco Nexus 7000 refer to Implementing Nexus 7000 in the Data Center Aggregation Layer with Services at http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/nx_7000_dc.html This chapter focuses on the integration of VDCs and security services. The design described in this chapter includes a single pair of data center aggregation switches divided into four separate logical switches. Two VDCs have been created in each Cisco Nexus 7000—VDC1 and VDC2. This provides an inside and outside isolation point at the data center aggregation layer. The outside VDC provides Layer-3 connectivity to the data center core. The inside VDC provides Layer-2 4-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Aggregation Layer connectivity to the data center services and serverfarm. In order for traffic to flow from the outside VDC to the inside VDC, the traffic must either be routed or bridged through an external device. In this design, traffic forwarding between VDC1 and VDC2 is performed by external firewalls. IP Routing Design and Recommendations The IP routing design provides isolation. The outside VDC is a member of OSPF Area 0 and is a neighbor of the data center core routers. This allows routes to propagate in and out of the data center and to the rest of the enterprise network. The inside VDC is configured as a NSSA area in OSPF. The inside VDC only receives a default route from the outside. This prevents the entire routing table from propagating farther into the data center. Figure 4-4 illustrates an example routing design based on these principles. Figure 4-4 Routing Topology The following command listing illustrates the Cisco Nexus 7000 VDC1 OSPF configuration. VLAN 161 is carried to the outside interface of the Cisco ASA firewall. The following shows the Nexus 7000 VDC1 OSPF configuration. VLAN 161 is carried to the outside interface of the Cisco ASA firewall. interface Vlan161 no shutdown ip address 10.8.162.3/24 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 3 b2255cb5a7107f1b ip router ospf 8 area 0.0.0.81 ACE2 ASA2 ASA2 ASA1 Po99 Po99 10.8.152.5 10.8.152.6 10.8.162.3/24 10.8.152.3/24 10.8.0.x/24 .1 .2 .1 .1 .2 .2 10.8.1.x/24 10.8.2.x/24 RID:8.8.8.1 RID:8.8.8.2 RID:3.3.3.1 RID:3.3.3.2 10.8.162.2/24 10.8.152.2/24 OSPF NSSA Area 81 OSPF Area 0 ASA1 ACE1 SS1 N7k1-VDC2 N7k2-VDC2 SS2 N7k1-VDC1 Cat6k Cat6k N7k2-VDC1 VRF1 VRF2 VRF2 VRF1 10.8.162.5 10.8.162.6 .1 .2 (SVI 3) 10.8.3.x/24 (SVI 3) RID:4.4.4.1 RID:5.5.5.1 RID:4.4.4.2 RID:5.5.5.2 226531 VLAN 161 VLAN 162 VLAN 164 VLAN 162 151 1524-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Aggregation Layer ip pim sparse-mode ip igmp version 3 hsrp 1 authentication text c1sc0 preempt delay minimum 180 priority 20 forwarding-threshold lower 0 upper 0 timers 1 3 ip 10.8.162.1 The following is the routing configuration on Nexus 7000 VDC1: router ospf 8 router-id 3.3.3.1 area 81 nssa default-information originate area 0.0.0.0 range 10.8.0.0/24 area 0.0.0.0 range 10.8.1.0/24 area 0.0.0.0 range 10.8.2.0/24 area 0.0.0.0 range 10.8.3.0/24 area 0.0.0.81 range 10.8.128.0/18 area 0.0.0.0 authentication message-digest area 0.0.0.81 authentication message-digest timers throttle spf 10 100 5000 timers throttle lsa router 1000 timers throttle lsa network 1000 auto-cost reference-bandwidth 10000 The following shows the Cisco Nexus 7000 VDC2 OSPF configuration. VLAN 164 is resides between the services switch and VDC2 on the Nexus 7000. Two virtual routing and forwarding (VRF) instances have been created and serve as default gateways for the server farm subnets. interface Vlan164 no shutdown vrf member servers1 ip address 10.8.162.5/24 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 3 b2255cb5a7107f1b ip router ospf 8 area 0.0.0.81 ip pim sparse-mode ip igmp version 3 hsrp 2 authentication text c1sc0 preempt delay minimum 180 priority 20 forwarding-threshold lower 0 upper 0 timers 1 3 ip 10.8.162.7 router ospf 8 vrf servers1 router-id 4.4.4.1 area 81 nssa area 0.0.0.81 authentication message-digest timers throttle spf 10 100 5000 timers throttle lsa router 1000 timers throttle lsa network 1000 vrf servers2 router-id 5.5.5.1 area 81 nssa area 0.0.0.81 authentication message-digest timers throttle spf 10 100 5000 timers throttle lsa router 1000 timers throttle lsa network 10004-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Aggregation Layer The following output from the show ip route command on the Cisco Nexus 7000 VDC2 shows the default route from VDC1 and routes to several virtual machines advertised from VLANs 3000 and 3001. dca-n7k1-vdc2# sh ip route IP Route Table for VRF "default" '*' denotes best ucast next-hop '**' denotes best mcast next-hop '[x/y]' denotes [preference/metric] 0.0.0.0/32, 1 ucast next-hops, 0 mcast next-hops *via Null0, [220/0], 4w2d, local, discard 10.8.3.0/24, 1 ucast next-hops, 0 mcast next-hops, attached *via 10.8.3.3, Vlan3000, [0/0], 2w4d, direct 10.8.3.0/32, 1 ucast next-hops, 0 mcast next-hops, attached *via 10.8.3.0, Null0, [0/0], 2w4d, local ! <...> Just as with the data center core, protective measures should be incorporated as part of the data center aggregation layer routing design. These action include the following: • Route peer authentication • Route filtering • Log neighbor changes Aggregation Layer and Firewalls Leveraging Device Virtualization to Integrate Security The aggregation layer provides an excellent filtering point and first layer of protection for the data center. This layer provides a building block for deploying firewall services for ingress and egress filtering. The Layer-2 and Layer-3 recommendations for the aggregation layer also provide symmetric traffic patterns to support stateful packet filtering. Because of the performance requirements, this design uses a pair of Cisco ASA 5580 firewalls connected directly to the aggregation switches. The Cisco ASA5580's meet the high performance data center firewall requirements by providing 10-Gbps of stateful packet filtering. In this design, the Cisco ASA firewalls are configured in transparent mode. This means the firewalls are configured in a Layer-2 mode and will bridge traffic between interfaces. The Cisco ASA firewalls have been configured for multiple contexts using the virtual context feature. This virtualization feature allows the firewall to be divided into multiple logical firewalls each supporting different interfaces and policies. The firewalls are configured in an active-active design. This design allows load sharing across the infrastructure based on the active Layer-2 and Layer-3 traffic paths. Each firewall has been configured for two virtual contexts. Virtual context 1 is active on the ASA 1 and virtual context 2 is active on ASA 2. This corresponds to the active Layer-2 spanning tree path and the Layer-3 Hot Standby Routing Protocol (HSRP) configuration. An example of each firewall connection is shown in Figure 4-5.4-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Aggregation Layer Figure 4-5 Cisco ASA Virtual Contexts and Cisco Nexus 7000 Virtual Device Contexts Virtual Context Details The contexts on the firewall provide different forwarding paths and policy enforcement depending on the traffic type and destination. Incoming traffic that is destined for the data center services layer (ACE, WAF, IPS, and so on) is forwarded from VDC1 on the Cisco Nexus 7000 to virtual context 1 on the Cisco ASA over VLAN 161. The inside interface of virtual context 1 is configured on VLAN 162. The Cisco ASA filters the incoming traffic and then in this case bridges the traffic to the inside interface on VLAN 162. VLAN 162 is carried to the services switch where traffic has additional services applied. The same applies to virtual context 2 on VLANs 151 and 152. This context is active on ASA 2. The output below shows each context configuration and the current failover state. The contexts are created under the system management context and the interface pairings are assigned. context dca-vc1 allocate-interface Management0/0.1 allocate-interface TenGigabitEthernet5/0.161 outside allocate-interface TenGigabitEthernet5/1.162 inside config-url disk0:/dca-vc1.cfg join-failover-group 1 context dca-vc2 allocate-interface Management0/0.2 allocate-interface TenGigabitEthernet7/0.151 outside allocate-interface TenGigabitEthernet7/1.152 inside config-url disk0:/t join-failover-group 2 The configuration can also been seen by logging into the Cisco Adaptive Security Device Manager (ASDM) management GUI. See Figure 4-6. Po99 Po99 226561 ASA1 10.8.152.5 161 162 151 152 10.8.152.3 10.8.162.3 ASA2 VRF1 SVI-161 SVI-151 VRF2 10.8.152.6 10.8.152.2 10.8.162.2 N7k2-VDC2 N7k2-VDC1 VRF1 SVI-161 SVI-151 VRF2 hsrp.7 hsrp.1 hsrp.7 ASA2 ASA2 N7k1-VDC2 N7k1-VDC1 10.8.162.5 10.8.162.6 hsrp.14-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Aggregation Layer Figure 4-6 Cisco ASDM Screenshot of Virtual Contexts Note There are three virtual device contexts shown in the Cisco ASDM output. The third context (dca-vc3) is described in the “Virtual Context on ASA for ORACLE DB Protection” section on page 4-34. To view the command line configuration, log into the ASA and issue the changeto command to view each device context. The following is an overview of the dynamic content adapter (DCA)-VC1 virtual context interface configuration: firewall transparent hostname dca-vc1 enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted names ! interface Management0/0.1 mac-address 00a0.c900.0102 nameif management security-level 100 ip address 172.26.146.x 255.255.254.0 management-only ! interface outside nameif north security-level 100 ! interface inside nameif south security-level 0 ! Issue the changeto command to view another context. The following is an overview of the DCA-VC2 virtual context interface configuration: firewall transparent hostname dca-vc2 enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU encrypted4-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Data Center Aggregation Layer names ! interface Management0/0.2 nameif management security-level 100 ip address 172.26.146.x 255.255.254.0 management-only ! interface outside nameif north security-level 100 ! interface inside nameif south security-level 0 The following show failover command output example illustrates the current failover state for context 1 and context 2. This host: Primary Group 1 State: Active Active time: 1010495 (sec) Group 2 State: Standby Ready Active time: 281093 (sec) Deployment Recommendations The firewalls enforce access policies for the data center. Most, if not all, of the requests for the enterprise data center will be sourced from the internal network. The internal firewalls provide a line of defense for the data center assets. Using a multi-layered security model to provide protection for the enterprise data center from internal or external threats is a best practice for creating a multi-layered security model. The firewall policy will differ based on the organizational security policy and the types of applications deployed. In most cases a minimum of the following protocols will be allowed: Domain Name System (DNS), Hypertext Transfer Protocol (HTTP), Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS), Simple Mail Transfer Protocol (SMTP), File Transfer Protocol (FTP), routing protocols, unified communications, voice-over-IP (VoIP) protocols, video protocols, multicast, terminal services, Internet Control Message Protocol (ICMP) to some extent, and a host of others. Regardless of the number of ports and protocols being allowed either to and from the data center or from server-to-server, there are some baseline recommendations that will serve as a starting point for most deployments. The firewalls should be hardened in a similar fashion to the infrastructure devices. The following configuration notes apply: • Use HTTPS for device access. Disable HTTP access. • Configure Authentication, Authorization, and Accounting (AAA) for role-based access control and logging. Use a local fallback account in case the AAA server is unreachable. • Use out-of-band management and limit the types of traffic allowed over the management interface(s). • Use Secure Shell (SSH). Disable Telnet. • Use Network Time Protocol (NTP) servers. Object groups can be used to group similar items for easier management and to save memory when creating access lists. The following is an example of using the object-groups command. object-group service DC_services tcp port-object eq www 4-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer port-object eq https port-object eq smtp port-object eq dns port-object eq ftp object-group service DC_services udp port-object eq dns object-group icmp-type DC_ICMP icmp-object echo-reply icmp-object time-exceeded icmp-object unreachable icmp-object echo object-group service DC_ICMP_1 description (Generated by Cisco SM from Object "DC_ICMP") service-object icmp echo service-object icmp unreachable service-object icmp time-exceeded service-object icmp echo-reply Note This is a basic example of protocols that might need to be enabled for data center communications. Access list implementation on the firewalls will be highly dependant on the organizational security policy and the specific applications in the data center. Note Depending on traffic types and policies, the goal might not be to send all traffic flows to the services layer. Some incoming application connections, such as those from a DMZ or client batch jobs (such as backup), might not need load balancing or additional services. As an alternative, another context on the firewall could be deployed to support the VLANs that are not forwarded to the services switches. Caveats When using transparent mode on the Cisco ASA firewalls, there must be an IP address configured for each context. This is required to bridge traffic from one interface to another and to manage each Cisco ASA context. When managing the Cisco ASA from Cisco Security Manager (CSM) or Cisco Security MARS (CS-MARS), this address is also used to manage and view each context separately. At this time, while in transparent mode, you are not able to allocate the same VLAN across multiple interfaces for management purposes. A separate VLAN will be used to manage each context. The VLANs created for each context can be bridged back to the primary management VLAN on an upstream switch if desired. This provides a workaround and does not require new network-wide management VLANs and IP subnets to be allocated to manage each context. Services Layer Data center security services can be deployed in a variety of combinations. The type and the combination of security deployed depend largely on the business model of the organization. The services deployed in this design are used in a combination to provide isolation, application protection, and visibility into data center traffic flows. From a larger viewpoint, it is also important to consider the scalability of security services in the data center. The goal of these designs is to provide a modular approach to deploying security by allowing additional capacity to easily be added for each service. Additional web application firewalls, Intrusion Prevention Systems (IPS), firewalls, and monitoring services can all be scaled without requiring a re-architecture of the overall data center design. Figure 4-7 illustrates how the services layer fits into the data center security environment.4-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer Figure 4-7 Data Center Security and the Services Layer Server Load Balancing Application Control Engine This design features use of the Cisco Application Control Engine (ACE) service module for the Cisco Catalyst 6500. The Cisco ACE is designed as an application and server scaling tool, but it has security benefits as well. The Cisco ACE can mask the servers real IP address and provide a single IP for clients to connect over a single or multiple protocols such as HTTP, HTTPS, FTP, an so on. In this design, the Cisco ACE is also used to scale the web application firewall appliances. The web application firewalls are configured as a serverfarm and the Cisco ACE is distributing connections to the web application firewall pool. As an added benefit, the Cisco ACE can store server certificates locally. This allows the Cisco ACE to proxy Secure Socket Layer (SSL) connections for client requests and forward the client request in clear text to the server. The following configuration fragment shows the SSL proxy service configuration on the Cisco ACE module. ssl-proxy service SSL_PSERVICE_CRACKME key my2048RSAkey.PEM cert crackme-cert.pem In this design, the Cisco ACE is terminating incoming HTTPS requests and decrypting the traffic prior to forwarding it to the web application firewall farm. The web application firewall and subsequent Cisco IPS devices can now view the traffic in clear text for inspection purposes. Po99 Po99 226562 ASA1 10.8.152.5 190 161 162 162 164 151 152 10.8.152.3 10.8.162.3 ASA1 VRF1 SVI-161 SVI-151 VRF2 10.8.152.6 10.8.152.2 10.8.162.2 N7k2-VDC2 N7k2-VDC1 VRF2 SVI-161 SVI-151 VRF1 hsrp.7 hsrp.1 hsrp.7 IPS WAF ACE ASA2 ASA2 N7k1-VDC2 N7k1-VDC1 10.8.162.5 10.8.162.6 hsrp.1 IPS WAF ACE24-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer Note Some compliance standards and security policies dictate that traffic is encrypted from client to server. It is possible to modify the design so traffic is re-encrypted on the Cisco ACE after inspection prior to being forwarded to the server. Web Application Security Web Application Firewall The Cisco ACE Web Application Firewall (WAF) provides firewall services for web-based applications. It secures and protects web applications from common attacks, such as identity theft, data theft, application disruption, fraud and targeted attacks. These attacks can include cross-site scripting (XSS) attacks, SQL and command injection, privilege escalation, cross-site request forgeries (CSRF), buffer overflows, cookie tampering, and denial-of-service (DoS) attacks. In the data center design, the two web application firewall appliances are configured as a cluster and are load balanced by the Cisco ACE module. Each of the web application firewall cluster members can be seen in the Cisco ACE Web Application Firewall Management Dashboard. The Management Dashboard of the Cisco ACE Web Application Firewall is shown in Figure 4-8. Figure 4-8 Web Application Firewall Management Dashboard The two web application firewall cluster members in Figure 4-8 are: 172.26.147.201 and 172.26.147.203 The Cisco ACE WAF acts as a reverse proxy for the web servers it is configured to protect. The Virtual Web Application is used to create a virtual URL that will be used to intercept incoming client connections. You can configure one more virtual web applications based on the protocol and port as well as the policy you want applied. In the example in Figure 4-9, a Virtual Web Application called Crack Me is defined. The virtual URL is set to intercept all incoming HTTP traffic on port 81. 4-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer Figure 4-9 Web Application Firewall Virtual Web Application (Crack Me) The destination server IP address in this example is the Cisco ACE. Because the web application firewall is being load balanced by the Cisco ACE, it is configured as a one-armed connection to the Cisco ACE to both send and receive traffic. This is the recommended deployment model and will be described in the next section. Cisco ACE and Web Application Firewall Deployment The Cisco ACE WAF is deployed in a one-armed design and is connected to the Cisco ACE over a single interface. The connection information for the Cisco ACE and web application firewall cluster is shown in Figure 4-10.4-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer Figure 4-10 Cisco ACE Module and Web Application Firewall Integration The following command listing example shows the Cisco ACE interface configuration. VLAN 162 is the north side of the Cisco ACE facing the Cisco ASA firewall, VLAN 163 is the south side to the IPS, and VLAN 190 is the VLAN between the Cisco ACE and the web application firewall cluster. interface vlan 162 description ** North Side facing ASA** bridge-group 161 no normalization no icmp-guard access-group input BPDU access-group input ALLOW_TRAFFIC service-policy input aggregate-slb-policy no shutdown interface vlan 163 description ** South Side facing Servers ** bridge-group 161 no normalization no icmp-guard access-group input BPDU access-group input ALLOW_TRAFFIC no shutdown interface vlan 190 ip address 10.8.190.2 255.255.255.0 alias 10.8.190.1 255.255.255.0 peer ip address 10.8.190.3 255.255.255.0 no normalization no icmp-guard access-group input ALLOW_TRAFFIC service-policy input L4_LB_VIP_HTTP_POLICY no shutdown ASA1 10.8.152.5 10.8.152.3 10.8.162.3 ASA2 ACE SS1 N7k1-VDC2 N7k1-VDC1 VRF1 SVI-161 SVI-151 VRF2 10.8.162.5 226565 WAF hsrp.1 hsrp.7 161 162 190 164 1624-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer In this portion of the Cisco ACE configuration, a probe has been created to track the availability of the web server via a HTTP Get of the URL. This is then tied to the web application firewall farm. It is recommend this method is used to ensure that connections are not forwarded from the Cisco ACE to the web application firewall farm if the web servers are not available. probe http CRACKME port 81 interval 2 passdetect interval 5 request method get url /Kelev/view/home.php expect status 200 200 rserver host waf1 ip address 10.8.190.210 inservice rserver host waf2 ip address 10.8.190.211 inservice serverfarm host sf_waf probe CRACKME rserver waf1 81 inservice rserver waf2 81 inservice To ensure session persistence (the same connection stays on the same web application firewall appliance), the Cisco ACE has been configured to use cookie-sticky as shown in the following configuration example: sticky http-cookie wafcookie wafstkygrp cookie insert replicate sticky serverfarm sf_waf For detailed information on the Cisco ACE configuration, refer to the Service Traffic Patterns document at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/DC_3_0/dc_serv_pat.html IPS Deployment The Intrusion Prevention System (IPS) provides deep packet and anomaly inspection to protect against both common and complex embedded attacks. The IPS devices used in this design are Cisco IPS 4270s with 10-Gigabit Ethernet modules. Because of the nature of IPS and the intense inspection capabilities, the amount of overall throughput varies depending on the active policy. The default IPS policies were used for the examples presented in this document. In this design, the IPS appliances are configured for VLAN pairing. Each IPS is connected to the services switch with a single 10-Gigabit Ethernet interface. In this example, VLAN 163 and VLAN 164 are configured as the VLAN pair. See Figure 4-11.4-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer Figure 4-11 IPS VS0 and VS1 (IDS) The IPS deployment in the data center leverages EtherChannel load balancing from the service switch. This method is recommended for the data center because it allows the IPS services to scale to meet the data center requirements. This is shown in the Figure 4-12. Figure 4-12 IPS ECLB in the Services Layer A port channel is configured on the services switch to forward traffic over each 10-Gigabit link to the receiving IPS. Since the Cisco IPS does not support Link Aggregate Control Protocol (LACP) or Port Aggregation Protocol (PAgP), the port channel is set to “on” to ensure no negotiation is necessary for the channel to become operational as illustrated in the following show command output. dca-newSS1# sh run int port2 Building configuration... Current configuration : 177 bytes ! ASA1 10.8.152.5 10.8.152.3 10.8.162.3 ASA2 ACE SS1 N7k1-VDC2 N7k1-VDC1 VRF1 SVI-161 SVI-151 VRF2 10.8.162.5 226567 WAF hsrp.1 hsrp.7 161 162 190 164 162 163,164 IPS4-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer interface Port-channel2 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 163,164 switchport mode trunk switchport nonegotiate mtu 9216 end It is very important to ensure all traffic for a specific flow goes to the same Cisco IPS. To best accomplish this, it is recommended to set the hash for the Port Channel to source and destination IP address as illustrated in the following example: dca-newSS1(config)# port-channel load-balance src-dst-ip dca-newSS1# sh etherchannel load-balance EtherChannel Load-Balancing Configuration: src-dst-ip enhanced mpls label-ip EtherChannel Load-Balancing Addresses Used Per-Protocol: Non-IP: Source XOR Destination MAC address IPv4: Source XOR Destination IP address IPv6: Source XOR Destination IP address MPLS: Label or IP Each EtherChannel can support up to eight ports per channel. This design can scale up to eight Cisco IPS 4270s per channel. Figure 4-13 illustrates Cisco IPS EtherChannel load balancing. Figure 4-13 Cisco IPS EtherChannel Load Balancing Caveats Spanning tree plays an important role for IPS redundancy in this design. Under normal operating conditions traffic, a VLAN will always follow the same active Layer-2 path. If a failure occurs (service switch failure or a service switch link failure), spanning tree would converge and the active Layer-2 traffic path would change to the redundant service switch and Cisco IPS appliances. Multiple failure scenarios were tested with average failover times between 2 to 4 seconds. Service Switch Up 8 IPS per EtherChannel channel 226568 IPS1 IPS2 IPS 3 to 84-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer Cisco ACE, Cisco ACE Web Application Firewall, Cisco IPS Traffic Flows The security services in this design reside between the inner and outer VDCs on the Cisco Nexus 7000. All security services are running in a Layer-2 transparent configuration. As traffic flows from VDC1 to the outside Cisco ASA context, it is bridged across VLANs and forwarded through each security service until it reaches the inside VDC2 where it is routed directly to the correct server or application. Figure 4-14 illustrates the service flow for client-to-server traffic through the security services in the red traffic path. In this example, the client is making a web request to a virtual IP address (VIP) defined on the Cisco ACE virtual context. Figure 4-14 Security Service Traffic Flow (Client to Server) The following steps describe the associated stages in Figure 4-14. 1. Client is directed through OSPF route found on Cisco Nexus 7000-1 VDC1 to the active Cisco ASA virtual context transparently bridging traffic between VDC1 and VDC2 on the Cisco Nexus 7000. 2. The transparent Cisco ASA virtual context forwards traffic from VLAN 161 to VLAN 162 towards Cisco Nexus 7000-1 VDC2. 3. VDC2 shows spanning tree root for VLAN 162 through connection to services switch SS1. SS1 shows spanning tree root for VLAN 162 through the Cisco ACE transparent virtual context. 4. The Cisco ACE transparent virtual context applies an input service policy on VLAN 162, this service policy named AGGREGATE_SLB has the virtual VIP definition. The VIP rules associated with this policy enforce SSL-termination services and load-balancing services to a web application ASA1 10.8.152.5 10.8.152.3 10.8.162.3 VLAN 161 VLAN 162 VLAN 190 VLAN 163, 164 VLAN 164 VLAN 163 VLAN 161 SS1 N7k1-VDC2 N7k1-VDC1 VRF1 SVI-161 SVI-151 VRF2 10.8.162.5 Po2 226541 WAF Cluster WAF Devices IP: 10.8.190.210 IP: 10.8.190.211 1 4 2 7 5 3 6 Server VLANs Interface VLAN 190 IP: 10.8.190.2 Input Service Policy: L4_LB_VIP_HTTP_POLICY VIP:10.8.162.200 Interface VLAN 162 IP: 10.8.190.2 Input Service Policy: AGGREGATE_SLB_POLICY VIP:10.8.162.200 IPS1 vs0 IPS2 vs0 8 Bridged VLANs Bridged VLANs hsrp.1 hsrp.14-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Services Layer firewall serverfarm. The state of the web application firewall serverfarm is determined via HTTP based probes. The request is forwarded to a specific web application firewall appliance defined in the Cisco ACE serverfarm. The client IP address is inserted as an HTTP header by the Cisco ACE to maintain the integrity of server-based logging within the farm. The source IP address of the request forwarded to the web application firewall is that of the originating client—in this example, 10.7.54.34. 5. In this example, the web application firewall has a virtual web application defined named Crack Me. The web application firewall appliance receives the HTTP request on port 81 that was forwarded from the Cisco ACE. The web application firewall applies all the relevant security policies for this traffic and proxies the request back to a VIP (10.8.162.200) located on the same virtual Cisco ACE context on VLAN interface 190. 6. Traffic is forwarded from the web application firewall on VLAN 163. A port channel is configured to carry VLAN 163 and VLAN 164 on each member trunk interface. The Cisco IPS receives all traffic on VLAN 163, performs inline inspection, and forwards the traffic back over the port channel on VLAN 164. By using this model security services are integrated into the architecture and provide isolation without the need to reallocate pools of IP addresses and re-engineering multiple routing schemes.4-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Access Layer Access Layer In this design, the data center access layer provides Layer-2 connectivity for the serverfarm. In most cases the primary role of the access layer is to provide port density for scaling the serverfarm. See Figure 4-15. Figure 4-15 Data Center Access Layer Recommendations Security at the access layer is primarily focused on securing Layer-2 flows. Using VLANs to segment server traffic and associating access control lists (ACLs) to prevent any undesired communication are best practice recommendations. Additional security mechanisms that can be deployed at the access layer include private VLANs (PVLANs), the Catalyst Integrated Security Features—which include Dynamic Address Resolution Protocol (ARP) inspection, Dynamic Host Configuration Protocol (DHCP) Snooping, and IP Source Guard. Port security can also be used to lock down a critical server to a specific port. The access layer and virtual access layer serve the same logical purpose. The virtual access layer is a new location and a new footprint of the traditional physical data center access layer. The detailed access layer discussion will focus on the virtual access layer and the available security features. These features are also applicable to the traditional physical access layer. Catalyst 6500 Catalyst 6500 Nexus 7000 ASA 5580 Access Layer ASA 5580 Nexus 7000 Catalyst 6500 Catalyst 4900s Catalyst 6500 VSS Nexus 5000s ACE WAF IDS/IPS IDS/IPS ACE Module ACE Module 2265694-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer Virtual Access Layer Server Virtualization and Network Security Virtualization is changing the way data centers are architected. Server virtualization is creating new challenges for security deployments. Visibility into virtual machine activity and isolation of server traffic becomes more difficult when virtual machine-sourced traffic can reach other virtual machines within the same server without being sent outside the physical server. In the traditional access model, each physical server is connected to an access port. Any communication to and from a particular server or between servers goes through a physical access switch and any associated services such as a firewall or a load balancer. But what happens when applications now reside on virtual machines and multiple virtual machines reside within the same physical server? It might not be necessary for traffic to leave the physical server and pass through a physical access switch for one virtual machine to communicate with another. Enforcing network policies in this type of environment can be a significant challenge. The goal remains to provide many of the same security services and features used in the traditional access layer in this new virtual access layer. The virtual access layer resides in and across the physical servers running virtualization software. Virtual networking occurs within these servers to map virtual machine connectivity to that of the physical server. A virtual switch is configured within the server to provide virtual machine ports connectivity. The way in which each virtual machine connects, and to which physical server port it is mapped, is configured on this virtual switching component. While this new access layer resides within the server, it is really the same concept as the traditional physical access layer. It is just participating in a virtualized environment. Figure 4-16 illustrates the deployment of a virtual switching platform in the context of this environment.4-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer Figure 4-16 Cisco Nexus 1000V Data Center Deployment In the VMware environment, virtual machines are configured and managed on VMware’s Virtual Center. When a server administrator wants to initialize a new virtual machine and assign the policies (including virtual port assignment) this is all performed in Virtual Center. This brings some contention into who is responsible for networking and security policy and this layer. In a virtual environment, it is possible for the server administrator to provision dozens of virtual machines and assign VLANs and policies—without requiring the involvement of the network and security teams. Since the virtual machines all reside in the same physical server that is already connected to the network, this is a very easy task. In most cases the network and security policies have already been predefined for the servers. A server administrator uses a pre-assigned VLAN for server connectivity that also has associated policies. Once again, this VLAN is associated to a virtual port and a virtual machine within the Virtual Center. There are several ongoing issues with this type of environment. Miscommunication or a simple mistake can lead to misconfiguration and subsequently the wrong VLAN and policy being mapped to a virtual machine. Visibility into the virtual machine environment is also very limited for the network and security teams. In most cases the server teams have no desire to become network engineers and would rather simply apply a predefined network policy for their servers. The Cisco Nexus 1000V is a new virtual switching platform supported on VMware ESX version 4 (or newer release versions). The Cisco Nexus 1000V provides many of the same physical access switch capabilities at a virtual switching footprint. The Cisco Nexus 1000V is comprised of two components: the Virtual Supervisor Module (VSM) and the Virtual Ethernet Module (VEM). The VSM acts in a similar fashion to a traditional Cisco supervisor module. The networking and policy configurations are performed on the VSM and applied to the ports on each VEM. The VEM is similar to a traditional Cisco N7k1-VDC2 N7k2-VDC2 VSS-ACC Po71 Po72 DC-5020-1 Po1 Po2 Po3 DC-5020-2 Trunking Uplinks APC with src-mac hash VEMs Po151 VSM ESX3.5 ESX4 IP IP IP IP IP IP IP IP IP 226570 vSwitch Nexus 10004-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer line card and provides the ports for host connectivity. The VEM resides in the physical server as the virtual switching component. Virtual machine ports—and the definition of how they connect to the physical server ports—are all mapped within each VEM. One VEM can exist on each VMware server, but you can manage multiple VEMs from one VSM. The VSM is offered as either a physical appliance or it can be configured as a virtual machine. There is a significant management benefit with using the Cisco Nexus 1000V. The VSM communicates with Virtual Center through the VMware API. When a network policy is defined on the Cisco Nexus 1000V it is updated in Virtual Center and displayed as a Port Group. The network and security teams can configure a pre-defined policy and make it available to the server administrators in the same manner they are used to applying policies today. The Cisco Nexus 1000V policies are defined through a feature called port profiles. Policy Enforcement Port profiles allow you to configure network and security features under a single profile which can be applied to multiple interfaces. Once you define a port profile, you can inherit that profile and any setting defined on one or more interfaces. You can define multiple profiles—all assigned to different interfaces. As part of this design, two configuration examples follow. You can see two port profiles (vm180 and erspan) have been defined. Port profile vm180 has been assigned to virtual Ethernet ports 9 and 10. And port profile erspan has been assigned to virtual Ethernet port 8. Note The ip flow monitor command is in reference to Encapsulated Remote Switched Port Analyzer (ERSPAN) and will be discussed in the next section. port-profile vm180 vmware port-group pg180 switchport mode access switchport access vlan 180 ip flow monitor ESE-flow input ip flow monitor ESE-flow output no shutdown state enabled interface Vethernet9 inherit port-profile vm180 interface Vethernet10 inherit port-profile vm180 port-profile erspan capability l3control vmware port-group switchport access vlan 3000 no shutdown system vlan 3000 state enabled interface Vethernet8 mtu 9216 inherit port-profile erspan Once the port profile is configured on the Cisco Nexus 1000V, it can be applied to a specific virtual machine as a port group in the VMware Virtual Center. Figure 4-17 shows that port profiles pg180 and erspan are available as port groups in the Virtual Center.4-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer Figure 4-17 VMware Virtual Center Port Group There are multiple security benefits of this feature. First, network security policies are still defined by the network and security administrators and are applied to the virtual switch in the same way that they are on the physical access switches today. Second, once the features are defined in a port profile and assigned to an interface the server administrator need only pick the available port group and assign it to the virtual machine. This alleviates the changes of misconfiguration and overlapping or non-compliant security policies being applied. Visibility Server virtualization brings new challenges for visibility into what is occurring at the virtual network level. Traffic flows can now occur within the server between virtual machines without needing to traverse a physical access switch. If a virtual machine is infected or compromised it might be more difficult for administrators to spot without the traffic forwarding through security appliances. Encapsulated Remote Switched Port Analyzer (ERSPAN) is a very useful tool for gaining visibility into network traffic flows. This feature is supported on the Cisco Nexus 1000V. ERSPAN can be enabled on the Cisco Nexus 1000V and traffic flows can be exported from the server to external devices. See Figure 4-18.4-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer Figure 4-18 Cisco Nexus 1000V and ERSPAN IDS and NAM at Services Switch In this design, ERSPAN forwards copies of the virtual machine traffic to the Cisco IPS appliance and the Cisco Network Analysis Module (NAM). Both the Cisco IPS and Cisco NAM are located at the service layer in the service switch. A new virtual sensor (VS1) has been created on the existing Cisco IPS appliances to only provide monitoring for the ERSPAN session from the server. Up to four virtual sensors can be configured on a single Cisco IPS and they can be configured in either intrusion prevention system (IPS) or instruction detection system (IDS) mode. In this case the new virtual sensor VS1 has been set to IDS or monitor mode. It receives a copy of the virtual machine traffic over the ERSPAN session from the Cisco Nexus 1000V. Two ERSPAN sessions have been created on the Cisco Nexus 1000V. Session 1 has a destination of the Cisco NAM and session 2 has a destination of the Cisco IPS appliance. Each session terminates on the 6500 service switch. The ERSPAN configuration on the Cisco Nexus 1000V is shown in the following example. port-profile erspan capability l3control vmware port-group switchport access vlan 3000 no shutdown system vlan 3000 state enabled ! monitor session 1 type erspan-source description - to SS1 NAM via VLAN 3000 source interface Vethernet8 both N7k1-VDC2 N7k2-VDC2 N7k2-VDC2 5020-1 hsrp.1 5020-2 VLAN 3000 Trunking Uplinks with VLAN 3000 vmk1 VEM (10.8.3.100) ESX4 Nexus 1000 VEthernet 8 226547 NAM SS1 IDS1 ERSPAN DST IP: 10.8.33.4 ID:1 ID:24-29 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer destination ip 10.8.33.4 erspan-id 1 ip ttl 64 ip prec 0 ip dscp 0 mtu 1500 no shut monitor session 2 type erspan-source description - to SS1 IDS1 via VLAN 3000 source interface Vethernet8 both destination ip 10.8.33.4 erspan-id 2 ip ttl 64 ip prec 0 ip dscp 0 mtu 1500 no shut The corresponding ERSPAN configuration on the Cisco Catalyst 6500 services switch is shown in the following configuration. monitor session 1 type erspan-source description N1k ERSPAN - dcesx4n1 session 1 source vlan 3000 destination erspan-id 1 ip address 10.8.33.4 ! monitor session 3 type erspan-destination description N1k ERSPAN to NAM destination analysis-module 9 data-port 2 source erspan-id 1 ip address 10.8.33.4 monitor session 2 type erspan-source description N1k ERSPAN - dcesx4n1 session 2 source vlan 3000 destination erspan-id 2 ip address 10.8.33.4 ! monitor session 4 type erspan-destination description N1k ERSPAN to IDS1 destination interface Gi3/26 source erspan-id 2 ip address 10.8.33.4 Using a different ERSPAN-id for each session provides isolation. A maximum number of 66 source and destination ERSPAN sessions can be configured per switch. ERSPAN can have an effect on overall system performance depending on the number of ports sending data and the amount of traffic being generated. It is always a good recommendation to monitor the system performance when you enable ERSPAN to verify the overall effects on the system. Note You must permit protocol type header “0x88BE” for ERSPAN Generic Routing Encapsulation (GRE) connections.4-30 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer Isolation Server-to-server filtering can be performed using ACLs on the Cisco Nexus 1000V. In the configuration example that follows, we use an IP ACL to block communication between two virtual machines. In this example, there are two virtual machines (10.8.180.230 and 10.8.180.234) on the same physical server. In order to block communication from VM 10.8.180.230 to VM 10.8.180.234, an ACL is used on the Cisco Nexus 1000V. Because the server-to-server traffic never leaves the physical server, the ACL provides an excellent method for segmenting this traffic. Prior to defining and applying the ACL, the 10.8.180.230 virtual machine is allowed to communicate directly to the 10.8.180.234 virtual machine through a variety of methods. By default, ping, Telnet, and FTP traffic types are all allowed. Figure 4-19 shows the general traffic flow between the virtual machines, while the command output listing that follows illustrate traffic activity. Figure 4-19 VM-to-VM Traffic C:\Documents and Settings\Administrator> ping 10.8.180.234 Pinging 10.8.180.234 with 32 bytes of data: Reply from 10.8.180.234: bytes=32 time<1ms TTL=128 Reply from 10.8.180.234: bytes=32 time<1ms TTL=128 Reply from 10.8.180.234: bytes=32 time<1ms TTL=128 Reply from 10.8.180.234: bytes=32 time<1ms TTL=128 Ping statistics for 10.8.180.234: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\Documents and Settings\Administrator> ftp 10.8.180.234 C:\Documents and Settings\Administrator> C:\Documents and Settings\Administrator> ftp 10.8.180.234 Connected to 10.8.180.234. 220 Microsoft FTP Service User (10.8.180.234:(none)): Po2 VM 10.8.180.230 VM 10.8.180.234 2265724-31 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer C:\Documents and Settings\Administrator> telnet 10.8.180.234 80 GET HTTP://10.8.180.234 Under Construction <!-- Quantcast Choice. Consent Manager Tag v2.0 (for TCF 2.0) --> <script type="text/javascript" async="true"> (function() { var host = 'www.themoneytizer.com'; var element = document.createElement('script'); var firstScript = document.getElementsByTagName('script')[0]; var url = 'https://quantcast.mgr.consensu.org' .concat('/choice/', '6Fv0cGNfc_bw8', '/', host, '/choice.js') var uspTries = 0; var uspTriesLimit = 3; element.async = true; element.type = 'text/javascript'; element.src = url; firstScript.parentNode.insertBefore(element, firstScript); function makeStub() { var TCF_LOCATOR_NAME = '__tcfapiLocator'; var queue = []; var win = window; var cmpFrame; function addFrame() { var doc = win.document; var otherCMP = !!(win.frames[TCF_LOCATOR_NAME]); if (!otherCMP) { if (doc.body) { var iframe = doc.createElement('iframe'); iframe.style.cssText = 'display:none'; iframe.name = TCF_LOCATOR_NAME; doc.body.appendChild(iframe); } else { setTimeout(addFrame, 5); } } return !otherCMP; } function tcfAPIHandler() { var gdprApplies; var args = arguments; if (!args.length) { return queue; } else if (args[0] === 'setGdprApplies') { if ( args.length > 3 && args[2] === 2 && typeof args[3] === 'boolean' ) { gdprApplies = args[3]; if (typeof args[2] === 'function') { args[2]('set', true); } } } else if (args[0] === 'ping') { var retr = { gdprApplies: gdprApplies, cmpLoaded: false, cmpStatus: 'stub' }; if (typeof args[2] === 'function') { args[2](retr); } } else { queue.push(args); } } function postMessageEventHandler(event) { var msgIsString = typeof event.data === 'string'; var json = {}; try { if (msgIsString) { json = JSON.parse(event.data); } else { json = event.data; } } catch (ignore) {} var payload = json.__tcfapiCall; if (payload) { window.__tcfapi( payload.command, payload.version, function(retValue, success) { var returnMsg = { __tcfapiReturn: { returnValue: retValue, success: success, callId: payload.callId } }; if (msgIsString) { returnMsg = JSON.stringify(returnMsg); } event.source.postMessage(returnMsg, '*'); }, payload.parameter ); } } while (win) { try { if (win.frames[TCF_LOCATOR_NAME]) { cmpFrame = win; break; } } catch (ignore) {} if (win === window.top) { break; } win = win.parent; } if (!cmpFrame) { addFrame(); win.__tcfapi = tcfAPIHandler; win.addEventListener('message', postMessageEventHandler, false); } }; if (typeof module !== 'undefined') { module.exports = makeStub; } else { makeStub(); } var uspStubFunction = function() { var arg = arguments; if (typeof window.__uspapi !== uspStubFunction) { setTimeout(function() { if (typeof window.__uspapi !== 'undefined') { window.__uspapi.apply(window.__uspapi, arg); } }, 500); } }; var checkIfUspIsReady = function() { uspTries++; if (window.__uspapi === uspStubFunction && uspTries < uspTriesLimit) { console.warn('USP is not accessible'); } else { clearInterval(uspInterval); } }; if (typeof window.__uspapi === 'undefined') { window.__uspapi = uspStubFunction; var uspInterval = setInterval(checkIfUspIsReady, 6000); } })(); </script> <!-- End Quantcast Choice. Consent Manager Tag v2.0 (for TCF 2.0) --> </HEAD> <body bgcolor=white> <table> <tr> <td ID=tableProps width=70 valign=top align=center> <img ID=pagerrorImg src="pagerror.gif" width=36 height=48> <td ID=tablePropsWidth width=400> <h1 ID=errortype style="font:14pt/16pt verdana; color:#4e4e4e"> <P ID=Comment1><!--Problem--><P ID="errorText">Under Construction</h1> <P ID=Comment2><!--Probable causes:<--><P ID="errordesc"><font style="font:9pt/1 2pt verdana; color:black"> The site you are trying to view does not currently have a default page. It may be in the process of being upgraded and configured. <P ID=term1>Please try this site again later. If you still experience the proble m, try contacting the Web site administrator. <hr size=1 color="blue"> <P ID=message1>If you are the Web site administrator and feel you have received this message in error, please see "Enabling and Disabling Dynamic Content&q uot; in IIS Help. …</html> Note The preceding Telnet example opens a Telnet connection to port 80—the web server port on 10.8.180.234. A simple GET command provides a brief amount of reconnaissance information. There are two options for adding an access list to the virtual Ethernet interfaces to block communication. The ACL can be defined and the access group can be applied to a port profile. All interfaces configured for the port profile will inherit the access-group setting. If you have specific ACLs you wish to configure on an interface you can apply the access group directly to the virtual Ethernet interface in addition to the port profile. The port profile will still apply but the access group will only be applied to the specific interface instead of all interfaces that have inherited the particular port profile. In this example, an ACL is created and applied to virtual Ethernet 13. The 10.8.180.230 virtual machine resides on virtual Ethernet 8 and the 10.8.180.234 virtual machine resides on virtual Ethernet 13. Access groups on the Cisco Nexus 1000V must be applied inbound. To block traffic from .230 to .234 we will create an ACL and apply it inbound on virtual Ethernet 13. See Figure 4-20 and the configuration listing that follows.4-32 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Virtual Access Layer Figure 4-20 VM-to-VM Traffic Blocked by Port ACL on Cisco Nexus 1000 dcvsm(config)# ip access-list s-to-s dcvsm(config-acl)# deny ip host 10.8.180.230 host 10.8.180.234 dcvsm(config-acl)# permit ip any any dcvsm(config-if)# int vethernet 13 dcvsm(config-if)# ip port access-group s-to-s in dcvsm(config-if)# exit interface Vethernet8 ip port access-group s-to-s in inherit port-profile vm180 We can now retest to verify that traffic is blocked from 10.8.180.230 to 10.8.180.234. Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp. C:\Documents and Settings\Administrator> ping 10.8.180.234 Pinging 10.8.180.234 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 10.8.180.234: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), C:\Documents and Settings\Administrator> telnet 10.8.180.234 80 Connecting To 10.8.180.234...Could not open connection to the host, on port 80: Connect failed C:\Documents and Settings\Administrator> ftp 10.8.180.234 > ftp: connect :Connection timed out ftp> Po2 VM 10.8.180.230 VM 10.8.180.234 226573 Vethernet 13 Ip port access-group s-to-s in4-33 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Endpoint Security The Nexus 1000V virtual switch establishes traditional security features for the virtual server environment.. Additional security features available on the Cisco Nexus 1000V include the following: • Private VLANs • Port security • Cisco Catalyst integrated security features for anti-spoofing Endpoint Security The great variety in server hardware types, operating systems, and applications represents a clear challenge to security. The operating systems and applications must be protected regardless if residing on a physical server or on a virtual machine. Properly securing the endpoints requires the adoption of the appropriate technical controls. The Cisco Security Agent, or CSA, is used as a baseline for providing endpoint security. CSA takes a proactive and preventative approach, using behavior-based security to focus on preventing malicious activity on the host. Malicious activity is detected and blocked, independent of the type of malware, spyware, adware, or virus affecting the host. Once deployed on an endpoint, when an application attempts an operation, the agent checks the operation against the application's security policy, making a real-time allow or deny decision on the continuation of that operation, and determining whether logging of the operation request is appropriate. CSA provides defense-in-depth protection against spyware and adware by combining security policies that implement distributed firewall, operating system lockdown and integrity assurance, malicious mobile code protection, and audit event collection capabilities in default policies for servers and desktops. CSA security policies are created and managed on the CSA Management Center (CSA-MC). MC also provides centralized reporting and global correlation. CSA deployment and the integration capabilities between CSA and Cisco Network IPS are discussed in Chapter 11, “Threat Control and Containment.” For complete details about deploying CSA in a network, refer to the Rapid Deployment Guide for Cisco Security Agent 6.0 for Desktops at the following URL: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/deployment_guide_c07-501928. html Infrastructure Security Recommendations The following section highlights some of the baseline security recommendations and examples used for the data center infrastructure. • Infrastructure device access ( TACACS+, SSH, AAA, and login banner) • Disable specific services • Secure OOB management • NetFlow • Syslog • NTP4-34 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples Detailed infrastructure security recommendations can be found inChapter 2, “Network Foundation Protection.” Attack Prevention and Event Correlation Examples Virtual Context on ASA for ORACLE DB Protection The example described in this section leverages the virtualization capability on the Cisco ASA firewall. An additional virtual context is created on the Cisco ASA and designated to reside between the servers and an Oracle database. The goal is not to prevent any server from communicating with the database, but rather to control which servers can access the database. For example, in most cases it is not necessary for a presentation (web) server to communicate directly with the database. This would usually be performed from an application server. If a web server in the environment was compromised this would prevent the attacker from gaining direct access to the critical information stored on the database. Another firewall could be provisioned for this task, but if there is available capacity on the existing firewall pair this allows for the firewalls to be fully utilized with very minimal design changes. This topology is shown in Figure 4-21. Figure 4-21 Cisco ASA Virtual Context 3 to Protect Oracle DB The database has an IP address that is on VLAN 141 and the default gateway resides on VRF1. Because the firewall is operating in transparent mode it can integrate into this environment with minimal changes to the network. A new context (VC3) is created on the firewall, the outside interface is assigned to VLAN 141, and the inside interface is assigned to VLAN 142. In transparent mode, the Cisco ASA is simply bridging these two VLANs. Because the Cisco ASA is in transparent mode, there is no need to reconfigure any IP addresses on either the VLAN 141 gateway or on the Oracle database. Traffic to and Po99 N7k1-VDC2 N7k2-VDC2 hsrp.1 10.8.141.3 hsrp.1 10.8.141.2 ASA2-vc3 E3/2 E3/2 E3/3 E3/3 ASA1-vc3 E2/37 E2/38 141 142 Bond142: 10.8.141.151 Oracle DB 142 226574 VRF1 VRF1 E2/38 E2/37 141 SS1 SS2 163,164 162 164 163 163,164 IPS1 IPS2 ACE1 ACE24-35 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples from the Oracle database is simply bridge between VLAN 141 and VLAN 142. This is an inline transparent service to both VRF1 and the database. As traffic enters the Cisco ASA, stateful packet filtering is performed and traffic is inspected before being forwarded to the database. Any server traffic not sourced in the 141 VLAN will pass through the Cisco ASA for inspection. See Figure 4-22. Figure 4-22 Example of Server to Database Access Through Virtual Firewall Context Web Application Firewall Preventing Application Attacks The Cisco ACE WAF can protect servers from a number of highly damaging application-layer attacks—including command injection, directory traversal attacks, and cross-site (XSS) attacks. In this design, the Cisco ACE WAF devices are being load balanced by the Cisco ACE to increase scalability. The Cisco ACE also provides another security benefit, it is servicing inbound HTTPS requests. This means the incoming client HTTPS session is terminated on the Cisco ACE and forwarded to the Cisco ACE WAF in clear text. The Cisco ACE WAF is now able to inspect all connections as HTTP before they are forwarded to the web servers. In example that follows in Figure 4-23, we demonstrate the Cisco ACE WAF detecting a URL traversal attack between a client and a virtual machine. The client has an IP address of 10.7.52.33 and the web server is a virtual machine with an IP address of 10.8.180.230. Po99 N7k1-VDC2 N7k2-VDC2 STP Root hsrp.1 ASA1-vc3 ASA2-vc3 E2/37 E2/38 VLAN 141 VLAN 142 Bond142: 10.8.141.151 Oracle DB VLAN 142 Srv-A 226545 VRF1 VRF1 E2/38 E2/37 VLAN 1414-36 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples Figure 4-23 Cisco ACE WAF Attack Prevention The client uses a URL traversal (appending specific characters to the end of the URL) in an attempt to gain additional information about the web server. This event is identified and triggered on the Cisco ACE WAF as a traversal attack. See Figure 4-24. Figure 4-24 Cisco ACE WAF Incidents Showing Attack The The event details show the attack specifics and the attacker information. See Figure 4-25. N7k1-VDC2 N7k2-VDC2 N7k2-VDC2 5020-1 5020-2 Po2 10.7.52.33 https://10.8.162.200/KELev/view/home.php 226575 SS1 IDS1 ERSPAN DST IP: 10.8.33.4 ID:24-37 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples Figure 4-25 Cisco ACE WAF Event Viewer Attack Details The Cisco ACE WAF can be set to monitor or enforce specific rules. In either case, visibility into what is occurring at the application layer is greatly enhanced. Using Cisco ACE and Cisco ACE WAF to Maintain Real Client IP Address as Source in Server Logs For server administrators and security teams, it can be very important to have the incoming client’s IP address available in the server logs for any necessary forensic analysis. The Cisco ACE by itself can be configured to retain the real client’s IP address and pass it to the server. If the Cisco ACE WAF is deployed between the Cisco ACE and the web servers, the server log by default reflects the IP address of the Cisco ACE WAF as being the client. Because the Cisco ACE WAF is acting as a proxy for the servers, this is the expected behavior, but the Cisco ACE WAF has the ability to maintain the client’s source IP address in the transaction because it is forwarded to the server. A new profile can be created to preserve the client’s IP address for transactions traversing the Cisco ACE WAF. For the purposes of this design example, new profile named My Client Insert has been created. See Figure 4-26. Figure 4-26 Cisco ACE WAF with My Client Insert Profile Defined4-38 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples Edit the profile and modify the HTTP header processing settings. Click the check box for the Insert “X-Forwarded-For” header with client’s IP address and select the option appending to existing value. See Figure 4-27. Figure 4-27 My Client Insert Profile Definition The My Client Insert profile has been assigned to the Crack Me virtual web application. See Figure 4-28.4-39 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples Figure 4-28 Virtual Web Application Crack Me Details Figure 4-29 shows a screen capture of a trace taken on the web server 10.8.180.230. The client used in this test had a source IP of 10.7.54.34. The client IP address is correctly reflected in the trace on the web server. Figure 4-29 Cisco ACE and WAF HTTP Header Insertion of Source IP Address Captured from Server4-40 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples Using IDS for VM-to-VM Traffic Visibility In the design example illustrated in this section, ERSPAN on the Cisco Nexus 1000V is leveraged to forward a copy of virtual machine-to-virtual machine traffic to the IDS at the services layer. The attacker is using the web server (10.8.180.230) to send malformed URL requests to the virtual server (10.8.180.234). Both virtual machines reside on the same physical server. See Figure 4-30. Figure 4-30 Using ERSPAN to IDS for VM -to-VM Traffic The attempt triggers a signature on the IDS and is logged for investigation. See Figure 4-31. Figure 4-31 IDS Event Log of VM to VM Attack N7k1-VDC2 N7k2-VDC2 N7k2-VDC2 5020-1 5020-2 Po2 10.8.180.230 10.8.180.234 226582 SS1 IDS1 ERSPAN DST IP: 10.8.33.4 ID:24-41 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Attack Prevention and Event Correlation Examples Using IDS and Cisco Security MARS for VM Traffic Visibility As previously discussed, server virtualization introduces some new challenges to the network and security teams. When virtual machines can communicate directly with other virtual machines without the traffic ever leaving the server, it can prove difficult to maintain any visibility into traffic flows. This example illustrates using ERSPAN on the Cisco Nexus 1000V to forward traffic to the IDS virtual sensor 1 (VS1) discussed in the “Virtual Access Layer” section on page 4-24. Cisco Security MARS is monitoring the Cisco IPS devices including IDS VS1 to provide event correlation and anomaly detection. In this example, a vulnerability scan from another machine on the network is performed against a web server running on a virtual machine. The attacker’s IP address is 10.7.52.33 and the IP address of the web server is 10.8.180.230. The web server is connected to a virtual Ethernet port on the Cisco Nexus 1000V virtual switch. When the scan is initiated and reaches the Cisco Nexus 1000V, the web server a copy of the traffic is forwarded over the ERSPAN session to the IDS. See Figure 4-32. Figure 4-32 Using IDS and Cisco Security MARS to View Attack Information Against VM The scan from the client to the server triggers several IDS signatures and the corresponding event logs. See Figure 4-33. N7k1-VDC2 N7k2-VDC2 N7k2-VDC2 5020-1 5020-2 Trunking Uplinks with VLAN 3000 vmk1 VEM (10.8.3.100) ESX4 10.8.180.230 Nexus 1000 VEthernet 8 226584 SS1 IDS1 ERSPAN DST IP: 10.8.33.4 ID:2 10.7.52.334-42 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Alternative Design Figure 4-33 IDS Events for Scan Against VM Cisco Security MARS detects the events through the configured rules and logs the sweeps as an event or incident. See Figure 4-34. Figure 4-34 Cisco Security MARS Incident for IDS Events of Attack Against VM An otherwise undetected scan against a web server has been detected by the IDS and logged as an incident on Cisco Security MARS. Alternative Design In some cases, it might not be desirable to use an inline Cisco IPS in the data center environment. The topology can be easily modified to accommodate IDS devices in promiscuous mode. The IDS will only receive a copy of the traffic through either Switched Port Analyzer (SPAN) or VLAN Access Control List (VACL) capture instead of residing in the active traffic flow. Because the IDS is not in the active traffic path, there is also no need for bridging VLAN 163 and VLAN 164. VLAN 164 can be removed. VLAN 163 now goes from the Cisco ACE module directly to the Cisco Nexus 7000 internal VDC2. See Figure 4-35 for an illustration of this environment.4-43 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Alternative Design Figure 4-35 Data Center Security Services with IDS in Promiscuous Mode ASA1 10.8.152.5 10.8.152.3 10.8.162.3 VLAN 161 VLAN 162 VLAN 190 SPAN or VACL Capture VLAN 164 VLAN 163 VLAN 161 SS1 N7k1-VDC2 N7k1-VDC1 VRF1 SVI-161 SVI-151 VRF2 10.8.162.5 Po2 226589 WAF Cluster WAF Devices IP: 10.8.190.210 IP: 10.8.190.211 1 4 2 6 5 3 Copy Server VLANs Interface VLAN 190 IP: 10.8.190.2 Input Service Policy: L4_LB_VIP_HTTP_POLICY VIP:10.8.162.200 Interface VLAN 162 IP: 10.8.190.2 Input Service Policy: AGGREGATE_SLB_POLICY VIP:10.8.162.200 IDS1 vs0 IDS2 vs0 7 Bridged VLANs hsrp.1 hsrp.14-44 Cisco SAFE Reference Guide OL-19523-01 Chapter 4 Intranet Data Center Threats Mitigated in the Intranet Data Center Threats Mitigated in the Intranet Data Center Table 4-1 summarizes the threats mitigated with the data security design described in chapter. Ta b l e 4-1 Threats Mitigated with Data Center Security Design Botnets DoS Unauthorized Access Spyware, Malware Network Abuse Data Leakage Visibility Control Routing Security Yes Yes Yes Yes Yes Service Resiliency Yes Yes Yes Network Policy Enforcement Yes Yes Yes Yes Yes Application Control Engine (ACE) Yes Yes Yes Yes Web Application Firewall (WAF) Yes Yes Yes Yes Yes IPS Integration Yes Yes Yes Yes Yes Switching Security Yes Yes Yes Yes Endpoint Security Yes Yes Yes Yes Yes Yes Yes Yes Secure Device Access Yes Yes Yes Yes Yes Telemetry Yes Yes Yes Yes YesC H A P T E R 5-1 Cisco SAFE Reference Guide OL-19523-01 5 Enterprise Campus The enterprise campus is the portion of the infrastructure that provides network access to end users and devices located at the same geographical location. It may span over several floors in a single building, or over multiple buildings covering a larger geographical area. The campus typically connects to a network core that provides access to the other parts of the network such as data centers, WAN edge, other campuses, and the Internet edge modules. This chapter covers the best practices for implementing security within a campus network. It does not provide design guidance or recommendations on the type of distribution-access design that should be deployed within a campus network such as multi-tier, virtual switching system (VSS), or routed access designs. This chapter discusses the security best practices applicable to these designs. For information on the various campus distribution-access designs, see the Enterprise Campus 3.0 Architecture: Overview and Framework Document at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/campover.html From a security perspective, the following are the key requirements to be satisfied by the campus design: • Service availability and resiliency • Prevent unauthorized access, network abuse, intrusions, data leak, and fraud • Ensure data confidentiality, integrity, and availability • Ensure user segmentation • Enforce access control • Protect the endpoints • Protect the infrastructure5-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Key Threats in the Campus Key Threats in the Campus The following are some of the key threats that affect the campus: • Service disruption—Botnets, malware, adware, spyware, viruses, DoS attacks (buffer overflows and endpoint exploitation), Layer-2 attacks, and DDoS on services and infrastructure. • Unauthorized access—Intrusions, unauthorized users, escalation of privileges, IP Spoofing, and unauthorized access to restricted resources. • Data disclosure and modification—Sniffing, man-in-the-middle (MITM) attacks of data while in transit. • Network abuse—Peer-to-peer and instant messaging abuse, out-of-policy browsing, and access to forbidden content. • Data leak—From servers and user endpoints, data in transit and in rest. • Identity theft and fraud—On servers and end users, phishing, and E-mail spam. Enterprise Campus Design The campus design follows a modular hierarchical design comprising of core, distribution, and access layers. An optional services block using a set of switches providing distribution/access services may be implemented to host certain services for the local campus users. The modular hierarchical design segregates the functions of the network into separate building blocks to provide for availability, flexibility, scalability, and fault isolation. Redundancy is achieved by implementing switches in pairs, deploying redundant links, and implementing dynamic routing protocols. This results in a full topological redundancy as illustrated in Figure 5-1. 5-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Enterprise Campus Design Figure 5-1 Campus Design In the typical hierarchical model, the individual network modules such as the data center, WAN edge, Internet edge, and other campuses are interconnected using the core layer switches. As discussed in Chapter 3, “Enterprise Core,” the core serves as the backbone for the network. The core needs to be fast and extremely resilient because every building block depends on it for connectivity. A minimal configuration in the core reduces configuration complexity limiting the possibility for operational error. The distribution layer acts as a services and control boundary between the access and core layers. It aggregates switches from the access layer and protects the core from high-density peering requirements from the access layer. Additionally, the distribution block provides for policy enforcement, access control, route aggregation, and acts as an isolation demarcation between the access layer and the rest of Campus Services Core Access Distribution IP IP IP IP LWAPP LWAPP 226678 NAC NAC5-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Enterprise Campus Design the network. Typically, deployed as a pair (or multiple pairs) of Layer 3 switches for redundancy, the distribution layer uses Layer-3 switching for its connectivity to the core layer and Layer 2 trunks or Layer 3 point-to-point routed interfaces for its connectivity to the access layer. The access layer is the first point of entry into the network for edge devices, end stations, and IP phones. The switches in the access layer are connected to two separate distribution-layer switches for redundancy. The access switches in the access layer can connect to the distribution layer switches using Layer 2 trunks or Layer-3 point-to-point routed interfaces. Within the enterprise campus, an optional campus services block may be deployed to provide application services to end users and devices within the campus network such as centralized LWAPP wireless controllers and IPv6 ISATAP tunnel termination. Additionally, for small campuses that only require a few servers, this block could also be used to host a small number of localized foundational servers such as local DHCP, DNS, FTP, and NAC Profiler servers. For larger campuses requiring many servers, a data center design should be deployed to host these servers using the security best practices described in Chapter 4, “Intranet Data Center.” There are three basic choices for deploying the distribution-access design within a campus network. They include: • Multi-Tier, page 5-4 • Virtual Switch System (VSS), page 5-6 • Routed Access, page 5-7 While all three of these designs use the same basic physical topology and cable plant, there are differences in where the Layer-2 and Layer-3 boundaries exist, how the network topology redundancy is implemented, and how load-balancing works-along with a number of other key differences between each of the design options. The following sections provide a short description of each design option. A complete description for each of these design models can be found within the Enterprise Campus 3.0 Architecture: Overview and Framework document at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/campover.html Multi-Tier In a multi-tier distribution-access design, all the access switches are configured to run in Layer-2 forwarding mode and the distribution switches are configured to run both Layer-2 and Layer-3 forwarding. VLAN-based trunks are used to extend the subnets from the distribution switches down to the access layer. A default gateway protocol such as Hot Standby Router Protocol (HSRP) or Gateway Load Balancing Protocol (GLBP) is run on the distribution layer switches along with a routing protocol to provide upstream routing to the core of the campus. One version of spanning tree and the use of the spanning tree hardening features (such as Loopguard, Rootguard, and BPDUGuard) are configured on the access ports and switch-to-switch links as appropriate. Note It is a good practice to implement Per VLAN Spanning Tree (PVST). PVST defines a separate instance of spanning tree for each VLAN configured in the network, making the network more resilient from attacks against spanning tree. Cisco switches support several versions of PVST, including PVST+ and Rapid-PVST+. Rapid-PVST+ provides faster convergence of the spanning tree by using Rapid Spanning Tree Protocol (RSTP).5-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Enterprise Campus Design The multi-tier design has two basic variations that primarily differ only in the manner in which VLANs are defined. In the looped design, one-to-many VLANs are configured to span multiple access switches. As a result, each of these spanned VLANs has a spanning tree or Layer-2 looped topology. The other alternative—loop-free— design follows the current best practice guidance for the multi-tier design and defines unique VLANs for each access switch as shown in Figure 5-2. Figure 5-2 Multi-Tier Design The detailed design guidance for the multi-tier distribution block design can be found in the campus section of the Cisco Design Zone website at http://www.cisco.com/go/designzone Core Access Distribution VLAN 3 – Voice VLAN 103 - Data VLAN 2 – Voice VLAN 102 - Data VLAN n – Voice VLAN 100 + N - Data 226773 Layer 3 Layer 2 Si Si Si Si5-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Enterprise Campus Design Virtual Switch System (VSS) In the VSS design, the distribution switch pair acts as a single logical switch. By converting the redundant physical distribution switches into a single logical switch, a significant change is made to the topology of the network. Rather than an access switch configured with two uplinks to two distribution switches and needing a control protocol to determine which of the uplinks to use, now the access switch has a single multi-chassis Etherchannel (MEC) upstream link connected to a single distribution switch. This design is illustrated in Figure 5-3. Figure 5-3 VSS Design For details on the design of the virtual switching distribution design, see the upcoming virtual switch distribution block design guide at http://www.cisco.com/go/designzone Core Access Distribution VLAN 3 – Voice VLAN 103 - Data VLAN 2 – Voice VLAN 102 - Data VLAN n – Voice VLAN 100 + N - Data 226774 Layer 3 Layer 2 Si Si5-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Enterprise Campus Design Routed Access In a routed access design, the access switches act as a full Layer-3 routing node providing both Layer-2 and Layer-3 switching and acts as the Layer 2/3 demarcation point in the campus network design. Layer-3 point-to-point routed interfaces are used to connect to the distribution switches. Each access switch is configured with unique voice, data, and any other required VLANs. In addition, in a routed access design, the default gateway and root bridge for these VLANs exists on the access switch. Figure 5-4 illustrates the Layer-3 routed access design. Figure 5-4 Routed Access Design The detailed design guidance for the routed access distribution block design can be found in the campus section of the Cisco Design Zone site at http://www.cisco.com/go/designzone Core Access Distribution VLAN 3 – Voice VLAN 103 - Data VLAN 2 – Voice VLAN 102 - Data VLAN n – Voice VLAN 100 + N - Data 226679 Layer 3 Layer 2 Si Si Si Si Si Si Si5-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer Campus Access Layer The campus access layer is the first tier or edge of the campus where end devices such as end-user workstations, printers, and cameras attach to the wired portion of the network. Additionally, this is also where devices such as IP phones and wireless access points (APs) are attached to extend the network out from the access switches. Each access switch is deployed with redundant links to the distribution layer switches. See Figure 5-5. Figure 5-5 Campus Access Module Design Campus Services Core Access Distribution IP IP IP IP LWAPP LWAPP 226680 NAC NAC5-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer Campus Access Layer Design Guidelines The campus access layer provides the demarcation point between the network infrastructure and the end devices that use the network infrastructure. It is the first line of defense in the network against threats generated by devices connecting to them. This section discusses the various security measures used for securing the campus access layer, including the following: • Securing the endpoints using endpoint security software • Securing the access infrastructure and protecting network services including DHCP, ARP, IP spoofing protection and protecting against inadvertent loops using Network Foundation Protection (NFP) best practices and Catalyst Integrated Security Features (CISF). Endpoint Protection Network endpoints are defined as any systems that connect to the network and communicate with other entities over the network infrastructure such as servers, desktop computers, laptops, printers, and IP phones. These endpoints can vary greatly in hardware types, operating systems, and applications making it very difficult to keep them updated with latest patches to vulnerabilities and virus signature files. In addition, portable devices such as laptops can be used at hotels, employee’s homes, and other places outside the corporate controls making it difficult to protect these devices. The list of threats to these endpoints include malware, adware, spyware, viruses, worms, botnets, and E-mail spam. The vulnerability of any particular endpoint can impact the security and availability of an entire enterprise. Thus, endpoint security is a critical element of an integrated, defense-in-depth approach to protecting both clients and servers themselves and the network to which they connect. The first step in properly securing the endpoints requires end-user awareness and the adoption of the appropriate technical controls. End-users must be continuously educated on current threats and the security measures needed for keeping endpoints up-to-date with the latest updates, patches, and fixes. In addition, this must be complemented by implementing a range of security controls focused on protecting the endpoints such as endpoint security software, network-based intrusion prevention systems, and web and E-mail traffic security. Endpoint security software must harden the endpoint against an initial attack as well the activities associated with compromised endpoints. The key elements include the following: • Protection against known attacks— Signature-based threat detection and mitigation such as known worms and viruses. • Protection against zero-day or unpatched attacks—Behavioral-based threat detection and mitigation such as attempts to load an unauthorized kernel driver, capture keystrokes, buffer overflows, modify system configuration settings, and inset code into other processes. • Policy enforcement—Visibility and protection against non-compliant behavior such as data loss, unauthorized access, and network and application abuse. These elements are addressed by host-based intrusion prevention systems (HIPS) such as the Cisco Security Agent (CSA). The Cisco SAFE leverages CSA on end-user workstation and servers to provide endpoint security. CSA takes a proactive and preventative approach, using behavior-based and signature-based security to focus on preventing malicious activity on the host. Cisco Security Agents are centrally managed using the Management Center for Cisco Security Agents (CSA-MC) including behavioral policies, data loss prevention, and antivirus protection. The CSA-MC also provides centralized reporting and global correlation. 5-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer CSA can be deployed in conjunction with IPS to enhance threat visibility within the network. CSA can provide endpoint posture information to IPS to reduce false-positives and allow dynamic quarantine of compromised hosts. For more information on CSA and IPS collaboration, refer to Chapter 11, “Threat Control and Containment.” Access Security Best Practices In addition to protecting the endpoints themselves, the infrastructure devices and network services such as DHCP and ARP also need to be protected. Cisco SAFE leverages the NFP security best practices and the Catalyst Integrated Security Features (CISF) for hardening the access switches in the campus access layer. This includes restricting and controlling administrative access, protecting the management and control planes, securing the dynamic exchange of routing information, and securing the switching infrastructure. The following are the key areas of the NFP best practices applicable to securing the access layer switches. All best practices listed below are applicable to the access switches in all three distribution-access design models unless otherwise noted: • Infrastructure device access – Implement dedicated management interfaces to the out-of-band (OOB) management network; for more information on implementing an OOB management network, refer to Chapter 9, “Management.” – Limit the accessible ports and restrict the permitted communicators and the permitted methods of access. – Present legal notification. – Authenticate and authorize access using AAA. – Log and account for all access. – Protect locally stored sensitive data (such as local passwords) from viewing and copying. • Routing infrastructure – Authenticate routing neighbors. – Use default passive interfaces. – Log neighbor changes. – Implement EIGRP stub routing. Note Routing infrastructure protection is only applicable in the access layer of a routed access design since Layer-3 routing is enabled between the access and distribution switches. In a multi-tier and VSS design, this is enabled in the distribution layer. • Device resiliency and survivability – Disable unnecessary services. – Filter and rate-limit control-plane traffic. – Implement redundancy. • Network telemetry – Implement NTP to synchronize time to the same network clock. – Maintain and monitor device global and interface traffic statistics. 5-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer – Maintain system status information (memory, CPU, and process). – Log and collect system status, traffic statistics, and device access information. • Network policy enforcement – Implement management and infrastructure ACLs (iACLs). Note iACLs are only applicable in the access layer of a routed access design where the routed edge interface is on the access switches. In a multi-tier and VSS design, this is enabled in the distribution layer. – Protect against IP spoofing using IP Source Guard on access ports and uRPF on routed edge interfaces. Note URPF is only applicable in the access layer of a routed access design where the routed edge interface is on the access switches. In a multi-tier and VSS design, this is enabled in the distribution layer. For more information on many of the NFP security best practices listed above, including design and configuration guidelines for each of the areas, refer to the Chapter 2, “Network Foundation Protection.” Additional details and requirements for implementing switching security and infrastructure ACLs in the campus access layer are provided in the following subsections. Switching Security The campus access layer switching infrastructure must be resilient to attacks including direct, indirect, intentional, and unintentional types of attacks. In addition, they must offer protection to users and devices within the Layer 2 domain. The key measures for providing switching security on the access switches include the following: • Restrict broadcast domains • Spanning Tree Protocol (STP) Security—Implement Rapid Per-VLAN Spanning Tree (Rapid PVST+), BPDU Guard, and STP Root Guard to protect against inadvertent loops • DHCP Protection—Implement DHCP snooping on access VLANs to protect against DHCP starvation and rogue DHCP server attacks • IP Spoofing Protection—Implement IP Source Guard on access ports • ARP Spoofing Protection—Implement dynamic ARP inspection (DAI) on access VLANs • MAC Flooding Protection—Enable Port Security on access ports • Broadcast and Multicast Storm Protection—Enable storm control on access ports • VLAN Best Common Practices – Restrict VLANs to a single switch – Configure separate VLANs for voice and data – Configure all user-facing ports as non-trunking (DTP off) – Disable VLAN dynamic trunk negotiation trunking on user ports – Explicitly configure trunking on infrastructure ports rather than autonegotiation – Use VTP transparent mode5-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer – Disable unused ports and place in unused VLAN – Do not use VLAN 1 for anything – Use all tagged mode for native VLAN on trunks Port Security Considerations Port security builds a list of secure MAC addresses in one of the following two ways, configurable on a per-interface basis: • Dynamic learning of MAC addresses—Defines a maximum number of MAC addresses that will be learned and permitted on a port. This is useful for dynamic environments, such as at the access edge. • Static configuration of MAC addresses—Defines the static MAC addresses permitted on a port. This is useful for static environments, such as a serverfarm, a lobby, or a demilitarized network (DMZ). Typical port security deployment scenarios consist of the following: • A dynamic environment, such as an access edge, where a port may have port security enabled with the maximum number of MAC addresses set to one, enabling only one MAC address to be dynamically learned at a time, and a security violation action of protect enabled. • A static, controlled environment, such as a serverfarm or a lobby, where a port may have port security enabled with the server or lobby client MAC address statically defined and the more severe security violation response action of shutdown is enabled. • A VoIP deployment, where a port may have port security enabled with the maximum number of MAC addresses defined as three. One MAC address is required for the workstation, and depending on the switch hardware and software, one or two MAC addresses may be required for the phone. In addition, it is generally recommended that the security violation action be set to restrict so that the port is not entirely taken down when a violation occurs. For more information on switching security, including design and configuration guidelines for many areas highlighted above, refer to the Chapter 2, “Network Foundation Protection.” The specific requirements and implementation of DHCP protection, ARP spoofing protection and storm protection in the campus access layer are covered in detail below. DHCP Protection DHCP protection is critical to ensure that a client on an access edge port is not able to spoof or accidentally bring up a DHCP server, nor exhaust the entire DHCP address space by using a sophisticated DHCP starvation attack. Both these attacks are addressed with the Cisco IOS DHCP snooping feature that performs two key functions to address these attacks: • Rogue DHCP Server Protection—If reserved DHCP server responses (DHCPOFFER, DHCPACK, and DHCPNAK) are received on an untrusted port (such as an access port), the interface is shut down. • DHCP Starvation Protection—Validates that the source MAC address in the DHCP payload on an untrusted (access) interface matches the source MAC address registered on that interface. DHCP snooping is enabled on a per-VLAN basis and all interfaces in that VLAN are untrusted by default. Consequently, an interface hosting a DHCP server must be explicitly defined as trusted. Note DHCP snooping rate-limiting should be enabled to harden the switch against a resource exhaustion-based DoS attack.5-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer A sample DHCP snooping configuration on a Catalyst 4500 deployed in a routed access design is shown below. Similar configuration can be used in a multi-tier or VSS design. An example DHCP snooping rate-limit value of 15 pps is shown. The recommended rate-limit value depends on whether it is applied on trusted or untrusted interfaces, access or trunk ports, the size of the access switch, and the amount of acceptable DHCP traffic. ! ! On each interface in a VLAN where DHCP Snooping is to be enforced (access data and voice VLANs) ! Rate limit DHCP snooping to ensure device resiliency interface x/x switchport access vlan 120 switchport mode access switchport voice vlan 110 ip dhcp snooping limit rate 15 ! ! Define the VLANs on which to enforce DHCP Snooping in global configuration mode ip dhcp snooping vlan 100,110,120 ! DHCP Option 82 is not being used, so it is disabled no ip dhcp snooping information option ! Enable DHCP Snooping ip dhcp snooping ! ! Enable automatic re-enablement of an interface shutdown due to the DHCP rate limit being exceeded errdisable recovery interval 120 errdisable recovery cause dhcp-rate-limit ! For more information on the DHCP snooping feature, refer to the following URL: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configuration/guide/dhcp.html ARP Spoofing Protection ARP spoofing protection ensures that a client on an access edge port is not able to perform a MITM attack by sending a gratuitous ARP that presents its MAC address as that associated with a different IP address, such as that of the default gateway. This attack is addressed with the Cisco IOS Dynamic ARP Inspection (DAI) feature that validates that the source MAC and IP address in an ARP packet received on an untrusted interface matches the source MAC and IP address registered on that interface. DAI is enabled on a per-VLAN basis and all interfaces in that VLAN are untrusted by default. Consequently, a device that does not use DHCP, such as the default gateway, ARP inspection must be bypassed by either explicitly defining the interface it is connected to as trusted, or creating an ARP inspection ACL to permit the source MAC and IP address of that device. The following is a sample DAI configuration on a Cisco Catalyst 4500 deployed in a routed access design. Similar configuration can be used in a multi-tier or VSS design. The ARP inspection rate-limit of 100 pps is given as an example. The recommended value depends on the individual network environment, including type of access switch and the amount of valid ARP request traffic. ! ! Define the VLANs on which to enforce DAI (e.g. access and voice VLANs) ip arp inspection vlan 100,110,120 ! ! Enable automatic re-enablement of an interface shut down due to the DAI rate limit being exceeded errdisable recovery cause arp-inspection errdisable recovery interval 120 ! ! On each interface in a VLAN where DAI is enforced, rate limit DAI to ensure device resiliency5-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer interface x/x switchport access vlan 120 switchport mode access switchport voice vlan 110 ip arp inspection limit rate 100 ! For more information on the DAI feature, refer to the Infrastructure Protection on Cisco Catalyst 6500 and 4500 Series Switches whitepaper at the following URL: http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080825564. pdf Traffic Storm Protection When a large amount of broadcast (and/or multicast) packets congest a network, the event is referred to as a broadcast storm. A storm occurs when broadcast or multicast packets flood the subnet, creating excessive traffic and degrading network performance. Storm control prevents LAN interfaces from being disrupted by these broadcast and multicast storms. Errors in the protocol-stack implementation, mistakes in network configurations, or users issuing a denial-of-service (DoS) attack can cause a storm. Storm control (or traffic suppression) monitors packets passing from an interface to the switching bus and determines if the packet is unicast, multicast, or broadcast. The switch counts the number of packets of a specified type received within the 1-second time interval and compares the measurement with a predefined suppression-level threshold. Once the suppression-level threshold is reached, the port blocks traffic until the traffic falls below the threshold level. The following is a sample storm-control configuration on a Cisco Catalyst 4500 deployed in a routed access design. Similar configuration can be used in a multi-tier or VSS design. The threshold value of 1 percent is given as an example. The recommended value depends on the broadcast and multicast traffic characteristics of individual networks. Different networks may have varying degrees of acceptable broadcast or multicast traffic. ! Configure broadcast storm-control and define the upper level suppression threshold on ! the access ports ! Configure a trap to be sent once a storm is detected interface x/x switchport access vlan 120 switchport mode access switchport voice vlan 110 storm-control broadcast level 1.00 storm-control action trap ! Enable multicast suppression on ports that already have broadcast suppression enable ! This is configured in the global configuration storm-control broadcast include multicast For more information on configuring Storm control, refer to the Infrastructure Protection on Cisco Catalyst 6500 and 4500 Series Switches whitepaper at the following URL: http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080825564. pdf Infrastructure ACLs Proper network policy-enforcement at the edge of a network ensures that traffic entering the network conforms to the general and corporate network policy. Direct access to the infrastructure devices and management network should be strictly controlled to minimize the risk of exposure. Infrastructure ACLs (iACLs) are deployed to restrict direct access to the network infrastructure address space and should be deployed closest to the edge as possible. In addition, management ACLs are deployed to restrict access to the address space assigned to the management network. In a routed access design, iACLs are applied on the client gateway interface on the access switches. If the access switches connect to an OOB 5-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Access Layer management network, management ACLs are applied on the interface connecting to the OOB management network. If they are being managed in-band, then the management ACLs should be incorporated into the iACLs. The following should be considered when implementing iACLs: • A carefully planned addressing scheme will simplify deployment and management. • Ping and traceroute traffic can be allowed to facilitate troubleshooting. • Block client access to addresses assigned to the infrastructure devices. • Block client access to addresses assigned to the network management subnet. • Permit client transit traffic. A sample configuration fragment for an access edge iACL in Cisco IOS is provided below. For detailed information on defining iACLs, refer to Chapter 2, “Network Foundation Protection.” ! Define Campus Edge infrastructure ACL ip access-list extended campus_iACL ! permit clients to perform ping and traceroutes needed for troubleshooting permit icmp any any ttl-exceeded permit icmp any any port-unreachable permit icmp any any echo-reply permit icmp any any echo ! Deny Client Access to Network Infrastructure Address Space deny ip any <MGMT_Network_subnet> <inverse-mask> deny ip any <Network_Infrastructure_subnet> <inverse-mask> ! Permit All Other Client Traffic not destined to Infrastructure addresses (transit traffic) permit ip any any ! Apply Campus Edge iACL to the client default gateway interface on access switch interface Vlan100 description VLAN 100 - Client Data VLAN ip address 10.240.100.1 255.255.255.0 ip access-group campus_iACL in Note It is not necessary to specify the particular access subnet as the source address in the ACL entries if IP source address validation is already being enforced; for example, through IP Source Guard on the access ports. This enables generic and consistent iACLs to be deployed across the enterprise access edge, thereby minimizing the operational overhead. Management ACLs are used to restrict traffic to and from the OOB management network. If the access switches connect directly to an OOB management network using a dedicated management interface, management access-lists using inbound and outbound access-groups are applied to the management interface to only allow access to the management network from the IP address assigned to the management interface assigned to the managed device and, conversely, only allow access from the management network to that management interface address. Data traffic should never transit the devices using the connection to the management network. In addition, the management ACL should only permit protocols that are needed for the management of these devices. These protocols could include SSH, NTP, FTP, SNMP, TACACS+ , e tc. For further information on the OOB management best practices and sample management ACL configuration, refer to Chapter 9, “Management.”5-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Distribution Layer Operational Considerations The operational management of the switching infrastructure can be greatly enhanced by using Smartports macros on a Cisco switch. Smartports macros enable customized port templates to be defined according to corporate policy and applied to ports on an as-needed basis. Each SmartPort macro is a set of CLI commands that the user define. SmartPort macro sets do not contain new CLI commands; each SmartPort macro is a group of existing CLI commands. When the user apply a SmartPort macro on an interface, the CLI commands contained within the macro are configured on the interface. When the macro is applied to an interface, the existing interface configurations are not lost. The new commands are added to interface and are saved in the running configuration file. In addition, there are Cisco default Smartports macros embedded in the switch software that can be used. The use of SmartPort macros ensures consistent policy enforcement, eases operations and avoids misconfiguration. For more information on Smartports macros, refer to the following URL: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configuration/guide/macro.htm l Campus Distribution Layer The campus distribution layer acts as a services and control boundary between the campus access layer and the enterprise core. It is an aggregation point for all of the access switches providing policy enforcement, access control, route and link aggregation, and the isolation demarcation point between the campus access layer and the rest of the network. The distribution switches are implemented in pairs and deployed with redundant links to the core and access layers. In large campus networks, there may be several pairs of distribution layer switches. In those cases, each of the security best practices described in this section should be applied to every distribution layer switch pairs. Figure 5-6 highlights the distribution layer in the overall campus hierarchical design.5-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Distribution Layer Figure 5-6 Campus Distribution Layer Campus Services Core Access Distribution IP IP IP IP LWAPP LWAPP 226681 NAC NAC5-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Distribution Layer Campus Distribution Layer Design Guidelines The campus distribution layer provides connectivity to the enterprise core for clients in the campus access layer. It aggregates the links from the access switches and serves as an integration point for campus security services such as IPS and network policy enforcement. This section discusses the various security measures used for securing the campus distribution layer including the following: • Protecting the endpoints using network-based intrusion prevention • Protection the infrastructure using NFP best practices Campus IPS Design IPS provide filtering of known network worms and viruses, DoS traffic, and directed hacking attacks. This functionality is highly beneficial in a campus environment by quickly identifying attacks and providing forensic information so that attacks can be cleaned up before substantial damage is done to network assets. IPS is designed to monitor and permit all traffic that is not malicious and can be deployed with a single campus-wide protection policy allowing for a pervasive campus-wide IPS deployment. To get the most benefit, IPS needs to cover a majority of the network segments in a campus. Since the distribution switches provide the aggregation point for all of the access switches and provides connectivity and policy services for traffic flows between the access layer and the rest of the network, it is recommended that IPS devices be deployed in the distribution layer. • Deploying IPS in a campus network is driven by three key design considerations: • Deployment Model, page 5-18 • Scalability and Availability, page 5-19 • Traffic Symmetry, page 5-19 Deployment Model Cisco IPS appliances and modules can be deployed in inline or promiscuous mode, typically referred to as IPS or IDS modes. When deployed in the inline mode, the Cisco IPS is placed in the traffic path. This allows the sensor to stop attacks by dropping malicious traffic before it reaches the intended target, thus providing a strong protective service. IPS inline mode enables automatic threat detection and mitigation capabilities that offer some clear advantages in terms of timely threat mitigation and degree of protection. In addition, signature tuning enables the automated response actions to be tuned according to customer policy. Since IPS is in the data path, however, it is critical to ensure that the deployment is well designed, architected and tuned to ensure that it does not have a negative impact on network latency, convergence, and service availability. Additionally, when deployed in the inline mode, traffic is bridged through the sensors by pairing interfaces or VLANs within the sensor. This requires additional VLANs and modifications to be made to the campus architecture to accommodate the IPS insertion. Cisco IPS can also be deployed in promiscuous mode. In this mode, the IPS is not in the data path, but rather performs passive monitoring, with traffic being passed to it through a monitoring port using traffic mirroring techniques such as Switched Port Analyzer (SPAN), Remote SPAN (RSPAN), or VLAN ACL (VACL) capture. The Cisco IPS sensor analyzes a copy of the monitored traffic rather than the actual forwarded packet. Upon detection of anomalous behavior, management systems are informed of an event and operational staff can subsequently decide what action, if any, to take in response to an incident. The time between threat detection and mitigation may thus be extended and requires a manual response. 5-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Distribution Layer The decision to deploy IPS in inline mode or promiscuous mode varies based on the goals and policies of an enterprise. Deploying IPS inline has some clear advantages from a security perspective with its timely threat detection and mitigation, but requires some architecture modifications and careful planning to ensure network latency, convergence, and availability is not compromised. Deploying IPS in promiscuous mode avoids architectural changes, but it provides a lesser degree of security. Scalability and Availability For scalability, Cisco offers a range of different IPS platforms that can be deployed according to a particular customer's needs. For networks with a high level of activity and traffic, IPS appliances can be used. For networks with a lower level of activity and traffic or where integrated security is preferred, Cisco IPS modules are viable options. For increased scalability and high availability, multiple IPS sensors can be bundled together using a load-balancing mechanism. IPS load-balancing can be accomplished using the EtherChannel load-balancing (ECLB) feature within a switch to perform intelligent load-balancing across the IPS devices. In addition, multiple IPS sensors may also be deployed by using a load-balancing module or appliance such as the ACE module. Traffic Symmetry For maximum visibility, the IPS sensors must be able to see traffic in both directions. For this reason, it is important to ensure the symmetry of the traffic as it traverses or reaches the IPS sensor. Symmetrical traffic flows offer a number of important benefits, including enhanced threat detection, reduced vulnerability to IPS evasion techniques, and improved operations through reduced false-positives and false-negatives. Consequently, this is a key design element. For example, if multiple IPS exist in a single flow for availability and scalability purposes, maintaining symmetric flows requires some consideration of the IPS integration design. There are a number of options available to ensure symmetric traffic flows, including: • Copy traffic across all IPS senders—Use of SPAN, VLAN ACL (VACL) capture, or taps to duplicate traffic across all IPS, ensuring any single IPS sees all flows. This can become a challenge once more than two IPS are involved and results in all IPS being loaded with the active traffic flows. • Integration of an IPS switch—Topological design to consolidate traffic into a single switch, thereby leveraging the switch to provide predictable and consistent forward and return paths through the same IPS. This is simple design, but introduces a single point-of-failure. • Routing manipulation—Use of techniques such as path cost metrics or policy-based routing (PBR) to provide predictable and consistent forward and return paths through the same switch and, consequently, the same IPS. This is cost-effective design, but introduces some complexity and requires an agreement from network operations (NetOps). • Sticky load-balancing—Insertion of a sticky load-balancing device, such as the ACE module, to provide predictable and consistent forward and return paths through the same IPS. This is a flexible design, but introduces additional equipment to deploy and manage. For more information on Cisco IPS, refer to the following URL: http://www.cisco.com/go/ips Campus Distribution Layer Infrastructure Security In addition to deploying IPS within the Campus distribution layer, the distribution layer switches also need to be protected. These switches should be hardened following the best practices described in the Chapter 2, “Network Foundation Protection.” The following bullets summarize the key NFP areas for securing the distribution layer infrastructure devices. All best practices listed below are applicable to the access switches in all three distribution-access design models unless otherwise noted.5-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Distribution Layer • Infrastructure device access—Implement dedicated management interfaces to the OOB management network, limit the accessible ports and restrict the permitted communicators and the permitted methods of access, present legal notification, authenticate and authorize access using AAA, log and account for all access, and protect locally stored sensitive data (such as local passwords) from viewing and copying. Note For more information on implementing an OOB management network, refer to Chapter 9, “Management.” • Routing infrastructure—Authenticate routing neighbors, implement route filtering, implement EIGRP stub routing, use default passive interfaces, and log neighbor changes. Note Route filtering and EIGRP stub routing in the distribution layer are only recommended for a multi-tier or VSS design where the routed edge interface is on the distribution switches. In a routed access design, these features are used in the access layer. • Device resiliency and survivability—Disable unnecessary services, filter and rate-limit control-plane traffic, and implement redundancy. • Network telemetry—Implement NTP to synchronize time to the same network clock, maintain device global and interface traffic statistics, maintain system status information (memory, CPU, and process), log and collect system status, traffic statistics, and device access information, and enable NetFlow. • Network policy enforcement – Implement management ACLs and iACLs to restrict access to infrastructure and management devices. Note iACLs are only applicable in the distribution layer of a multi-tier design where the routed edge interface is on the distribution switches. In a routed access design, this is enabled in the access layer. – Apply uRPF to block packets with spoofed IP addresses. Note uRPF is only applicable in the distribution layer of a multi-tier design where the routed edge interface is on the distribution switches. In a routed access design, this is enabled in the access layer. • Secure switching infrastructure—Restrict broadcast domains, harden spanning tree to prevent against inadvertent loops, and apply VLAN best practices. Note VLAN and spanning tree best practices are only applicable in the distribution layer of a multi-tier design where Layer 2 extends to the distribution layer switches. 5-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Campus Services Block Campus Services Block Within the enterprise campus, the primary role of the services block is to provide application services to end users and devices within the campus network such as centralized LWAPP wireless controllers and IPv6 ISATAP tunnel termination. Additionally, for small campuses that only require a few servers, this block could also optionally be used to host a small number of localized foundational servers such as local DHCP, DNS, FTP, NAC Profiler servers. For larger campuses requiring many servers, a data center design should be deployed to host these servers using the security best practices described in the Chapter 4, “Intranet Data Center.” The campus services block connects to the core switches using a pair of services switches using redundant Layer-3 links as shown in Figure 5-7. Figure 5-7 Campus Services Block Design Diagram Campus Services Core Access Distribution IP IP IP IP LWAPP LWAPP 226690 NAC NAC5-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus In Figure 5-7, a pair of switches are shown that are acting as a collapsed distribution-access layer providing Layer 2 and Layer 3 services for the devices hosted in the services network segment. These switches also provides for routing separation and policy enforcement for the devices residing in this network. Given the level of access that employees have to the services located in the campus services block, it is critical that they are protected from internally originated attacks. Simply relying on effective passwords does not provide for a comprehensive attack mitigation strategy. Using host and network-based IPS, private VLANs, switch security, stateful firewalls for access control, and good system administration practices (such as keeping systems up to date with the latest patches), provides a much more comprehensive response to attacks. The same security best practices to secure servers in the data center should be applied to securing the campus services block. These best practices can be found in Chapter 4, “Intranet Data Center.” Network Access Control in the Campus In today's diverse workplaces, consultants, contractors, and even guests require access to network resources over the same LAN connections as regular employees. As data networks become increasingly indispensable in day-to-day business operations, the possibility that unauthorized people will gain access to controlled or confidential information also increases. One of the most vulnerable points of the network is the access edge. The access layer is where end users connect to the network. In the past, corporations have largely relied on physical security to protect this part of the network. Unauthorized users were not allowed to enter a secure building where they could plug into the network. Today, contractors and consultants regularly have access to secure areas. Once inside, there is nothing to prevent a contractor from plugging into a wall jack and gaining access to the corporate network. There is no need to enter an employee cube to do this. Conference rooms frequently offer network access through wall jacks or even desktop switches. Once connected to the network, everyone (employees, contractors, consultants, guests, and malicious users) has access to all the resources on the network. To protect against unauthorized access to controlled or confidential information, customers are demanding that network access-control be embedded within the network infrastructure. This allows for greater flexibility in expanding the application of network access-control throughout the network. Campus network designs should provide identity- or role-based access controls for systems connecting to them. Implementing role-based access controls for users and devices help reduce the potential loss of sensitive information by enabling organizations to verify a user or devices' identity, privilege level, and security policy compliance before granting network access. Security compliance could consist of requiring antivirus software, OS updates or patches. Unauthorized, or noncompliant devices can be placed in a quarantine area where remediation can occur prior to gaining access to the network. Cisco SAFE design uses the following network access control solutions: • Cisco Identity-Based Network Networking Services (IBNS) • Cisco NAC Appliance Cisco IBNS solution is a set of Cisco IOS software services designed to enable secure user and host access to enterprise networks powered by Cisco Catalyst switches and wireless LANs. It provides standards-based network access control at the access layer by using the 802.1X protocol to secure the physical ports where end users connect. 802.1X is an IEEE standard for media-level (Layer 2) access control, offering the capability to permit or deny network connectivity based on the identity of the end user or device enabling enterprise policy enforcement of all users and hosts, whether managed or 5-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus unmanaged. In addition to holistic access-control provided by 802.1X, IBNS also offers device-specific access-control through MAC-Authentication Bypass (MAB) and user-based access-control through Web- Auth. The Cisco Network Admission Control (NAC) Appliance uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources. With NAC Appliance, network administrators can authenticate, authorize, evaluate, and remediate wired, wireless, and remote users and their machines prior to network access. It identifies whether networked devices such as laptops, IP phones, or game consoles are compliant with your network's security policies and repairs any vulnerability before permitting access to the network. Noncompliant machines are redirected into a quarantine area, where remediation occurs at the discretion of the administrator. The choice of which NAC solution to use depends on the security goals and the direction of the network design. For networks using or moving towards 802.1x-based wired or wireless access and interested in identity-based access control, Cisco IBNS solution should be considered. For networks requiring role-based access control using posture assessments to ensure security compliance, Cisco NAC Appliance should be considered. The Cisco Identity-Based Networking Services (IBNS) and NAC Appliance access control solutions are discussed in the following sections. Cisco Identity-Based Networking Services Cisco IBNS is an integrated solution comprising several Cisco products that offer authentication and identity-based access control to secure network connectivity and resources. With Cisco IBNS, you can facilitate greater security and enable cost-effective management of changes throughout your network. A secure IBNS framework helps enterprises better manage employee mobility, reduce network access expenses and boost overall productivity while lowering operating costs. This section of the document provides high-level design recommendations for deploying Cisco IBNS in a campus network along with covering important planning and deployment considerations. For complete details on Cisco IBNS including configuration details, refer to the Cisco IBNS site at the following: www.cisco.com/go/ibns Deployment Considerations Cisco IBNS provides customized access to the network based on a person's (or device's) identity. Therefore, a well-defined security policy should be created to provide broad guidelines for who can access which corporate resources and under what conditions. The following sections cover some of the things that should be considered for implementing an IBNS solution that that suits your network. User and Device Categories When implementing an IBNS solution, the first and most fundamental question that must be answered is: Who gets what access? Once answered, categories of users and devices that connect to your network can be defined. For initial deployments, use broad categories for users and devices (e.g., employee, managed asset, unknown Asset). The simpler the policy, the smoother and more successful your initial deployment will be. Once basic access control has been successfully deployed, more granular groups and policies can be deployed to move towards a more highly differentiated model of access control. Once categories of users and devices on the network are defined, use the guidelines from your security policy to map each category to a network access level. The example in Table 5-1, while very simple, has been used as the basis for many successful deployments.5-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus • The Pre-Authentication category refers to the level of access that a user or device will get before its identity has been determined. Under a very strict security policy, this level could be no access. Alternatively, it could be limited to a small set of services (such as DHCP, DNS, TFTP) that would allow devices that depend on immediate network access (e.g. a device that needs to download its operating system or a device that needs enough connectivity to perform a web-authentication) to function normally even before its identity has been established. • The Failed Authentication category refers to the level of access that a user or device will get if it fails to provide valid credentials. Under a very strict security policy, this could be no access (this is the default). However, if the policy is no access, a manual process must be provided by which legitimate users can remediate their credentials (e.g., renew an expired password). An example of a manual process might be to have employees take their laptops to a physically secure location where an IT administrator can update the credential. Such a process can be resource-intensive, both in terms of end-user education and IT support. Therefore, if your security policy permits, you might want to consider modifying the default Failed Authentication access to permit a small set of services that would allow a device to automatically update or request credentials. User and Device Identification Authentication Authentication is the process by which the network establishes the identity of devices and users that are attempting to connect. To be able to authenticate users and devices, you must first decide what kind of credentials is acceptable for valid identification. Ideally, strong forms of identification such as digital certificates or properly encrypted usernames and password should be used. A much weaker form of identification would be the MAC address of the connecting device. Acceptable credentials is determined by the method that is used to validate those credentials. The authentication method determines how a device submits its credentials to the network. 802.1X is an IEEE standard that defines a process by which a device can submit strong credentials like digital certificates and passwords using a client (called a supplicant). 802.1X is a strong authentication method and is preferred in all cases where the device can support the required client. The specific details of which credentials are accepted and how they are submitted are determined by what is known as the EAP method. Common EAP methods include PEAP-MSCHAPv2 (for username/password credentials) and EAP-TLS (for certificate-based credentials). For devices that do not support the required 802.1X client, a supplementary form of authentication must be used. MAC-Authentication Bypass (MAB) is a secondary authentication method in which the access switch detects the device's MAC address and submits it as a form of identification. Once the type of credential is chosen, it must be validated. A database of allowed devices and their credentials and (for certificate-based authentication) a certificate chain of trust is required for authentication. If MAC address-based authentication is used, then a database of valid MAC addresses to validate against is required as well. Ta b l e 5-1 User and device category access levels for initial deployment Category Network Access Level Employee Full Access (Intranet & Internet) Managed Asset Full Access (Intranet & Internet) Unknown Device Connectivity services (DHCP, DNS, TFTP) only Pre-Authentication Connectivity services only Failed Authentication Connectivity services only5-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus In most cases, there is no need to build a credential database from scratch. For example, many organizations already possess a database of valid users and computers in the form of Microsoft Active Directory. Some organizations also maintain databases with the MAC addresses of corporate assets. Very often, these databases can be re-used for 802.1X and MAB. Using these databases will greatly simplify your 802.1X deployment. Levels of Authorization Authorization is the process by which an endpoint is granted a certain level of access to the network. In an identity-enabled network, network access should correspond to the authenticated identity of the endpoint. But an endpoint's network access can also depend on where the endpoint is in the authentication process. When planning a deployment, consider what access the endpoint should have at each of these stages: • Pre-authentication • Successful authentication • Failed authentication The authorization options available in each stage are discussed in detail below. Pre-Authentication By default, endpoints are not authorized for network access prior to authentication. Before a device has successfully authenticated via 802.1X or MAB, the port allows no traffic other than that required for authentication. Access to the port is effectively closed. While very secure, this method of access control can cause problems for devices that need network access before they authenticate (e.g., PXE devices that boot an OS from the network) or devices that are sensitive to delays in network access that may result from the authentication process. As an alternative, it is possible to configure Cisco switches for two other levels of Pre-Authentication authorization: Open Access and Selectively Open Access. Open Access is the opposite of the default Pre-Authentication authorization. With Open Access, all traffic is allowed through the port before authentication. While Open Access is obviously not an effective way to enforce network access control, it does have an important role in initial stages of deploying 802.1X. This will be discussed later in the section on the Monitor Mode deployment scenario. Selectively Open Access represents a middle-ground between the default Closed access and Open Access. With Selectively Open Access, you can use a default port access-lists (ACLs) to permit or deny specific traffic (e.g., permit TFTP and DHCP traffic to allow PXE devices to boot before they authenticate). Table 5-2 summarizes the pre-authentication access levels. Ta b l e 5-2 pre-authentication access levels Pre-Authentication Access Level Implementation No Access Default —Closed Open Access Open Selectively Open Access Open with port ACL to control access5-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Successful Authentication After a successful authentication, the port is, by default, opened up completely and all traffic is allowed in the configured native VLAN of the port. This is a simple, binary decision: anyone who successfully authenticates by any method is granted full access. To achieve differentiated access based on the identity of the authenticated user or device, it is necessary to use dynamic access control with VLANs and/or ACLs. When post-authentication access is implemented with VLANs, the switch dynamically assigns a VLAN to a port based on the identity of the device that authenticated. Engineers could be assigned the ENG VLAN while accountants could be assigned the FINANCE VLAN. While this form of dynamic authorization is a powerful tool for differentiating access for different user groups, it comes at a cost. Supporting multiple VLANs on every switch may require changes to the network architecture and addressing scheme. In addition, VLANs isolate traffic at Layer 2 in the OSI stack so dynamic VLAN assignment by itself cannot restrict access to specific subnets (at Layer 3) or applications (Layer 4 and above). However, dynamic VLAN assignment does provide the foundation for virtualizing IT resources using network virtualization solutions. When successful authentication authorization is implemented with ACLs, the switch dynamically assigns an ACL to a port based on the identity of the device that authenticated. Engineers could be assigned an ACL that permits access to engineering subnets and applications while accountants get a different ACL. While ACLs do not achieve the same level of logical isolation that VLANs provide, dynamic ACLs can be deployed without changing the existing network architecture and addressing schemes. On the other hand, care must be taken to ensure that the dynamic ACLs do not overwhelm the TCAM capacity of the access switch. Well-summarized networks and good network design are essential to the creation of short but effective ACLs. When deciding between dynamic VLANs and dynamic ACLs, another factor to consider is the form of Pre-Authentication authorization that you have chosen to implement. Dynamic ACLs work well with any kind of Pre-Authentication authorization. Dynamic VLAN assignment, on the other hand, does not typically work well with Open or Selectively Open Pre-Authentication authorization. When Pre-Authentication authorization is Open, devices can receive IP addresses on the switchport VLAN subnet at link up. If a different VLAN is assigned as the result of an authentication, the old address will not be valid on the new VLAN. 802.1X-capable devices with modern supplicants can typically detect the VLAN change and request a new address on the new VLAN but clientless devices (such as printer) will not be able to. The different kinds of authorization available after successful authentication and the deployment considerations for each method are summarized in Table 5-3. Ta b l e 5-3 Successful Authentication Post-Authentication Authorization Method Impact to Network Architecture TCAM impact Compatible Pre-Authentication Methods Notes Default “Open” Minimal None Closed May be sufficient for simple deployments or as a first step for more complex deployments.5-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Failed Authentication After a failed authentication, the port is, by default, left in the same state as it was before authentication was attempted. If the port was in the default Closed state before authentication, it will remain closed after a failed authentication. If the port was in a Selectively Open state before authentication, it will remain that way: open in the statically configured VLAN and subject to the default port ACL. Since failed authentications revert to the pre-authentication authorization, it is necessary to decide whether the chosen pre-authentication network access is adequate for endpoints that fail authentication. If not, it may be necessary to modify your pre-authentication network authorization policy or to utilize some of the mechanisms available for modifying the default Failed Authentication network access levels. User and Device Physical Connectivity Hosts connect to the access layer switches in several ways. The simplest connection is a direct point-to-point connection of one host to one switch port. In IBNS deployments, this is sometimes referred to as "single host mode." Single host mode is the most secure form of connection and the default mode on Cisco switches enabled for 802.1X and MAB. A switch running 802.1X in single host mode will only allow one device at a time on that port. If another device appears on the port, the switch shuts down the port as a security precaution. Because only one device is allowed to connect to the port, there is no possibility of another device snooping the traffic from the authenticated device. A port in single-host mode effectively prevents casual port-piggybacking. Although it is the most secure mode, single host mode is not always sufficient. One common exception to the point-to-point connection assumption is IP Telephony. In IP Telephony deployments, two devices are often connected to the same switch port: the phone itself and a PC behind the phone. In this case, a new host mode, "multi-domain," is required. With multi-domain host mode, the switch allows two devices to authenticate and gain access to the network: one voice device in the voice VLAN and one data device in the data VLAN. Some deployments include devices that include multiple virtual machines even though there is physically only one connected device. Cisco switches support a third host mode, "multi-auth," that allows each virtual machine to access the port after being authenticated. The multi-auth host mode is a superset of multi-domain host mode, meaning that the multi-auth host mode allows one voice device in the voice VLAN and any number of data devices in the data VLAN. Dynamic VLAN Significant None Closed Required for network virtualization. Provides logical isolation of traffic at L2. Dynamic ACL Minimal Significant All Does not support network virtualization. Provides access control at Layer 3 and Layer 4. Table 5-3 Successful Authentication (continued)5-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus The most appropriate host mode to configure on the switch is determined by how hosts are connecting to the network. 802.1X is most effective when it is most restrictive. If IP Telephony is not deployed, don't configure multi-domain host mode. If there are no virtual machines with unique MAC addresses on the same physical host, do not configure multi-auth host mode. If possible, use the same host-mode throughout your network. Using a standardized configuration will minimize operational costs. Table 5-4 summarizes the available host modes. Deployment Best Practices Once it has been determined how users and devices will be authenticated, what network access they will be granted before and after authentication, and how devices will be allowed to connect to the network, the next step is to deploy the solution. The SAFE design leverages a phased deployment strategy. The next couple of sections will look at three generic deployment scenarios that can be rolled out as a three-phase deployment (or two-phase, depending on your ultimate design goals). IBNS deployments are most successful when implemented in phases, gradually adding in network access restrictions to minimize impact to end users. The three scenarios discussed below are as follows: • Monitor Mode, page 5-28 • Low Impact Mode, page 5-30 • High Security Mode, page 5-31 Monitor Mode Monitor mode is the first phase of a three-phase (or two-phase) IBNS deployment. In this phase, access is not physically prevented, but visibility into who is connecting is obtained. Having this visibility provides invaluable insight into who is getting access, who has an operational 802.1X client, who is already known to existing identity stores, who has credentials, etc. As a side benefit, some intruders may be deterred by the simple knowledge that someone is watching. In addition, it prepares the network for the access-control phases as described in the next couple of sections. When deploying IBNS in Monitor Mode, authentication (802.1X and MAB) is enabled without enforcing any kind of authorization. There is no impact to users or endpoints of any kind: they continue to get exactly the same kind of network access that they did before you deployed IBNS. The authorization level Pre-Authentication is the same as after Successful Authentications and Failed Authentications access: completely open. In the background, however, the network is querying each endpoint as it connects and validates its credentials. By examining the authentication and accounting records (at the ACS server), it is possible to determine the information in Table 5-5. Ta b l e 5-4 Host Modes With this Endpoint… …Use this Host Mode Point-to-point only (PC, printer, etc) Single-host IP Telephony Multi-domain Virtual Machines (with or without IP Telephony) Multi-auth5-29 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Combining the information in authentication and accounting records results in very detailed knowledge of each endpoint that connects to the network including: username, IP address, MAC address, port and switch where connected, time of connection, etc. After implementing the Monitor Mode phase, the network will immediately begin authenticating users and devices and you will have visibility into who and what is connecting to the network. This visibility information includes which endpoints (PC, printer, camera, etc.) are connecting to your network; where they connected; whether they are 802.1X capable or not; and whether they have valid credentials. Additionally, you will know if the endpoints are known valid MAC addresses via the failed MAB attempts. The primary benefit of Monitor Mode is that it enables IT administrators to proactively address any issues that would impact end users once access control is enabled. These issues are summarized in Table 5-6. Ta b l e 5-5 Authentication and Accounting Records Endpoints on the Network How Determined All endpoints/users with 802.1X clients and valid credentials Passed 802.1X Authentication Records All endpoints/users with 802.1X clients and invalid credentials Failed 802.1X Authentication Records All endpoints without 802.1X clients and known MAC addresses Passed MAB Authentication Records All endpoints without 802.1X clients and known MAC addresses Failed MAB Authentication Records Ports with multiple connected devices Multiple Authentications Records for the same port on same switch. Ta b l e 5-6 Monitor Mode Values To Do Key Issue Remediation Analyze 802.1X failures. Are these valid devices or users that should be allowed access but are failing 802.1X? Update credentials for valid devices and users so they will pass 802.1X. Analyze MAB success. Are there any devices doing MAB that should be capable of 802.1X? Update those devices with supplicants and credentials so they can authenticate using 802.1X Analyze MAB failures Are there managed assets that should be allowed access to the network but are failing MAB? Update your asset database with these MAC addresses. Analyze ports that have multiple devices on them. Are these rogue hubs or valid virtual machines? Remove rogue devices. Note ports that may legitimately require support for multiple hosts per port.5-30 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Once all the issues uncovered by deploying IBNS in Monitor Mode are addressed, the next step is to deploy identity-based access control. The next two scenarios describe common ways to deploy access control. Many customers will choose to implement Low Impact Mode only. Others may start with Low Impact Mode to help assess the impact of access control to end users and then later move on to High Security Mode. Other customers may move straight from Monitor Mode to High Security Mode. Low Impact Mode Low Impact Mode provides an incremental increase in the level of port-based access control without impacting the existing network infrastructure. Low Impact Mode does not require the addition of any new VLANs nor does it impact your existing network addressing scheme. With Low Impact Mode, as little or as much access control can be enforced. Low Impact Mode builds on top of Monitor Mode. In Monitor Mode, the Pre-Authentication authorization level was completely open. In Low Impact Mode, the Pre-Authentication level is selectively open. The difference is that Low Impact Mode adds an ingress port ACL that specifies exactly what traffic will be allowed before authentication. This ACL can be as restrictive or permissive as the corporate network security policy requires. In Low Impact Mode, a successful authentication causes the switch to download a dynamic ACL (dACL) that is applied on top of the ingress port ACL. The contents of the dACL will be determined by the identity of the user or device that authenticated. In a simple deployment, an employee or managed asset that authenticates successfully could receive a permit ip any any dACL that fully opens up the port. More complex deployments could assign different ACLs based on different classes of employee. For example, engineers might be assigned a dACL that permits all engineering related subnets, whereas accountants could be assigned a different dACL that denies access to engineering subnets but permitted all other access. With the dACL implementation, the switch will substitute the source address of each access-list element with the source address of the authenticated host, ensuring that only that host is allowed by the dACL. Devices that fail authentication (via 802.1X or MAB) will continue to have their access limited by the ingress port ACL defined by the Pre Authentication or Fail Authentication access policies. Because Low Impact Mode can be deployed with little or no change to the existing campus network design, it is attractive to deploy access control without altering the existing VLAN infrastructure or IP addressing scheme as will be described in the following High Security Mode section. Additional VLANs requires additional IT overhead and in some cases customers may not control the VLAN infrastructure at all (e.g., at a branch office where the Service Provider owns the routers and has implemented MPLS). In the latter case, ACL-based enforcement is the only choice for port-based access control. When ACL-based access enforcement is deployed, the following items need to be considered: • The current implementation of dACLs requires a pre-configured static port ACL on every access port that may download an ACL. If the switch attempts to apply a dACL to a port without a pre-existing port ACL, the authorization will fail and users will not be able to gain access (even if they present valid credentials and pass authentication). • The static port ACL is a port-based ACL, it applies to both the data VLAN and, if present, the voice VLAN. The switch performs source address substitution on the dACL, traffic from the phone will not be permitted by a dACL downloaded by a data device authenticating behind the phone. This means that both the phone and any devices behind the phone must authenticate individually and download their own dACL and the host mode on the port must be multi-domain. • Cisco switches use Ternary Content Addressable Memory (TCAM) to support wire-rate ACL enforcement. TCAM is a limited resource which varies by platform. If the TCAM is exhausted, switching performance can be degraded. It is important to verify that the access switches have sufficient TCAM to support the number and length of ACLs (static and dynamic) that IBNS deployment will require. 5-31 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus • Dynamic (or "downloadable") ACLs extend the standard RADIUS protocol in order to optimize the downloading process and support ACLs of arbitrary size. Use the Cisco ACS server as the AAA server to support downloadable ACLs. • Because the switch performs source substitution on the source address of the dynamic ACL, the switch does not enforce the dACL until it learns the source address of the authenticated host. IP address learning is enabled by the IP Device Tracking feature on the switch. • When designing ingress port ACLs, this ACL will restrict access before authentication and after failed authentications. The ingress port ACL must be designed with this in mind. For example, if you want employees that fail 802.1X because of an expired certificate to be able to download a new certificate, you should consider allowing access to the CA server in the ingress ACL. Or, if you want a contractor that fails 802.1X or MAB to be able to access the Internet or VPN to a home network, you should also allow that traffic in the ingress port ACL. In many cases, Low Impact Mode will be the final step in the IBNS deployment. If this mode sufficiently provides the needed access control, then the only "next step" will be monitoring the network and fine-tuning ACLs as required by the corporate security policy. However, if the network security requirements evolve and pre-authentication access no longer meets the security requirements, IBNS deployment can move to the next phase: High Security Mode. Additionally, if Low Impact mode does not meet the network and design security requirements in the first place, the Low Impact Mode can be skipped altogether and the deployment can move straight to the High Security Mode phase from the Monitoring Mode phase. High Security Mode High Security Mode returns to a more traditional deployment model of 802.1X. In a properly prepared network, High Security Mode provides total control over network access at Layer 2. In High Security Mode, the port is kept completely closed until a successful authentication takes place. There is no concept of Pre-Authentication access. For users and devices that successfully complete 802.1X, this is not typically an issue since 802.1X authentication is usually very quick assuming a single sign-on (SSO) deployment where credentials are automatically gleaned from the device or user. In environments that require manual log-on (e.g., with a pop-up window to enter username and password), there may be some delay. For devices that cannot perform 802.1X, however, there may be a significant delay in network access. Since the switch always attempts the strongest secure authentication method first, non-802.1X-capable devices must wait until the switch times out the 802.1X authentication and falls back to MAB as a secondary authentication method. To avoid the delays associated with MAB in High Security Mode, configure the switch to perform MAB first, before 802.1X. This enable non-802.1X devices to get immediate access after successful MAB. After a successful authentication, network access will, by default, change from completely closed to completely open. To add more granular access control, High Security Mode uses dynamic VLAN assignment to isolate different classes of users into different broadcast domains. Devices that can't authenticate or fail to authenticate retain the same level of access that they had before authentication. In the case of the High Security Mode, devices will have no access at all. By isolating traffic from different classes of users into separate VLANs, High Security Mode provides the foundation for virtualized network services. For more information on network virtualization solutions, refer to the following URL: http://www.cisco.com/en/US/netsol/ns658/networking_solutions_package.html5-32 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Deploying High Security Mode with VLAN assignment can have an impact on the network architecture. The following considerations should be noted when deploying IBNS in the High Security Mode Scenario: • Dynamic VLAN assignment requires that every dynamic VLAN be supported on every access switch to which a user might connect and authenticate. This requirement has several repercussions: If you have three user groups to which you wish to assign unique VLANs - Engineering, Finance, HR - then every access switch must have those three VLANs defined by name (the number of the VLAN does not have to be the same). If the switch attempts to apply a non-existent VLAN to a port, the authorization will fail and users will not be able to gain access (even if they presented valid credentials and passed authentication). • Supporting multiple VLANs per access switch is non-trivial from an IP addressing perspective. Good campus design principles dictate a single subnet per VLAN with no VLAN spanning more than one switch. The IP addressing scheme should support multiple subnets per switch in such a way that that does not over-burden the control and data planes of the campus distribution block. The fewer the VLANs, the more manageable and scalable the solution will be. • If you choose to change the order of authentication to perform MAB before 802.1X, be aware that this will mean that every device (even those capable of 802.1X) will be subject to MAB. This could increase the amount of control plane traffic in the network. If there are devices in the network that might pass both 802.1X and MAB, be sure to either 1) ensure that no 802.1X-capable devices are in the MAB database; or 2) configure the switch to prioritize 802.1X over MAB so that the port will process an 802.1X authentication after a successful MAB authentication. • If some level of access is needed for devices that fail 802.1X (for example, to allow employees with expired certificates to download a new certificate), it is possible to configure the solution to grant limited access based on the type of authentication method that failed. If 802.1X fails, the switch can be configured to open the port into a special VLAN -- the Auth-Fail VLAN -- for this purpose. The switch can also be configured to "fail back" to a MAB authentication if 802.1X fails. However, 802.1X with failover to MAB should typically not be deployed if the authentication order has been changed to do MAB first. • There may be devices on the network that cannot perform 802.1X and cannot pass MAB (for example, contractors with no supplicants that need to VPN to their home network). For unknown MAC addresses that fail MAB, it is possible to configure the Cisco ACS server with an unknown MAC address policy. Such a policy allows ACS to instruct the switch to allow devices with unknown MACs into a dynamically assigned VLAN. In essence, an unknown MAC policy enables a dynamic version of the Auth-Fail VLAN for failed MAB attempts.5-33 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Deployment Scenarios Summary Table 5-7 provides a quick summary of the three deployment scenarios discussed in the previous sections: Deploying IBNS in a Monitor Mode and adding in access control in a phased transition, 802.1X can be deployed with minimal impact to the end users. For more information on Cisco IBNS including configuration specifics on deploying the different deployment scenarios outlined in this section, please see the deployment guide at www.cisco.com/go/ibns. NAC Appliance Cisco NAC Appliance is a network access control solution that integrates with the network infrastructure to enforce security policy compliance at the network level. Access is controlled based on device compliance status, device behavior, and user credentials. It identifies whether networked devices such as laptops, IP phones, or printers seeking access to the network are compliant with your network's security policies and noncompliant devices or redirected to a quarantine area for remediation. Cisco NAC provides a scalable access control solution using a central policy decision component and a distributed security enforcement component at the network level. The Cisco NAC solution consists of the following components: • Cisco NAC Manager—Provides a web-based interface for creating security policies and managing online users. It can also act as an authentication proxy for authentication servers on the backend such as an ACS. Administrators can use Cisco NAC Manager to establish user roles, compliance checks, and remediation requirements. Cisco NAC Manager communicates with and manages the Cisco NAC Server, which is the enforcement component of the Cisco NAC. Ta b l e 5-7 Deployment Scenario Summary Table Deployment Scenario Best for… Auth Types Host Mode Pre-Auth Successful Auth Failed Auth Monitor Mode All Customers (Initial Deployment) 802.1X & MAB multi-auth Open Open Open Low Impact Mode Customers seeking simple access control with minimal impact to end users and network infrastructure 802.1X & MAB single-aut h (non-IPT) multi-dom ain (IPT) Selectivel y Open Dynamic ACL Selectively Open High Security Mode Customers seeking the security of traditional 802.1X with L2 traffic isolation and/or network virtualization 802.1X & MAB single-aut h (non-IPT) multi-dom ain (IPT) Closed Dynamic VLAN Closed (or Auth-Fail VLAN)5-34 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus • Cisco NAC Server—Performs device compliance checks as users attempt to access the network. This security enforcement device is deployed at the network level. Cisco NAC Server can be implemented in band or out of band, in Layer 2 or Layer 3, and as a virtual gateway or as a real IP gateway. It can be deployed locally or centrally. • Cisco NAC Agent—This lightweight, read-only agent runs on an endpoint device. It performs deep inspection of a local device's security profile by analyzing registry settings, services, and files on the endpoint. Through this inspection, it can determine whether a device has a required hotfix, runs the correct antivirus software version, or runs other security software, such as Cisco Security Agent. Cisco NAC Agent is available as both a persistent agent and as a Web-based, dissolvable agent that is installed and removed on the client at the time of authentication. • Cisco NAC Profiler—Provides device profiling by keeping a real-time, contextual inventory of all devices in a network, including non-authenticating devices such as IP phones, printers, and scanners. It facilitates the deployment and management of the Cisco NAC Appliance by discovering, tracking, and monitoring the location, types, and behavior of all LAN-attached endpoints. It can also use the information about the device to apply appropriate Cisco NAC policies. • Cisco NAC Guest Server—The optional Cisco NAC Guest Server simplifies the provisioning, notification, management, and reporting of guest users on wired and wireless networks, offloading from IT staff much of the challenges commonly associated with supporting corporate visitors. The Secure Guest service enhances IT's ability to protect its own organization's assets, employees, and information from guests and their devices while providing secure and flexible network access to meet visitors' business needs. Note The Cisco NAC Guest Server was listed for completeness. However, it was not included in this phase of the SAFE project and will not be covered in this design guide. It will be covered in a later phase of the project. For more information on the NAC Guest Server, refer to www.cisco.com/go/nac. Deployment Considerations Cisco NAC Appliance provides access control to the network based on their role in the network and security policy compliance. Security policies can include specific antivirus or anti-spyware software, OS updates, or patches. When deploying the NAC Appliance solution in a campus network, consider the following: • In-Band (IB) and Out-of-Band (OOB) Mode, page 5-34 • High Availability, page 5-36 This section covers the above deployment considerations. The NAC profiler deployment integration is covered in the “NAC Profiler” section on page 5-45. In-Band (IB) and Out-of-Band (OOB) Mode The NAC server is the enforcement server and acts as a gateway between the untrusted (managed) network and the trusted network. The NAC server enforces the policies that have been defined in the NAC Manager web admin console, including network access privileges, authentication requirements, bandwidth restrictions, and client system requirements. The NAC Server can be deployed in IB or OOB mode. In IB mode, the NAC server is always inline with the user traffic (before and after posture assessment). In OOB mode, the NAC server is only inline during the process of authentication, posture assessment, and remediation. Once a user's device has successfully logged on, its traffic traverses the switch port directly without having to go through the NAC Server.5-35 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus The NAC server can also operate in one of the following IB or OOB modes: • IB virtual gateway (Layer-2 transparent bridge mode)—Operates as a bridge between the untrusted network and an existing gateway, while providing posture assessment, filtering and other services inline. • IB Real-IP gateway (Layer-3 routing mode)—Operates as the default gateway for the untrusted network. • OOB virtual gateway (Layer-2 transparent bridge mode)—Operates as a virtual gateway during authentication and certification, before the user is switched out-of-band to the access network. • OOB Real-IP gateway (Layer-3 routing mode)—Operates as a Real-IP Gateway during authentication and certification, before the user is switched out-of-band and connected directly to the access network. In virtual gateway deployments, the NAC server operates as a standard Ethernet bridge. This configuration is typically used when the untrusted network already has a gateway and you do not wish to alter the existing configuration. In the Real-IP gateway configuration, the NAC server operates as the default gateway for untrusted network (managed) clients. The NAC server can be one hop or multiple hops away. Consider the following when deciding whether to deploy an IB or OOB NAC solution: In-band (IB) • Typically deployed for segments that need continuous user management in the form of source/destination/protocol bandwidth controls. • Required for wireless. • Deployed where one switch port supports multiple end stations. • Deployed where the network infrastructure is partially or fully non-Cisco. • Time to production is generally much quicker. • Deployed in 'Real-IP' mode when users are multiple hops away from the NAC Server. • Direct traffic to the untrusted interface using 802.1q or policy-based routing for users or VLANs that need to become certified. • Remote locations can have their own NAC Server or become certified when user comes to main site to access shared resources. Out-of-Band (OOB) • Deployed in networks where high network throughput is required (e.g., large campuses). • Ensure switch types and IOS/Cat OS types meet the latest compatibility list. • Allow for greater time for deployment and preparation. • SNMP and the use of MAC or link up/down traps becomes the mechanism for OOB. Ensure that all community strings match as well as traps arrive at the NAC Manager without interference from an ACL/firewall. • If deploying into a network with VoIP, MAC notification is required on the access switch if PCs will be plugged into the back of the phone. MAC notification is preferable to link-state notification as a means of trap reporting because it is quicker. • Microsoft operating systems below Windows 2000 have a more delayed response to VLAN/DHCP changes. • OOB is only supported when the access layer switch is a supported Cisco switch.5-36 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Real IP (Layer-3) OOB NAC deployments are the recommended option for routed access campus designs. The following sections will focus on the deployment best practices for integrating the Real IP OOB NAC solution within the campus design. High Availability It is recommended that the NAC solution be deployed using a high availability design to ensure the availability of the network access control security. In a high availability design, each of the NAC components are deployed in pairs using active/standby stateful failover configurations. When the NAC Manager and NAC server pairs are configured in an active/standby failover configuration, the active unit does all the work and the standby unit monitors the active unit and keeps its database synchronized via direct failover connection between the servers. A virtual IP address is configured and always resides on the active server. Both units exchange UDP heartbeat packets every 2 seconds and if the heartbeat timer expires, stateful failover occurs. The virtual IP (service IP) address should be used for the SSL certificate. Ethernet 2 on the active and standby units should be used for the failover link connection used to share heartbeat packets and database synchronization information. In the case of the NAC server pairs, most of the NAC server configuration is stored on the NAC Manager and when the NAC server failover occurs the NAC Manager pushes the configuration to the standby NAC server when it becomes active. In addition to the heartbeat, the NAC server can also failover due to Eth0 or Eth1 link failure. This is accomplished by configuring two IP addresses external to the NAC server, one on the trusted network and the other on the untrusted network. The active and standby NAC server will send ICMP ping packets via Eth0 to the IP address on the trusted network and ICMP ping packets via Eth1 to the IP address on the untrusted network. The status of these pings packets is communicated between the NAC servers via the heartbeat signal. If the active and standby NAC servers can ping both external IPs, no failover occurs. If the active and standby NAC server cannot ping either of the external IPs, no failover occurs. If active NAC server cannot ping either of the external IPs, but standby NAC server can ping it, failover occurs. Deployment Best Practices When deploying the NAC Appliance solution into a campus network, consider the following to ensure pervasive coverage seamless integration with the campus architecture: • NAC Server and Manager Placement, page 5-36 • Access Switch VLAN Requirements, page 5-39 • Client Redirection to the NAC Server, page 5-39 • NAC Agent Considerations, page 5-40 • Client Authentication , page 5-41 This section of the document will provide deployment best practice recommendations for integrating a Layer-3 OOB NAC deployment into a routed access campus design. For information on integrating an IB NAC deployment or integration of NAC into a multi-tier access design, refer to the following URL: www.cisco.com/go/nac NAC Server and Manager Placement Placement of the NAC components within the campus design is important to provide pervasive coverage and ensure that the individual components can communicate with each other as needed. This section outlines the recommended placement of the NAC components in an Layer-3 routed access campus design. Some of the communication requirements between the NAC components are as follows:5-37 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus • The users and devices that need to be certified needs to communicate with the NAC Server for authentication and posture assessment. • The NAC Manager needs to communicate with the NAC servers in order to manage the security policies, online users, and provide proxy authentication to external authentication servers. • The NAC Manager must communicate with the access switches that the clients are connecting to in order to enforce proper network policy. • The collectors running on the NAC servers must be able to communicate with the NAC profiler in order to send endpoint profile information that it has gathered. • The NAC collectors need to communicate with the access switches to obtain endpoint profile and mapping information. • The NAC profiler must communicate with the NAC Manager create NAC policies based on endpoint profile data. • The NAC Manager needs to communicate with external authentication servers if using external authentication servers to authenticate the users. Placement of the NAC solution components into an Layer-3 routed campus access design is shown in Figure 5-8.5-38 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Figure 5-8 Campus NAC Server and Manager Integration The NAC Manager is placed in the NOC management segment. The NOC management segment needs to provide the connectivity the NAC Manager needs to communicate with the access switches via SNMP. It is recommended that this communication occur over the out-of-band management access that the NOC segment has to the switches outside of the data path traffic. The NAC Manager also needs to communicate with the NAC server’s trusted interface. The NAC server does not have an OOB management interface so the communication occurs over the data path. If a firewall is used between the NAC Servers and NAC Managers, the appropriate access rules must be permitted to allow proper communication. If NAT is used on the firewall to hide the NOC management addresses from the data path, a static NAT translation must exist for the NAC Managers IP address. The trusted and untrusted interfaces on the NAC server connects to the distribution switches. The trusted and untrusted interfaces need to be in separate VLANs (VLAN 300 and 400 in Figure 5-8 above). The active and standby NAC servers are connected to different switches for redundancy. The users that want to connect to the network need to access the untrusted interface on the NAC server for authentication and posture assessment. The distribution switches aggregate all the connections from the access switches making it easy to redirect all the unauthenticated users to the NAC server. Failover Core NOC 226697 VLAN 100 – Access VLAN 110 – Voice VLAN 120 – Authentication VLAN 200 – Access VLAN 210 – Voice VLAN 220 – Authentication VLANs 2, 300, 400 SVI 400 SVI 2 SVI 300 SVI 400 SVI 2 SVI 300 NAC Server (Active) NAC Manager (Active) NAC Manager (Standby) NAC Server (Standby) Dist SW 2 Dist SW 1 300 400 300 400 U L3 L3 L3 L3 T U T IP IP IP IP5-39 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus The trusted VLAN (VLAN 400) and the untrusted VLAN (VLAN 300) are trunked across the distribution switches along with the VLAN for Layer-3 route peering (VLAN 2). HSRP is used between the trusted SVI (400) and the untrusted SVI (300) for resiliency. Access Switch VLAN Requirements The access switches should be configured with at least three VLANs as follows: • Authentication VLAN (120, 220)—Users are placed in this VLAN prior to NAC certification • Access VLAN (100, 200)—Users are placed in this VLAN after NAC certification • Voice VLAN (110, 210)—VLAN for IP phones The default VLAN configuration for all NAC managed ports should be the authentication VLAN. The NAC Manager will place the interface into the authentication VLAN once a user connects; however, if there is a communication failure between the NAC Manager and the access switch, preconfiguring all the managed interfaces in the authentication VLAN prevents a user from accessing the network if there is a NAC failure. If a user is connected behind an IP phone and there is a data VLAN and voice VLAN configured on the interface, the NAC Manager only changes the data VLAN and not the voice VLAN. Client Redirection to the NAC Server When a user connects to the access switch that has not been certified by the NAC server, the user will be placed in the authentication VLAN. The user should not have access to any part of the network from the authentication VLAN except for the NAC server and the remediation servers in the quarantine segment. Access lists are applied on the authentication SVI to enforce this. The access-lists should only allow the following: • UDP port 8906 to the virtual IP of the NAC Server—Used by the NAC agent to communicate with the server • TCP port 80 (http)—If NAC agent is not used, NAC authentication is done via web interface • TCP port 443 (https)—If NAC agent is not used, NAC authentication is done via web interface (HTTP is redirected to use HTTPS) • UDP port 67 (bootps)—Needed for DHCP IP requests • UDP 53 (domain) —Needed for DNS resolution • Traffic to the remediation servers on the quarantine segment— Depending on how antivirus updates or OS patches are distributed, you will need to permit this traffic In addition to configuring access lists on the authentication SVI, you will need to configure policy-based routing to redirect all web traffic (TCP port 80 and 443) to the NAC server. Using policy-based routing to redirect all web-based traffic to the NAC server will allow a user to open a browser to any website and get automatically redirected to the NAC server for authentication. The user will not need to know or manually type the IP address or host name of the NAC server in their browser. The policy-based routing policy will need to be applied to all Layer-3 interfaces peering the with the access switches to ensure all traffic will be redirected to the NAC server regardless of what path is taken. If the NAC Agent is used, the discovery host configured on the client should point to the untrusted interface of the NAC server. This should be configured on the NAC Agent kit prior to distributing to the clients. Once the client is certified by the NAC server, the client is placed in the access VLAN to gain access to the network and traffic will bypass the NAC server. Network access enforcement now occurs on the access switches. In NAC Layer-3 OOB deployments, the NAC server only facilitates authentication and posture assessment. 5-40 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Note If using the NAC Agent, you will need to add an ACL entry to block UDP port 8906 on the access VLAN SVI. Otherwise, the NAC Agent login screen will continue to appear even after the user is certified by NAC. NAC Agent Considerations Users who need to be certified by NAC can access the NAC server using the NAC Agent or using web login. Posture assessments can only be done when the NAC Agent is used. When the NAC Agent is not used, only authentication can be done. The NAC Agent is a lightweight, read-only agent that runs on an endpoint device. The Cisco NAC Agent is available as both a persistent agent and as a web-based, dissolvable agent that is installed and removed on the client at the time of authentication. Persistent NAC Agent The persistent NAC Agent provides local-machine, agent-based vulnerability assessment and remediation for client machines. Users download and install the NAC Agent (read-only client software), which can check the host registry, processes, applications, and services. The NAC Agent can be used to perform Windows updates or antivirus/anti-spyware definition updates, launch qualified remediation programs, distribute files uploaded to the NAC Manager, and distribute website links to remediation websites in order for users to download files to fix their systems, or simply distribute information/instructions. The following steps outline the login process using the persistent NAC Agent: Step 1 Users login using the NAC Agent. Step 2 The agent gets the requirements configured for the user role/operating system from the NAC Server. Step 3 The agent checks for the required packages. Step 4 The agent sends a report back to the NAC Manager (via the NAC Server). If requirements are met on the client, the user is allowed network access. If requirements are not met, the agent presents a dialog to the user for each unmet requirement. The dialog (configured in the New Requirement form) provides the user with instructions and the action to take for the client machine to meet the requirement. NAC Web Agent The Cisco NAC Web Agent provides temporal vulnerability assessment for client machines. Users launch the Cisco NAC Web Agent executable, which installs the Web Agent files in a temporary directory on the client machine via ActiveX control or Java applet. When the user terminates the Web Agent session, the Web Agent logs the user off of the network and their user ID disappears from the online users list. The following steps outline the login process using the NAC Web Agent: Step 1 Users login using the NAC Web Agent. Step 2 Web Agent gets the requirements configured for the user role/OS from the NAC Server. Step 3 Web Agent checks the host registry, processes, applications, and services for required packages.5-41 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Step 4 Web Agent sends a report back to the NAC Manager (via the NAC Server). If requirements are met on the client, the user is allowed network access. If requirements are not met, the Web Agent presents a dialog to the user for each unmet requirement. The dialog (configured in the New Requirement form) provides the user with instructions and the action to take for the client machine to meet the requirement. Alternatively, if the specified requirements are not met, users can choose to accept restricted network access (if you have enabled that option) while they try to remediate the client machine so that it meets requirements for the user login role. You can set up a restricted user role to provide access to only limited applications/network resources in the same way you configure a standard user login role. It is recommended that NAC be deployed using the NAC Agent on employee endpoints. Vulnerability assessments and automated remediation can only be done using the NAC Agent. Additionally, once the user is certified, they need to obtain a new IP address in the access VLAN. The NAC Agent can refresh the IP address on the user’s machine without requiring the switch port to be bounced. Without the NAC Agent, the NAC Manager needs to bounce the switch port to force DHCP refresh or the user will have to manually force a DHCP refresh. Users connected behind IP phones should always use the NAC Agent since bouncing the port will cause the IP phone to reboot. Client Authentication Part of the NAC certification process requires clients to authenticate prior to being granted network access. Authentication can be accomplished using a local username and password database configured on the NAC Manager or using external authentication servers. By connecting the Clean Access Manager to external authentication sources, you can use existing user data to authenticate users in the untrusted network. When working with existing backend authentication servers, Cisco supports the following authentication protocol types: • Kerberos • Remote Authentication Dial-In User Service (RADIUS) • Windows NT (NTLM Auth Server) • Lightweight Directory Access Protocol (LDAP) When using external authentication servers, the NAC Manager is the authentication client that communicates with the backend auth server. Figure 5-9 illustrates the authentication flow. Figure 5-9 NAC Authentication Flow Using External Auth Servers It is recommended that external authentication servers are used for NAC appliance deployments. It greatly simplifies management of user credentials by providing a central location for maintaining username and passwords. The choice of which option is used is dependant on a customer’s environment and existing authentication techniques. End User Auth Server (RADIUS, LDAP, Windows NT, Kerberos) NAC Server NAC Manager User provides credentials to NAC Server via Web login or NAC Agent NAC Server provides credentials to NAC Manager NAC Manager verifies credentials with backend auth server 2266985-42 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus For information on configuring backend authentication servers, refer to the configuration guides for NAC appliance at the following URL: http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/416/CAM/m_auth.html NAC Operation and Traffic Flow Figure 5-10 illustrates the process that occurs during NAC authentication and posture assessment for a user that is running the NAC Agent. Figure 5-10 Traffic Flow with NAC Agent 1 5 7 8 11 12 3 10 Core NOC 226699 VLAN 100 – Access VLAN 110 – Voice VLAN 120 – Authentication VLAN 200 – Access VLAN 210 – Voice VLAN 220 – Authentication VLANs 2, 300, 400 SVI 400 SVI 2 SVI 300 SVI 400 SVI 2 SVI 300 NAC Server (Active) CAM (Active) Failover CAM (Standby) NAC Server (Standby) Dist SW 2 Dist SW 1 300 400 300 400 U L3 L3 L3 L3 T U T IP IP 1 11 2 4 6 7 9 10 13 IP IP5-43 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus The following steps provide details of what occurs in the process shown in Figure 5-10: Step 1 User connects to switch port. Step 2 Switch sends SNMP MAC notification trap to the NAC Manager informing it that a new device has connected to the network. Step 3 NAC Manager checks its database to see if user is certified. Step 4 If user is not certified, user is placed in the authentication VLAN Step 5 The NAC agent starts sending discovery packets destined to NAC Server untrusted port. Step 6 ACL on untrusted VLAN allows NAC Agent traffic through. ACL will block all other traffic not destined to the NAC Server or Remediation servers, hence infected machines unable to propagate. Step 7 Agent discovers NAC Server and the user is prompted for authentication and goes thru posture assessment. Step 8 If users needs remediation, remediation occurs manually or via the NAC agent. Step 9 Step 8 Once user is authenticated, the NAC Server informs the NAC Manager that the user is certified. Step 10 The NAC Manager moves user to Trusted Access vlan via SNMP write. Step 11 The NAC agent forces a DHCP refresh to obtain an IP address in the Access VLAN. Step 12 User gets access to network and completely bypasses NAC Server. Step 13 ACL on trusted Access VLAN blocks NAC Agent discovery packets.5-44 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Figure 5-11 illustrates the process that occurs during NAC authentication and posture assessment for a user that is not running the NAC Agent. Figure 5-11 Traffic Flow without NAC Agent The following steps provide details of what occurs in the process shown in Figure 5-11: Step 1 User connects to switch port. Step 2 Switch sends SNMP MAC notification trap to the NAC Manager informing it that a new device has connected to the network. Step 3 NAC Manager checks its database to see if user is certified. Step 4 If user is not certified, user is placed in the authentication VLAN. Step 5 The user opens a web browser and points to any website and the browser is redirected to the NAC Server’s untrusted port via the policy-based routing policy on the distribution switches. 1 5 7 11 3 9 10 1 5 11 11 Core NOC 226700 VLAN 100 – Access VLAN 110 – Voice VLAN 120 – Authentication VLAN 200 – Access VLAN 210 – Voice VLAN 220 – Authentication VLANs 2, 300, 400 SVI 400 SVI 2 SVI 300 SVI 400 SVI 2 SVI 300 NAC Server (Active) CAM (Active) Failover CAM (Standby) NAC Server (Standby) Dist SW 2 Dist SW 1 300 400 300 400 U L3 L3 L3 L3 T U T IP IP 1 11 2 4 6 7 8 9 10 IP IP5-45 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Step 6 ACL on untrusted VLAN allows this traffic through. ACL blocks all other traffic not destined to the NAC Server or remediation servers; therefore, infected machines are unable to propagate. Step 7 Web login Active X or java applet agent is downloaded and user is prompted for login. Step 8 Once user is healthy and certified, the NAC Server informs the NAC Manager that the user is certified. Step 9 The NAC Manager moves user to trusted access VLAN via SNMP write. Step 10 The NAC Manager bounces the switch port to force a DHCP refresh to obtain an IP address in the access VLAN. Step 11 User gets access to network and completely bypasses NAC Server. NAC Profiler The Cisco NAC Profiler enables network administrators to efficiently deploy and manage NAC solutions in enterprise networks of varying scale and complexity by identifying, locating and determining the capabilities of all attached network endpoints, regardless of device type, in order to ensure and maintain appropriate network access. The Cisco NAC Profiler is an agentless system that discovers, catalogs, and profiles all endpoints connected to a network. Typically, devices such as printers, FAX machines, IP Telephones and Uninterruptible Power Supplies, are not capable of running a NAC client. This means that in the deployment of NAC solutions, special purpose devices such as these do not have an agent available, nor do they provide a means by which a user can manually intervene through a browser. In this case, the ports connecting these endpoints must either be provisioned to circumvent the NAC system (e.g., placed on a special VLAN) or alternatively, the NAC system configured to recognize these devices via their unique hardware address in order to provide them access without direct participation in the admission control protocol. This typically requires that the NAC system be made aware of these endpoints by MAC address so that they can be admitted based on that credential alone with no further interaction with the NAC system. In the case of Cisco NAC Appliance, non-NAC devices such as these are accommodated via the Device Filters list on the NAC Manager. In addition, the endpoint profiling information obtained by the NAC Profiler can be leveraged by the Cisco IBNS solution. The Profiler can be used by ACS as the backend database for MAB authentication. In the same way the Profiler adds entries to the device filters list on the NAC Manager, the information can be used for white listing MAC addresses for IBNS MAB authentication. Cisco NAC Profiler provides endpoint profiling and behavior monitoring functions to allow administrators to understand the types of devices connecting to the network, their location and their abilities relative to the state of the port on which they currently reside. Endpoint profiling and behavior monitoring can be deployed in enterprise networks ranging from hundreds to tens of thousands of users. Once endpoints are profiled, the profiler can automatically apply NAC polices and update the device filter list on the NAC Manager. Endpoint profiling and behavior monitoring requires the following functional components: • Cisco NAC Profiler Server appliance • Collector component on the NAC Server (Cisco NAC Appliance) 5-46 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Deployment Best Practices The following subsections cover the best practices for deploying the NAC Profiler in a routed-access campus design. Recommendations for the following deployment areas are provided: • NAC Profiler Placement, page 5-46 • High Availability, page 5-47 • NAC Collector Modules, page 5-48 NAC Profiler Placement The NAC Profiler communicates with the NAC Collector modules running on the NAC Servers. It is recommended that the NAC Profiler server be placed in the NOC alongside the NAC Manager. However, if the firewall protecting the management network is performing NAT to hide the Management addresses from the data path of the network, then the NAC Profiler needs to be placed on the inside of your network where no NAT is being performed between the profiler server and the collectors. The communication between the NAC Profiler Server and the NAC Collectors does not work if the address of the NAC Profiler is being NAT'ed. In this case, the NAC Profiler server can be placed in the Campus Services Block connecting to the Core switches to provide central access to all the collectors deployed within the Campus. Stateful firewalls and IPS are used to protect the Profiler server and any other devices attached to the security service switch as depicted in Figure 5-12.5-47 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Figure 5-12 Campus NAC Profiler Design Diagram High Availability As with the NAC Manager and NAC Server, the Profiler server should be deployed for HA and should be deployed in an active/standby stateful failover configuration. Similar to the NAC Manager, the active profiler does all the work and the standby profiler monitors the active profiler and keeps its database synchronized via direct failover connection between the servers. A virtual IP address is configured and always resides on the active server. The virtual IP (service IP) address should be used for the SSL certificate. Ethernet 1 on both units should be used for the failover link connection used to share heartbeat packets and database synchronization information. The collector functionality resides on the NAC Servers. If the NAC servers are configured in active/standby mode, it is recommended that the collectors be configured in this mode as well to provide redundancy. When configured in active/standby failover mode, only the active collector will collect endpoint profiling information and send it to the active profiler server. The active collector will coincide with the active NAC server. Core NOC 226701 VLAN 100 – Access VLAN 110 – Voice VLAN 120 – Authentication VLAN 200 – Access VLAN 210 – Voice VLAN 220 – Authentication VLANs 2, 300, 400 SVI 400 SVI 2 SVI 300 SVI 400 SVI 2 SVI 300 NAC Server (Active) CAM (Active) Profiler (Standby) Failover CAM (Standby) NAC Server (Standby) Dist SW 2 Dist SW 1 300 400 300 400 U L3 L3 L3 L3 T U T IP IP Profiler (Active) IP IP NAC NAC5-48 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus Some of the key things to consider when deploying the collectors in HA mode are as follows: • The NAC Collector uses the Virtual IP address of the NAC server to communicate with the Profiler. • The NAC Collector HA pair is added as a single entry in the Profiler and communicates to the virtual IP address of the CAS. This needs to be configured as a client connection. • Only one of the collectors are actively collecting endpoint profile information and sending it to the Profiler server. • The name of the collector must be the same on both the active and standby collector. • For the NetTrap Collector Module, SNMP traps for MAC Notification, linkup/linkdown status should be sent to the virtual IP address of the NAC Server. • For the NetWatch collector module, both distribution switches must span traffic going to and coming from the access switches to both the active and standby collectors/servers. NAC Collector Modules The Cisco NAC Profiler server houses the database that contains all of the endpoint information gathered from the associated collectors including device type, location, and behavioral attributes. In addition, the Profiler Server presents the web-based interfaces and communicates with the NAC Manager to keep the device's filters list current and relevant. There are also forwarder modules that serve as middleware and facilitate secure communications between the Profiler server and the collectors. The Profiler server also provides a module that can receive and analyze data from other sources such as NetFlow records exported from NetFlow-enabled infrastructure devices (e.g., routers) or other NetFlow collectors. This information is combined with the information gathered from the collectors and is used to further profile the network attached endpoints. The Cisco NAC Profiler Collectors reside on the same appliance with the Cisco NAC Appliance server and consists of a number of software modules that discover information about the network attached endpoints including a network mapping module (NetMap), an SNMP trap receiver/analyzer (NetTrap), a passive network analysis module (NetWatch), and an active inquiry module (NetInquiry). The major functions of the collector are to gather all of the data about the endpoints communicating to/through the NAC server, and to minimize and aggregate the information that is sent over the network to the Profiler server. Table 5-8 summarizes the functions of the collector. Ta b l e 5-8 Collector Modules Module Name Purpose and functionality NetMap SNMP module that queries network devices for the following types of information: • System • Interface • Bridge • 802.1x • Routing and IP NetTrap Reports link state changes and new MAC notifications NetWatch Passive network traffic analyzer 5-49 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Network Access Control in the Campus It is not recommended to enable all the collector modules on the collector. Rather, only enable the ones that are needed. Otherwise, it might overload the collector. The following summarizes the recommended mandatory and optional modules that should be enabled. Mandatory Collector Modules (Recommended) • NetTrap—This module listens for SNMP traps sent by switches for new-mac notification or Link Up/Down notifications. This module sends all new MAC addresses to Profiler for profiling. This feature is defined per switch on the SNMP-Server configuration command line on Cisco IOS. • NetMap—This module sits on the Collector and is responsible for doing SNMP polling of the access switches that the users connect to at timed intervals. The Collector SNMP polls the remote switches for specific MIB information with read access to the switch. This polling provides things like mac-address to port information, interfaces, link status, dot1x information, system information, and so forth. • NetWatch (SPAN)—NetWatch module can listen on a SPAN destination port of a switch and send the ingested traffic information back to the Profiler. A NAC server requires an additional interface on each NAC server to collect this data. This module is essential because profiler is based primarily on DHCP information passed by devices and some other application traffic matching. Optional Collector Modules • NetRelay—(Netflow) is configured on each router on a per interface basis and the destination is the virtual management IP address of the NAC Server. A Netflow agent sits on the NAC Server and parses the Netflow information based on your traffic rules and networks configured on the Profiler. • NetInquiry—This is a passive and active mechanism based on things like TCP Open ports. For example, the NAC Server does a SYN/ACK and then drops the connection in order to poll a particular subnet range or ranges for open TCP ports. If there is a response, it sends the information to the Profiler with the IP address and TCP port polled. For a routed-access campus design, it is recommended that all three mandatory modules and the passive mechanism of the NetInquiry module be enabled. The passive mechanism of the NetInquiry module allows to restrict the information the collector will process based on a list of subnet ranges entered. In the case of the campus design, the subnet ranges should include the subnet ranges for the authentication, access and voice VLANs on the access switches and the subnet range for the DHCP server. It is not recommended to enable the active mechanism of NetInquiry. This can overload the NAC server with extra processing and hardware resources like memory and CPU utilization if not configured properly. NetInquiry Active profiling module that can be used with TCP open port and some application rules NetRelay Receives and processes NetFlow export packets directly from switches or other NetFlow data sources Table 5-8 Collector Modules (continued)5-50 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Threat Mitigated in the Enterprise Campus The screenshot in Figure 5-13 depicts the configuration of the passive mechanism of the NetInquiry module Figure 5-13 Passive Mechanism of NetInquiry Note Leave ping sweep and DNS collection disabled; u se this as a last resort. Ping sweep and DNS collection triggers pings and nslookups on the range of IP subnets added under Network block (see Figure 5-13). This is not recommended and rarely used. SPAN or NetFlow can be used, based on the deployment and customer requirements, but only one or the other is recommended on a NAC server due to the amount of traffic that is sent to the collector modules and the other NAC functionalities that the NAC server has to perform. With NetFlow, vital informational pieces can be lost about devices (for example, DHCP vendor information, URL destinations, web client info, and web server information). In the case of the campus design where the collectors are connected to the distribution switches, SPANing the ports that are connected to the access switches will show all information coming from the access layer. In this case SPAN provides more information and NetFlow information would not be needed and would only create more overhead with the duplicate information. NetFlow is more suited for situations where SPAN would not provide all the information such as switches at remote sites. For detailed instructions for configuring the NAC Profiler server and NAC Collectors in a Layer-3 OOB NAC design, refer to the NAC Profiler and NAC SERVER Collectors in a Layer 3 Out-of-Band Configuration Guide at the following URL: http://www.cisco.com/en/US/products/ps6128/products_configuration_example09186a0080a30ad7.sht ml Threat Mitigated in the Enterprise Campus Ta b l e 5-9 Enterprise Campus Threat Mitigation Features IP Spoofing Botnets DoS/DDoS Layer 2 Attacks Unauthorized Access Spyware, Malware, Adware Network Abuse Data Leakage Visibility Control Host-based Intrusion Prevention Systems (CSA) Yes Yes Yes Yes Yes Yes Yes Edge Filtering Yes Yes Yes Yes Yes5-51 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Threat Mitigated in the Enterprise Campus VLAN Segregation Yes Yes Yes Yes Yes IPS Yes Yes Yes Yes Yes Yes NAC Yes Yes Yes Yes Yes Yes IBNS Yes Yes Yes Yes Port Security Yes Yes Yes Yes DHCP Snooping Yes Yes Yes Yes IP Source Guard Yes Yes Yes Yes Dynamic ARP Inspection Yes Yes Yes Yes Table 5-9 Enterprise Campus Threat Mitigation Features (continued)5-52 Cisco SAFE Reference Guide OL-19523-01 Chapter 5 Enterprise Campus Threat Mitigated in the Enterprise CampusC H A P T E R 6-1 Cisco SAFE Reference Guide OL-19523-01 6 Enterprise Internet Edge The Internet edge is the network infrastructure that provides connectivity to the Internet and that acts as the gateway for the enterprise to the rest of the cyberspace. The Internet edge serves other building blocks—referred to by Cisco as Places-in-the-network (PINs)—that are present in a typical enterprise network. This modular building-block approach enables flexibility and customization in network design to meet the needs of customers and business models of differing sizes and requirements. Figure 6-1 shows the Internet edge infrastructure as part of an enterprise network. The Internet edge infrastructure serves most areas of the enterprise network, including the data center, campus, and remote branches. The proper design and implementation of the Internet edge infrastructure is crucial to ensure the availability of Internet services to all enterprise users. The Internet edge infrastructure includes the following functional elements: • Service Provider (SP) Edge This border part of the Internet edge infrastructure consists of routers that interface directly to the Internet. Internet-facing border routers peer directly to the Internet SP. Careful consideration must be made to routing design, redundancy, and security of these border routers. • Corporate Access and DMZ One of the major functions of the Internet edge is to allow for safe and secure Internet access by corporate users while providing services to the general public. The firewalls in this module secure these functions through implementation enforcement of stateful firewall rules and application-level inspection. Users at the campuses may access email, instant messaging, web browsing, and other common services through the Internet edge firewalls. Optionally, the same infrastructure may serve users at the branches that are mandated to access the Internet over a centralized connection. Public-facing services, such as File Transfer Protocol (FTP) servers and websites, can be provided by implementing a de-militarized zone (DMZ) within this network domain. The web application firewall is another appliance that protects web servers from application-layer attacks (such as XML). The web application firewall also resides in the DMZ infrastructure and provides primary security for Hypertext Transfer Protocol (HTTP)-based and E-commerce applications. • Remote Access The remote access infrastructure that provides corporate access to remote users through protocols such as Secure Socket Layer (SSL) Virtual Private Networking (VPN) and Easy VPN. • Edge Distribution The edge distribution infrastructure provides the interface for the Internet edge network devices to the rest of the enterprise network. Appliances, such as the Web Security Appliances (WSA), reside in this part of the network. Within the edge distribution infrastructure, you can also implement an Intrusion Prevention Appliance (IPS) to guard against worms, viruses, denial-of-service (DoS) traffic, and directed attacks. 6-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge • Branch Backup Some branches may adopt an Internet connection to provide a backup link to a WAN network. This backup functionality may be performed by using dedicated appliances, such as a Cisco ASR 1000 Series router. The branch backup functionality is implemented within at Internet WAN edge block in the Enterprise WAN edge module. The Internet edge module provides many of the essential Internet-based services used in enterprise networking environments (see Figure 6-1). Providing these services in a secure manner is essential to business continuity and availability. The best practices for securing these services in the context of Internet edge are presented in this chapter. Figure 6-1 Internet Edge Infrastructure as part of an Enterprise Network Internet ISP A ISP B Distribution Service Provider Edge Web Security Appliance Email Security Appliance Web DNS Corporate Access/DMZ Core Remote Access VPN 226633 www6-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Key Threats in Internet Edge Key Threats in Internet Edge The Internet edge is a public-facing network infrastructure and is particularly exposed to large array of external threats. Some of the expected threats are as follows: • Denial-of-service (DoS), distributed DoS (DDoS) • Spyware, malware, and adware • Network intrusion, takeover, and unauthorized network access • E-mail spam and viruses • Web-based phishing, viruses, and spyware • Application-layer attacks (XML attacks, cross scripting, and so on) • Identity theft, fraud, and data leakage Design Guidelines for the Enterprise Internet Edge This section focuses on the overall design of the Internet edge module in the SAFE design. The Internet edge network can be divided into several functional blocks. Each functional block has its own design and security considerations: • Service Provider Edge—This block is composed by the Internet-facing border routers. The primary function of the border routers is to route traffic between the organization's network and the Internet. These routers also act as the first line of defense against external attacks. The SAFE design accommodates a redundant Internet connection. To that end, the two border routers at the edge connect to the Internet through dual Internet Service Providers (ISP)—ISP-A and ISP-B, as shown in Figure 6-1. The two border routers provide redundancy and run external Border Gateway Protocol (eBGP). The eBGP allows efficient policy-based routing and prevents leakage of routes from one ISP to another. The border routers also run Performance Routing (PfR) to optimize traffic flows and improve performance. With PfR enabled, load balancing between border routers is possible without the need for storing the full Internet routing on the border routers. For outgoing traffic to the Internet, PfR also enables the routers to make intelligent decisions in choosing an optimized path based on the traffic characteristics of each ISP. This improves the overall performance of outgoing Internet traffic. For PfR implementation details, refer to Transport Diversity: Performance Routing (PfR). The border routers should be secured following the device hardening best practices outlined in Chapter 2, “Network Foundation Protection.” • Corporate Access and DMZ —A pair of firewalls provide stateful access control and deep packet inspection. These firewalls are deployed to protect the organization's internal resources and data from external threats by preventing incoming access from the Internet; to protect public resources served by the DMZ by restricting incoming access to the public services and by limiting outbound access from DMZ resources out to the Internet; and to control user's Internet-bound traffic. To that end, firewalls are configured to enforce access policies, keep track of connection status, and inspect packet payloads. The firewalls are configured in active/standby mode for redundancy purposes. The DMZ hosts services such as the E-mail Security Appliance, HTTP, Domain Name System (DNS), and FTP. The web application firewall also resides in the DMZ. The web application firewall provides perimeter security for application-based attacks that the firewall cannot guard against and can provide safeguards for key applications, such as business-to-business transactions. In most cases the data center implements its own web application firewall. The web application firewall on the DMZ can provide the first line of defense for commerce applications and protect any web servers on the DMZ from application-layer attacks. IronPort Email Security Appliance (ESA) may be deployed at the DMZ to protect email communications.6-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Design Guidelines for the Enterprise Internet Edge • Remote Access VPN—One essential function of the Internet-edge module is to provide secure access to remote workers. Many different approaches can be taken, depending on particular requirements and policies within the enterprise. Access for remote clients can be implemented using SSL VPN with thin clients. Clients in this case are only allowed access to specific HTTP services within the enterprise. This is in contrast to full client remote access in which clients have full access to all services within the enterprise and experience the same level of service as internal corporate users. It is recommended that two separate firewalls are used to provide remote access functionality. Although a single pair of firewalls could be leveraged for both remote access and corporate access, it is a good practice to keep them separate. Remote access may be further secured by requiring user authentication and authorization, and enforcing granular per user or per group access control policies. • Edge Distribution—The Enterprise Internet Edge module implements a layer of distribution switches that aggregate services common to the various blocks present in the module. The distribution switches reside in the inside network of the firewalls and connect to the core switches, making it accessible to other parts of the enterprise network. URL filtering, content inspection, and intrusion prevention are examples of services that may be aggregated at the distribution layer. Ironport Web Security Appliance (WSA) may be deployed at this layer to enforce acceptable use policies for Web access, content inspection, and to block malware, spyware and other threats. The WSA is a web proxy and sits logically in the path between corporate users and the Internet edge firewalls. Proper placement and configuration of these appliances provides secure web access, content security and threat mitigation for web services. Cisco Intrusion Prevention Systems (IPS) may be implemented in this part of the Internet edge infrastructure. Logically, the IPSs are placed between the firewall and core routers, protecting the enterprise from threats originating from campus and remote users. 6-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Edge Distribution Layer Edge Distribution Layer The position of the edge distribution layer within the Internet edge network is shown Figure 6-2. Figure 6-2 Edge Distribution in Internet Edge This section addresses the following edge distribution topics: • Design Guidelines and Best Practices – Infrastructure Protection Best Practices – Internet Edge Cisco IPS Design Best Practices Design Guidelines and Best Practices The Internet edge distribution layer refers to the part of the network that aggregates common services used by the various blocks in the Internet Edge module, that resides within the inside network, and that is adjacent to the core network. Common services include web security with the WSA, and intrusion protection with Cisco IPS. It is a good practice to deploy WSA at the distribution layer, as close to the clients as possible. Per contrary, the ESA should be deployed as close to the Internet as possible with a reasonable level of firewall protection (i.e., within the DMZ). The deployment of WSA and ESA are discussed in detail in the “E-mail and Web Security” section on page 6-15. Other functions covered in this section include connectivity and routing to and from the core and implementation of the Cisco IPS appliances. Internet ISP A ISP B Distribution Service Provider Edge Web Security Appliance Email Security Appliance Web DNS Corporate Access/DMZ Core Remote Access VPN 226753 www6-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Edge Distribution Layer Infrastructure Protection Best Practices Infrastructure protection plays an important role in the Internet edge distribution block. The following best practices are recommended: • All infrastructure protection hardening, such as management access control lists (ACL), authentication, control plane policing, or Layer-2 hardening, must be implemented on the inner switches. • Routing protocols between switches and Cisco ASAs and core routers must be authenticated. • Use separate interfaces for management of the WSA. • Disable unnecessary services, such as Telnet, HTTP, and the like on the data interfaces for the WSA in order to prevent even inside corporate users from taking advantage of open ports. Internet Edge Cisco IPS Design Best Practices The Cisco SAFE Internet edge design leverages the Cisco IPS to provide protection against threats originating from both inside and outside the enterprise. When implemented in inline mode, the Cisco IPS inspects all transit traffic and automatically blocks all malicious packets. The Cisco IPS can also be deployed in promiscuous mode, in which the sensor does not reside in the traffic path. In promiscuous mode, the Cisco IPS is able to identify and generate alarms whenever malicious traffic is seen, but the sensor cannot block the attack in real-time by itself. To ensure adequate threat visibility and detection, Cisco IPS sensors must be maintained with the latest signature database. This can be automated by using CSM. When deployed in inline mode, the Cisco IPS sensor is configured to bridge traffic between interface or VLAN pairs. The sensor inspects the traffic as it is bridged between the interfaces or VLANs. Figure 6-3 shows the placement of Cisco IPS in the context of Internet edge infrastructure.6-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Edge Distribution Layer Figure 6-3 Internet Edge with Integrated Cisco IPS By implementing the Cisco IPS at the distribution layer, the sensors can inspect traffic from all sources, whether from the Internet, remote-access clients, or corporate users. In addition, traffic destined to the DMZ or corporate users can be monitored. Figure 6-3 shows how the Cisco IPS can inspect traffic from corporate users or from users accessing public-facing services at the DMZ. The deployment framework for the Cisco IPS is as follows: • The Cisco IPS is logically located between the edge firewalls and the distribution switches. • Cisco IPS is configured to enable it to send alarms to a CS-MARS appliance. CSM and Cisco Intrusion Detection System Device Manager (IDM) GUI interfaces can be used to monitor the Intrusion Detection System (IDS). CSM and CS-MARS are located in the out-of-band management network. • Two Cisco IPS devices are used for redundancy. • Because the Cisco IPS loses visibility into the traffic flows with asymmetrical data paths, it is a good practice to ensure symmetrical paths by fine tuning spanning tree parameters and by implementing the firewalls in active/standby mode. With correct tuning of spanning tree and by firewalls implemented in standby/active mode, a single Cisco IPS is actively inspecting traffic at any point in time while the other is idle. Redundancy can be achieved very easily when using Cisco ASAs in active/standby mode. In this case, only a single Cisco IPS is actively monitoring traffic for both directions at any time. If a link fails, the other Cisco IPS inspects traffic. SP2 Core Corpnet ASA’s 226754 Internet Network Applications DMZ Branch/ WAN Data Center Campus SP16-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Corporate Access/DMZ Block Corporate Access/DMZ Block The location of the corporate access/DMZ network infrastructure within the Internet edge network is shown in Figure 6-4. Figure 6-4 Corporate Access/DMZ in Internet Edge Corporate access/DMZ design is an essential aspect of the overall Internet edge design. Most enterprise customers must provide Internet access for all employees. However, this comes with security challenges. The challenge is to provide Internet access, but at the same time block malicious traffic from entering the corporate network. The first step is to deploy a firewall with proper policies configured. The design considerations for the Cisco Application Control Engine (ACE) Web Application Firewall appliance is covered in this section. The Cisco ACE Web Application Firewall provides perimeter security functionality and protection for public-facing, web-based services located within the DMZ. This section addresses three key topics: • How to provide corporate access • How to implement the firewall policy • How to implement the Cisco ACE Web Application Firewall at the DMZ Internet ISP A ISP B Distribution Service Provider Edge Web Security Appliance Email Security Appliance Web DNS Corporate Access/DMZ Core Remote Access VPN 226757 www6-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Corporate Access/DMZ Block Design Guidelines for Corporate Access/DMZ Block The corporate access policies are enforced by Internet edge firewalls. Two Cisco ASAs are used in order to provide redundancy. They are used in active/standby mode. This simplifies Cisco IPS deployment and ensures that no traffic loss occurs in the event of a failover. The key objectives of firewall requirements are as follows: • All corporate users must be able to access the Internet. • All HTTP/HTTPS traffic must pass through the WSA. • Only web, E-mail, and some Internet Control Message Protocol (ICMP) traffic are allowed into the network. • Cisco ASAs should be hardened. • Cisco ASAs should be configured for redundancy. • The Cisco ACE Web Application Firewall serves all web servers on the DMZ and all public addresses of the web servers must point to the Cisco ACE Web Application Firewall. • Secure device access by limiting accessible ports, authentication for access, specifying policy for permitable action for different groups of people, and proper logging of events. • Disable Telnet and HTTP; allow only secure shell (SSH) and HTTPS. • Secure firewall routing protocols by implementing Message Digest 5 (MD5) authentication. • Enable firewall network telemetry functionality by using features such as Network Time Protocol (NTP), logging, and NetFlow. Figure 6-5 illustrates traffic flow through a firewall in a corporate access environment. Figure 6-5 Traffic Flow for Typical Corporate Access www Internet IronPort Corporate User Web Server 2266506-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Corporate Access/DMZ Block As shown in Figure 6-5, all the corporate users should pass through the WSA to reach the Internet. The Cisco ASA should not allow any web traffic to go out that does not originate from the WSA, with the exception of the ESA, Cisco Security MARS, and CSM that need to access the Internet for updates. The different logical interfaces on the Cisco ASA can be used to separate the DMZ, SP-facing interfaces, and the inside corporate infrastructure. See Figure 6-6. Figure 6-6 Cisco ASA Physical Interface Layout The following lists the importance of each particular interface: • management—This interface is used for management traffic, including AAA, HTTPS, and so on. • dmz2—This interface is used to host the web servers and web application firewall. • emailservices—This interface is used to host the IronPort ESA. • corpnet—This is the gateway interface for all the corporate users. • Failover Interface—This is the interface used to facilitate communication and status between standby/active firewalls. • externalservices—This is the interface connected to the outside world (which in this scenario is connected to the border routers). The Cisco ASDM management tool can be used to verify firewall rules, monitor events, and configure the Cisco ASAs. Figure 6-7 and Figure 6-8 illustrate information available through the Cisco ASDM. mgmt failover external services web proxy services corpnet corpnet dmz2 mgmt IronPort dmz2 226651 DMZ WAF Appliance NOC/MGMT Internet Core www6-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Corporate Access/DMZ Block Figure 6-7 Cisco ASDM Screen Capture—Device Information and Status Page6-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Corporate Access/DMZ Block Figure 6-8 Cisco ASDM Screen Capture—Firewall Access Rules Page As shown in Figure 6-7 and Figure 6-8, the Cisco ASDM can be used to configure firewall rules and monitor a variety of statistics and system parameters. The following configuration steps illustrate the process necessary to implement the security best practices for the Internet edge firewalls. Note The 64.104.0.0/16 and 198.133.219.0/24 address blocks used in the examples provided below are reserved for the exclusive use of Cisco Systems, Inc. Step 1 Define the inter-interface and intra-interface security policy. The configuration that follows allows traffic to flow between the interfaces and within an interface of same security-level. This is required if two or more interfaces on the firewall are configured with the same security level. same-security-traffic permit inter-interface same-security-traffic permit intra-interface Step 2 Define the object groups. The configuration that follows allows objects—such as IP hosts or networks, protocols, ports, and ICMP types—to be collected into object groups. This simplifies deployment and makes it easier to deploy future servers or hosts without modifying the ACLs. object-group network NETWORK_APPLICATION_HOSTS network-object 198.133.219.55 255.255.255.255 <-- This is Iron Port E-mail server network-object 198.133.219.59 255.255.255.255 <-- This is web application firewall object-group protocol NETWORK_APPLICATION_PROTOCOL protocol-object tcp protocol-object udp6-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Corporate Access/DMZ Block object-group service services1 tcp-udp description DNS Group port-object eq domain object-group service services2 tcp port-object eq www port-object eq https port-object eq smtp object-group icmp-type ICMP_TRAFFIC icmp-object echo-reply icmp-object time-exceeded icmp-object unreachable icmp-object echo object-group service ICMP_TRAFFIC_1 description (Generated by Cisco SM from Object "ICMP_TRAFFIC") service-object icmp echo service-object icmp unreachable service-object icmp time-exceeded service-object icmp echo-reply Step 3 Define the key services that are to be visible to the outside world. In the design presented here, the web application firewall appliance and IronPort E-mail servers are visible to outside. As a result, static NAT translations for these services must be defined. The following example commands illustrate this configuration. static (dmz2,externalservices) tcp 198.133.219.59 www 10.244.20.110 www netmask 255.255.255.255 static (emailservices,externalservices) 198.133.219.55 10.244.30.11 netmask 255.255.255.255 Step 4 Define the Protocol Address Translation (PAT) and NAT pool for corporate access as illustrated in the following configuration. global (externalservices) 20 198.133.219.129-198.133.219.254 netmask 255.255.255.128 global (externalservices) 20 198.133.219.128 netmask 255.255.255.255 nat (corpnet) 20 access-list corp-net nat (VPN-termination) 2 10.246.10.0 255.255.255.0 Step 5 Define the ACL for allowing external access as illustrated in the following configuration. access-list OUTSIDE_IN extended permit tcp any object-group NETWORK_APPLICATION_HOSTS eq domain access-list OUTSIDE_IN extended permit tcp any object-group NETWORK_APPLICATION_HOSTS object-group services2 Note Defining object groups greatly simplifies deploying the firewall policy. Step 6 Define the ACL to prevent the inside users from trying to access the Internet without going to the IronPort appliance as illustrated in the following configuration. access-list WEB_ACCESS extended permit tcp host 10.245.255.250 any eq www access-list WEB_ACCESS extended permit tcp host 10.242.50.99 any eq www access-list WEB_ACCESS extended permit tcp host 10.242.50.96 any eq www access-list WEB_ACCESS extended deny tcp any any eq www access-list WEB_ACCESS extended permit ip any any Step 7 Apply the ACL WEB_ACCESS to corpnet and apply the ACL OUTSIDE_IN to externalservices as illustrated in the following configuration. access-group OUTSIDE_IN in interface externalservices access-group WEB_ACCESS in interface corpnet6-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Corporate Access/DMZ Block Web Application Firewall The web application firewall acts as a reverse proxy for the web servers that it is configured to protect. The virtual web application is used to create a virtual URL that will be used to intercept incoming client connections. You can configure one more virtual web applications based on the protocol and port, as well as the policy you want to be applied. Covering every aspect of web application firewall configuration and policy management is beyond the scope of this publication. Only basic implementation steps as they pertain to the Internet edge architecture are addressed. For more details, refer to the web application firewall reference guide listed in Appendix A, “Reference Documents.” Basic configuration of network services is handled through the console port or a keyboard. The policy configuration and management are done through a GUI via HTTPS. The web application firewall can be configured with a virtual address that acts as the IP address of a web server. The web application firewalls can then point to the actual web server and inspect all traffic destined for the web server. The logical placement and deployment model of web application firewall is shown in Figure 6-9. Figure 6-9 Cisco Application Control Engine (ACE) Web Application Firewall Logical Placement The following are some of the best practices that should be used when implementing web application firewall: • The web application firewall is implemented as one-armed design with the single interface connecting to the DMZ. • Configure the web application firewall to retain the source IP address if the traffic is directed to appliances in the data center. • It is recommended that HTTPS traffic directed to the data center, not be encrypted as the Cisco ACE • module in data center will perform the load-balancing and decryption while also providing higher performance. • The web application firewall in the Internet edge and the web application firewall in data center to be configured in the same cluster. Core Attack Stopped by WAF WAF 226654 Border Routers Internet Remote Client Ecommerce Clients Firewalls XML Attacks to DMZ or Web Servers XML Aware Web Server Applications DMZ WAF Network Services HTTPservices6-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security For more information on best practices, configuration steps and threat control and monitoring capability of the web application firewall, refer to the web application firewall reference guide listed in Appendix A, “Reference Documents.” Examples of the GUI interface used to view rules and monitor events are shown in Figure 6-10 and Figure 6-11. Figure 6-10 Cisco ACE Web Application Firewall—Viewing Rules and Signatures Figure 6-11 Cisco ACE Web Application Firewall—Viewing Event Log Viewer E-mail and Web Security To implement the best practices for the ESA and WSA, a good understanding of the SenderBase SensorBase network is required. The ESA and WSA use the information gathered by the SenderBase SensorBase network to make decisions about threat level of websites and senders of received E-mails. The following section summarizes the operation and advantages of the SenderBase SensorBase network.6-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security IronPort SensorBase The IronPort ESA and WSA use the SensorBase network to gain a real-time view into security threats and stop E-mail spam and E-mails from malicious sites. The SensorBase network is an extensive network that monitors global E-mail and web traffic for anomalies, viruses, malware and other and abnormal behavior. It queries a significant percentage of all global E-mail and web traffic and uses tens of parameters to determine spam E-mail sites and malicious or compromised websites. SensorBase examines more than 90 different parameters about E-mail traffic and 20 different parameters about web traffic. Parameters tracked include global sending volume, complaint levels, "spamtrap" accounts, whether a sender's DNS resolves properly and accepts return mail, country of origin, blacklist information, probability that URLs are appearing as part of a spam or virus attack, open proxy status, use of hijacked IP space, valid and invalid recipients, and other parameters. By using sophisticated algorithms, SensorBase creates a reputation score for domains and websites that ranges from -10 to +10. This score is analogous to credit scores for individuals and is used to determine risk. Every ESA implemented at the enterprise can dynamically lookup reputation scores for domains of each E-mail it receives, or each website to which it is connected. The appliance can use preconfigured policies to drop, monitor, or quarantine E-mails from suspect mail sites-and to drop connections to malicious websites. Figure 6-12 depicts the operation of the IronPort SensorBase network. Figure 6-12 IronPort SensorBase Network IronPort SenderBase IP Blacklists and Whitelists SpamCop, SpamHaus (SBL), NJABL, Bonded Sender Compromised Host Lists Downloaded files, linking URLs, threat heuristics Web site Composition Data SORBS, OPM, DSBL Other Data Fortune 1000, length of sending history, location, where the domain is hosted, how long has it been registered, how long has the site been up Spamvertized URLs, phishing URLs, spyware sites Domain Blacklists and Safelists Reputation Score 226635 Global Volume Data Over 100,000 organizations, email traffic, Web traffic Message Composition Data Message size, attachment volume, attachment types, URLs, host names SpamCop, ISPs, customer contributions Complaint Reports Spam, phishing, virus reports Spam Traps6-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Web Security Appliance Best Practices The function of the WSA is to monitor and mitigate any abnormal web activity between corporate users and the outside world. The WSA is logically located in the path between corporate web users and the Internet. In effect, the WSA acts as a web proxy for the corporate users residing inside the network. This logical placement of the WSA implies proper configuration of the browser. There are three different ways clients may interact with WSA: • Explicit mode without use of Proxy Auto Configuration (PAC) files—This requires manual configuration of the browser to point to the WSA as its proxy. This choice does not support redundancy, does not work with multiple WSAs, and requires changes to every browser in the enterprise network. This is the preferred method to test and verify proper operation of the WSA. • Explicit mode with use of PAC files—In this mode, the proxy information is stored in a file that can be downloaded automatically or the file’s location can be referenced manually. The advantage of this mode is that more than one proxy can be referenced in the files and used by the browser. This allows for load balancing and redundancy of WSAs. You can use Dynamic Host Configuration Protocol (DHCP) or DNS to download the files automatically to the browser. This eliminates the need to manually configure each browser separately. • Transparent mode with Web Cache Communications Protocol (WCCP)—In this mode, the web traffic is transparently directed to the WSA using WCCP redirection and does not require any adjustments to the browser. This mode requires the configuration of a WCCP-enabled firewall, router or Layer-3 switch to direct client traffic to the appliance. Care should be taken when asymmetrical traffic flows exist in the network. This is a good method for load sharing and redundancy. It is recommended that explicit mode be initially implemented. You may use this mode with the use of PAC files for initial testing-and then transition to WCCP for final implementation. As mentioned in the preceding description, with PAC files, you may achieve load balancing and redundancy between multiple WSAs. Alternatively, WCCP-based transparent mode may be used if you require weighted load-balancing or source and destination hashing. More sophisticated load-balancing is also possible with the use of a Layer-4 load balancer, such as Cisco Application Control Engine (ACE). Figure 6-13 illustrates the manual proxy configuration in Microsoft Internet Explorer.6-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Figure 6-13 Example Browser Configuration Window for Setting up WSA Reference To implement explicit mode without using PAC files, use the proxy server configuration setting shown in Figure 6-13 and manually enter the IP address of the WSA. The use automatic configuration script configuration is used to indicate the location of the PAC file used by the browser; with WCCP redirection, you do not configure anything. Similar configuration options are available for other popular browsers. Other recommendations and best practices for WSA deployment are as follows: • The edge firewalls should be configured to allow only outgoing HTTP or Hypertext Transfer Protocol over SSL (HTTPS) connections sourced from the WSA and other devices requiring such access—such as ESA and Cisco Security Monitoring, Analysis and Response System (Cisco Security MARS), or Cisco Security Manager (CSM). This would prevent users from bypassing the WSA in order to directly connect to the Internet. • Determine the IP address of the WSA to which all browsers will point as a web proxy. • Configure all browsers in the organization to point to the WSA either through PAC or manual configuration. Once the location of the PAC files are configured, no other changes to the browser are necessary. If using WCCP, end-station configuration is not needed. • If an upstream proxy is present, configure the WSA to point to the upstream proxy. • Determine policies for handling HTTPS traffic and configure WSA to enforce those policies. • Configure the WSA policies and actions to be taken for the different ranges in the Web Reputation Score. Based on the reputation score, the WSA can pass, monitor, or drop web traffic. • Configure enforcement policies for your organization through the URL filter available on the WSA. URL filters allow blocking or monitoring of users based on the website categories users visit. • In creating policies for encrypted traffic. It is recommended that a white list of well-known sites be created through which traffic to those sites is allowed to pass. This saves resources on the WSA. It is also good practice to monitor traffic for other sites that use encryption. 6-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security • If a no split-tunneling policy is enforced at the branches, then the browsers on all branches should point to the WSA. This practice will ensure that all Internet traffic flows through the corporate network and is passed through and monitored by the WSA. • Use a separate interface to connect to the management network. You can use the WSA reporting tools to monitor web activity and to look for any malicious activity. The screen shots in Figure 6-14 through Figure 6-16 illustrate the monitoring capabilities available. Figure 6-14 WSA Reporting Window—Web Site Activity6-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Figure 6-15 WSA Reporting Window—URL Categories The Web-Site activity screen allows the administrator to determine what websites were blocked from the user and the reason for blocking access. A website can be blocked because of a bad reputation score, because spyware or malware was detected by anti-malware, or due to URL filtering. The URL filtering window categorizes all the visited websites and shows the amount of traffic and number of blocked transactions for each category. The client website window in Figure 6-16 shows the website activity for each client that can be used for enforcing acceptable-use policies.6-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Figure 6-16 WSA Reporting Window—Client Web Activity The E-mail Security Appliance E-mail is a medium through which spyware and viruses can be propagated. In addition to outside threats, E-mail spam and malicious malware can reduce employee productivity. The ESA is a type of firewall and threat monitoring appliance for Simple Mail Transfer Protocol (SMTP) traffic (TCP port 25). Logically speaking, the ESA acts as a Mail Transfer Agent (MTA) within the E-mail delivery chain. There are multiple deployment approaches for the security appliance depending on the number of interfaces used. ESA may be deployed with a single physical interface to transfer emails to and from both the Internet and the internal mail servers. If desired, two physical interfaces may be used, one for email transfer to and from the Internet, and another one for email communications to the internal servers. In the former approach, the ESA would reside on the DMZ, while in the later, the ESA would have an interface connecting to the DMZ and the other one connecting to the inside network. In this case, the DMZ-based interface would send and receive E-mail to and from the Internet. The inside network interface would be used to deliver E-mail to the internal mail server. This guide follows the single-interface model as it is the simplest and most commonly deployed. Figure 6-17 shows both deployment models.6-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Figure 6-17 IronPort ESA Deployment Models E-mail Data Flow Consider a sender somewhere in the Internet first sending an E-mail to a mail server. The E-mail server resolves the E-mail domain name to the public IP address of the domain and sends the E-mail using SMTP to the corresponding IP address. Upon receiving the E-mail, the enterprise firewall translates the public IP address of the ESA to the DMZ IP address and forwards traffic to the ESA. The ESA then does a DNS query on the sender domain name, compares the IP address of the sender to its own SensorBase database, and determines the reputation score of the sender. It rejects the E-mail if it falls within a pre-configured reputation score. A typical dataflow for inbound E-mail traffic is shown in Figure 6-18. DMZ inside Exchange Server ESA ESA One Interface Deployment Inner Switches 226640 Internet Core Internet DMZ inside Exchange Server Two Interface Deployment Inner Switches Internet Core Internet6-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Figure 6-18 Typical Data Flow for Inbound E-mail Traffic Redundancy and Load Balancing of an E-mail Security Appliance Redundancy is often a requirement, a failure of an ESA can cause mail service outage. There are multiple ways to configure redundancy; the simplest one is to add the second appliance with an equal cost secondary MX record, as shown in Figure 6-19. In this method, traffic will be shared across two or more ESAs. A more advanced design would include a load-balancing platform for balancing traffic among multiple appliances. Figure 6-19 IronPort E-mail Appliance High Availability Environment 10 9 Cisco Email Appliance Local Services Receiver retrieves mail from server Mail server stores email for retrieval by receiver Mail server 1 Sender sends and email to xyz@domain X 4 Email server sends mail to a.b.c.d using SMTP 2 What is IP address of domain X 3 Domain X IP address is a.b.c.d Public IP address of ESA 7 8 ESA sends mail to preconfigured mail server 5 Firewall translates Public address of ESA to private address of ESA and sends it to ESA 6 ESA does a DNS query on sender domain and checks the received IP address in its reputation database, and drops, quarantines email based on policy 226641 Mail Server 226642 Primary ESA Secondary ESA Firewall Switch Switch6-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Best Practices and Configuration Guidelines for ESA Implementation The first task when implementing an ESA in the enterprise is to define firewall rules. Important considerations when defining firewall rules are as follows: • A static address must be defined on the firewall to translate a publicly accessible IP address for the E-mail server to a private IP address used by the ESA. • It is recommended that the ESA be configured to access a DNS in the outside network, rather than the internal DNS. This means that the firewall must allow ESA do perform DNS queries and receive DNS replies. • The ESA downloads the latest SensorBase information, virus updates, and so on through HTTP/HTTPS connections. Again firewall rules must allow HTTP/HTTPS traffic from the ESA. • SMTP routes must be set to point to inside E-mail servers. • Either the same interface or a separate interface can be used for incoming or outgoing mail. If the same interface is used, you will need to relay mail on the interface. • Use a separate interface to connect to the management network. • Use separate subnets for different organizational domains. This simplifies the configuration of policies in the WSA for different groups of users. IronPort has a very intuitive and powerful configuration web interface. The network, interface, and SMTP routing information can be configured using the wizard. Firewall rules and Network Address Translation (NAT) are configured on the Cisco Adaptive Security Appliances (ASA). IronPort ESA is a functionally rich appliance. The following guidelines give the implementation framework and the actions necessary to implement an ESA on the network. A more detailed discussion of the IronPort ESA can be found at the following URL: http://www.ironport.com/resources/whitepapers.html Step 1 Determine IP addresses, domain names, and networks with which the ESA will be configured. Step 2 Obtain a public address for the ESA. Step 3 Create SMTP routes to the private E-mail servers. Step 4 Create firewall rules to allow in TCP port 25 (SMTP), UDP, and TCP port 53 (DNS). Step 5 Create firewall rules to allow HTTP/HTTPS so that the ESA can contact SensorBase and get virus protection updates. Step 6 Configure the ESA with DNS and the default route. Step 7 Configure the management interface. Step 8 Configure incoming and outgoing E-mail policies and content filters to match the requirements of the enterprise organization. From a security perspective, you can use the monitoring functionality available in the ESA’s GUI to manage and react to threats. The screen shots for some of the monitoring tools are presented in Figure 6-20 and Figure 6-21.6-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Figure 6-20 ESA Monitoring Screen—Virus Outbreaks The virus outbreak screen (Figure 6-20) shows the different viruses detected, action taken, and total number of outbreaks. The message analysis screen (Figure 6-21) categorizes different types of threats that were blocked and provides statistical analysis of total threats received.6-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge E-mail and Web Security Figure 6-21 ESA Monitoring Screen—Message Analysis6-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Service Provider Block Service Provider Block The Service Provider (SP) edge block is a critical part of the Internet edge because it provides the interface to the public Internet infrastructure. The following topics are covered in this section: • Design Guidelines and Best Practices for the SP Edge Block, page 6-28 • Security Features for BGP, page 6-29 • Infrastructure ACL Implementation, page 6-33 Figure 6-22 illustrates the SP edge block topology. Figure 6-22 Service Provider Block Topology Internet ISP A ISP B Distribution Service Provider Edge Web Security Appliance Email Security Appliance Web DNS Corporate Access/DMZ Core Remote Access VPN 226755 www6-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Service Provider Block Figure 6-23 illustrates an example of the interface with the SP environment via Border Gateway Protocol (BGP). Figure 6-23 BGP Design Design Guidelines and Best Practices for the SP Edge Block Figure 6-24 illustrates the topology used to implement a BGP-based, SP-edge block environment. The configuration examples presented in the subsequent descriptions depict best practices for this scenario and are taken from this example topology. Note The 64.104.0.0/16 and 198.133.219.0/24 address blocks used in the examples provided below are reserved for the exclusive use of Cisco Systems, Inc. Figure 6-24 BGP Topology Diagram The following are the design recommendations for the SP edge: • Use BGP as the routing protocol for all dynamic routing—both between the border routers and between the border routers and SP. • Have an independent autonomous system number. This will give the flexibility of advertising the Internet prefix to different SPs. Service Provider 2 Service Provider 1 Internet Border Router Border Router iBGP eBGP eBGP 226646 Internet 64.104.10.124/30 64.104.10.124/30 AS 30000 64.104.10.104/30 64.104.10.108/30 .113 .114 .125 .126 BR1 BR2 SP1 SP2 198.133.219.0/24 AS 30001 AS 30002 AS 30003 2266476-29 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Service Provider Block • Use PfR as path-optimization mechanism. This will ensure that the optimal path is selected between the SPs—thereby increasing the application performance. Harden the SP edge infrastructure by following the best practices described in Chapter 2, “Network Foundation Protection.” Security Features for BGP The BGP support for the (time-to-live) TTL security check feature introduces a lightweight security mechanism to protect eBGP peering sessions from CPU utilization-based attacks. These types of attacks are typically brute force DoS attacks that attempt to disable the network by flooding the network with IP packets that contain forged source and destination IP addresses. TTL security check allows the configuration of a minimum acceptable TTL value for the packets exchanged between two eBGP peers. When enabled, both peering routers transmit all BGP packets with a TTL value of 255. An eBGP router will establish a peering session with another router only if that other is an eBGP peer that sends packets with a TTL equal-to-or-greater-than an expected TTL value for the peering session. The expected TTL value is calculated by subtracting the hop count configured for the session to 255. All packets received with TTL values less than the expected value are silently discarded. Although it is possible to forge the TTL field in an IP packet header, accurately forging the TTL count to match the TTL count from a trusted peer is impossible unless the network to which the trusted peer belongs has been compromised. For more information, refer to the following URL: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_btsh.html#wp1027184 Note The 64.104.0.0/16 and 198.133.219.0/24 address blocks used in the examples provided below are reserved for the exclusive use of Cisco Systems, Inc. The following configuration command example illustrates the command required to enable TTL security on the SP edge router: neighbor 64.104.10.114 ttl-security hops 2 Note This feature must be enabled on both sides of a connection (enterprise border router and the SP router). The following show command verifies whether the TTL security feature is properly configured on the router (the relevant line is highlighted): IE-7200-3# show ip bgp neighbors BGP neighbor is 64.104.10.114, remote AS 30001, external link BGP version 4, remote router ID 172.26.191.176 BGP state = Established, up for 1w6d Last read 00:00:53, last write 00:00:42, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(new) Address family IPv4 Unicast: advertised and received Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 1 1 Notifications: 0 0 Updates: 1 16-30 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Service Provider Block Keepalives: 19943 20081 Route Refresh: 0 0 Total: 19945 20083 Default minimum time between advertisement runs is 30 seconds For address family: IPv4 Unicast BGP table version 37589, neighbor version 37589/0 Output queue size : 0 Index 2, Offset 0, Mask 0x4 2 update-group member Outbound path policy configured Route map for outgoing advertisements is my_routes Sent Rcvd Prefix activity: ---- ---- Prefixes Current: 1 1 (Consumes 416 bytes) Prefixes Total: 1 1 Implicit Withdraw: 0 0 Explicit Withdraw: 0 0 Used as bestpath: n/a 8 Used as multipath: n/a 0 Outbound Inbound Local Policy Denied Prefixes: -------- ------- route-map: 18758 0 Total: 18758 0 Number of NLRIs in the update sent: max 1, min 1 Address tracking is enabled, the RIB does have a route to 64.104.10.114 Connections established 1; dropped 0 Last reset never External BGP neighbor may be up to 2 hops away. Transport(tcp) path-mtu-discovery is enabled Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Connection is ECN Disabled, Mininum incoming TTL 253, Outgoing TTL 255 Local host: 64.104.10.113, Local port: 179 Foreign host: 64.104.10.114, Foreign port: 36929 Connection tableid (VRF): 0 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes) Event Timers (current time is 0x47D127AC): Timer Starts Wakeups Next Retrans 19946 1 0x0 TimeWait 0 0 0x0 AckHold 20081 19750 0x0 SendWnd 0 0 0x0 KeepAlive 0 0 0x0 GiveUp 0 0 0x0 PmtuAger 0 0 0x0 DeadWait 0 0 0x0 Linger 0 0 0x0 ProcessQ 0 0 0x0 iss: 2105715872 snduna: 2106094887 sndnxt: 2106094887 sndwnd: 15700 irs: 2928015827 rcvnxt: 2928397480 rcvwnd: 15947 delrcvwnd: 437 SRTT: 300 ms, RTTO: 303 ms, RTV: 3 ms, KRTT: 0 ms minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms Status Flags: passive open, gen tcbs Option Flags: nagle, path mtu capable, md5 IP Precedence value : 66-31 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Service Provider Block Datagrams (max data segment is 1440 bytes): Rcvd: 39763 (out of order: 0), with data: 20084, total data bytes: 381652 Sent: 39962 (retransmit: 1, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 19946, total data bytes: 379033 Packets received in fast path: 0, fast processed: 0, slow path: 0 fast lock acquisition failures: 0, slow path: 0 The routes learned from SP 1 should not be leaked to SP 2 and vice versa. To prevent the routes from leaking, an as-path access list and the route-map command are used. The following commands are required to implement this filtering: • as-path filtering command ip as-path access-list 20 permit ^$ ip as-path access-list 20 deny .* • route-map command to match the as-path command route-map my_routes permit 10 match as-path 20 • route-map command applied to the external peers neighbor 64.104.10.114 route-map my_routes out The following show command output presents the number of prefixes that are denied; this information verifies that leakage is not happening between the border routers (output of interest is highlighted): IE-7200-3# show ip bgp neighbors 64.104.10.114 BGP neighbor is 64.104.10.114, remote AS 30001, external link BGP version 4, remote router ID 172.26.191.176 BGP state = Established, up for 1w6d Last read 00:00:05, last write 00:00:44, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(new) Address family IPv4 Unicast: advertised and received Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 1 1 Notifications: 0 0 Updates: 1 1 Keepalives: 19968 20107 Route Refresh: 0 0 Total: 19970 20109 Default minimum time between advertisement runs is 30 seconds For address family: IPv4 Unicast BGP table version 37623, neighbor version 37623/0 Output queue size : 0 Index 2, Offset 0, Mask 0x4 2 update-group member Outbound path policy configured Route map for outgoing advertisements is my_routes Sent Rcvd Prefix activity: ---- ---- Prefixes Current: 1 1 (Consumes 312 bytes) Prefixes Total: 1 1 Implicit Withdraw: 0 0 Explicit Withdraw: 0 0 Used as bestpath: n/a 6 Used as multipath: n/a 06-32 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Service Provider Block Outbound Inbound Local Policy Denied Prefixes: -------- ------- route-map: 18773 0 Total: 18773 0 Number of NLRIs in the update sent: max 1, min 1 Address tracking is enabled, the RIB does have a route to 64.104.10.114 Connections established 1; dropped 0 Last reset never External BGP neighbor may be up to 2 hops away. Transport(tcp) path-mtu-discovery is enabled Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Connection is ECN Disabled, Mininum incoming TTL 253, Outgoing TTL 255 Local host: 64.104.10.113, Local port: 179 Foreign host: 64.104.10.114, Foreign port: 36929 Connection tableid (VRF): 0 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes) Event Timers (current time is 0x47E81AEC): Timer Starts Wakeups Next Retrans 19971 1 0x0 TimeWait 0 0 0x0 AckHold 20106 19775 0x0 SendWnd 0 0 0x0 KeepAlive 0 0 0x0 GiveUp 0 0 0x0 PmtuAger 0 0 0x0 DeadWait 0 0 0x0 Linger 0 0 0x0 ProcessQ 0 0 0x0 iss: 2105715872 snduna: 2106095362 sndnxt: 2106095362 sndwnd: 15225 irs: 2928015827 rcvnxt: 2928397955 rcvwnd: 15472 delrcvwnd: 912 SRTT: 300 ms, RTTO: 303 ms, RTV: 3 ms, KRTT: 0 ms minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms Status Flags: passive open, gen tcbs Option Flags: nagle, path mtu capable, md5 IP Precedence value : 6 Datagrams (max data segment is 1440 bytes): Rcvd: 39812 (out of order: 0), with data: 20109, total data bytes: 382127 Sent: 40011 (retransmit: 1, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 19970, total data bytes: 379489 Packets received in fast path: 0, fast processed: 0, slow path: 0 fast lock acquisition failures: 0, slow path: 0 IE-7200-3# IE-7200-3# show ip as-path-access-list AS path access list 20 permit ^$ deny .* IE-7200-3# show route-map my_routes route-map my_routes, permit, sequence 10 Match clauses: as-path (as-path filter): 20 Set clauses: Policy routing matches: 0 packets, 0 bytes IE-7200-3# IE-7200-3# show ip bgp route-map my_routes6-33 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Service Provider Block BGP table version is 37619, local router ID is 198.133.219.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i198.133.219.0 64.104.20.4 0 100 0 i *> 0.0.0.0 0 32768 i IE-7200-3# The BGP updates between the SPs and the border routers should be authenticated using passwords. The following is a example of the required command: neighbor 64.104.10.114 password 7 045802150C2E The following is the BGP configuration for the border router. router bgp 30000 bgp log-neighbor-changes neighbor 64.104.10.114 remote-as 30001 ! <----- This is connection to SP1 neighbor 64.104.10.114 ttl-security hops 2 ! <---- TTL -security feature neighbor 64.104.10.114 password 7 045802150C2E ! <---- Password protection neighbor 64.104.20.4 remote-as 30000 ! <---- iBGP connection to the other Border router maximum-paths ibgp 3 ! <--- Maximum mumber of paths to be allowed. ! address-family ipv4 neighbor 64.104.10.114 activate neighbor 64.104.10.114 route-map my_routes out neighbor 64.104.20.4 activate neighbor 64.104.20.4 next-hop-self maximum-paths ibgp 3 no auto-summary no synchronization network 198.133.219.0 route-map my_routes permit 10 match as-path 20 ! ip as-path access-list 20 permit ^$ ! <-- Permit only if there is no as-path prepend ip as-path access-list 20 deny .* ! <-- Deny if there is as-path prepend. Infrastructure ACL Implementation The Infrastructure ACL (iACL) forms the first layer of defense to the Internet edge module. The iACL should be constructed following the best practices outlined in the Network Security Baseline document (see Appendix A, “Reference Documents.”). The ACL example that follows protects the PIN from several unwanted sources and illustrates how an iACL protects the border routers. Note The 64.104.0.0/16 and 198.133.219.0/24 address blocks used in the examples provided below are reserved for the exclusive use of Cisco Systems, Inc. ! The global address for IE pin is 198.133.219.0. The first three lines prevent fragments from any source to this address space. access-list 110 deny tcp any 198.133.219.0 0.0.0.255 fragments access-list 110 deny udp any 198.133.219.0 0.0.0.255 fragments access-list 110 deny icmp any 198.133.219.0 0.0.0.255 fragments access-list 110 deny ip host 0.0.0.0 any ! prevent traffic from default route access-list 110 deny ip 127.0.0.0 0.255.255.255 any ! prevent traffic from host address.6-34 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Remote Access Block access-list 110 deny ip 192.0.2.0 0.0.0.255 any access-list 110 deny ip 224.0.0.0 31.255.255.255 any ! prevent traffic from special multicast address space. access-list 110 deny ip 10.0.0.0 0.255.255.255 any ! prevent spoofing traffic from 10.x.x.x address space. access-list 110 deny ip 192.168.0.0 0.0.255.255 any ! prevent spoofing traffic from 192.168.x.x address space. access-list 110 permit tcp host 64.104.10.114 host 64.104.10.113 eq bgp ! permit bgp traffic only with the known service provider access-list 110 permit tcp host 64.104.10.114 eq bgp host 64.104.10.113 ! same comment as above. access-list 110 deny ip 198.133.219.0 0.0.0.255 any ! prevent spoofing traffic, which is traffic orginate from outside using the IE address space. access-list 110 deny ip 10.240.0.0 0.15.255.255 any ! deny spoofing management traffic, 10.240.0.0 is the internal management address space. access-list 110 permit ip any any Remote Access Block The position of the remote-access network infrastructure within the Internet edge network is shown in Figure 6-25. Figure 6-25 Remote Access Block in Internet Edge Network Internet ISP A ISP B Distribution Service Provider Edge Web Security Appliance Email Security Appliance Web DNS Corporate Access/DMZ Core Remote Access VPN 226756 www6-35 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Remote Access Block In the Internet edge module, remote access provides access primarily to users connecting to network resources from external locations, such as Internet hot spots, public access, and so on. Remote access does not refer to access from remote offices or teleworkers. To provide access for remote users, there are several technologies available, including Easy VPN, SSL VPN, and Virtual Tunnel Interfaces (VTI). The principal function of remote access is to provide access to internal resources and applications. Common examples are product information pages, blogs, FTP sites, and so on. Remote access functionality is provided by using a separate pair of Cisco ASAs. Figure 6-26 shows the placement of the remote-access firewalls in the context of Internet edge. Figure 6-26 Placement of Remote Access Firewall Design Guidelines for the Remote Access Block This description focuses on an SSL VPN-based implementation. To implement SSL VPN, there are several factors and best practices that are recommended. These can be summarized as follows: • In simple deployments, the Cisco ASA can issue its own certificate. In a more complex enterprise system, you can use a certificate issued and verified by a third-party vendor. • Use redundant Cisco ASAs for reliability. In this design, an active/standby scenario is featured. • It is recommended that the Cisco IPS be used to inspect traffic to or from remote users. Cisco IPS sensors are placed at the distribution block, allowing the inspection of traffic after it is decrypted. • Use Authentication, Authorization, and Accounting (AAA) for authentication of remote users. The following configuration steps illustrate some of the practices to implement remote access using SSL VPN. Service Provider 2 Service Provider 1 Core Corpnet ASA’s Network Applications DMZ WAN Edge Data Center Campus Remote Access ASA’s 2266486-36 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Remote Access Block Note The 64.104.0.0/16 and 198.133.219.0/24 address blocks used in the examples provided below are reserved for the exclusive use of Cisco Systems, Inc. Step 1 Enable the HTTP server on the Cisco ASA. http server enable Step 2 Configure a different port for management purposes. This is required because WebVPN listens by default on 443. As a result, a separate port is required for management. http redirect management 445 Step 3 Enable WebVPN on outside interface. webvpn enable VPN-termination Step 4 (Optional) Configure DNS. dns -lookup inside dns server-group DefaultDNS name-server 10.244.30.10 domain-name cisco.com Step 5 Define a group policy. The following example illustrates creating a group policy named executive. group-policy executive internal group-policy executive attributes vpn-simultaneous-logins 25 vpn-tunnel-protocol webvpn default-domain value cisco.com Step 6 Define a tunnel policy. The following configuration illustrates creating a tunnel-policy named executive-tunnel. tunnel-group executive-tunnel type remote-access tunnel-group executive-tunnel general-attributes default-group-policy executive tunnel-group executive-tunnel webvpn-attributes group-alias executive enable Step 7 Configure certificates. The SSL gateway uses a certificate as its identity for remote users. The gateway can issue its own certificate and use it as its identity or use a certificate issued by a third-party vendor. For a simple deployment, the gateway can use its own certificate. The following configuration example illustrates configuration of a locally signed certificate: crypto ca trustpoint LOCAL-TP revocation-check crl none enrollment self fqdn IE-SSL-1.cisco.com subject-name CN=198.133.219.40 serial-number ip-address 198.133.219.40 crl configure route-map my_routes permit 10 match as-path 20 ! ip as-path access-list 20 permit ^$ !<-- Permit only if there is no as-path prepend ip as-path access-list 20 deny .* ! <-- Deny if there is as-path prepend.6-37 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Remote Access Block You can use the Cisco Adaptive Security Device Manager (ASDM) tool to configure and monitor the remote-access Cisco ASAs. With Cisco ASDM, you can monitor traffic statistics, look an interface status and monitor events. An example of the Cisco ASDM monitoring capabilities is given in Figure 6-27. Figure 6-27 ASDM Example Management and Monitoring Screen6-38 Cisco SAFE Reference Guide OL-19523-01 Chapter 6 Enterprise Internet Edge Threats Mitigated in the Internet Edge Threats Mitigated in the Internet Edge The threats mitigated using the various platforms and features described in this chapter are summarized in Table 6-1. Ta b l e 6-1 Internet Edge Threat Mitigation Features DDos/DoS/ Worms Unauthorized Access Spyware/ Malware/ Phishing/ Spam Network Abuse/Intrusion Application Layer Attack Visibility Control Cisco IPS Yes Yes Yes Yes Yes Yes Firewall Yes Yes Yes Yes Yes IronPort C-Series (ESA) Yes Yes Yes IronPort S-Series (WSA) Yes Yes Yes Yes Yes Cisco Application Control Engine (ACE) Web Application Firewall Yes Yes Yes Secure Routing Yes Yes Yes Yes Yes Secure Switching Yes Yes Yes Yes YesC H A P T E R 7-1 Cisco SAFE Reference Guide OL-19523-01 7 Enterprise WAN Edge The enterprise WAN edge, along with the enterprise branch, provides users at geographically disperse remote sites with access to the same rich network services as users at the main site. The availability and overall security of the WAN edge, and WAN transit, is thus critical to global business operations. The challenge, from a security perspective, is enabling the enterprise to confidently embrace and extend these rich global services and remote collaboration capabilities to all locations. This is achieved through a defense-in-depth approach to security that extends and integrates consistent end-to-end security policy enforcement and system-wide intelligence and collaboration across the entire enterprise network. The aim of this chapter is to illustrate the role of the enterprise WAN edge in this end-to-end security policy enforcement, including how to apply, integrate, and implement the SAFE guidelines to the WAN edge. See Figure 7-1. Figure 7-1 Enterprise WAN Edge Business Applications Collaboration Applications Main Enterprise Site Private WAN Private WAN Enterprise WAN Edge Empowered Branches Internet IP 2266627-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge The focus of the enterprise WAN edge is to provide VPN access for remote sites. From a functional perspective, the enterprise WAN edge can be presented as two key areas: • WAN edge aggregation Performs WAN aggregation, site-to-site VPN termination, edge protection. • WAN edge distribution Provides connectivity to the core network, as well as the integration point for WAN edge services, such as application optimization and IPS. Remote access, teleworker, partner, customer, and Internet access are addressed in Chapter 6, “Enterprise Internet Edge,” along with their related security guidelines. A typical enterprise WAN edge architecture is illustrated in Figure 7-2. Figure 7-2 Enterprise WAN Edge Functional Architecture For more information on SAFE for the enterprise branch, see Chapter 8, “Enterprise Branch.” M WAN Edge Aggregation Enterprise WAN Edge 226663 Internet Core WAN Edge Distribution Management Private WAN Internet WAN Private WAN SP 1 Private WAN SP 27-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Key Threats in the Enterprise WAN Edge Key Threats in the Enterprise WAN Edge The threats addressed in the WAN edge of an end-to-end enterprise architecture are focused on three key areas: • Malicious activity initiated by branch clients, including malware proliferation, botnet detection, network and application abuse, and other malicious or non-compliant activity. • WAN transit vulnerabilities, such as sniffing and man-in-the-middle (MITM) attacks. • Attacks against the infrastructure itself, such as unauthorized access, privilege escalation, and denial-of-service (DoS) attacks. Web and E-mail threats posed to branch clients, such as malicious web sites, compromised legitimate web sites, spam and phishing, are addressed in this guide by centralized web and E-mail security in the Internet edge. For more information on this area, see Chapter 6, “Enterprise Internet Edge.” The particular threat focus of an enterprise WAN edge, and the specific security objectives and integration elements to mitigate these threats, are presented in Table 7-1. The design and integration of each of these security elements into the WAN edge is addressed in the following sections. Ta b l e 7-1 Key Threats in the Enterprise WAN Edge Threat Focus Threats Mitigated Security Objectives Security Integration Malicious branch client activity Malware proliferation, botnets, worms, viruses, Trojans Application and network abuse Detect and mitigate threats • IPS Integration • Telemetr y WAN transit threats Unauthorized access to network and data such as through sniffing and man-in-the-middle (MITM) attacks Isolate and secure WAN data and access • Secure WAN Connectivity Attacks against the infrastructure Unauthorized access to devices, network, and data Reconnaissance DoS Deliver resilient and highly available services • Routing Security • Service Resiliency • Network Policy Enforcement • Switching Security • Secure Device Access • Telemetr y7-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge WAN Edge Aggregation WAN Edge Aggregation The WAN edge aggregation block serves as the hub for remote sites and performs three key roles: • WAN aggregation May be implemented as a private and/or an Internet WAN edge aggregation, depending on the WAN connectivity • VPN termination May include encryption, depending on the WAN connectivity, compliance, and customer requirements • Edge protection Security policy enforcement on the network border These roles may be consolidated in a single, unified WAN services platform such as the Cisco ASR 1000 Series, or implemented on dedicated devices, as illustrated in Figure 7-3. Figure 7-3 Enterprise WAN Edge Aggregation WAN Edge Aggregation Enterprise WAN Edge + + 226664 WAN Edge Distribution Private WAN Internet WAN VPN Termination WAN Aggregation Security QFP QFP QFP QFP Internet Private WAN SP 1 Private WAN SP 2 M Management7-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation Design Guidelines for the WAN Edge Aggregation Security integration in the WAN edge aggregation block includes the following elements: • Secure WAN Connectivity in the WAN Edge, page 7-5 • Routing Security in the WAN Edge Aggregation, page 7-7 • Service Resiliency in the WAN Edge Aggregation, page 7-10 • Network Policy Enforcement in the WAN Edge Aggregation, page 7-13 • Secure Device Access in the WAN Edge Aggregation, page 7-15 • Telemetry in the WAN Edge Aggregation, page 7-16 Secure WAN Connectivity in the WAN Edge The WAN provides remote sites with access to centralized corporate services and business applications, as well, in many cases, Internet services. As such, it is critical to service availability and business operations. Consequently, the WAN must be properly secured to protect it against compromise, including unauthorized access, and data loss and manipulation from sniffing or MITM attacks. The security objective is to provide confidentiality, integrity, and availability of data as it transits the WAN. The design and implementation of secure WAN connectivity is addressed as an end-to-end system, incorporating both the WAN edge and the branch. The key design recommendations and considerations presented below must be developed in conjunction with the branch WAN design and tie together to provide an end-to-end, secure WAN. There are three key elements to consider for secure WAN connectivity: • Isolate WAN traffic Segment corporate WAN traffic from other traffic on the WAN to enable the confidentiality and integrity of data. This may be achieved, for example, through a dedicated point-to-point link, a corporate managed VPN, a client-originated VPN or a service provider-managed MPLS service. • Authenticate WAN access Access to the corporate WAN must feature a strong authentication mechanism to prevent unauthorized access to the network and data, such as a Public Key Infrastructure (PKI). • Encrypt WAN traffic If the WAN link is vulnerable to data loss and manipulation, or perhaps for compliance reasons, data in-transit over the WAN may need to be encrypted. The actual adoption and implementation of each of these elements will vary depending on a number of aspects, including the WAN technology in use, customer vulnerability and risk assessment, and any particular compliance requirements. For example, if the customer is a retail store passing credit card information over the WAN, then the WAN should be highly secure and must be PCI-compliant. In addition, service availability is a key aspect. This is addressed through service resiliency, including device hardening and redundancy. For more information on this area of security, refer to the “Service Resiliency in the WAN Edge Aggregation” section on page 7-10.7-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation The recommendation for secure WAN connectivity in the WAN edge includes the following: • VPN for traffic isolation over the WAN There are a number of VPN options and the choice will vary based on specific customer requirements. DMVPN, for instance, offers support for VPN over both a private WAN and the Internet, as well as multicast and dynamic routing. Consequently, DMVPN can be integrated to enable a common VPN implementation if both these WAN types are deployed at remote sites. • Public Key Infrastructure (PKI) for strong tunnel authentication PKI provides secure, scalable, and manageable authentication that is critical to large-scale VPN deployments. PKI also features the dynamic renewal and revocation of certificates that enables the dynamic commissioning and decommissioning of branches with ease. • Advanced Encryption Standard (AES) for strong encryption Data over the Internet is vulnerable to sniffing; therefore, encryption is critical to data confidentially and integrity. Data over a private WAN can also be encrypted for maximum security or for compliance reasons. For more information on VPN implementation and design, refer to the WAN Design section of Appendix A, “Reference Documents.” Note that the PKI itself must be properly secured by applying the SAFE principles to this infrastructure and services, including hardening the devices, securing access , and minimizing its exposure to risk. For more information on PKI implementation and design, refer to the WAN Design section of Appendix A, “Reference Documents.” Technology Options • The WAN may be delivered using a range of different technologies, depending on the customer requirements and the local service options. For more information on WAN technology options, refer to the WAN Design section of Appendix A, “Reference Documents.” • There are a range of VPN technology options available, including DMVPN, EZPN, IPSec and GETVPN. For more information on VPN options, refer to the WAN Design section of Appendix A, “Reference Documents.” • Pre-shared keys (PSK) may be used as an alternative tunnel authentication mechanism for smaller scale VPN deployments. PSK is simple to deploy but presents manageability challenges and its security is dependent on the strength of the defined keys. Consequently, a strong password policy must be enforced, including periodic updates. In addition, since a PSK is tied to a unique IP address, sites with a dynamically assigned IP address require the use of wild card pre-shared keys. This presents a security and operational challenge since, if the key is compromised, all spokes must be provisioned with a new key. • Some cryptographic features are subject to additional export and contract restrictions. For more information, see the Export Restrictions section of Appendix A, “Reference Documents.” • DES and 3DES are alternative encryption algorithms but are vulnerable to attack.7-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation Routing Security in the WAN Edge Aggregation Routing in the WAN edge aggregation block is critical to service availability, and as such, it must be properly secured to protect it against compromise, including unauthorized peering sessions and DoS attacks that may attempt to inject false routes, and remove or modify routes. The security of the routing is particularly important in the WAN edge, as it features a key network border, supporting both an external and an internal routing domain. Consequently, it is critical, not only that the external peering interface is properly secured, but that the routing information is properly filtered to ensure that only necessary routes are advertised out and that only valid routes are propagated into the internal routing table. There are two routing domains to consider: • External routing domain Maximum routing security, including strict routing protocol membership and route redistribution filtering to ensure only the VPN hub IP address is advertised. • Internal routing domain Routing security for internal interfaces is typically less stringent though should, at a minimum, include neighbor authentication. In addition, route updates from the branches should be filtered to ensure only valid prefixes are distributed. The areas of focus, objectives and implementation options for routing security in the WAN edge aggregation block are outlined in Table 7-2. Ta b l e 7-2 Routing Security in the WAN Edge Aggregation Routing Security Focus Routing Security Objectives Implementation Restrict Routing Protocol Membership Restrict routing sessions to trusted peers and validate the origin and integrity of routing updates • Routing peer definition • Neighbor authentication • BGP TTL Security Hack (BTSH) • Default passive interface Control Route Propagations Ensure only legitimate networks are advertised and propagated • Route redistribution filtering to only advertise the VPN hub IP address to the external routing domain • Peer prefix filtering to only accept routes into the internal routing domain for branch subnets received over the VPN tunnel • Maximum prefix filtering to restrict excessive route prefixes Log Neighbor Changes Detect neighbor status changes that may indicate network connectivity and stability issues, due to an attack or general operations problems • Neighbor logging on all routing domains7-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation A sample implementation of secure routing in the Internet WAN edge module is shown below and it integrates the SAFE guidelines to: • Authenticate all routing peers. • Only distribute the hub IP address out of the external routing domain. This is a loopback interface that is common across the hub devices. • Disable routing on all interfaces by default. • Explicitly enable the internal routing domain on interfaces to the WAN edge distribution switches and the VPN tunnels. • Explicitly enable the external routing domain on interfaces to the private WAN. • Only permit distribution into the internal routing domain of the branch subnets advertised from the tunnel interfaces. • Enable neighbor logging on all routing domains. ! Internal Routing Domain router eigrp 1 network 10.56.0.0 0.0.255.255 network 10.0.0.0 no auto-summary ! Only accept route updates for the branch subnets over the VPN tunnel interfaces distribute-list 30 in Tunnel0 ! By default disables routing on all interfaces passive-interface default ! Internal routing is permitted on interfaces to the WAN edge distribution switches and the VPN tunnels no passive-interface GigabitEthernet0/0/0 no passive-interface GigabitEthernet0/0/2 no passive-interface Tunnel0 ! Enables neighbor logging eigrp log-neighbor-changes ! ! External Routing Domain router eigrp 100 network 192.168.0.0 0.0.255.255 no auto-summary ! Only distribute the hub IP address out distribute-list DMVPNHUB out ! By default disables routing on all interfaces passive-interface default ! Exterbal routing is permitted on interfaces to the Private WAN no passive-interface GigabitEthernet0/0/3 no passive-interface GigabitEthernet0/0/4 ! Enables neighbor logging eigrp log-neighbor-changes ! ip access-list standard DMVPNHUB permit 192.168.34.1 ! ! Branch Subnets permitted into the internal routing domain from the VPN tunnels access-list 30 remark Branch EIGRP Routes access-list 30 permit 10.200.0.0 0.0.255.255 access-list 30 permit 10.201.0.0 0.0.255.255 ! ! Authenticate internal routing peers key chain eigrp-auth key 10 key-string <strong-key> !7-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation ! Authenticate external routing peers key chain eigrp-auth-egp key 11 key-string <strong-key> ! interface Tunnel0 description Tunnel0 ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 eigrp-auth ! interface Loopback0 ip address 192.168.34.1 255.255.255.255 ! interface GigabitEthernet0/0/0 ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 eigrp-auth ! interface GigabitEthernet0/0/2 ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 eigrp-auth ! interface GigabitEthernet0/0/3 description WAN: MPLS ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 eigrp-auth-egp ! interface GigabitEthernet0/0/4 description WAN: MPLS ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 eigrp-auth-egp Note that neighbor logging is enabled by default in EIGRP; therefore, the eigrp log-neighbor-changes command does not appear explicitly in the configuration. For more information on routing security, including design and configuration guidelines for the areas highlighted in Table 7-2, see Chapter 2, “Network Foundation Protection.” Design Considerations • Neighbor authentication and BTSH require identical configuration on routing peers in order to accept routing updates. Consequently, the enterprise should work with their service provider to enable these security features. • If neighbor logging is enabled by default for a particular routing protocol, the logging commands will not appear in the configuration. This is currently the case for EIGRP.7-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation Service Resiliency in the WAN Edge Aggregation The resiliency of services provided by the WAN edge aggregation block is critical to the operation of all remote sites. The WAN edge is also a key network border. Consequently, all infrastructure devices and links must be resilient to targeted, indirect, malicious and unintentional attacks, as well as general failure scenarios. This is particularly important since the edge devices have external interfaces. Possible attacks include DoS attacks based on unauthorized and authorized protocols, distributed DoS (DDoS) attacks, flood attacks, reconnaissance, and unauthorized access. General failure scenarios include power outages, physical link failures, and device failures. Service resiliency in the WAN edge aggregation block involves the following key design areas: • Device resiliency • Remote site service availability • High availability The areas of focus, objectives, and implementation options for service resiliency in the WAN edge aggregation block are outlined in Table 7-3. The particular considerations for IKE CAC and QoS in the WAN edge are covered in detail below. For more information on the other service resiliency techniques, including design and configuration guidelines, see Chapter 2, “Network Foundation Protection.” Service resiliency should be complemented by network policy enforcement techniques that filter traffic at the network edges, permitting only authorized services and originators to directly address the infrastructure. These techniques restrict accessibility to the infrastructure in order to reduce exposure to unauthorized access, DoS, and other network attacks. For more information, refer to the “Network Policy Enforcement in the WAN Edge Aggregation” section on page 7-13. Ta b l e 7-3 Service Resiliency in the WAN Edge Aggregation Service Resiliency Focus Service Resiliency Objectives Implementation Restrict attack surface Disable unnecessary services Address known vulnerabilities • Disable unnecessary services on all infrastructure devices • Patch infrastructure devices with updated software Harden the device Protect device resources from exhaustion attacks by limiting, filtering and rate-limiting traffic destined to the control plane. • Memory protection • Limit and rate-limit control plane traffic, including service-specific considerations (for example, IKE CAC) • Implement CoPP/CoPPr, if available Preserve and optimize remote site services Ensure any limited resources at a remote site, such as a low bandwidth WAN link or a low performance platform, are not overwhelmed, and optimize their utilization. • QoS—Egress, per-branch QoS on WAN link to ensure availability of WAN edge WAN link, branch WAN link and router. • Application optimization Implement redundancy Deploy device, link, and geographical diversity to eliminate single points of failure • Redundant devices • Redundant links • Redundant WAN providers • Geographically diverse locations7-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation IKE Call Admission Control One service commonly used in the WAN edge is Internet Key Exchange (IKE) for IPSec tunnel establishment. IKE must be hardened to protect the VPN hub from device and resource exhaustion attacks. These attacks may be malicious or generated by a large number of remote sites re-establishing tunnels, perhaps as a result of a major network outage. The key objectives are as follows: • Do not accept new tunnel requests if the system is already under load • Limit the number of established tunnels, according to the platform and deployment requirements • Limit the number of tunnels being negotiated, according to the platform and deployment requirements The following is a sample configuration for IKE call admission control (CAC), specifically to limit the resources used by this service on an ASR. ! Enable global CAC to protect the device when it is under load ! Do not accept new IKE SA requests when the system resources in use reach this limit call admission limit 70000 ! ! Limit the number of dynamic tunnels supported crypto call admission limit ike sa 750 ! ! Limit the number of dynamic tunnels in-negotiation supported crypto call admission limit ike in-negotiation-sa 750 ! For more information on IKE CAC, see the WAN Design section of Appendix A, “Reference Documents.” QoS in the WAN Edge QoS is critical to the optimal performance and availability of business-critical services in a branch, even under adverse network conditions, such as high data rates and worm outbreaks. In addition, since some service control and all remote management is in-band, it is critical that QoS is employed to prioritize control and management traffic. The fundamental principles being to accurately classify and mark traffic at the access edge, then police and schedule traffic at key network borders, particularly on links with limited resources that are subject to congestion. In the WAN edge, the main objectives of QoS are to preserve and optimize: • Branch WAN link Avoid congestion on a limited bandwidth branch link. • Branch router availability Avoid overwhelming limited resources on a branch edge router. • Service availability Prioritize business critical applications and those with particular traffic profile requirements, as well as in-band control and remote management traffic. QoS on the WAN edge is implemented through an egress QoS policy that should be enforced on a per-branch basis in order to accommodate the particular WAN and platform characteristics of each remote site. The DCSP markings can be trusted on the WAN edge as it is assumed that an ingress QoS policy has been enforced on all the access edges to mark or remark QoS settings.7-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation QoS in the WAN edge is just one element of an end-to-end QoS implementation, including egress QoS on the branch WAN link and ingress classification and marking on all access edges across the enterprise network. The following is a sample branch QoS configuration for the WAN edge router. The configuration provided shows the QoS policy applied to the WAN edge router to control the traffic transeversing a specific branch. ! Define the Egress QoS policy ! Prioritize voice, interactive video, call signaling and control traffic policy-map child_ he4-2800-1 class Voice priority percent 18 class Interactive-Video priority percent 15 class Call-Signaling bandwidth percent 5 class Network-Control bandwidth percent 5 class Critical-Data bandwidth percent 27 random-detect dscp-based class Bulk-Data bandwidth percent 4 random-detect dscp-based class Scavenger bandwidth percent 1 class class-default bandwidth percent 25 random-detect ! ! Identify traffic to the branch ip access-list extended he4-2800-1 permit ip any 10.200.1.0 0.0.0.255 permit ip any 10.201.1.0 0.0.0.255 ! ! Enforce the QoS policy on this traffic class-map match-all he4-2800-1 match access-group name he4-2800-1 ! ! Enforce the policy on traffic over the VPN tunnel interfaces interface Tunnel0 qos pre-classify ! For more information on QoS, see the QoS Design section of Appendix A, “Reference Documents.”7-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation Network Policy Enforcement in the WAN Edge Aggregation The WAN edge is a key network border and is thus a critical place to enforce a strong network policy. This includes restricting the incoming traffic that is permitted on the WAN interfaces, blocking unauthorized access and validating the source IP address of traffic. Anomalous traffic is discarded as close to the edge of the network as possible, thereby minimizing the risk of exposure. Possible threats include unauthorized access and IP spoofing that can be used to anonymously launch an attack, bypass network access and policy enforcement controls, and snoop data through MITM attacks. The areas of focus, objectives and implementation options for network policy enforcement in the WAN edge are outlined in Table 7-4. The particular considerations for these areas in the WAN edge are covered below. For more information on network policy enforcement techniques, including design and configuration guidelines, see Chapter 2, “Network Foundation Protection.” Design Considerations • Consistent network policy enforcement on all key network borders A consistent network policy must be enforced on all key network borders, including the WAN edge, the Internet edge and the access edge. On the access edge, infrastructure ACLs (iACLs) should restrict accessibility to the infrastructure in order to reduce exposure to unauthorized access, DoS, and other network attacks. In addition, IP spoofing protection must be enforced to ensure traceability and effective policy enforcement. For more information on access edge policy enforcement, see Chapter 5, “Enterprise Campus.” campus and Chapter 8, “Enterprise Branch.” • Address space planning Careful planning of the corporate address space facilitates the definition and maintenance of traffic filtering that is used in many areas of security policy enforcement, including ACLs, firewalls, route filtering and uRPF. It is recommended that a rational, summarized or compartmentalized IP address scheme be employed across the enterprise, enabling a manageable and enforceable security policy, offering a significant benefit to overall network security. For more information on address space planning, see Chapter 2, “Network Foundation Protection.” Ta b l e 7-4 Network Policy Enforcement in the WAN Edge Aggregation Network Policy Enforcement Focus Network Policy Enforcement Objectives Implementation Filter Incoming Traffic Restrict incoming traffic to authorized sources and for authorized services only • WAN edge ACLs applied inbound on WAN interfaces • Firewall integration • uRPF loose mode on WAN interfaces IP Spoofing Protection Ensure traffic is topologically valid( i.e., sourced from a valid address that is consistent with the interface it is received on)7-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation WAN Edge ACLs The primary objective of WAN edge ACLs is to restrict incoming traffic on the WAN links to only the minimum required traffic and services, and only from authorized originators. This typically involves permitting only the necessary routing updates from defined external routing peers, along with VPN access for the remote sites. In addition, standard ingress edge filtering is enforced, per BCP 38 and RFC2827, denying traffic with illegitimate, invalid, or reserved source addresses. A WAN edge ACL for site-to-site VPN only, will thus typically feature the following elements: • Deny fragments • Deny the corporate address space originating from external sources • Deny RFC1918 private address space (10/8, 172.16/12, 192.168/16) • Deny RFC3330 special use IPv4 addressing (0.0.0.0, 127/8, 192.0.2/24, 224/4) • Permit routing updates from authorized, external peers • Permit VPN with branches • Permit ping and traceroute for troubleshooting The following is a sample WAN edge ACL configuration: access-list 120 remark SP WAN Edge ACL - MPLS A access-list 120 remark deny Fragments access-list 120 deny tcp any any log fragments access-list 120 deny udp any any log fragments access-list 120 deny icmp any any log fragments access-list 120 remark deny Incoming with Source=Internal access-list 120 deny ip 10.0.0.0 0.255.255.255 any access-list 120 remark deny RFC 3330 Special-Use Addresses access-list 120 deny ip host 0.0.0.0 any access-list 120 deny ip 127.0.0.0 0.255.255.255 any access-list 120 deny ip 192.0.2.0 0.0.0.255 any access-list 120 deny ip 224.0.0.0 31.255.255.255 any access-list 120 remark deny RFC 1918 Reserved Addresses access-list 120 remark 10.0.0.0/8 and 192.168.0.0/16 omitted because they are being used access-list 120 deny ip 172.16.0.0 0.15.255.255 any access-list 120 remark permit Incoming EIGRP from SP Neighbors access-list 120 permit eigrp host 192.168.160.113 host 224.0.0.10 access-list 120 permit eigrp host 192.168.160.113 host 192.168.160.114 access-list 120 remark permit DMVPN with Branches access-list 120 permit udp any host 192.168.34.1 eq isakmp access-list 120 permit esp any host 192.168.34.1 access-list 120 remark permit Ping & Traceroute access-list 120 permit icmp any host 192.168.160.114 ttl-exceeded access-list 120 permit icmp any host 192.168.160.114 port-unreachable access-list 120 permit icmp any host 192.168.160.114 echo-reply access-list 120 permit icmp any host 192.168.160.114 echo access-list 120 permit icmp any host 192.168.34.1 ttl-exceeded access-list 120 permit icmp any host 192.168.34.1 port-unreachable access-list 120 permit icmp any host 192.168.34.1 echo-reply access-list 120 permit icmp any host 192.168.34.1 echo access-list 120 deny ip any any log ! ! Apply the ACL to the particular WAN interface interface GigabitEthernet0/0/3 description WAN: MPLS ip address 192.168.160.114 255.255.255.248 ip access-group 120 in !7-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation For more information on traffic filtering, see the Edge Filtering section of Appendix A, “Reference Documents.” Firewall Integration in the WAN Edge Network policy enforcement on the WAN edge can be extended to include the enforcement of different security policy domains through the integration of firewall functionality. A firewall provides additional protection from unauthorized access, as well as stateful, application and protocol inspection. This functionality can be implemented using an integrated firewall, such as IOS zone-based firewall (ZBFW) in a unified WAN services platform, such as the Cisco ASR, or as a dedicated appliance, such as the Cisco Adaptive Security Appliance (ASA). For more information on firewall integration using the Cisco IOS ZBFW, see Chapter 8, “Enterprise Branch.” For more information on firewall integration using the Cisco ASA, see Chapter 6, “Enterprise Internet Edge.” uRPF on the WAN Edge Unicast reverse path forwarding (uRPF) is complementary to WAN edge ACLs, providing dynamic source IP address validation based on the local packet forwarding information. This enables topological validation of source IP addresses. uRPF strict mode offers the maximum degree of source IP address spoofing protection but is not always possible, such as on a router multi-homed to multiple autonomous systems (AS), as is typical in a WAN edge. uRPF loose mode is thus used to provide some degree of source IP address spoofing protection. For instance, it may enable the filtering of undesirable traffic with a source IP address which does not exist in the FIB, such as RFC 1918 and unallocated addresses, as well as those not advertised by a BGP peer. The following is a sample uRPF loose mode configuration: ! Enable uRPF loose mode on multi-homed WAN interfaces interface GigabitEthernet0/0/3 description WAN: MPLS ip address 192.168.160.114 255.255.255.248 ip verify unicast source reachable-via any ! For more information on uRPF, see the IP Spoofing Protection section of Appendix A, “Reference Documents.” A key use of uRPF, independent of its deployment mode, is to enable source-based remote triggered black hole (SRTBH). SRTBH is a highly effective, dynamic and highly efficient rapid reaction attack tool to mitigate DDoS attacks. For more information on SRTBH, see the DoS Protection section of Appendix A, “Reference Documents.” Secure Device Access in the WAN Edge Aggregation Access to all infrastructure devices in the WAN edge aggregation block must be secured. If infrastructure device access is compromised, the security and management of the entire network can be compromised. Consequently, it is critical to establish the appropriate controls in order to prevent unauthorized access 7-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation to infrastructure devices. There will be some variations in the actual implementation of secure device access, based on the particular device and software release, but all the fundamental objectives must be applied: • Restrict Device Accessibility Limit the accessible ports and access services, restrict access to authorized services from authorized originators only, enforce session management and restrict login vulnerability to dictionary and DoS attacks. • Present Legal Notification Display legal notice, developed in conjunction with company legal counsel, for interactive sessions. • Authenticate Access Ensure access is only granted to authenticated users, groups, and services. • Authorize Actions Restrict the actions and views permitted by any particular user, group, or service. • Ensure the Confidentiality of Data Protect locally stored sensitive data from viewing and copying. Consider the vulnerability of data in transit over a communication channel to sniffing, session hijacking and man-in-the-middle (MITM) attacks. • Log and Account for all Access Record who accessed the device, what occurred, and when for auditing purposes. For more information on secure device access, including design and configuration guidelines for the areas outlined above, see Chapter 2, “Network Foundation Protection.” In addition, the isolation of management access and management traffic is recommended in order to provide an extra degree of security. This is typically employed using an out-of-band (OOB) network that is physically independent of the data network and features limited and strictly controlled access. For more information on implementing a management network, see Chapter 9, “Management.” Telemetry in the WAN Edge Aggregation The WAN edge serves as a key hub for remote sites and is vital to the service availability of a branch. Visibility into its status and any anomalous activity taking place is thus critical to the timely and accurate cross-network detection and mitigation of anomalies. Telemetry is thus a fundamental element, enabled across all devices in the WAN edge, and integrated with a centralized management system for event monitoring, analysis and correlation. The key elements include the following: • Synchronize Time Synchronize all network devices to the same network clock by using Network Time Protocol (NTP) to enable accurate and effective event correlation. • Monitor System Status Information Maintain visibility into overall device health by monitoring CPU, memory and processes. • Implement CDP Best Common Practices Enable CDP on all infrastructure interfaces for operational purposes but disable CDP on any interfaces where CDP may pose a risk, such as external-facing interfaces.7-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Aggregation • Enable Remote Monitoring Leverage syslog, SNMP and additional telemetry techniques, such as Netflow, to a centralized server, such as CS-MARS, for cross-network data aggregation. This enables detailed and behavioral analysis of the data which is key to traffic profiling, anomaly-detection and attack forensics, as well as general network visibility and routine troubleshooting. For more information on telemetry, including design and configuration guidelines for the areas outlined above, see Chapter 2, “Network Foundation Protection.” For more information on remote monitoring, analysis and correlation, including syslog, SNMP, and NetFlow, see Chapter 10, “Monitoring, Analysis, and Correlation.” Design Considerations • CDP is enabled by default in Cisco IOS and should be disabled on all external-facing interfaces. This can be verified on a per interface basis using the show cdp interface command. • As with secure device access, the isolation of management access and management traffic is recommended using an out-of-band (OOB) network in order to provide an extra degree of security. This is typically employed using an OOB network that is physically independent of the data network and features limited and strictly controlled access. For more information on the implementation of a management network, refer to Chapter 9, “Management.” NetFlow on the WAN Edge NetFlow is a highly valuable form of network telemetry that scales to large traffic volumes through the use of flow-based data. This NetFlow data describes traffic conversations, including who is talking to whom, over what protocols and ports, for how long, at what speed, for what duration, etc. Enabling sampled NetFlow on the enterprise WAN edge provides highly valuable data for traffic analysis and behavioral or relational anomaly-detection. The following example illustrates the NetFlow configuration o the WAN edge routers: ! Defines the source and destination for NetFlow records ip flow-export source Loopback1 ip flow-export destination <CS-MARS-IP> 2055 ! ! Enables random sampled NetFlow flow-sampler-map CSMARS-SAMPLE mode random one-out-of 100 ! ! Enables NetFlow collecting for inbound traffic to the Tunnel0 interface interface Tunnel0 description Tunnel0 ip flow ingress flow-sampler CSMARS-SAMPLE ! ! Enables NetFlow collecting for inbound traffic to the physical interface interface GigabitEthernet0/0/3 description WAN: MPLS ip flow ingress flow-sampler CSMARS-SAMPLE !7-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge WAN Edge Distribution Note Normally, if an OOB management network is implemented, NetFlow records would be exported using the IP address of the management interface. Per design, the Cisco ASR does not support the export of NetFlow records on the management interface; therefore, the export should be done in-band. For more information on NetFlow, see the Telemetry section of Appendix A, “Reference Documents.” WAN Edge Distribution The WAN edge distribution block (see Figure 7-4) provides connectivity for remote sites from the WAN edge aggregation block to the core network, and serves as the integration point for WAN edge services such as application optimization and IPS. It consists of Layer 3 switches, plus any additional hardware for WAN edge services, such as application optimization and IPS. Figure 7-4 Enterprise WAN Edge Distribution M WAN Edge Aggregation Enterprise WAN Edge 226665 Core WAN Edge Distribution Management Private WAN Internet WAN7-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution Design Guidelines for the WAN Edge Distribution Security integration in the WAN edge distribution includes the following elements: • IPS Integration in the WAN Edge Distribution, page 7-19 • Routing Security in the WAN Edge Distribution, page 7-23 • Service Resiliency in the WAN Edge Distribution, page 7-24 • Switching Security in the WAN Edge Distribution, page 7-25 • Secure Device Access in the WAN Edge Distribution, page 7-25 • Telemetry in the WAN Edge Distribution, page 7-26 IPS Integration in the WAN Edge Distribution The WAN edge serves as a hub to remote sites for corporate services and business applications, as well, in many cases, for Internet services. As such, it provides a unique opportunity to implement centralized IPS integration for threat detection and mitigation of malicious activity originating from remote sites. This is particularly true if the WAN topology is hub and spoke and split-tunneling is not employed, so that there is no direct Internet access local to the remote site. Cisco IPS provides signature and reputation-based threat detection and mitigation for threats such as worms, spyware, adware, network viruses, and application abuse. Its integration in a centralized deployment model enables a scalable, highly available and cost-effective design, that also offers ease of management advantages. In addition, Cisco IPS collaboration with other Cisco devices provides enhanced visibility and control through system-wide intelligence. This includes host-based IPS collaboration with Cisco Security Agent (CSA), reputation-based filtering and global correlation using SensorBase, automated threat mitigation with the WLAN controller (WLC), multi-vendor event correlation and attack path identification using Cisco Security Monitoring, Analysis, and Response System (CS-MARS), and common policy management using Cisco Security Manager (CSM). For more information on Cisco security collaboration, see Chapter 10, “Monitoring, Analysis, and Correlation,” and Chapter 11, “Threat Control and Containment.” IPS integration involves three key design areas: • Deployment mode Inline or promiscuous mode, typically referred to as IPS or IDS. • Scalability and availability Ensures the ability to handle high traffic rates, along with the ongoing detection and mitigation of threats, even under failure scenarios. • Maximum threat coverage Traffic symmetry to maintain the important benefits offered by symmetrical traffic flows, even in a high availability and scalability design featuring multiple IPS. IPS inline mode enables automatic threat detection and mitigation capabilities that offer some clear advantages in terms of timely threat mitigation. IPS signature tuning enables the automated response actions taken by Cisco IPS to be tuned and customized according to the customer environment and policy.7-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution For scalability, Cisco offers a range of different IPS platforms that can be deployed according to particular customer needs. For increased scalability and high availability, multiple IPS can be deployed using an intelligent load-balanced design. This can be achieved using a dedicated load-balancing appliance, such as the ACE module, the ether channel load-balancing (ECLB) feature of a Cisco switch or policy-based routing (PBR). Symmetrical traffic flows offer a number of important benefits, including enhanced threat detection, reduced vulnerability to IPS evasion techniques and improved operations through reduced false positives and false negatives. Consequently, leveraging the Cisco IPS Normalizer engine is a key design element. If multiple IPS exist in a single flow, for instance for availability and scalability purposes, maintaining symmetric flows requires some consideration of the IPS integration design. There are a number of options available to ensure symmetric traffic flows, including the following: • Copy traffic across IPS Use of SPAN, VACL capture or TAPs to duplicate traffic across all IPS, ensuring any single IPS sees all flows. This can become a challenge once more than two IPS are involved and results in all IPS being loaded with the active traffic flows. • Integration of an IPS switch Topological design to consolidate traffic into a single switch, thereby leveraging the switch to provide predictable and consistent forward and return paths through the same IPS. This is a simple design but introduces a single point of failure. • Routing manipulation Use of techniques such as path cost metrics or policy-based routing (PBR) to provide predictable and consistent forward and return paths through the same switch and, consequently, the same IPS. This is a cost-effective design but introduces some complexity and requires an agreement from network operations (NetOps). • Sticky load-balancing Insertion of a sticky load-balancing device, such as the Application Control Engine (ACE), to provide predictable and consistent forward and return paths through the same IPS. This is an elegant and flexible design but introduces additional equipment to deploy and manage. A sample IPS integration in a WAN edge distribution block is shown in Figure 7-5. This IPS design ensures that all traffic through the WAN edge distribution is monitored by the IPS and illustrates the use of ECLB for high scalability and availability, along with IGP path cost manipulation to provide symmetrical traffic flows. It also enables ease of future expansion by offering the ability to integrate additional IPS by simply adding them to the ether-channel bundles on the switches.7-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution Figure 7-5 Sample IPS Integration in the WAN Edge Distribution This IPS design features the following design elements: 1. A pair of VLANs on each switch for IPS integration. One logically facing the WAN edge (VLAN 12 on switch-1 and VLAN 17 on switch-2), and one logically facing the core (VLAN 13 on switch-1 and VLAN 18 on switch-2). 2. VLAN pairing on each IPS to bridge traffic back to the switch across its VLANs. 3. ECLB on the switch to perform sticky load-balancing of traffic across the IPS devices. 4. Layer 3 links and route manipulation, through EIGRP cost settings, to force traffic to and from each ASR through a preferred switch for traffic symmetry. 5. Placement of all interfaces between the WAN distribution and the WAN edge, as well as the WAN edge-facing IPS VLANs (VLANs 12 and 17), in a VRF in order to force all traffic between the WAN edge and the core through the IPS. The IPS policies being enforced on one of the IPS integrated in the WAN edge distribution are shown in Figure 7-6. Core VLAN 12 ASR-IE ASR-2 ASR-1 IPS-1 IPS-2 Switch-1 Core-1 Layer 3 Links with IGP Path Cost Manipulation ECLB of IPS (VLAN 17 + 18) Core-2 Switch-2 VLAN 18 VLAN 17 Internet VRF: Branches Private WAN SP 1 Private WAN SP 2 Branch Branch DMVPN DMVPN VLAN Pairing on each IPS ECLB of IPS (VLAN 12 + 13) VLAN pair per switch for IPS integration VLAN 13 4 3 1 2 3 5 226666 QFP QFP QFP7-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution Figure 7-6 Sample IPS Integration in the WAN Edge For detailed information on the IPS products, platforms and features, as well as deployment options and considerations, see the product pages. For details, refer to see the IPS section of Appendix A, “Reference Documents.” Design Considerations • A centralized IPS deployment is highly effective in a hub-and-spoke topology where all remote site traffic is forced though the WAN edge. Coverage is, however, limited to traffic passing through the WAN edge distribution. Intra-branch traffic is not analyzed and branch-branch traffic monitoring requires additional design steps to force traffic through the IPS. • If all branch traffic must be monitored or, for instance, if remote sites have local, direct Internet access through the use of split-tunneling, a distributed IPS deployment should be considered. For more information on a distributed IPS deployment, see the Chapter 8, “Enterprise Branch.” • A combination of centralized and distributed IPS enables the appropriate deployment model to be chosen according to the needs of a particular branch, whilst maintaining consistent policy enforcement. • IPS inline mode requires a well designed, architected and tuned deployment to ensure there is no negative impact on network and service availability. • IPS integration should occur inside the WAN edge, after VPN termination and application optimization, to ensure that the IPS receives clear text, unmodified traffic for monitoring. • A design using route manipulation to provide traffic symmetry is required to ensure flows through the same switch, since the selection of a particular IPS is specific to that switch ECLB index.7-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution • ECLB on a Cisco switch is performed based on the source and destination address of a traffic flow, not on the bandwidth of a flow. Consequently, if there is a large amount of traffic on a single flow (i.e., between a certain source and destination address) all that traffic will be passed to a single IPS. The IPS integration design must, therefore, take this into consideration. For information, see the IPS section of Appendix A, “Reference Documents.” • A design using route manipulation to provide traffic symmetry must consider the traffic capacity of the preferred paths. For instance, in the design above, since each ASR has a preferred route, if one ASR fails, all traffic will be routed over the preferred path of that ASR, to a single switch. Consequently, the preferred path must have sufficient bandwidth to accommodate the full traffic capacity. This can be achieved by deploying high speed interfaces or enabling ECLB on multiple interfaces on this preferred path to provide this high capacity link between the WAN edge and the WAN edge distribution. For additional IPS integration design guidelines, see Chapter 11, “Threat Control and Containment.” Implementation Options • IPS Promiscuous Mode Cisco IPS can also be deployed in promiscuous mode. In promiscuous mode, the IPS performs passive monitoring, with traffic being passed to it through a monitoring port. Upon detection of anomalous behavior, management systems are informed of an event and operational staff can subsequently decide what action, if any, to take in response to an incident. The time between threat detection and mitigation may thus be extended. Routing Security in the WAN Edge Distribution Routing in the WAN edge distribution is critical to service availability, and as such, it must be Routing in the WAN edge distribution block is critical to service availability, and as such, it must be properly secured to protect it against compromise, including unauthorized peering sessions and DoS attacks that may attempt to inject false routes, and remove or modify routes. Devices in the WAN edge distribution do, however, have limited exposure to threats as they only participate in the internal routing domain, have interfaces only to infrastructure devices, and are not positioned on a key network border. Consequently, routing security in the WAN edge distribution block is focused on the following: • Neighbor authentication Restrict routing sessions to trusted peers and validates the origin and integrity of routing updates. • Neighbor logging Provide visibility into neighbor status changes that may indicate network connectivity and stability issues, due to an attack or general operations problems. Neighbor authentication should be enabled on all interfaces participating in the routing domain and must be enabled on both sides of a link. 7-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution The following configuration example shows the configuration of EIGRP MD5 neighbor authentication on the WAN edge distribution switches: key chain eigrp-auth key 10 key-string <strong-key> ! interface Vlan11 ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 eigrp-auth ! router eigrp 1 network 10.0.0.0 ! For more information on routing security, including design and configuration guidelines for the areas outlined above, see Chapter 2, “Network Foundation Protection.” Service Resiliency in the WAN Edge Distribution The resiliency of services provided by the WAN edge distribution block is critical to the operation of all remote sites. Consequently, all infrastructure devices and links must be resilient to targeted, indirect, malicious and unintentional attacks, as well as general failure scenarios. Possible attacks include DoS attacks based on unauthorized and authorized protocols, distributed DoS (DDoS) attacks, flood attacks, reconnaissance and unauthorized access. General failure scenarios include power outages, physical link failures and device failures. Service resiliency in the WAN edge distribution block involves the following key design areas: • Device resiliency • High availability The areas of focus, objectives and implementation options for service resiliency in the WAN edge distribution block are outlined in Table 7-5. Ta b l e 7-5 Service Resiliency in the WAN Edge Distribution Service Resiliency Focus Service Resiliency Objectives Implementation Restrict attack surface Disable unnecessary services • Disable unnecessary services on all infrastructure devices • Patch infrastructure devices with updated software Harden the device Protect device resources from exhaustion attacks by limiting, filtering and rate-limiting traffic destined to the control plane. • Memory protection • Limit and rate-limit control plane traffic • Implement CoPP/CoPPr, if available Implement redundancy Deploy device, link and geographical diversity to eliminate single points of failure • Redundant devices • Redundant links • Geographically diverse locations7-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution For more information on service resiliency, including design and configuration guidelines for the areas highlighted in Table 7-5 above, see Chapter 2, “Network Foundation Protection.” Service resiliency should be complemented by network policy enforcement techniques that filter traffic at the network edges, permitting only authorized services and originators to directly address the infrastructure. These techniques restrict accessibility to the infrastructure in order to reduce exposure to unauthorized access, DoS, and other network attacks. For more information, refer to the “Network Policy Enforcement in the WAN Edge Aggregation” section on page 7-13. Switching Security in the WAN Edge Distribution Switching in the WAN edge distribution block is critical to service availability and, as such, it must be properly secured to protect it against compromise, including unauthorized access and DoS attacks through Spanning Tree Protocol (STP) manipulation and Layer-2 flooding. The threat exposure of a switch in the WAN edge distribution block is, however, limited as all interfaces are to infrastructure devices and there are no external interfaces. However, it is recommended that all the key areas of focus be reviewed and applied, as outlined in the “Switching Infrastructure Best Practices” section on page 2-25. Secure Device Access in the WAN Edge Distribution Access to all infrastructure devices in the WAN edge distribution block must be secured. If infrastructure device access is compromised, the security and management of the entire network can be compromised. Consequently, it is critical to establish the appropriate controls in order to prevent unauthorized access to infrastructure devices. There will be some variations in the actual implementation of secure device access, based on the particular device and software release, but all the fundamental objectives must be applied: • Restrict device accessibility Limit the accessible ports and access services, restrict access to authorized services from authorized originators only, enforce session management, and restrict login vulnerability to dictionary and DoS attacks. • Present legal notification Display legal notice, developed in conjunction with company legal counsel, for interactive sessions. • Authenticate access Ensure access is only granted to authenticated users, groups, and services. • Authorize actions Restrict the actions and views permitted by any particular user, group, or service. • Ensure the confidentiality of data Protect locally stored sensitive data from viewing and copying. Consider the vulnerability of data in transit over a communication channel to sniffing, session hijacking and man-in-the-middle (MITM) attacks. • Log and account for all access Record who accessed the device, what occurred, and when for auditing purposes. For more information on secure device access, including design and configuration guidelines for the areas outlined above, see Chapter 2, “Network Foundation Protection.”7-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Design Guidelines for the WAN Edge Distribution In addition, the isolation of management access and management traffic is recommended in order to provide an extra degree of security. This is typically employed using an out-of-band (OOB) network that is physically independent of the data network and features limited and strictly controlled access. For more information on implementing a management network, see Chapter 9, “Management.” Telemetry in the WAN Edge Distribution The WAN edge serves as a key hub for remote sites and is vital to the service availability of a branch. Visibility into its status and any anomalous activity taking place is thus critical to the timely and accurate cross-network detection and mitigation of anomalies. Telemetry is thus a fundamental element, enabled across all devices in the WAN edge and integrated with dedicated analysis systems to collect, trend and correlate observed activity. The key elements include the following: • Synchronize time Synchronize all network devices to the same network clock by using Network Time Protocol (NTP) to enable accurate and effective event correlation. • Monitor system status information Maintain visibility into overall device health by monitoring CPU, memory and processes. • Implement CDP best common practices Enable CDP on all interfaces in order to facilitate operations. The WAN edge distribution block does not feature any access or external-facing interfaces, so CDP does not pose a risk in this location. • Enable remote monitoring Leverage syslog, SNMP to a centralized server, such as CS-MARS, for cross-network data aggregation. This enables detailed and behavioral analysis of the data which is key to traffic profiling, anomaly-detection and attack forensics, as well as general network visibility and routine troubleshooting. For more information on telemetry, including design and configuration guidelines for the areas outlined above, see Chapter 2, “Network Foundation Protection.” For more information on remote monitoring, analysis and correlation, including syslog, SNMP, and NetFlow, see Chapter 10, “Monitoring, Analysis, and Correlation.” Design Considerations • As with secure device access, the isolation of management access and management traffic is recommended using an out-of-band (OOB) network in order to provide an extra degree of security. This is typically employed using an OOB network that is physically independent of the data network and features limited and strictly controlled access. For more information on the implementation of a management network, refer to Chapter 9, “Management.”7-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Threats Mitigated in the Enterprise WAN Edge Threats Mitigated in the Enterprise WAN Edge Ta b l e 7-6 Enterprise WAN Edge Threat Mitigation Features Botnets DoS Unauthorized Access Malware, Spyware Application, Network Abuse Data Leakage Visibility Control Secure WAN Connectivity Yes Yes Yes Routing Security Yes Yes Yes Yes Service Resiliency Device Hardening QoS Redundancy Yes Yes Yes Network Policy Enforcement WAN Edge ACLs Cisco Firewall uRPF Yes Yes Yes Yes Yes Cisco IPS Integration Yes Yes Yes Yes Switching Security Yes Yes Yes Yes Secure Device Access Yes Yes Yes Yes Telemetry Yes Yes Yes Yes Yes Yes7-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 7 Enterprise WAN Edge Threats Mitigated in the Enterprise WAN EdgeC H A P T E R 8-1 Cisco SAFE Reference Guide OL-19523-01 8 Enterprise Branch The enterprise branch, along with the enterprise WAN edge, provides users at geographically disperse remote sites access to the same rich network services as users in the main site. The availability and overall security of the branch, the WAN edge, and the WAN transit, is thus critical to global business operations. The challenge, from a security perspective, is enabling the enterprise to confidently embrace and extend these rich global services and remote collaboration capabilities to all locations. This is achieved through a defense-in-depth approach to security that extends and integrates consistent end-to-end security policy enforcement and system-wide intelligence and collaboration across the entire enterprise network. The aim of this chapter is to illustrate the role of the enterprise branch in this end-to-end security policy enforcement, including how to apply, integrate, and implement the SAFE guidelines. See Figure 8-1. Figure 8-1 Enterprise Branch Business Applications Collaboration Applications Main Enterprise Site Private WAN Private WAN Enterprise WAN Edge Empowered Branches Internet IP 2266628-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch From a functional perspective, an enterprise branch typically includes the following: • WAN edge device Terminates the WAN link and may offer additional services, such as site-to-site VPN, local Internet access, security, application optimization, and voice services. The device may be owned by the enterprise or it may be owned and managed by a Service Provider (SP). The WAN link may be a private network, the Internet, wireless, or a combination thereof. • Switching infrastructure Provides wired LAN access to clients and LAN distribution for local services. • Local services infrastructure Based on particular branch business needs, additional infrastructure may be deployed to support local services such as voice, video, application servers, and wireless LAN, as well as security services such as VPN, encryption, IPS, and firewall. Remote access, teleworker, partner, customer, and Internet access are addressed in Chapter 6, “Enterprise Internet Edge,” along with their related security guidelines. Two typical enterprise branch architectures are illustrated in Figure 8-2. Figure 8-2 Enterprise Branch Architecture For more information about SAFE for the enterprise WAN edge, see Chapter 7, “Enterprise WAN Edge.” Enterprise WAN Edge 226669 Internet Private WAN Private WAN Edge Internet WAN Edge Medium Performance Branch IP High Performance Branch V LWAPP V IP LWAPP8-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Key Threats in the Enterprise Branch The following section describes the threats that the branch is exposed to and the security technologies integrated to address them. Key Threats in the Enterprise Branch The threats addressed in the branch of an end-to-end enterprise architecture are focused on the following key areas: • Malicious activity by branch clients, including malware proliferation, botnet detection, network and application abuse, and other malicious or non-compliant activity. • WAN transit vulnerabilities such as sniffing and man-in-the-middle (MITM) attacks. • Attacks against the infrastructure itself, such as unauthorized access, privilege escalation, and denial-of-service (DoS) attacks. Web and E-mail threats posed to branch clients, such as malicious web sites, compromised legitimate web sites, spam, and phishing, are addressed as part of a centralized deployment in Chapter 6, “Enterprise Internet Edge.” This assumes that the branch is not using split-tunneling. If a branch does use split-tunneling, whereby there is local Internet access directly from the branch, web security must be implemented locally. The particular threat focus of an enterprise branch, and the specific security objectives and integration elements to mitigate these threats, are shown in Table 8-1. The design and integration of each of these security elements into the branch is addressed in the following section. Ta b l e 8-1 Key Threats in the Enterprise Branch Threat Focus Threats Mitigated Security Objectives Security Integration Malicious branch client activity Malware proliferation, botnets, worms, viruses, Trojans Application and network abuse Detect and mitigate threats • IPS Integration • Endpoint Security • Web Secur ity 1 • E-mail Security 1 1. Addressed as part of a centralized deployment in Chapter 6, “Enterprise Internet Edge,” assuming a non-split-tunneling policy at remote sites. WAN transit threats Unauthorized access to network and data such as through sniffing and man-in-the-middle (MITM) attacks Isolate and secure WAN data and access • Secure WAN Connectivity Attacks against the infrastructure Unauthorized access to devices, network and data Reconnaissance DoS Deliver resilient and highly available services • Routing Security • Service Resiliency • Network Policy Enforcement • Switching Security • Secure Device Access • Telemetry8-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Design Guidelines for the Branch Security integration in the branch addresses the key threat areas locally through the following: • Secure WAN Connectivity in the Branch, page 8-4 • Routing Security in the Branch, page 8-5 • Service Resiliency in the Branch, page 8-8 • Network Policy Enforcement in the Branch, page 8-11 • IPS Integration in the Branch, page 8-18 • Switching Security in the Branch, page 8-23 • Endpoint Security in the Branch, page 8-27 • Secure Device Access in the Branch, page 8-28 • Telemetry in the Branch, page 8-29 As mentioned earlier, web and E-mail security are addressed as part of a centralized deployment in the Chapter 6, “Enterprise Internet Edge.” If localized web security is required, due to the use of split-tunneling, Cisco offers a number of web and content security options, including the Cisco IronPort S-Series, Cisco ASA.5500 Series, and Cisco IOS Content Filtering. For more information, see the Web Security section of Appendix A, “Reference Documents.” Secure WAN Connectivity in the Branch The branch is reliant upon its WAN connectivity for access to centralized corporate services and business applications, as well, in many cases, Internet services. As such, the WAN is critical to service availability and business operations. Consequently, the WAN must be properly secured to protect it against compromise, including unauthorized access, and data loss and manipulation from sniffing or man-in-the-middle (MITM) attacks. The security objective being to provide confidentiality, integrity and availability of data as it transits the WAN. The design and implementation of secure WAN connectivity is addressed as an end-to-end system, incorporating both the branch and the WAN edge. The key design recommendations and considerations are presented in “Secure WAN Connectivity in the WAN Edge” section on page 7-5, but must be developed in conjunction with the branch WAN design and tie together to provide an end-to-end, secure WAN. The recommendation for secure WAN connectivity includes the following: • VPN for traffic isolation over the WAN There are a number of VPN options and the choice will vary based on specific customer requirements. DMVPN, for example, offers support for VPN over both a private WAN and the Internet, as well as multicast and dynamic routing. Consequently, DMVPN can be integrated to enable a common VPN implementation if both of these WAN types are deployed at remote sites. • Public Key Infrastructure (PKI) for strong tunnel authentication PKI provides secure, scalable, and manageable authentication that is critical to large-scale VPN deployments. PKI also features the dynamic renewal and revocation of certificates that enables the dynamic commissioning and decommissioning of branches with ease.8-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch • Advanced Encryption Standard (AES) for strong encryption Data over the Internet is vulnerable to sniffing; therefore, encryption is critical to data confidentially and integrity. Data over a private WAN can also be encrypted for maximum security or for compliance reasons. For more information on VPN technologies and PKI, refer to the WAN Design section of Appendix A, “Reference Documents.” Routing Security in the Branch Routing in the branch is critical to service availability, and as such, it must be properly secured to protect it against compromise, including unauthorized peering sessions and DoS attacks that may attempt to inject false routes, and remove or modify routes. The security of the routing is particularly important in the branch as it features a key network border, supporting both an external and an internal routing domain. Consequently, it is critical, not only that the external peering interface is properly secured, but that the routing information is properly filtered to ensure that only necessary routes are advertised out and that only valid routes are propagated into the internal routing table. There are two routing domains to consider: • External routing domain Maximum routing security, including strict routing protocol membership, routing domain termination and route redistribution filtering to ensure only the necessary routes are advertised. • Internal routing domain Routing security for internal interfaces is typically less stringent though should, at a minimum, include neighbor authentication. In addition, if dynamic routing is not being used within the branch itself, the routing domain should be terminated on the edge device.8-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch The areas of focus, objectives and implementation options for routing security in the branch are outlined in Table 8-2. A sample implementation of secure routing in the branch module is shown below and it integrates the SAFE guidelines to: • Authenticate all routing peers. • Disable routing on all interfaces by default. • Explicitly enable the internal routing domain on the VPN tunnels. • Explicitly enable the external routing domain on interfaces to the private WAN. • Only permit distribution of the directly-connected and summary branch subnets over the internal routing domain. • Limit router participation in the external router domain to learning only, preventing the distribution of any routes from the branch into that routing domain. • Enable neighbor logging on all routing domains. ! Internal Routing Domain router eigrp 1 ! By default disables routing on all interfaces passive-interface default ! Enables internal routing on the VPN tunnels no passive-interface Tunnel0 no passive-interface Tunnel1 network 10.0.0.0 no auto-summary ! EIGRP stub routing to only advertise directly connected networks and summarized routes Ta b l e 8-2 Routing Security in the Branch Routing Security Focus Routing Security Objectives Implementation Restrict Routing Protocol Membership Restrict routing sessions to trusted peers and validate the origin and integrity of routing updates • Routing peer definition • Neighbor authentication • BGP TTL Security Hack (BTSH) • Default passive interface Control Route Propagation Ensure only legitimate networks are advertised and propagated • Terminate the external routing domain on the WAN edge (e.g., using EIGRP stub routing) 1 • Only advertise required routes to the external routing domain • Terminate the internal routing domain if dynamic routing not required in the branch (e.g., using EIGRP stub routing) 1 • Advertise branch routes over the VPN to the internal routing domain 1. Stub routing is not supported in OSPF, thus outbound filters should be enforced to restrict route propagation. Log Neighbor Changes Detect neighbor status changes that may indicate network connectivity and stability issues, due to an attack or general operations problems • Neighbor logging on all routing domains8-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch eigrp stub connected summary ! Enables neighbor logging eigrp log-neighbor-changes ! ! External Routing Domain router eigrp 100 ! By default disables routing on all interfaces passive-interface default ! EGP is permitted on interfaces to the Private WAN no passive-interface GigabitEthernet0/1 network 192.168.0.0 0.0.255.255 no auto-summary ! Router only accepts, but does not explicitly advertise, any routes. eigrp stub receive-only ! Enables neighbor logging eigrp log-neighbor-changes ! ! Authenticate internal routing peers key chain eigrp-auth key 10 key-string <strong-key> ! ! Authenticate external routing peers key chain eigrp-auth-egp key 11 key-string <strong-key> ! interface Tunnel0 description Private WAN Tunnel ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 eigrp-auth ! interface Tunnel1 description Internet Tunnel ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 eigrp-auth ! interface GigabitEthernet0/1 description Private WAN ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 eigrp-auth-egp ! Note that neighbor logging is enabled by default in EIGRP; therefore, the eigrp log-neighbor-changes command does not appear explicitly in the configuration. For more information on routing security, including design and configuration guidelines , see Chapter 2, “Network Foundation Protection.” Design Considerations • Neighbor authentication and BTSH require identical configuration on routing peers in order to accept routing updates. Consequently, the enterprise should work with their service provider to enable these security features. • If neighbor logging is enabled by default for a particular routing protocol, the logging commands will not appear in the configuration. For example, this is currently the case for EIGRP.8-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Service Resiliency in the Branch The resiliency of services provided by the branch infrastructure itself is critical to the operation of the remote site. The branch edge is also a key network border. Consequently, all infrastructure devices and links must be resilient to targeted, indirect, malicious and unintentional attacks, as well as general failure scenarios. This is particularly important since the edge devices have external interfaces. Possible attacks include DoS attacks based on unauthorized and authorized protocols, distributed DoS (DDoS) attacks, flood attacks, reconnaissance and unauthorized access. General failure scenarios include power outages, physical link failures, and device failures. Service resiliency in the branch involves the following three key design areas: • Device resiliency • Central site service availability • High availability The areas of focus, objectives , and implementation options for service resiliency in the branch are outlined in Table 8-3. The particular considerations for QoS in the branch are covered below. For more information on the other service resiliency techniques, including design and configuration guidelines, see Chapter 2, “Network Foundation Protection.” Ta b l e 8-3 Service Resiliency in the Branch Service Resiliency Focus Service Resiliency Objectives Implementation Restrict attack surface Disable unnecessary services Address known vulnerabilities • Disable unnecessary services on all infrastructure devices • Patch infrastructure devices with updated software Harden the device Protect device resources from exhaustion attacks by limiting, filtering and rate-limiting traffic destined to the control plane. • Memory protection • Port security on access ports • Limit and rate-limit control plane traffic, including service-specific considerations (e.g., DHCP snooping and DAI on access switches 1) • Implement CoPP/CoPPr, if available Preserve and optimize remote site services Ensure any limited resources at a remote site, such as a low bandwidth WAN link or a low performance platform, are not overwhelmed, and optimize their utilization. • QoS: Ingress and egress QoS on the access switch. Egress QoS on the WAN link. • Application optimization Implement redundancy 1 1. The level of redundancy implemented in a branch is typically dependent on the size, business need, and budget associated with a particular site. In some cases, a decision may be taken to accept the risk associated with a particular failure scenario, in lieu, for example, of cost-saving. Deploy device, link and geographical diversity to eliminate single points of failure • Redundant devices • Redundant links • Redundant WAN providers • Geographically diverse locations8-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Service resiliency should be complemented by network policy enforcement techniques that filter traffic at the network edges, permitting only authorized services and originators to directly address the infrastructure. These techniques restrict accessibility to the infrastructure in order to reduce exposure to unauthorized access, DoS, and other network attacks. For more information, refer to the “Network Policy Enforcement in the Branch” section on page 8-11. QoS in the Branch QoS is critical to the optimal performance and availability of business-critical services in a branch, even under adverse network conditions, such as high data rates and worm outbreaks. In addition, since some service control and all remote management are in-band, it is critical that QoS is employed to accurately classify, prioritize, control, and management traffic. The fundamental principles are to accurately classify and mark traffic at the access edge, then police and schedule traffic at key network borders, particularly on links with limited resources that are subject to congestion. In a branch QoS implementation, the primary elements are as follows: • Ingress QoS on the access ports Accurately identify, classify, mark and police ingress traffic. • Egress QoS on the access ports Queuing according to the defined service classes of the enterprise QoS policy. • Egress QoS on the access switch uplink Queuing according to the defined service classes of the enterprise QoS policy. The DCSP markings can be trusted as the ingress QoS policy has been enforced to mark or remark QoS settings. • Egress QoS on the WAN link Queuing according to the defined service classes of the enterprise QoS policy to optimize usage of the, typically limited, WAN resources. The DCSP markings can be trusted as the ingress QoS policy has been enforced to mark or remark QoS settings. See Figure 8-3. Figure 8-3 QoS in the Branch 226670 IP Internet Private WAN • Egress QoS on WAN • Egress QoS on uplink • Ingress and Egress QoS on access ports8-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch QoS in the branch is just one element of an end-to-end QoS implementation, including per-branch egress QoS on the WAN edge and consistent ingress classification and marking across all access edges of the enterprise network. The following is a sample branch QoS configuration: ! Define the Egress QoS policy ! Prioritize voice, interactive video, call signaling and control traffic policy-map WAN-Edge-QoS class Voice priority percent 18 class Interactive-Video priority percent 15 class Call-Signaling bandwidth percent 5 class Network-Control bandwidth percent 5 class Critical-Data bandwidth percent 27 random-detect dscp-based class Bulk-Data bandwidth percent 4 random-detect dscp-based class Scavenger bandwidth percent 1 class class-default bandwidth percent 25 random-detect ! ! Enforce the QoS policy on this traffic types class-map match-all Bulk-Data match ip dscp af11 af12 class-map match-all Interactive-Video match ip dscp af41 af42 class-map match-any Network-Control match ip dscp cs6 match ip dscp cs2 class-map match-all Critical-Data match ip dscp af21 af22 class-map match-any Call-Signaling match ip dscp cs3 match ip dscp af31 class-map match-all Voice match ip dscp ef class-map match-all Scavenger match ip dscp cs1 ! ! Enforce the policy on traffic over the VPN tunnel interfaces interface Tunnel0 qos pre-classify ! interface GigabitEthernet0/1 description Private WAN service-policy output WAN-Edge-QoS8-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Design Considerations • Do not trust traffic on access ports. • Perform ingress QoS as close to the source as possible. • Perform QoS in hardware. • Implement per-branch egress QoS on the WAN edge. • Enforce a consistent ingress QoS policy across all access edges of the enterprise network. • Complement QoS on the WAN with application optimization to maximize application performance and WAN utilization. For more information on QoS, see the QoS Design section of Appendix A, “Reference Documents.” Network Policy Enforcement in the Branch The branch features two key network borders: a WAN edge and an access edge. Thus, it is critical to enforce a strong network policy on both these network borders. This includes restricting the incoming traffic that is permitted, blocking unauthorized access and validating the source IP address of traffic on both the WAN interfaces , and the access edge. Anomalous traffic is discarded as close to the edge of the network as possible, thereby minimizing the risk of exposure. Possible threats include unauthorized access and IP spoofing that can be used to anonymously launch an attack, bypass network access and policy enforcement controls, and snoop data through MITM attacks that combine IP and ARP spoofing. The areas of focus, objectives, and implementation options for network policy enforcement in the enterprise branch are listed in Table 8-4. The particular considerations for WAN edge ACLs, access edge iACLs and firewall integration in a branch are covered in detail below. For more information on the other network policy enforcement techniques, including design and configuration guidelines, see Chapter 2, “Network Foundation Protection.” Ta b l e 8-4 Network Policy Enforcement in the Branch Network Policy Enforcement Focus Network Policy Enforcement Objectives Implementation Filter Incoming Traffic Restrict incoming traffic to authorized sources and for authorized services only • WAN edge ACLs applied inbound on WAN interfaces • Access edge iACLs applied inbound on the access edge • Firewall integration IP Spoofing Protection Ensure traffic is topologically valid, (i.e., sourced from a valid address that is consistent with the interface it is received on) • uRPF loose mode on WAN interfaces • IP Source Guard on access ports or uRPF on Layer 3 access edge8-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Additional Security Technologies If the enterprise security posture assessment determines that additional access and policy control technologies are a required element of the corporate security policy, then this must be extended and integrated to the branch. Additional technologies may include 802.1X, Identity-Based Network Networking Services (IBNS) and Network Admission Control (NAC). For more information, see the Identity-Based Network Services section of Appendix A, “Reference Documents.” Design Considerations • Consistent network policy enforcement on all key network borders A consistent network policy must be enforced on all key network borders, including the WAN edge, the Internet edge and the access edge. For more information on edge policy enforcement for WAN Edge, refer to Chapter 7, “Enterprise WAN Edge.” For more information on edge policy enforcement for the Internet edge, refer to Chapter 6, “Enterprise Internet Edge.” • Address space planning Careful planning of the corporate address space facilitates the definition and maintenance of traffic filtering that is used in many areas of security policy enforcement, including ACLs, firewalls, route filtering, and uRPF. It is recommended that a rational, summarized, or compartmentalized IP address scheme be used across the enterprise network, enabling a manageable and enforceable security policy, offering a significant benefit to overall network security For more information on address space planning, see Chapter 2, “Network Foundation Protection.” • IP Spoofing Protection Enforce IP spoofing protection on the access edge to enable generic and consistent access edge iACLs to be enforced across the enterprise, thereby minimizing operational overhead. IP spoofing protection removes the need to specify the particular access subnet as the source address in the ACL entries, since the source IP address has already been validated. For more information on IP spoofing protection, see Chapter 2, “Network Foundation Protection.” WAN Edge ACLs The primary objective of WAN edge ACLs is to restrict incoming traffic on the WAN links only to the minimum required traffic and services, and only from authorized originators. This typically involves permitting only the necessary routing updates from defined external routing peers, along with VPN access to the WAN edge. In addition, standard ingress edge filtering is enforced, per Bridge Control Protocol (BCP) 38 and RFC2827, denying traffic with illegitimate, invalid, or reserved source addresses. A WAN edge ACL for a branch with site-to-site VPN only, thus typically features the following elements: • Deny fragments • Deny the corporate address space originating from external sources • Deny RFC1918 private address space (10/8, 172.16/12, 192.168/16) • Deny RFC3330 special use IPv4 addressing (0.0.0.0, 127/8, 192.0.2/24, 224/4) • Permit routing updates from authorized, external peers8-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch • Permit VPN to WAN edge • Permit ping and traceroute for troubleshooting For more information on traffic filtering, see the Edge Filtering section of Appendix A, “Reference Documents.” Access Edge iACLs The primary objective of iACLs on the access edge is to restrict client access to the network infrastructure, thereby reducing the risk exposure of these devices. Consequently, direct traffic to the infrastructure address space is blocked across all access edges of the enterprise. In a branch, access edge iACLs are typically enforced on the branch edge router or, if a dedicated firewall is deployed on the access edge, they are integrated into the firewall policy. This ensures ease of operational management. The following is a sample configuration (guidelines) for creating an iACL: access-list 125 remark Client Access Edge iACL ! Permit Clients to perform ping and traceroute access-list 125 remark Permit Client ping and traceroute access-list 125 permit icmp any any ttl-exceeded access-list 125 permit icmp any any port-unreachable access-list 125 permit icmp any any echo-reply access-list 125 permit icmp any any echo ! Permit VPN to Mgmt FW for local operational staff access-list 125 remark Permit VPN to Mgmt FW access-list 125 permit udp any host <mgmt-fw> eq isakmp access-list 125 permit esp any host <mgmt-fw> ! Deny Client Access to Network Infrastructure Address Space access-list 125 remark Deny Client to OOB Mgmt Network access-list 125 deny ip any <subnet> <inverse-mask> access-list 125 remark Deny Client to NoC & Core access-list 125 deny ip any <subnet> <inverse-mask> access-list 125 remark Deny Client to Internet Edge access-list 125 deny ip any <subnet> <inverse-mask> access-list 125 remark Deny Client to WAN Edge access-list 125 deny ip any <subnet> <inverse-mask> access-list 125 remark Deny Client to VPN Tunnels access-list 125 deny ip any <subnet> <inverse-mask> access-list 125 remark Deny Client to Branch Infra access-list 125 deny ip any <subnet> <inverse-mask> ! Permit All Other Client Traffic access-list 125 remark Permit Client Non-Infra traffic access-list 125 permit ip any any ! ! Enforces ACL on Branch access port interface GigabitEthernet0/0.10 description Wired Clients ip access-group 125 in Note that it is not necessary to specify the particular access subnet as the source address in the ACL entries if IP source address validation is already being enforced; for example, through IP Source Guard on the access ports. This enables generic and consistent iACLs to be deployed across the enterprise access edge, thereby minimizing the operational overhead. For more information on iACLs, see Chapter 2, “Network Foundation Protection.”8-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Design Considerations • IP Spoofing Protection Enforce IP spoofing protection on the access edge to enable generic and consistent access edge iACLs to be enforced across the Enterprise, thereby minimizing operational overhead. IP spoofing protection removes the need to specify the particular access subnet as the source address in the ACL entries, since the source IP address has already been validated. Firewall Integration in the Branch Firewall integration in the branch enables the segmentation and enforcement of different security policy domains. This provides enhanced protection from unauthorized access that may be required if, for example, the branch features a point-of-sale (PoS) segment for credit card processing that requires PCI compliance, if split-tunneling is being employed, if there is an unsecured wireless network or if there are multiple user groups with different security policies to be enforced. In addition, firewall integration offers more advanced, granular services , such as stateful inspection and application inspection and control on Layer 2 through Layer 7. These advanced firewall services are highly effective of detecting and mitigating TCP attacks and application abuse in HTTP, SMTP, IM/P2P, voice, and other protocols. The two common design criteria for firewall integration in a branch are cost and administrative domains (i.e., who manages the infrastructure devices (NetOps, SecOps, SP)). A combination of these two factors typically dictates the platform selection. To meet the deployment criteria of each customer, Cisco offers two key firewall integration options: • IOS Firewall Cost-effective, integrated firewall that is typically implemented in the branch edge router. Cisco IOS Firewall is offered as a classic, interface-based firewall or as a zone-based firewall (ZBFW) that enables the application of policies to defined security zones. • Adaptive Security Appliance (ASA) Series Dedicated firewall enabling a highly scalable, high performance, high availability and fully featured deployment on a range of platforms. It also supports distinct administrative domains, including a separate NetOps and SecOps model, as well as deployments where the edge router is SP-owned and managed. For more information on firewall integration using either a Cisco IOS firewall or a Cisco ASA, see the Firewall section of Appendix A, “Reference Documents.” IOS Zone-based Firewall (ZBFW) Integration in a Branch IOS ZBFW enables the creation of different security zones and the application of particular network policies to each of these defined zones. The first design step is thus to determine the zones required, based on the different network policies to be enforced. IOS ZBFW features an implicit deny for traffic between zones and so zones need only be created for zones with traffic flows that will be permitted between zones. Typical security zones for a branch are as follows: • VPN Tunnel interfaces to WAN edge hubs • Clients8-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Client VLAN interfaces • Infrastructure Management VLAN and integrated modules, such as switch, WLAN infrastructure, and IPS Since there is an implicit deny, unless a branch is hosting externally-accessible services, the definition of a WAN zone is not required, because traffic from the WAN is not, by default, permitted to pass through the ISR to internal interfaces. A sample baseline IOS ZBFW design for a branch, illustrating some sample zones and the associated permit policies to be enforced, is shown in Figure 8-4. Figure 8-4 Sample IOS ZBFW Integration in a Branch The following sample configuration illustrates the use of ZBFW on the branch: zone security vpn description VPN to Corporate zone security infra description Infrastructure Devices zone security clients description Clients zone-pair security clients-hq source clients destination vpn service-policy type inspect clients-hq-policy zone-pair security infra-hq source infra destination vpn service-policy type inspect infra-hq-policy zone-pair security hq-clients source vpn destination clients service-policy type inspect hq-clients-policy zone-pair security hq-infra source vpn destination infra service-policy type inspect hq-infra-policy zone-pair security infra-clients source infra destination clients service-policy type inspect infra-clients-policy policy-map type inspect infra-clients-policy class type inspect frm-infra-class Enterprise Branch 226671 IP LWAPP Internet Private WAN Infrastructure Zone Client Zone VPN Zone • Implicit deny for non-permitted flows Tunnel0 Tunnel1 VPN Infrastructure Clients VPN Permit Permit Infrastructure Permit Permit Clients Permit Deny8-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch inspect class class-default drop policy-map type inspect infra-hq-policy class type inspect frm-infra-class pass class class-default drop policy-map type inspect hq-infra-policy class type inspect to-infra-class pass class class-default drop policy-map type inspect clients-hq-policy class type inspect frm-clients-class pass class class-default drop policy-map type inspect hq-clients-policy class type inspect to-clients-class pass class class-default drop class-map type inspect match-any to-infra-class match access-group 104 class-map type inspect match-any to-clients-class match access-group 103 class-map type inspect match-any frm-infra-class match access-group 102 class-map type inspect match-any frm-clients-class match access-group 101 ! access-list 101 remark Client Source access-list 101 permit ip 10.200.1.0 0.0.0.255 any access-list 102 remark Infra Source access-list 102 permit ip 10.201.1.0 0.0.0.255 any access-list 103 remark Clients Dest access-list 103 permit ip any 10.200.1.0 0.0.0.255 access-list 104 remark Infra Dest access-list 104 permit ip any 10.201.1.0 0.0.0.255 Design Considerations • An implicit deny applies as soon as a single zone is created on the device. Consequently, even if an interface is not placed in a zone, traffic will, by default, be denied. • Policies are, by default, only applied to traffic flowing through the device, not to traffic directed to the device itself. This behavior can be modified by defining policies for what is referred to as the self zone. • Once a baseline IOS zone-based firewall (ZBFW) design has been developed, advanced firewall inspection can easily be integrated by simply modifying the policies being enforced. For more information on IOS ZBFW, see the Firewall section of Appendix A, “Reference Documents.”8-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch ASA Integration in a Branch The Adaptive Security Appliance (ASA) is a dedicated, fully featured firewall device enabling a scalable, high performance and high availability design, depending on a particular branch needs. It also provides support for separate management domains. See Figure 8-5. The ASA is placed logically inline, between the branch access edge and the branch edge router, as well as between any additional security domains, to enforce network policy at the branch. The ASA access policy also typically includes access edge iACLs and, if the branch is hosting externally-accessible services or the branch edge router is not owned and managed by the enterprise, WAN edge ACLs. Figure 8-5 Sample ASA Integration in a Branch The Cisco ASA enforces network access policies based on the security level of an interface, with a default network access policy of an implicit permit for interfaces of the same security level, and an implicit permit from a higher to a lower security level interface. It is recommended, however, to enforce explicit policies as this provides maximum visibility into traffic flows. For more information on the Cisco ASA, see the Firewall section of Appendix A, “Reference Documents.” A typical ASA deployment in a branch, as shown in Figure 8-5, illustrates the following: • Access interfaces with a lower security level than the infrastructure interfaces. This ensures that, by default, clients are not permitted access to other interfaces. • Access interface network access rules can also integrate the access edge iACLs. • An explicit permit must be defined for client access non-infrastructure addresses. • Infrastructure interfaces with a high security level permits traffic flows, by default, to other interfaces. • There are no external interfaces on this ASA but, if they exist, they should be assigned the lowest security level and a strong network policy enforced. • As with standard ACLs, a final, explicit deny should be enforced to provide maximum visibility into traffic being denied. Enterprise Branch 226672 IP LWAPP Internet Private WAN Client Interfaces Security level = 50 Infrastructure Interfaces Security level = 100 ASA Tunnel0 Tunnel1 Explicit permit for non-infrastructure traffic8-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch A sample ASA branch configuration is shown in Figure 8-6, illustrating the network access policy being enforced on a client access interface, including access edge iACLs. Figure 8-6 Sample ASA Network Access Policy for a Client Access Interface Additional policies can be enforced on the ASA, including application layer protocol inspection, IPS, and QoS. For more information on the ASA, see the Firewall section of Appendix A, “Reference Documents.” IPS Integration in the Branch Cisco IPS provides signature and reputation-based threat detection and mitigation for threats such as worms, spyware, adware, network viruses, and application abuse. Its integration in a branch enables the localized detection and mitigation of malicious and anomalous activity. This is highly effective at enabling threats to be detected and mitigated in a timely manner and as close to the source as possible, thereby reducing the possible impact on the rest of the corporate network. In addition, Cisco IPS collaboration with other Cisco devices provides enhanced visibility and control through system-wide intelligence. This includes host-based IPS collaboration with CSA, reputation-based filtering and global correlation using SensorBase, automated threat mitigation with the WLAN controller (WLC), multi-vendor event correlation and attack path identification using Cisco Security Monitoring, Analysis, and Response System (CS-MARS), and common policy management using Cisco Security Manager (CSM). For more information on Cisco security collaboration, see Chapter 10, “Monitoring, Analysis, and Correlation,” and Chapter 11, “Threat Control and Containment.”8-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch The general IPS design considerations of deployment mode, scalability, availability and maximum threat coverage apply to a branch but the branch also, typically, introduces cost and management considerations that must be taken into account. The Cisco IPS includes a wide range of platform options that enable customers to select a platform that is appropriate to their deployment criteria, as shown in Figure 8-7. Figure 8-7 Cisco IPS Deployment Options This wide range of IPS platforms shares a common set of signatures and can all be remotely managed by a central management platform, such as Cisco Security Manager (CSM). This enables consistent, rich signature and policy enforcement across the entire enterprise network, facilitating IPS tuning and operations, while at the same time accommodating the particular design criteria of diverse locations. In large branch locations that require high scalability and availability, multiple IPS can be deployed. Design Considerations • IOS IPS currently only supports a sub-set of the signatures supported by the IPS devices and modules. In addition, IOS IPS does not currently support collaboration with other Cisco devices. • The IPS modules provide a cost-effective IPS solution that maintains a consistent, rich signature set across all enterprise network IPS. • IPS modules enable operational staff to easily migrate from promiscuous to inline mode, through a simple configuration change on the host platform. • IPS modules offer limited scalability and availability that must be taken into account in a design. • Symmetrical traffic flows offer a number of important benefits, including enhanced threat detection, reduced vulnerability to IPS evasion techniques and improved operations through reduced false positives and false negatives. Consequently, leveraging the Cisco IPS Normalizer engine is a key design element. If multiple IPS exist in a single flow, for instance, in multiple edge routers, maintaining symmetric flows requires careful consideration of the IPS integration design. • It is recommended that IPS monitoring is performed on internal branch interfaces only in order to focus threat detection and mitigation on internal threats. This avoids the local IPS and the centralized monitoring station from being inundated with alerts that do not necessarily indicate a risk. Cisco IPS Series • Cost-effective, softwarebased IPS • Sub-set of signatures Cisco IOS IPS • Highly scalable, high availability, hardware-based IPS • Rich signature set and crossnetwork collaboration • Enables separate administrative domain • Dedicated appliances and integrated modules for ISR, ASA and Catalyst 6500 – Flexible deployment options – Consistent rich signatureset and policy enforcement 2267728-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch • IPS can, alternately, be integrated in the enterprise WAN edge as a centralized IPS deployment. This enables a scalable, highly available and cost-effective design, that also offers ease of management advantages, since it typically features a smaller number of devices. The threat coverage offered by this type of deployment must, however, be considered, since only traffic passing through the WAN edge distribution block will be monitored. For more information on a centralized IPS deployment, see Chapter 7, “Enterprise WAN Edge.” • A combination of centralized and distributed IPS enables the appropriate deployment model to be chosen according to the needs of a particular branch, while maintaining consistent policy enforcement. • IPS signature tuning enables the automated response actions taken by Cisco IPS to be tuned and customized according to the customer environment and policy. For more information on IPS design considerations as well as high scalability and availability IPS designs, see “IPS Integration in the WAN Edge Distribution” section on page 7-19. Implementation Option • IPS Promiscuous Mode Cisco IPS can also be deployed in promiscuous mode. In promiscuous mode, the IPS performs passive monitoring, with traffic being passed to it through a monitoring port. Upon detection of anomalous behavior, management systems are informed of an event and operational staff can subsequently decide what action, if any, to take in response to an incident. The time between threat detection and mitigation may thus be extended. IPS Module Integration in a Cisco ISR IPS integration in a small, cost-sensitive branch can leverage an IPS module integrated in the branch edge ISR. Integration of an IPS module enables a consistent, rich signature set across all enterprise network IPS. IPS module integration is very simple to implement, with the IPS receiving traffic over the backplane of the ISR. Once the module is installed, it is simply a case of enforcing IPS monitoring on the desired interfaces. See Figure 8-8. Figure 8-8 IPS Module Integration in a Cisco ISR Enterprise Branch 226674 IP LWAPP Internet Private WAN IPS Module ISR ISR Backplane8-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch IPS monitoring is enforced on the ISR on a per-interface basis, as shown in the following example: ! interface GigabitEthernet0/0.10 description Wired Clients encapsulation dot1Q 10 ip address 10.200.1.1 255.255.255.128 ids-service-module monitoring inline ! The IPS configuration is a standard, consistent IPS policy that is enforced across the enterprise, as shown in Figure 8-9. Figure 8-9 IPS Module in ISR Configuration IPS Module Integration in a Cisco ASA A branch with a Cisco ASA can integrate an IPS module in this ASA to provide a cost-effective, integrated solution. Integration of an IPS module enables a consistent, rich signature set across all enterprise network IPS. IPS module integration is very simple to implement, with the IPS receiving traffic over the backplane of the ASA. Once the module is installed, it is simply a case of enforcing IPS monitoring on the desired interfaces. See Figure 8-10.8-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Figure 8-10 IPS Module Integration in a Cisco ASA IPS monitoring is enforced on the ASA by applying a service policy on a per-interface basis, as illustrated in Figure 8-11. Figure 8-11 IPS Policy Enforcement on the ASA The IPS configuration is a standard, consistent IPS policy that is enforced across the enterprise, as shown in Figure 8-12. Enterprise Branch 226675 IP LWAPP Internet Private WAN IPS Module ASA ASA Backplane8-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Figure 8-12 IPS Module in ASA Configuration For more information on ASA integration in a branch, see the “ASA Integration in a Branch” section on page 8-17. Switching Security in the Branch Switching in the branch is critical to network services; therefore, its security and resiliency is vital to business operations. Consequently, the switching infrastructure and services themselves must be resilient to attacks against them, and they must offer protection to users and devices against attacks within their Layer 2 domain. Possible attacks include DoS attacks through Spanning Tree Protocol (STP) manipulation, MAC flooding, DHCP starvation and unknown, multicast and broadcast frame flooding, reconnaissance, unauthorized access and MITM attacks through DHCP server spoofing, ARP spoofing, VLAN hopping, and STP manipulation. These attacks may be targeted or indirect, malicious or unintentional, conducted by authorized or unauthorized users, or performed by malware. Consistent policies should be enforced across all enterprise switches including those in the campus, branch, data center, Internet edge and WAN edge, though taking into consideration the role of each switch, for example, if it is an access edge switch, a distribution switch or a core switch. Consequently, switching security in the branch involves extending and applying these same switching security policies to the branch switches.8-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch The areas of focus, objectives, and implementation options for switching security in a branch access edge switch are listed in Table 8-5. The following is a sample secure switching configuration: Global Configuration ! Spanning Tree Security spanning-tree mode pvst spanning-tree portfast bpduguard default ! Enable DHCP Snooping on Access VLANs ip dhcp snooping vlan 10,20 no ip dhcp snooping information option ip dhcp snooping ! Enable DAI on Access VLANs with ARP ACLs for Default Gateway ip arp inspection vlan 10,20 ip arp inspection filter staticIP vlan 10,20 arp access-list staticIP permit ip host 10.200.1.1 mac host 0015.622e.8c88 permit ip host 10.200.1.129 mac host 0015.622e.8c88 ! VTP Transparent Mode Ta b l e 8-5 Switching Security in the Branch Access Edge Switch Switching Security Focus Switching Security Objectives Implementation Restrict Broadcast Domains Limit the Layer 2 domain in order to minimize the reach and possible extent of an incident • Restrict each VLAN to an access switch. 1 1. Keeping VLANs unique to an access switch is an enterprise campus BCP. For more information on enterprise campus design see the Campus Design section of Appendix A, “Reference Documents.” Spanning Tree Protocol (STP) Security Restrict STP participation to authorized ports only • Rapid Per-VLAN Spanning Tree (PVST) • BPDU Guard • STP Root Guard DHCP Protection Prevent rogue DHCP server and DHCP starvation attacks • DHCP Snooping on access VLANs ARP Spoofing Protection Prevent ARP spoofing-based MITM attacks • Dynamic ARP Inspection (DAI) on access VLANs 2 2. ARP spoofing attacks are often conducted in combination with IP spoofing, in order to avoid traceability. Consequently, IP spoofing protection should also be enforced on a switch. For more information on IP spoofing protection, see the Chapter 2, “Network Foundation Protection.” IP Spoofing Protection Ensure traffic is topologically valid, (i.e., sourced from a valid address that is consistent with the interface it is received on) • IP Source Guard on access ports or uRPF on Layer 3 access edge MAC Flooding Protection Prevent switch resource exhaustion attacks that can cause flooding of a Layer 2 domain • Port security on access ports VLAN Best Common Practices Apply VLAN security guidelines across the infrastructure • Define a port as a trunk, access or voice port rather than enabling negotiation • VTP transparent mode • Disable unused ports and place in an unused VLAN • Use all tagged mode for the native VLAN on trunks • Traffic storm control8-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch vtp mode transparent vlan 10 name DATA ! vlan 20 name VOICE ! vlan 201 name Mgmt ! vlan 2000 name Unused ! ! Native VLAN Tagging vlan dot1q tag native ! ! Access Port interface FastEthernet1/0/2 switchport access vlan 10 switchport mode access switchport voice vlan 20 switchport port-security maximum 3 switchport port-security maximum 2 vlan access switchport port-security maximum 1 vlan voice switchport port-security switchport port-security aging time 1 switchport port-security violation restrict switchport port-security aging type inactivity ip arp inspection limit rate 100 load-interval 60 priority-queue out no snmp trap link-status storm-control broadcast level pps 1k storm-control multicast level pps 2k storm-control action trap no cdp enable spanning-tree portfast spanning-tree bpduguard enable spanning-tree guard root ip verify source ip dhcp snooping limit rate 15 ! ! Trunk Port to ISR interface GigabitEthernet1/0/1 description Trunk to ISR switchport trunk encapsulation dot1q switchport trunk allowed vlan 10,20,201 switchport mode trunk ip arp inspection trust load-interval 60 ip dhcp snooping limit rate 15 ip dhcp snooping trust ! ! Unused Port interface GigabitEthernet1/0/4 switchport access vlan 2000 shutdown no cdp enable The particular considerations for DHCP protection and ARP spoofing protection in a branch are covered in detail below. For more information on the other switching security techniques, including design and configuration guidelines, see Chapter 2, “Network Foundation Protection.”8-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Design Considerations • Rate-limiting must be enabled for both DHCP snooping and DAI in order to ensure that these features do not create a DoS vector. • If automatic recovery of an interface after a security violation is not enabled, the interface will remain in an error-disabled state until it is manually recovered with a shutdown and no shutdown. • DAI is highly effective for ARP spoofing protection in DHCP environments but must be bypassed for any device that does not use DHCP. This is achieved either by explicitly defining the interface it is connected to as trusted, or by creating an ARP inspection ACL to permit the source MAC and IP address of that device. • The operational management of the switching infrastructure can be greatly enhanced my leveraging Smartports macros on a Cisco switch. Smartports macros enable customized port templates to be defined according to corporate policy and applied to ports on an as-needed basis. This ensures consistent policy enforcement, eases operations and avoids misconfiguration. For more information on Smartports macros, see the Switching Security section of Appendix A, “Reference Documents.” DHCP Protection DHCP protection is critical to ensure that a client on an access edge port is not able to spoof or accidentally bring up a DHCP server, nor exhaust the entire DHCP address space by using a sophisticated DHCP starvation attack. Both these attacks are addressed with the Cisco IOS DHCP snooping feature that performs two key functions to address these attacks: • Rogue DHCP Server Protection If reserved DHCP server responses (DHCPOFFER, DHCPACK, and DHCPNAK) are received on an untrusted port, the interface is shut down. • DHCP Starvation Protection Validates that the source MAC address in the DHCP payload on an untrusted interface matches the source MAC address registered on that interface. In addition, DHCP snooping rate-limiting must be enabled to harden the switch against a resource exhaustion based DoS attack. For more information on the DHCP Snooping feature, see the Switching Security section of Appendix A, “Reference Documents.” ARP Spoofing Protection ARP spoofing protection ensures that a client on an access edge port is not able to perform a MITM attack by sending a gratuitous ARP that presents its MAC address as that associated with a different IP address, such as that of the default gateway. This attack is addressed with the Cisco IOS Dynamic ARP Inspection (DAI) feature that validates that the source MAC and IP address in an ARP packet received on an untrusted interface matches the source MAC and IP address registered on that interface. DAI is enabled on a per-VLAN basis and all interfaces in that VLAN are untrusted by default. Consequently, for a device that does not use DHCP, such as the default gateway, ARP inspection must be bypassed by either explicitly defining the interface it is connected to as trusted, or creating an ARP inspection ACL to permit the source MAC and IP address of that device.8-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch In addition, DAI rate-limiting must be enabled to harden the switch against a resource exhaustion-based DoS attack. For more information on the DAI feature, see the Switching Security section of Appendix A, “Reference Documents.” Endpoint Security in the Branch Enterprise clients and servers are exposed to a range of threats, including malware, botnets, worms, viruses, trojans, spyware, theft of information, and unauthorized access. Consequently, the vulnerability of any particular endpoint can impact the security and availability of an entire enterprise network. Endpoint security is thus a critical element of an integrated, defense-in-depth approach to security, protecting both the endpoint itself and the corporate network to which it connects. Consistent policies should be enforced across all enterprise clients and servers, and so endpoint security in the branch involves extending and applying these same security policies to branch endpoints. Endpoint security must not only harden the endpoint against the initial attack, compromise and subsequent activity, but also general malicious and non-compliant client activity. This is generally referred to as host-based IPS and the key elements are as follows: • Protection against known attacks Signature-based threat detection and mitigation, such as known worms and viruses. • Protection against zero-day or unpatched attacks Behavioral-based threat detection and mitigation, such as attempts to load an unauthorized kernel driver, buffer overflow, capture keystrokes, create rogue services, modify system configuration settings and inset code into other processes. • Policy enforcement Host-based IPS functionality to support all these key elements is provided by the Cisco Security Agent (CSA). CSA is deployed on all endpoints and centralized policy management and enforcement is performed by the CSA Management Center (CSA-MC), enabling a common and consistent policy enforcement across all enterprise endpoints. For more information on CSA and endpoint security in the enterprise, see Chapter 5, “Enterprise Campus.” Design Considerations • Endpoint security protects the client even when they are not connected to the corporate network, such as at a hotel, a hotspot or home. • CSA on enterprise endpoints is typically managed by a centralized CSA MC. CSA continues to protect the endpoint, even when the CSA MC is not accessible and so a branch WAN outage is not an issue. • CSA policies that are enforced based on location-aware policies must take into consideration the fact that the CSA MC may not always be reachable by branch endpoints. For instance, a policy that blocks local network access if the CSA MC is not reachable may not be viable in a branch. • User behavior is a key factor in endpoint and overall network security. This is becoming even more critical as attacks evolve to focus on social engineering and targeted attacks. CSA can be leveraged to reinforce user education and training by, for instance, advising users when they perform an anomalous action, outlining the risks it presents and the associated corporate policy, before allowing them to permit the action, along with, perhaps, a justification.8-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch Complementary Technology Additional endpoint security includes the following: • Cisco Security Services Client (CSSC) The CSSC is a software supplicant that enables identity-based access and policy enforcement on a client, across both wired and wireless networks. This includes the ability to enforce secure network access controls, such as requiring the use of WPA2 for wireless access and automatically starting a VPN connection when connected to a non-corporate network. For more information on CSSC, see the Endpoint Security section of Appendix A, “Reference Documents.” • System and application hardening It is critical that the operating system and applications running on an endpoint are hardened and secured in order to reduce the attack surface and render the endpoint as resilient to attacks as possible. This involves implementing a secure initial configuration, the regular review of vulnerabilities and the timely application of any necessary updates and security patches. • User education and training End-users should receive ongoing education and training to make them aware of the role they play in mitigating existing and emerging threats, including how to be secure online, protecting corporate data, and minimizing their risk. This should be presented in a simple, collaborative way to reinforce the defined corporate policies. Secure Device Access in the Branch Access to all infrastructure devices in the branch must be secured. If infrastructure device access is compromised, the security and management of the entire network can be compromised. Consequently, it is critical to establish the appropriate controls in order to prevent unauthorized access to infrastructure devices. There will be some variations in the actual implementation of secure device access, based on the particular device and software release, but all the fundamental objectives must be applied: • Restrict device accessibility Limit the accessible ports and access services, restrict access to authorized services from authorized originators only, enforce session management and restrict login vulnerability to dictionary and DoS attacks • Present legal notification Display legal notice, developed in conjunction with company legal counsel, for interactive sessions. • Authenticate access Ensure access is only granted to authenticated users, groups, and services. • Authorize actions Restrict the actions and views permitted by any particular user, group, or service. • Ensure the confidentiality of data Protect locally stored sensitive data from viewing and copying. Consider the vulnerability of data in transit over a communication channel to sniffing, session hijacking, and MITM attacks. 8-29 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Design Guidelines for the Branch • Log and account for all access Record who accessed the device, what occurred, and when for auditing purposes. For more information on secure device access, including design and configuration guidelines for the areas outlined above, see Chapter 2, “Network Foundation Protection.” Design Considerations • Remote Management Remote management typically occurs in-band for remote sites; therefore, it is critical that management access and management traffic be properly isolated, secured, and resilient to challenging network events, such as high data rates and worm outbreaks. This is achieved through service resiliency measures designed to ensure remote manageability even under adverse circumstances, including device hardening and QoS. For more information on service resiliency, see the “Service Resiliency in the Branch” section on page 8-8. • Integrated IPS Module Access It is generally recommended that outgoing access is not permitted on a device, unless explicitly required. One example of such a requirement is access to an IPS module integrated in an ISR. Console access to the integrated IPS module is only available through a reverse telnet from the host ISR. Consequently, outgoing telnet must be permitted on the host ISR console and VTY lines. Telemetry in the Branch Telemetry must be extended to the branch in order to provide visibility into its status, as well as activity on both the local network and its external interfaces. This enables the timely and accurate detection and mitigation of anomalies. Consequently, telemetry is enabled across all infrastructure devices in the branch and integrated with a centralized management system for event monitoring, analysis, and correlation. The key elements include: • Synchronize time Synchronize all network devices to the same network clock by using Network Time Protocol (NTP) to enable accurate and effective event correlation. • Monitor system status information Maintain visibility into overall device health by monitoring CPU, memory, and processes. • Implement CDP best common practices Enable CDP on all infrastructure interfaces for operational purposes but disable CDP on any interfaces where CDP may pose a risk, such as external-facing interfaces. • Enable remote monitoring Use syslog and SNMP to a centralized server, such as CS-MARS, for cross-network data aggregation. This enables detailed and behavioral analysis of the data which is key to traffic profiling, anomaly-detection and attack forensics, as well as general network visibility and routine troubleshooting. For more information on telemetry, including design and configuration guidelines for the areas outlined above, see Chapter 2, “Network Foundation Protection.” For more information on remote monitoring, analysis and correlation, including syslog, SNMP and NetFlow, see Chapter 10, “Monitoring, Analysis, and Correlation.”8-30 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Threats Mitigated in the Enterprise Branch Design Considerations • CDP is enabled by default in Cisco IOS and should be disabled on all external-facing interfaces. This can be verified on a per interface basis using the command show cdp interface. • CDP may pose a risk on access ports but it should be noted that some services, such as Cisco UC phones, require CDP. Thus, care must be taken when disabling CDP. • As with secure device access, the isolation of management access and management traffic is recommended using an out-of-band (OOB) network in order to provide an extra degree of security. This is typically employed using an OOB network that is physically independent of the data network and features limited and strictly controlled access. For more information on the implementation of a management network, refer to Chapter 9, “Management.” • One key element to consider is that, since these are remote sites, telemetry and remote management are typically in-band. It is thus critical that QoS is employed to accurately classify and prioritize control and management traffic. This will ensure continuing service availability and remote management even under adverse network conditions, such as high data rates and worm outbreaks. Threats Mitigated in the Enterprise Branch Ta b l e 8-6 Enterprise Branch Threat Mitigation Features Botnets DoS Unauthorized Access Phishing, Spam Malware, Spyware Application, Network Abuse Data Leakage Visibility Control Secure WAN Connectivity Yes Yes Yes Routing Security Yes Yes Yes Yes Service Resiliency Device Hardening QoS Redundancy Yes Yes Yes Network Policy Enforcement WAN Edge ACLs Access Edge iACLs Cisco Firewall IP Source Guard or uRPF Yes Yes Yes Yes Yes Cisco IPS Integration Yes Yes Yes Yes Switching Security Yes Yes Yes Yes Endpoint Security Yes Yes Yes Yes Yes Yes Yes Yes Yes Secure Device Access Yes Yes Yes Yes Telemetry Yes Yes Yes Yes Yes8-31 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Threats Mitigated in the Enterprise Branch Web and E-mail threats, such as malicious web sites, compromised legitimate web sites, spam, and phishing, are addressed as part of a centralized deployment in the enterprise Internet edge (see Chapter 6, “Enterprise Internet Edge.”) If a branch employs split-tunneling, whereby there is local Internet access direct from the branch, web security must be implemented locally. This can be achieved using the Cisco IronPort S-Series, Cisco ASA 5500 Series, or Cisco IOS Content Filtering. For more information, see the Web Security section of Appendix A, “Reference Documents.”8-32 Cisco SAFE Reference Guide OL-19523-01 Chapter 8 Enterprise Branch Threats Mitigated in the Enterprise BranchC H A P T E R 9-1 Cisco SAFE Reference Guide OL-19523-01 9 Management The primary goal of the management module is to facilitate the secure management of all devices and hosts within the enterprise network architecture. The management module is key for any network security management and reporting strategy. It provides the servers, services, and connectivity needed for the following: • Device access and configuration • Event collection for monitoring, analysis, and correlation • Device and user authentication, authorization, and accounting • Device time synchronization • Configuration and image repository • Network access control manager and profilers Logging and reporting information flows from the network devices to the management hosts, while content, configurations, and new software updates flow to the devices from the management hosts. Key devices that exist in the Management Module relevant for security include the following: • CS-MARS—Event Monitoring, Analysis, and Correlation (EMAC) system that provides network-wide security intelligence and collaboration allowing quick identification and rapid reaction to threats. CS-MARS collects, trends, and correlates logging and event information generated by routers, switches, firewalls, intrusion prevention systems, Cisco Access Control Servers (ACS) and the management center for Cisco Security Agents (CSA-MC). CS-MARS collects network configuration and event information using protocols like syslog, SNMP, Telnet, SSH, and NetFlow. In addition, CS-MARS integrates with Cisco Security Manager (CSM) to provide a comprehensive security monitoring and management solution that addresses configuration management, security monitoring, analysis, and mitigation. • Cisco Security Manager (CSM)—Management application used to configure firewall, VPN, and intrusion prevention services on Cisco network and security devices. CSM communicates with Cisco network and security devices using telnet, SSH, HTTP, or HTTPs. • Network Access Control (NAC) Manager—Communicates with and manages the Cisco NAC Server. Provides a web-based interface for creating security policies, managing online users, and acts as an authentication proxy for authentication servers on the backend such as ACS. • Access Control Server (ACS)—Provides Authentication, Authorization, and Accounting (AAA) services for routers, switches, firewalls, VPN services, and NAC clients. In addition, ACS also interfaces with external backend Active Directory and LDAP authentication services. • System administration host—Provides configuration, software images, and content changes on devices from a central server.9-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Key Threats in the Management Module • Configuration and software archive host—Provides repository for device configuration and system image backup files. • Network Time Protocol (NTP) server—Used for time synchronization. • Firewall/VPN—Provides granular access control for traffic flows between the management hosts and the managed devices for in-band management. Firewall also provides secure VPN access to the management module for administrators located at the campus, branches and other places in the network. Note The best practices for enabling secure administrative access with protocols like SSH and SNMP are provided in Chapter 2, “Network Foundation Protection.” Chapter 10, “Monitoring, Analysis, and Correlation” describes the best practices for the secure configuration of device access and reporting access required by CS-MARS. Note The NAC Profiler server is typically deployed in the management module alongside the NAC Manager. However, if NAT is being performed on the firewall protecting the management module from the data network, then the NAC Profiler server needs to be located outside the management module such that there is no NAT between the NAC server (acting as the collector) and NAC Profiler. For more information, refer to the “NAC Appliance” section on page 5-33 and “NAC Profiler” section on page 5-45. Key Threats in the Management Module The following are some of the expected threat vectors affecting the management module: • Unauthorized Access • Denial-of-Service (DoS) • Distributed DoS (DDoS) • Man-in-the-Middle (MITM) Attacks • Privilege escalation • Intrusions • Network reconnaissance • Password attacks • IP spoofing9-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices Management Module Deployment Best Practices The SAFE architecture design includes a management network module dedicated to carrying control and management plane traffic such as NTP, SSH, SNMP, VPN, TACACS+, syslog, and NetFlow reporting. The management module provides configuration management for nearly all devices in the network through the use of two primary technologies: Cisco IOS routers acting as terminal servers and a dedicated management network segment implemented either on separated hardware or VLANs. The dedicated management network segment provides the primary method for managing network devices using secure transport protocols such as SSH and HTTPS. Hardened terminal servers provide backup console and CLI access to the network devices using the reverse-telnet function. Because the management network has administrative access to nearly every area of the network, it can be a very attractive target to hackers. The management module is built with several technologies designed to mitigate those risks. The first primary threat is a hacker attempting to gain access to the management network itself. This threat can only be mitigated through the effective deployment of security features in the other modules in the enterprise to ensure the proper security is in place to prevent unauthorized access to services within the management module. The remaining threats assume that the primary line-of-defense has been breached. To mitigate the threat of a compromised device, access control should be implemented using a firewall, and every device should be hardened and secured using the baseline security best practices outlined in Chapter 2, “Network Foundation Protection.” The management network combines out-of-band (OOB) management and in-band (IB) management access to manage the various devices within the different PIN modules. OOB management is used for devices at the headquarters and is accomplished by connecting dedicated management ports or spare Ethernet ports on devices directly to the dedicated OOB management network hosting the management and monitoring applications and services. The OOB management network can be either implemented as a collection of dedicated hardware or based on VLAN isolation. IB management is used for remote devices such as the branch site and access is provided through the data path using a firewalled connection to the core network module. This connectivity is depicted in Figure 9-1. 9-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices Figure 9-1 Out-of-band and In-band Management Design When deploying a management network some of the key components of the design include the following: • Securing the out-of-band Management network • Securing the in-band Management access • Providing secure remote access to the management network • Synchronizing time using NTP • Securing servers and other endpoint with endpoint protection software and operating system (OS) hardening best practices • Hardening the infrastructure using Network Foundation Protection (NFP) best practices The following section will discuss each of these components. WAN Core Switches Out-of-Band Management 226703 In-Band Management WAN Edge Routers WAN Distribution Switches Firewalls Branch Campus Devices Data Center Devices Admin VPN M Console Server Console Connectors NTP Server CS-MARS CS-ACS Console Server Console Connectors CSM NAC Manager Admin Host9-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices OOB Management Best Practices The OOB network segment hosts console servers, network management stations, AAA servers, analysis and correlation tools, NTP, FTP, syslog servers, network compliance management, and any other management and control services. A single OOB management network may serve all the enterprise network modules located at the headquarters. An OOB management network should be deployed using the following best practices: • Provide network isolation • Enforce access control • Prevent data traffic from transiting the management network The OOB management network is implemented at the headquarters using dedicated switches that are independent and physically disparate from the data network. The OOB management may also be logically implemented with isolated and segregated VLANs. Routers, switches, firewalls, IPS, and other network devices connect to the OOB network through dedicated management interfaces. The management subnet should operate under an address space that is completely separate from the rest of the production data network. This facilitates the enforcement of controls, such as making sure the management network is not advertised by any routing protocols. This also enables the production network devices to block any traffic from the management subnets that appears on the production network links. Devices being managed by the OOB management network at the headquarters connect to the management network using a dedicated management interface or a spare Ethernet interface configured as a management interface. The interface connecting to the management network should be a routing protocol passive-interface and the IP address assigned to the interface should not be advertised in the internal routing protocol used for the data network. Access-lists using inbound and outbound access-groups are applied to the management interface to only allow access to the management network from the IP address assigned to the management interface and, conversely, only allows access from the management network to that management interface address. In addition, only protocols that are needed for the management of these devices are permitted. These protocols could include SSH, NTP, FTP, SNMP, TACACS+, etc. Data traffic should never transit the devices using the connection to the management network. A sample configuration demonstrating the best practices for applying access-list on the management interface of a Cisco Catalyst switch is shown below: ! access-list to be applied inbound on the management interface access-list <ACL#1> permit icmp <MGMT-Subnet> <inverse-mask> host <MGMT-INT-ADDRESS> ttl-exceeded access-list <ACL#1> permit icmp <MGMT-Subnet> <inverse-mask> host <MGMT-INT-ADDRESS> port-unreachable access-list <ACL#1> permit icmp <MGMT-Subnet> <inverse-mask> host <MGMT-INT-ADDRESS> echo-reply access-list <ACL#1> permit icmp <MGMT-Subnet> <inverse-mask> host <MGMT-INT-ADDRESS> echo access-list <ACL#1> permit tcp host <TACACS+-SVR-1> eq tacacs host <MGMT-INT-ADDRESS> established access-list <ACL#1> permit tcp host <TACACS+-SVR-2> eq tacacs host <MGMT-INT-ADDRESS> established access-list <ACL#1> permit tcp host < TACACS+-SVR-1> host <MGMT-INT-ADDRESS> eq tacacs access-list <ACL#1> permit tcp host < TACACS+-SVR-2> host <MGMT-INT-ADDRESS> eq tacacs access-list <ACL#1> permit udp host <NTP-SVR-1> host <MGMT-INT-ADDRESS> eq ntp access-list <ACL#1> permit udp host <NTP-SVR-2> host <MGMT-INT-ADDRESS> eq ntp access-list <ACL#1> permit tcp <MGMT-Subnet> <inverse-mask> host <MGMT-INT-ADDRESS> eq 22 access-list <ACL#1> permit tcp host <FTP-SVR-1> eq ftp host <MGMT-INT-ADDRESS> gt 1023 established9-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices access-list <ACL#1> permit tcp host <FTP-SVR-1> eq ftp-data host <MGMT-INT-ADDRESS> gt 1023 access-list <ACL#1> permit tcp host <MGMT-Subnet> gt 1023 host <MGMT-INT-ADDRESS> gt 1023 established access-list <ACL#1> permit udp <MGMT-Subnet> <inverse-mask> gt 1023 host <MGMT-INT-ADDRESS> gt 1023 access-list <ACL#1> permit udp host <NAC-MGR-1> host <MGMT-INT-ADDRESS> eq snmp access-list <ACL#1> permit udp host <NAC-MGR-2> host <MGMT-INT-ADDRESS> eq snmp access-list <ACL#1> permit udp host <NAC-MGR-vIP> host <MGMT-INT-ADDRESS> eq snmp access-list <ACL#1> deny ip any any log ! access-list to be applied outbound on the management interface access-list <ACL#2> permit ip host <MGMT-INT-ADDRESS> <MGMT-Subnet> <inverse-mask> ! Apply inbound and outbound access-lists on management interface interface GigabitEthernet2/1 description Connection to the OOB Management network no switchport ip address <MGMT-INT-ADDRESS> <subnet-mask> ip access-group <ACL#1> in ip access-group <ACL#2> out Note An explicit deny entry with the log keyword is included at the end of the access-list applied on the inbound direction of the management interface. This triggers syslog events for traffic attempting to access the device over the management network which is not permitted. This will provide visibility into attacks and facilitate troubleshooting when needing to tune the access-list (e.g., identifying traffic which should be allowed). IB Management Best Practices IB management provides management of devices over the same physical and logical infrastructure as the data traffic. IB management is used for devices not located at the headquarters site and devices that do not have a dedicated management interface or spare interface to be used as a management interface. IB management network access should be deployed using the following best practices: • Enforce access control using firewalls • Classify and prioritize management traffic using QoS at remote sites • Provide network isolation using NAT • Enforce the use of encrypted, secure access, and reporting protocols Firewalls are implemented to secure the OOB management network hosting the management and monitoring servers from the rest of the network. The firewalls only allow access from the administrative IP addresses of the devices being managed IB and only for the necessary protocols and ports. The firewall is configured to allow protocols such as syslog, secure syslog, SSH, SSL, SNMP, NetFlow, IPSec and protocols needed for the NAC Server to communicate with the NAC Manager (if NAC Appliance is deployed) information into the management segment.9-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices In addition to providing access control for managing devices located at remote sites such as the branch sites, firewalls are recommended to protect the management network from certain devices located in the Internet Edge module. In the case of the Internet edge, any devices outside the edge firewalls deployed in the Internet edge should be protected by a firewall. Despite being deployed at the headquarters, the outer switches and border routers are located outside the edge firewall; therefore, their management connections should be placed in a separate and firewalled segment. This practice is key to contain and mitigate the compromise of any devices facing the Internet. Connecting the outer switches or the border routers directly to the OOB network and without a firewall is highly discouraged, as it would facilitate the bypass of the firewall protection. Figure 9-2 illustrates the OOB and IB management connections to the devices in the Internet edge module. Figure 9-2 Internet Edge Management Connectivity When deploying IB management for remote sites, it is critical that QoS is employed to accurately classify and prioritize control and management traffic to and from these sites. This will ensure continuing service availability and remote management even under adverse network conditions, such as high data rates and worm outbreaks. For more information on deploying QoS in the branch, refer to the “QoS in the Branch” section on page 8-9. Since the management subnet operates under an address space that is completely separate from the rest of the production network, all IB management access occurs through a NAT process on the firewall. Static NAT entries are used on the firewall to translate the non-routable management IP addresses to prespecified production IP ranges that are routed in the routing protocol on the data network. Internet Outer Switches Out-of-Band Management 226704 In-Band Management Internet Edge Border Routers Firewalls Core Switches Inner Switches M Console Server NTP Server CS-MARS CS-ACS Console Server CSM NAC Manager Admin Host9-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices The following sample ASA NAT configuration fragment illustrates the best practices for hiding the management subnet address from the production network: nat-control global (outside) 1 interface nat (inside) 1 <MGMT-Subnet> 255.255.255.0 ! create static NAT entry for MARS static (inside,outside) 10.242.50.99 <MARS-inside-MGMT-address> netmask 255.255.255.255 ! create a static NAT entry for ACS static (inside,outside) 10.242.50.94 <ACS-inside-MGMT-address> netmask 255.255.255.255 ! create a static NAT entry for CSM static (inside,outside) 10.242.50.95 <CSM-inside-MGMT-address> netmask 255.255.255.255 ! create a static NAT entry for Admin host static (inside,outside) 10.242.50.92 <Admin-svr-inside-MGMT-address> netmask 255.255.255.255 ! create a static NAT entry for FTP server static (inside,outside) 10.242.50.96 <FTP-svr-inside-MGMT-address> netmask 255.255.255.255 ! create a static NAT entry for NAC Manager static (inside,outside) 10.242.50.110 <NAC-MGR-inside-MGMT-address> netmask 255.255.255.255 Note Static NAT entries are used to translate addresses assigned to management servers inside management subnet range to addresses that are in the outside address range that are routed in the data network. In the above case, management inside addresses are translated to outside addresses within the 10.242.50.0 subnet range. The following sample inbound firewall policy fragment from the ASA firewall illustrates the best practices for only allowing needed IB access the management network through the firewall protecting OOB management network: ! Permit SDEE, syslog, secured syslog, NetFlow reporting, and SNMP traps to MARS access-list OBB-inbound extended permit tcp any host 10.242.50.99 eq https access-list OBB-inbound extended permit udp any host 10.242.50.99 eq snmptrap access-list OBB-inbound extended permit udp any host 10.242.50.99 eq syslog access-list OBB-inbound extended permit tcp any host 10.242.50.99 eq 1500 access-list OBB-inbound extended permit udp any host 10.242.50.99 eq 2055 ! permit TACACS+ to the ACS server for device authentication access-list OBB-inbound extended permit tcp any host 10.242.50.94 eq tacacs ! permit IPSec traffic to the firewall for remote VPN termination access-list OBB-inbound extended permit esp any host 10.242.50.1 access-list OBB-inbound extended permit udp any eq isakmp host 10.242.50.1 eq isakmp ! permit traffic from the NAC Server to the NAC Manager access-list OBB-inbound extended permit tcp host 10.240.10.36 host 10.242.50.110 eq https access-list OBB-inbound extended permit tcp host 10.240.10.36 host 10.242.50.110 eq 1099 access-list OBB-inbound extended permit tcp host 10.240.10.36 host 10.242.50.110 eq 8995 access-list OBB-inbound extended permit tcp host 10.240.10.36 host 10.242.50.110 eq 8996 ! permit traffic from the NAC Profiler to the NAC Manager access-list OBB-inbound extended permit tcp host 10.240.50.10 host 10.242.50.110 eq ssh ! Apply the inbound access policy to the outside interface access-group OBB-inbound in interface outside9-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices Remote Access to the Management Network Another recommended best practice for IB management is to configure the firewall protecting the OOB management network for client VPN termination for IB administrative access. This allows administrators at the campus and remote locations to connect to the OOB management networks to access the management servers over a secure VPN tunnel. The following are best practices for enabling VPN termination for remote management network connectivity: • Create a VPN address pool within the management segment subnet range • Create a NAT exception ACLs to prevent address translation for traffic going to the VPN pool addresses from the OOB management addresses • Enforce remote access authentication • Configure a VPN idle timeout to ensure VPN tunnels do not stay up indefinitely The following sample VPN configuration fragment on the ASA firewall illustrates these best practices. This example uses pre-shared keys and TACACS+ for authentication and 3DES for encryption. PKI and AES can also be used for stronger authentication and encryption: ! create VPN Pool of addresses from within the management subnet range ip local pool vpnpool <MGMT-subnet-address-pool> ! create NAT exception lists to prevent NAT to/from the VPN pool of addresses from OOB interface addresses access-list nonat extended permit ip <MGMT-Subnet> 255.255.255.0 <MGMT-subnet-address-pool> <VPN-Pool-subnet> ! assign the NAT exceptional ACL to the inside NAT configuration command nat (inside) 0 access-list nonat ! define crypto maps and assign to outside interface facing inband network crypto ipsec transform-set myset esp-3des esp-sha-hmac crypto dynamic-map rtpdynmap 20 set transform-set myset crypto map mymap 20 ipsec-isakmp dynamic rtpdynmap crypto map mymap interface outside crypto isakmp identity address crypto isakmp enable outside ! define isakmp policies crypto isakmp policy 10 authentication pre-share encryption 3des hash md5 group 2 lifetime 86400 crypto isakmp policy 65535 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 ! define group-policy group-policy clientgroup internal ! define VPN idle timeout group-policy clientgroup attributes vpn-idle-timeout 20 ! define tunnel attributes including VPN address pool and authentication type tunnel-group rtptacvpn type remote-access tunnel-group rtptacvpn ipsec-attributes pre-shared-key * tunnel-group rtpvpn type remote-access tunnel-group rtpvpn general-attributes9-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Deployment Best Practices address-pool vpnpool authentication-server-group tacacs-servers authorization-server-group LOCAL default-group-policy clientgroup tunnel-group rtpvpn ipsec-attributes pre-shared-key * Network Time Synchronization Design Best Practices Time synchronization using Network Time Protocol (NTP) for network and security devices is critical for network-wide security event analysis and correlation. Enabling NTP on all infrastructure components is a fundamental requirement. Time servers should be deployed at the headquarters on a secured network segment such as in the Management network module. Internal time servers will be synchronized with external time sources unless you have in-house atomic or GPS-based clock. The following best common practices should be considered when implementing NTP: • Deploy a hierarchical NTP design versus a flat design. Hierarchical designs are preferred because they are highly stable, scalable, and provide most consistency. A good way to design a hierarchical NTP network is by following the same structure as the routing architecture in place. • Use a common, single time zone across the entire infrastructure to facilitate the analysis and correlation of events. • Control which clients and peers can talk to an NTP server. • Enable NTP authentication. For devices being managed through the OOB management network at the headquarters, transporting NTP over the OOB network flattens and simplifies the design. In this scenario, all routers and switches may be configured as clients (non-time servers) with a client/server relationship with the internal time servers located within the OOB management network. These internal time servers are synchronized with external time sources. This design is illustrated in Figure 9-3. Figure 9-3 NTP Design Leveraging an OOB Management Network Branch offices are typically aggregated at one or more WAN edge routers that can be leveraged in the NTP design. Following the routing design, the WAN edge routers should be configured as time servers with a client/server relationship with the internal time servers, and the branch routers may be configured as clients (non-time servers) with a client/server relationship with the WAN edge routers. This design is depicted in Figure 9-4. IDS/IPS Routers Firewall NTP Server Switches NTP Clients External Time Source 2266619-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Infrastructure Security Best Practices Figure 9-4 NTP Design for the WAN Edge and Remote Offices Management Module Infrastructure Security Best Practices In addition to protecting the servers and services in the management module using a firewall, the Infrastructure devices also need to be protected. All routers, switches, firewalls, and terminal servers should be hardened following the best practices described in Chapter 2, “Network Foundation Protection.” The following are the key areas of the baseline security applicable to securing the access layer switches: • Infrastructure device access – Implement dedicated management interfaces to the OOB management network. – Limit the accessible ports and restrict the permitted communicators and the permitted methods of access. – Present legal notification. – Authenticate and authorize access using AAA. – Log and account for all access. – Protect locally stored sensitive data (such as local passwords) from viewing and copying. • Routing infrastructure – Authenticate routing neighbors. – Log neighbor changes. • Device resiliency and survivability – Disable unnecessary services. – Filter and rate-limit control-plane traffic. – Implement redundancy. • Network telemetry External Time Source NTP Server OOB Branch Routers NTP Clients Edge Routers NTP Servers with Redundancy 2266609-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Infrastructure Security Best Practices – Implement NTP to synchronize time to the same network clock. – Maintain and monitor device global and interface traffic statistics. – Maintain system status information (memory, CPU, and process). – Log and collect system status, traffic statistics, and device access information. • Network policy enforcement – Implement management and infrastructure ACLs (iACLs). Terminal Server Hardening Considerations In general, the same best practices described in Chapter 2, “Network Foundation Protection,” should be followed to harden the terminal servers. In addition to adopting these best practices for hardening the terminal servers, there are a few important considerations that should be noted. Typically, Telnet access to devices should be denied and a secure protocol such as SSH should be used. However, in the case of routers acting as terminal servers, console access to network, and security devices may require the use of reverse Telnet. Reverse access is also supported with SSH and it is highly recommended, though this feature may not be always available. Securing reverse access requires the hardening of the terminal (TTY) lines used to connect to the console ports of the managed network and security devices. Inbound ACLs should be applied to the TTY lines to restrict access to the console ports by permitting and denying access to the reverse SSH/Telnet ports as warranted. In addition, session timeout values should be implemented on the TTY lines to restrict connection from staying connected indefinitely. It is recommended that the timeout values match the corresponding timeout values configured on the console ports of the managed devices. In cases where the managed devices does not support console session timeout enforcement, the timeout values on the TTY lines can be used to enforce the session timeouts for the device. The following terminal server configuration fragment configures an inbound ACL on the TTY line to restrict access to reverse SSH/telnet ports 2001 through 2006 only from hosts in the management subnet. It also configures the session timeout values to 3 minutes. ! Configure extended ACL to permit access for reverse SSH/telnet ports 2001 thru 2006 access-list 113 permit tcp <MGMT-Subnet> <inverse-mask> any range 2001 2006 access-list 113 deny ip any any log ! line 1 16 ! Configure a session timeout of 3 minutes session-timeout 3 ! Apply inbound ACL to restrict access to only ports 2001 through 2006 from the Management Subnet access-class 113 in no exec ! Require users to authenticate to terminal server using AAA before accessing the connected console ports of managed devices login authentication authen-exec-list transport preferred none ! Enable SSH for reverse access to connected console ports transport input ssh ! Enable telnet for reverse telnet to connected console ports transport input telnet transport output none9-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Management Module Infrastructure Security Best Practices Firewall Hardening Best Practices The firewalls should be hardened in a similar fashion as the infrastructure routers and switches. The following measures should be taken to harden the firewalls: • Use HTTPS and SSH for device access • Configure AAA for role-based access control and logging. Use a local fallback account in case AAA server is unreachable. • Use NTP to synchronize the time • Authenticate routing neighbors and log neighbor changes Management access to the firewalls should be restricted to SSH and HTTPS. SSH is needed for CLI access and HTTPS is needed for the firewall GUI-based management tools such as CSM and ADSM. Additionally, this access should only be permitted for users authorized to access the firewalls for management purposes. The following ASA configuration fragment illustrates the configuration needed to generate a 768 RSA key pair and enabling SSH and HTTPS access for devices located in the management subnet. Note CS-MARS requires a minimum modulus size of 768 bits or greater. ! Generate RSA key pair with a key modulus of 768 bits crypto key generate rsa modulus 768 ! Save the RSA keys to persistent flah memory write memory ! enable HTTPS http server enable ! restrict HTTPS access to the firewall to CSM on the inside interface http <CSM-IP-address> 255.255.255.255 inside ! restrict SSH access to the firewall from the Admin management server located in the management segment on the inside interface ssh <admin-host-IP-address> 255.255.255.255 inside ! Configure a timeout value for SSH access to 5 minutes ssh timeout 5 Note SSH and HTTPS access would typically be restricted to a dedicated management interface over an OOB management network. However, since the firewall protecting the management module connects to the OOB network via its inside interface, a dedicated management interface is not used in this case. Users accessing the firewalls for management are authenticated, authorized, and access is logged using AAA. The following ASA configuration fragment illustrates the AAA configurations needed to authenticate, authorize, and log user access to the firewall: aaa-server tacacs-servers protocol tacacs+ reactivation-mode timed aaa-server tacacs-servers host <ACS-Server> key <secure-key> aaa authentication ssh console tacacs-servers LOCAL aaa authentication serial console tacacs-servers LOCAL aaa authentication enable console tacacs-servers LOCAL aaa authentication http console tacacs-servers LOCAL aaa authorization command tacacs-servers LOCAL aaa accounting ssh console tacacs-servers9-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Threats Mitigated in the Management aaa accounting serial console tacacs-servers aaa accounting command tacacs-servers aaa accounting enable console tacacs-servers aaa authorization exec authentication-server ! define local username and password for local authentication fallback username admin password <secure-password> encrypted privilege 15 The routing protocol running between the OOB firewall and the core should be secured. The following ASA configuration fragment illustrates the use of EIGRP MD5 authentication to authenticate the peering session between the outside firewall interface and the core routers: interface GigabitEthernet0/0 nameif outside security-level 0 ip address 10.242.50.1 255.255.255.0 authentication key eigrp 1 <strong-key> key-id 10 authentication mode eigrp 1 md5 As with the other infrastructure devices in the network, it is important to synchronize the time on the firewall protecting the management module using NTP. The following configuration fragment illustrates the NTP configuration needed on an ASA to enable NTP to an NTP server located behind the inside interface: ntp authentication-key 10 md5 * ntp authenticate ntp trusted-key 10 ntp server <NTP-Server-address> source inside Threats Mitigated in the Management Ta b l e 9-1 Management Threat Mitigation Features Unauthorized Access DoS, DDoS MITM Attacks Privilege Access Intrusions Password Attacks IP Spoofing Visibility Control Firewall Yes Yes Yes Yes Yes Yes AAA Yes Yes Yes Yes Yes Yes OOB Network Yes Yes Yes Yes Yes Yes VPN Yes Yes Yes Yes Yes SSH Yes Yes Yes Yes Yes Strong Password Policy Yes Yes Yes Yes Yes Yes Management ACLS Yes Yes Yes Yes Yes iACLs Yes Yes Yes Yes Yes Yes9-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Threats Mitigated in the Management NetFlow, Syslog Yes Router Neighbor Authenticatio n Yes Table 9-1 Management Threat Mitigation Features (continued)9-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 9 Management Threats Mitigated in the ManagementC H A P T E R 10-1 Cisco SAFE Reference Guide OL-19523-01 10 Monitoring, Analysis, and Correlation The Cisco SAFE defense-in-depth approach results in the implementation of multiple layers security safeguards throughout the network, and the leverage of the network infrastructure as a security tool. Different forms of network telemetry present on each safeguard are leveraged to obtain a consistent and accurate view of the network activity. Logging and event information generated by routers, switches, firewalls, intrusion prevention systems, and endpoint protection software are globally collected, trended, and correlated using CS-MARS. Given the complexity of today’s network environments, without central correlation and analysis capabilities troubleshooting and identifying security incidents and threats in the network would require hours if not days. The Cisco SAFE design blueprints leverage CS-MARS to quickly identify and react to threats before they affect the rest of the network. CS-MARS allows for infrastructure-wide security intelligence and collaboration, enabling the designs to effectively: • Identify threats—Collecting, trending, and correlating logging, flow, and event information help identify the presence of security threats, compromises, and data leak. • Confirm compromises—By being able to track an attack as it transits the network, and by having visibility on the endpoints, the architecture can confirm the success or failure of an attack. • Reduce false positives—Endpoint and system visibility help identify whether a target is in fact vulnerable to a given attack. • Reduce volume of event information—Event correlation dramatically reduces the number of events, saving security operator’s precious time and allowing them to focus on what is most important. • Determine the severity of an incident—The enhanced endpoint and network visibility allows the architecture to dynamically increase or reduce the severity level of an incident according to the degree of vulnerability of the target and the context of the attack. • Reduce response times—Having visibility over the entire network makes it possible to determine attack paths and identify the best places to enforce mitigation actions.10-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Key Concepts Key Concepts CS-MARS analysis and correlation is based on the processing of event and log information provided by the various reporting and mitigation devices. In Cisco SAFE blueprints, reporting and mitigation devices include Cisco ASA security appliances, Cisco IOS routers and switches, Cisco IPS appliances and modules, Cisco Security Agent Management Console (CSA-MC), and Cisco Secure Access Control Server (CS-ACS). This is illustrated in Figure 10-1 below. CS-MARS also has the ability to leverage non-Cisco products. The list of Cisco and non-Cisco supported products can be found at the following URL: http://www.cisco.com/en/US/products/ps6241/products_device_support_tables_list.html Figure 10-1 Event Monitoring, Analysis and Correlation One important concept is that event information generated by the reporting devices is collected by CS-MARS in two different ways: it is either push to CS-MARS from the device, or is pulled by CS-MARS from the device. The collection type depends on the characteristics of the reporting device such as the access protocols supported and the configuration choices. These and other important concepts are explained next. Note CS-MARS implements a customer parser that can be used to add support to unsupported applications or systems. The parser uses regular expressions to interpret Simple Network Management Protocol (SNMP) and syslog messages, and to map them into CS-MARS known message types. M IP Internet Campus Core Internet Edge SNMP syslog SDEE SSH, NetFlow, syslog, SNMP SSH, syslog, SNMP SDEE SSH, NetFlow SDEE SSH, NetFlow, SNMP Tacacs CS-MARS CS-ACS CS-MC 22670510-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Key Concepts Access and Reporting IP address As some reporting and mitigation devices may have multiple interfaces and IP addresses, CS-MARS allows the configuration of separate IP addresses for the collection of event information that is either pulled by or push to CS-MARS. To that end, when adding a reporting or mitigation device in the web interface, the user may specify an access IP address and a reporting IP address. For devices with a single IP address, both access and reporting IP addresses should be configured as the same. The access IP address is used by CS-MARS to either connect to the device with a remote administrative session or connect to a remote server on which a file containing the device's configuration is stored. In contrast, CS-MARS uses the reporting IP address to associate received messages with the correct device. The reporting IP is the source IP address of event messages, logs, notifications, or traps that originate from the device. The fundamental difference between the two types of IP addresses is that the reporting IP address is treated passively by CS-MARS. CS-MARS does not query the device using this address; such operations are performed using the access IP address. If following the best practices discussed in the “Infrastructure Device Access Best Practices” section on page 2-2, the reporting and mitigation devices should not grant access to CS-MARS unless the appliance is configured as a trusted system from which administrative access should be allowed. At the same time, the devices should be configured to treat the CS-MARS appliance as a trusted destination for log, event, and trap information. Note Only one reporting IP address is accepted per device. In order for CS-MARS to parse and correlate events properly, all message types (NetFlow, syslog, etc) originating from the same device should come from a common source IP address. If messages do not originate from a common IP address, one of the message types is seen as coming from an unreported device, affecting correlation. In the case of Cisco IOS devices, ensure that services such as NetFlow and syslog are bounded to the same IP address. Access Protocols The access type refers to the administrative protocol that CS-MARS uses to access a reporting device or mitigation device. For most devices monitored by CS-MARS, you can choose from among the following four administrative access protocols: • SNMP—Provides administrative access to the device using a secured connection. It allows for the discovery of the settings using SNMPwalk, such as routes, connected networks, Address Resolution Protocol (ARP) tables, and address translations. If granted read-write access, SNMP also allows for mitigation on any Layer-2 devices that support MIB2. Note CS-MARS uses SNMP v1 to perform device discovery. If CS-MARS is unable to discover a device and you are confident that the configuration settings are correct, verify that the device is not expecting the authentication from CS-MARS to occur over an encrypted channel. • Telnet—Provides full administrative access to the device using an unsecured connection. It allows for the discovery of the settings, such as routes, connected networks, ARP tables, and address translations. It also allows for mitigation on Layer-2 devices. • Secure Shell (SSH)—Provides full administrative access to the device using a secured connection. It allows for the discovery of the settings, such as routes, connected networks, ARP tables, and address translations. It also allows for mitigation on Layer-2 devices. This access method is recommended for mitigation device support; however, Telnet access can achieve the same results.10-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Key Concepts Note Device discovery based on an SSH connection does not support 512-byte keys. The OpenSSH client (OpenSSH_3.1p1) used by CS-MARS does not support a modulus size smaller than 768. • Trivial File Transfer Protocol (TFTP)—Allows passive discovery of settings by providing CS-MARS access to a file copy of the configuration running on the router. FTP does not support mitigation, DTM, or discovery of dynamic settings, such as Network Address Translation (NAT) and ARP tables. In addition, if the FTP access type for device types is selected, such as Cisco ASA and Firewall Service Module (FWSM), you can only discover settings for the admin context. This access method is the least preferred and most limited access method. To enable configuration discovery using FTP access, you must place a copy the device's configuration file on an FTP server to which the CS-MARS appliance has access. This FTP server must have user authentication enabled. Reporting Protocols CS-MARS leverages a variety of reporting protocols for the reception of event information. Depending on the platform, the following options may be available: • Syslog—System logging (syslog) may be used to provide information on session activity (setup, teardown, and deny), NAT transactions, resource usage, and system status. • SNMP—SNMP traps may used to send CS-MARS information indicating session activity (setup, teardown, and deny), NAT transactions, resource usage, and system status. • NetFlow—NetFlow data is used to profile the network usage, detect statistically significant anomalous behavior, and to correlate anomalous behavior. NetFlow security event logging (NSEL) provides information on session activity (setup, teardown, and deny) and NAT transactions. • Security Device Event Exchange (SDEE)— SDEE is a protocol developed by a consortium led by Cisco and designed for the secure exchange of network event information. Cisco IPS appliances and modules, and Cisco IOS IPS use SDEE to communicate security events. At the same time, CS-MARS leverages SDEE to pull configuration information, logs, and other information from Cisco IPS appliances and modules. Events, Sessions and Incidents To facilitate the analysis of security incidents, CS-MARS interprets each security incident as a collection of sessions, each one composed by one or more security events: • Events—An event refers to a single alarm or message pushed to CS-MARS by the monitoring reporting devices (syslogs, SNMP traps) or pulled by CS-MARS, the monitoring reporting devices (IPS alerts, Windows log, etc) • Sessions—A set of messages (events) that are correlated by the CS-MARS across NAT boundaries. • Incidents—A set of sessions that match defined inspection rules. Rules are either included in the CS-MARS system or defined by the administrator. An incident is a chain of correlated events that describe an attack scenario. Some examples of incidents are as follows: – Reconnaissance activity followed by a penetration attempt, and further, followed by malicious activity on the target host. – Reconnaissance activity followed by denial-of-service (DoS) attempt.10-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities CS-MARS Monitoring and Mitigation Device Capabilities This section explains the access protocols and mitigation capabilities supported by the platforms in the Cisco SAFE designs. Cisco IPS CS-MARS extracts the logs from Cisco IPS 5.x and 6.x devices and modules using SDEE. SDEE communications are secured with Secure Sockets Layer/Transport Layer Security (SSL/TLS). Therefore, CS-MARS must have HTTPS access to the Cisco IPS sensor. This requires configuration of the Cisco IPS sensor as well as CS-MARS. To allow access, HTTPS access must be enabled on the Cisco IPS sensor, and the IP address of CS-MARS must be defined as an allowed host, one that can access the sensor to pull events. In addition, an administrative account to be used by CS-MARS should be configured locally on the Cisco IPS sensor. As a best practice, this account should be set with a user role of viewer to ensure only the minimum necessary access privileges are granted. This account should not be used for any other purposes. Event Data Collected from Cisco IPS There three types of event data that CS-MARS may extract from a Cisco IPS sensor: • Event alerts—Alarm messages generated every time the Cisco IPS sensor identifies a match to a signature. Information contained in the event alerts include signature ID, version and description, severity, time, source and destination ports and IP addresses of the packets that triggered the event. • Trigger packet data—Information of the first data packet that triggered a signature. This information is useful for a deeper analysis and to help diagnose the nature of an attack. The trigger packet data helps to visualize the data that was transmitted the instant the alarm was triggered. Trigger packet data is available for those signatures configured with the "produce-verbose-alert" action • Packet data (IP logging)—IP packet log, by default contains 30 seconds of packet data. This information is useful for a much deeper analysis. The IP packet log provides a view of the packets transmitted during and instants after the signature was triggered. IP packet logging is available for signatures configured with the produce-verbose-alert action and the log-pair-packets action. In addition, the pull IP logs option should be enabled for the Cisco IPS sensor under Admin > System Setup > Security and Monitor Devices. Note that, while trigger packet data and IP logging provide valuable information for the analysis of security incidents, configuring IP logging and verbose alerts on the sensor is system-intensive and does affect the performance of the sensor. In addition, it affects the performance of the CS-MARS appliance. Because of these effects, be cautious in configuring signatures to generate IP logs. Verify that CS-MARS Pulls Events from a Cisco IPS Device The first step for verifying if CS-MARS can pull events from a Cisco IPS sensor is to confirm both are able to communicate. To that end, select the test connectivity option under the Cisco IPS device configuration (Admin > System Setup > Security and Monitor Devices). A “Connectivity Successful” message indicates both systems are able to communicate. The second step is to perform an action to knowingly trigger a signature on the Cisco IPS sensor. As an example, type the following URL on a browser, replacing x.x.x.x by the IP address or hostname of a web server located on a subnet monitored by the Cisco IPS sensor.10-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities http://x.x.x.x/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\ This action should be interpreted as a WWW IIS unicode directory traversal attack, triggering Cisco IPS signatures numbers 5114 and 5081. The event shown in Figure 10-2 should be seen at the incidents page. Figure 10-2 Security Incident IPS Signature Dynamic Update Settings In Release 6.0 and later, Cisco IPS supports dynamic signature updates. CS-MARS can discover the new signatures and correctly process and categorize received events that match those signatures. If this feature is not configured, the events appear as unknown event type in queries and reports, and CS-MARS does not include these events in inspection rules. These updates provide event normalization and event group mapping, and they enable CS-MARS appliance to parse day-zero signatures from the IPS devices. The downloaded update information is an XML file that contains the IPS signatures. However, this file does not contain detailed information, such as vulnerability information. Detailed signature information is provided in later CS-MARS signature upgrade packages just as with third-party signatures. The screenshot in Figure 10-3 shows the configuration of dynamic IPS signature updates.10-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Figure 10-3 PS Signature Dynamic Update Cisco ASA Security Appliance CS-MARS requires administrative access to be able to discover the Cisco ASA firewall configuration settings. Administrative access is possible via Telnet (not recommended) or SSH. The following data is learned by CS-MARS as a result of the discovery operation: • Route and ARP tables, which aid in network discovery and MAC address mapping. • NAT and PAT translation tables, which aid in address resolution and attack path analysis, exposing the real instigator of attacks. • OS Settings, from which CS-MARS determines the correct ACLs to block detected attacks, which paste into a management session with the Cisco firewall device. In order to access the device, the Telnet/SSH access rules on the Cisco ASA firewall need to be configured to grant access to the IP address of the CS-MARS appliance. Administrative access also requires the use of an administrative account. The best practice is to use AAA and use a separate user account dedicated for this sort of access. It is also recommended to define a local account on the Cisco ASA for fallback access in case the AAA service is unavailable. Note that CS-MARS device configuration only allows the definition of a single set of username and password credentials. Therefore, fallback access will not succeed unless the local account is maintained up-to-date with the same credentials as the ones configured on CS-MARS. In the case of SSH access, keys should be generated with a minimum modulus size of 768. On Cisco ASA appliances configured with multiple contexts, it is important to discover each one of the contexts. Failing to do so affects the ability of CS-MARS to adequately learn the network topology. Virtual contexts should be identified by CS-MARS automatically after the initial discovery of the Cisco ASA appliance. Then, the reporting and access information of each context needs to be provided individually.10-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Event Data Collected from Cisco ASA The following information may be collected by CS-MARS from a Cisco ASA security appliance: • Resource usage—Using SNMP read-only access, CS-MARS may monitor the device’s CPU and memory usage, network usage, and device anomaly data. SNMP read-only access is also used to discover device and network settings. SNMP access requires the definition of an access IP address for the monitored device. • Accept/deny logs—Syslog/SNMP trap information indicating session setup, teardown and deny, as well as NAT translations. This information is useful for false-positive analysis. CS-MARS support SNMPv1. • NetFlow security event logging (NSEL)—Available on software Version 8.1 for ASA5580 and Version 8.2 for other ASA platforms, provides the same type of information as syslog but more efficiently, saving CPU cycles on both the Cisco ASA appliance and CS-MARS. Both connection information and NAT translation data are combined in the same NSEL records, reducing the overall number of records exported compared to syslog. Cisco ASA appliances should take advantage of NSLE for higher efficiency and scalability. NSEL requires the configuration of CS-MARS as a NetFlow collector on the Cisco ASA appliance. There are some system status and other messages that are logged with syslog and not with NSEL. The Cisco ASA appliance can be configured to disable the logging of any redundant messages generated by syslog and NSLE. This is done by configuring the logging flow-export-syslogs disable command on the Cisco ASA appliance. Table 10-1 lists the disabled syslog messages Note To be able to query events triggered with NetFlow, CS-MARS needs to be configured to always store ASA NetFlow security event logs. Note that this may have an impact on the CS-MARS performance. Ta b l e 10-1 Syslog Messages Syslog Message Description Severity Level 106015 A TCP flow was denied because the first packet was not a SYN packet. Informational (6) 106023 A flow that is denied by an ingress ACL or an egress ACL that is attached to an interface through the access-group command. Warning ( 4) 106100 A flow that is permitted or denied by an ACL. Warning ( 4) 302013 and 302014 A TCP connection and deletion. Informational (6) 302015 and 302016 A UDP connection and deletion. Informational (6) 302017 and 302018 A GRE connection and deletion. Informational (6) 302020 and 302021 An ICMP connection and deletion. Informational (6) 313001 An ICMP packet to the security appliance was denied. Error (3) 313008 An ICMPv6 packet to the security appliance was denied. Error (3) 710003 An attempt to connect to the security appliance was denied. Error (3)10-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Note When monitoring a failover pair of Cisco firewall devices (PIX or ASA), designate the primary Cisco firewall device as the device to be monitored. If failover occurs, the secondary device assumes the IP address of the primary, which ensures that session correlation is maintained after the failover. The same focus on the primary is true for performing any bootstrap operations. The secondary device will synchronize with the configuration settings of the primary. Verify that CS-MARS Pulls Events from a Cisco ASA Security Appliance The first step is to ensure CS-MARS is able to communicate with the Cisco ASA Security appliance. This can be verified by forcing a device discovery. Discovery is triggered under the Cisco ASA device configuration (Admin > System Setup > Security and Monitor Devices). An easy way to verify CS-MARS is receiving events from the Cisco ASA appliance is to generate packets or connections expected to be blocked by the firewall’s policies. That should trigger “Denied TCP/UDP request to Firewall” message as shown in Figure 10-4. Figure 10-4 Denied TCP/UDP Request Cisco IOS CS-MARS requires administrative access to be able to discover routers and switches running Cisco IOS software. Administrative access is possible via Telnet (not recommended), SNMP or SSH (most recommended). In order to access the device, Telnet/SSH access needs to be allowed to the IP address of the CS-MARS appliance. In the case of SSH access, keys should be generated with a minimum modulus size of 768. Administrative access also requires the use of an administrative account. The best practice is to use AAA and use a separate user account dedicated for this sort of access. It is also recommended to define a local account on the Cisco ASA for fallback access in case the AAA service is unavailable. Note that CS-MARS device configuration only allows the definition of a single set of username and password credentials. Therefore fallback access will not succeed unless the local account is maintained up-to-date with the same credentials as the ones configured on CS-MARS. Event Data Collected from a Cisco IOS Router or Switch The following information may be collected by CS-MARS from a Cisco router or switch running Cisco IOS software: • Resource usage—Using SNMP read-only access, CS-MARS may monitor the device’s CPU and memory usage, network usage, and device anomaly data. SNMP read-only access is also used to discover device and network settings. SNMP access requires the definition of an access IP address for the monitored device. CS-MARS supports SNMPv1. • Syslog messages—The syslog messages provide information about activities on the network, including accepted and rejected sessions. This information is useful for false-positive analysis. 10-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities • NetFlow—CS-MARS can leverage NetFlow Versions 1, 5, 7, and 9 data to profile the network usage, to detect statistically significant anomalous behavior, and to correlate anomalous behavior to events generated by other reporting systems. • SDEE—CS-MARS uses SDEE to capture security event, logs, and configuration information from Cisco IOS devices configured with Cisco IOS IPS. The collection of NetFlow records allows CS-MARS to leverage the routing and switching infrastructure for detecting anomalous behavior such as DDoS attacks and worm propagation. NetFlow information is also leveraged for the computation of the Top N Reports (i.e., top destination ports, top sources, etc). In order to identify traffic anomalies, CS-MARS computes a baseline of connection rates per flows. The baseline starts to be computed as soon as NetFlow collection is configured on CS-MARS. After enough flow information is collected over the course of roughly one week, CS-MARS switches into anomaly detection mode where it looks for statistically significant behavior (i.e., the current connection rate exceeds the mean by two to three times the standard deviation). CS-MARS continues to readjust the baseline as it learns new traffic. After detecting an anomaly, CS-MARS starts to dynamically store the full NetFlow records for the anomalous traffic, allowing the identification of useful contextual information including source and destination IP addresses, and destination ports. Verify that CS-MARS Pulls Events from a Cisco IOS Device The first step is to ensure CS-MARS is able to communicate with the Cisco IOS device. This can be verified by forcing a device discovery. Discovery is triggered under the Cisco IOS device configuration (Admin > System Setup > Security and Monitor Devices). For syslog and SNMP traps, an easy way to verify CS-MARS is receiving events from the Cisco IOS device is to generate packets or connections expected to be blocked by an existing ACLs. A simple way to verify if the CS-MARS appliance is receiving NetFlow records, is to open an SSH session into the appliance and run a tcpdump port 2055 command. The tcpdump command will show the details of NetFlow records exchanged over UDP/2055. The following is an example: [pnadmin]$ tcpdump port 2055 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 07:42:08.836748 IP sfx13asa5580-1.cisco.com.260 > pnmars.2055: UDP, length 332 07:42:08.887558 IP sfx13asa5580-1.cisco.com.260 > pnmars.2055: UDP, length 176 07:42:21.946359 IP dca-core1.cisco.com.65532 > pnmars.2055: UDP, length 72 07:42:22.825689 IP sfx13asa5580-1.cisco.com.260 > pnmars.2055: UDP, length 176 07:42:22.877774 IP sfx13asa5580-1.cisco.com.260 > pnmars.2055: UDP, length 332 In case CS-MARS is configured to store NetFlow records, they can be viewed by running a query matching event raw messages. This is done in the web interface under Query/Reports>Query. Cisco Security Agent (CSA) To enable CSA as a reporting system in CS-MARS, you must identify the CSA-MC as the reporting device. The CSA-MC receives alerts from the CSA agents that it monitors, and it forwards those alerts to CS-MARS as SNMP notifications. When CS-MARS receives the SNMP notification, the source IP address in the notification is that of the CSA agent that originally triggered the event, rather than the CSA-MC that forwarded it. Therefore, CS-MARS requires host definitions for each of the CSA agents that can potentially trigger an event. These definitions are added as sub-components under the device definition of the CSA-MC.10-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities As of CS-MARS, Release 4.1.1, the CS-MARS appliance discovers CSA agents as they generate alerts, eliminating the need for manual configuration. CS-MARS parses the alert to identify the CSA agent hostname and to discover the host operating system (OS). CS-MARS uses this information to add any undefined agents as children of the CSA-MC as a host with either the generic Windows (all Windows) or generic (Unix or Linux) OS value. It is still required to configure CSA-MC as a reporting system in CS-MARS web interface. Note The first SNMP notification from an unknown CSA agent appears to originate from the CSA-MC. CS-MARS parses this notification and defines a child agent of the CSA-MC using the discovered settings. Once the agent is defined, all subsequent messages appear to originate from the CSA agent. Configuration of CSA-MC requires the definition of CS-MARS as SNMP-trap destination. This is done under Events> Alerts, add new alert configuration, set SNMP host and community. Note that currently CS-MARS supports SNMPv1. See Figure 10-5. Figure 10-5 CSA-MC Configuration Configuration on CS-MARS requires adding CSA-MC as a reporting device. This is done in CS-MARS web interface by clicking Add under Admin> Security and Monitor Devices, and by selecting Add SW Security apps on a new host as device type. Configuration also requires selecting the appropriate CSA version as the reporting application and setting the reporting and access IP addresses. See Figure 10-6 and Figure 10-7.10-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Figure 10-6 Adding Reporting Application to CS-MARS 10-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Figure 10-7 Adding Cisco CS-MC Verify that CS-MARS Receives Events from CSA The simplest way to verify if CS-MARS receives events from the CSA is to verify if clients are being dynamically added as reporting devices. This can be seen in CS-MARS web interface, under Admin > System Setup > Security and Monitor Devices. See Figure 10-8. Figure 10-8 CSA Agents10-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Cisco Secure ACS Cisco Secure ACS sever and the ACS Solutions Engine (SE) can be configured to forward CS-MARS syslog messages to notify AAA activity such as successful authentication attempts, failed authentication attempts, TACACST+ , and RADIUS accounting. To that end, configure CS-ACS to forward the desired syslog events to CS-MARS. This is configured on CS-ACS web interface, under System configuration> Logging. The following are some examples: • PassedAuth—Cisco ACS passed authentications. • FailedAuth—Cisco ACS failed attempts. • RADIUSAcc—Cisco ACS RADIUS accounting. • TACACSAcc—Cisco ACS TACACS+ accounting. • TACACSAdmin—Cisco ACS TACACS+ administration. Use a maximum message length of 500 bytes, which is required for CS-MARS. The screenshot in Figure 10-9 illustrates CS-ACS configuration. Figure 10-9 CS-ACS Configuration On the CS-MARS, the Cisco Secure ACS server needs to be added as a reporting device. This requires adding a new device in CS-MARS web interface and selecting Add SW Security apps on a new host and then choosing the appropriate version of CS-ACS as a reporting applications. This is illustrated in Figure 10-10 and Figure 10-11.10-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Figure 10-10 Adding CS-ACS10-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Monitoring and Mitigation Device Capabilities Figure 10-11 Adding CS-ACS as a Reporting Application Verify that CS-MARS Receives Events from CS-ACS An easy way to verify if CS-MARS receives events from CS-ACS is to generate an incident by failing access attempts to a device running AAA. Failed AAA authentication events should be found at the incidents page on CS-MARS. See Figure 10-12. Figure 10-12 Failed AAA Authentication10-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Design Considerations CS-MARS Design Considerations Global/Local Architecture While CS-MARS can be deployed as standalone appliances, environments with high levels of activity typically mandate the use of multiple appliances. There are two approaches that can be followed when implementing multiple CS-MARS appliances in the network—use them as standalone devices or, more preferably, leverage them as distributed systems managed by a global controller in a hierarchical design. Using a global controller has the following advantages: • It provides global visibility to the entire network. • It enables linear scalability using a multi-layer hierarchy. • It allows for departmental/regional administration • It preserves bandwidth on WAN links. Figure 10-13 illustrates CS-MARS hierarchical deployment. Figure 10-13 CS-MARS Hierarchical Deployment In a hierarchical deployment, multiple local controllers are deployed at different network locations. Each local controller is responsible for receiving and pulling event data from the reporting devices at its location. The local controller is also responsible of summarizing the information about the health of the network. The local controller performs the following functions: • Collects all raw events • Sessionizes events across different devices • Fires inspection rules for incidents • Determines false positives • Delivers consolidated information in diagrams, charts, queries, reports, and notifications • Detects inactive reporting devices Global Controller Local Controller Local Controller Branch Branch Branch Headquarters 22671710-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation CS-MARS Design Considerations The global controller appliance is responsible for summarizing the findings of the local controllers, and centralizing all reporting generated by the local controllers, providing a single aggregated view of the network health. In addition, the global controller provides a single user interface for managing all local controllers under its control. This includes centralized management for defining new device types, inspection rules, and queries. Global controller capabilities include: • Aggregation of reports across the local controller (LC) deployment • Defining rules, reports and user accounts for local controllers Note Configuration of LC is done locally on the individual LC appliance. • Remote, distributed upgrade of the LCs CS-MARS Location CS-MARS stores sensitive topological and configuration information, and it is one the key elements for system-wide intelligence and collaboration. For this reason, CS-MARS needs to be placed in secured environment. Cisco SAFE design places CS-MARS in the NOC/Management segment. The NOC/Management segment is protected with the use of an IDS and an ASA security appliance, and access from the network is controlled and restricted to the necessary services and systems. Environments requiring the implementation of multiple CS-MARS appliances should follow the same approach, placing them in a secure segment and ensuring the security of their communication channels. CS-MARS Sizing When planning a deployment, you must consider the ability of a CS- MARS appliance to process the traffic expected from reporting devices on your network. Which models to purchase and where to place them on the network depends on the anticipated, sustained events per second (EPS) and NetFlow flows per second (FPS) predicted for that network or segment. The following are the key considerations for deployment: • Number of sites CS-MARS supports—The available bandwidth at hub and remote office, plus the number and type of reporting devices provide an idea of the anticipated volume and rate of event data. It also helps determine if the bandwidth available is sufficient. • Requirements for high availability—Some CS-MARS models include RAID arrays and redundant power supplies. • Expected events per second—CS-MARS appliance models vary in their capacity of how many events can be handled per second. • Online storage capacity needed—Depending on the database size anticipated. For more information on CS-MARS models, refer to the CS-MARS User documentation. http://www.cisco.com/en/US/products/ps6241/tsd_products_support_configure.html10-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Deployment Best Practices Deployment Best Practices Network Foundation Protection (NTP) When implementing network telemetry, it is important that dates and times are both accurate and synchronized across all network infrastructure devices. Without time synchronization, CS-MARS may not be able to correlate the different sources of telemetry properly. For this reason is fundamental that CS-MARS and all its reporting and mitigation devices are synchronized with NTP. When deploying a single, centralized CS-MARS appliance the best practice is to configure all reporting and mitigation devices under the same time-zone. When using a hierarchical design, each local controller may be placed into a different time-zone. The global controller is capable of offsetting the time-zone differences. NTP deployment best practices are covered in Chapter 2, “Network Foundation Protection.” Monitoring and Mitigation Device Selection As discussed earlier, multiple access and reporting mechanisms may be available for the same device, and in some cases they may provide the same event information. At the same time, in most places in the network, the same monitoring or mitigation functions may be implemented on different platforms. Certainly, enabling all access and reporting mechanisms on all network devices is usually unnecessary, and most likely results in duplicate information, wasting and potentially exhausting precious CS-MARS resources. For this reason, CS-MARS deployment needs to be carefully planned. Part of this planning should include the identification of the best devices for monitoring and mitigation purposes. Planning should also identify the most appropriate access and monitoring mechanisms to be enabled on each one of selected devices. Factors such as the topological location, processing capacity, and supported access and mitigation methods should be considered. The following are general recommendations of CS-MARS deployment for Cisco SAFE designs. Cisco IPS CS-MARS communicates with Cisco IPS appliances and modules using SDEE. The following are the recommendations: • Add all Cisco IPS appliances and modules to CS-MARS. • If available, the administrative interface of the Cisco IPS sensor or module should connect to the OOB management network or over a secured segment. • Limit the address of all hosts or network that have permission to gain administrative access to the sensor. Add the IP address of CS-MARS as a trusted host. • Define a local administrative account to be used for CS-MARS access only. Specify the account viewer access, which is the minimum level required for the device to be discovered.10-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Deployment Best Practices Cisco ASA Cisco ASA supports different access and reporting mechanisms. Which ones to use depend on several factors such as the model of Cisco ASA. The following are the recommendations for all Cisco ASA appliances: • For maximum visibility, all Cisco ASA devices should be added to CS-MARS. • If available, connect the management interface of the Cisco ASA appliance to the OOB management network or over a secured segment. • Configure SSH access to be used by CS-MARS discovery. Limit the address of all hosts or network that have permission to gain administrative access to the appliance. Make sure the IP address of CS-MARS is added to the SSH access list. Remember to use modulus size of 768 at a minimum when creating the RSA key pair. • Define an AAA administrative account and a local account to be used for CS-MARS access only. Specify the accounts privilege access level 15. The local account is to be used as a fallback in case AAA is not available. Ensure at all times the credentials of both accounts are synchronized with the device configuration in CS-MARS. • Configure SNMP read-only access for the monitoring of system resources. Enforce an ACL to limit access to trusted systems. Make sure to add the IP address of CS-MARS as a trusted host. Use a strong community name. • Enable system logging (syslog) with an informational security level. A severity level of informational is sufficient to capture session setups, teardowns, packet denies, and NAT transactions. A severity level of debugging may be rarely required, for example in case HTPP and FTP logs are needed (see note below). It is also a good practice to limit the rate at which system log messages are generated in high activity environments. This is done with the logging rate-limit command. Cisco ASA devices monitored in-band should also be configured with secure logging (SSL/TLS-based). Note When enabling trap debugging, the debug messages contain the HTTP URL address information. Therefore, in CS-MARS you can create keyword-based rules matching against the firewall message itself. For example, if the debug messages are enabled and users were logging to http://mail.cisco.com, you could create keyword-based rules that matched against mail.cisco.com. The following are the recommendations for Cisco ASA5580 appliances running software Version 8.1(1) or later, and for all other Cisco ASA platforms running Version 8.2(1) or later: • Enable NSEL for the reporting of session activity (setup, teardown, and deny) and NAT transactions. • Configure the logging flow-export-syslogs disable command to ensure no duplicate messages are sent to CS-MARS. The following is an example of configuration for a Cisco ASA5580 running software Version 8.1(1). Note that x.x.x.x is the IP address of the CS-MARS appliance. ! Enables export of NetFlow security logging flow-export enable ! Defines the interface, IP address and UDP port to be used for reporting to CS-MARS flow-export destination management x.x.x.x 2055 flow-export template timeout-rate 1 ! Disables redundant system logging messages logging flow-export-syslogs disable ! ! Configures syslog logging at informational level logging trap informational10-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Deployment Best Practices ! Enables secure logging logging host management x.x.x.x TCP/1500 secure logging enable no logging console logging buffered debugging ! ! SNMP Configuration snmp-server host management x.x.x.x poll community <strong-community> snmp-server community <strong-community> NetFlow configuration on Cisco ASA software Version 8.1(2) and later has been enhanced to support the Modular Policy Framework. The following is a sample NetFlow configuration for Cisco ASAs running software Version 8.1(2) and later. For syslog and SNMP sample configurations, see the example provided above for software Version 8.1(1): ! Defines the interface, IP address and UDP port to be used for NetFlow logging to CS-MARS flow-export destination inside x.x.x.x 2055 flow-export template timeout-rate 1 ! Disables redundant system logging messages logging flow-exports-syslogs disable class-map flow_export_class match any policy-map flow_export_policy class flow_export_class flow-export event-type all destination x.x.x.x service-policy flow_export_policy global Note If you previously configured flow-export actions in Version 8.1(1) using the flow-export enable command, and you upgrade to a later version, then your configuration will be automatically converted to the new Modular Policy Framework flow-export event-type command. For more information, see the 8.1(2) release notes. The following is an example configuration for Cisco ASAs running software Version 8.0 or earlier: ! Configures syslog logging at informational level logging trap informational ! Enable secure logging logging host management x.x.x.x TCP/1500 secure logging enable no logging console logging buffered debugging ! SNMP configuration snmp-server host management x.x.x.x poll community <strong-community> snmp-server community <strong-community>10-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Deployment Best Practices Cisco IOS Devices Cisco IOS routers and switches support different access and reporting mechanisms. The following are recommendations for all Cisco IOS devices, independently from their location: • If available, dedicate and interface for control and management. Connect the interface to the OOB management network or over a secured segment. • Configure SSH access to be used by CS-MARS discovery. Limit the address of all hosts or network that have permission to gain administrative access to the appliance. Remember to use modulus size of 768, at a minimum, when creating the RSA key pair. Configure the ACL applied to the management interface to allow SSH sessions from the IP address of CS-MARS. • Define an AAA administrative account and a local account to be used for CS-MARS access only. Specify the accounts privilege access level 15. The local account is to be used as a fallback in case AAA is not available. Ensure at all times the credentials of both accounts are synchronized with the device configuration in CS-MARS. • Configure SNMP read-only access for the monitoring of system resources. Use a strong community name. To enable the collection of resource usage data, you must ensure that the CPU and memory usage-specific events are logged by the reporting devices. Configure the ACL applied to the management interface to allow SNMP queries from the IP address of CS-MARS. • If the Cisco IOS router is configured with Cisco IOS IPS, configure SDEE access to allow HTTPS connections from the CS-MARS appliance. The following configuration fragment illustrates the commands used to enable CS-MARS to retrieve events from the Cisco IOS IPS software. ip http secure-server ! Sets maximum number of concurrent subscriptions ip sdee subscriptions 2 ! Sets the maximum number of SDEE events that can be stored in the event buffer ip sdee events 500 ! Send messages in SDEE format ip ips notify sdee ! Not to send messages in syslog format no ip ips notify log The following configuration fragment illustrates the SNMP configuration. Note x.x.x.x corresponds to the IP address of CS-MARS. access-list 55 remark ACL for SNMP access to device access-list 55 permit x.x.x.x access-list 55 deny any log snmp-server community csmars RO 55 snmp-server enable traps cpu threshold snmp-server host x.x.x.x traps <strong-community> memory cpu In the context of CS-MARS, NetFlow data is exported for two main uses, to identify any statistically significant anomalous behavior and to populate the data used for top N reports. While NetFlow data is valuable, its collection and export may consume resources on both network devices and CS-MARS. For this reason, choose wisely where to enable NetFlow: • Preferably, enable NetFlow collection and export on network devices that aggregate traffic, such as campus distribution switches and data center core routers. • Use NetFlow random sampling. Random sampled NetFlow provides NetFlow data for a subset of traffic in a Cisco router by processing only one randomly selected packet out of n sequential packets (n is a user-configurable parameter). Statistical traffic sampling substantially reduces consumption 10-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Deployment Best Practices of router resources (especially CPU resources) while providing valuable NetFlow data. For the purpose of CS-MARS, random sampled NetFlow provides the same quality of data needed to identify traffic anomalies and to be used for top N reports. The following configuration fragment provides an example of sampled NetFlow collection. ip flow-export version 5 ip flow-export source GigabitEthernet1/3 ip flow-export destination x.x.x.x 2055 flow-sampler-map csmars-sample mode random one-out-of 100 interface gig4/1 flow-sampler csmars-sample ip flow ingress Syslog provides invaluable operational information, including system status, traffic statistics and device access information. The following are the deployment recommendations: • Enable syslog on all routers and switches. • Do not log to the console. • Enable syslog rate-limiting where available. The syslog rate-limiting limits the rate of messages logged per second, helping to ensure that syslog messages do not impact the CPU of either the sending device or CS-MARS. • Use trap-level informational for those devices configured with ACLs or any other security features controlling passing traffic. Use trap-level critical for the rest. For example, configure informational level on campus switches enforcing ACLs and configure critical level for core routers. The following configuration template illustrates the syslog configuration. service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone logging buffered logging trap informational logging host x.x.x.x logging rate-limit all 10 logging source-interface <loopback or OOB-interface> no logging console Deployment Table Table 10-2 summarizes the access and monitoring protocol selections used in the Cisco SAFE design blueprint. Ta b l e 10-2 Deployment Model Place in the Network Device and Function Methods Campus Services ASA SSH, NetFLow, syslog (no-redundant, informational), SMNP RO Services IPS SDEE Campus IPS SDEE Distribution Switches SSH, Sampled NetFLow, syslog (critical), SMNP RO Access Switches SSH, syslog (informational), SMNP RO10-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Analysis and Correlation Analysis and Correlation In the context of threat control and containment, CS-MARS is responsible for the correlation of event alarm and log information generated throughout the network to identify and timely mitigate threats. Such functions require certain level of network intelligence on the network topology, device configurations and traffic patters. Network topology and device configuration is learned by CS-MARS as monitoring and mitigation devices are configured, or as a result of automatic network discovery (periodic SNMP-based discovery). CS-MARS also leverages Cisco NetFlow for network traffic profiling. CS-MARS uses the network intelligence to distinguish between a legitimate threats and false-positives, and to effectively reduce the volume of event data presented to the users. Network Discovery CS-MARS gathers information on the network topology and device configuration as reporting devices are added to the web interface and as a result of an automatic network discovery. The automatic network discovery uses SNMP read-only access to discover and query the devices in the network. The network discovery can be programmed to run periodically, or can be run on-demand. As not all network devices would allow a SNMP-based discovery, Telnet (not recommended) and SSH are also leveraged in the network discovery. Information gathered by CS-MARS as a result of a network discovery includes IP addresses, IP routes, Layer-2 forwarding tables, NAT rules, access control lists (ACLs), and more. To be more efficient, CS-MARS can be configured with the list of SNMP community strings and IP networks to target during the network discovery. This is configured in CS-MARS web interface, under Admin > System Setup > Community Strings and Networks. See Figure 10-14. Internet Edge ASA SSH, NetFLow, syslog (no-redundant, informational), SMNP RO IPS SDEE Border Routers SSH, Sampled NetFLow, syslog (informational), SMNP RO Inner Switches SSH, syslog (critical), SMNP RO WAN Edge WAN/VPN Edge Routers SSH, Sampled NetFLow, syslog (informational), SMNP RO Distribution Switches SSH, syslog (critical), SMNP RO IPS SDEE Branch Router SSH, syslog (informational), SMNP RO ASA SSH, syslog (informational), SMNP RO IPS SDEE Branch Switch SSH, syslog (informational), SMNP RO Data Center ASA SSH, NetFLow, syslog (no-redundant, informational), SMNP RO IPS SDEE DC Core Switches SSH, Sampled NetFLow, syslog (critical), SMNP RO DC Distribution SSH, syslog (critical), SMNP RO DC Access SSH, syslog (informational), SMNP RO Core Core Switches SSH, syslog (critical), SMNP RO Table 10-2 Deployment Model (continued)10-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Analysis and Correlation Figure 10-14 Automatic Discovery To control what networks are added to the network topology, a list of valid networks can be defined in CS-MARS web interface, under Admin > System Setup > Valid Networks (see Figure 10-15). Optionally, a SNMP target may be indicated for each network or IP range. The SNMP discovery process starts by querying the SNMP target (if one was defined). Figure 10-15 Valid Networks Finally, network discoveries can be scheduled for a particular time and day in the week, month, etc. This can be configured in CS-MARS web interface, under Admin > System Setup > Topology/Monitored Device Update Scheduler. See Figure 10-16.10-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Analysis and Correlation Figure 10-16 Topology Update Schedule Data Reduction One of the primary functions of CS-MARS is to analyze and correlate the alarm information gathered from the reporting devices to distinguish real threats from false-positives and to reduce the amount of data administrators need to pay attention to. This allows for the rapid identification and response to threats. CS-MARS uses its network intelligence to determine the context and the relevance of an incident. By leveraging the contextual information, CS-MARS can determine if the target of an attack is in fact vulnerable to the attack. CS-MARS also leverages its topological awareness to identify the path followed by an attack, and to determine whether the target was reached or the attack was blocked by an intermediate device such as a firewall or and IPS. The snapshot in Figure 10-17 illustrates a system determined false-positive. The incident was generated in response to a WWW IIS Unicode Directory traversal attack attempt. As the icon indicates, CS-MARS determined the incident as a false-positive because the offending session has been denied by an inline Cisco IPS. Figure 10-17 System determined false positive This snapshot in Figure 10-18 confirms the Cisco IPS inline had successfully blocked the attack.10-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Analysis and Correlation Figure 10-18 Security Incident Details Figure 10-19 shows the summary page. Highlight data reduction and determined false-positives. Figure 10-19 Data Reduction10-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Analysis and Correlation Attack Path and Topological Awareness Thanks to its knowledge of the network topology and device configurations, CS-MARS is able to visualize the path attacks follow in the network. This allows CS-MARS to identify possible mitigation enforcement devices along the path, and to recommend the configuration command necessary to effectively mitigate the threat. Possible response actions are discussed in Chapter 11, “Threat Control and Containment.” The screenshot in Figure 10-20 illustrates CS-MARS correlation. In this case, the system was able to correlate several attacks from the same attacker system. Figure 10-20 Event Correlation In the example shown in Figure 10-21, anomalous activity included a reconnaissance TCP Port Sweep, and later followed by two targeted attacks, WWW IIS Unicode directory traversal attack, and WWW ISS Internet Printing Overflow.10-29 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Analysis and Correlation Figure 10-21 Incident Detail Finally, CS-MARS network intelligence allowed it to reconstruct the attack path and identify possible mitigation points. See Figure 10-22. Figure 10-22 Attack Path10-30 Cisco SAFE Reference Guide OL-19523-01 Chapter 10 Monitoring, Analysis, and Correlation Analysis and Correlation NetFlow As described earlier in chapter, CS-MARS is capable of leveraging NetFlow Versions 1, 5, 7 and 9 data to profile the network usage, detect statistically significant anomalous behavior, and to correlate anomalous behavior. This allows CS-MARS to leverage the network infrastructure to effectively identify anomalous behavior such as DDoS attacks and worm propagation. Figure 10-23 shows a DDoS attack initiated in the lab testing Internet edge topology. The graphs indicate a sudden traffic surge. Figure 10-23 Activity Graphs The screenshot in Figure 10-24 provides more detailed information on the incident, including the attacker’s IP address (198.133.219.128). It can be deduced that the attack consisted in a connection flood to multiple destinations on port 80 (HTTP). Figure 10-24 Incident DetailsC H A P T E R 11-1 Cisco SAFE Reference Guide OL-19523-01 11 Threat Control and Containment Cisco SAFE leverages the threat detection and mitigation capabilities available on Cisco firewalls, Cisco Cisco IPS, Cisco Security Agents (CSA), Cisco Network Admission Control (NAC), and web/E-mail security appliances. In addition, the alarm and event information generated by these devices is centrally collected and correlated by the Cisco Security Monitoring, Analysis, and Response System (CS-MARS) to identify the source of threats, visualize the attack paths, and to suggest and optionally enforce response actions. Cisco IPS visibility is enhanced with the endpoint posture information provided by CSA which reduces false-positives and allows for the dynamic quarantine of compromised hosts. Cisco SAFE also leverages the linkage between Cisco Security Manager (CSM) and CS-MARS to simplify management and to expedite troubleshooting and threat mitigation. Following are some of the threat control and containment attributes of the Cisco SAFE design: • Complete visibility—Infrastructure-wide intelligence provides an accurate vision of network topologies, attack paths, and extent of the damage. • Adaptive response to real-time threats—Source threats are dynamically identified and blocked in real-time. • Consistent policy enforcement coverage—Mitigation and containment actions may be enforced at different places in the network for defense-in-depth. • Minimize effects of attacks—Response actions may be immediately triggered as soon as an attack is detected, thereby minimizing damage. • Common policy and security management—A common policy and security management platform simplifies control and administration, and reduces operational expense. Endpoint Threat Control Network endpoints include servers, desktop computers, laptops, printers, IP phones, and any other systems that connect to the network. The great variety in hardware types, operating systems, and applications represents a clear challenge to security. In addition, portable devices such as laptops can be used at hotels and other places outside the corporate controls, further complicating the enforcement of security policies and controls. Common threats to these endpoints include malware, adware, spyware, viruses, worms, botnets, and E-Mail spam. Properly securing the endpoints requires end-user awareness and the adoption of the appropriate technical controls. Cisco SAFE advocates for the continuous education of end-users on current threats and security measures. Furthermore, the Cisco SAFE design blueprints implement a range of security controls designed to protect the endpoints. These include host Cisco IPS, network-based intrusion prevention systems, and web and E-Mail traffic security. 11-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Network-Based Threat Control As a host Cisco IPS, Cisco SAFE leverages CSA on end-user workstations and servers. CSA takes a proactive and preventative approach, using behavior-based security to focus on preventing malicious activity on the host. Malicious activity is detected and blocked, independent of the type of malware, spyware, adware, or virus affecting the host. Once deployed on an endpoint, whenever an application attempts an operation, the agent checks the operation against the application’s security policy—making a real-time allow or deny decision on the continuation of that operation and determining whether logging the operation request is appropriate. Security policies are collections of rules that IT or security administrators assign to protect servers and desktops, either individually or enterprise-wide. CSA provides defense-in-depth protection against spyware and adware by combining security policies that implement distributed firewall, operating system lockdown and integrity assurance, malicious mobile code protection, and audit-event collection capabilities in default policies for servers and desktops. CSAs are centrally managed with the CSA Management Center (CSA-MC), which in the Cisco SAFE design is placed in a secure segment in the data center. The Management Center (MC) also provides centralized reporting and global correlation. For complete details about deploying CSA in a network, refer to the Rapid Deployment Guide for Cisco Security Agent 6.0 for Desktops at the following URL: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/deployment_guide_c07-501928. html Network-Based Threat Control Cisco SAFE leverages various forms of network-based threat control, including Cisco IPS sensors, Cisco firewalls, Cisco NAC and web/E-Mail security. Cisco NAC and web/E-Mail security are addressed in Chapter 5, “Enterprise Campus,” and Chapter 6, “Enterprise Internet Edge,” respectively. Network-Based Cisco IPS Cisco IPS modules and appliances are strategically deployed throughout the Cisco SAFE design blueprints. Cisco IPS provides signature and reputation-based threat detection and mitigation for threats such as worms, spyware, adware, network viruses, and application abuse. The deployment mode and the platform selection in the Cisco SAFE design blueprints is driven by three key design aspects: • Deployment Mode, page 11-3 • Scalability and Availability, page 11-3 • Maximum Threat Coverage, page 11-3 • Cisco IPS Blocking and Rate Limiting, page 11-4 • Cisco IPS Collaboration, page 11-411-3 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Network-Based Threat Control Deployment Mode Cisco IPS appliances and modules can be deployed in inline or promiscuous mode, typically referred to as Cisco IPS or IDS modes. When deployed in inline mode, the Cisco IPS is placed in the traffic path. This allows the sensor to stop attacks by dropping malicious traffic before it reaches the intended target, thus providing a protective service. Cisco IPS inline mode enables automatic threat detection and mitigation capabilities that offer some clear advantages in terms of timely threat mitigation. In addition, signature tuning enables the automated response actions to be tuned according to customer policy. Since the Cisco IPS is in the data path, it is critical to ensure that a deployment be well designed, architected, and tuned to ensure that it does not have a negative impact on network and service availability. Cisco IPS can also be deployed in promiscuous mode. In this mode, the Cisco IPS performs passive monitoring, with traffic being passed to it through a monitoring port. The Cisco IPS sensor analyzes a copy of the monitored traffic rather than the actual forwarded packet. Upon detection of anomalous behavior, management systems are informed of an event and operational staff can subsequently decide what action, if any, to take in response to an incident. The time between threat detection and mitigation may thus be extended. Scalability and Availability For scalability, Cisco offers a range of IPS platforms with various levels of capacity and form factors that can be deployed according to particular customer needs. The Cisco SAFE designs implement Cisco IPS appliances on those places in the network (PINs) demanding the highest levels of throughout, such as the data center, campus, and the WAN edge. Cisco IPS modules are also viable options for environments where integrated security is preferred. At the branches, Cisco IPS modules are deployed on routers or firewalls. For increased scalability and high availability, multiple Cisco IPS can be bundle together using a load-balancing mechanism. The Cisco SAFE campus design implements multiple appliances by connecting them to a switch and Ether Channel load-balancing (ECLB) feature of the switch to perform intelligent load balancing across the Cisco IPS devices. Multiple Cisco IPS sensors may also be deployed by using a load-balancing module or appliance as the Cisco Application Control Engine (ACE) module. Maximum Threat Coverage For maximum visibility, the Cisco IPS sensors must be able to see traffic in both directions. For this reason, it is important to ensure the symmetry of the traffic as traverses or reaches the Cisco IPS sensor. Symmetrical traffic flows offer a number of important benefits, including enhanced threat detection, reduced vulnerability to Cisco IPS evasion techniques, and improved operations through reduced false positives and false negatives. Consequently, this is a key design element. For example, if more than one Cisco IPS exists in a single flow for availability and scalability purposes, maintaining symmetric flows requires some consideration of the Cisco IPS integration design. There are a number of options available to ensure symmetric traffic flows, including the following: • Copy traffic across Cisco IPS—Use of SPAN, VLAN access control list (VACL) capture, or taps to duplicate traffic across all Cisco IPS, ensuring any single Cisco IPS sees all flows. This can become a challenge once more than two Cisco IPS are involved and results in all Cisco IPS being loaded with the active traffic flows. • Integration of an Cisco IPS switch—Topological design to consolidate traffic into a single switch, thereby leveraging the switch to provide predictable and consistent forward and return paths through the same Cisco IPS. This is simple design, but introduces a single point-of-failure.11-4 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Network-Based Threat Control • Routing manipulation—Use of specific routing techniques, such as path cost metrics or policy-based routing (PBR), to provide predictable and consistent forward and return paths through the same switch and, consequently, the same Cisco IPS. This is a cost-effective design approach, but it introduces complexity and requires an agreement from network operations (NetOps). • Sticky load balancing—Insertion of a sticky load-balancing device, such as the Cisco ACE module, to provide predictable and consistent forward and return paths through the same Cisco IPS. This is flexible design, but introduces additional equipment to deploy and manage. Cisco IPS Blocking and Rate Limiting Cisco IPS sensors can be used in conjunction with routers, switches, and firewalls to dynamically enforce blocking and rate limiting actions on those devices—and in response to suspicious events. Blocking is configured at the signature level and, when triggered, the sensor updates the configuration of the managed devices to enforce the block action. There are three types of blocks: • Host block—Blocks all traffic from a given IP address. • Connection block—Blocks traffic from a given source IP address to a given destination IP address and destination port. • Network block—Blocks all traffic from a given network. Caution Configuring a sensor to perform blocking at a very high rate, or to manage too many blocking devices and interfaces, might result in the sensor not being able to apply blocks in a timely manner—or not being able to apply blocks at all. Cisco IPS sensors can also be configured to restrict the rate of specified traffic classes on network devices. Rate-limiting responses are supported for the Host Flood and Net Flood engines, and the TCP half-open SYN signature. For more information on Cisco IPS capabilities, refer to the Cisco IPS Configuration Guide at the following URL: http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installation_and_configuration_g uides_list.html Cisco IPS Collaboration In collaboration with other Cisco devices, the Cisco IPS provides enhanced visibility and control through system-wide intelligence. This includes host-based IPS collaboration with the CSA (explained later in this chapter), reputation-based filtering and global correlation using SensorBase, automated threat mitigation with the WLAN Controller (WLC), multi-vendor event correlation and attack path identification using CS-MARS, and common policy management using CSM. Cisco IPS collaboration with the WLAN Controller is covered in detail in the Secure Wireless Design Guide at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/secwlandg20/ch8_2_SPMb.html11-5 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Global Threat Mitigation Network-Based Firewalls Cisco SAFE leverages the threat detection and mitigation capabilities available on Cisco firewalls. Firewall abilities include identifying and dropping packets due to denial by access list, invalid packet format, connection limits exceeded, protocol violations, and other abnormal conditions. Cisco firewalls are also equipped with application-layer protocol inspection to allow the identification and automatic mitigation of attacks based on protocol violation or manipulation. Other control mechanisms include the enforcement of timeouts and connection limits which helps mitigate flood-based denial of service (DoS) attacks. For a detailed description of the deployment options and platforms implemented in each SAFE module, refer to the applicable module chapter. Cisco IOS Embedded Event Manager Cisco IOS Embedded Event Manager (EEM) is a powerful and flexible subsystem in Cisco IOS that provides real-time network event detection and on-board automation. Using EEM, customers can adapt the behavior of network devices to align with business needs. EEM is available on a wide range of Cisco platforms and customers can benefit from the capabilities of EEM without upgrading to a new Cisco IOS version. EEM supports more than 20 event detectors that are highly integrated with different Cisco IOS components to trigger actions in response to network events. Customer business logic can be injected into operations using EEM policies. These policies are programmed using either a simple CLI-based interface or using Tool Command Language (Tcl) scripting language. EEM harnesses the significant intelligence within Cisco devices to enable creative solutions including automated troubleshooting, automatic fault detection and troubleshooting, and device configuration automation. For more information about EEM, refer to the Cisco IOS Software Embedded Event Manager, Harnesses Network Intelligence to Increase Availability at the following URL: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6550/prod_white_paper0900aecd803a 4dad_ps6815_Products_White_Paper.html Global Threat Mitigation As described in the previous section, CS-MARS develops network intelligence by understanding the network topology and device configurations and by profiling network traffic. CS-MARS uses this network intelligence to identify and mitigate threats before they affect other systems or PINs. Upon identification of a legitimate network attack, CS-MARS is capable can visualize the attack path and identify possible mitigation enforcement devices along the path. Attack paths can be visualized by the user at both Layer2 and Layer 3. CS-MARS also provides the appropriate device commands that the user can employ to mitigate the threat on the possible mitigation devices.11-6 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Global Threat Mitigation Possible mitigation enforcement devices are devices that can deny the attack traffic flow and that are in the attack path. CS-MARS provides mitigation support in two forms: • For supported Layer-3 devices based on the Open Systems Interconnection (OSI), CS-MARS provides the user with a suggested device and set of commands that can be used to halt an ongoing, detected attack. This information can be used to manually block the attack. • For supported Layer-2 devices, CS-MARS recommends a device and a set of commands to halt the ongoing, detected attack, and provides a method for making the configuration changes on behalf of the user. As an example, Figure 11-1 illustrates an attack launched from the main campus. Figure 11-1 incident Detail The attack paths and the recommended action (ACL enforcement) determined by CS-MARS are illustrated in Figure 11-2 and Figure 11-3. Figure 11-2 Attack Paths Determined by CS-MARS11-7 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility Figure 11-3 Suggested Mitigation Commands Cisco IPS Enhanced Endpoint Visibility Cisco SAFE leverages the integration between CSA and Cisco IPS as a key component of Cisco SAFE threat control and containment strategy. Residing on servers and desktops, CSAs have full visibility into endpoints which allows CSAs to gather information that is not available to any other security component on the network. The integration between CSA and Cisco IPS allows the sensor to use this valuable information and thereby increase its visibility into endpoints and global threats. The collaboration between CSA and Cisco IPS has the following benefits: • Ability to use CSA endpoint information to influence Cisco IPS actions—By using the endpoint contextual information, Cisco IPS determines the appropriate severity of a network threat and instructs the adequate response action. • Reduction of false positives—CSA provides OS-type and other endpoint posture information that helps Cisco IPS determine the relevancy of a threat—reducing the chance of a false positive. • Enhanced attack mitigation—Cisco IPS can use the watch list maintained by CSA. The watch list helps Cisco IPS monitor the systems identified by CSA as suspicious or malicious, and helps highlight any events associated with these systems. • Dynamic host quarantine—The Cisco IPS has the ability to dynamically block hosts that have been identified by CSA as malicious. This extends the quarantine capabilities from CSA to the Cisco IPS.11-8 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility CSA and Cisco IPS Collaborative Architecture The architecture integrating CSA and Cisco IPS relies on the interaction of the following major components: • Cisco IPS —Any Cisco IPS platform running at minimum Cisco IPS Sensor Software Version 6.0, configured either in inline protection mode (IPS) or promiscuous mode (IDS). • CSAs—Host-based Cisco IPS software running on servers and desktops to be protected and monitored. • CSA-MC—A a standalone application that provides centralized security policy configuration, monitoring, and administration for CSAs. In addition, CSA-MC performs global correlation based on event and posture information generated by the CSAs. CSA-MC 5.0 or later is required to integrate with the Cisco IPS. The components of the architecture and their interactions are depicted in Figure 11-4. Figure 11-4 Cisco Secure Agent/Cisco IPS Collaborative Architecture The Cisco IPS sensor accesses this information via Secure Device Event Exchange (SDEE), a protocol developed by a consortium (led by Cisco) that is designed for the secure exchange of network event information. Communications between CSA-MC and Cisco IPS are protected with Secure Socket Layer (SSL)/Transport Layer Security (TLS) encryption and Hypertext Transfer Protocol (HTTP) authentication. Note CSA-MC authenticates by providing X.509 certificates while the Cisco IPS sensor authenticates using a username and password. To start receiving information, a Cisco IPS sensor must open a SDEE subscription with CSA-MC. After the communication channels are authenticated and established, two types of messages are exchanged between CSA-MC and Cisco IPS sensors: • CSA Posture Events—Contains host posture information collected by CSA- MC such as the IP address and the OS type of the hosts running CSA. To receive posture events a Cisco IPS must open a subscription. After the subscription is open, the CSA-MC sends an initial state message with the IP addresses and OS types of all known agents. After the initial state, the CSA-MC keeps the Cisco IPS informed through updates. • Quarantine Events—Generated by CSA-MC to communicate the list of hosts that are being quarantined to Cisco IPS sensors. A host is quarantined either manually by a CSA-MC administrator or by rule-generated by global correlation. Quarantine events include the reason for the quarantine, the protocol—such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP), or Internet Control Message Protocol (ICMP)—associated with a rule violation, an indicator on Cisco Security Agent Cisco Security Agent MC Cisco IPS Posture Event Information SDEE Subscription SDEE Host Posture and Quarantine Events 22673211-9 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility whether a rule-based violation was associated with an established TCP connection or a UDP session, and the IP address of the host to be quarantined. Cisco IPS sensors must subscribe before they can start receiving quarantine events. The CSA-MC sends an initial state message containing the list of all the hosts under quarantine and reports any subsequent quarantine incidents via updates. Deployment Considerations In general, the same best practices used to deploy CSA and Cisco IPS as standalone products apply when the two are implemented together in the same environment; therefore, it is always a good idea to follow those principles whenever possible. In addition to adopting the design best practices for CSA and Cisco IPS, there are few important considerations that should be noted when integrating the two products. These are briefly summarized in the following sections: • Inline Protection (IPS) and Promiscuous (IDS) Modes, page 11-9 • One CSA-MC to Multiple Cisco IPS Sensors, page 11-10 • One Sensor to Two CSA-MCs, page 11-10 • Virtualization, page 11-10 • IP Addressing, page 11-10 Inline Protection (IPS) and Promiscuous (IDS) Modes CSA can be integrated with Cisco IPS sensors that are configured either in inline protection (IPS) mode or promiscuous detection (IDS) mode. This results in greater flexibility because there are different valid reasons why a network administrator might opt to deploy Cisco IPS in one mode or the other. The Cisco SAFE campus design is capable of integrating sensors in both inline protection mode and promiscuous detection mode. A sensor deployed inline at the distribution layer is capable of dynamically blocking malicious packets as they move through the system, When deployed in promiscuous mode, the sensor passively monitors traffic. These designs are illustrated in Figure 11-5. Figure 11-5 Typical Cisco IPS/IDS Deployment Designs Access Core Distribution 226733 Cisco Security Agents Cisco IPS Inline Mode Cisco IPS Promiscuous Mode11-10 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility One CSA-MC to Multiple Cisco IPS Sensors A single CSA-MC can serve multiple Cisco IPS sensors simultaneously. In cases where Cisco IPS sensors are managed by different groups of administrators, their access to CSA-MC can be separated by the use of different subscription credentials. One Sensor to Two CSA-MCs A single Cisco IPS sensor can be configured to interface with up to two CSA-MCs simultaneously. Besides being crucial for redundancy purposes, this feature can be used to simplify the process of upgrading the version of CSA-MC. Virtualization The CSA can be integrated with Cisco IPS systems configured with virtual sensors. When used with virtualization, all information provided by the CSA-MC is global to the Cisco IPS sensor and, as a result, can be used by all active virtual sensors. IP Addressing Both the CSA-MC and the Cisco IPS sensors identify hosts based on their IP addresses; therefore, both should have a consistent view of the IP address space. Implementing the CSA-MC and Cisco IPS sensors in different sides of a Network Address Translation (NAT) can lead to an incompatible view of the address space. As a result, the Cisco IPS sensors might not be able to properly match the posture information provided by the CSA-MC; one host might be seen by the CSA-MC and the Cisco IPS sensors as two different systems—or two separate hosts might be confused as being a single host. In all cases, an incompatible view of the address space reduces the quality of the integration and can result in the enforcement of mitigation actions on the wrong hosts. As a general best practice, avoid implementing NAT between CSA, CSA-MC, and the Cisco IPS sensors whenever it is possible. When NAT is required, ensure CSA-MC and the Cisco IPS sensors are placed on the same side of the translation—making sure they have the same IP address space visibility. Deployment Best Practices Integrating CSA and Cisco IPS requires the configuration of both CSA-MC and the Cisco IPS sensors. For most scenarios, configuration consists of the following activities: • Defining a CSA-MC administrative account to be used by Cisco IPS sensors in their SDEE subscriptions. • Enabling CSA host history collection. • Adding CSA-MC as a trusted host in each Cisco IPS sensor. • Configuring an external product interface in each Cisco IPS sensor. The following sections describe the best practices that should be followed. • Cisco Security Agent MC Administrative Account, page 11-11 • Cisco Security Agent Host History Collection, page 11-11 • Adding CSA-MC System as a Trusted Host, page 11-12 • Configuring Cisco IPS External Product Interface, page 11-1311-11 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility • Leveraging Endpoint Posture Information, page 11-14 • Cisco Security Agent Watch Lists, page 11-16 • Cisco IPS Event Action Override, page 11-17 • Validating Cisco Secure Agent and Cisco IPS Integration, page 11-18 Cisco Security Agent MC Administrative Account Communications between the CSA and Cisco IPS are authenticated. The CSA- MC will not accept a SDEE subscription for posture and quarantine information unless the requesting Cisco IPS sensor is successfully authenticated. To that end, every Cisco IPS sensor must be preconfigured with the username and password of a valid CSA-MC account granting a minimum of view privileges. The Cisco IPS sensor provides the CSA-MC with this information when subscribing and the CSA- MC accepts or denies the subscription based on the validity of the credentials. Even though any of the existing administrative accounts in the CSA-MC with a minimum of view privileges can be used, it is not recommended. For obvious security reasons, it is always a good practice to create a new account to be used exclusively for CSA-to-Cisco IPS communications purposes. This account should be given no more than the minimum required privileges (that is, monitor and view). Figure 11-6 shows a snapshot taken from CSA-MC 6.0 showing the definition of Cisco IPSusr, an account defined for the exclusive use of CSA/Cisco IPS communication. Figure 11-6 Cisco Security Agent MC Administrative Account Cisco Security Agent Host History Collection Host history collection is a feature required for the integration between CSA and Cisco IPS. When enabled, this feature maintains a two-week history of the previously listed host status changes which are maintained for every host registered with the MC. The information includes host registration, test-mode setting changes, learn-mode setting changes, IP address changes, Cisco Trust Agent (CTA) posture changes, CSA version changes, and host active/inactive status changes. Host history collection is configured in CSA-MC via Events > Status Summary. Under the Network Status section, click No next to host history collection enabled and then click Enable in the popup window. See Figure 11-7.11-12 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility Figure 11-7 Host History Collection Adding CSA-MC System as a Trusted Host Cisco IPS maintains a list of all the trusted hosts with which it communicates—including blocking devices, SSL/TLS servers, and external products, such as CSA-MC. This list contains the digital certificates of the trusted systems used by the Cisco IPS to establish secure connections. As part of the CSA/Cisco IPS interface configuration, the system running CSA- MC must be added as a trusted host. In the process of adding the system, the Cisco IPS retrieves the digital certificate of the CSA-MC and displays its fingerprint—which is then presented to the administrator for approval. After the administrator approves the associated fingerprint, the CSA-MC system is added as a trusted host. Figure 11-8 is a snapshot of Cisco IPS Device Manager 6.2 showing host 172.26.146.135 (system running CSA-MC) listed as a trusted host. Figure 11-8 Cisco IPS Trusted Host11-13 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility Configuring Cisco IPS External Product Interface Cisco IPS sensors are equipped with an external product interface designed to handle communications with external security and management products such as the CSA-MC. This interface enables the Cisco IPS sensors to take full-advantage of useful host posture and threat context information maintained by CSA-MC—including the OS type of the systems protected with CSA and a list of IP addresses of systems suspected of causing malicious activity. This grade of collaboration increases the overall security effectiveness of the CSA/Cisco IPS combination as an end-to-end security solution. Note With Cisco IPS Sensor Software 6.1, only two external interfaces can be defined. CSA-MC is the only external product supported at this time. The configuration of the Cisco IPS external product interface consists in the definition of communication parameters, watch lists settings, and host posture settings (see Figure 11-9). Figure 11-9 Cisco IPS External Product Interface The following describe all the relevant parameters configured in the external product interface: • General parameters – External Product IP Address—IP address of the system hosting CSA-MC. – Enable Receipt of Information—Enables/disables the external product interface. • Communication settings—Defines the communication parameters. – SDEE URL—Specifies the URL used to communicate with CSA-MC. A default SDEE URL is provided. 11-14 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility – Port—Used for communications. Default port is 443. – Use TLS—Indicates that secure TLS communication is enabled. Communication is always protected with TLS, this parameter cannot be changed. • Logging settings—Sets the username and password used in the communication with CSA-MC. – Username—Username of the administrative account used to communicate with CSA-MC. This account is defined in the CSA-MC. – Password/Confirm Password—Password of the administrative account used to communicate with CSA-MC. • Watch list settings—This section of the configuration is used to enable or disable the reception of watch lists. It also defines the values in which risk rating should be increased. Configuration is described in the next section. • Host posture settings—Defines how host posture information should be handled. Configuration is described in the next section. Leveraging Endpoint Posture Information One of the key advantages of the CSA/Cisco IPS integration is that it gives the Cisco IPS sensor the ability to use the OS type information identified by the CSAs. This information extends the endpoint visibility of the Cisco IPS, helping it make smarter decisions and consequently reducing the chances for false-positives. A false-positive is an event where the Cisco IPS triggers an alarm in response to an activity that is actually not malicious, or where the Cisco IPS triggers a response action that is out of proportion. The problem of false-positives often occurs when the Cisco IPS fails to interpret the risk level associated with the network event in question—typically due to the lack of context information. By using the OS type information provided by CSA, the Cisco IPS can better determine the appropriate relative risk associated with a particular event, thereby reducing the possibility of a false positive. Starting with Cisco IPS Sensor Software 5.0, Cisco IPS alerts are evaluated under a sophisticated risk rating mechanism that takes into consideration attack relevancy. Under this mechanism, each Cisco IPS alarm is quantified with a numerical value between 0 and 100, called risk rating, which gives the user an idea of the relative risk associated with the event triggering the alarm. In practice, risk rating is used to either highlight events that require immediate attention when the sensor is configured in promiscuous mode (IDS), or trigger response actions when the sensor is configured in inline protection mode (IPS). Along all the variables used to calculate the risk rating, there is an Attach Relevancy Rating which represents whether or not the target is believed to be vulnerable to the attack. For a detailed description on how risk rating is calculated, refer to the following documents: • Cisco IPS Configuration Guides http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installation_and_configurati on_guides_list.html • Integrating Cisco Security Agent with Cisco Intrusion Prevention System http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/prod_white_paper09 00aecd805c389a_ns441_Networking_Solutions_White_Paper.html When integrated with CSA, Cisco IPS has the capacity to dynamically adjust the risk rating values based on the OS type information imported from CSA, thereby helping it to determine the right risk level of an event. This way, the Cisco IPS is capable of reducing the perceived severity of an attack when the target OS type is found not to be vulnerable and of increasing it when the target OS is known to be vulnerable. 11-15 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility To activate this functionality, the reception of endpoint posture information should be configured within Cisco IPS external product interface. Under the Host Posture Settings section, complete the following: • Enable Receipt of Host Postures— Enables/disables the reception of host posture information from CSA-MC. • Allow Unreachable Hosts’ Postures—Allows/denies the reception of host posture information for hosts not reachable by CSA-MC. This option is useful in filtering the host postures with IP addresses that might not be visible to the Cisco IPS or that might be duplicated across the network. • Posture ACLs—By default all host postures are processed by the Cisco IPS. Posture ACLs provide a mechanism to filter the network ranges from which host postures will be processed or ignored (permitted or denied). This option is useful in filtering the host postures with IP addresses that might not be visible to the Cisco IPS or that might be duplicated across the network. Figure 11-10 is a snapshot of Cisco IPS Device Manager 6.2 that shows all the endpoint posture information imported from CSA-MC. Figure 11-10 Cisco IPS OS Identification The following output is the detailed event information from Cisco IPS Device Manager 6.2, corresponding to a Microsoft IIS 5.0 WebDav buffer overflow attack against system 10.240.50.100. Using the endpoint posture information learned from CSA-MC, the Cisco IPS sensor knows the system is Windows-based and, as a result, it determined to be relevant to the attack. Key information is highlighted. vIdsAlert: eventId=1234240033910687083 vendor=Cisco severity=high originator: hostId: sfx12-Cisco IPS4270-1 appName: sensorApp appInstanceId: 434 time: Mar 10, 2009 22:45:38 UTC offset=0 timeZone=GMT00:00 11-16 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility signature: description=Long WebDAV Request id=5365 version=S258 type=other created=20041119 subsigId: 0 sigDetails: SEARCH /...\x3c40000+ chars>... marsCategory: Info/Misc interfaceGroup: vs0 vlan: 15 participants: attacker: addr: 10.240.100.2 locality=OUT port: 17185 target: addr: 10.240.50.100 locality=OUT port: 80 os: idSource=imported type=windows relevance=relevant actions: droppedPacket: true deniedFlow: true tcpOneWayResetSent: true context: fromTarget: 000000 48 54 54 50 2F 31 2E 31 20 34 31 34 20 52 65 71 HTTP/1.1 414 Req ! <output omitted> fromAttacker: 000000 62 30 25 31 64 6D 25 31 66 57 25 38 39 25 31 32 b0%1dm%1fW%89%12 ! <output omitted> riskRatingValue: 95 targetValueRating=medium attackRelevanceRating=relevant watchlist=25 threatRatingValue: 60 interface: ge3_1 protocol: tcp Cisco Security Agent Watch Lists As part of its threat control function, the CSA has the ability to quarantine hosts that violate security rules or exhibit malicious behavior. The quarantine of a host occurs either dynamically as a result of the global correlation of events from multiple CSAs, or manually by configuration of an administrator. When quarantined, the IP address of the host is added to the Quarantine IP list and all systems running CSA are instructed to block any communication attempt with the affected host. For improved threat visibility and overall control, the Cisco IPS external product interface can be configured to use the quarantine information generated by the CSA. This way, every time a host is quarantined, the CSA will send a quarantine event to each one of the Cisco IPS sensors subscribed for the reception of quarantine information. Quarantine events include the reason for the quarantine, the protocol associated with a rule violation (TCP, UDP or ICMP), and the IP address of the host to be quarantined. With all the quarantine information provided by CSA, each Cisco IPS sensor builds and maintains a watch list. The purpose of the watch list is to help the Cisco IPS monitor systems identified by the CSA as suspicious or malicious and to highlight any events associated with these systems. The watch list identifies systems that the Cisco IPS must monitor closely and which risk ratings must be increased. The watch list does not extend the quarantine of the hosts in the list to the Cisco IPS. In fact, the Cisco IPS does not block a host solely because it is part of the list. Note For a host, being on the watch list translates into being quarantined by the CSA and watched by the Cisco IPS. The Cisco IPS does not automatically quarantine systems in the watch list.11-17 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility Every time a host in the watch list triggers an alert, the resulting risk rating is increased by the watch list rating. The watch list rating is configured as part of the external product interface and consists of the following three parameters (configurable in a range of integer values between 0 to 35): • Manual Watch List RR increase—Indicates the value by which risk rating should be increased for events associated with hosts that were manually added to the watch list. By default, the increase value is set to 25. • Session-based Watch List RR increase—Indicates the value by which risk rating should be increased for events associated with TCP connections added to the watch list as a result of CSA global correlation. By default the increase value is set to 25. • Packet-based Watch List RR increase—Indicates the value by which risk rating should be increased for events associated with UDP-based sessions added to the watch list as a result of CSA global correlation. By default the increase value is set to 10. A host can be added to the watch list either manually by a CSA administrator or as a result of CSA global correlation: • Manual Configuration—A CSA administrator may chose to manually quarantine systems known to be compromised, or that need to be isolated from the network for any particular reason. To quarantine a host manually, the administrator must add the IP address of the host to the Quarantined lP Addresses list. This is done by accessing the dynamically quarantined IP addresses link within the Global Event Correlation section in CSA-MC, and by adding a new entry with the host IP address. • Dynamic Global Correlation—CSA can be configured to quarantine hosts dynamically when they violate a security rule, communicate with an untrusted host, or exhibit malicious behavior. The configuration of dynamic quarantining requires the definition of a rule setting the offending host as globally untrusted, and to enable the global correlation of the event. For information on how to define manually or dynamically quarantine systems, refer to Integrating Cisco Security Agent with Cisco Intrusion Prevention System at the following URL: http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5729/ps5713/ps4077/prod_white_paper0900ae cd805c389a.html Cisco IPS Event Action Override The Cisco IPS implements watch lists primarily to highlight the activity of suspicious systems and, while the CSA isolates the hosts in the list, the Cisco IPS does not enforce quarantine automatically—although it is possible to combine the watch list with one or more event action overrides to dynamically block hosts in the list. An event action override is a general rule that sets response actions for events with risk ratings falling into specific ranges and that supersedes the actions defined at the signature level. As a result of a watch list, the Cisco IPS increases the risk rating of the events triggered by the systems in the list. An event action override can be configured to block the offending host once it triggers an event exceeding a predefined threshold. The event action override should be configured to block the attacker inline when the system is configured in inline protection mode (IPS) and to block the host with a shunning when the system is in promiscuous mode (IDS). These concepts are illustrated in Figure 11-11.11-18 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility Figure 11-11 Event Action Override In Figure 11-11, one event action override is defined for a Cisco IPS configured in inline protection mode. Network events triggering alarms with a high risk rating (more than 90) will cause the source host to be blocked inline by the Cisco IPS. Other risk rating values are medium risk (from 70 but less than 90) and low risk (less than 70). The implementation of event action overrides is a useful tool that extends the quarantine of hosts by the CSA to the Cisco IPS, thereby delivering a true end-to-end enforcement from the endpoint to the network. While the use of this practice yields clear benefits, there are some important aspects that should be considered prior to its adoption: • After an event action override is set, it applies to all events with risk ratings falling in the range configured—not only those concerning hosts in the watch list. • The Cisco IPS will not enforce any action until the host present in the watch list triggers an event with a resulting risk rating that falls in the range specified for the event action override. This means the Cisco IPS will not quarantine a host immediately after it receives a quarantine event from CSA-MC. An action on the host will be enforced only after the host triggers an event in the Cisco IPS. Validating Cisco Secure Agent and Cisco IPS Integration The statistics plane within the Cisco IPS Device Manager 6.2 provides valuable information that is useful for verifying the status of the external product interface, the reception of endpoint posture information, and CSA watch-lists. Within the Cisco IPS Device Manager 6.2, the statistics tab is accessible via Monitoring > Sensor Monitoring > Support Information > Statistics.11-19 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Cisco IPS Enhanced Endpoint Visibility To verify the status of the external product interface, scroll-down to External Product Interface and look for Communications Status. The active status confirms the Cisco IPS sensor was able to open its subscription session with CSA-MC. The same section displays the list of systems in the CSA watch-list. See Figure 11-12. Figure 11-12 External Product Interface Status The OS Identification Statistics section displays the list of OS posture records imported from CSA-MC. The list can also been seen by accessing Monitoring > Sensor Monitoring > Dynamic Data > OS Identifications > Imported OS. This is illustrated in Figure 11-13.11-20 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-13 Imported OS Unified Management and Control Cisco Security Manager (CSM) is a GUI-based, enterprise-class management application designed to enable scalable management of security policies on Cisco security devices by supporting integrated provisioning of firewall, Cisco IPS, and virtual private networking (VPN)—site-to-site, remote access, and SSL—services across Cisco IOS routers, Cisco Adaptive Security Appliances (ASA), Cisco Catalyst 6500/7600 security service modules, Cisco IPS appliances, and Cisco IPS modules. CSM efficiently manages a wide range of networks—from small networks consisting of a few devices to large networks with thousands of devices. Scalability is achieved through a rich feature set of shareable objects and policies and device grouping capabilities. The primary benefits of using CSM are as follows: • Scalable network management—Centrally administer security policies and device settings for either small networks or large scale networks consisting of thousands of devices. Define policies and settings once and then optionally assign them to individual devices, groups of devices, or all the devices in the enterprise. • Provisioning of multiple security technologies across different platforms—Manage VPN, firewall, and Cisco IPS technologies on routers, security appliances, Cisco Catalyst devices and service modules, and Cisco IPS devices. • Provisioning of platform-specific settings and policies—Manage platform-specific settings on specific device types. For example: Routing, 802.1x, Easy Secure Device Deployment (EzSDD), and NAC on routers; and, device access security, DHCP, AAA, and multicast on firewall devices. 11-21 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control • VPN wizard—Quickly and easily configure site-to-site, hub-and-spoke, and full-mesh VPNs across different VPN device types. • Multiple management views—Device, policy, and map views enable you to manage your security in the environment that best suits your needs. • Reusable policy objects—Create reusable objects to represent network addresses, device settings, VPN parameters, and so on, then use them instead of manually entering values. • Device grouping capabilities—Create device groups to represent your organizational structure. Manage all devices in the groups concurrently. • Policy inheritance—Centrally specify which policies are mandatory and enforced lower in the organization. New devices automatically acquire mandatory policies. • Role-based administration—Enable appropriate access controls for different operators. • Workflow—Optionally allow division of responsibility and workload between network operators and security operators and provide a change management approval and tracking mechanism. • Single, consistent user interface for managing common firewall features—Single rule table for all platforms—including routers, Cisco PIX Security Appliances, Cisco ASAs, and Cisco Firewall Software Modules (FWSM). • Intelligent analysis of firewall policies—The conflict detection feature analyzes and reports rules that overlap or conflict with other rules. The ACL hit count feature checks in real-time whether specific rules are being hit or triggered by packets. • Sophisticated rule table editing—Inline editing, ability to cut, copy, and paste rules and to change rule order in the table. • Discover firewall policies from device—Policies that exist on the device can be imported into CSM for future management. • Flexible deployment options—Support for deployment of configurations directly to a device or to a configuration file. You can also use Auto-Update Server (AUS), Configuration Engine, or Token Management Server (TMS) for deployment. • Rollback—Ability to roll back to a previous configuration if necessary. • FlexConfig (template manager)—Intelligent CLI configlet editor to manage features that are available on a device, but that are not natively supported by CSM. CSM works in conjunction with the CS-MARS. Used together, these two products provide a comprehensive security management solution that addresses configuration management, security monitoring, analysis, and mitigation. While CSM lets you centrally manage security policies and device settings in large-scale networks, CS-MARS is a separate application that monitors devices and collects event information, including Cisco IPS event information, Syslog messages and NetFlow traffic records. CS-MARS aggregates and presents massive amounts of network and security data in an easy-to-use format. Based on information derived from CS-MARS reports, you can edit device policies in CSM to counter security threats. Specifically, if you use CSM to configure firewall access rules and Cisco IPS signatures, you can configure CS-MARS to collect information related to those policies and make it available to CSM users. By registering the CS-MARS servers with CSM, users can navigate directly from a specific access rule or Cisco IPS signature to a CS-MARS report window, pre-populated with query criteria for that rule or signature. Similarly, CS-MARS users can view the CSM policies related to specific CS-MARS events. This bi-directional mapping of specific events to the policies that triggered them, combined with the ability to immediately modify the policies, can dramatically reduce the time spent configuring and troubleshooting large or complex networks. 11-22 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control CSM and CS-MARS Cross-Communication Deployment Considerations To enable the cross-communication between CSM and CS-MARS, you must register the CSM servers with the CS-MARS servers and register the CS-MARS servers with the CSM servers. You must also register the specific devices with each application. Then, when working with firewall access rules or Cisco IPS signatures for a device, a CSM user can quickly view real-time and historical event information related to that rule or signature. When deploying the CSM and CS-MARS cross-communication linkages, there are a few important considerations that should be noted when integrating the two products: • Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS) is required for communication between the CSM server and CS-MARS. • The clock on all devices must be in-sync, including CS-MARS, CSM, and the devices they monitor and manage. • To query for CS-MARS events for Cisco FWSM, Cisco PIX, and Cisco ASA devices on which multiple independent security contexts exist, you must define a unique management IP address in the CSM for each security context. The host name and reporting IP address for each virtual context must be configured before adding it to CS-MARS—otherwise, event lookup from policies on these contexts fails. • For all Cisco IPS device and service policies, a default signature policy is assigned to the device when you do not discover Cisco IPS policies, or when you remove the configured policies from the device. If you try to perform an event lookup from the default signature, a Policy not found error message is displayed. However, if you edit the default signature and save it, you can then navigate to events in CS-MARS. • If object grouping (or rule optimization) is enabled for an access rule defined in CSM, and the associated access-list commands on the device do not match the optimized rules, no events are displayed in CS-MARS because of the mismatch between CSM and the device. • If logging is not enabled for an access rule on the Cisco ASA, Cisco PIX, and Cisco FWSM devices, or if logging is not enabled on Cisco IOS routers for access rules, a warning message is displayed and you can only look up traffic-flow events for those rules. • The CSM server that you add to CS-MARS can be used to perform policy lookup only for those devices that it manages and that publish events to CS-MARS. • Each CS-MARS local controller can query only one CSM. You cannot define more than one CSM server per local controller. However, the same CSM server can be defined on multiple local controllers. • CSM must be running version 3.2 or higher if you want to look up the policy table and modify matching rules or signatures. If you add a CSM server running 3.0.1, 3.0.2, or 3.1.x to a CS-MARS appliance running 4.3.2 through 4.3.4 or 5.3.2 through 5.3.4, you can query for policies in view mode only; you must open a CSM client instance separately to modify the policies. 11-23 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Registering CSM with CS-MARS In order to cross-launch CSM from within CS-MARS to view the firewall and Cisco IPS policies associated with triggered events, CSM must be registered with CS-MARS. The CSM server is registered in CS-MARS by defining a host with a software application residing on that host. In order to add CSM to CS-MARS, the user must be logged in with an administrative role and perform the following tasks: Step 1 Add CSM as a SW security application in the Security and Monitor device section on the CS-MARS Admin window. Step 2 Add the appropriate access and reporting IP (these addresses will typically be the same) and add the CSM interface IP address and subnet mask information Step 3 In the reporting application section, select Cisco Security Manager ANY. Step 4 Perform a connectivity test and select whether you want users to use a standard CS-MARS login ID or prompt users for separate login credentials when launching CSM. Note It is recommended that users be prompted to enter their own login credentials when cross launching CSM from within CS-MARS. This will enable activity to be tracked and ensure that only authorized administrators can make changes to CSM managed devices. Figure 11-14 shows CSM (sfx-csm) registered with CS-MARS. Figure 11-14 CSM Registered with CS-MARS11-24 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Registering CS-MARS in CSM In order to view real-time and historical event information related to firewall access rules and Cisco IPS signatures, CS-MARS must be registered with CSM. The specific CS-MARS must also be registered to the specific managed device within CSM. In order for the CSM server to be queried by CS-MARS, the CSM must have a user account that the CS-MARS can use to access it. If using AAA for authentication and authorization, the following actions can be performed with respect to the user accounts: • If using Common Services AAA authentication on the CSM server—for example, Cisco Secure Access Control Server (CS-ACS), you must update the administrative access settings to ensure that the CS-MARS account has the necessary client access to the CSM server. Note When you register a CSM server with CS-MARS, it is recommended that you select the option to prompt users for CSM credentials for policy table lookup. In this case, a separate CS-MARS account in Common Services might not be necessary for authentication purposes. • If you are using local authentication and authorization, you must define a user account in CSM that CS-MARS can use to perform queries. Separate user accounts are recommended to provide a specific audit trail on the CSM server. These accounts must be assigned one of the following Common Services roles: – Approver – Network operator – Network administrator – System administrator Users with the help desk security level can only view the policy lookup table in CS-MARS. They cannot cross-launch CSM to modify policies. For more information on adding users and associating roles with them in Common Services, see the applicable User Guide for CiscoWorks Common Services, such as the following: http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_common_services_software/3.1.1/user/guide /cs311book.html In order to register CS-MARS with CSM, you must be logged in as a user with an Admin role and perform the following tasks: Step 1 Add CS-MARS from the Security Manager Administration page. Step 2 Enter the hostname/IP address, username, and password information for accessing CS-MARS. Step 3 Retrieve the certificate thumbprint from CS-MARS. Step 4 Accept the certificate to register CS-MARS with CSM. Step 5 Once CS-MARS is registered with CSM, you must map the specific CS-MARS to the individual managed devices within CSM. This is done by updating the device properties of each of the managed devices and discovering the specific CS-MARS from the list of CS-MARS devices which are registered with CSM. The example CSM window in Figure 11-15 illustrates CS-MARS with the IP address of 172.26.191.99 is registered with CSM.11-25 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-15 CS-MARS Registered with CSM Figure 11-16 illustrates that the SFX13-ASA5580-1 firewall is being monitored by the CS-MARS with the IP address 172.26.191.99:11-26 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-16 Firewall Monitored by CS-MARS CSM and CS-MARS Linkage Objectives The following summarizes the objectives of the CSM and CS-MARS cross-communication linkages: • Support for MARS to CSM cross launch • Support for CS-MARS to CSM (event-to-policy) firewall cross linkages • Support for CSM to CS-MARS (policy-to-event) firewall cross linkages • Support for CS-MARS to CSM (event-to-policy) Cisco IPS cross linkages • Support for CSM to CS-MARS (policy-to-event) Cisco IPS cross linkages • Troubleshoot and diagnose network security incidents relating to Firewall and Cisco IPS policies in CSM • Find reported events in CS-MARS with linking back to the triggering policy in CSM • Find events in CS-MARS by clicking a policy of interest in CSM • Enable quick policy collaboration between CS-MARS and CSM11-27 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Firewall Cross Linkages CSM and CS-MARS cross-communication linkages for firewall policies and events include: • Support for CS-MARS-to-CSM (event-to-policy) firewall cross-linkages • Support for CSM-to-CS-MARS (policy-to-event) firewall cross linkages Firewall Cross Linkage: CS-MARS Event to CSM Policy Firewall access rules filter network traffic by controlling whether routed packets are forwarded or blocked at the firewall’s interfaces. After configuring and deploying access rules from the CSM to a firewall device and enabling logging on the device monitored by MARS, a log entry is created when an access rule matches the network traffic that the device is processing and the action defined in the rule is used to decide if traffic must be permitted or denied. An incident is generated in CS-MARS after the log associated with an access rule is received from the device. Using CS-MARS, you can navigate from the event messages that are generated in CS-MARS to the configured access policy in CSM. You can then edit the access policy as needed to tune attributes of the rule or the action it takes on it. Figure 11-17 illustrates the CSM/CS-MARS event-to-policy firewall cross linkage. Figure 11-17 CSM and CS-MARS Event11-28 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Firewall Cross Linkage: CSM Policy to CS-MARS Event Firewalls that are monitored by CS-MARS continually forward event information to CS-MARS. These events are stored in the CS-MARS database. Querying for historical events from CSM lets you view event information stored in the CS-MARS database. You also can navigate from policies in CSM to view events as they are forwarded to CS-MARS in nearly real-time. From within the CSM, you can run an event query on the CS-MARS for managed access rules using the CSM and MARS cross linkage. The CSM requests specific event data by supplying the CS-MARS with relevant device details and event-identification information. The CS-MARS then creates a query based on the provided information and displays a query-related page. Real-time queries are run automatically and the results displayed. For historical queries, the Query Criteria window opens. You can either run the query or save the criteria as a report to run at a later time. Because CSM and CS-MARS do not share a common device repository, the query created by CSM and sent to CS-MARS includes all the device details (management IP address, host name, domain name, and so on) available in the CSM database. CS-MARS compares this information to the device information in its database. Event lookup succeeds only if the relevant devices are recognized by both CSM and CS-MARS—and can be reached by CS-MARS using the specified IP address or fully qualified domain name. When querying for events on CS-MARS from within CSM, you can match the events based on five tuple flow information or match the rule using hash codes. Because the five tuple match is based on source IP, source port, destination IP, and timestamp, it might not be unique to the specific Cisco ACE and could produce unexpected results. If hash codes are available they can be used to match the flow to a specific Cisco ACE. This is a more granular than the five tuple match and is available on the Cisco ASA firewalls. A hash is created to uniquely identify individual Cisco ACEs within an access policy. If the CSM is used to deploy the Cisco ACE, then it knows the unique hashes associated with each Cisco ACE. Note Large historical queries might need to run in batch mode. The CS-MARS system will automatically determine this and change the button from Submit Inline to Submit Batch. Note Even though the query is pre-populated, the users still need to choose the time range through which they wish to search. Figure 11-18 illustrates the CSM/CS-MARS policy-to-event firewall cross linkage for a historical query.11-29 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-18 CSM/CS-MARS Policy-to-Event Firewall Cisco IPS Cross Linkages CSM and CS-MARS cross communication linkages for Cisco IPS policies and events include: • Support for CS-MARS to CSM (event-to-policy) Cisco IPS cross linkages • Support for CSM to CS-MARS (policy-to-event) Cisco IPS cross linkages Cisco IPS Cross Linkage: CS-MARS Event to CSM Policy The CSM and CS-MARS Cisco IPS event-to-policy cross linkage provides administrators with the ability to take an event within CS-MARS and link it back to the Cisco IPS signature and policy within the CSM that triggered the event. This provides the ability to quickly adjust signature policies as needed to fix problems in the network—such as false positives that create noise or that are blocking legitimate traffic. Figure 11-19 illustrates this CSM/CS-MARS event-to-policy Cisco IPS cross linkage.11-30 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-19 CSM/CS-MARS Event-to-Policy Cisco IPS Cross Link Cisco IPS Cross Linkage: CSM Policy to CS-MARS Event The CSM and CS-MARS Cisco IPS policy-to-event cross linkage provides administrators with the ability to query events in CS-MARS from within CSM associated with Cisco IPS signatures. This provides administrators immediate insight into Cisco IPS effects on intrusions and instant verification about the effectiveness of updated policies. Event queries can be done for real-time events, as well as historical events stored on CS-MARS. When launching a CS-MARS query from within CSM, the query is automatically populated. Figure 11-20 illustrates this CSM/CS-MARS policy-to-event cross linkage.11-31 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-20 CSM/CS-MARS Policy-to-Event Cross Link Cisco IPS Event Action Filter Creating an event action filter (EAF) from an incident is a way to tune out false positives. When drilling down into the signature associated with a particular event, click the Signature ID link and to access the Cisco Security Center website. This site lists information on the Cisco IPS signatures, including known false triggers. This information can be used to quickly tune signatures in the customer environment. This collaborative Cisco IPS EAF creation enables administrators to trace events back to the triggering signature, investigate the signature, tune the signature on the fly, and rapidly deploy to a single sensor or all sensors throughout the network. EAFs can be created and enabled on a per-sensor or per-policy basis. Per-policy EAFs allows a user to change a single policy item then have that policy pushed out to all of the devices covered by that single policy. Figure 11-21 illustrates the flow of this collaborative Cisco IPS EAF creation flow.11-32 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-21 Collaborative Cisco IPS EAF Creation CSM Automatic Cisco IPS Updates Another important feature that CSM provides for managed Cisco IPS devices is the Cisco IPS Automatic Update feature. This feature facilitates the automatic download and deployment of the latest Cisco IPS signatures available from Cisco on to Cisco IPS devices throughout the network. These updates can be applied to single sensors or multiple sensors. CSM is configured to poll Cisco’s website for updated signatures on a configurable schedule and, if updated signatures are available, they can be automatically downloaded. Once they are downloaded, the CSM can be configured to notify you that an updated signature package is available or to automatically deploy the signatures on Cisco IPS sensors. This ensures Cisco IPS sensors are up-to-date to protect against the latest threats that might affect the network. Figure 11-22 illustrates the Cisco IPS automatic update settings within CSM.11-33 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Figure 11-22 Cisco IPS Auto-Update Settings in CSM Cisco IPS Threat Identification and Mitigation The CSM and CS-MARS Cisco IPS linkages along with the Cisco IPS automatic update and event action features combine to provide a collaborative threat identification and mitigation solution that enables network administrators to rapidly respond and protect networks from new threats. The following timeline example illustrates how this collaborative solution is used to protect the network from a new potential threat: • 10:07 AM – MS Bulletin is published identifying a new potential threat. • 10:20 AM – Cisco Security team notified. • 11:03 AM – First Intellishield alert published. • 12:40 PM – Intellishield publishes a mitigation bulletin for new threat. • 12:55 PM – Cisco Security Center event response page for threat goes live. • 1:19 PM – New Cisco IPS signatures published. • 1:30 PM – CSM hourly automated signature updates checks and pushes latest updates. • 2:03 PM – Cisco IPS Signature update complete. • 3:03 PM – First CS-MARS correlated event is seen. • 4:01 PM – Cisco IPS event action filter is created based on insight from Cisco security event page. • 4:30 PM – CSM completes event action filter deployment throughout the network.11-34 Cisco SAFE Reference Guide OL-19523-01 Chapter 11 Threat Control and Containment Unified Management and Control Note IntelliShield is a subscription-based service that gives advanced notification of problems and mitigation solutions. The Security Center response page is updated quickly, but is something that customers must manually check, whereas the IntelliShield service automatically sends notifications directly to subscribers.C H A P T E R 12-1 Cisco SAFE Reference Guide OL-19523-01 12 Cisco Security Services The Cisco SAFE is complimented by Cisco's rich portfolio of security services designed to support the entire solution lifecycle. Security is integrated everywhere and with the help of a lifecycle services approach, enterprises can deploy, operate, and optimize network platforms that defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls. Figure 12-1 shows how the Cisco Lifecycle Security Services support the entire lifecycle. Figure 12-1 Cisco Lifecycle Security Services For more information on Cisco Services offering, refer to the following URL: http://www.cisco.com/en/US/products/svcs/services_area_root.html Strategy and Assessment Deployment and Migration Remote Management Security Intelligence Security Optimization Optimize Plan Design Implement Operate 22615912-2 Cisco SAFE Reference Guide OL-19523-01 Chapter 12 Cisco Security Services Strategy and Assessments Strategy and Assessments Cisco offers a comprehensive set of assessment services based on a structured IT governance, risk management, and compliance approach to information security. These services help the customer understand the needs and gaps, recommend remediation based on industry and international best practices, and help the customer to strategically plan the evolution of an information security program, including updates to security policy, processes, and technology. Deployment and Migration Cisco offers deployment services to support the customer in planning, designing, and implementing Cisco security products and solutions. In addition, Cisco has services to support the customer in evolving its security policy and process-based controls to make people and the security architecture more effective. Remote Management Cisco Remote Management services engineers become an extension of the customer's IT staff, proactively monitoring the security technology infrastructure and providing incident, problem, change, configuration, and release management as well as management reporting 24 hours a day, 365 days a year. Security Intelligence The Cisco Security Intelligence services provide early warning intelligence, analysis, and proven mitigation techniques to help security professionals respond to the latest threats. The customer's IT staff can use the latest threat alerts, vulnerability analysis, and applied mitigation techniques developed by Cisco experts who use in-depth knowledge and sophisticated tools to verify anomalies and develop techniques that help ensure timely, accurate, and quick resolution to potential vulnerabilities and attacks. Security Optimization The Cisco security Optimization service is an integrated service offering designed to assess, develop, and optimize the customer's security infrastructure on an ongoing basis. Through quarterly site visits and continual analysis and tuning, the Cisco security team becomes an extension of the customer's security staff, supporting them in long-term business security and risk management, as well as near-term tactical solutions to evolving security threats.A-1 Cisco SAFE Reference Guide OL-19523-01 A P P E N D I X A Reference Documents Security Area Reference Document Link Data Center Data Center Service Integration: Service Chassis Design Guide http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/dc_servc has/service-chassis_design.html Cisco Nexus 7000 in the Data Center Aggregation Layer with Services http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/nx_7000 _dc.html Campus Design Campus Network for High Availability Design Guide http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/HA_campus_ DG/hacampusdg.html Enterprise Campus 3.0 Architecture: Overview and Framework http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/campover.ht ml Campus Design Zone Site http://www.cisco.com/en/US/netsol/ns815/networking_solutions_program_ho me.html DNS Protection DNS Best Practices, Network Protections, and Attack Identification http://www.cisco.com/web/about/security/intelligence/dns-bcp.html DoS Protection Remotely Triggered Black Hole Filtering http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6642/ prod_white_paper0900aecd80313fac.pdf Edge Filtering BCP 38 http://tools.ietf.org/html/bcp38 RFC 2827 http://tools.ietf.org/html/rfc2827 RFC 3330 http://tools.ietf.org/html/rfc3330 E-mail Security Cisco IronPort C-Series http:// www.ironport.com/email Endpoint Security CSA http://www.cisco.com/go/csa CSSC http://cisco.com/en/US/products/ps7034/index.html Export Restrictions Cisco Global Export Trade http://www.cisco.com/web/about/doing_business/legal/global_export_trade/in dex.htmlA-2 Cisco SAFE Reference Guide OL-19523-01 Appendix A Reference Documents Firewall ASA 5500 Series http://www.cisco.com/go/asa Cisco Firewall http://www.cisco.com/go/firewall IOS Firewall http://www.cisco.com/en/US/products/sw/secursw/ps1018/index.html Identity-Based Network Services Cisco Identity Based Networking Services (IBNS) http://www.cisco.com/go/ibns Cisco Network Admission Control (NAC) http://www.cisco.com/go/nac IP Spoofing Protection Configuring DHCP Features and IP Source Guard on Catalyst 3750 Switches http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release /12.2_46_se/configuration/guide/swdhcp82.html Configuring DHCP Snooping and IP Source Guard on Catalyst 4500 Switches http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/config uration/guide/dhcp.html Configuring Unicast Reverse Path Forwarding http://www.cisco.com/en/US/docs/ios/security/configuration/guide/sec_cfg_u nicast_rpf_ps6350_TSD_Products_Configuration_Guide_Chapter.html IPS Cisco IPS Portfolio http://www.cisco.com/go/ips Cisco IPS 4200 Series Configuration Examples and TechNotes http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/prod_configuratio n_examples_list.html Cisco IPS 4200 Series Configuration Guides http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_installati on_and_configuration_guides_list.html Cisco IPS Tuning Overview (CCO Login required) http://www.cisco.com/en/US/partner/prod/collateral/vpndevc/ps5729/ps5713/ ps4077/overview_c17-464691.html Configuring IPS High Bandwidth Using EtherChannel Load Balancing http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configur ation_example09186a0080671a8d.shtml Network Access Control Identity Based Networking Services (IBNS) Site http://www.cisco.com/go/ibns Network Appliance Site http://www.cisco.com/go/nacappliance NAC Profiler and NAC Server Collectors in a Layer 3 Out-of-Band Configuration Guide http://www.cisco.com/en/US/products/ps6128/products_configuration_examp le09186a0080a30ad7.shtml NAC User Management: Configuring Authentication Servers http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide /416/CAM/m_auth.htmlA-3 Cisco SAFE Reference Guide OL-19523-01 Appendix A Reference Documents Network Virtualization Solutions Virtualization Technology Site http://www.cisco.com/en/US/netsol/ns872/index.html PCI Design PCI Solution for Retail Design and Implementation Guide http://www.cisco.com/en/US/docs/solutions/Verticals/PCI_Retail/PCI_Retail _DIG.html QoS Design Enterprise QoS Solution Reference Network Design Guide http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS _SRND/QoS-SRND-Book.htm Quality of Service (QoS) http://www.cisco.com/en/US/products/ps6558/products_ios_technology_hom e.html Routing Security Protecting Border Gateway Protocol for the Enterprise http://www.cisco.com/web/about/security/intelligence/protecting_bgp.html Security Design Cisco Network Security Baseline http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/Baseline_Sec urity/securebasebook.html Cisco SAFE http://www.cisco.com/go/safe Design Zone for Security http://www.cisco.com/en/US/netsol/ns744/networking_solutions_program_ho me.html Infrastructure Protection on Cisco Catalyst 6500 and 4500 Series Switches whitepaper http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigrat ion_09186a0080825564.pdf Switching Security Configuring DHCP Features and IP Source Guard http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release /12.2_46_se/configuration/guide/swdhcp82.html Configuring Dynamic ARP Inspection on 3750 Switches http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release /12.2_46_se/configuration/guide/swdynarp.html Configuring Port Security http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release /12.2_46_se/configuration/guide/swtrafc.html#wp1038501 Configuring Storm Control http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release /12.2_44_se/configuration/guide/swtrafc.html#wp1063295 Port Security Violations http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release /12.2_46_se/configuration/guide/swtrafc.html#wp1090391 Smartports Macros on 3750 Switches http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release /12.2_46_se/configuration/guide/swmacro.html Configuring SmartPort Macros on Catalyst 4500 http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/config uration/guide/macro.html Switch Security Services http://www.cisco.com/go/switchsecurityA-4 Cisco SAFE Reference Guide OL-19523-01 Appendix A Reference Documents Telemetry Cisco IOS Netflow http://www.cisco.com/en/US/products/ps6601/products_ios_protocol_group_ home.html Cisco Security Monitoring, Analysis, and Response System (CS-MARS) http://www.cisco.com/go/mars Embedded Event Manager (EEM) Scripting Community http://forums.cisco.com/eforum/servlet/EEM?page=main Network Time Protocol: Best Practices White Paper http://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper091 86a0080117070.shtml Teleworker Design Cisco Virtual Office http://www.cisco.com/go/cvo Cisco Virtual Office-Solution Reference Network Design (SRND) http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns430/ns855/g uide_c07-495139.html Threat Alerts Cisco Security Advisories http://www.cisco.com/en/US/products/products_security_advisories_listing.h tml Cisco Security Center http://tools.cisco.com/security/center/home.x Cisco Security IntelliShield Alert Manager Service http://www.cisco.com/en/US/products/ps6834/serv_group_home.html Threats Botnets: The New Threat Landscape http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns171/ns441/n etworking_solutions_whitepaper0900aecd8072a537.html Infiltrating a Botnet http://www.cisco.com/web/about/security/intelligence/cwilliams-bots.html WAN Des ig n Call Admission Control for IKE http://www.cisco.com/en/US/docs/ios/security/configuration/guide/sec_call_a ddmsn_ike.html Design Zone for WAN/MAN http://www.cisco.com/en/US/netsol/ns817/networking_solutions_program_ho me.html Digital Certificates/PKI for IPSec VPN's http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/DCertPKI.ht ml Dynamic Multipoint VPN (DMVPN) Design Guide http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/DM VPDG.html Secure WAN Design Zone http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns744/networking _solutions_products_genericcontent0900aecd805f65bf.html Site-to-Site VPNs http://www.cisco.com/go/vpn Transport Diversity: Performance Routing (PfR) Design Guide http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/Tra nsport_diversity/Transport_Diversity_PfR.htmlA-5 Cisco SAFE Reference Guide OL-19523-01 Appendix A Reference Documents Web Security Cisco ASA.5500 Series Content Security Services http://www.cisco.com/go/cscssm Cisco IOS Content Filtering http://www.cisco.com/en/US/products/ps6643/index.html Cisco IronPort S-Series http:// www.ironport.com/web Cisco Web Application Firewall http://www.cisco.com/go/waf WLAN Security Wireless and Network Security Integration Design Guide http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/secwlandg20 /sw2dg.htmlA-6 Cisco SAFE Reference Guide OL-19523-01 Appendix A Reference Documents GL-1 Cisco SAFE Reference Guide OL-19523-01 G L O S S A R Y A AAA Authentication, Authorization and Accounting ARP Address Resolution Protocol ASA Adaptive Security Appliance ASDM Adaptive Security Device Manager ACE Application Control Engine B BGP Border Gateway Protocol C CISF Catalyst Integrated Security Features CSSC Cisco Security Services Client CoPP Configuring Control Plane Policing CSA-MC Cisco Security Agent Management Center CSM Cisco Security Manager CS-MARS Cisco Security Monitoring, Analysis, and Response System D DAI Dynamic ARP Inspection DMZ Demilitarized Zone DNS Domain Name System DoS Denial-of-serviceGlossary GL-2 Cisco SAFE Reference Guide OL-19523-01 DDoS distributed denial-of-service DHCP Dynamic Host Configuration Protocol E ECLB EtherChannel Load Balancing EIGRP Enhanced Interior Gateway Routing Protocol ERSPAN Encapsulated Remote Switched Port Analyzer ESA E-mail Security Appliances F FTP File Transfer Protocol FWSM Firewall Services Module G GLBP Gateway Load Balancing Protocol GRE Generic Routing Encapsulation H HIPS Host-based Intrusion Prevention Systems HTTP Hypertext Transfer Protocol HTTPS Hypertext Transfer Protocol over Secure Sockets Layer HSRP Hot-Standby Routing Protocol I iACLs Infrastructure Protection Access Control Lists IB In-band IBNS Identity Based Networking Services ICMP Internet Control Message ProtocolGlossary GL-3 Cisco SAFE Reference Guide OL-19523-01 IDM Detection System Device Manager IDS Intrusion Detection System Services Module 2 IS-IS Integrated Intermediate System-to-Intermediate System IPS Intrusion Prevention System ISATAP Intra-Site Automatic Tunnel Addressing Protocol ISR Integrated Services Router L LACP Link Aggregate Control Protocol LAP LWAPP Access Point. LBS Location-based service LWAPP Lightweight Access Point Protocol M MAB MAC-Authentication Bypass MD5 Message Digest Algorithm Version 5 MITM Man-in-the-middle MTA Mail Transfer Agent N NAC Network Admission Control NAM Network Analysis Module NTP Network Time Protocol NSEL NetFlow Security Event Logging NSSA Not-So-Stubby Area NTP Network Time Protocol Glossary GL-4 Cisco SAFE Reference Guide OL-19523-01 O OOB Out-of-band OSPF Open Shortest Path First P PAC Proxy Auto Configuration PAgP Port Aggregation Protocol PAT Port Address Translation PINs Places in the Network; examples include data center, campus, and branch PVLANs Private VLANs PVST Per-VLAN Spanning Tree Q R RIPv2 Routing Information Protocol version 2 RPVS+ Rapid Per-VLAN Spanning Tree plus RSPAN Remote SPAN S SCF Cisco Security Control Framework SDEE Security Device Event Exchange SMTP Simple Mail Transfer Protocol SNMP Simple Network Management Protocol SPAN Switched Port Analyzer SSH Secure ShellGlossary GL-5 Cisco SAFE Reference Guide OL-19523-01 SSL Secure Socket Layer STP Spanning Tree Protocol T TCP Transport Control Protocol U UDP User Datagram Protocol URPF Unicast Reverse Path Forwarding V VACL VLAN Access Control List VDC Virtual Device Context VEM Virtual Ethernet Module VLANs Virtual LANs VPN Virtual Private Networking VRF Virtual Routing and Forwarding VSM Virtual Supervisor Module VSS Virtual Switching System VTI Virtual Tunnel Interfaces W WAF Web Application Firewall WCCP Web Cache Communications Protocol WSA Web Security Appliances Glossary GL-6 Cisco SAFE Reference Guide OL-19523-01 Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 14 Cisco IOS Quick Reference Guide for IBNS Cisco ® IBNS is the foundation for providing access control to corporate networks. The Cisco IBNS solution is a set of Cisco IOS ® Software services designed to enable secure user and host access to enterprise networks powered by Cisco Catalyst ® switches and WLANs. This Quick Reference Guide allows technical personnel to quickly bring up IBNS with sample configurations for Monitor Mode, Low Impact Mode, and High Security Mode as well as for other commonly used tasks. For more information about Cisco IBNS, please visit http://www.cisco.com/go/IBNS. G l o b a l S w i t c h I d e n t i t y S e t t i n g s ( A p p l i c a b l e t o A l l I B N S M o d e s ) Cisco IOS AAA Settings switch(config)# aaa new-model Enables authentication, authorization, and accounting (AAA) switch(config)# aaa authentication dot1x default group radius Creates an 802.1X port-based authentication method list switch(config)# aaa authorization network default group radius Required for VLAN/access control list (ACL) assignment switch(config)# aaa accounting dot1x default start-stop group radius Enables 802.1X accounting and MAC Address Bypassing (MAB) Cisco IOS RADIUS switch(config)# radius-server host aaa.server.ip* auth-port 1645 acct-port 1646 * The ip address for your AAA server (for example, Cisco Access Control Server [ACS] 5.0). Specifies the IP address of the RADIUS server switch(config)# radius-server key user-defined-shared-key (e.g.,pa$$wor6)** ** You may wish to use a different shared key. Just make sure it is the same as the one you entered into ACS when defining the AAA client. Specifies the preshared key Cisco IOS 802.1X switch(config)# dot1x system-auth-control Globally enables 802.1X port-based authentication ACS 5.0 Refer to the section Getting Started with Global Configuration Settings in the IBNS Phased Deployment Guide. Ba s i c I d e n t i t y S w i t c h P o r t C o n f i g u r at i o n (B a s i c S w i t c h P o r t C o n f i g u r a t i o n) Identity settings to be added to the access ports Example: Interface range g2/1-16 switch(config-if)# authentication port-control auto Example range to apply the port configuration to Enables port-based authentication on the interface switch(config-if)# dot1x pae authenticator Enables 802.1X authentication on the interface switch(config-if)# mab Enables MAB switch(config-if)# endQuick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 14 C i s c o C a t a l y s t I d e n t i t y F e a t u r e S u p p o r t NOTE: This quick reference guide primarily focuses on the newer features supported across the Catalyst portfolio as shown in the table here. This is not an exhaustive list of all supported features. Consult the product and Cisco IOS Software documentation for a complete list of supported features and command references. NOTE: The Cisco IOS Software releases listed here are considered the baseline 1 for new Identity Based Networking Services features. Please consider using these releases or later versions for deploying of IBNS. IBNS Deployment Modes ( O p t i o n a l ) M o n i t o r M o d e ( S w i t c h P o r t C o n f i g u r a t i o n ) Identity settings to be added to the basic IBNS access ports Example: Interface range g2/1-16 switch(config-if)# authentication open Example range to apply the port configuration to Enables preauthentication open access (nonrestricted) switch(config-if)# authentication host-mode multi-auth Allows a single IP phone and one or more data clients to authenticate independently on an authorized port. Each host, or MAC address, is authenticated individually. 1 IBNS IOS Software baseline versions: Catalyst 6500, 12.2(33)SXI2; Catalyst 4500, 12.2(50)SG; or Catalyst 3xxx/2xxx , 12.2(50)SE or later.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 14 ( O p t i o n a l) L o w I m p a c t M o d e (G l o b a l C o n f i g u r a t i o n s) Identity settings to be added to the access ports Note: You must configure a downloadable ACL (dACL) on ACS, as well as an authorization profile to apply and therefore download the ACL, prior to enabling this mode on the switch. For more information on dACLs and ACS refer to the Low Impact Mode section in the IBNS Phased Deployment Guide . Global switch configuration additions for Low Impact Mode switch(config)# radius-server vsa send authentication switch(config)# ip device tracking In order to enable dACLs, you must first configure your access switch to allow communications using the cisco-av-pair attribute with the value aaa:event=acl-download. Enter the command shown here in the global configuration of the switch. Failure to add this command will result in failed authentication/authorization requests. Configures the IP device tracking table, which is also required to use dACLs. The downloadable ACL feature allows you to download devicespecific authorization policies from the authentication server. These policies activate after authentication succeeds for the respective client and the client’s IP address has been populated in the IP device tracking table. (The downloadable ACL is applied on the port once the port is authenticated and the IP device tracking table has the host IP address entry.) Preauthentication Ingress Port ACL (Example) – Prerequsuite Basic and Monior Mode Settings switch(config)#ip access-list extended PRE-AUTH switch(config)# remark Allow DHCP switch(config)# permit udp any eq bootpc any eq bootps switch(config)# remark Allow DNS switch(config)# permit udp any any eq domain switch(config)# remark Deny all else switch(config)# deny ip any any IP- based ACL to be applied to selected ports The use of ingress ACLs is also a requirement in order to allow successful authorizations that include downloadable ACLs. Failure to add ingress ACLs will result in failed authentication/authorizations. L o w I m p a c t M o d e (S w i t c h P o r t C o n f i g u r a t i o n s) Switch interface configuration additions/changes for Low Impact Mode Example: Interface range g2/1-16 switch(config-if)#ip access-group PRE-AUTH in switch(config-if)#authentication host-mode multi-domain Applies the previously configured static extended ACL to the desired/applicable ports. Sets the authorization manager mode on the Low Impact Mode ports to “multi-domain”. L o w I m p a c t M o d e (S p e c i f i c S h o w C o m m a n d s) Show commands to help verify application of dCALs switch# show ip device tracking all switch# show epm session ip x.x.x.x switch# show ip access-list switch# show ip access-list interface <int-id> Displays the IP device tracking table that contains the host IP addresses learned through Address Resolution Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). Using the IP address learned from the IP device tracking table show command above, specify the IP address as the required option for the show epm session ip command to verify whether the dACL was successfully downloaded from ACS. Displays the extended IP access lists configured on the switch Displays the extended IP access list applied to the specified interface Hi g h S e c u r i t y M o d e (S w i t c h P o r t C o n f i g u r a t i o n s) The primary difference for High Security Mode over Monitor and Low Impact Modes is the requirement to successfully authenticate prior to any traffic (other than Estensible Authentication Protocol over LAN [EAPoL]) allowed on the network. This is considered traditional closed mode behavior of IEEE 802.1X. Example: Interface range g2/1-16 switch(config-if)#no authentication open switch(config-if)#no ip access-group PRE-AUTH in High Security Mode does not use the authentication open feature. The premise of having an ingress ACL is to restrict traffic flows based on the content of the ACL. Since no traffic can flow through the port, this feature is not a requirement. However, High Security Mode does not preclude the use of ingress ACLs. In fact, if you want to use dACLs for your authorization, an ingress ACL is required. Traditionally, the authorization method for High Security Mode is dynamic VLAN assignment. This is not mandatory, but is an option as well.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 14 A d d i t i o n a l I B N S P o r t C o n f i g u r a t i o n C o m m a n d s (S w i t c h P o r t C o n f i g u r a t i o n s) Authentication Related Host-Mode Settings Example: Interface range g2/1-16 switch(config-if)#authentication host-mode [multi-auth | multi-domain | multi-host | single-host] or switch(config-if)#dot1x host-mode {single-host | multi-host | multi-domain Host Mode Summary Note: the default host mode is single, unless otherwise configured through the authentication host-mode command. The port will be in one of the host modes if 802.1X is enabled. Below are the different modes to chose from. ? multi-auth: Allows one client on the voice VLAN and multiple authenticated clients on the data VLAN Note: The multi-auth keyword is only available with the authentication host-mode command. ? multi-host: Allows multiple hosts on an 802.1x-authorized port after a single host has been authenticated ? multi-domain: Allows both a host and a voice device, such as an IP phone (Cisco or non Cisco), to be authenticated on an 802.1xauthorized port Note: You must configure the voice VLAN for the IP phone when the host mode is set to multidomain. ? single-host: Allows a single host (client) on an 802.1x-authorized port Make sure that the authentication port control or dot1x port-control interface configuration command set is set to auto for the specified interface. FlexAuth Flexible Authentication (FlexAuth) 2 is a set of features that allows IT administrators to enable multiple authentication methods on a single port and to configure the sequence and priority of 802.1X, MAB, and switch-based web authentication (local WebAuth). Use the reference above in the authentication section for the commands to enable 802.1X, MAB, or WebAuth. By default, the authentication order and priority is 802.1X then MAB and then WebAuth. Use the commands below to modify the default behavior. switch(config-if)# authentication order [dot1x | mab] | {webauth} (Optional) Sets the order of authentication methods used on a port switch(config-if)# authentication priority [dot1x | mab] | {webauth} (Optional) Sets the priority of the authentication methods Please refer to the Deployment Note document that covers FlexAuth, Order, and Priority considerations. [FLEX-AUTH ORDERING & PRIORITY APP NOTE] Local WebAuth See the WebAuth section for full configuration. 802.1X with unidirectional controlled port (WoL) switch(config-if)# authentication control-direction {in | both} or Pre-BASELINE IBNS support switch(config-if)# dot1x control-direction {in | both} (Optional) Enables unidirectional port control on each port When you configure a port as bidirectional with the authentication control-direction both interface configuration command (or the dot1x control-direction both interface configuration command for PreBASELINE IBNS Cisco IOS Software releases), the port is access controlled in both directions. In this state, except for EAPoL packets, a switch port does not receive or send packets. 2 FlexAuth is available across the Catalyst portfolio starting with the IBNS Cisco IOS Software baseline: Catalyst 6500, 12.2(33)SXI2; Catalyst 4500, 12.2(50)SG; or Catalyst 3xxx/2xxx, 12.2(50)SE or later.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 14 A d d i t i o n a l O p t i o n a l I B N S P o r t C o n f i g u r a t i o n C o m m a n d s (S w i t c h P o r t C o n f i g u r a t i o n s) Authentication Related (Continued) Security violation disposition switch(config-if)# authentication violation [shutdown | restrict] (Optional) Configures the disposition of the port if a security violation occurs. The default action is to shut down the port. If the restrict keyword is configured, the port does not shut down, but trap entries are installed for the violating MAC address, and traffic from that MAC address is dropped. Useful command for IP telephony and multihost/multiuser deployments Periodic reauthentication switch(config-if)# authentication periodic or Pre-BASELINE IBNS support switch(config-if)# dot1x reauthentication (Optional) Enables periodic reauthentication of the client, which is disabled by default Switch(config-if)# authentication timer {{[inactivity | reauthenticate] [server | am]} {restart value}} or Pre-BASELINE IBNS support switch(config-if)# dot1x timeout reauth-period {seconds | server} (Optional) Sets the number of seconds between reauthentication attempts The authentication timer keywords have these meanings: ? inactivity: Interval in seconds of inactivity, after which client activity is considered unauthorized ? reauthenticate: Time in seconds after which an automatic reauthentication attempt is to be initiated ? server am: Interval in seconds after which an attempt is made to authenticate an unauthorized port ? restart value: Interval in seconds after which an attempt is made to authenticate an unauthorized port The dot1x timeout reauth-period keywords have these meanings: ? seconds: Sets the number of seconds from 1 to 65535; the default is 3600 seconds. ? server: Sets the number of seconds based on the value of the Session-Timeout RADIUS attribute (Attribute[27]) and the Termination-Action RADIUS attribute (Attribute [29]). This command affects the behavior of the switch only if periodic reauthentication is enabled. switch(config-if)# dot1x timeout quiet-period seconds (Optional) When the switch cannot authenticate the client, the switch remains idle for a set period of time and then tries again. The dot1x timeout quiet-period interface configuration command controls the idle period. A failed client authentication might occur because the client provided an invalid password. You can provide a faster response time to the user by entering a number smaller than the default. Sets the number of seconds that the switch remains in the quiet state after a failed authentication exchange with the client. The range is 1 to 65535 seconds; the default is 60. Switch(config-if)# dot1x timeout tx-period seconds (Optional) The client responds to the EAP request/identity frame from the switch with an EAP response/identity frame. If the switch does not receive this response, it waits a set period of time (known as the retransmission time) and then resends the frame. Sets the number of seconds that the switch waits for a response to an EAP request/identity frame from the client before resending the request. The range is 1 to 65535 seconds; the default is 5. Note: You should change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers. Switch(config-if)# dot1x max-req count (Optional) You can change the number of times that the switch sends an EAP request/identity frame (assuming no response is received) to the client before restarting the authentication process. Sets the number of times that the switch sends an EAP request/identity frame to the client before restarting the authentication process. The range is 1 to 10; the default is 2. Note: You should change the default value of this command only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 6 of 14 A d d i t i o n a l O p t i o n a l I B N S P o r t C o n f i g u r a t i o n C o m m a n d s (S w i t c h P o r t C o n f i g u r a t i o n s) Authentication Related (Continued) Switch(config-if)# dot1x max-reauth-req count (Optional) You can also change the number of times that the switch restarts the authentication process before the port changes to the unauthorized state. Sets the number of times that the switch restarts the authentication process before the port changes to the unauthorized state. The range is 0 to 10; the default is 2. Switch(config-if)# dot1x max-req count (Optional) Used to set the number of times that the switch sends an EAP request/identity frame to the client before restarting the authentication process. The range is 1 to 10; the default is 2. Note: This feature is rarely used. It controls how many times the switch will retransmit an EAP packet if no response is received from a previously communicative supplicant. Switch(config)# authentication timer reauthenticate server (Optional) RADIUS-provided session timeouts The 802.1x RADIUS-supplied timeout feature allows a switch to determine the duration of a session and the action to take when the session's timer expires. Manually re-authenticating 802.1X clients switch# dot1x re-authenticate interface interfaceid (Optional) Use this command to manually re-authenticate the client connected to a specific port at any time. Note you can just initiate dot1x reauthenticate to re-authenticate all 802.1X-enabled ports on the switch. (Optional) Authorization – Locally Administered Guest VLAN New BASELINE IBNS Features 3 switch(config-if)# authentication event no-response action authorize vlan vlan-id or Pre-BASELINE IBNS support switch(config-if)# dot1x guest-vlan vlan-id (Optional) Specifies an active VLAN as an 802.1x guest VLAN. The range is 1 to 4094. You can configure any active VLAN except an internal VLAN (routed port), an RSPAN VLAN, a primary private VLAN, or a voice VLAN as an 802.1x guest VLAN. Auth-Fail New BASELINE IBNS Features switch(config-if)#authentication event fail action authorize vlan-id or Pre-BASELINE IBNS support switch(config-if)# dot1x auth-fail vlan vlan-id (Optional) Specifies an active VLAN as an 802.1x restricted VLAN. The range is 1 to 4094. You can configure any active VLAN except an internal VLAN (routed port), an RSPAN VLAN, a primary private VLAN, or a voice VLAN as an 802.1x restricted VLAN. When you configure a restricted VLAN on a switch, clients that are 802.1x compliant are moved into the restricted VLAN when the authentication server does not receive valid credentials. The switch supports restricted VLANs only in single-host mode. switch(config-if)# dot1x auth-fail max-attempts number (Optional) You can configure the maximum number of authentication attempts allowed before a user is assigned to the restricted VLAN by using the dot1x auth-fail max-attempts interface configuration command. The range of allowable authentication attempts is 1 to 3. The default is 3 attempts. switch(config-if)# authentication event fail action next-method (Optional) Specifies that the next configured authentication method be applied if authentication fails. Note: You should make sure that you have a secondary authentication method configured before enabling this command. 3 Next-Generation Cisco IOS Software features supported on Catalyst 6500 running 12.2(33)SXI2, Catalyst 4500 running Cisco IOS Software 12.2(50)SG, and Catalyst 3K/2K running Cisco IOS Software 12.2(50)SE or later versions.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 7 of 14 (Optional) Authorization – Locally Administered (continued) Critical Auth (aka Inaccessible Authentication Bypass) New BASELINE IBNS Features switch(config-if)# authentication event server dead action authorize vlan or Pre-BASELINE IBNS support switch(config-if)# dot1x critical vlan vlan-id (Optional) Enables the Critical Auth (aka, Inaccessible Authentication Bypass) feature on the port To disable the feature, use the no authentication event server dead action authorize vlan interface configuration command (for earlier releases, use the no dot1x critical interface configuration command). New BASELINE IBNS Features switch(config-if)# authentication event server alive action reinitialize or Pre-BASELINE IBNS support switch(config-if)# dot1x critical recovery action reinitialize (Optional) Specifies that the port should be reinitialized if it is critically authorized and RADIUS becomes available The default is not to reinitialize the port.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 8 of 14 (Optional) Authorization – Centrally Administered dACLs (Downloadable ACLs) Switch Configuration switch(config-if)# ip access-group ACL-NAME* in * where ACL-NAME is the name of the ACL you defined in your global config. See the Monitor-mode section above for an example PACL named PRE-AUTH. ACS 5.1 Configuration Example Create a Named Downloadable ACL (dACL) – Example Apply the Named dACL to an authorization profile In order to allow RADIUS based authorization of dACLs, the access port is currently required to have a Ingress Port Based ACL (PACL) applied to the port, otherwise the authorization will fail. Navigate to Downloadable ACLs which is found under Policy Elemnets -> Authorizations and Permssions -> Named Permission Objects. From here you can add, edit or delete dACLs. These dACLs will be used later in the Authorization Profiles. In this example we have created a dACL named AnyAny-dACL. Here we have applied the named dACL (AnyAny-dACL) to this particular named Authorization Profile which has been named CorpUser. This Authorization Profile is now available for use with any of the define Access Services (e.g., 802.1X, MAB or WebAuth). For more information on ACS 5.x configuration refer to Scenario Based Identity Based Networking Services Deployments http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6638/whitepaper_C11-530469.htmlQuick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 9 of 14 (Optional) Authorization – Centrally Administered (continued) ACLs (RADIUS Filter-ID Attribute) Switch Configuration Example numbered ip ACL switch(config)#ip access-list extended 100 switch(config-ext-nacl)#deny ip any 10.100.60.0 0.0.0.255 switch(config-ext-nacl)#deny tcp any host 10.100.10.116 eq www switch(config-ext-nacl)#permit ip any any AAA RADIUS Server Configuration Examples ACS 4.2 Example ACS 5.1 Example With Filter-IDs, the switch must be preconfigured with each ACL that could be dynamically applied to the port. If there are 5 groups of users with 5 unique policies, then there will be 5 ACLs configured on the switch. Only numbered ACLs from 1 to 199 or 1300 to 2699 are supported. Define a numbered ACL that will be applied to the port when a user authenticates. Make a note of this number (“100”) as you will need it when defining the Filter-Id tag on the ACS. For Filter-IDs, the AAA RADIUS Server (e.g., ACS) must be configured to use the RADIUS Filter-ID Attribute [011] instead of the Cisco VSA. The Filter-ID Attribute will be set to the name of an ACL on the switch with the suffix “.in” (indicating it should be applied in the inbound direction). Filter-ID ACL—Offer a distributed method of group-to-policy mapping. In this mode, the full definition of the identity-based ACLs resides on the switch. The authentication server determines the user’s group or authorization profile and the identifier (the Filter-ID) of the ACL that should be applied to that user. The authentication server sends the Filter-ID to the switch as an attribute in the RADIUS Access-Accept message. The switch matches the Filter-ID to a locally-configured ACL that has the same number as the Filter-ID (e.g., Filter-ID=101 will match up to access-list 101). That ACL is then applied to the port. Because the access-list elements are defined on the switch, filter-ID ACLs allow for local variation in policy. Because of the distributed nature of Filter-IDs, a configuration management tool should be used to ensure centralized management and change control. A C L s ( Ad d i t i o n a l R e s o u r c e s ) For more detailed information on Identity and ACLs please refer to the Baseline Access-List (ACL) Deployment Guide: http://wwwin.cisco.com/ios/tech/ibns/docs/aclauth_EDCS-632761-2-25-08.pdfQuick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 10 of 14 (Optional) Authorization – Centrally Administered (continued) Dynamic VLAN Assignment Switch Configuration Example ACCESS VLAN switch(config)#vlan 60 switch(config-vlan)#name ACCESS AAA RADIUS Server Configuration Examples ACS 5.1 (Dynamic VLAN by NAME = (ACCESS) By dynamically assigning VLAN values to switch ports based on the client’s authenticated identity, the network maintains the ability to group users per administrative policy. This allows the notion of groups and group-applicable policy profiles to be carried down to the networking level. Create the required L2 VLANs—For multi-layer access designs, these VLANs must be trunked up to the distribution-layer switches where the corresponding VLANs are defined, together with the corresponding VLAN interfaces (these two steps are not shown in the configuration sample below). For routed access designs, it is instead required to define the L2 VLANs as well as the VLAN interfaces Note: There are three options for dynamic VLAN Assignment (this example only shows the use of dynamic VLAN assignment by NAME) Dynamic VLAN Assignment by Number Dynamic VLAN Assignment by Name Dynamic VLAN Assignment by Group (aka User Distributioin) Here we have applied the vlan named ACCESS to this particular named Authorization Profile which has been named CorpUser. This Authorization Profile is now available for use with the 802.1X or MAB Access Services. Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 11 of 14 I P T e l e p h o n y I n t e g r a t i o n (I n t e r f a c e c o m m a n d s r e l e v a n t t o I P t e l e p h o n y d e p l o y m e n t s) Authentication switch(config-if)# authentication host-mode multidomain switch(config)# vlan vlan-id switch(config-vlan)# name VOICE switch(config-if)# switchport voice vlan vlan-id Multi-Domain Authentication (MDA) host mode allows an IP phone and a PC to authenticate on the same switch port while it places them on appropriate voice and data VLANs. Allows both a host and a voice device, such as an IP phone (Cisco or non Cisco), to be authenticated on an 802.1x-authorized or MAB-enabled port. Note: You must configure the voice VLAN for the IP phone when the host mode is set to multidomain mode. Note: In order for the phone to be placed into the voice VLAN, you must specify the cisco-av-pair as device-traffic-class=voice on your AAA RADIUS server. This is configured in ACS in the Authorization Profiles. Note: This feature is recommended over the predecessor 802.1X VVLAN with Cisco Discovery Protocol Bypass, as this feature requires authentication either through IEEE 802.1X or MAC Authentication Bypass for the phone, rather than the less secure Cisco Discovery Protocol discovery and autoconfiguration. Legacy VVID CDP Bypass switch(config-if)# switchport voice vlan vlan-id switch(config-if)# authentication port-control auto switch(config-if)# authentication host-mode single switch(config-if)# dot1x pae authenticator (Optional) By default, enabling the voice VLAN and 802.1x on an interface port enables Cisco Discovery Protocol Bypass if the host mode is set to single (which is the default). Note: Preferred and recommended is to enable MDA rather than Cisco Discovery Protocol Bypass. Optional IPT Usability Enhancements switch(config-if)# errdisable detect cause securityviolation shutdown vlan-id (Optional) You use the voice-aware 802.1x security feature on the switch to disable only the VLAN on which a security violation occurs, whether it is a data or voice VLAN. You can use this feature in IP phone deployments where a PC is connected to the IP phone. A security violation found on the data VLAN results in the shutdown of only the data VLAN. The traffic on the voice VLAN flows through the switch without interruption. switch(config-if)# errdisable recovery cause securityviolation (Optional) Enables automatic per VLAN error recovery Cisco Discovery Protocol Enhancement for Second Port Disconnect This advanced Cisco IBNS feature is automatically enabled when using the following or later software releases: ? Catalyst 6500: Cisco IOS Software 12.2(33)SXI ? Catalyst 4500: Cisco IOS Software 12.2(50)SG ? Catalyst 3xxx/2xxx: Cisco IOS Software 12.2(50)SE ? IP Phone firmware: 8.4(1) Identity Enabled Cisco IP Phones Phones EAP-MD5 EAP-TLS EAP-FAST EAP-Logoff Cisco Third Generation* 7906, 7911, 7931, 7941, 7961, 7970, 7942, 7945, 7962, 7965, 7975 devices Yes Firmware 7.2(3) + Yes Firmware 8.5(2) + Requires Cisco Unified Communications Manager 7.1(2)* Yes Firmware 8.5(2) + Requires Cisco Unified Communications Manager 7.1(2)* Yes Firmware 7.2(3) + Cisco IP Phone models prior to Cisco’s third generation do not support X.509 certificates (for example, 7902, 7905, 7910, 7912, 7920, 7935, 7936, 7940 and 7960) and therefore have no road map to support IEEE 802.1X. Using EAP-TLS on phones in conjunction with ACS 5.x, it is possible to perform touchless deployment of 802.1X. Using both manufacturing (MIC) and locally significant certificates (LSC) in a two-stage model enables a touchless and secure deployment mode. *Cisco Unified Communications Manager 7.1.2 is required if you want to be able to globally enable 802.1X (instead of manually, on the phone itself) from the Cisco Unified Communications Manager GUI. However the 802.1X phone firmware works with earlier versions of Cisco Unified Communications Manager.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 12 of 14 Op t i o n a l L o c a l W e b Au t h ( S w i t c h C o n f i g u r a t i o n s f o r L o c a l W e b A u t h e n t i c a t i o n a s a F a l l b a c k t o 8 0 2 . 1 X o r M A B ) You have the option of using web-based authentication as a fallback authentication method to 802.1X or MAB Global Configuration Additions switch(config)# ip access-list extended DEFAULT-ACCESS switch(config-ext-nacl)#remark Allow DCHP switch(config-ext-nacl)#permit udp any any eq bootps switch(config-ext-nacl)#remark Allow DNS switch(config-ext-nacl)#remark Allow HTTP switch(config-ext-nacl)#permit tcp any any eq www switch(config-ext-nacl)#remark Allow HTTPS switch(config-ext-nacl)#permit tcp any any eq 443 switch(config-ext-nacl)#remark Allow ICMP for test purposes switch(config-ext-nacl)#permit icmp any any switch(config-ext-nacl)#remark Implicit Deny switch(config-ext-nacl)#deny ip any any switch(config-ext-nacl)#end Sample ACL to be used by the WebAuth profile switch(config)# line console 0 switch(config-line)# login authentication list-name switch(config)#aaa authentication login default group radius switch(config)#aaa authentication login list-name none switch(config)#aaa authorization auth-proxy default group radius switch(config)#radius-server attribute 8 include-in-access-request switch(config)#ip admission name LOCAL-WEBAUTH proxy http switch(config)#ip device tracking switch(config)# ip http server switch(config)# ip http secure-server switch(config)# fallback profile WEB-AUTH switch(config-fallback-profile)# ip access-group DEFAULT-ACCESS in switch(config-fallback-profile)# ip admission LOCAL-WEBAUTH Use the following to prevent you from locking yourself out of console access after enabling AAA authentication for the default group RADIUS. List-name is user defined. Defines RADIUS as the authentication method for WebAuth Excludes line console from AAA authentication Makes it possible for a network access device (NAD) to provide the RADIUS server with a hint of the user IP address in advance of user authentication. Global configuration command to enable web authentication Enables the IP device tracking table, which is required for webbased authentication Enables the HTTP server. The web-based authentication feature uses the HTTP server to communicate with the hosts for user authentication. Enables the HTTPS server on the switch Defines a fallback profile to allow an 802.1x port to authenticate a client by using WebAuth Applies an ACL to the fallback profile Applies the WebAuth IP admission rule/profile proxy HTTP to the desired/specified interfaces Switch Port Configuration Additions switch(config-if)# no authentication event no-response switch(config-if)# authentication fallback WEB-AUTH Ensures that authentication event no-response is disabled Enables WebAuth as a fallback to 802.1X or MAB Authorization Profile on AAA Server (Must return this in the access ACCEPT) cisco-av-pair equals priv-lvl=15 This must be set in the RADIUS Attributes of your AAA authorization profile.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 13 of 14 (Optional) Customized WebAuth Pages Preparation Modify the custom pages and copy them to your switch storage media (see example below): Copy ftp://anonymous:anonymous@10.1.10.10/Directory/customLogin_Page.htm {bootflash: | flash:} copy ftp://anonymous:anonymous@10.1.10.10/Directory/customAuthSuccess_Page.htm {bootflash: | flash:} copy ftp://anonymous:anonymous@10.1.10.10/Directory/customAuthFailed_Page.htm {bootflash: | flash:} copy ftp://anonymous:anonymous@10.1.10.10/Directory/customSessionExpired_Page.htm {bootflash: | flash:} Use a simple HTML editor, for example, PageBreeze HTML Editor at http://www.pagebreeze.com /. It maintains everything in the htm file (no directories and so on). Note: Depending on the hardware platform, you have the option of storing these files on either the bootflash or flash drives. (Optional) Global Configuration – Customized WebAuth Pages (Bootflash Example) switch(config)# ip admission proxy http login page file bootflash:customLogin_Page.htm switch(config)# ip admission proxy http login expired page file bootflash:customSessionExpired_Page.htm switch(config)# ip admission proxy http success page file bootflash:customAuthSuccess_Page.htm switch(config)# ip admission proxy http failure page file bootflash:customAuthFailed_Page.htm Add these commands to the global configuration in this specific order to enable your customized pages. W e b A u t h (S p e c i f i c S h o w C o m m a n d s) Show commands to help verify application of dCALs switch(config)# show ip admission configuration Used to verify the configuration of custom authentication proxy web pages U s e f u l S h o w C o m m a n d s ( C o n f i g u r a t i o n V e r i f i c a t i o n a n d T r o u b l e s h o o t i n g ) Authentication switch# show authentication sessions [interface-id] Displays the summary of all Auth Manager sessions; optionally you can specify a desired interface to gain more information about the authentication and authorization state of that interface. switch# show dot1x interface interface-id details To display the system dot1x capabilities, protocol version, and timer values, use the show dot1x command. Legacy command, deprecated by show authentication session. switch# show errdisable detect Displays the current settings of the errdisable timeout feature and, if any of the ports are currently error disabled, the reason that they are error disabled. switch# show ip device tracking all switch# show epm session ip local-host-ip-address switch# show ip access-list interface {ingress pacl or dACL name} Displays the IP device tracking table that contains the host IP addresses learned through ARP or DHCP. Using the IP address learned from the IP device tracking table show command above, specifies the IP address as the required option for the show epm session ip command to verify whether the dACL was successfully downloaded from ACS Displays the contents of the inbound and outbound IP access list applied to the specified interface. In addition to verifying the PACL or dACL applied to the port, this command also shows the ACL statistics (number of matches displayed next to the ACL lines) that are kept and displayed per interface. switch# show tcam interface interface-id acl in ip Used to display interface-based TCAM information. Unfortunately this is only useful on the Catalyst 6500 to determine the dACL/ACE entries applied.Quick Reference Guide © 2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 14 of 14 802.1X Default Settings Feature Default Setting Authentication, authorization, and accounting (AAA) Disabled RADIUS server ? IP address ? UDP authentication port ? Key ? None specified ? 1645 ? None specified Per interface 802.1X protocol enable state Force-authorized The port transmits and receives normal traffic without 802.1X-based authentication of the client. Periodic reauthentication Disabled Time between reauthentication attempts 3600 sec (1 hour) Quiet period 60 sec (1 minute) Number of seconds that the switch remains in the quiet state following a failed authentication exchange with the client. Retransmission time 30 sec Number of seconds that the switch should wait for a response to an EAP request/identity frame from the client before retransmitting the request. Maximum retransmission number 2 Number of times that the switch sends an EAP request/identity frame before restarting the authentication process. Multiple host support Disabled Client timeout period 30 sec When relaying a request from the authentication server to the client, the amount of time that the switch waits for a response before retransmitting the request to the client. Authentication server timeout period 30 sec When relaying a response from the client to the authentication server, the amount of time that the switch waits for a reply before retransmitting the response to the server. This setting is not configurable. Printed in USA C27-574041-00 2/10 Medianet Reference Guide Last Updated: October 26, 2010ii Medianet Reference Guide OL-22201-01About the Authors John Johnston Roland Saville Sherelle Farrington iii Medianet Reference Guide OL-22201-01 Tim Szigeti John Johnston, Technical Marketing Engineer, CMO Enterprise Solutions Engineering (ESE), Cisco Systems John has been with Cisco for 10 years, with previous experience as a network consulting engineer in Cisco's advanced services group. Prior to joining Cisco, he was a consulting engineer with MCI's Professional Managed Services group. John has been designing or troubleshooting enterprise networks for the past 15 years. In his spare time, he enjoys working with microprocessor-based electronic projects including wireless environmental sensors. John holds CCIE certification 5232. He holds a bachelor of science degree in electrical engineering from the University of North Carolina's Charlotte campus. Sherelle Farrington, Technical Leader, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Sherelle is a technical leader at Cisco Systems with over fifteen years experience in the networking industry, encompassing service provider and enterprise environments in the US and Europe. During her more than ten years at Cisco, she has worked on a variety of service provider and enterprise solutions, and started her current focus on network security integration over four years ago. She has presented and published on a number of topics, most recently as the author of the SAFE WebEx Node Integration whitepaper and as one of the authors of the SAFE Reference Guide, the Wireless and Network Security Integration Solution Design Guide, and the Network Security Baseline document Roland Saville, Technical Leader, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Roland is a Technical Leader for the Enterprise Systems Engineering team within Cisco, focused on developing best-practice design guides for enterprise network deployments. He has 14+ years of Cisco experience as a Systems Engineer, Consulting Systems Engineer, Technical Marketing Engineer, and Technical Leader. During that time, he has focused on a wide range of technology areas including the integration of voice and video onto network infrastructures, network security, and wireless LAN networking. Roland has a BS degree in Electrical Engineering from the University of Idaho and an MBA from Santa Clara University. He has co-authored the Cisco TelePresence Fundamentals book has six U.S. Patents. Tim Szigeti, Technical Leader, CMO Enterprise Solutions Engineering (ESE), Cisco Systems Tim is a technical leader at Cisco, where he has spent the last 10 years focused on quality-of-service (QoS) technologies. His current role is to design network architectures for the next wave of media applications, including Cisco TelePresence, IP video surveillance, digital media systems, and desktop video. He has authored many technical papers, including the QoS Design Guide and the TelePresence Design Guide, as well as Cisco Press books on End-to-End QoS Network Design and Cisco TelePresence Fundamentals. Szigeti holds CCIE certification 9794 and holds a bachelor of commerce degree with a specialization in management information systems from the University of British Columbia. Solution Authorsi Medianet Reference Guide OL-22201-01 C O N T E N T S C H A P T E R 1 Medianet Architecture Overview 1-1 Executive Summary 1-1 Business Drivers for Media Applications 1-2 Global Workforce and the Need for Real-Time Collaboration 1-2 Pressures to be “Green” 1-2 New Opportunities for IP Convergence 1-3 Transition to High-Definition Media 1-3 Media Explosion 1-4 Social Networking—Not Just For Consumers Anymore 1-4 Bottom-Up versus Top-Down Media Application Deployments 1-5 Multimedia Integration with Communications Applications 1-5 Demand for Universal Media Access 1-5 Challenges of Medianets 1-6 Understanding Different Media Application Models 1-6 Delivery of Media Applications 1-8 Prioritizing the Right Media Applications, Managing the Rest 1-8 Media Application Integration 1-9 Securing Media Applications 1-10 Solution 1-10 The Need for a Comprehensive Media Network Strategy 1-10 Architecture of a Medianet 1-11 Common Requirements and Recommendations 1-12 Network Design for High Availability 1-12 Bandwidth and Burst 1-14 Latency and Jitter 1-15 Application Intelligence and Quality of Service 1-17 Admission Control 1-21 Broadcast Optimization 1-23 Securing Media Communications 1-23 Visibility and Monitoring Service Levels 1-24 Campus Medianet Architecture 1-24 Design for Non-Stop Communications in the Campus 1-25 Bandwidth, Burst, and Power 1-26Contents ii Medianet Reference Guide OL-22201-01 Application Intelligence and QoS 1-26 Broadcast Optimization with IP Multicast 1-27 Leveraging Network Virtualization for Restricted Video Applications 1-27 Securing Media in the Campus 1-28 WAN and Branch Office Medianet Architecture 1-29 Design for Non-Stop Communications over the WAN 1-30 Bandwidth Optimization over the WAN 1-31 Application Intelligence and QoS 1-31 Broadcast Optimization for Branch Offices 1-32 Data Center Medianet Architecture 1-33 Design for Non-Stop Communications in the Data Center 1-34 High-Speed Media Server Access 1-34 Media Storage Considerations 1-34 Conclusions 1-34 Terms and Acronyms 1-35 Related Documents 1-36 White Papers 1-36 System Reference Network Designs 1-37 Websites 1-37 C H A P T E R 2 Medianet Bandwidth and Scalability 2-1 Bandwidth Requirements 2-1 Measuring Bandwidth 2-2 Video Transports 2-3 Packet Flow Malleability 2-3 Microbursts 2-5 Shapers 2-6 Shapers versus Policers 2-8 TxRing 2-11 Converged Video 2-12 Bandwidth Over Subscription 2-13 Capacity Planning 2-15 Load Balancing 2-17 EtherChannel 2-20 Bandwidth Conservation 2-21 Multicast 2-21 Cisco Wide Area Application Services 2-21 Cisco Application and Content Network Systems 2-22Contents iii Medianet Reference Guide OL-22201-01 Cisco Performance Routing 2-23 Multiprotocol Environments 2-23 Summary 2-24 C H A P T E R 3 Medianet Availability Design Considerations 3-1 Network Availability 3-1 Device Availability Technologies 3-5 Cisco StackWise and Cisco StackWise Plus 3-5 Non-Stop Forwarding with Stateful Switch Over 3-7 Network Availability Technologies 3-10 L2 Network Availability Technologies 3-10 UniDirectional Link Detection 3-11 IEEE 802.1D Spanning Tree Protocol 3-11 Cisco Spanning Tree Enhancements 3-13 IEEE 802.1w-Rapid Spanning Tree Protocol 3-15 Trunks, Cisco Inter-Switch Link, and IEEE 802.1Q 3-15 EtherChannels, Cisco Port Aggregation Protocol, and IEEE 802.3ad 3-17 Cisco Virtual Switching System 3-18 L3 Network Availability Technologies 3-22 Hot Standby Router Protocol 3-23 Virtual Router Redundancy Protocol 3-25 Gateway Load Balancing Protocol 3-26 IP Event Dampening 3-28 Operational Availability Technologies 3-29 Cisco Generic Online Diagnostics 3-30 Cisco IOS Embedded Event Manager 3-30 Cisco In Service Software Upgrade 3-31 Online Insertion and Removal 3-31 Summary 3-31 C H A P T E R 4 Medianet QoS Design Considerations 4-1 Drivers for QoS Design Evolution 4-1 New Applications and Business Requirements 4-1 The Evolution of Video Applications 4-2 The Transition to High-Definition Media 4-4 The Explosion of Media 4-5 The Phenomena of Social Networking 4-6 The Emergence of Bottom-Up Media Applications 4-6 The Convergence Within Media Applications 4-7Contents iv Medianet Reference Guide OL-22201-01 The Globalization of the Workforce 4-8 The Pressures to be Green 4-8 New Industry Guidance and Best Practices 4-8 RFC 2474 Class Selector Code Points 4-9 RFC 2597 Assured Forwarding Per-Hop Behavior Group 4-10 RFC 3246 An Expedited Forwarding Per-Hop Behavior 4-11 RFC 3662 A Lower Effort Per-Domain Behavior for Differentiated Services 4-11 Cisco’s QoS Baseline 4-12 RFC 4594 Configuration Guidelines for DiffServ Classes 4-13 New Platforms and Technologies 4-16 Cisco QoS Toolset 4-16 Classification and Marking Tools 4-16 Policing and Markdown Tools 4-19 Shaping Tools 4-20 Queuing and Dropping Tools 4-21 CBWFQ 4-21 LLQ 4-22 1PxQyT 4-23 WRED 4-24 Link Efficiency Tools 4-24 Hierarchical QoS 4-25 AutoQoS 4-26 QoS Management 4-27 Admission Control Tools 4-28 Enterprise Medianet Strategic QoS Recommendations 4-29 Enterprise Medianet Architecture 4-30 Enterprise Medianet QoS Application Class Recommendations 4-31 VoIP Telephony 4-32 Broadcast Video 4-33 Realtime Interactive 4-33 Multimedia Conferencing 4-33 Network Control 4-33 Signaling 4-33 Operations, Administration, and Management (OAM) 4-34 Transactional Data and Low-Latency Data 4-34 Bulk Data and High-Throughput Data 4-34 Best Effort 4-34 Scavenger and Low-Priority Data 4-34 Media Application Class Expansion 4-35 Cisco QoS Best Practices 4-36Contents v Medianet Reference Guide OL-22201-01 Hardware versus Software QoS 4-36 Classification and Marking Best Practices 4-36 Policing and Markdown Best Practices 4-36 Queuing and Dropping Best Practices 4-37 QoS for Security Best Practices 4-39 Summary 4-45 References 4-46 White Papers 4-46 IETF RFCs 4-46 Cisco Documentation 4-47 C H A P T E R 5 Medianet Security Design Considerations 5-1 An Introduction to Securing a Medianet 5-1 Medianet Foundation Infrastructure 5-1 Medianet Collaboration Services 5-2 Cisco SAFE Approach 5-2 Security Policy and Procedures 5-3 Security of Medianet Foundation Infrastructure 5-3 Security Architecture 5-3 Network Foundation Protection 5-4 Endpoint Security 5-5 Web Security 5-6 E-mail Security 5-6 Network Access Control 5-7 User Policy Enforcement 5-7 Secure Communications 5-7 Firewall Integration 5-8 IPS Integration 5-8 Telemetry 5-9 Security of Medianet Collaboration Services 5-9 Security Policy Review 5-10 Architecture Integration 5-10 Application of Cisco SAFE Guidelines 5-10 Medianet Security Reference Documents 5-12 C H A P T E R 6 Medianet Management and Visibility Design Considerations 6-1 Network-Embedded Management Functionality 6-2 NetFlow 6-5 NetFlow Strategies Within an Enterprise Medianet 6-6Contents vi Medianet Reference Guide OL-22201-01 NetFlow Collector Considerations 6-7 NetFlow Export of Multicast Traffic Flows 6-9 NetFlow Configuration Example 6-10 Cisco Network Analysis Module 6-12 NAM Analysis of Chassis Traffic 6-13 NAM Analysis of NetFlow Traffic 6-15 NAM Analysis of SPAN/RSPAN Traffic 6-22 Cisco IP Service Level Agreements 6-24 IPSLAs as a Pre-Assessment Tool 6-24 IPSLA as an Ongoing Performance Monitoring Tool 6-32 Router and Switch Command-Line Interface 6-35 Traceroute 6-37 show interface summary and show interface Commands 6-43 Platform Specific Queue-Level Commands 6-45 Simple Network Management Protocol 6-63 Application-Specific Management Functionality 6-66 Cisco TelePresence 6-66 Cisco TelePresence Manager 6-70 Cisco Unified Communications Manager 6-73 Cisco TelePresence Multipoint Switch 6-75 Cisco TelePresence System Endpoint 6-78 Cisco TelePresence SNMP Support 6-80 IP Video Surveillance 6-81 Digital Media Systems 6-81 Desktop Video Collaboration 6-81 Summary 6-82 C H A P T E R 7 Medianet Auto Configuration 7-1 Auto Smartports 7-1 Platform Support 7-2 Switch Configuration 7-3 ASP Macro Details 7-7 Medianet Devices with Built-in ASP Macros 7-9 Cisco IPVS Cameras 7-9 Cisco Digital Media Players (DMPs) 7-12 Medianet Devices without Built-in ASP Macros 7-13 Cisco TelePresence (CTS) Endpoints 7-13 Other Video Conferencing Equipment 7-14 Overriding Built-in Macros 7-14Contents vii Medianet Reference Guide OL-22201-01 Macro-of-Last-Resort 7-18 Custom Macro 7-20 Security Considerations 7-22 Authenticating Medianet Devices 7-23 CDP Fallback 7-24 Guest VLANs and LAST_RESORT Macro 7-24 Verifying the VLAN Assignment on an Interface 7-25 ASP with Multiple Attached CDP Devices 7-25 Deployment Considerations 7-26 Location Services 7-26 Summary 7-28 References 7-29Contents viii Medianet Reference Guide OL-22201-01C H A P T E R 1-1 Medianet Reference Guide OL-22201-01 1 Medianet Architecture Overview Executive Summary Media applications—particularly video-oriented media applications—are exploding over corporate networks, exponentially increasing bandwidth utilization and radically shifting traffic patterns. There are several business drivers behind media application growth, including a globalized workforce, the pressure to go “green,” the transition to high-definition media (both in consumer and corporate markets) and social networking phenomena that are crossing over into the workplace. As a result, media applications are fueling a new wave of IP convergence, necessitating a fresh look at the network architecture. Converging media applications onto an IP network is much more complex than converging VoIP alone; this is not only because media applications are generally bandwidth-intensive and bursty (as compared to VoIP), but also because there are so many different types of media applications: beyond IP Telephony, these can include live and on-demand streaming media applications, digital signage applications, high-definition room-based conferencing applications as well as an infinite array of data-oriented applications. By embracing media applications as the next cycle of convergence, IT departments can think holistically about their network architecture and its readiness to support the coming tidal wave of media applications and develop a network-wide strategy to ensure high quality end-user experiences. Furthermore, thinking about your media application strategy now can help you take the first steps toward the next IP convergence wave and give your business competitive advantages, including the ability to harness the collective creativity and knowledge of your employees and to fundamentally change the experience your customers receive, all through the availability, simplicity and effectiveness of media applications. Additionally, media applications featuring video are quickly taking hold as the de facto medium for communication, supplementing virtually every other communication media. As a result, a significant portion of know-how and intellectual property is migrating into video mediums. It is critical to get ahead of this trend in order to maintain control of company assets and intellectual property. Offering both compelling media applications, like TelePresence and WebEx, as well as an end-to-end network design to support this next convergence wave, Cisco is in a unique position to provide a medianet architecture which can ensure the experience well into the collaborative workforce, enabling strategic and competitive advantage. High-level requirements of medianets are addressed, including availability and quality requirements, bandwidth and optimization requirements, and access control and security requirements. Following these, specific strategic recommendations in designing campus, WAN and branch, and data center medianets are presented.1-2 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Business Drivers for Media Applications Figure 1-1 Media Applications Business Drivers for Media Applications There are several business drivers behind media application growth, including a globalized workforce, the pressure to go green, the transition to high-definition media (both in consumer and corporate markets), and social networking phenomena that are crossing over into the workplace. These and other business drivers are discussed in additional detail below. Global Workforce and the Need for Real-Time Collaboration The first stage of productivity for most companies is acquiring and retaining the skilled and talented individuals in a single or few geographic locations. More recently the focus has been on finding technology solutions to enable a geographically-distributed workforce to collaborate together as a team, enabling companies more flexibly to harness talent “where it lives.” While this approach has been moderately successful, there is a new wave of productivity on the horizon: harnessing collective and collaborative knowledge. Future productivity gains will be achieved by creating collaborative teams that span corporate boundaries, national boundaries, and geographies. Employees will collaborate with partners, research and educational institutions, and customers to create a new level of collective knowledge. To do so, real-time multimedia collaboration applications will be absolutely critical to the success of these virtual teams. Video offers a unique medium which streamlines the effectiveness of communications between members of such teams. For this reason, real-time interactive video will become increasingly prevalent, as will media integrated with corporate communications systems. Pressures to be “Green” For many reasons, companies are seeking to reduce employee travel. Travel creates expenses to the bottom-line, as well as significant productivity impacts while employees are in-transit and away from their usual working environments. Many solutions have emerged to assist with productivity while traveling, including Wireless LAN hotspots, remote access VPNs, and softphones, all attempting to keep the employee connected while traveling. Video Collaboration Digital Media Systems IP Video Surveillance TelePresence 2250891-3 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Business Drivers for Media Applications More recently companies are under increasing pressures to demonstrate environmental responsibility, often referred to as being “green.” On the surface such initiatives may seem like a pop-culture trend, but lacking in tangible corporate returns. However, it is entirely possible to pursue “green” initiatives, while simultaneously increasing productivity and lowering expenses. Media applications, such as Cisco TelePresence, offer real solutions to remote collaboration challenges and have demonstrable savings as well. For example, during the first year of deployment, Cisco measured its usage of TelePresence in direct comparison to the employee travel that would otherwise have taken place and found that over 80,000 hours of meetings were held by TelePresence instead of physical travel, avoiding $100 million of travel expenses, as well as over 30,000 tons of carbon emissions. Being “green” does not have to be a “tax;” it can improve productivity and reduce corporate expenses, offering many dimensions of return on investment, while at the same time sending significant messages to the global community of environmental responsibility. New Opportunities for IP Convergence Many advantages were achieved through the convergence of voice onto IP networks. In addition to cost savings, new communications applications were made possible by the integration of VoIP with other media applications on the IP network. There is a new wave of IP convergence emerging for media applications. One source of convergence is from applications historically having dedicated video transmission and broadcast networks. For example, high-definition video collaboration, video surveillance systems, and video advertising signage typically had dedicated private systems for the creation and dissemination of video content. Increasingly, companies are further leveraging the investment in their corporate network by converging these video applications onto a single IP network. Cisco TelePresence, Cisco IP video surveillance, and Cisco Digital Media System products all make this convergence a reality. A second source of convergence is the integration of video as a medium into many other forms of corporate communications. For example, video cameras integrated with the VoIP system (such as Cisco Unified Personal Communicator) provide an easy way to add video to existing VoIP calling patterns. Further, collaboration tools such as Cisco MeetingPlace and Cisco WebEx add video mediums as a capability for simple conferencing and real-time collaboration. Transition to High-Definition Media One of the reasons traditional room-to-room video conferencing and desktop webcam-style video conferencing are sometimes questioned as less than effective communications systems is the reliance on low-definition audio and video formats. On the other hand, high-definition interactive media applications, like Cisco TelePresence, demonstrate how high-definition audio and video can create an experience where meeting participants feel like they are in the same meeting room, enabling a more effective remote collaboration experience. IP video surveillance cameras are migrating to high-definition video in order to have digital resolutions needed for new functions, such as pattern recognition and intelligent event triggering based on motion and visual characteristics. Cisco fully expects other media applications to migrate to high-definition in the near future, as people become accustomed to the format in their lives as consumers, as well as the experiences starting to appear in the corporate environment. High-definition media formats transmitted over IP networks create unique challenges and demands on the network that need to be planned for. Demands including not only bandwidth, but also transmission reliability and low delay become critical issues to address.1-4 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Business Drivers for Media Applications Media Explosion Another factor driving the demand for video on IP networks is a sheer explosion of media content. The barriers to media production, distribution, and viewing have been dramatically lowered. For example, five to ten years ago video cameras became so affordable and prevalent that just about everyone bought one and became an amateur video producer. Additionally, video cameras are so common that almost every cell phone, PDA, laptop, and digital still camera provide a relatively high-quality video capture capability. However, until recently, it was not that easy to be a distributor of video content, as distribution networks were not common. Today, social networking sites like YouTube, MySpace and many others appearing every day have dramatically lowered the barrier to video publishing to the point where anyone can do it. Video editing software is also cheap and easy to use. Add to that a free, global video publishing and distribution system, and essentially anyone, anywhere can be a film studio. With little or no training, people are making movie shorts that rival those of dedicated video studios. The resulting explosion of media content is now the overwhelming majority of consumer network traffic, and is quickly “crossing over” to corporate networks. The bottom line is there are few barriers left to inhibit video communication, and so this incredibly effective medium is appearing in new and exciting applications every day. Social Networking—Not Just For Consumers Anymore Social networking started as a consumer phenomenon, with every day people producing and sharing rich media communications such as blogs, photos, and videos. When considering the affect it may have on corporate networks, some IT analysts believed social networking would stay as a consumer trend, while others believed the appearance in corporate networks was inevitable. Skeptics look at social networking sites like Myspace, YouTube and others and see them as fads primarily for the younger population. However, looking beyond the sites themselves it is important to understand the new forms of communication and information sharing they are enabling. For example, with consumer social networking typically people are sharing information about themselves, about subjects they have experience in, and interact with others in real-time who have similar interests. In the workplace, we already see the parallels happening, because the same types of communication and information sharing are just as effective. The corporate directory used to consist of employee names, titles, and phone numbers. Companies embracing social networking are adding to that skillsets and experience, URL links to shared work spaces, blogs, and other useful information. The result is a more productive and effective workforce that can adapt and find the skillsets and people needed to accomplish dynamic projects. Similarly, in the past information was primarily shared via text documents, E-mail, and slide sets. Increasingly, we see employees filming short videos to share best practices with colleagues, provide updates to peers and reports, and provide visibility into projects and initiatives. Why have social networking trends zeroed in on video as the predominant communication medium? Simple: video is the most effective medium. People can show or demonstrate concepts much more effectively and easily using video than any other medium. Just as a progression occurred from voice exchange to text, to graphics, and to animated slides, video will start to supplant those forms of communications. Think about the time it would take to create a good set of slides describing how to set up one of your company’s products. Now how much easier would it be just to film someone actually doing it? That's just one of many examples where video is supplanting traditional communication formats.1-5 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Business Drivers for Media Applications At Cisco, we have seen the cross-over with applications like Cisco Vision (C-Vision). Started as an ad-hoc service by several employees, C-Vision provides a central location for employees to share all forms of media with one another, including audio and video clips. Cisco employees share information on projects, new products, competitive practices, and many other subjects. The service was used by so many employees, Cisco’s IT department assumed ownership and scaled the service globally within Cisco. The result is a service where employees can become more effective and productive, quickly tapping into each other’s experience and know-how, all through the effectiveness and simplicity of video. Bottom-Up versus Top-Down Media Application Deployments Closely-related to the social-networking aspect of media applications is that users have increasingly driven certain types of media application deployments within the enterprise from the “bottom-up” (i.e., the user base either demands or just begins to use a given media application with or without formal management or IT support). Such bottom-up deployments are illustrated by the Cisco C-Vision example mentioned in the previous section. Similar bottom-up deployment patterns have been noted for other Web 2.0 and multimedia collaboration applications. In contrast, company-sponsored video applications are pushed from the “top-down” (i.e., the management team decides and formally directs IT to support a given media application for their user-base). Such top-down media applications may include Cisco TelePresence, digital signage, video surveillance, and live broadcast video meetings. The combination of top-down and bottom-up media application proliferation places a heavy burden on the IT department as it struggles to cope with officially-supported and officially-unsupported, yet highly-proliferated, media applications. Multimedia Integration with Communications Applications Much like the integration of rich text and graphics into documentation, audio and video media will continue to be integrated into many forms of communication. Sharing of information with E-mailed slide sets will start to be replaced with video clips. The audio conference bridge will be supplanted with the video-enabled conference bridge. Collaboration tools designed to link together distributed employees will increasingly integrate desktop video to bring teams closer together. Cisco WebEx is a prime example of such integration, providing text, audio, instant messaging, application sharing, and desktop video conferencing easily to all meeting participates, regardless of their location. Instead of a cumbersome setup of a video conference call, applications such as Cisco Unified Personal Communicator and Cisco WebEx greatly simplify the process, and video capability is added to the conference just as easily as any other type of media, like audio. Demand for Universal Media Access Much like the mobile phone and wireless networking, people want to extend communications everywhere they want to use them. The mobile phone unwired audio, making voice communications accessible virtually anywhere on the planet. Wireless networking untethered the laptop and PDA, extending high-speed data communications to nearly everywhere and many different devices. Media applications will follow the same model. As multimedia applications become increasingly utilized and integrated, the demands from users will be to access these applications wherever they are, and on their device of choice. These demands will drive the need for new thinking about how employees work and how to deliver IT services to them.1-6 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Challenges of Medianets Today employees extend the workplace using mobile phones and wireless networking to home offices, airports, hotels, and recreation venues. But, for example, with increased reliance on video as a communication medium, how will video be extended to these same locations and with which devices? We already see the emergence of video clips filmed with mobile phones and sent to friends and colleagues. Participation in video conferencing, viewing the latest executive communications, and collaborating with co-workers will need to be accessible to employees, regardless of their work location. Challenges of Medianets There are a number of challenges in designing an IP network with inherent support for the limitless number of media applications, both current and future. The typical approach followed is to acquire a media application, like IP Video Conferencing, make the network improvements and upgrades needed to deliver that specific application, and then monitor the user feedback. While a good way to implement a single application, the next media application will likely require the same process, and repeated efforts, and often another round of network upgrades and changes. A different way to approach the challenge is to realize up-front that there are going to be a number of media applications on the network, and that these applications are likely to start consuming the majority of network resources in the future. Understanding the collection of these applications and their common requirements on the network can lead to a more comprehensive network design, better able to support new media applications as they are added. This design is what we term the medianet. Considerations for the medianet include media delivery, content management, client access and security, mobility, as well as integration with other communications systems and applications. Understanding Different Media Application Models Different media applications will behave differently and put different requirements on the network. For example, Cisco TelePresence has relatively high bandwidth requirements (due to the HD video streams being transmitted) and tight tolerances for delivery. Traffic patterns are somewhat predictable, due to the room-to-room calling characteristics. In contrast, Cisco Digital Signage typically has less stringent delivery tolerances, and the traffic flows are from a central location (or locations) out towards several or many endpoints (see Figure 1-2).1-7 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Challenges of Medianets Figure 1-2 Understanding Media Application Behavior Models The four media applications shown in Figure 1-2 cover a significant cross-section of models of media application behavior. To include additional applications in the inventory, critical questions to consider include: • Is the media stored and viewed (streaming) or real-time (interactive)? • Where are the media sources and where are the viewers? • Which direction do the media flows traverse the network? • How much bandwidth does the media application require? And how much burst? • What are the service level tolerances (in terms of latency, jitter and loss)? • What are the likely media application usage patterns? • Are there requirements to connect to other companies (or customers)? • In what direction is the media application likely to evolve in the future? With a fairly straightforward analysis, it is possible to gain tremendous understanding into the network requirements various media applications. One important consideration is: where is/are the media source(s) and where is/are the consumer(s)? For example, with desktop multimedia conferencing, the sources and consumers are both the desktop; therefore, the impacts to the network are very likely to be within the campus switching network, across the WAN/VPN, and the branch office networks. Provisioning may be challenging, as the ad-hoc conference usage patterns may be difficult to predict; however, voice calling patterns may lend insight into likely media conferencing calling patterns. To contrast, the sources of on-demand media streams are typically within the data center, from high-speed media servers. Because viewers can be essentially any employee, this will affect the campus switching network, the WAN/VPN, the branch offices, and possibly even remote teleworkers. Since there will may be many simultaneous viewers, it would be inefficient to duplicate the media stream to each viewer; so wherever possible, we would like to take advantage of broadcast optimization technologies. Model Traffic Trends TelePresence Many to Many Many to Many Client ? ? Client MCU ? ? Client High-def video requires up to 4-12Mbps per location Expansion down to the individual user Desktop Multimedia Conferencing Collaboration across geographies Growing peer -to-peer model driving higher on -demand bandwidth Video Surveillance Many to Few Source ? Storage Storage ? Client Source ? Client Source ? Client IP convergence opening up usage and applications Higher quality video requirements driving higher bandwidth (up to 3-4Mbps per camera) Desktop Streaming Media and Digital Signage Few to Many Tremendous increase in applications driving more streams Demand for higher quality video increases each stream Direction of Flows Client ? ? Client MCU ? ? Client Storage ? Client 2245141-8 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Challenges of Medianets In these simplistic examples, you can see why it is important to understand how different media applications behave in order to understand how they are likely to impact your network. Start by making a table with (at least) the above questions in mind and inventory the various media applications in use today, as well as those being considered for future deployments. Common requirements will emerge, such as the need to meet “tight” service levels, the need to optimize bandwidth, and the need to optimize broadcasts, which will be helpful in determining media application class groupings (discussed in more detail later). Delivery of Media Applications A critical challenge the converged IP network needs to address is delivery of media application traffic, in a reliable manner, while achieving the service levels required by each application. Media applications inherently consume significant amounts of network resources, including bandwidth. A common tendency is to add network bandwidth to existing IP networks and declare them ready for media applications; however, bandwidth is just one factor in delivering media applications. Media applications, especially those which are real-time or interactive, require reliable networks with maximum up-time. For instance, consider the loss sensitivities of VoIP compared to high-definition media applications, such as HD video. For a voice call, a packet loss percentage of even 1% can be effectively concealed by VoIP codecs; whereas, the loss of two consecutive VoIP packets will cause an audible “click” or “pop” to be heard by the receiver. In stark contrast, however, video-oriented media applications generally have a much greater sensitivity to packet loss, especially HD video applications, as these utilize highly-efficient compression techniques, such as H.264. As a result, a tremendous amount of visual information is represented by a relatively few packets, which if lost, immediately become visually apparent in the form of screen pixelization. With such HD media applications, such as Cisco TelePresence, the loss of even one packet in 10,000 can be noticed by the end user. This represents a hundred-fold increase in loss sensitivity when VoIP is compared to HD video. Therefore, for each media application, it is important to understand the delivery tolerances required in order to deliver a high-quality experience to the end user. Prioritizing the Right Media Applications, Managing the Rest With the first stage of IP convergence, the Cisco Architecture for Voice, Video, and Integrated Data (AVVID) provided the foundation for different applications to effectively and transparently share the same IP network. One of the challenges to overcome with converged networks is to be able to simultaneously meet different application requirements, prioritizing network resources accordingly. Quality of Service (QoS) continues to be a critical set of functions relied upon in the network to provide differentiated service levels, assuring the highest priority applications can meet their delivery requirements. The AVVID model defined best practices for adding Voice-over-IP (VoIP) and Video over IP applications to the existing data IP network. Most QoS implementations assume a number of data applications, a single or few VoIP applications, and a single or few video applications. Today there is a virtual explosion of media applications on the IP network with many different combinations of audio, video and data media. For example, VoIP streams can be standard IP telephony, high-definition audio, internet VoIP, or others. Video streams can range from relatively low-definition webcams to traditional video-over-IP room-to-room conferencing to or high-definition Cisco TelePresence systems. Additionally, there are new IP convergence opportunities occurring which further expand the number of media applications and streams on the IP network (see Figure 1-3).1-9 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Challenges of Medianets Another source of new media streams on the network is “unmanaged” media applications; namely, applications which are considered primarily for consumers, but are also used by corporate employees. Many of these unmanaged media applications may fall into a gray area for some companies in terms of usage policies. For instance, at first glance, consumer media sharing sites such as YouTube may appear to be clearly consumer-only applicability; however, many of these same services also contain videos that can provide considerable know-how and information that are useful to employees as well. Figure 1-3 Media Explosion Driving New Convergence Evolution Beyond the current “media explosion” which is driving a new wave of IP convergence, new and exciting applications targeted at collaboration are integrating numerous types of streams and media into end-user applications. Cisco TelePresence is one example, combining HD video streams, HD audio, application sharing, and some level of interoperability with traditional video conferencing, into an overall collaboration tool and near in-person meeting experience. Cisco WebEx is another example, combining many types of media sharing for web-based meetings. Such applications provide new challenges for prioritizing media application streams. The explosion of media content, types and applications—both managed and unmanaged—requires network architects to take a new look at their media application provisioning strategy. Without a clear strategy, the number and volume of media applications on the IP network could very well exceed the ability of the network administrator to provision and manage. Media Application Integration As media applications increase on the IP network, integration will play a key role in two ways: first, media streams and endpoints will be increasingly leveraged by multiple applications. For example, desktop video endpoints may be leveraged for desktop video conferencing, web conferencing, and for viewing stored streaming video for training and executive communications. Data Apps Voice • IP Telephony Video • Interactive Video • Streaming Video • App Sharing • Web/Internet • Messaging • Email Data Apps • App Sharing • Web/Internet • Messaging • Email Voice Video Data Convergence Media Explosion Collaborative M Data Apps • App Sharing • Web/Internet • Messaging • Email • IP Telephony • HD Audio • SoftPhone • Other VoIP • Desktop Streaming Video • Desktop Broadcast Video • Digital Signage • IP Video Surveillance • Desktop Video Conferencing • HD Video Unmanaged Applications • Internet Streaming • Internet VoIP • YouTube • MySpace • Other Voice Video Ad-Hoc App1-10 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Second, many media applications will require common sets of functions, such as transcoding, recording, and content management. To avoid duplication of resources and higher implementation costs, common media services need to be integrated into the IP network so they can be leveraged by multiple media applications. Securing Media Applications Because of the effectiveness of multimedia communication and collaboration, the security of media endpoints and communication streams becomes an important part of the media-ready strategy. Access controls for endpoints and users, encryption of streams, and securing content files stored in the data center are all part of a required comprehensive media application security strategy. Other specialized media applications, such as IP video surveillance and digital signage, may warrant additional security measures due to their sensitivity and more restricted user group. Placing such media applications within private logical networks within the IP network can offer an additional layer of security to keep their endpoints and streams confidential. Finally, as the level of corporate intellectual property migrates into stored and interactive media, it is critical to have a strategy to manage the media content, setting and enforcing clear policies, and having the ability to protect intellectual property in secure and managed systems. Just as companies have policies and processes for handling intellectual property in document form, they also must develop and update these policies and procedures for intellectual property in media formats. Solution The Need for a Comprehensive Media Network Strategy It is possible to pursue several different strategies for readying the IP network for media applications. One strategy is to embrace media applications entirely, seeing these technologies as driving the next wave of productivity for businesses. Another strategy is to adopt a stance to manage and protect select media applications on the network. Still another strategy would be to not manage media applications at all. Which strategy should you pursue? If we have learned anything from past technology waves which enable productivity, it is this: if corporate IT does not deploy (or lags significantly in deployment) users will try to do it themselves... and usually poorly. For example, several years ago, some IT departments were skeptical of the need to deploy Wireless LANs (WLANS) or questioned-and rightly so-their security. As a result, many WLAN deployments lagged. Users responded by purchasing their own consumer-grade WLAN access-points and plugging them into corporate networks, creating huge holes in the network security strategy. Such “rogue” access-points in the corporate network, lacking proper WLAN security, not only represented critical security vulnerabilities to the network as a whole, but also were difficult for network administrators to locate and shut down. The coming media application wave will be no different and is already happening. IT departments lacking a media application strategy may find themselves in the future trying to regain control of traffic on the network. It is advantageous to define a comprehensive strategy now for how media applications will be managed on the network. Key questions the strategy should answer include: • Which are the business-critical media applications? And what service levels must be ensured for these applications? • Which media applications will be managed or left unmanaged?1-11 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution • What will the usage policies be and how will they be enforced? As mentioned earlier, one approach to planning the network is to assess the network upgrades and changes required for each new media application deployed by the company. This approach could lead to a lot of repeated effort and change cycles by the IT staff and potentially incompatible network designs. A more efficient and far-sighted approach would be to consider all the types of media applications the company is currently using—or may use in the future—and design a network-wide architecture with media services in mind. Architecture of a Medianet A medianet is built upon an architecture that supports the different models of media applications and optimizes their delivery, such as those shown in the architectural framework in Figure 1-4. Figure 1-4 Architectural Framework of a Medianet A medianet framework starts with and end-to-end network infrastructure designed and built to achieve high availability, including the data center, campus, WAN, and branch office networks. The network provides a set of services to video applications, including: • Access services—Provide access control and identity of video clients, as well as mobility and location services • Transport services—Provide packet delivery, ensuring the service levels with QoS and delivery optimization • Bridging services—Transcoding, conferencing, and recording services • Storage services—Content capture, storage, retrieval, distribution, and management services Clients Medianet Services Media Content Media I/O User Interface Codec Identity Services Mobility Services Confidentiality Media Endpoint Access Services Location/Context Packet Delivery Session Admission Quality of Service Transport Services Optimization Conferencing Recording Transcoding Bridging Services Capture/Storage Distribution Content Mgmt Storage Services Call Agent(s) Session/Border Controllers Gateways Session Control Services High Availability Network Design Branch Campus Data Center MAN/WAN, Metro Ethernet, SONET, DWDM/CWDM IP 2245161-12 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution • Session control services—Signaling and control to setup and tear-down sessions, as well as gateways When these media services are made available within the network infrastructure, endpoints can be multi-purpose and rely upon these common media services to join and leave sessions for multiple media applications. Common functions such as transcoding and conferencing different media codecs within the same session can be deployed and leveraged by multiple applications, instead of being duplicated for each new media application. Where these different services are deployed within the network can also be customized for different business models or media applications. For example, it may be advantageous to store all IP video surveillance feeds centrally in the data center, or for some companies it may be preferable to have distributed storage in branch office networks. Common Requirements and Recommendations After understanding the behavior of the different media applications in the network, there are common threads of requirements that can be derived. The top recommendations based on these common requirements are discussed in the follow subsections. Network Design for High Availability Data applications are tolerant of multi-second interruptions, while VoIP and video applications require tighter delivery requirements in order to achieve high quality experiences for the end users. Networks that have already implemented higher availability designs with VoIP convergence in mind are a step ahead. Loss of packets, whether due to network outage or other cause, necessitates particular attention for media applications, especially those that require extreme compression. For example, HD video, would require billions of bytes to be transmitted over the IP network and is not practically deployable without efficient compression schemes like MPEG4 or H.264. To illustrate this point, consider a high-definition 1080p30 video stream, such as used by Cisco TelePresence systems. The first parameter “1080” refers to 1080 lines of horizontal resolution, which are matrixed with 1920 lines of vertical resolution (as per the 16:9 Widescreen Aspect Ratio used in High Definition video formatting), resulting in 2,073,600 pixels per screen. The second parameter “p” indicates a progressive scan, which means that every line of resolution is refreshed with each frame (as opposed to an interlaced scan, which would be indicated with an “i” and would mean that every other line is refreshed with each frame). The third parameter “30” refers to the transmission rate of 30 frames per second. While video sampling techniques may vary, each pixel has approximately 3 Bytes of color and/or luminance information. When all of this information is factored together (2,073,600 pixels x 3 Bytes x 8 bits per Byte x 30 frames per second), it results in approximately 1.5 Gbps of information. However, H.264-based Cisco TelePresence codecs transmit this information at approximately 5 Mbps (maximum), which translates to over 99% compression. Therefore, the overall effect of packet loss is proportionally magnified, such that dropping even one packet in 10,000 (0.01% packet loss) is noticeable to end users in the form of minor pixelization. This is simply because a single packet represents a hundred or more packets’ worth of information, due to the extreme compression ratios applied, as illustrated in Figure 1-5.1-13 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Figure 1-5 Compression Ratios for HD Video Applications Traditional network designs supporting data applications may have targeted packet loss at less than 1-2%. For VoIP, network designs were tightened to have only 0.5-1% of packet loss. For media-ready networks, especially those supporting high-definition media applications, network designs need to be tightened again by an order of magnitude, targeting 0-0.05% packet loss. However, an absolute target for packet loss is not the only consideration in HA network design. Loss, during normal network operation, should effectively be 0% on a properly-designed network. In such a case, it is generally only during network events, such as link failures and/or route-flaps, that packet loss would occur. Therefore, it is usually more meaningful to express availability targets not only in absolute terms, such as <0.05%, but also in terms of convergence targets, which are sometimes also referred to as the Mean-Time-to-Repair (MTRR) targets. Statistical analysis on speech and communications have shown that overal user satisfaction with a conversation (whether voice or interactive video) begins to drop when latency exceeds 200 ms 1 . This is because 200 ms is about the length of time it takes for one party to figure out that the other person has stopped talking and thus, it is their turn to speak. This value (200 ms) provides a subjective “conversation disruption” metric. Put another way, a delay in excess of 200 ms—whether network transmission delay or network convergence delay—would impact the naturalness of a voice or video conversation. This is not to say that a loss of packets for 200 ms is unnoticeable to end users (as already mentioned, a loss of a single packet in 10,000 may be noticeable as minor pixelization in some HD video applications); however, a temporary interruption in a media application of 200 ms would likely not be considered intolerable, should it happen, and would not significantly impact a conversation. Therefore, a network convergence target for highly-available campus and data center networks supporting media applications is 200 ms. On other network topologies, such as WAN and branch networks, this target is more likely unattainable, given the technologies and constraints involved, in which case the network should be designed to converge in the lowest achievable amount of time. 2,073,600 pixels per frame x 3 Bytes of color info per pixel x 8 bits per Byte x 30 frames per second = 1.5 Gbps per screen (uncompressed) 1080 lines of Horizontal Resolution A resulting stream of 5 Mbps represents an applied compression ratio of 99%+ 1920 lines of Vertical Resolution (Widescreen Aspect Ratio is 16:9) 224548 1. ITU G.114 (E-Model)—Note: The primary application of the ITU G.114 E-Model is to target one-way transmission latency; however, these observations and metrics can also be applied to target network convergence latency.1-14 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution To summarize: the targets for media-ready campus and data center networks in terms of packet loss is 0.05% with a network convergence target of 200 ms; on WAN and branch networks, loss should still be targeted to 0.05%, but convergence targets will be higher depending on topologies, service providers, and other constraints. Finally, it should be noted that by designing the underlying network architecture for high availability, all applications on the converged network benefit. Bandwidth and Burst There is no way around the fact that media applications require significant network bandwidth. An important step to implement a medianet is to assess current and future bandwidth requirements across the network. Consider current bandwidth utilization and add forecasts for media applications, especially for video-oriented media applications. Because video is in a relatively early stage of adoption, use aggressive estimates of possible bandwidth consumption. Consider bandwidth of different entry and transit points in the network. What bandwidth is needed at network access ports both in the campus as well as branch offices? What are the likely media streams needing transport across the WAN? It is important to consider all types of media applications. For example, how many streaming video connections will be utilized for training and communications? These typically flow from a central point, such as the data center, outward to employees in campus and branch offices. As another example, how many IP video surveillance cameras will exist on the network? These traffic flows are typically from many sources at the edges of the network inward toward central monitoring and storage locations. Map out the media applications that will be used, considering both managed and un-managed applications. Understand the bandwidth required by each stream and endpoint, as well as the direction(s) in which the streams will flow. Mapping those onto the network can lead to key bandwidth upgrade decisions at critical places in the network architecture, including campus switching as well as the WAN. Another critical bandwidth-related concern is burst. So far, we have discussed bandwidth in terms of bits per second (i.e., how much traffic is sent over a one second interval); however, when provisioning bandwidth, burst must also be taken into account. Burst is defined as the amount of traffic (generally measured in Bytes) transmitted per millisecond which exceeds the per-second average. For example, a Cisco TelePresence 3000 system may average 15 Megabits per second, which equates to an average per millisecond rate of 1,875 Bytes (15 Mbps ÷ 1,000 milliseconds ÷ 8 bits per Byte). Cisco TelePresence operates at 30 frames per second, which means that every 33 ms a video frame is transmitted. Each frame consists of several thousand Bytes of video payload, and therefore each frame interval consists of several dozen packets, with an average packet size of 1,100 bytes per packet. However, because video is variable in size (due to the variability of motion in the encoded video), the packets transmitted by the codec are not spaced evenly over each 33 ms frame interval, but rather are transmitted in bursts measured in shorter intervals. Therefore, while the overall bandwidth (maximum) averages out to 15 Mbps over one second, when measured on a per millisecond basis, the packet transmission rate is highly variable, and the number of Bytes transmitted per millisecond for a 15 Mbps stream can burst well above the 1,875 Bytes per millisecond average. Therefore, adequate burst tolerance must be accommodated by all switch and router interfaces in the path. Given these considerations, it can be noted that converging voice onto a common IP-based network is a significantly simpler exercise than converging video onto the same network. The principle reason is that VoIP is a very well-behaved application, from a networking perspective. For instance, each VoIP packet size is known and constant (for example, G.711 codecs generate packets that are always 160 Bytes [+ Layer 2 overhead]); similarly, VoIP packetization rates are known and constant (the default packetization rate for VoIP is 50 packet-per-second, which produces a packet every 20 ms). Furthermore, VoIP has very light bandwidth requirements (as compared to video and data) and these requirements can be very cleanly calculated by various capacity planning formulas (such as Erlang and Endset formulas).1-15 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution In contrast, video is a completely different type of application in almost every way. Video packet sizes vary significantly and video packetization rates also vary significantly (both in proportion to the amount of motion in the video frames being encoded and transmitted); furthermore, video applications are generally quite bursty—especially during sub-second intervals—and can wreak havoc on underprovisioned network infrastructures. Additionally, there are no clean formulas for provisioning video, as there are with VoIP. This contrast—from a networking perspective—between voice and video traffic is illustrated in Figure 1-6 Figure 1-6 Sub-Second Bandwidth Analysis—Voice versus Video Summing up, converging media applications-especially video-based media applications-onto the IP network is considerably more complex than converging voice and data, due to the radically different bandwidth and burst requirements of video compared to voice. While deployment scenarios will vary, in most cases, capacity planning exercises will indicate that Campus and Data Center medianets will require GigabitEthernet (GE) connections at the edge and 10 GigabitEthernet (10GE) connections-or multiples thereof-in the core; additionally, medianets will likely have a minimum bandwidth requirement of 45 Mbps/DS3 circuits. Furthermore, network administrators not only have to consider the bandwidth requirements of applications as a function of bits-per-second, but also they must consider the burst requirements of media, such as video, as a function of Bytes-per-millisecond, and ensure that the routers and switches have adequate buffering capacity to handle bursts. Latency and Jitter Media applications, particularly interactive media applications, have strict requirements for network latency. Network latency can be broken down further into fixed and variable components: • Serialization (fixed) 20 msec 33 msec Voice Packets Bytes 200 600 1000 Video Packets Time Video Frame Video Frame Video Frame Audio Samples 1400 200 600 1000 1400 2243761-16 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution • Propagation (fixed) • Queuing (variable) Serialization refers to the time it takes to convert a Layer 2 frame into Layer 1 electrical or optical pulses onto the transmission media. Therefore, serialization delay is fixed and is a function of the line rate (i.e., the clock speed of the link). For example, a 45 Mbps DS3 circuit would require 266 µs to serialize a 1500 byte Ethernet frame onto the wire. At the circuit speeds required for medianets (generally speaking DS3 or higher), serialization delay is not a significant factor in the overall latency budget. The most significant network factor in meeting the latency targets for video is propagation delay, which can account for over 95% of the network latency budget. Propagation delay is also a fixed component and is a function of the physical distance that the signals have to travel between the originating endpoint and the receiving endpoint. The gating factor for propagation delay is the speed of light: 300,000 km/s or 186,000 miles per second. Roughly speaking, the speed of light in an optical fiber is about one-sixth the speed of light in a vacuum. Thus, the propagation delay works out to be approximately 4-6 µs per km (or 6.4-9.6 µs per mile) 1 . Another point to keep in mind when calculating propagation delay is that optical fibers and coaxial cables are not always physically placed over the shortest path between two geographic points, especially over transoceanic links. Due to installation convenience, circuits may be hundreds or thousands of miles longer than theoretically necessary. The network latency target specified in the ITU G.114 specification for voice and video networks is 150 ms. This budget allows for nearly 24,000 km (or 15,000 miles) worth of propagation delay (which is approximately 60% of the earth’s circumference); the theoretical worst-case scenario (exactly half of the earth’s circumference) would require 120 ms of latency. Therefore, this latency target (of 150 ms) should be achievable for virtually any two locations on the planet, given relatively direct transmission paths. Nonetheless, it should be noted that overall quality does not significantly degrade for either voice of video calls until latency exceeds 200 ms, as shown in Figure 1-7 (taken from ITU G.114). 1. Per ITU G.114 Table 4.1: The transmission speeds of terrestrial coaxial cables is 4 µs /km, of optical fiber cable systems with digital transmission is 5 µs / km, and of submarine coaxial cable systems is 6 µs /km (allowing for delays in repeaters and regenerators).1-17 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Figure 1-7 Network Latency versus Call Quality The final network latency component to be considered is queuing delay, which is variable. Variance in network latency is also known as jitter. For instance, if the average latency is 100 ms and packets are arriving between 95 ms and 105 ms, the peak-to-peak jitter is defined as 10 ms. Queuing delay is the primary cause of jitter and is a function of whether a network node is congested or not, and if it is, what scheduling policies (if any) have been configured to manage congestion. For interactive media applications, packets that are excessively late (due to network jitter) are no better than packets that have been lost. Media endpoints usually have a limited amount of playout-buffering capacity to offset jitter. However, in general, it is recommended that jitter for real-time interactive media applications not exceed 10 ms peak-to-peak. To recap: the one-way latency target for interactive media applications is 150 ms (with a threshold limit of 200 ms). Additionally, since the majority of factors contributing to the latency budget are fixed, careful attention has to be given to queuing delay, as this is the only latency/jitter factor that is directly under the network administrator’s control (via QoS queuing policies, which are discussed in the next section, Application Intelligence and Quality of Service). Application Intelligence and Quality of Service Implementation of a comprehensive QoS strategy requires the ability to identify the business critical media applications and set a QoS service policy to mark and service such traffic. With the dramatic increase in types of media applications and streams, it becomes increasingly difficult to identify the critical media application streams from those that are considered unimportant. Streams using similar codecs may have similar packet construction and be difficult to classify using IP packet header information alone. 224549 Network Latency Target for Voice and Interactive-Video (150 ms) 100 90 80 80 100 200 300 Mouth-to-ear-delay/ms 400 500 E-model rating R 70 60 50 Network Latency Threshold for Voice and Interactive-Video (200 ms)1-18 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Therefore, packet classification needs to evolve to utilize deeper packet inspection technologies in order to have the granularity needed to distinguish between different types of media streams. Developing additional application intelligence within the network infrastructure is a crucial requirement to build a medianet, especially at the edges of the network where media endpoints first handoff packets into the network for transport. Additionally, there are advantages of being able to perform media application sub-component separation, such that data components of a media application receive one level of service, whereas the audio and video components of the same application receive a different level of service 1 . Such separation can simplify bandwidth provisioning, admission control, and capacity planning. That being said, media application sub-component separation more often than not requires deep packet inspection technologies, especially for media applications that are transported entirely within HTTP. An alternative approach that presents another consideration is whether to trust media endpoints to mark their own traffic or not. Typically such endpoints can mark at Layer 2 (via 802.1Q/p CoS) or at Layer 3 (DSCP). Key factors the administrator needs to consider is how secure is the marking? Is it the marking centrally administered or locally set? Can it be changed or exploited by the end users? While trusting the endpoints to correctly mark themselves may simplify the network edge policies, it could present security vulnerabilities that could be inadvertently or deliberately exploited. In general, hardware-based media endpoints (such as dedicated servers, cameras, codecs, and gateways) are more “trustworthy,” whereas software-based media endpoints (such as PCs) are usually less “trustworthy.” Nonetheless, whether media applications are explicitly classified and marked or are implicitly trusted, the question still remains of how should media applications be marked and serviced? As previously discussed, different media applications have different traffic models and different service level requirements. Ultimately, each class of media applications that has unique traffic patterns and service level requirements will need a dedicated service class in order to provision and guarantee these service level requirements. There is simply no other way to make service level guarantees. Thus, the question “how should media applications be marked and serviced?” becomes “how many classes of media applications should be provisioned and how should these individual classes be marked and serviced?” To this end, Cisco continues to advocate following relevant industry standards and guidelines whenever possible, as this extends the effectiveness of your QoS policies beyond your direct administrative control. For example, if you (as a network administrator) decide to mark a realtime application, such as VoIP, to the industry standard recommendation (as defined in RFC 3246, “An Expedited Forwarding Per-Hop Behavior”), then you will no doubt provision it with strict priority servicing at every node within your enterprise network. Additionally, if you handoff to a service provider following this same industry standard, they also will similarly provision traffic marked Expedited Forwarding (EF-or DSCP 46) in a strict priority manner at every node within their cloud. Therefore, even though you do not have direct administrative control of the QoS policies within the service provider's cloud, you have extended the influence of your QoS design to include your service provider's cloud, simply by jointly following the industry standard recommendations. That being said, it may be helpful to overview a guiding RFC for QoS marking and provisioning, namely RFC 4594, “Configuration Guidelines for DiffServ Service Classes.” The first thing to point out is that this RFC is not in the standards track, meaning that the guidelines it presents are not mandatory but rather it is in the informational track of RFCs, meaning that these guidelines are to be viewed as industry best practice recommendations. As such, enterprises and service providers are encouraged to adopt these marking and provisioning recommendations, with the aim of improving QoS consistency, compatibility, and interoperability. However, since these guidelines are not standards, modifications can be made to these recommendations as specific needs or constraints require. To this end, Cisco has made a minor modification to its adoption of RFC 4594, as shown in Figure 1-8 2 . 1. However, it should be noted that in general it would not be recommended to separate audio components from video components within a media application and provision these with different levels of service, as this could lead to loss of synchronization between audio and video.1-19 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Figure 1-8 Cisco Media QoS Recommendations (RFC 4594-based) RFC 4594 outlines twelve classes of media applications that have unique service level requirements: • VoIP Telephony—This service class is intended for VoIP telephony (bearer-only) traffic (VoIP signaling traffic is assigned to the “Call Signaling” class). Traffic assigned to this class should be marked EF (DSCP 46). This class is provisioned with an Expedited Forwarding (EF) Per-Hop Behavior (PHB). The EF PHB—defined in RFC 3246—is a strict-priority queuing service, and as such, admission to this class should be controlled. Example traffic includes G,711 and G,729a. • Broadcast Video—This service class is intended for broadcast TV, live events, video surveillance flows, and similar “inelastic” streaming media flows (“inelastic” flows refer to flows that are highly drop sensitive and have no retransmission and/or flow-control capabilities). Traffic in this class should be marked Class Selector 5 (CS5/DSCP 40) and may be provisioned with an EF PHB; as such, admission to this class should be controlled (either by an explicit admission control mechanisms or by explicit bandwidth provisioning). Examples traffic includes live Cisco Digital Media System (DMS) streams to desktops or to Cisco Digital Media Players (DMPs), live Cisco Enterprise TV (ETV) streams, and Cisco IP Video Surveillance (IPVS). • Real-time Interactive—This service class is intended for (inelastic) room-based, high-definition interactive video applications and is intended primarily for audio and video components of these applications. Whenever technically possible and administratively feasible, data sub-components of this class can be separated out and assigned to the “Transactional Data” traffic class. Traffic in this class should be marked CS4 (DSCP 32) and may be provisioned with an EF PHB; as such, admission to this class should be controlled. An example application is Cisco TelePresence. 2. RFC 4594 recommends marking Call Signaling traffic to CS5. Cisco has recently completed a lengthy and expensive marking migration for Call Signaling from AF31 to CS3, and as such, have no plans to embark on another marking migration in the near future. RFC 4594 is an informational RFC (i.e., an industry best practice) and not a standard. Therefore, lacking a compelling business case at the time of writing, Cisco plans to continue marking Call Signaling as CS3 until future business requirements may arise that necessitate another marking migration. Therefore, the modification in Figure 1-8 is that Call Signaling is marked CS3 and Broadcast Video (recommended to be marked CS3 in RFC 4594) is marked CS5. 224550 Application Class Transactional Data AF2 Real-Time Interactive CS4 VoIP Telephony EF Ops/Admin/Mgmt (OAM) CS2 Bulk Data AF1 Scavenger CS1 Network Control CS6 Multimedia Streaming AF3 Best Effort DF Multimedia Conferencing AF4 Broadcast Video CS5 Signaling CS3 (Optional) PQ BW Queue + DSCP WRED BW Queue BW Queue BW Queue BW Queue + DSCP WRED (Optional) PQ Priority Queue (PQ) Queuing and Dropping Min BW Queue Required Required Required Required Recommended Admission Control Per-Hop Behavior BW Queue + DSCP WRED BW Queue + DSCP WRED Default Queue + RED Cisco TelePresence Cisco Digital Media System (VoDs) EIGRP, OSPF, BGP, HSRP, IKE SCCP, SIP, H.323 SNMP, SSH, Syslog Cisco Unified Personal Communicator Cisco IP Video Surveillance/Cisco Enterprise TV Cisco IP Phones (G.711, G.729) Media Application Examples YouTube, iTunes, BitTorrent, Xbox Live Cisco WebEx/MeetingPlace/ERP Apps E-mail, FTP, Backup Apps, Content Distribution Default Class1-20 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution • Multimedia Conferencing—This service class is intended for desktop software multimedia collaboration applications and is intended primarily for audio and video components of these applications. Whenever technically possible and administratively feasible, data sub-components of this class can be separated out and assigned to the “Transactional Data” traffic class. Traffic in this class should be marked Assured Forwarding 1 Class 4 (AF41/DSCP 34) and should be provisioned with a guaranteed bandwidth queue with DSCP-based Weighted-Random Early Detect (DSCP-WRED) enabled. Admission to this class should be controlled; additionally, traffic in this class may be subject to policing and re-marking 2 . Example applications include Cisco Unified Personal Communicator, Cisco Unified Video Advantage, and the Cisco Unified IP Phone 7985G. • Multimedia Streaming—This service class is intended for Video-on-Demand (VoD) streaming media flows which, in general, are more elastic than broadcast/live streaming flows. Traffic in this class should be marked Assured Forwarding Class 3 (AF31/DSCP 26) and should be provisioned with a guaranteed bandwidth queue with DSCP-based WRED enabled. Admission control is recommended on this traffic class (though not strictly required) and this class may be subject to policing and re-marking. Example applications include Cisco Digital Media System Video-on-Demand streams to desktops or to Digital Media Players. • Network Control—This service class is intended for network control plane traffic, which is required for reliable operation of the enterprise network. Traffic in this class should be marked CS6 (DSCP 48) and provisioned with a (moderate, but dedicated) guaranteed bandwidth queue. WRED should not be enabled on this class, as network control traffic should not be dropped (if this class is experiencing drops, then the bandwidth allocated to it should be re-provisioned). Example traffic includes EIGRP, OSPF, BGP, HSRP, IKE, etc. • Call-Signaling—This service class is intended for signaling traffic that supports IP voice and video telephony; essentially, this traffic is control plane traffic for the voice and video telephony infrastructure. Traffic in this class should be marked CS3 (DSCP 24) and provisioned with a (moderate, but dedicated) guaranteed bandwidth queue. WRED should not be enabled on this class, as call-signaling traffic should not be dropped (if this class is experiencing drops, then the bandwidth allocated to it should be re-provisioned). Example traffic includes SCCP, SIP, H.323, etc. • Operations/Administration/Management (OAM)—This service class is intended for—as the name implies—network operations, administration, and management traffic. This class is important to the ongoing maintenance and support of the network. Traffic in this class should be marked CS2 (DSCP 16) and provisioned with a (moderate, but dedicated) guaranteed bandwidth queue. WRED should not be enabled on this class, as OAM traffic should not be dropped (if this class is experiencing drops, then the bandwidth allocated to it should be re-provisioned). Example traffic includes SSH, SNMP, Syslog, etc. • Transactional Data (or Low-Latency Data)—This service class is intended for interactive, “foreground” data applications (“foreground” applications refer to applications that users are expecting a response—via the network—in order to continue with their tasks; excessive latency in response times of foreground applications directly impacts user productivity). Traffic in this class should be marked Assured Forwarding Class 2 (AF21 / DSCP 18) and should be provisioned with a dedicated bandwidth queue with DSCP-WRED enabled. This traffic class may be subject to policing and re-marking. Example applications include data components of multimedia collaboration applications, Enterprise Resource Planning (ERP) applications, Customer Relationship Management (CRM) applications, database applications, etc. • Bulk Data (or high-throughput data)—This service class is intended for non-interactive “background” data applications (“background” applications refer to applications that the users are not awaiting a response—via the network—in order to continue with their tasks; excessive latency 1. The Assured Forwarding Per-Hop Behavior is defined in RFC 2597. 2. These policers may include Single-Rate Three Color Policers or Dual-rate Three Color Policers, as defined in RFC 2697 and 2698, respectively.1-21 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution in response times of background applications does not directly impact user productivity. Furthermore, as most background applications are TCP-based file-transfers, these applications—if left unchecked—could consume excessive network resources away from more interactive, foreground applications). Traffic in this class should be marked Assured Forwarding Class 1 (AF11/DSCP 10) and should be provisioned with a dedicated bandwidth queue with DSCP-WRED enabled. This traffic class may be subject to policing and re-marking. Example applications include E-mail, backup operations, FTP/SFTP transfers, video and content distribution, etc. • Best Effort (or default class)—This service class is the default class. As only a relative minority of applications will be assigned to priority, preferential, or even to deferential service classes, the vast majority of applications will continue to default to this best effort service class; as such, this default class should be adequately provisioned 1 . Traffic in this class is marked Default Forwarding 2 (DF or DSCP 0) and should be provisioned with a dedicated queue. WRED is recommended to be enabled on this class. Although, since all the traffic in this class is marked to the same “weight” (of DSCP 0), the congestion avoidance mechanism is essentially Random Early Detect (RED). • Scavenger (or Low-Priority Data)—This service class is intended for non-business related traffic flows, such as data or media applications that are entertainment-oriented. The approach of a less-than best effort service class for non-business applications (as opposed to shutting these down entirely) has proven to be a popular, political compromise: these applications are permitted on enterprise networks, as long as resources are always available for business-critical voice, video, and data applications. However, as soon the network experiences congestion, this class is the first to be penalized and aggressively dropped. Furthermore, the scavenger class can be utilized as part of an effective strategy for DoS and worm attack mitigation 3 . Traffic in this class should be marked CS1 4 (DSCP 8) and should be provisioned with a minimal bandwidth queue that is the first to starve should network congestion occur. Example traffic includes YouTube, Xbox Live/360 Movies, iTunes, BitTorrent, etc. Admission Control Note The reason “Admission Control” is used in this document, rather than “Call Admission Control,” is that not all media applications are call-oriented (e.g., IPVS and streaming video). Nonetheless, these non-call-oriented flows can also be controlled by administrative policies and mechanisms, in conjunction with bandwidth provisioning. Bandwidth resources dedicated to strict-priority queuing need to be limited in order to prevent starvation of non-priority (yet business critical) applications. As such, contention for priority queues needs to be strictly controlled by higher-layer mechanisms. Admission control solutions are most effective when built on top of a DiffServ-enabled infrastructure, that is, a network that has Differentiated Services (QoS policies for marking, queuing, policing, and dropping) configured and activated, as illustrated in Figure 1-9. The first level of admission control is simply to enable mechanisms to protect voice-from-voice and/or video-from-video on a first-come, first-serve basis. This functionality provides a foundation on which higher-level policy-based decisions can be built. 1. Cisco recommends provisioning no less than 25% of a link’s bandwidth for the default best effort class. 2. Default Forwarding is defined in RFC 2474. 3. See the QoS SRND at www.cisco.com/go/srnd for more details. 4. A Lower-Effort Per-Domain Behavior that defines a less than best effort or scavenger level of service—along with the marking recommendation of CS1—is defined in RFC 3662.1-22 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution The second level of admission control factors in dynamic network topology and bandwidth information into a real-time decision of whether or not a media stream should be admitted. The third level of admission control introduces the ability to preempt existing flows in favor of “higher-priority” flows. The fourth level of admission control contains policy elements and weights to determine what exactly constitutes a “higher-priority” flow, as defined by the administrative preferences of an organization. Such policy information elements may include-but are not limited to-the following: • Scheduled versus Ad Hoc—Media flows that have been scheduled in advance would likely be granted priority over flows that have been attempted ad hoc. • Users/Groups—Certain users or user groups may be granted priority for media flows. • Number of participants—Multipoint media calls with larger number of participants may be granted priority over calls with fewer participants. • External versus internal participants—Media sessions involving external participants, such as customers, may be granted priority over sessions comprised solely of internal participants. • Business critical factor—Additional subjective elements may be associated with media streams, such as a business critical factor. For instance, a live company meeting would likely be given a higher business critical factor than a live training session. Similarly, a media call to close a sale or to retain a customer may be granted priority over regular, ongoing calls. Note It should be emphasized this is not an exhaustive list of policy information elements that could be used for admission control, but rather is merely a sample list of possible policy information elements. Additionally, each of these policy information elements could be assigned administratively-defined weights to yield an overall composite metric to calculate and represent the final admit/deny admission control decision for the stream. And finally, the fifth level of admission control provides graceful conflict resolution, such that-should preemption of a media flow be required-existing flow users are given a brief message indicating that their flow is about to be preempted (preferably including a brief reason as to why) and a few seconds to make alternate arrangements (as necessary).1-23 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Figure 1-9 Levels of Admission Control Options Broadcast Optimization Several media applications which utilize streaming, such as corporate broadcast communications, live training sessions, and video surveillance, have a traffic model with a single or few media sources transmitting to many simultaneous viewers. With such media applications present on the network, it is advantageous to optimize these broadcasts so that preferably a single (or few) packet streams are carried on the network that multiple viewers can join, instead of each viewer requiring their own dedicated packet stream. IP multicast (IPmc) is a proven technology that can be leveraged to optimize such media applications. Stream “splitting” is an alternative starting to appear in products. Stream splitting behaves in a similar fashion as IP multicast, only instead of a real multicast packet stream in the network, usually a proxy device receives the stream, then handles “join” requests, much like a rendezvous point in IPmc. Cisco’s Wide Areas Application Services (WAAS) product line is an example product that has an integrated stream splitting capability for certain types of media streams. Securing Media Communications There are a number of threats to media communications that network administrators would want to be aware of in their medianet designs, including: • Eavesdropping—The unauthorized listening/recording of media conversations, presenting the risk of privacy loss, reputation loss, and regulatory non-compliance. • Denial of Service—The loss of media applications or services, presenting the risk of lost productivity and/or business. • Compromised video clients—Hacker control of media clients, such as cameras, displays, and conferencing units, presenting the risk of fraud, data theft, and damaged reputations. Technical Business DiffServ Infrastructure Admission Control Network Intelligence Policy Intelligence Policy Information Elements Graceful Conflict Resolution Business and User Expectations 2250811-24 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution • Compromised system integrity—Hacker control of media application servers or the media control infrastructure, presenting similar risks as compromised clients, but on a significantly greater scale, as well as major productivity and business loss. When it comes to securing a medianet, there is no silver-bullet technology that protects against all forms of attacks and secures against all types of vulnerabilities. Rather, a layered approach to security, with security being integral to the overall network design, presents the most advantages in terms of protection, operational efficiency, and management. Visibility and Monitoring Service Levels It is more important than ever to understand the media applications running on your network, what resources they are consuming, and how they are performing. Whether you are trying to ensure a high-quality experience for video conferencing users or trying to understand how YouTube watchers may be impacting your network, it is important to have visibility into the network. Tools like Cisco NetFlow can be essential to understanding what portion of traffic flows on the network are critical data applications, VoIP applications, “managed” media applications, and the “unmanaged” media (and other) applications. For example, if you discover that YouTube watchers are consuming 50% of the WAN bandwidth to your branch offices, potentially squeezing out other business critical applications, network administrators may want to put usage policies into place or even more drastic measures such as network-based policing. Another important aspect is to understand how the media applications deemed business critical are performing? What kind of experience are users receiving? One way to proactively monitor such applications are using network-based tools such as IP Service Level Assurance (IP SLA), which can be programmed to send periodic probes through the network to measure critical performance parameters such as latency, jitter, and loss. It can be helpful to discover trouble spots with long-latency times, for example, and take actions with the service provider (or other root cause) to correct them before users get a bad experience and open trouble reports. Campus Medianet Architecture Deploying the medianet in the campus takes place on the standard hierarchical campus design recommendations, following the access, distribution, and core architecture model (see Figure 1-10). The subsections that follow provide the top design recommendations for the campus switching architecture.1-25 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Figure 1-10 Campus Medianet Architecture Design for Non-Stop Communications in the Campus As previously discussed, the campus switching network must be designed with high-availability in mind, with the design targets of 0-0.05% packet loss and network convergence within 200 ms. Designs to consider for the campus include those that include the Cisco Virtual Switching System (VSS), which dramatically simplifies the core and distribution design, implementation, and management. VSS is network system virtualization technology that pools multiple Cisco Catalyst 6500 Series Switches into one virtual switch, increasing operational efficiency by simplifying management to a single virtual device with a single configuration file, boosting nonstop communications by provisioning interchassis stateful failover, and scaling system bandwidth capacity to 1.4 Tbps. Additionally, Cisco Non-Stop Forwarding (NSF) with Stateful Switchover (SSO) is another feature to consider deploying in the campus switching network to increase network up-time and more gracefully handle failover scenarios if they occur. Si Si Si Si Surveillance Digital Signage Multimedia Conferencing IP Streaming Media TelePresence 224517 Si Si1-26 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Cisco Catalyst switching product lines have industry-leading high-availability features including VSS and NSF/SSO. When deployed with best practices network design recommendations, including routed access designs for the campus switching network, media applications with even the strictest tolerances can be readily supported. Bandwidth, Burst, and Power As discussed earlier, provisioning adequate bandwidth is a key objective when supporting many types of media applications, especially interactive real-time media applications such as Cisco TelePresence. In the access layer of the campus switching network, consider upgrading switch ports to Gigabit Ethernet (GE). This provides sufficient bandwidth for high-definition media capable endpoints. In the distribution and core layers of the campus switching network, consider upgrading links to 10 Gigabit Ethernet (10GE), allowing aggregation points and the core switching backbone to handle the traffic loads as the number of media endpoints and streams increases. Additionally, ensure that port interfaces have adequate buffering capacity to handle the burstiness of media applications, especially video-oriented media applications. The amount of buffering needed depends on the number and type of media applications traversing the port. Finally, the campus infrastructure can also supply Power-over-Ethernet to various media endpoints, such as IP video surveillance cameras and other devices. Application Intelligence and QoS Having a comprehensive QoS strategy can protect critical media applications including VoIP and video, as well as protect the campus switching network from the effects of worm outbreaks. The Cisco Catalyst switching products offer industry-leading QoS implementations, accelerated with low-latency hardware ASICs, which are critical for ensuring the service level for media applications. QoS continues to evolve to include more granular queuing, as well as additional packet identification and classification technologies. One advance is the Cisco Programmable Intelligent Services Adapter (PISA), which employs deeper packet inspection techniques mappable to service policies. Intelligent features like PISA will continue to evolve at the network edge to allow application intelligence, enabling the network administrator to prioritize critical applications while at the same time control and police unmanaged or unwanted applications which may consume network resources. Once traffic has been classified and marked, then queuing policies must be implemented on every node where the possibility of congestion could occur (regardless of how often congestion scenarios actually do occur). This is an absolute requirement to guarantee service levels. In the campus, queuing typically occurs in very brief bursts, usually only lasting a few milliseconds. However, due to the speeds of the links used within the campus, deep buffers are needed to store and re-order traffic during these bursts. Additionally, within the campus, queuing is performed in hardware, and as such, queuing models will vary according to hardware capabilities. Obviously, the greater the number of queues supported, the better, as this presents more policy flexibility and granularity to the network administrator. Four queues would be considered a minimum (one strict-priority queue, one guaranteed bandwidth queue, one default queue, and one deferential queue). Similarly, Catalyst hardware that supports DSCP-to-Queue mappings would be preferred, as these (again) present the most granular QoS options to the administrator. Consider an example, the Catalyst 6500 WS-X6708-10G, which provides a 1P7Q4T queuing model, where: • 1P represents a single, strict-priority queue • 7Q represents 7 non-priority, guaranteed-bandwidth queues • 4T represents 4 dropping thresholds per queue1-27 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Additionally, the WS-X6708-10G supports DSCP-to-Queue mapping, providing additional policy granularity. With such a linecard, voice, video, and data applications could be provisioned as shown in Figure 1-11. Figure 1-11 Campus Medianet Queuing Model Example Broadcast Optimization with IP Multicast IP multicast is an important part of many campus switching network designs, optimizing the broadcast of one-to-many streams across the network. Cisco Catalyst switching products provide industry-leading IP multicast proven in business critical network implementations. The IPmc foundation offers further value in networks in optimizing broadcast streaming. Leveraging Network Virtualization for Restricted Video Applications The objective of many media applications is to improve effectiveness of communication and collaboration between groups of people. These applications typically have a fairly open usage policy, meaning that they are accessible by and available to a large number of employees in the company. Other media applications have more restrictive access requirements, and are only available to a relatively small number of well defined users. For example, IP video surveillance is typically available to the Safety and Security department. Access to Digital Signage may only be needed by the few content programmers and the sign endpoints themselves. Additionally, it would generally be prudent to restrict visiting guests from on-demand or streaming content that is confidential to the company. Broadcast Video CS5 Multimedia Conferencing 224552 Bulk Data Transactional Data Network Management Call Signaling AF2 CS2 AF1 Best Effort DF Scavenger CS1 Network Control Multimedia Streaming Realtime Interactive Application DSCP Voice EF 1P7Q4T Q7 (10% ) Q5 (10%) DF/0 Q2 (25%) CS1 Q1 (5%) AF1 Q3 (10%) Q8 (PQ) EF CS3 CS2 CS6 CS7 Q6T2 Q6T1 Q6T3 Q6T4 AF4 AF3 Q6 (10%) AF2 Q4 (10%) CS5 CS4 CS4 AF4 AF3 (CS7) CS3 Internetwork Control CS61-28 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution For these restricted access video scenarios, network virtualization technologies can be deployed to isolate the endpoints, servers, and corresponding media applications within a logical network partition, enhancing the security of the overall solution. Cisco Catalyst switching products offer a range of network virtualization technologies, including Virtual Routing and Forwarding (VRF) Lite and Generic Route Encapsulation (GRE), that are ideal for logical isolation of devices and traffic. Securing Media in the Campus As previously discussed, a layered and integrated approach to security provides the greatest degree of protection, while at the same time increases operational and management efficiency. To this end, campus network administrators are encouraged to use the following tactics and tools to secure the Campus medianet: Basic security tactics and tools: • Access-lists to restrict unwanted traffic • Separate voice/video VLANs from data VLANs • Harden software media endpoints with Host-based Intrusion Protection Systems (HIPS), like Cisco Security Agent (CSA) • Disable gratuitous ARP • Enable AAA and roles based access control (RADIUS/TACACS+) for the CLI on all devices • Enable SYSLOG to a server; collect and archive logs • When using SNMP, use SNMPv3 • Disable unused services • Use SSH to access devices instead of Telnet • Use FTP or SFTP (SSH FTP) to move images and configurations around and avoid TFTP when possible • Install VTY access-lists to limit which addresses can access management and CLI services • Apply basic protections offered by implementing RFC 2827 filtering on external edge inbound interfaces Intermediate security tactics and tools: • Deploy firewalls with stateful inspection • Enable control plane protocol authentication where it is available (EIGRP, OSPF, HSRP, VTP, etc.) • Leverage the Cisco Catalyst Integrated Security Feature (CISF) set, including: – Dynamic Port Security – DHCP Snooping – Dynamic ARP Inspection – IP Source Guard Advanced security tactics and tools: • Deploy Network Admission Control (NAC) and 802.1x • Encrypt all media calls with IPSec • Protect the media control plane with Transport Layer Security (TLS) • Encrypt configuration files1-29 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution • Enable Control Plane Policing (CoPP) • Deploy scavenger class QoS (data plane policing) WAN and Branch Office Medianet Architecture Many employees in the typical large company now work in satellite or branch offices away from the main headquarters. These employees expect access to the same set of media applications as your HQ employees. In fact, they may rely on them even more because of the need to communicate effectively and productively with corporate. Deploying the medianet in the WAN and branch office networks takes place on the standard design recommendations, following the services aggregation edge, service provider, and branch office architecture model (seeFigure 1-12 and Figure 1-13). The subsections that follow provide the top design recommendations for the WAN and branch office architecture. Figure 1-12 WAN/MAN Medianet Architecture SLA WAN Aggregation Edge WAN Transport Branch Edge MAN Edge Site 1 MAN Transport MAN Edge Site 2 DWDM Metro Enternet SONET/ SDH Internet MPLS FR/ATM 2245181-30 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Figure 1-13 Branch Medianet Architecture Design for Non-Stop Communications over the WAN For reasons previously discussed, the WAN and branch office networks must be designed with high availability in mind. The target for packet loss on the WAN and branch networks is the same as for campus networks: 0-0.05%. However, the convergence target of 200 ms for campus networks is most likely unachievable over the WAN and as such, WAN convergence times should be designed to the minimum achievable times. Because branch offices need to stay consistently and reliably connected to the regional hub or central site, it is highly recommended that each branch office have dual WAN connections, using diverse SP circuits. In the event of an outage on one WAN connection, the secondary WAN provides survivability. Designs for the WAN and branch office should deploy Cisco Performance Routing (PfR), which provides highly-available utilization of the dual WAN connections, as well as fast convergence and rerouting in the event of lost connectivity. At the branch office, consider designs with dual Cisco Integrated Services Routers (ISR) to offer redundancy in the event of an equipment failure. Additionally, at the services aggregation edge, deploy designs based on highly-available WAN aggregation, including Stateful Switchover (SSO). The Cisco Aggregation Services Router (ASR) product line has industry-leading high-availability features including built-in hardware and processor redundancy, In-Service Software Upgrade (ISSU) and NSF/SSO. When deployed with best practices network design recommendations for the WAN edge, video applications with even the strictest tolerances can be readily supported. WAN Internet Surveillance TelePresence Digital Signage Multimedia Conferencing 224519 IP Streaming Media1-31 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Bandwidth Optimization over the WAN When not properly planned and provisioned, the WAN may raise the largest challenge to overcome in terms of delivering simultaneous converged network services for media applications. Video-oriented media applications in particular consume significant WAN resources and understanding application requirements and usage patterns at the outset is critical. Starting with a survey of current WAN speeds can assist in decisions regarding which branch offices need to be upgraded to higher speed and secondary WAN connections. Some quick calculations based on the number of seats in a branch office can provide a quick indicator about bandwidth needs. For example, suppose there are 20 employees in a branch office and the company relies on TelePresence and desktop multimedia conferencing for collaboration, streaming media for training and corporate communications broadcasts, and plans to install IP video surveillance cameras at all branches for security. Let us further assume a 5:1 over-subscription on desktop multimedia conferencing. A quick calculation might look similar to the following: • VoIP:5 simultaneous calls over the WAN to HQ @ 128 kbps each • Video Surveillance:2 camera feeds @ 512 kbps each • Cisco TelePresence:1 call @ 15 Mbps • Desktop Multimedia Conferencing:4 simultaneous calls over the WAN to HQ @ 512 kbps each • Training VoDs:2 simultaneous viewers @ 384 kbps each • Data Applications: 1 Mbps x 20 employees With simple estimates, it is possible to see that this Branch Office may need 45 Mbps or more of combined WAN bandwidth. One technology which can aid the process is to “harvest” bandwidth using WAN optimization technologies such as Cisco Wide Area Application Services (WAAS). Using compression and optimization, Cisco WAAS can give back 20-50% or more of our current WAN bandwidth, without sacrificing application speed. WAAS or any other WAN optimization technology is unlikely to save bandwidth in video applications themselves, because of the high degree of compression already “built-in” to most video codecs. But rather, the point of implementing WAN optimization is to “clear” bandwidth from other applications to be re-used by newer or expanding media applications, such as video. The question whether to optimize the WAN or upgrade the WAN bandwidth is often raised. The answer when adding significant video application support is both. Optimizing the WAN typically allows the most conservative WAN upgrade path. Application Intelligence and QoS Having a comprehensive QoS strategy can protect critical media applications as well as protect the WAN and branch office networks from the effects of worm outbreaks. Cisco ISR and ASR product families offer industry-leading QoS implementations, accelerated with low-latency hardware ASICs, that are critical for ensuring the service level for video applications. QoS continues to evolve to include more granular queuing, as well as additional packet identification and classification technologies. Another critical aspect of the overall QoS strategy is the Service Level Assurance (SLA) contracted with the service provider (or providers) for the WAN connectivity. In general, for video applications an SLA needs to specify the lowest practical latency (such as less than 60 milliseconds one-way SP edge-to-edge 1-32 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution latency; however, this value would be greater for intercontinental distances), low jitter (such as less than 5 ms peak-to-peak jitter within the SP network), and lowest practical packet loss (approaching 0-0.05%). SP burst allowances and capabilities are also factors to consider. When selecting SPs, the ability to map the company’s QoS classes to those offered by the SP is also essential. The SP service should be able to preserve Layer 3 DSCP markings and map as many classes as practical across the SP network. An example enterprise edge medianet mapping to a 6-class MPLS VPN SP is illustrated in Figure 1-14. Figure 1-14 Enterprise to 6-Class MPLS VPN Service Provider Mapping Model Example Broadcast Optimization for Branch Offices IP multicast is supported by the Cisco ISR and ASR product families. Certain SP WAN services may or may not support the capability to use IPmc over the WAN. For example, if using an MPLS service, typically the provider must be able to offer a multicast VPN service to allow IPmc to continue to operate over the MPLS WAN topology. Similarly, certain WAN topologies and integrated security designs also may preclude the use of IPmc. For example, IPSec VPNs cannot transport multicast packets natively. Cisco IPSec VPN WANs combined with Cisco GRE, Cisco Virtual Tunnel Interface (VTI), and Cisco Dynamic Multipoint VPN (DMVPN) do support multicast traffic. Scalability of WANs with encryption-enabled can suffer from multicast traffic due to the requirements to encrypt the same packet numerous times, once for each branch office connection. The Cisco Group Encrypted Transport VPN (GETVPN) offers a solution, allowing many branch office connections to share the same encryption key. This is an ideal solution for maintaining the secure connectivity that VPNs offer, while not compromising scalability when IP multicast is required to be broadcast over the WAN. Broadcast Video CS5 Multimedia Conferencing 224553 Bulk Data Transactional Data Network Management Call Signaling AF2 CS2 AF1 Best Effort DF Scavenger CS1 Network Control Multimedia Streaming Realtime Interactive Application DSCP VoIP Telephony EF 6-Class SP Model SP-Critical 1 10% SP-Critical 2 15% SP-Critical 3 15% SP-Best Effort 25% CS2 DF SP-Scavenger CS1 5% AF1 SP-Real-Time 30% EF CS3 CS6 AF3 CS4 AF4 AF2 CS5 CS4 CS5 AF4 AF3 CS6 CS31-33 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Solution Finally, for situations where multicast of the WAN is not possible, the Cisco WAAS product line also offers a stream “splitting” capability as an alternative to IPmc. The WAAS device in the branch office network acts as a proxy device, allowing multiple users to join the single media stream received over the WAN connection. Data Center Medianet Architecture Deploying the medianet in the data center takes place on the standard design recommendations, following the data center architecture model (see Figure 1-15). The subsections that follow provide the top design recommendations for the data center architecture. Figure 1-15 Data Center Medianet Architecture Conferencing and Gateways Digital Media Management Core Core Aggregation Access Edge Server Clusters Server Farms Storage/Tape Farms Media Storage and Retrieval 2245201-34 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Conclusions Design for Non-Stop Communications in the Data Center As with the campus network, the data center network must be designed with high-availability in mind, with the design targets of 0-0.05% packet loss and network convergence within 200 ms. Designs to consider for the data center include those that include Cisco Non-Stop Forwarding (NSF) with Stateful Switchover (SSO) to increase network up-time and more gracefully handle failover scenarios if they occur. Cisco Catalyst switching product lines, including the Catalyst 6000 family, and the Cisco Nexus family have industry-leading high-availability features. When deployed with best practices network design recommendations for the data center switching network, video applications with even the strictest tolerances can be readily supported. High-Speed Media Server Access As discussed earlier, minimizing latency is a key objective when supporting many types of media applications, especially interactive real-time media applications such as desktop multimedia conferencing and Cisco TelePresence. If conferencing resources are located in the data center, it is important to provide high-speed, low-latency connections to minimize unnecessary additions to the latency budget. In the aggregation layer of the data center switching network, consider upgrading links to 10 Gigabit Ethernet (10GE), allowing aggregation points and the core switching backbone to handle the traffic loads as the number of media endpoints and streams increases. In the access layer of the data center switching network, consider upgrading targeted server cluster ports to 10 Gigabit Ethernet (10GE). This provides sufficient speed and low-latency for storage and retrieval needed for streaming intensive applications, including Cisco IP Video Surveillance (IPVS) and Cisco Digital Media System (DMS). Media Storage Considerations Several media applications need access to high-speed storage services in the data center, including IP video surveillance, digital signage, and desktop streaming media. It is important to recognize that video as a media consumes significantly more storage than many other types of media. Factor video storage requirements into data center planning. As the number and usage models of video increases, the anticipated impact to storage requirements is significant. Another consideration is how to manage the increasing volume of video media that contain proprietary, confidential, or corporate intellectual property. Policies and regulatory compliance planning must be in place to manage video content as a company would manage any of its sensitive financial or customer information. Conclusions Media applications are increasing exponentially on the IP network. It is best to adopt a comprehensive and proactive strategy to understand how these media applications will affect your network now and in the future. By taking an inventory of video-enabled applications and understanding the new and changing requirements they will place on the network, it is possible to successfully manage through this next evolution of IP convergence, and take steps to enable your network to continue to be the converged platform for your company's communications and collaborations.1-35 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Terms and Acronyms By designing the deployment of an end-to-end medianet architecture, it is possible to enable faster adoption of new media applications, while providing IT staff with the tools to proactively manage network resources and ensure the overall user experience (see Figure 1-16). Enterprises that lack a comprehensive network architecture plan for media applications may find themselves in a difficult situation, as the proportion of media application traffic consumes the majority of network resources. Figure 1-16 Bringing it All Together Cisco is uniquely positioned to provide medianets, offering a comprehensive set of products for the network infrastructure designed with built-in media support, as well as being a provider of industry leading media applications, including Cisco TelePresence, Cisco WebEx, and Cisco Unified Communications. Through this unique portfolio of business media solutions and network platforms, Cisco leads the industry in the next wave of IP convergence and will lead the media revolution as companies move to the next wave of productivity and collaboration. Terms and Acronyms Data Center Applications Delivery Fabric Campus Communications Fabric Media Application Solutions Branch and WAN Services Fabric 224521 Ensuring the Experience IP Acronyms Definition 10GE 10 Gigabit Ethernet AVVID Architecture for Voice, Video, and Integrated Data Codec Coder/Decoder DC Data Center DMS Digital Media System DMVPN Dynamic Multipoint VPN DPI Deep Packet Inspection GE Gigabit Ethernet GETVPN Group Encrypted Transport VPN GRE Generic Route Encapsulation H.264 Video Compression standard, also known as MPEG4 HA High Availability HD High Definition video resolution1-36 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Related Documents Related Documents White Papers • The Exabyte Era http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/net_implementation_white_p aper0900aecd806a81a7.pdf • Global IP Traffic Forecast and Methodology, 2006-2011 http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/net_implementation_white_p aper0900aecd806a81aa.pdf • Video: Improving Collaboration in the Enterprise Campus HDTV High-Definition Television IPmc IP Multicast IP SLA IP Service Level Assurance IPTV IP Television IPVS IP Video Surveillance LD Low Definition video resolution MPEG4 Moving Pictures Expert Group 4 standard NSF Non-Stop Forwarding NV Network Virtualization PfR Performance Routing PISA Programmable Intelligent Services Adapter QoS Quality of Service SLA Service Level Agreement SP Service Provider SSO Stateful-Switchover SVC Scalable Video Coding UC Unified Communications VoD Video On Demand Vo I P Vo ic e o v e r I P VPN Virtual Private Network VRF Virtual Routing and Forwarding VRN Video Ready Network VSS Virtual Switching System WAN Wide Area Network WLAN Wireless LAN WAAS Wide Area Application Services1-37 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Related Documents http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns431/solution_overview_c22_4682 22.pdf System Reference Network Designs • Enterprise 3.0 Campus Architecture Overview and Framework http://www.cisco.com/en/US/docs/solutions/Enterprise/Campus/campover.html • WAN Transport Diversity Design Guide http://www.cisco.com/application/pdf/en/us/guest/netsol/ns483/c649/ccmigration_09186a008094 • Branch Office Architecture Overview http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080759 3b7.pdf • Data Center Infrastructure Design Guide http://www.cisco.com/application/pdf/en/us/guest/netsol/ns107/c649/ccmigration_09186a0080733 77d.pdf • End-to-End Quality of Service (QoS) Design Guide http://www.cisco.com/application/pdf/en/us/guest/netsol/ns432/c649/ccmigration_09186a008049b 062.pdf • Telepresence Network System Design Guide http://www.cisco.com/en/US/docs/solutions/TelePresence_Network_Systems_1.1_DG.pdf • IP Video Surveillance Stream Manager Design Guide http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns656/net_design_guidance0900aecd8 05ee51d.pdf • Branch Wide Area Application Services (WAAS) Design Guide http://www.cisco.com/application/pdf/en/us/guest/netsol/ns477/c649/ccmigration_09186a008081c 7d5.pdf • Network Virtualization Path Isolation Design Guide http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080851 cc6.pdf Websites • Campus Solutions http://www.cisco.com/en/US/netsol/ns340/ns394/ns431/networking_solutions_packages_list.html • WAN and Aggregation Services Solutions http://www.cisco.com/en/US/netsol/ns483/networking_solutions_packages_list.html • Branch Office Solutions http://www.cisco.com/en/US/netsol/ns477/networking_solutions_packages_list.html • Data Center 3.0 Solutions http://www.cisco.com/en/US/netsol/ns708/networking_solutions_solution_segment_home.html • Video Solutions1-38 Medianet Reference Guide OL-22201-01 Chapter 1 Medianet Architecture Overview Related Documents http://www.cisco.com/en/US/netsol/ns340/ns394/ns158/networking_solutions_packages_list.html • Telepresence Solutions http://www.cisco.com/en/US/netsol/ns669/networking_solutions_solution_segment_home.html • Unified Communications Solutions http://www.cisco.com/en/US/netsol/ns340/ns394/ns165/ns152/networking_solutions_package.htm l • Wide Area Application Services Solutions http://www.cisco.com/en/US/products/ps5680/Products_Sub_Category_Home.htmlC H A P T E R 2-1 Medianet Reference Guide OL-22201-01 2 Medianet Bandwidth and Scalability This chapter discusses the bandwidth requirements for different types of video on the network, as well as scalability techniques that allow additional capacity to be added to the network. Bandwidth Requirements Video is the ultimate communications tool. People naturally use visual clues to help interpret the spoken word. Facial expression, hand gestures, and other clues form a large portion of the messaging that is normal conversation. This information is lost on traditional voice-only networks. If enough of this visual information can be effectively transported across the network, potential productivity gains can be realized. However, if the video is restricted by bandwidth constraints, much of the visual information is lost. In the case of video conferencing, the user community does not significantly reduce travel. In the case of video surveillance, small distinguishing features may be lost. Digital media systems do not produce engaging content that draws in viewers. In each case, the objectives that motivated the video deployment cannot be met if the video is restricted by bandwidth limitations. Quantifying the amount of bandwidth that a video stream consumes is a bit more difficult than other applications. Specifying an attribute in terms of bits per second is not sufficient. The per-second requirements result from other more stringent requirements. To fully understand the bandwidth requirements, the packet distribution must be fully understood. This is covered in Chapter 1, “Medianet Architecture Overview,”and briefly revisited here. The following video attributes affect how much bandwidth is consumed: • Resolution—The number of rows and columns in a given frame of video in terms of pixel count. Often resolution is specified as the number of rows. Row counts of 720 or greater are generally accepted as high definition (HD) video. The number of columns can be derived from the number of rows by using the aspect ratio of the video. Most often HD uses an aspect ratio of 16:9, meaning 16 columns for every 9 rows. As an example, a resolution of 720 and an aspect ratio of 16:9 gives a screen dimension of 1280 x 720 pixels. The same 720 resolution at a common 4:3 aspect ratio gives a screen dimension of 960 x 720 pixels. Resolution has a significant effect on bandwidth requirements as well as the productivity gains of video on the network. Resolution is a second-degree term when considering network load. If the aspect ratio is held at 16:9 and the resolution is increased from 720 to 1080, the number of pixels per frame jumps from 921,600 to 2,073,600, which is significant. If the change is in terms of percent, a 50 percent increase in resolution results in a 125 percent increase in pixel count. Resolution is also a key factor influencing the microburst characteristics of video. A microburst results when an encoded frame of video is sliced into packets and placed on the outbound queue of the encoder network interface card (NIC). This is discussed in more detail later in this chapter.2-2 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Measuring Bandwidth • Encoding implementation—Encoding is the process of taking the visual image and representing it in terms of bytes. Encoders can be distinguished by how well they compress the information. Two factors are at work. One is the algorithm that is used. Popular encoding algorithms are H.264 and MPEG-4. Other older encoders may use H.263 or MPEG-2. The second factor is how well these algorithms are implemented. Multiple hardware digital signal processors (DSPs) are generally able to encode the same video in less bytes than a battery operated camera using a low power CPU. For example, a flip camera uses approximately 8 Mbps to encode H.264 at a 720 resolution. A Cisco TelePresence CTS-1000 can encode the same resolution at 2 Mbps. The algorithm provides the encoder flexibility to determine how much effort is used to optimize the compression. This in turn gives vendors some latitude when trying to meet other considerations, such as cost and power. • Quality—Encoding video uses a poor compression. This means that some amount of negligible visual information can be discarded without having a detrimental impact of the viewer experience. Examples are small variations in color at the outer edges of the visual spectrum of red and violet. As more detail is omitted from the encoded data, small defects in the rendered video begin to become apparent. The first noticeable impact is color banding. This is when small color differences are noticed in an area of common color. This is often most pronounced at the edge of the visible spectrum, such as a blue sky. • Frame rate—This is the number of frames per second (fps) used to capture the motion. The higher the frame rate, the smoother and more life-like is the resulting video. At frame rates less than 5 fps, the motion becomes noticeably jittery. Typically, 30 fps is used, although motion pictures are shot at 24 fps. Video sent at more than 30 fps offers no substantial gain in realism. Frame rates have a linear impact on bandwidth. A video stream of 15 fps generates approximately half as much network traffic as a stream of 30 fps. • Picture complexity—Encoders must take a picture and encode it in as few bytes as possible without noticeably impacting the quality. As the image becomes more complex, it takes more bytes to describe the scene. Video of a blank wall does not consume as much bandwidth as a scene with a complex image, such as a large room of people. The impact on bandwidth is not substantial but does have some influence. • Motion—Just like picture complexity, the amount of motion in a video has some influence over how much bandwidth is required. The exception is Motion JPEG (M-JPEG). The reason is that all other encoding techniques involve temporal compression, which capitalizes on savings that can be made by sending only the changes from one frame to the next. As a result, video with little motion compresses better than video with a great deal of motion. Usually, this means that video shot outside, where a breeze may be moving grass or leaves, often requires more network bandwidth than video shot indoors. Temporal compression is discussed in more detail in Chapter 1, “Medianet Architecture Overview.” It is possible to have some influence on the bandwidth requirements by changing the attributes of the video stream. A 320x240 video at 5 fps shot in a dark closet requires less bandwidth than a 1080x1920 video at 30 fps shot outside on a sunny, breezy day. The attributes that have the most influence on network bandwidth are often fully configurable. These are resolution, frame rate, and quality settings. The remaining attributes are not directly controlled by the administrator. Measuring Bandwidth Network bandwidth is often measured in terms of bits per second. This is adequate for capacity planning. If a video stream is expected to run at 4 megabits per second (Mbps), a 45 Mbps circuit can theoretically carry 11 of these video streams. The number is actually less, because of the sub-second bandwidth requirements. This is referred to as the microburst requirements, which are always greater than the one second smoothed average. 2-3 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Video Transports Consider the packet distribution of video. First remember that frames are periodic around the frame rate. At 30 fps, there is a frame every 33 msec. The size of this frame can vary. Video is composed of two basic frame types, I-frames and P-frames. I-frames are also referred to as full reference frames. They are larger than P-frame but occur much less frequently. It is not uncommon to see 128 P-frames for every 1 I-frame. Some teleconference solutions send out even fewer I-frames. When they are sent, they look like a small burst on the network when compared to the adjacent P-frames. It may take as many as 80 packets or more to carry an I-frame of high definition 1080 video. These 80+ packets show up on the outbound NIC of the encoder in one chunk. The NIC begins to serialize the packet onto the Ethernet wire. During this time, the network media is being essentially used at 100 percent; the traffic bursts to line rate for the duration necessary to serialize an I-frame. If the interface is a Gigabit interface, the duration of this burst is one-tenth as long as the same burst on a 100 Mbs interface. A microburst entails the concept that the NIC is 100 percent used during the time it takes to serialize all the packets that compose the entire frame. The more packets, the longer duration required to serialize them. It is best to conceive of a microburst as either the serialization delay of the I-frame or the total size of the frame. It is not very useful to characterize an I-frame in terms of a rate such as Kbps, although this is fairly common. On closer examination, all bursts, and all packets, are sent at line rate. Interfaces operate only at a single speed. The practice of averaging all bits sent over a one-second interval is somewhat arbitrary. At issue is the network ability to buffer packets, because multiple inbound streams are in contention for the same outbound interface. A one-second measurement interval is too long to describe bandwidth requirements because very few devices can buffer one second worth of line rate data. A better interval is 33 msec, because this is the common frame rate. There are two ways to consider this time interval. First, the serialization delay of any frame should be less than 33 msec. Second, any interface in the network should be able to buffer the difference in serialization delay between the ingress and egress interface over a 33-msec window. During congestion, the effective outbound serialization delay for a given stream may fall to zero. In this case, the interface may have to queue the entire frame. If queue delays of above 33 msec are being experienced, the video packets are likely to arrive late. Network shapers and policers are typical points of concern when talking about transporting I-frames. These are discussed in more detail in Chapter 4, “Medianet QoS Design Considerations,”and highlighted later in this chapter. Video Transports Several classifications can be used to describe video, from real-time interactive streaming video on the high end to prerecorded video on the low end. Real-time video is being viewed and responded to as it is occurring. This type of stream has the highest network requirements. Remote medicine is an example of an application that uses this type of video. TelePresence is a more common application. In all cases, packets that are dropped by the network cannot be re-sent because of the time-sensitive nature. Real-time decoders are built with the smallest de-jitter buffers possible. On the other extreme is rebroadcasting previously recorded video. This is usually done over TCP and results in a network load similar to large FTP file transfers. Dropped packets are easily retransmitted. Chapter 4, “Medianet QoS Design Considerations” expands on this concept and discusses the various types of video and the service levels required of the network. Packet Flow Malleability Video packets are constrained by the frame rate. Each frame consists of multiple packets, which should arrive within the same frame window. There are I-frames and P-frames. The network is not aware of what type of frame has been sent, or that a group of packets are traveling together as a frame. The network considers each packet only as a member of a flow, without regard to packet distribution. When tools such 2-4 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Packet Flow Malleability as policers and shapers are deployed, some care is required to accommodate the grouping of packets into frames, and the frame rate. The primary concern is the I-frame, because it can be many times larger than a P-frame, because of the way video encoders typically place I-frames onto the network. (See Figure 2-1.) Figure 2-1 P-frames and I-frames When an I-frame is generated, the entire frame is handed to the network abstraction layer (NAL). This layer breaks the frame into packets and sends them on to the IP stack for headers. The processor on the encoder can slice the frame into packets much faster than the Ethernet interface can serialize packets onto the wire. As a result, video frames generate a large number of packets that are transmitted back-to-back with only the minimum interpacket gap (IPG). (See Figure 2-2.) Figure 2-2 I-frame Serialization 30 frames/sec P-frames (size set by motion) I-frames 64K–300K typical per I-frame (size influenced by resolution) 228636 DMA flood Encoder memory heap Eth0 queue I-Frame serialization at NIC line rate. 2286372-5 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Microbursts The service provider transport and video bandwidth requirements set the limit to which video streams can be shaped and recast. Natural network video is sent at a variable bit rate. However, many transports have little tolerance for traffic flows that exceed a predetermined contract committed information rate (CIR). Although Chapter 4, “Medianet QoS Design Considerations” discusses this in further details, some overview of shapers and policers is warranted as part of the discussion of bandwidth requirements. Any interface can transmit only at line rate. Interfaces use a line encoding scheme to ensure that both the receiver and transmitter are bit synchronized. When a user states that an interface is running at x Mbps, that is an average rate over 1 second of time. The interface was actually running at 100 percent utilization while those packets were being transmitted, and idle at all the other times. Figure 2-3 illustrates this concept: Figure 2-3 Interface Load/Actual Load Microbursts In video, frames are sent as a group of packets. These packets are packed tightly because they are generated at the same time. The larger the frame, the longer the duration of the microburst that results when the frame is serialized. It is not uncommon to find microbursts measured in terms of bits per second. Typically the rate is normalized over a frame. For example, if an I-frame is 80 Kb, and must be sent within a 33 msec window, it is tempting to say the interface is running at 4 Mbps but bursting to (80x1000x8)/0.033 = 19.3 Mbps. In actuality, the interface is running at line rate long enough to serialize the entire frame. The interface speed and buffers are important in determining whether there will be drops. The normalized 33 msec rate gives some useful information when setting shapers. If the line rate in the example above is 100 Mbps, you know that the interface was idle for 80.7 percent of the time during the 33 msec window. Shapers can help distribute idle time. However, this does not tell us whether the packets were evenly distributed over the 33 msec window, or whether they arrived in sequence during the first 6.2 msec. The encoders used by TelePresence do some level of self shaping so that packets are better distributed over a 33 msec window, while the encoders used by the IP video surveillance cameras do not. 100% 0% µ sec Interface load Accepted load smoothed over t = 1 sec Actual load 2286382-6 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Shapers Shapers Shapers are the most common tool used to try to mitigate the effect of bursty traffic. Their operation should be well understood so that other problems are not introduced. Shapers work by introducing delay. Ideally, the idle time is distributed between each packet. Only hardware-based shapers such as those found in the Cisco Catalyst 3750 Metro device can do this. Cisco IOS shapers use a software algorithm to enforce packets to delay. Cisco IOS-based shapers follow the formula Bc = CIR * Tc. The target bandwidth (CIR) is divided into fixed time slices (Tc). Each Tc can send only Bc bytes worth of data. Additional traffic must wait for the next available time slice. This algorithm is generally effective, but keep in mind some details. First, IOS shapers can meter only traffic with time slices of at least 4 msec. This means that idle time cannot be evenly distributed between all packets. Within a time slice, the interface still sends packets at line rate. If the queue of packets waiting is deeper than Bc bytes, all the packets are sent in sequence at the start of each Tc, followed by an idle period. In effect, if the offered rate exceeds the CIR rate for an extended period, the shaper introduces microbursts that are limited to Bc in size. Each time slice is independent of the previous time slice. A burst of packets may arrive at the shaper and completely fill a Bc at the very last moment, followed immediately by a new time slice with another Bc worth of available bandwidth. This means that although the interface routinely runs at line rate for each Bc worth of data, it is possible that it will run at line rate for 2*Bc worth of bytes. When a shaper first becomes active, the traffic alignment in the previous Tc is not considered. Partial packets are another feature of shapers to consider. Partial packets occur when a packet arrives whose length exceeds the remaining Bc bits available in the current time slice. There are two possible approaches to handle this. First, delay the packet until there are enough bits available in the bucket. The down side of this approach is twofold. First, the interface is not able to achieve CIR rate because time slices are expiring with bits still left in the Bc bucket. Secondly, while there may not be enough Bc bits for a large packet, there could be enough bits for a much smaller packet in queue behind the large packet. There are problems with trying to search the queue looking for the best use of the remaining Bc bits. Instead, the router allows the packet to transmit by borrowing some bits from the next time slice. Figure 2-4 shows the impact of using shapers.2-7 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Shapers Figure 2-4 Shaper Impact Choosing the correct values for Tc, Bc, and CIR requires some knowledge of the traffic patterns. The CIR must be above the sustained rate of the traffic load; otherwise, traffic continues to be delayed until shaper drops occur. In addition, the shaper should delay as few packets as possible. Finally, if the desire is to meet a service level enforced by a policer, the shaper should not send bursts (Bc) larger than the policer allows. The attributes of the upstream policer are often unknown, yet these values are a dominant consideration when configuring the shaper. It might be tempting to set the shaper Bc to its smallest possible value. However, as Tc falls below 2 * 33 msec, the probability of delaying packets increases, as does the jitter. Jitter is at its worst when only one or two packets are delayed by a large Tc. As Tc approaches 0, jitter is reduced and delay is increased. In the limit as Tc approaches 0, the introduced delay equals the serialization delay if the circuit can be clocked at a rate equal to CIR. With TelePresence, the shaper Tc should be 20 msec or less to get the best balance between delay and jitter. If the service provider cannot accept bursts, the shaper can be set as low as 4 msec. With shapers, if packets continue to arrive at a rate that exceeds the CIR of the shaper, the queue depth continues to grow and eventually saturates. At this point, the shaper begins to discard packets. Normally, a theoretically ideal shaper has infinite queue memory and does not discard packets. In practice, it is actually desirable to have shapers begin to look like policers if the rate exceeds CIR for a continued duration. The result of drops is that the sender throttles back its transmission rate. In the case of TCP flows, window sizes are reduced. In the case of UDP, lost transmissions cause upper layers such as TFTP, LDAP, or DNS to pause for the duration of a response timeout. UDP flows in which the session layer has no feedback mechanism can overdrive a shaper. Denial-of-service (DoS) attacks are in this class. Some Real-Time Protocol (RTP)/UDP video may also fall in this class where Real-Time Control Protocol (RTCP) is not used. Real-Time Streaming Protocol (RTSP)-managed RTP flows are an example of this type of video. In these cases, it is very important to ensure that the shaper CIR is adequately configured. When a shaper queue saturates, all non-priority queuing (PQ) traffic can be negatively impacted. 0% µsec Interface load Target CIR Actual rate is line speed and always exceeds shaped rate Shaper Active Tc delayed Shaper Impact Time Smoothed Average 2286392-8 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Shapers versus Policers Shapers versus Policers Policers and shapers are related methods that are implemented somewhat differently. Typically, a shaper is configured on customer equipment to ensure that traffic is not sent out of contract. The service provider uses a policer to enforce a contracted rate. The net effect is that shapers are often used to prevent upstream policers from dropping packets. Typically, the policer is set in place without regard to customer shapers. If the customer knows what the parameters of the policer are, this knowledge can be used to correctly configure a shaper. Understanding the difference between policers and shapers helps in understanding the difference in implementation. First, a policer does not queue any packets. Any packets that do not conform are dropped. The shaper is the opposite. No packets are dropped until all queue memory is starved. Policers do not require the router to perform an action; instead, the router only reacts. Shaping is an active process. Queues must be managed. Events are triggered based on the fixed Tc timer. The algorithm for shaping is to maintain a token bucket. Each Tc seconds, Bc tokens are added to the bucket. When a packet arrives, the bucket is checked for available tokens. If there are enough tokens, the packet is allowed onto the TxRing and the token bucket is debited by the size of the packet. If the bucket does not have enough tokens, the packet must wait in queue. At each Tc interval, Bc tokens are credited to the bucket. If there are packets waiting in queue, these packets can be processed until either the queue is empty or the bucket is again depleted of tokens. By contrast, policing is a passive process. There is no time constant and no queue to manage. A simple decision is made to pass or drop a packet. With policing, the token bucket initially starts full with Bc tokens. When a packet arrives, the time interval since the last packet is calculated. The time elapsed is multiplied by the CIR to determine how many tokens should be added to the bucket. After these tokens have been credited, the size of the packet is compared with the token balance in the bucket. If there are available tokens, the packet is placed on the TxRing and the size of the packet is subtracted from the token bucket. If the bucket does not have enough available tokens, the packet is dropped. As the policed rate approaches the interface line rate, the size of the bucket become less important. When CIR = Line Rate, the bucket refills at the same rate that it drains. Because tokens are added based on packet arrival times, and not as periodic events as is done with shapers, there is no time constant (Tc) when discussing policers. The closest equivalent is the time required for an empty bucket to completely refill if no additional packets arrive. In an ideal case, a shaper sends Bc bytes at line rate, which completely drains the policer Bc bucket. The enforced idle time of the shaper for the remaining Tc time then allows the Bc bucket of the policer to completely refill. The enforced idle time of the shaper is Tc*(1-CIR/Line_Rate). In practice, it is best to set the shaper so that the policer Bc bucket does not go below half full. This is done by ensuring that when the shaped CIR equals the policed CIR, the shaper Bc should be half of the policer Bc. It is not always possible to set the shaper Bc bucket to be smaller than the policer Bc bucket, because shapers implemented in software have a minimum configurable Tc value of 4 msec. The shaper Tc is not directly configured; instead, Bc and CIR are configured and Tc is derived from the equation Tc = Bc/CIR. This means that the shaper Bc cannot be set to less than 0.004*CIR. If the policer does not allow bursts of this size, some adjustments must be made. Possible workarounds are as follows: • Place a hardware-based shaper inline (see Figure 2-5). Examples of devices that support hardware based shaping are the Cisco Catalyst 3750 Metro Series Switches. However, the Cisco Catalyst 3750 Metro supports hardware shaping only on 1 Gigabit uplink interfaces. These interfaces do not support any speed other than 1 Gigabit. This can be a problem if the service provider is not using a 1 Gigabit interface to hand off the service. In this case, if the Cisco Catalyst 3750 Metro is to be used, the hardware shaping must occur before the customer edge (CE) router. The Cisco Catalyst 3750 Metro would attach to a router instead of directly with the service provider. The router would handle any Border Gateway Protocol (BGP) peering, security, encryption, and so on. The Cisco Catalyst 3750 Metro would provide wiring closet access and the 2-9 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Shapers versus Policers shaping. This works only if the router is being fed by a single Metro device. Of course, if more than 48 ports are needed, additional switches must be fed through the Cisco Catalyst 3750 Metro such that the hardware shaper is metering all traffic being fed into the CE router. Figure 2-5 Hardware-Based Shaper Inline • Contract a higher CIR from the service provider. As the contracted CIR approaches the line rate of the handoff circuit, the policer bucket refill rate begins to approach the drain rate. The shaper does not need to inject as much idle time. When the contracted CIR equals the line rate of the handoff circuit, shaping is no longer needed because the traffic never bursts above CIR. Testing in the lab resulted in chart shown in Figure 2-6, which can be used to determine the contracted service provider CIR necessary when shaping is required but the shapers Bc cannot be set below the maximum burst allowed by the service provider. This is often a concern when the service provider is offering a constant bit rate (CBR) service. Video is generally thought of as a variable bit rate, real-time (VBR-RT) service. Figure 2-6 Higher CIR CBR like service Pass thru Router 100 Mbs or Less Gigabit Only Hardware Shaper 2286402-10 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Shapers versus Policers Figure 2-6 shows validation results and gives some guidance about the relationship between policers and shapers. The plots are the result of lab validation where a shaper was fixed with a CIR of 15.3 Mbps and a Bc of 7650 bytes. The plot show the resulting policer drops as the policer CIR values are changed. The Y-Axis shows the drops that were reported by the service provider policer after two minutes of traffic. The X-Axis shows the configured CIR on the policer. This would be the equivalent bandwidth purchased from the provider. Six plots are displayed, each at a unique Policer Bc. This represents how tolerant the service provider is of bursts above CIR. The objective is to minimize the drops to zero at the smallest policer CIR possible. The plot that represents a Bc of 7650 bytes is of particular interest because this is the case where the policer Bc equals the shaper Bc. The results show that the policed CIR should be greater than twice that of the shaped CIR. Also note that at a policed Bc of 12 KB. This represents the smallest policer Bc that allows the policed CIR to equal to the shaped CIR. As a best practice, it is recommended that the policer Bc be at least twice large as the shaper Bc if the CIR is set to the same value. As this chart shows, if this best practice cannot be met, additional CIR must be purchased from the service provider. Key points are as follows: • Shapers do not change the speed at which packets are sent, but rather introduce idle times. • Policers allow traffic at line rate until the Bc bucket is empty. Policers do not enforce a rate, but rather a maximum burst beyond a rate. • Shapers that feed upstream policers should use a Bc that is half of the policer Bc. In the case of TelePresence, the validation results plotted above can be used to derive the following recommendations: • The shaper Tc should be 20 msec or less. At 20 msec, the number of delayed P-frames is minimized. • The cloud should be able to handle a burst of at least two times the shaper Bc value. At 20 msec Tc and 15.3 MB CIR, this would be buffer space or an equivalent policer Bc of at least 76.5 KB. • If the burst capabilities of the cloud are reduced, the shaper Tc must be reduced to maintain the 2:1 relationship (policer Bc twice that of the shaper Bc). • The minimum shaper Tc is 4 msec on most platforms. If the resulting Bc is too large, additional bandwidth can be purchased from the service provider using the information in Table 2-1. Note Table 2-1 applies to the Cisco TelePresence System 3000. Table 2-1 CIR Guidelines Policed Bc or interface buffer (Kbyte) CIR (Mbit/sec) Less than But more than 15 12 20 12 11 25 11 10 30 10 8.8 40 8.8 7.65 50 7.65 6.50 752-11 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability TxRing Because shapers can send Bc bytes at the beginning of each Tc time interval, and because shapers feed indirectly into the TxRing of the interface, it is possible to tune the TxRing to accommodate this traffic. TxRing The TxRing and RxRings are memory structures shared by the main processor and the interface processor (see Figure 2-7). This memory is arranged as a first in, first out (FIFO) queue. The ring can be thought of as a list of memory pointers. For each ring, there is a read pointer and a write pointer. The main processor and interface process each manage the pair of pointers appropriate to their function. The pointers move independently of one another. The difference between the write and read pointers gives the depth of the queue. Each pointer links a particle of memory. Particles are an efficient means of buffering packets of all different sizes within a pool of memory. A packet can be spread over multiple particles depending on the size of the packet. The pointers of a single packet form a linked list. Figure 2-7 TxRings and RxRings The rest of the discussion on Cisco IOS architecture is out of scope for this section, but some key points should be mentioned. Because a shaper can deposit Bc bytes of traffic onto an interface at the beginning of each Tc time period, the TxRing should be at least large enough to handle this traffic. The exact number of particles required depends on the average size of the packets to be sent, and the average number of particles that a packet may link across. It may not be possible to know these values in all cases. 6.50 3.0 100 3.0 0.0 N/A Table 2-1 CIR Guidelines (continued) Policed Bc or interface buffer (Kbyte) CIR (Mbit/sec) Less than But more than 15 12 20 12 11 25 11 10 30 10 8.8 40 CPU (IOS) MAC Interface Queue Interface Queue PHY 4b/5b Rx Memory Tx Memory MAC PHY 4b/5b Rx Memory Tx Memory Magnetics Magnetics 2286422-12 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Converged Video But some worst case assumptions can be made. For example, video flows typically use larger packets of approximately 1100 bytes (average). Particles are 256 bytes. An approximate calculation for a shaper configured with a CIR of 15 Mb and a Tc of 20 msec would yield a Bc of 37.5 Kb. If that much traffic is placed on the TxRing at once, it requires 146 particles. However, there are several reasons the TxRing should not be this large. First, a properly configured shaper is not active most of the time. QoS cannot re-sequence packets already on the TxRing. A smaller TxRing size is needed to allow QoS to properly prioritize traffic. Second, the downside of a TxRing that is too small is not compelling. In the case where the shaper is active and a Bc worth of data is being moved to the output interface, packets that do not fit onto the ring wait on the interface queue. Third, in a converged network with voice and video, the TxRing should be kept as small as possible. A ring size of 10 is adequate in a converged environment if a slow interface such as a DS-3 is involved. This provides the needed back-pressure for the interface queueing. In most other cases, the default setting provides the best balance between the competing objects. The default interface hold queue may not be adequate for video. There are several factors such as the speed of the link, other types of traffic that may be using the link as well as the QoS service policy. In most cases, the default value is adequate, but it can be adjusted if output drops are being reported. Converged Video Mixing video with other traffic, including other video, is possible. Chapter 4, “Medianet QoS Design Considerations” discusses techniques to mark and service various types of video. In general terms, video classification follows the information listed in Table 2-2. Queuing is not video frame-aware. Each packet is treated based solely on its markings, and the capacity of the associated queue. This means that it is possible, if not likely, that video frames can be interleaved with other types of packets. Consider a P-frame that is 20 packets deep. The encoder places those twenty packets in sequence, with the inter-packet gaps very close to the minimum 9.6 usec allowed. As these twenty packets move over congested interfaces, packets from other queues may be interleaved on the interface. This is the normal QoS function. If the video flow does not cross any interface where there is congestion, queuing is not active and the packet packing is not be disturbed. Congestion is not determined by the one-second average of the interface. Congestion occurs any time an interface has to hold packets in queue because the TxRing is full. Interfaces with excessively long TxRings are technically less congested than the same interface with the same traffic flows, but with a smaller TxRing. As mentioned above, congestion is desirable when the objective is to place priority traffic in front of non-priority traffic. When a video frame is handled in a class-based queue structure, the result at the receiving codec is additional gaps in packet spacing. The more often this occurs, the greater the fanout of the video frame. The result is referred to as application jitter. This is slightly Table 2-2 Video Classification Application Class Per-Hop Behavior Media Application Example Broadcast Video CS5 IP video surveillance/enterprise TV Real-Time Interactive CS4 TelePresence Multi-media Conferencing AF4 Unified Personal Communicator Multi-media Streaming AF3 Digital media systems (VoDs) HTTP Embedded Video DF Internal video sharing Scavenger CS1 YouTube, iTunes, Xbox Live, and so on2-13 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Bandwidth Over Subscription different than packet jitter. Consider again the P-frame of video. At 30 fps, the start of each frame is aligned on 33 msec boundaries; this means the initial packet of each frame also aligns with this timing. If all the interfaces along the path are empty, this first packet arrives at the decoding station spaced exactly 33 msec apart. The delay along the path is not important, but as the additional packets of the frame transit the interface, some TxRings may begin to fill. When this happens, the probability that a non-video packet (or video from a different flow) will be interleaved increases. The result is that even though each frame initially had zero jitter, the application cannot decode the frame until the last packet arrives. Measuring application jitter is somewhat arbitrary because not all frames are the same size. The decoder may process a small frame fairly quickly, but then have to decode a large frame. The end result is the same, the frame decode completion time is not a consistent 33 msec. Decoders employ playout buffers to address this situation. If the decoder knows the stream is not real-time, the only limit is the tolerance of the user to the initial buffering delay. Because of this, video that is non-real-time can easily be run on a converged network. The Internet is a perfect example. Because the stream is non-real-time, the video is sent as a bulk transfer. Within HTML, this usually a progressive load. The data transfer may complete long before the video has played out. What this means is that a video that was encoded at 4 Mbps flows over the network as fast as TCP allows, and can easily exceed the encoded rate. Many players make an initial measurement of TCP throughput and then buffer enough of the video such that the transfer completes just as the playout completes. If the video is real-time, the playout buffers must be as small as possible. In the case of TelePresence, a dynamic playout buffer is implemented. The duration of any playout has a direct impact on the time delay of the video. Running real-time flows on a converged network takes planning to ensure that delay and jitter are not excessive. Individual video applications each have unique target thresholds. As an example, assume a network with both real-time and non-real-time video running concurrently with data traffic. Real-time video is sensitive to application jitter. This type of jitter can occur any time there is congestion along that path. Congestion is defined as a TxRing that is full. RxRings can also saturate, but the result is more likely a drop. Traffic shapers can cause both packet jitter and application jitter. Jitter can be reduced by placing real-time video in the PQ. TxRings should be fairly small to increase the effectiveness of the PQ. The PQ should be provisioned with an adequate amount of bandwidth, as shown by Table 2-1. This is discussed in more depth in Chapter 4, “Medianet QoS Design Considerations.” Note TxRings and RxRings are memory structures found primarily in IOS-based routers. Bandwidth Over Subscription Traditionally, the network interfaces were oversubscribed in the voice network. The assumption is that not everyone will be on the phone at the same time. The ratio of oversubscription was often determined by the type of business and the expected call volumes as a percent of total handset. Oversubscription was possible because of Call Admission Control (CAC), which was an approach to legacy time-division multiplexing (TDM) call blocking. This ensured that new connections were blocked to preserve the quality of the existing connections. Without this feature, all users are negatively impacted when call volumes approached capacity. With medianet, there is not a comparable feature for video. As additional video is loaded onto a circuit, all user video experience begins to suffer. The best method is to ensure that aggregation of all real-time video does not exceed capacity, through provisioning. This is not always a matter of dividing the total bandwidth by the per-flow usage because frames are carried in grouped packets. For example, assume that two I-frames from two different flows arrive on the priority queue at the same time. The router places all the packets onto the outbound interface queue, where they drain off onto the TxRing for serialization 2-14 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Bandwidth Over Subscription on the wire. The next device upstream sees an incoming microburst twice as large as normal. If the RxRing saturates, it is possible to begin dropping packets at very modest 1 second average loads. As more video is added, the probability that multiple frames will converge increases. This can also load Tx Queues, especially if the multiple high speed source interfaces are bottlenecking into a single low-speed WAN link. Another concern is when service provider policers cannot accept large, or back-to-back bursting. Video traffic that may naturally synchronize frame transmission is of particular concern and is likely to experience drops well below 90 percent circuit utilization. Multipoint TelePresence is a good example of this type of traffic. The Cisco TelePresence Multipoint Switch replicates the video stream to each participant by swapping IP headers. Multicast interfaces with a large fanout are another example. These types of interfaces are often virtual WAN links such as Dynamic Multipoint Virtual Private Network (DMVPN), or virtual interfaces such as Frame Relay. In both cases, multipoint flows fanout at the bandwidth bottleneck. The same large packet is replicated many times and packed on the wire close to the previous packet. Buffer and queue depths of the Tx interface can be overrun. Knowing the queue buffer depth and maximum expected serialization delay is a good method to determine how much video an interface can handle before drops. When multiple video streams are on a single path, consider the probability that one frame will overlap or closely align with another frame. Some switches allow the user some granularity when allocated shared buffer space. In this case, it is wise to ensure buffers that can be expected to process long groups of real-time packets and have an adequate pool of memory. This can mean reallocating memory away from queues where packets are very periodic and groups of packets are generally small. For now, some general guidelines are presented as the result of lab verification of multipoint TelePresence. Figure 2-8 shows both the defaults and tuned buffer allocation on a Cisco Catalyst 3750G Switch. Additional queue memory has been allocated to queues where tightly spaced packets are expected. By setting the buffer allocation to reflect the anticipated packet distribution, the interface can reach a higher utilization as a percent of line speed.2-15 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Capacity Planning Figure 2-8 Default and Tuned Buffer Allocation It may take some fine tuning to discover the values most appropriate to the load placed on the queues. Settings depend on the exact mix of applications using the interface. Capacity Planning Capacity planning involves determining the following: • How much video is currently running over the network • How much future video is expected on the network • The bandwidth requirements for each type of video • The buffer requirements for each type of video The first item above is discussed in Chapter 6, “Medianet Management and Visibility Design Considerations.” Tools available in the network such as NetFlow can help understand the current video loads. The future video requirements can be more subjective. The recent trend is for more video and for that video to be HD. Even if the number of video streams stays the same, but is updated from SD to HD, the video load on the network will grow substantially. 0x000000 0x200000 0x080000 0x100000 0x180000 Q1 25% Output particle memory pool 4:1 Interface ASIC Q1 50% Q2 50% Input particle memory pool 0x0C0000 0x060000 Ports Q2 25% Q3 25% Q4 25% 0x000000 0x000000 0x200000 0x099999 0x133333 0x1E6666 Q1 30% Output particle memory pool 4:1 Interface ASIC Q1 70% Q2 - 50% Input particle memory pool 0x0C0000 0x086666 Ports Q2 30% Q3 35% Q4 - 5% 0x000000 Default Values Tuned Values 2286432-16 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Capacity Planning The bandwidth requirements for video as a 1 second smoothed average are fairly well known. Most standard definition video consumes between 1–3 MB of bandwidth. High definition video takes between 4–6 Mbps, although it can exceed this with the highest quality settings. There are some variances because of attributes such as frame rate (fps) and encoding in use. Table 2-3 lists the bandwidth requirements of common video streams found on a medianet. Table 2-3 BAndwidth Requirements of Common Video Streams Video Source Transport Encoder Frame Rate Resolution Typical Load 1 1. This does not include audio or auxiliary channels. Cisco TelePresence System 3000 H.264 30 fps 1080p 12.3 Mbps Cisco TelePresence System 3000 H.264 30 fps 720p 6.75 Mbps Cisco TelePresence System 1000 H.264 30 fps 1080p 4.1 Mbps Cisco TelePresence System 1000 H.264 30 fps 720p 2.25 Mbps Cisco 2500 Series Video Surveillance IP Camera MPEG-4 D1 (720x480) 15 fps 1 Mbps Cisco 2500 Series Video Surveillance IP Camera MPEG-4 D1 (720x480) 30 fps 2 Mbps Cisco 2500 Series Video Surveillance IP Camera M-JPEG D1 (720x480) 5 fps 2.2 Mbps Cisco 4500 Series Video Surveillance IP Camera H.264 1080p 30 fps 4–6 Mbps Cisco Digital Media System (DMS)—Show and Share VoD WMV 720x480 30 fps 1.5 Mbps Cisco Digital Media System (DMS)—Show and Share Live WMV 720x480 30 fps 1.5 Mbps Cisco DMS—Digital Sign SD (HTTP) MPEG-2 720x480 30 fps 3–5 Mbps Cisco DMS—Digital Sign HD (HTTP) MPEG-2 1080p 30 fps 13–15 Mbps Cisco DMS—Digital Sign SD (HTTP) H.264 720x480 30 fps 1.5–2.5 Mbps Cisco DMS—Digital Sign HD (HTTP) H.264 1080p 30 fps 8–12 Mbps Cisco Unified Video Advantage UDP/5445 H.264 CIF variable 768 Kbps Cisco WebEx TCP/HTTPS CIF variable 128K per small thumbnail YouTube TCP/HTTP MPEG-4 320x240 768 Kbps YouTube HD TCP/HTTP H.264 720p 2 Mbps2-17 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Load Balancing The one second smoothed average is influenced by the stream of P-frame. Although I-frames do not occur often enough to have a substantive influence over the average load, they do influence the burst size. From an overly simplified planning capacity standpoint, if a 10 percent overhead is added to the one second load, and the high end of the range is used, the planning numbers become 3.3 MB for standard definition and 6.6 MB for HD video. If you allow 25 percent as interface headroom, Table 2-4 provides some guidance for common interface speeds. Note These values are based on mathematical assumptions about the frame distribution. They give approximate guidance where only video is carried on the link. These values, as of this writing, have not yet been validated, with the exception of TelePresence, where the numbers modeled above are appropriate. In cases where the encoder setting results in larger video streams, the values given here are not appropriate. Load Balancing Inevitably, there are multiple paths between a sender and receiver. The primary goal of multiple paths is to provide an alternate route around a failure in the network. If this is done at each hop, and the metrics are equal to promote load balancing, the total number of paths can grow to be quite large. The resulting binary tree is 2^(hop count). If the hop count is 4, the number of possible paths is 16 (2^4). If there were three next hops for each destination, the total number of paths is 3^(hop count). (See Figure 2-9). Support and troubleshooting issues arise as the number of possible paths increases. These are covered in Chapter 6, “Medianet Management and Visibility Design Considerations.” Table 2-4 Common Interface Speeds Interface Provisioned Rate HD SD 10 Gbps 7.5 Gbps 1136 2272 1 Gbps 750 Mbps 113 226 155 Mbps 11633 Mbps 17 34 100 Mbps 75 Mbps 11 22 45 Mbps 33 Mbps 5 102-18 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Load Balancing Figure 2-9 Load Balancing Although not the primary purpose of redundant links, most designs attempt to use all bandwidth when it is available. In this case, it is prudent to remember that the load should be still be supported if any link fails. The more paths available, the higher utilization each path can be provisioned for. If a branch has two circuits, each circuit should run less than 50 percent load to allow failover capacity. If there are three paths available, each circuit can be provisioned to 66 percent capacity. At four paths, each is allowed to run at 75 percent total capacity, and still mathematically allow the load of any single failed path to be distributed to the remaining circuits. In the extreme case, the total bandwidth can be distributed onto so many circuits that a large size flow would congest a particular path. The exercise can easily be applied to upstream routers in addition to the feeder circuits. As is often the case, there are competing objectives. If there are too many paths, troubleshooting difficulties can extend outages and decrease overall availability. If there are too few paths, expensive bandwidth must be purchased that is rarely used, and some discipline must be employed to ensure the committed load does not grow beyond the single path capacity. Port channels or Multilink PPP are methods to provide L1 redundancy without introducing excessive Layer 3 complexity. These each introduce other complexities and will be discussed in more detail in a future version of this document. Another approach is to restrict some load that can be considered non-mission critical, such as the applications in the scavenger class. This is valid if you are willing to accept that not all applications will be afforded an alternate path. There are various ways to achieve this, from simple routing to more advanced object tracking. Consider the following guidelines when transporting video with multi-path routing: • Ensure that load balancing is per-flow and not per-packet—This helps prevent out-of-order packets. Per-flow also minimizes the chance of a single congested or failing link ruining the video. Because each frame is composed of multiple packets, in a per-packet load balancing scenario, each frame is spread over every path. If any one path has problems, the entire frame can be destroyed. • Determine a preferred path—With equal cost metrics, the actual path may be difficult to discover. Tools such as trace cannot effectively discover the path a particular flow has taken over equal cost routes, because Cisco Express Forwarding considers both the source and destination address in the hash to determine the next hop. The source address used by trace may not hash to the same path as the stream experiencing congestion. If there are problems, it takes longer to isolate the issue to a particular link if the path is not deterministic. Enhanced Interior Gateway Routing Protocol (EIGRP) provides an offset list that can be used to influence the metric of a particular route by changing its delay. To make use of this feature, mission-critical video such as TelePresence needs to be on A Side B Side 1 2 3 4 Trace Route. Total possibilities = 2” A-A-A-A A-B-A-A B-A-A-A B-B-A-A A-A-A-B A-B-A-B B-A-A-B B-B-A-B A-A-B-A A-B-B-A B-A-B-A B-B-B-A A-A-B-B A-B-B-B B-A-B-B B-B-B-B 2286442-19 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Load Balancing dedicated subnets. The specific routes need to be allowed through any summary boundaries. Offset lists are used at each hop to prefer one path over another for just that subnet (or multiple subnets, as defined in the access control list). This method is useful only to set a particular class of traffic on a determined route, while all other traffic crossing the interface is using the metric of the interface. Offset lists do take additional planning, but can be useful to manage a balanced load in a specific and known way. • When possible, load balance multiple circuits such that similar traffic is flowing together, and competing traffic is kept apart. For example, video and VoIP should both be handled in the priority queue as real-time RTP traffic. This can be done with the dual-PQ algorithm, or by setting each to prefer a unique path. Without special handling, it is possible that the large packets packed tightly in a video frame can inject jitter into the much smaller and periodic VoIP packets, especially on lower speed links where serialization delay can be a concern. • Hot Standby Routing Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP)—These are all gateway next-hop protocols. They can be used to direct media traffic off of the LAN into the routed domain. HSRP and VRRP are very similar. VRRP is an open standards protocol while HSRP is found in Cisco products. HSRP does not provide load balancing natively but does allow multiple groups to serve the same LAN. The Dynamic Host Configuration Protocol (DHCP) pool is then broken into two groups, each with its gateway address set to match one of the two HSRP standby addresses. GLBP does support native load balancing. It has only a single address, but the participating devices take turns responding to Address Resolution Protocol (ARP) requests. This allows the single IP address to be load balanced over multiple gateways on a per-client basis. This approach also allows a single DHCP pool to be used. Both HSPR and GLBP can be used in a video environment. Ideally a given LAN is mission-specific for tasks such as video surveillance, digital media signage, or TelePresence. These tasks should not be on the same LAN as other types of default traffic. This allows unique subnets to be used. The design should consider the deterministic routing in the network as discussed above. Often multiple VLANs are used for data, voice, video, and so on. In this case, it may make operational sense to set the active address of each VLAN on a predetermined path that aligns with the routing. For example, real-time voice would use box A as the active gateway, while real-time video would use box B. In the example shown in Figure 2-10, voice and video are both treated with priority handling. Data and other class-based traffic can be load balanced over both boxes.2-20 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability EtherChannel Figure 2-10 Load Balancing Example These design considerations attempt to reduce the time required to troubleshoot a problem because the interfaces in the path are known. The disadvantage of this approach is that the configurations are more complicated and require more administrative overhead. This fact can offset any gains from a predetermined path, depending on the discipline of the network operations personnel. The worst case would be a hybrid, where a predetermined path is thought to exist, but in fact does not or is not the expected path. Processes and procedures should be followed consistently to ensure that troubleshooting does not include false assumptions. In some situations, load balancing traffic may be a non-optimal but less error-prone approach. It may make operational sense to use a simplified configuration. Each situation is unique. EtherChannel It is possible to bond multiple Ethernet interfaces together to form an EtherChannel. This effectively increases the bandwidth because parallel paths are allowed at Layer 2 without spanning tree blocking any of the redundant paths. EtherChannel is documented by the IEEE as 802.ad. Although EtherChannels do effectively increase the bandwidth to the aggregation of the member interfaces, there are a few limitations worth noting. First, packets are not split among the interfaces as they are with Multilink PPP. In addition, packets from the flow will use the same interface based on a hash of that flow. There are some advantages of this approach. Packets will arrive in the same order they were sent. If a flow was sent over multiple interfaces, some resolution is needed to reorder any out of order packets. However, this also means that the bandwidth available for any single flow is still restricted to a single member interface. If many video flows hash to the same interface, then it is possible that the buffer space of that physical interface will be depleted. A Side B Side 1 2 3 4 Trace Route. Video path is predetermined and known. Troubleshooting will focus on this path only. A-A-A-A Trace Route. Data path, determined by CEF hash based on IP address source and destination. A different source address could take another path. In this example the path is: B-A-B-B 2286452-21 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Bandwidth Conservation Bandwidth Conservation There are two fundamental approaches to bandwidth management. The first approach is to ensure there is more bandwidth provisioned than required. This is easier in the campus where high speed interfaces can be used to attach equipment located in the same physical building. This may not always be possible where distance is involved, such as the WAN. In this case, it may be more cost-effective to try to minimize the bandwidth usage. Multicast Broadcast video is well suited for the bandwidth savings that can be realized with multicast. In fact, IPTV was the original driver for multicast deployments in many enterprise environments. Multicasts allow a single stream to be split by the network as it fans out to receiving stations. In a traditional point-to-point topology, the server must generate a unique network stream for every participant. If everyone is essentially getting the same video stream in real-time, the additional load on both the server and shared portions of the network can negatively impact the scalability. With a technology such as Protocol Independent Multicast (PIM), listeners join a multicast stream. If hundreds or even thousands of users have joined the stream from the same location, only one copy of that stream needs to be generated by the server and sent over the network. There are some specific cases that can benefit from multicast, but practical limitations warrant the use of unicast. Of the all various types of video found on a medianet, Cisco DMS is the best suited for multicast. This is because of the one-to-many nature of signage. The benefits are best suited when several displays are located at the same branch. The network savings are not significant when each branch has only a single display, because the fanout occurs at the WAN aggregation router, leaving the real savings for the high speed LAN interface. Aside from DMS, other video technologies have some operational restrictions that limit the benefits of multicast. For example, TelePresence does support multipoint conference calls. However, this is accomplished with a Multipoint Conferencing Unit (MCU), which allows for unique control plane activity to manage which stations are sending, and which stations are the receivers. The MCU serves as a central control device. It also manipulates information in the packet header to control screen placement. This helps ensure that participants maintain a consistent placement when a conference call has both one screen and three screen units. IP Virtual Server (IPVS) is another technology that can benefit from multicast in very specific situations. However, in most cases, the savings are not realized. Normally, the UDP/RTP steams from the camera terminate on a media server, and not directly on a display station. The users use HTTP to connect to the media server and view various cameras at the discretion of the user. Video surveillance is a many-to-one as opposed to one-to-many. Many cameras transmit video to a handful of media servers, which then serve unicast HTTP clients. For a more detailed look at video over multicast, see the Multicast chapter in the Cisco Digital Media System 5.1 Design Guide for Enterprise Medianet at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/DMS_DG/DMS_DG.html. Cisco Wide Area Application Services Cisco Wide Area Application Services (WAAS) is another technique that can be used to more efficiently use limited bandwidth. Cisco WAAS is specifically geared for all applications that run over the WAN. A typical deployment has a pair or more of Cisco Wide Area Application Engines (WAEs) on either side 2-22 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Bandwidth Conservation of the WAN. The WAEs sit in the flow of the path, and replace the segment between the WAEs with an optimized segment. Video is only one service that can benefit from WAAS. Other WASS components include the following: • TCP Flow Optimization (TFO)—This feature can help video that is transported in TCP sessions (see Figure 2-11). The most common TCP transport for video is HTTP or HTTPS. There are also video control protocols such as RTSP and RTP Control Protocol (RTCP) that use TCP and benefit from WAAS, such as Cisco DMS. TFO can shield the TCP session from WAN conditions such as loss and congestion. TFO is able to better manage the TCP windowing function. Whereas normal TCP cuts the window size in half and then slowly regains windowing depth, TFO uses an sophisticated algorithm to set window size and recover from lost packets. Video that is transported over TCP can benefit from WAAS, including Adobe Flash, Quicktime, and HTTP, which commonly use TCP. RTP or other UDP flows do not benefit from TFO. Figure 2-11 TFO • Data Redundancy Elimination—WAAS can discover repeating patterns in the data. The pattern is then replaced with an embedded code that the paired device recognizes and replaces with the pattern. Depending on the type of traffic, this can represent a substantial savings in bandwidth. This feature is not as useful with video, because the compression used by the encoders tends to eliminate any redundancy in the data. There may still be gains in the control plane being used by video. Commonly these are Session Initiation Protocol (SIP) or RTSP. • Persistent LZ Compression—This is a compression technique that also looks for mutual redundancy, but in the bit stream, outside of byte boundaries. The video codecs have already compressed the bit stream using one of two techniques, context-adaptive binary arithmetic coding (CABAC) or context-adaptive variable-length coding (CAVLC). LZ Compression and CABAC/CAVLC are both forms of entropy encoding. By design, these methods eliminate any mutual redundancy. This means that compressing a stream a second time does not gain any appreciable savings. This is the case with LZ compression of a video stream. The gains are modest at best. Cisco Application and Content Network Systems Cisco Application and Content Network Systems (ACNS) is another tool that can better optimize limited WAN bandwidth. Cisco ACNS runs on the Cisco WAE product family as either a content engine or content distribution manager. Cisco ACNS saves WAN bandwidth by caching on-demand content or prepositioning content locally. When many clients in a branch location request this content, ACNS can fulfill the request locally, thereby saving repeated requests over the WAN. Of the four technologies that form a medianet, ACNS is well suited for Cisco DMS and desktop broadcast video. For more information, see the Cisco Digital Media System 5.1 Design Guide for Enterprise Medianet at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/DMS_DG/DMS_dgbk.pdf. TCP Flow Optimized WAN WCCP 2286462-23 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Multiprotocol Environments Cisco Performance Routing Cisco Performance Routing (PfR) is a feature available in Cisco routers that allows the network to make routing decisions based on network performance. This tool can be used to ensure that the WAN is meeting specific metrics such as loss, delay, and jitter. PfR can operate in either a passive or active mode. One or more border routers is placed at the edge of the WAN. A master controller collects performance information from the border routers and makes policy decisions. These decisions are then distributed to the border routers for implementation. Figure 2-12 shows a typical topology. Figure 2-12 Typical Topology using PfR Multiprotocol Environments In the early days of networking, it was common to see multiple protocols running simultaneously. Many networks carried IP, Internetwork Packet Exchange (IPX), Systems Network Architecture (SNA), and perhaps AppleTalk or DEC. It was not uncommon for an IPX Service Advertising Protocol (SAP) update to occasionally cause 3270 sessions to clock. Modern networks are increasingly IP only, yet convergence remains a concern for the same reason: large blocks of packets are traveling together with small time-sensitive packets. The difference now is that the large stream is also time-sensitive. QoS is the primary tool currently used to ensure that bandwidth is used as efficiently as possible. This feature allows UPD RTP video to be transported on the same network as TCP-based non-real-time video and mission-critical data applications. In addition to many different types of video along with traditional data and voice, new sophisticated features are being added to optimize performance, including those discussed here: Cisco WAAS, multicast, Cisco ACNS, PfR, and so on, as well as other features to support QoS, security, and visibility. New features are continuously being developed to further improve network performance. The network administrator is constantly challenged to ensure that the features are working together to obtain the desired result. In most cases, features are agnostic and do not interfere with one another. Note Future revisions to this chapter will include considerations where this is not the case. For example, security features can prevent WAAS from properly functioning. 228647 Master Controller Border Router Border Router Multiple external AS paths policy prefix Campus Network2-24 Medianet Reference Guide OL-22201-01 Chapter 2 Medianet Bandwidth and Scalability Summary Summary Bandwidth is an essential base component of a medianet architecture. Other features can help to maximize the utilization of the circuit in the network, but do not replace the need to adequately provisioned links. Because CAC-like functionality is not yet available for video, proper planning should accommodate the worst-case scenario when many HD devices are present. When network bandwidth saturates, all video suffers. Near-perfect HD video is necessary to maximize the potential in productivity gains. Bandwidth is the foundational component of meeting this requirement, but not the only service needed. Other functionality such as QoS, availability, security, management, and visibility are also required. These features cannot be considered standalone components, but all depend on each other. Security requires good management and visibility. QoS requires adequate bandwidth. Availability depends on effective security. Each feature must be considered in the context of an overall medianet architecture.C H A P T E R 3-1 Medianet Reference Guide OL-22201-01 3 Medianet Availability Design Considerations The goal of network availability technologies is to maximize network uptime such that the network is always ready and able to provide needed services to critical applications, such as TelePresence or other critical network video. Network video has varying availability requirements. At one extreme, if a single packet is lost, the user likely notices an artifact in the video. One the other extreme, video is a unidirectional session; the camera always sends packets and the display always receives packets. When an outage occurs, the camera may not recognize it, and continue to send video packets. Upper layer session control protocols, such as Session Initiation Protocol (SIP) and Real-Time Streaming Protocol (RTSP), are responsible to validate the path. Video applications may respond differently to session disruptions. In all cases, the video on the display initially freezes at the last received frame, and looks to the session control for some resolution. If the packet stream is restored, quite often the video recovers without having to restart the session. TelePresence can recover after a 30-second network outage before SIP terminates the call. Broadcast video may be able to go longer. Availability techniques should be deployed such that the network converges faster than the session control protocol hello interval. The user notices that the video has frozen, but in most cases, the stream recovers without having to restart the media. Network Availability Network availability is the cornerstone of network design, on which all other services depend. The three primary causes of network downtime are as follows: • Hardware failures, which can include system and sub-component failures, as well as power failures and network link failures • Software failures, which can include incompatibility issues and bugs • Operational processes, which mainly include human error; however, poorly-defined management and upgrading processes may also contribute to operational downtime To offset these types of failures, the network administrator attempts to provision the following types of resiliency: • Device resiliency—Deploying redundant hardware (including systems, supervisors, line cards, and power-supplies) that can failover in the case of hardware and/or software failure events • Network resiliency—Tuning network protocols to detect and react to failure events as quickly as possible • Operational resiliency—Examining and defining processes to maintain and manage the network, leveraging relevant technologies that can reduce downtime, including provisioning for hardware and software upgrades with minimal downtime (or optimally, with no downtime)3-2 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Note Because the purpose of this overview of availability technologies is to provide context for the design chapters to follow, this discussion focuses on device and network resiliency, rather than operational resiliency. Network availability can be quantitatively measured by using the formula shown in Figure 3-1, which correlates the mean time between failures (MTBF) and the mean time to repair (MTTR) such failures. Figure 3-1 Availability Formula For example, if a network device has an MTFB of 10,000 hours and an MTTR of 4 hours, its availability can be expressed as 99.96 percent[(10,000)/(10,000 + 4), converted to a percentage]. Therefore, from this formula it can be seen that availability can be improved by either increasing the MTBF of a device (or network), or by decreasing the MTTR of the same. The most effective way to increase the MTBF of a device (or network) is to design with redundancy. This can be mathematically proven by comparing the availability formula of devices connected in serial (without redundancy) with the formula of devices connected in parallel (with redundancy). The availability of devices connected in series is shown in Figure 3-2. Figure 3-2 Availability Formula for Devices Connected in Serial S1 and S2 represent two separate systems (which may be individual devices or even networks). A1 and A2 represent the availability of each of these systems, respectively. Aseries represents the overall availability of these systems connected in serial (without redundancy). For example, if the availability of the first device (S1) is 99.96 percent and the availability of the second device (S2) is 99.98 percent, the overall system availability, with these devices connected serially, is 99.94 percent (99.96% x 99.98%). Therefore, connecting devices in serial actually reduces the overall availability of the network. In contrast, consider the availability of devices connected in parallel, as shown in Figure 3-3. Availability = MTBF MTBF + MRRT 228666 223825 S1 S2 S1 , S2 - Series Components Aseries = A1 x A2 System is available when both components are available:3-3 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Figure 3-3 Availability Formula for Devices Connected in Parallel S3 and S4 represent two separate systems (devices or networks). A3 and A4 represent the availability of each of these systems, respectively. Aparallel represents the overall availability of these systems connected in parallel (with redundancy). Continuing the example, using the same availability numbers for each device as before yields an overall system availability, with these devices connected in parallel, of 99.999992 percent [1-(1-99.96%) * (1-99.98%)]. Therefore, connecting devices in parallel significantly increases the overall availability of the combined system. This is a foundational principle of available network design, where individual devices as well as networks are designed to be fully redundant, whenever possible. Figure 3-4 illustrates applying redundancy to network design and its corresponding effect on overall network availability. Figure 3-4 Impact of Redundant Network Design on Network Availability A five nines network (a network with 99.999 percent availability) has been considered the hallmark of excellent enterprise network design for many years. However, a five nines network allows for only five minutes of downtime per year. 223826 S3 S4 S3 , S4 - Parallel Components Aparallel = 1 – (1 – A1 ) x (1 – A2 ) System is unavailable when both components are unavailable: Reliability = 99.938% with Four Hour MTTR (325 Minutes/Year) Reliability = 99.961% with Four Hour MTTR (204 Minutes/Year) Reliability = 99.9999% with Four Hour MTTR (30 Seconds/Year) 2236903-4 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Another commonly used metric for measuring availability is defects per million (DPM). Measuring the probability of failure of a network and establishing the service-level agreement (SLA) that a specific design is able to achieve is a useful tool, but DPM takes a different approach by measuring the impact of defects on the service from the end-user perspective. This is often a better metric for determining the availability of the network because it better reflects the user experience relative to event effects. DPM is calculated based on taking the total affected user minutes for each event, total users affected, and the duration of the event, as compared to the total number of service minutes available during the period in question. The sum of service downtime minutes is divided by the total service minutes and multiplied by 1,000,000, as shown in Figure 3-5. Figure 3-5 Defects Per Million Calculation For example, if a company of 50 employees suffers two separate outages during the course of a year, with the first outage affecting 12 users for 4 hours and the second outage affecting 25 users for 2 hours, the total DPM is 224 [[[(12 users x 240 min)+(25 users x 120 min)]/(50 users x 525,960 min/year)]x 1,000,000, rounded]. Note The benefit of using a “per-million” scale in a defects calculation is that it allows the final ratio to be more readable, given that this ratio becomes extremely small as availability improves. DPM is useful because it is a measure of the observed availability and considers the impact to the end user as well as the network itself. Adding this user experience element to the question of network availability is very important to understand, and is becoming a more important part of the question of what makes a highly available network. Table 3-1 summarizes the availability targets, complete with their DPM and allowable downtime/year. Having reviewed these availability principles, metrics, and targets, the next section discusses some of the availability technologies most relevant for systems and networks supporting TelePresence systems. DPM = ?(number of users affected * Outage Minutes) Total Users *Total Service Minutes 228667 Table 3-1 Availability, DPM, and Downtime Availability (Percent) DPM Downtime/Year 99.000 10,000 3 days, 15 hours, 36 minutes 99.500 5,000 1 day, 19 hours, 48 minutes 99.900 1,000 8 hours, 46 minutes 99.950 500 4 hours, 23 minutes 99.990 100 53 minutes 99.999 10 5 minutes 99.9999 1 0.5 minutes3-5 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Device Availability Technologies Device Availability Technologies Every network design has single points of failure, and the overall availability of the network might depend on the availability of a single device. The access layer of a campus network is a prime example of this. Every access switch represents a single point of failure for all the attached devices (assuming that the endpoints are single-homed; this does not apply to endpoint devices that are dual-homed). Ensuring the availability of the network services often depends on the resiliency of the individual devices. Device resiliency, as with network resiliency, is achieved through a combination of the appropriate level of physical redundancy, device hardening, and supporting software features. Studies indicate that most common failures in campus networks are associated with Layer 1 failures, from components such as power supplies, fans, and fiber links. The use of diverse fiber paths with redundant links and line cards, combined with fully redundant power supplies and power circuits, are the most critical aspects of device resiliency. The use of redundant power supplies becomes even more critical in access switches with the introduction of power over Ethernet (PoE) devices such as IP phones. Multiple devices now depend on the availability of the access switch and its ability to maintain the necessary level of power for all the attached end devices. After physical failures, the most common cause of device outage is often related to the failure of supervisor hardware or software. The network outages caused by the loss or reset of a device because of supervisor failure can be addressed through the use of supervisor redundancy. Cisco Catalyst switches provide the following mechanisms to achieve this additional level of redundancy: • Cisco StackWise and Cisco StackWise-Plus • Cisco non-stop forwarding (NSF) with stateful switchover (SSO) Both these mechanisms, which are discussed in the following sections, provide for a hot active backup for the switching fabric and control plane, thus ensuring that data forwarding and the network control plane seamlessly recover (with sub-second traffic loss, if any) during any form of software or supervisor hardware crash. Cisco StackWise and Cisco StackWise Plus Cisco StackWise and Cisco StackWise Plus technologies are used to create a unified, logical switching architecture through the linkage of multiple, fixed configuration Cisco Catalyst 3750G and/or Cisco Catalyst 3750E switches. Cisco Catalyst 3750G switches use StackWise technology and Cisco Catalyst 3750E switches can use either StackWise or StackWise Plus. StackWise Plus is used only if all switches within the group are 3750E switches; whereas, if some switches are 3750E and others are 3750G, StackWise technology is used. Note “StackWise” is used in this section to refer to both Cisco StackWise and Cisco StackWise Plus technologies, with the exception of explicitly pointing out the differences between the two at the end of this section. Cisco StackWise technology intelligently joins individual switches to create a single switching unit with a 32-Gbps switching stack interconnect. Configuration and routing information is shared by every switch in the stack, creating a single switching unit. Switches can be added to and deleted from a working stack without affecting availability.3-6 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Device Availability Technologies The switches are united into a single logical unit using special stack interconnect cables that create a bidirectional closed-loop path. This bidirectional path acts as a switch fabric for all the connected switches. Network topology and routing information are updated continuously through the stack interconnect. All stack members have full access to the stack interconnect bandwidth. The stack is managed as a single unit by a master switch, which is elected from one of the stack member switches. Each switch in the stack has the capability to behave as a master in the hierarchy. The master switch is elected and serves as the control center for the stack. Each switch is assigned a number. Up to nine separate switches can be joined together. Each stack of Cisco Catalyst 3750 Series Switches has a single IP address and is managed as a single object. This single IP management applies to activities such as fault detection, VLAN creation and modification, security, and quality of service (QoS) controls. Each stack has only one configuration file, which is distributed to each member in the stack. This allows each switch in the stack to share the same network topology, MAC address, and routing information. In addition, this allows for any member to immediately take over as the master, in the event of a master failure. To efficiently load balance the traffic, packets are allocated between two logical counter-rotating paths. Each counter-rotating path supports 16 Gbps in both directions, yielding a traffic total of 32 Gbps bidirectionally. When a break is detected in a cable, the traffic is immediately wrapped back across the single remaining 16-Gbps path (within microseconds) to continue forwarding. Switches can be added and deleted to a working stack without affecting stack availability. However, adding additional switches to a stack may have QoS performance implications, as is discussed in more in Chapter 4, “Medianet QoS Design Considerations.” Similarly, switches can be removed from a working stack with no operational effect on the remaining switches. Stacks require no explicit configuration, but are automatically created by StackWise when individual switches are joined together with stacking cables, as shown in Figure 3-6. When the stack ports detect electromechanical activity, each port starts to transmit information about its switch. When the complete set of switches is known, the stack elects one of the members to be the master switch, which becomes responsible for maintaining and updating configuration files, routing information, and other stack information. Figure 3-6 Cisco Catalyst 3750G StackWise Cabling Each switch in the stack can serve as a master, creating a 1:N availability scheme for network control. In the unlikely event of a single unit failure, all other units continue to forward traffic and maintain operation. Furthermore, each switch is initialized for routing capability and is ready to be elected as master if the current master fails. Subordinate switches are not reset so that Layer 2 forwarding can continue uninterrupted. The following are the three main differences between StackWise and StackWise Plus: • StackWise uses source stripping and StackWise Plus uses destination stripping (for unicast packets). Source stripping means that when a packet is sent on the ring, it is passed to the destination, which copies the packet, and then lets it pass all the way around the ring. When the packet has traveled all 3-7 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Device Availability Technologies the way around the ring and returns to the source, it is stripped off the ring. This means bandwidth is used up all the way around the ring, even if the packet is destined for a directly attached neighbor. Destination stripping means that when the packet reaches its destination, it is removed from the ring and continues no further. This leaves the rest of the ring bandwidth free to be used. Thus, the throughput performance of the stack is multiplied to a minimum value of 64 Gbps bidirectionally. This ability to free up bandwidth is sometimes referred to as spatial reuse. Note Even in StackWise Plus, broadcast and multicast packets must use source stripping because the packet may have multiple targets on the stack. • StackWise Plus can locally switch, whereas StackWise cannot. Furthermore, in StackWise, because there is no local switching and there is source stripping, even locally destined packets must traverse the entire stack ring. • StackWise Plus supports up to two Ten Gigabit Ethernet ports per Cisco Catalyst 3750-E. Finally, both StackWise and StackWise Plus can support Layer 3 non-stop forwarding (NSF) when two or more nodes are present in a stack. Non-Stop Forwarding with Stateful Switch Over Stateful switchover (SSO) is a redundant route- and/or switch-processor availability feature that significantly reduces MTTR by allowing extremely fast switching between the main and backup processors. SSO is supported on routers (such as the Cisco 7600, 10000, and 12000 Series) and switches (such as the Cisco Catalyst 4500 and 6500 Series). Before discussing the details of SSO, a few definitions may be helpful. For example, state in SSO refers to maintaining between the active and standby processors, among many other elements, the protocol configurations and current status of the following: • Layer 2 (L2) • Layer 3 (L3) • Multicast • QoS policy • Access list policy • Interface Also, the adjectives cold, warm, and hot are used to denote the readiness of the system and its components to assume the network services functionality and the job of forwarding packets to their destination. These terms appear in conjunction with Cisco IOS verification command output relating to NSF/SSO, as well as with many high availability feature descriptions. These terms are generally defined as follows: • Cold—The minimum degree of resiliency that has been traditionally provided by a redundant system. A redundant system is cold when no state information is maintained between the backup or standby system and the system to which it offers protection. Typically, a cold system must complete a boot process before it comes online and is ready to take over from a failed system. • Warm—A degree of resiliency beyond the cold standby system. In this case, the redundant system has been partially prepared, but does not have all the state information known by the primary system to take over immediately. Additional information must be determined or gleaned from the traffic flow or the peer network devices to handle packet forwarding. A warm system is already booted and needs to learn or generate only the state information before taking over from a failed system.3-8 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Device Availability Technologies • Hot—The redundant system is fully capable of handling the traffic of the primary system. Substantial state information has been saved, so the network service is continuous, and the traffic flow is minimally or not affected. To better understand SSO, it may be helpful to consider its operation in detail within a specific context, such as within a Cisco Catalyst 6500 with two supervisors per chassis. The supervisor engine that boots first becomes the active supervisor engine. The active supervisor is responsible for control plane and forwarding decisions. The second supervisor is the standby supervisor, which does not participate in the control or data plane decisions. The active supervisor synchronizes configuration and protocol state information to the standby supervisor, which is in a hot standby mode. As a result, the standby supervisor is ready to take over the active supervisor responsibilities if the active supervisor fails. This take-over process from the active supervisor to the standby supervisor is referred to as a switchover. Only one supervisor is active at a time, and supervisor engine redundancy does not provide supervisor engine load balancing. However, the interfaces on a standby supervisor engine are active when the supervisor is up and thus can be used to forward traffic in a redundant configuration. NSF/SSO evolved from a series of progressive enhancements to reduce the impact of MTTR relating to specific supervisor hardware/software network outages. NSF/SSO builds on the earlier work known as Route Processor Redundancy (RPR) and RPR Plus (RPR+). Each of these redundancy modes of operation incrementally improves on the functions of the previous mode. • RPR-RPR is the first redundancy mode of operation introduced in Cisco IOS Software. In RPR mode, the startup configuration and boot registers are synchronized between the active and standby supervisors, the standby is not fully initialized, and images between the active and standby supervisors do not need to be the same. Upon switchover, the standby supervisor becomes active automatically, but it must complete the boot process. In addition, all line cards are reloaded and the hardware is reprogrammed. Because the standby supervisor is cold, the RPR switchover time is two or more minutes. • RPR+-RPR+ is an enhancement to RPR in which the standby supervisor is completely booted and line cards do not reload upon switchover. The running configuration is synchronized between the active and the standby supervisors. All synchronization activities inherited from RPR are also performed. The synchronization is done before the switchover, and the information synchronized to the standby is used when the standby becomes active to minimize the downtime. No link layer or control plane information is synchronized between the active and the standby supervisors. Interfaces may bounce after switchover, and the hardware contents need to be reprogrammed. Because the standby supervisor is warm, the RPR+ switchover time is 30 or more seconds. • NSF with SSO-NSF works in conjunction with SSO to ensure Layer 3 integrity following a switchover. It allows a router experiencing the failure of an active supervisor to continue forwarding data packets along known routes while the routing protocol information is recovered and validated. This forwarding can continue to occur even though peering arrangements with neighbor routers have been lost on the restarting router. NSF relies on the separation of the control plane and the data plane during supervisor switchover. The data plane continues to forward packets based on pre-switchover Cisco Express Forwarding information. The control plane implements graceful restart routing protocol extensions to signal a supervisor restart to NSF-aware neighbor routers, reform its neighbor adjacencies, and rebuild its routing protocol database (in the background) following a switchover. Because the standby supervisor is hot, the NSF/SSO switchover time is 0–3 seconds. As previously described, neighbor nodes play a role in NSF function. A node that is capable of continuous packet forwarding during a route processor switchover is NSF-capable. Complementing this functionality, an NSF-aware peer router can enable neighbor recovery without resetting adjacencies, and support routing database re-synchronization to occur in the background. Figure 3-5 illustrates the difference between NSF-capable and NSF-aware routers. To gain the greatest benefit from NSF/SSO deployment, NSF-capable routers should be peered with NSF-aware routers 3-9 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Device Availability Technologies (although this is not absolutely required for implementation), because only a limited benefit is achieved unless routing peers are aware of the ability of the restarting node to continue packet forwarding and assist in restoring and verifying the integrity of the routing tables after a switchover. Figure 3-7 NSF-Capable Compared to NSF-Aware Routers Cisco Nonstop Forwarding and Stateful Switchover are designed to be deployed together. NSF relies on SSO to ensure that links and interfaces remain up during switchover, and that the lower layer protocol state is maintained. However, it is possible to enable SSO with or without NSF, because these are configured separately. The configuration to enable SSO is very simple, as follows: Router(config)#redundancy Router(config-red)#mode sso NSF, on the other hand, is configured within the routing protocol itself, and is supported within Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), Intermediate System to Intermediate System (IS-IS), and (to an extent) Border Gateway Protocol (BGP). Sometimes NSF functionality is also called graceful-restart. To enable NSF for EIGRP, enter the following commands: Router(config)# router eigrp 100 Router(config-router)# nsf Similarly, to enable NSF for OSPF, enter the following commands: Router(config)# router ospf 100 Router(config-router)# nsf Continuing the example, to enable NSF for IS-IS, enter the following commands: Router(config)#router isis level2 Router(config-router)#nsf cisco And finally, to enable NSF/graceful-restart for BGP, enter the following commands: Router(config)#router bgp 100 Router(config-router)#bgp graceful-restart 228669 NSF-Capable NSF-Aware3-10 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies You can see from the example of NSF that the line between device-level availability technologies and network availability technologies is sometimes uncertain. A discussion of more network availability technologies follows. Network Availability Technologies Network availability technologies, which include link integrity protocols, link bundling protocols, loop detection protocols, first-hop redundancy protocols (FHRPs) and routing protocols, are used to increase the resiliency of devices connected within a network. Network resiliency relates to how the overall design implements redundant links and topologies, and how the control plane protocols are optimally configured to operate within that design. The use of physical redundancy is a critical part of ensuring the availability of the overall network. In the event of a network device failure, having a path means that the overall network can continue to operate. The control plane capabilities of the network provide the ability to manage the way in which the physical redundancy is leveraged, the network load balances traffic, the network converges, and the network is operated. The following basic principles can be applied to network availability technologies: • Wherever possible, leverage the ability of the device hardware to provide the primary detection and recovery mechanism for network failures. This ensures both a faster and a more deterministic failure recovery. • Implement a defense-in-depth approach to failure detection and recovery mechanisms. Multiple protocols, operating at different network layers, can complement each other in detecting and reacting to network failures. • Ensure that the design is self-stabilizing. Use a combination of control plane modularization to ensure that any failures are isolated in their impact and that the control plane prevents flooding or thrashing conditions from arising. These principles are intended to complement the overall structured modular design approach to the network architecture and to re-enforce good resilient network design practices. Note A complete discussion of all network availability technologies and best practices could easily fill an entire volume. Therefore, this discussion introduces only an overview of the most relevant network availability technologies for TelePresence enterprise network deployments. The following sections discuss L2 and L3 network availability technologies. L2 Network Availability Technologies L2 network availability technologies that particularly relate to TelePresence network design include the following: • Unidirectional Link Detection (UDLD) • IEEE 802.1d Spanning Tree Protocol (STP) • Cisco Spanning Tree Enhancements • IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) • Trunks, Cisco Inter-Switch Link, and IEEE 802.1Q • EtherChannels, Cisco Port Aggregation Protocol, and IEEE 802.3ad3-11 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies • Cisco Virtual Switching System (VSS) Each of these L2 technologies are discussed in the following sections. UniDirectional Link Detection UDLD protocol is a Layer 2 protocol, which uses a keep-alive to test that the switch-to-switch links are connected and operating correctly. Enabling UDLD is a prime example of how a defense-in-depth approach to failure detection and recovery mechanisms can be implemented, because UDLD (an L2 protocol) acts as a backup to the native Layer 1 unidirectional link detection capabilities provided by IEEE 802.3z (Gigabit Ethernet) and 802.3ae (Ten Gigabit Ethernet) standards. The UDLD protocol allows devices connected through fiber optic or copper Ethernet cables connected to LAN ports to monitor the physical configuration of the cables and detect when a unidirectional link exists. When a unidirectional link is detected, UDLD shuts down the affected LAN port and triggers an alert. Unidirectional links, such as shown in Figure 3-8, can cause a variety of problems, including spanning tree topology loops. Figure 3-8 Unidirectional Link Failure You can configure UDLD to be globally enabled on all fiber ports by entering the following command: Switch(config)#udld enable Additionally, you can enable UDLD on individual LAN ports in interface mode, by entering the following commands: Switch(config)#interface GigabitEthernet8/1 Switch(config-if)#udld port Interface configurations override global settings for UDLD. IEEE 802.1D Spanning Tree Protocol IEEE 802.1D STP prevents loops from being formed when switches are interconnected via multiple paths. STP implements the spanning tree algorithm by exchanging Bridge Protocol Data Unit (BPDU) messages with other switches to detect loops, and then removes the loop by shutting down selected switch interfaces. This algorithm guarantees that there is only one active path between two network devices, as illustrated in Figure 3-9. TX TX RX RX Switch A Switch B 2286703-12 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Figure 3-9 STP-Based Redundant Topology STP prevents a loop in the topology by transitioning all (STP-enabled) ports through four STP states: • Blocking—The port does not participate in frame forwarding. STP can take up to 20 seconds (by default) to transition a port from blocking to listening. • Listening—The port transitional state after the blocking state when the spanning tree determines that the interface should participate in frame forwarding. STP takes 15 seconds (by default) to transition between listening and learning. • Learning—The port prepares to participate in frame forwarding. STP takes 15 seconds (by default) to transition from learning to forwarding (provided such a transition does not cause a loop; otherwise, the port is be set to blocking). • Forwarding—The port forwards frames. Figure 3-10 illustrates the STP states, including the disabled state. STP Blocked Link Si Si Si Si Si Si 2286713-13 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Figure 3-10 STP Port States You can enable STP globally on a per-VLAN basis, using Per-VLAN Spanning-Tree (PVST), by entering the following command: Switch(config)# spanning-tree vlan 100 The two main availability limitations for STP are as follows: • To prevent loops, redundant ports are placed in a blocking state and as such are not used to forward frames/packets. This significantly reduces the advantages of redundant network design, especially with respect to network capacity and load sharing. • Adding up all the times required for STP port-state transitions shows that STP can take up to 50 seconds to converge on a loop-free topology. Although this may have been acceptable when the protocol was first designed, it is certainly unacceptable today. Both limitations are addressable using additional technologies. The first limitation can be addressed by using the Cisco Virtual Switching System (VSS), discussed later in this section; and the second limitation can be addressed by various enhancements that Cisco developed for STP, as is discussed next. Cisco Spanning Tree Enhancements To improve STP convergence times, Cisco has made a number of enhancements to 802.1D STP, including the following: • PortFast (with BPDU Guard) • UplinkFast • BackboneFast STP PortFast causes a Layer 2 LAN port configured as an access port to enter the forwarding state immediately, bypassing the listening and learning states. PortFast can be used on Layer 2 access ports connected to a single workstation or server to allow those devices to connect to the network immediately, instead of waiting for STP to converge, because interfaces connected to a single workstation or server should not receive BPDUs. Because the purpose of PortFast is to minimize the time that access ports must wait for STP to converge, it should only be used on access ports. Optionally, for an additional level of security, PortFast may be enabled with BPDU Guard, which immediately shuts down a port that has received a BPDU. Power-on initialization Blocking state 43569 Listening state Disabled state Learning state Forwarding state3-14 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies You can enable PortFast globally (along with BPDU Guard), or on a per-interface basis, by entering the following commands: Switch(config)# spanning-tree portfast default Switch(config)# spanning-tree portfast bpduguard default UplinkFast provides fast convergence after a direct link failure and achieves load balancing between redundant Layer 2 links, as shown in Figure 3-11. If a switch detects a link failure on the currently active link (a direct link failure), UplinkFast unblocks the blocked port on the redundant link port and immediately transitions it to the forwarding state without going through the listening and learning states. This switchover takes approximately one to five seconds. Figure 3-11 UplinkFast Recovery Example After Direct Link Failure UplinkFast is enabled globally, as follows: Switch(config)# spanning-tree uplinkfast In contrast, BackboneFast provides fast convergence after an indirect link failure, as shown in Figure 3-12. This switchover takes approximately 30 seconds (yet improves on the default STP convergence time by 20 seconds). Figure 3-12 BackboneFast Recovery Example After Indirect Link Failure BackboneFast is enabled globally, as follows: Switch(config)# spanning-tree backbonefast These Cisco-proprietary enhancements to 802.1D STP were adapted and adopted into a new standard for STP, IEEE 802.1w or Rapid Spanning-Tree Protocol (RSTP), which is discussed next. Switch A (Root) Link failure L1 L2 L3 Switch B Switch C UplinkFast transitions port directly to forwarding state 228672 Switch A (Root) Link failure L1 L2 L3 Switch B Switch C BackboneFast transitions port through listening and learning states to forwarding state 2286733-15 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies IEEE 802.1w-Rapid Spanning Tree Protocol RSTP is an evolution of the 802.1D STP standard. RSTP is a Layer 2 loop prevention algorithm like 802.1D; however, RSTP achieves rapid failover and convergence times, because RSTP is not a timer-based spanning tree algorithm (STA) like 802.1D; but rather a handshake-based spanning tree algorithm. Therefore, RSTP offers an improvement of over 30 seconds or more, as compared to 802.1D, in transitioning a link into a forwarding state. There are the following three port states in RSTP: • Learning • Forwarding • Discarding The disabled, blocking, and listening states from 802.1D have been merged into a unique 802.1w discarding state. Rapid transition is the most important feature introduced by 802.1w. The legacy STA passively waited for the network to converge before moving a port into the forwarding state. Achieving faster convergence was a matter of tuning the conservative default timers, often sacrificing the stability of the network. RSTP is able to actively confirm that a port can safely transition to forwarding without relying on any timer configuration. There is a feedback mechanism that operates between RSTP-compliant bridges. To achieve fast convergence on a port, the RSTP relies on two new variables: edge ports and link type. The edge port concept basically corresponds to the PortFast feature. The idea is that ports that are directly connected to end stations cannot create bridging loops in the network and can thus directly transition to forwarding (skipping the 802.1D listening and learning states). An edge port does not generate topology changes when its link toggles. Unlike PortFast, however, an edge port that receives a BPDU immediately loses its edge port status and becomes a normal spanning tree port. RSTP can achieve rapid transition to forwarding only on edge ports and on point-to-point links. The link type is automatically derived from the duplex mode of a port. A port operating in full-duplex is assumed to be point-to-point, while a half-duplex port is considered as a shared port by default. In switched networks today, most links are operating in full-duplex mode and are therefore treated as point-to-point links by RSTP. This makes them candidates for rapid transition to forwarding. Like STP, you can enable RSTP globally on a per-VLAN basis, also referred to as Rapid-Per-VLAN-Spanning Tree (Rapid-PVST) mode, using the following command: Switch(config)# spanning-tree mode rapid-pvst Beyond STP, there are many other L2 technologies that also play a key role in available network design, such as trunks, which are discussed in the following section. Trunks, Cisco Inter-Switch Link, and IEEE 802.1Q A trunk is a point-to-point link between two networking devices (switches and/or routers) capable of carrying traffic from multiple VLANs over a single link. VLAN frames are encapsulated with trunking protocols to preserve logical separation of traffic while transiting the trunk. There are two trunking encapsulations available to Cisco devices: • Inter-Switch Link (ISL)—ISL is a Cisco-proprietary trunking encapsulation. • IEEE 802.1Q—802.1Q is an industry-standard trunking encapsulation. Trunks may be configured on individual links or on EtherChannel bundles (discussed in the following section). ISL encapsulates the original Ethernet frame with both a header and a field check sequence (FCS) trailer, 3-16 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies for a total of 30 bytes of encapsulation. ISL trunking can be configured on a switch port interface, as shown in Example 3-1. The trunking mode is set to ISL, and the VLANs permitted to traverse the trunk are explicitly identified; in this example, VLANs 2 and 102 are permitted over the ISL trunk. Example 3-1 ISL Trunk Example Switch(config)#interface GigabitEthernet8/3 Switch(config-if)# switchport Switch(config-if)# switchport trunk encapsulation isl Switch(config-if)# switchport trunk allowed 2, 102 In contrast with ISL, 801.1Q does not actually encapsulate the Ethernet frame, but rather inserts a 4-byte tag after the source address field, as well as recomputes a new FCS, as shown in Figure 3-13. This tag not only preserves VLAN information, but also includes a 3-bit field for class of service (CoS) priority (which is discussed in more detail in Chapter 4, “Medianet QoS Design Considerations”). Figure 3-13 IEEE 802.1Q Tagging IEEE 802.1Q also supports the concept of a native VLAN. Traffic sourced from the native VLAN is not tagged, but is rather simply forwarded over the trunk. As such, only a single native VLAN can be configured for an 802.1Q trunk, to preserve logical separation. Note Because traffic from the native VLAN is untagged, it is important to ensure that the same native VLAN be specified on both ends of the trunk. Otherwise, this can cause a routing blackhole and potential security vulnerability. IEEE 802.1Q trunking is likewise configured on a switch port interface, as shown in Example 3-2. The trunking mode is set to 802.1Q, and the VLANs permitted to traverse the trunk are explicitly identified; in this example, VLANs 3 and 103 are permitted over the 802.1Q trunk. Additionally, VLAN 103 is specified as the native VLAN. Example 3-2 IEEE 802.1Q Trunk Example Switch(config)# interface GigabitEthernet8/4 Switch(config-if)# switchport Switch(config-if)# switchport trunk encapsulation dot1q Switch(config-if)# switchport trunk allowed 3, 103 Switch(config-if)# switchport trunk native vlan 103 Trunks are typically, but not always, configured in conjunction with EtherChannels, which allow for network link redundancy, and are described next. DA SA TYPE/LEN DATA FCS DA SA TYPE/LEN DATA FCS TAG Original Frame Original Ethernet Frame Inserted 4-Byte IEEE 802.1Q Tage Recomputed FCS Tagged Frame 2286743-17 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies EtherChannels, Cisco Port Aggregation Protocol, and IEEE 802.3ad EtherChannel technologies create a single logical link by bundling multiple physical Ethernet-based links (such as Gigabit Ethernet or Ten Gigabit Ethernet links) together, as shown in Figure 3-14. As such, EtherChannel links can provide for increased redundancy, capacity, and load balancing. To optimize the load balancing of traffic over multiple links, Cisco recommends deploying EtherChannels in powers of two (two, four, or eight) physical links. EtherChannel links can operate at either L2 or L3. Figure 3-14 EtherChannel Bundle EtherChannel links can be created using Cisco Port Aggregation Protocol (PAgP), which performs a negotiation before forming a channel, to ensure compatibility and administrative policies. PAgP can be configured in four channeling modes: • On—This mode forces the LAN port to channel unconditionally. In the On mode, a usable EtherChannel exists only when a LAN port group in the On mode is connected to another LAN port group in the On mode. Ports configured in the On mode do not negotiate to form EtherChannels; they simply do or do not, depending on the configuration of the other port. • Off—This mode precludes the LAN port from channeling unconditionally. • Desirable—This PAgP mode places a LAN port into an active negotiating state, in which the port initiates negotiations with other LAN ports to form an EtherChannel by sending PAgP packets. A port in this mode forms an EtherChannel with a peer port that is in either auto or desirable PAgP mode. • Auto—This (default) PAgP mode places a LAN port into a passive negotiating state, in which the port responds to PAgP packets it receives but does not initiate PAgP negotiation. A port in this mode forms an EtherChannel with a peer port that is in desirable PAgP mode (only). PAgP, when enabled as an L2 link, is enabled on the physical interface (only). Optionally, you can change the PAgP mode from the default autonegotiation mode, as follows:. Switch(config)# interface GigabitEthernet8/1 Switch(config-if)# channel-protocol pagp Switch(config-if)# channel-group 15 mode desirable Alternatively, EtherChannels can be negotiated with the IEEE 802.3ad Link Aggregation Control Protocol (LACP). LACP similarly allows a switch to negotiate an automatic bundle by sending LACP packets to the peer. LACP supports two channel negotiation modes: • Active—This LACP mode places a port into an active negotiating state, in which the port initiates negotiations with other ports by sending LACP packets. A port in this mode forms a bundle with a peer port that is in either active or passive LACP mode. • Passive—This (default) LACP mode places a port into a passive negotiating state, in which the port responds to LACP packets it receives but does not initiate LACP negotiation. A port in this mode forms a bundle with a peer port that is in active LACP mode (only). Similar to PAgP, LACP requires only a single command on the physical interface when configured as an L2 link. Optionally, you can change the LACP mode from the default passive negotiation mode, as follows: Switch(config)#interface GigabitEthernet8/2 Switch(config-if)# channel-protocol lacp Si Si EtherChannel 2286753-18 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Switch(config-if)# channel-group 16 mode active However, note that PAgP and LACP do not interoperate with each other; ports configured to use PAgP cannot form EtherChannels with ports configured to use LACP, nor can ports configured to use LACP form EtherChannels with ports configured to use PAgP. EtherChannel plays a critical role in provisioning network link redundancy, especially at the campus distribution and core layers. Furthermore, an evolution of EtherChannel technology plays a key role in Cisco VSS, which is discussed in the following section. Cisco Virtual Switching System The Cisco Catalyst 6500 Virtual Switching System (VSS) represents a major leap forward in device and network availability technologies, by combining many of the technologies that have been discussed thus far into a single, integrated system. VSS allows for the combination of two switches into a single, logical network entity from the network control plane and management perspectives. To the neighboring devices, the VSS appears as a single, logical switch or router. Within the VSS, one chassis is designated as the active virtual switch and the other is designated as the standby virtual switch. All control plane functions, Layer 2 protocols, Layer 3 protocols, and software data path are centrally managed by the active supervisor engine of the active virtual switch chassis. The supervisor engine on the active virtual switch is also responsible for programming the hardware forwarding information onto all the distributed forwarding cards (DFCs) across the entire Cisco VSS as well as the policy feature card (PFC) on the standby virtual switch supervisor engine. From the data plane and traffic forwarding perspectives, both switches in the VSS actively forward traffic. The PFC on the active virtual switch supervisor engine performs central forwarding lookups for all traffic that ingresses the active virtual switch, whereas the PFC on the standby virtual switch supervisor engine performs central forwarding lookups for all traffic that ingresses the standby virtual switch. The first step in creating a VSS is to define a new logical entity called the virtual switch domain, which represents both switches as a single unit. Because switches can belong to one or more switch virtual domains, a unique number must be used to define each switch virtual domain, as Example 3-3 demonstrates. Example 3-3 VSS Virtual Domain Configuration VSS-sw1(config)#switch virtual domain 100 Domain ID 100 config will take effect only after the exec command `switch convert mode virtual' is issued VSS-sw1(config-vs-domain)#switch 1 Note A corresponding set of commands must be configured on the second switch, with the difference being that switch 1 becomes switch 2. However, the switch virtual domain number must be identical (in this example, 100). Additionally, to bond the two chassis together into a single, logical node, special signaling and control information must be exchanged between the two chassis in a timely manner. To facilitate this information exchange, a special link is needed to transfer both data and control traffic between the peer chassis. This link is referred to as the virtual switch link (VSL). The VSL, formed as an EtherChannel interface, can comprise links ranging from one to eight physical member ports, as shown by Example 3-4.3-19 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Example 3-4 VSL Configuration and VSS Conversion VSS-sw1(config)#interface port-channel 1 VSS-sw1(config-if)#switch virtual link 1 VSS-sw1(config-if)#no shut VSS-sw1(config-if)#exit VSS-sw1(config)#interface range tenGigabitEthernet 5/4 - 5 VSS-sw1(config-if-range)#channel-group 1 mode on VSS-sw1(config-if-range)#no shut VSS-sw1(config-if-range)#exit VSS-sw1(config)#exit VSS-sw1#switch convert mode virtual This command converts all interface names to naming convention interface-type switch-number/slot/port, saves the running configuration to the startup configuration, and reloads the switch. Do you want to proceed? [yes/no]: yes Converting interface names Building configuration... [OK] Saving converted configurations to bootflash ... [OK] Note As previously discussed, a corresponding set of commands must be configured on the second switch, with the difference being that switch virtual link 1 becomes switch virtual link 2. Additionally, port-channel 1 becomes port-channel 2. VSL links carry two types of traffic: the VSS control traffic and normal data traffic. Figure 3-15 illustrates the virtual switch domain and the VSL. Figure 3-15 Virtual Switch Domain and Virtual Switch Link Furthermore, VSS allows for an additional addition to EtherChannel technology: multi-chassis EtherChannel (MEC). Before VSS, EtherChannels were restricted to reside within the same physical switch. However, in a VSS environment, the two physical switches form a single logical network entity, and therefore EtherChannels can be extended across the two physical chassis, forming an MEC. Thus, MEC allows for an EtherChannel bundle to be created across two separate physical chassis (although these two physical chassis are operating as a single, logical entity), as shown in Figure 3-16. Virtual Switch Link Virtual Switch Active Virtual Switch Standby Active Control Plane Active Data Plane Hot-Standby Control Plane Active Data Plane Virtual Switch Domain 2286763-20 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Figure 3-16 Multi-Chassis EtherChannel Topology Therefore, MEC allows all the dual-homed connections to and from the upstream and downstream devices to be configured as EtherChannel links, as opposed to individual links. From a configuration standpoint, the commands to form a MEC are the same as a regular EtherChannel; they are simply applied to interfaces that reside on two separate physical switches, as shown in Figure 3-17. Figure 3-17 MEC--Physical and Logical Campus Network Blocks As a result, MEC links allow for implementation of network designs where true Layer 2 multipathing can be implemented without the reliance on Layer 2 redundancy protocols such as STP, as shown in Figure 3-18. VSL Multi-Chassis EtherChannel (FEC) Access Switch Virtual Switch 228677 Physical Network Logical Network 223685 Core Core3-21 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Figure 3-18 STP Topology and VSS Topology The advantage of VSS over STP is highlighted further by comparing Figure 3-19, which shows a full campus network design using VSS, with Figure 3-9, which shows a similar campus network design using STP. Layer 2 Looped Topology STP Blocks 50% of all links Multi-Chassis Etherchannel All links active 223686 Core Core Si Si VLAN 30 VLAN 30 VLAN 30 VLAN 30 VLAN 30 VLAN 303-22 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Figure 3-19 VSS Campus Network Design The ability to remove physical loops from the topology, and no longer be dependent on spanning tree, is one of the significant advantages of the virtual switch design. However, it is not the only difference. The virtual switch design allows for a number of fundamental changes to be made to the configuration and operation of the distribution block. By simplifying the network topology to use a single virtual distribution switch, many other aspects of the network design are either greatly simplified or, in some cases, no longer necessary. Furthermore, network designs using VSS can be configured to converge in under 200 ms, which is 250 times faster than STP. L3 Network Availability Technologies L3 network availability technologies that particularly relate to TelePresence network design include the following: • Hot Standby Router Protocol (HSRP) • Virtual Router Redundancy Protocol (VRRP) 228678 Fully Redundant Virtual Switch Topology3-23 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies • Gateway Load Balancing Protocol (GLBP) • IP Event Dampening Hot Standby Router Protocol Cisco HSRP is the first of three First Hop Redundancy Protocols (FHRPs) discussed in this chapter (the other two being VRRP and GLBP). A FHRP provides increased availability by allowing for transparent failover of the first-hop IP router, also known as the default gateway (for endpoint devices). HSRP is used in a group of routers for selecting an active router and a standby router. In a group of router interfaces, the active router is the router of choice for routing packets; the standby router is the router that takes over when the active router fails or when preset conditions are met. Endpoint devices, or IP hosts, have an IP address of a single router configured as the default gateway. When HSRP is used, the HSRP virtual IP address is configured as the host default gateway instead of the actual IP address of the router. When HSRP is configured on a network segment, it provides a virtual MAC address and an IP address that is shared among a group of routers running HSRP. The address of this HSRP group is referred to as the virtual IP address. One of these devices is selected by the HSRP to be the active router. The active router receives and routes packets destined for the MAC address of the group. HSRP detects when the designated active router fails, at which point a selected standby router assumes control of the MAC and IP addresses of the hot standby group. A new standby router is also selected at that time. HSRP uses a priority mechanism to determine which HSRP configured router is to be the default active router. To configure a router as the active router, you assign it a priority that is higher than the priority of all the other HSRP-configured routers. The default priority is 100, so if just one router is configured to have a higher priority, that router is the default active router. Devices that are running HSRP send and receive multicast UDP-based hello messages to detect router failure and to designate active and standby routers. When the active router fails to send a hello message within a configurable period of time, the standby router with the highest priority becomes the active router. The transition of packet forwarding functions between routers is completely transparent to all hosts on the network. Multiple hot standby groups can be configured on an interface, thereby making fuller use of redundant routers and load sharing. Figure 3-20 shows a network configured for HSRP. By sharing a virtual MAC address and IP address, two or more routers can act as a single virtual router. The virtual router does not physically exist but represents the common default gateway for routers that are configured to provide backup to each other. All IP hosts are configured with IP address of the virtual router as their default gateway. If the active router fails to send a hello message within the configurable period of time, the standby router takes over and responds to the virtual addresses and becomes the active router, assuming the active router duties.3-24 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Figure 3-20 HSRP Topology HSRP also supports object tracking, such that the HSRP priority of a router can dynamically change when an object that is being tracked goes down. Examples of objects that can be tracked are the line protocol state of an interface or the reachability of an IP route. If the specified object goes down, the HSRP priority is reduced. Furthermore, HSRP supports SSO awareness, such that HRSP can alter its behavior when a router with redundant route processors (RPs) are configured in SSO redundancy mode. When an RP is active and the other RP is standby, SSO enables the standby RP to take over if the active RP fails. With this functionality, HSRP SSO information is synchronized to the standby RP, allowing traffic that is sent using the HSRP virtual IP address to be continuously forwarded during a switchover without a loss of data or a path change. Additionally, if both RPs fail on the active HSRP router, the standby HSRP router takes over as the active HSRP router. Note SSO awareness for HSRP is enabled by default when the redundancy mode of operation of the RP is set to SSO, as was shown in Non-Stop Forwarding with Stateful Switch Over, page 3-7. Example 3-5 demonstrates the HSRP configuration that can be used on the LAN interface of the active router from Figure 3-20. Each HSRP group on a given subnet requires a unique number; in this example, the HSRP group number is set to 10. The IP address of the virtual router (which is what each IP host on the network uses as a default gateway address) is set to 172.16.128.3. The HRSP priority of this router has been set to 105 and preemption has been enabled on it; preemption allows for the router to immediately take over as the virtual router (provided it has the highest priority on the segment). Finally, object tracking has been configured, such that should the line protocol state of interface Serial0/1 go down (the WAN link for the active router, which is designated as object-number 110), the HSRP priority for this interface dynamically decrements (by a value of 10, by default). 148422 Maximum penalty Suppress threshold Reuse Threshold Down Up Interface State Actual Penalty Interface State Perceived by OSPF3-25 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Example 3-5 HSRP Example track 110 interface Serial0/1 line-protocol ! interface GigabitEthernet0/0 ip address 172.16.128.1 255.255.255.0 standby 10 ip 172.16.128.3 standby 10 priority 105 preempt standby 10 track 110 ! Because HRSP was the first FHRP and because it was invented by Cisco, it is Cisco-proprietary. However, to support multi-vendor interoperability, aspects of HSRP were standardized in the Virtual Router Redundancy Protocol (VRRP), which is discussed next. Virtual Router Redundancy Protocol VRRP, defined in RFC 2338, is an FHRP very similar to HSRP, but is able to support multi-vendor environments. A VRRP router is configured to run the VRRP protocol in conjunction with one or more other routers attached to a LAN. In a VRRP configuration, one router is elected as the virtual router master, with the other routers acting as backups in case the virtual router master fails. VRRP enables a group of routers to form a single virtual router. The LAN clients can then be configured with the virtual router as their default gateway. The virtual router, representing a group of routers, is also known as a VRRP group. Figure 3-21 shows a LAN topology in which VRRP is configured. In this example, two VRRP routers (routers running VRRP) comprise a virtual router. However, unlike HSRP, the IP address of the virtual router is the same as that configured for the LAN interface of the virtual router master; in this example, 172.16.128.1. Figure 3-21 VRRP Topology VRRP Group (IP Address 172.16.128.1) Note: Backup WAN link is idle 172.16.128.1 172.16.128.2 All Hosts are configured with a default gateway IP address of 172.16.128.1 228679 Host A Host B Host C Host D WAN/VPN Virtual Router Backup Virtual Router Master Router A Router B3-26 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Router A assumes the role of the virtual router master and is also known as the IP address owner, because the IP address of the virtual router belongs to it. As the virtual router master, Router A is responsible for forwarding packets sent to this IP address. Each IP host on the subnet is configured with the default gateway IP address of the virtual route master, in this case 172.16.128.1. Router B, on the other hand, functions as a virtual router backup. If the virtual router master fails, the router configured with the higher priority becomes the virtual router master and provides uninterrupted service for the LAN hosts. When Router A recovers, it becomes the virtual router master again. Additionally, like HSRP, VRRP supports object tracking, preemption, and SSO awareness. Note SSO awareness for VRRP is enabled by default when the redundancy mode of operation of the RP is set to SSO, as was shown in Non-Stop Forwarding with Stateful Switch Over, page 3-7. Example 3-6 shows a VRRP configuration that can be used on the LAN interface of the virtual router master from Figure 3-21. Each VRRP group on a given subnet requires a unique number; in this example, the VRRP group number is set to 10. The virtual IP address is set to the actual LAN interface address, designating this router as the virtual router master. The VRRP priority of this router has been set to 105. Unlike HSRP, preemption for VRRP is enabled by default. Finally, object tracking has been configured, such that should the line protocol state of interface Serial0/1 go down (the WAN link for this router, which is designated as object-number 110), the VRRP priority for this interface dynamically decrements (by a value of 10, by default). Example 3-6 VRRP Example ! track 110 interface Serial0/1 line-protocol ! interface GigabitEthernet0/0 ip address 172.16.128.1 255.255.255.0 vrrp 10 ip 172.16.128.1 vrrp 10 priority 105 vrrp 10 track 110 ! A drawback to both HSRP and VRRP is that the standby/backup router is not used to forward traffic, and as such wastes both available bandwidth and processing capabilities. This limitation can be worked around by provisioning two complementary HSRP/VRRP groups on each LAN subnet, with one group having the left router as the active/master and the other group having the right router as the active/master router. Then, approximately half of the hosts are configured to use the virtual IP address of one HSRP/VRRP group, and the remaining hosts are configured to use the virtual IP address of the second group. This requires additional operational and management complexity. To improve the efficiency of these FHRP models without such additional complexity, GLBP can be used, which is discussed next. Gateway Load Balancing Protocol Cisco GLBP improves the efficiency of FHRP protocols by allowing for automatic load balancing of the default gateway. The advantage of GLBP is that it additionally provides load balancing over multiple routers (gateways) using a single virtual IP address and multiple virtual MAC addresses per GLBP group (in contrast, both HRSP and VRRP used only one virtual MAC address per HSRP/VRRP group). The forwarding load is shared among all routers in a GLBP group rather than being handled by a single router while the other routers stand idle. Each host is configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets.3-27 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The function of the AVG is that it assigns a virtual MAC address to each member of the GLBP group. Each gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual MAC address. The AVG is also responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address. Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC addresses (corresponding to each gateway router). In Figure 3-22, Router A is the AVG for a GLBP group, and is primarily responsible for the virtual IP address 172.16.128.3; however, Router A is also an AVF for the virtual MAC address 0007.b400.0101. Router B is a member of the same GLBP group and is designated as the AVF for the virtual MAC address 0007.b400.0102. All hosts have their default gateway IP addresses set to the virtual IP address of 172.16.128.3. However, when these use ARP to determine the MAC of this virtual IP address, Host A and Host C receive a gateway MAC address of 0007.b400.0101 (directing these hosts to use Router A as their default gateway), but Host B and Host D receive a gateway MAC address 0007.b400.0102 (directing these hosts to use Router B as their default gateway). In this way, the gateway routers automatically load share. Figure 3-22 GLBP Topology If Router A becomes unavailable, Hosts A and C do not lose access to the WAN because Router B assumes responsibility for forwarding packets sent to the virtual MAC address of Router A, and for responding to packets sent to its own virtual MAC address. Router B also assumes the role of the AVG for the entire GLBP group. Communication for the GLBP members continues despite the failure of a router in the GLBP group. Additionally, like HSRP and VRRP, GLBP supports object tracking, preemption, and SSO awareness. GLBP Group 172.16.128.1 172.16.128.3 172.16.128.2 Both WAN links are active All Hosts are configured with a default gateway IP address of 172.16.128.3 228680 Host A Host B Virtual Mac: 0007.b400.0102 Virtual Mac: 0007.b400.0102 Virtual Mac: 0007.b400.0102 Virtual Mac: 0007.b400.0101 Virtual Mac: 0007.b400.0101 Host C Host D WAN/VPN Both WAN links are active Virtual Router Backup Virtual Router Master Router A Router B Virtual Router3-28 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Network Availability Technologies Note SSO awareness for GLBP is enabled by default when the route processor's redundancy mode of operation is set to SSO, as was shown in Non-Stop Forwarding with Stateful Switch Over, page 3-7. However, unlike the object tracking logic used by HSRP and VRRP, GLBP uses a weighting scheme to determine the forwarding capacity of each router in the GLBP group. The weighting assigned to a router in the GLBP group can be used to determine whether it forwards packets and, if so, the proportion of hosts in the LAN for which it forwards packets. Thresholds can be set to disable forwarding when the weighting for a GLBP group falls below a certain value; when it rises above another threshold, forwarding is automatically re-enabled. GLBP group weighting can be automatically adjusted by tracking the state of an interface within the router. If a tracked interface goes down, the GLBP group weighting is reduced by a specified value. Different interfaces can be tracked to decrement the GLBP weighting by varying amounts. Example 3-7 shows a GLBP configuration that can be used on the LAN interface of the AVG from Figure 3-22. Each GLBP group on a given subnet requires a unique number; in this example, the GLBP group number is set to 10. The virtual IP address for the GLBP group is set to 172.16.128.3. The GLBP priority of this interface has been set to 105, and like HSRP, preemption for GLBP must be explicitly enabled (if desired). Finally, object tracking has been configured, such that should the line protocol state of interface Serial0/1 go down (the WAN link for this router, which is designated as object-number 110), the GLBP priority for this interface dynamically decrements (by a value of 10, by default). Example 3-7 GLBP Example ! track 110 interface Serial0/1 line-protocol ! interface GigabitEthernet0/0 ip address 172.16.128.1 255.255.255.0 glbp 10 ip 172.16.128.3 glbp 10 priority 105 glbp 10 preempt glbp 10 weighting track 110 ! Having concluded an overview of these FHRPs, a discussion of another type of L3 network availability feature, IP Event Dampening, follows. IP Event Dampening Whenever the line protocol of an interface changes state, or flaps, routing protocols are notified of the status of the routes that are affected by the change in state. Every interface state change requires all affected devices in the network to recalculate best paths, install or remove routes from the routing tables, and then advertise valid routes to peer routers. An unstable interface that flaps excessively can cause other devices in the network to consume substantial amounts of system processing resources and cause routing protocols to lose synchronization with the state of the flapping interface. The IP Event Dampening feature introduces a configurable exponential decay mechanism to suppress the effects of excessive interface flapping events on routing protocols and routing tables in the network. This feature allows the network administrator to configure a router to automatically identify and selectively dampen a local interface that is flapping. Dampening an interface removes the interface from the network until the interface stops flapping and becomes stable.3-29 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Operational Availability Technologies Configuring the IP Event Dampening feature improves convergence times and stability throughout the network by isolating failures so that disturbances are not propagated, which reduces the use of system processing resources by other devices in the network and improves overall network stability. IP Event Dampening uses a series of administratively-defined thresholds to identify flapping interfaces, to assign penalties, to suppress state changes (if necessary), and to make stabilized interfaces available to the network. These thresholds are as follows: • Suppress threshold—The value of the accumulated penalty that triggers the router to dampen a flapping interface. The flapping interface is identified by the router and assigned a penalty for each up and down state change, but the interface is not automatically dampened. The router tracks the penalties that a flapping interface accumulates. When the accumulated penalty reaches the default or preconfigured suppress threshold, the interface is placed in a dampened state. The default suppress threshold value is 2000. • Half-life period—Determines how fast the accumulated penalty can decay exponentially. When an interface is placed in a dampened state, the router monitors the interface for additional up and down state changes. If the interface continues to accumulate penalties and the interface remains in the suppress threshold range, the interface remains dampened. If the interface stabilizes and stops flapping, the penalty is reduced by half after each half-life period expires. The accumulated penalty is reduced until the penalty drops to the reuse threshold. The default half-life period timer is five seconds. • Reuse threshold—When the accumulated penalty decreases until the penalty drops to the reuse threshold, the route is unsuppressed and made available to the other devices on the network. The default value is 1000 penalties. • Maximum suppress time—The maximum suppress time represents the maximum amount of time an interface can remain dampened when a penalty is assigned to an interface. The default maximum penalty timer is 20 seconds. IP Event Dampening is configured on a per-interface basis (where default values are used for each threshold) as follows: interface FastEthernet0/0 dampening IP Event Dampening can be complemented with the use of route summarization, on a per-routing protocol basis, to further compartmentalize the effects of flapping interfaces and associated routes. Operational Availability Technologies As has been shown, the predominant way that availability of a network can be improved is to improve its MTBF by using devices that have redundant components and by engineering the network itself to be as redundant as possible, leveraging many of the technologies discussed in the previous sections. However, glancing back to the general availability formula from Figure 3-1, another approach to improving availability is to reduce MTTR. Reducing MTTR is primarily a factor of operational resiliency. MTTR operations can be significantly improved in conjunction with device and network redundant design. Specifically, the ability to make changes, upgrade software, and replace or upgrade hardware in a production network is extensively improved because of the implementation of device and network redundancy. The ability to upgrade individual devices without taking them out of service is based on having internal component redundancy complemented with the system software capabilities. Similarly, 3-30 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Operational Availability Technologies by having dual active paths through redundant network devices designed to converge in sub-second timeframes, it is possible to schedule an outage event on one element of the network and allow it to be upgraded and then brought back into service with minimal or no disruption to the network as a whole. MTTR can also be improved by reducing the time required to perform any of the following operations: • Failure detection • Notification • Fault diagnosis • Dispatch/arrival • Fault repair Technologies that can help automate and streamline these operations include the following: • Cisco General Online Diagnostics (GOLD) • Cisco IOS Embedded Event Manager (EEM) • Cisco In Service Software Upgrade (ISSU) • Online Insertion and Removal (OIR) This section briefly introduces each of these technologies. Cisco Generic Online Diagnostics Cisco GOLD defines a common framework for diagnostic operations for Cisco IOS Software-based products. GOLD has the objective of checking the check the health of all hardware components and verifying the proper operation of the system data plane and control plane at boot time, as well as run-time. GOLD supports the following: • Bootup tests (includes online insertion) • Health monitoring tests (background non-disruptive) • On-demand tests (disruptive and non-disruptive) • User scheduled tests (disruptive and non-disruptive) • Command-line interface (CLI) access to data via a management interface GOLD, in conjunction with several of the technologies previously discussed, can reduce device failure detection time. Cisco IOS Embedded Event Manager The Cisco IOS EEM offers the ability to monitor device hardware, software, and operational events and take informational, corrective, or any desired action, including sending an e-mail alert, when the monitored events occur or when a threshold is reached. EEM can notify a network management server and/or an administrator (via e-mail) when an event of interest occurs. Events that can be monitored include the following: • Application-specific events • CLI events • Counter/interface-counter events3-31 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Summary • Object-tracking events • Online insertion and removal events • Resource events • GOLD events • Redundancy events • Simple Network Management Protocol (SNMP) events • Syslog events • System manager/system monitor events • IOS watchdog events • Timer events Capturing the state of network devices during such situations can be helpful in taking immediate recovery actions and gathering information to perform root-cause analysis, reducing fault detection and diagnosis time. Notification times are reduced by having the device send e-mail alerts to network administrators. Furthermore, availability is also improved if automatic recovery actions are performed without the need to fully reboot the device. Cisco In Service Software Upgrade Cisco ISSU provides a mechanism to perform software upgrades and downgrades without taking a switch out of service. ISSU leverages the capabilities of NSF and SSO to allow the switch to forward traffic during supervisor IOS upgrade (or downgrade). With ISSU, the network does not re-route and no active links are taken out of service. ISSU thereby expedites software upgrade operations. Online Insertion and Removal OIR allows line cards to be added to a device without affecting the system. Additionally, with OIR, line cards can be exchanged without losing the configuration. OIR thus expedites hardware repair and/or replacement operations. Summary Availability was shown to be a factor of two components: the mean time between failures (MTBF) and the mean time to repair (MTTR) such failures. Availability can be improved by increasing MTBF (which is primarily a function of device and network resiliency/redundancy), or by reducing MTTR (which is primarily a function of operational resiliency. Device availability technologies were discussed, including Cisco Catalyst StackWise/StackWise Plus technologies, which provide 1:N control plane redundancy to Cisco Catalyst 3750G/3750E switches, as well as NSF with SSO, which similarly provides hot standby redundancy to network devices with multiple route processors. Network availability technologies were also discussed, beginning with Layer 2 technologies, such as spanning tree protocols, trunking protocols, EtherChannel protocols, and Cisco VSS. Additionally, Layer 3 technologies, such as HSRP, VRRP, GLBP, and IP Event dampening were introduced.3-32 Medianet Reference Guide OL-22201-01 Chapter 3 Medianet Availability Design Considerations Summary Finally, operational availability technologies were introduced to show how availability can be improved by automating and streamlining MTTR operations, including GOLD, EEM, ISSU, and OIR.C H A P T E R 4-1 Medianet Reference Guide OL-22201-01 4 Medianet QoS Design Considerations This document provides an overview of Quality of Service (QoS) tools and design recommendations relating to an enterprise medianet architecture and includes high-level answers to the following: • Why is Cisco providing new QoS design guidance at this time? • What is Cisco’s Quality of Service toolset? • How can QoS be optimally deployed for enterprise medianets? QoS has proven itself a foundational network infrastructure technology required to support the transparent convergence of voice, video, and data networks. Furthermore, QoS has also been proven to complement and strengthen the overall security posture of a network. However, business needs continue to evolve and expand, and as such, place new demands on QoS technologies and designs. This document examines current QoS demands and requirements within an enterprise medianet and presents strategic design recommendations to address these needs. Drivers for QoS Design Evolution There are three main sets of drivers pressuring network administrators to reevaluate their current QoS designs (each is discussed in the following sections): • New applications and business requirements • New industry guidance and best practices • New platforms and technologies New Applications and Business Requirements Media applications—particularly video-oriented media applications—are exploding over corporate networks, exponentially increasing bandwidth utilization and radically shifting traffic patterns. For example, according to recent studies, global IP traffic will nearly double every two years through 2012 1 and the sum of all forms of video will account for close to 90 percent of consumer traffic by 2012 2 . 1. Cisco Visual Networking Index—Forecast and Methodology, 2007-2012 http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns705/ns827/white_paper_c11-481360 _ns827_Networking_Solutions_Whitd_Paper.html 2. Approaching the Zettabyte Era http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns705/ns827/white_paper_c11-481374 _ns827_Networking_Solutions_White_Paper.html4-2 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution Businesses recognize the value that media applications—particularly video-based collaborative applications—bring to the enterprise, including: • Increasing productivity • Improving the quality of decision making • Speeding time-to-market • Facilitating knowledge sharing • Fueling innovation • Reducing travel time and expenses • Protecting the environment Corresponding to these values and benefits of media applications, there are several business drivers behind media application growth, including: • Evolution of video applications • Transition to high-definition media • Explosion of media • Phenomena of social networking • Emergence of “bottoms-up” media applications • Convergence within media applications • Globalization of the workforce • Pressures to go green These business drivers briefly described in the following sections. The Evolution of Video Applications When the previous Cisco Enterprise QoS Design Guide was published (in 2003), there were basically only two broad types of video applications deployed over enterprise networks: • Interactive video—Generally describes H.323-based collaborative video applications (typically operating at 384 kbps or 768 kbps); video flows were bi-directional and time-sensitive. • Streaming video—Generally describes streaming or video-on-demand (VoD) applications; video flows were unidirectional (either unicast or multicast) and were not time-sensitive (due to significant application buffering). However, at the time of writing this document (2009), video applications have evolved considerably, as illustrated in Figure 4-1.4-3 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution Figure 4-1 Video Application Evolution Consider first the streaming video branch—the earliest sets of video applications were VoD streams to the desktop. VoD streams can include pre-recorded content such as employee communications, training, e-learning, and social-interaction content. Today, due to the ease of content creation, on-demand content may either be professionally-produced (top-down) or self-produced (bottom-up). It is important to also note that not all VoD content is necessarily business-related, as non-business, entertainment-oriented content is often widely available for on-demand video viewing. VoD applications soon expanded to include the development and support of “live” or “broadcast” video streams to the desktop. Broadcast streams may include company meetings, special events, internal corporate announcements or similar content. As such, broadcast streaming video content is typically professionally-produced, top-down content. Thereafter, with the proliferation of flat-screen digital displays, it became increasingly apparent that the desktop is not the only display option for streaming video. Thus, digital signage began to emerge as another streaming video application (for both on-demand and broadcast video streams). Digital signage refers to centrally-managed publishing solutions for delivering digital media to networked displays. For example, Cisco offers a Digital Media Player and an enterprise TV solution that works in conjunction with its Digital Media System to support a comprehensive digital signage solution. Digital signage can be used to broadcast internal information, such as sharing up-to-date schedules and news where people need it most or providing realtime location and directional guidance. Additionally, digital signage is an effective tool for marketing, helping companies to promote products and services directly to customers. Around the same time that digital signage was being developed, the advantages that IP brought to video were being gradually being applied to the video surveillance market. These advantages include the ability to forward live video streams to local or remote control centers for observation and efficient processing. Cisco offers comprehensive IP surveillance (IPVS) solutions, including IP cameras, hybrid analog-to-digital video gateways (to facilitate transitioning from closed-circuit TV surveillance solutions to IPVS), and IPVS management applications. Interestingly, video surveillance has a unique degree of interactivity not found in any other streaming video application, namely, that of having an observer “interact” with the video stream by sending control information to the transmitting video camera, for instance, to track an event-in-progress. On the interactive video side of the video application hemisphere, there has also been considerable application evolution. Basic video conferencing applications, which were initially dedicated room-based units, evolved into software-based PC applications. The factors behind this shift from room-based hardware to PC-based software were two-fold: • The convenience of immediate desktop collaboration (rather than having to book or hunt for an available video-conferencing enabled room). Streaming Video Interactive Video Digital Signage IP Video Surveillance Desktop Video on Demand Desktop Broadcast Video Desktop Video Conferencing TelePresence Streaming Video Applications Interactive Video Applications Multimedia Collaboration Applications 2245474-4 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution • The availability of inexpensive Webcams. Desktop video conferencing may be utilized on a one-to-one basis or may support a few participants simultaneously. Once video conferencing moved to software, a whole new range of communication possibilities opened up, which morphed desktop video conferencing applications into multimedia collaboration applications. Multimedia collaboration applications, including Cisco Unified Personal Communicator (CUPC) and Cisco WebEx, share not only voice and video, but also data applications, such as instant messaging, document and presentation sharing, application sharing, and other integrated multimedia features. However, not all interactive video migrated to the desktop. Room-based video conferencing solutions continued to evolve and leveraged advances in high-definition video and audio, leading to solutions like Cisco TelePresence. Additionally, application sharing capabilities—borrowed from multimedia conferencing applications—were added to these high-definition room-based video conferencing solutions. And video application evolution doesn’t end here, but will continue to expand and morph over time as new demands and technologies emerge. The Transition to High-Definition Media One of the reasons traditional room-to-room video conferencing and desktop Webcam-style video conferencing are sometimes questioned as less than effective communications systems is the reliance on low-definition audio and video formats. On the other hand, high-definition interactive media applications, like Cisco TelePresence, demonstrate how high-definition audio and video can create an more effective remote collaboration experience, where meeting participants actually feel like they are in the same meeting room. Additionally, IP video surveillance cameras are migrating to high-definition video in order to have the digital resolutions needed for new functions, such as pattern recognition and intelligent event triggering based on motion and visual characteristics. Cisco fully expects other media applications to migrate to high-definition in the near future, as people become accustomed to the format in their lives as consumers, as well as the experiences starting to appear in the corporate environment. High-definition media formats transmitted over IP networks create unique challenges and demands on the network that need to be planned for. For example, Figure 4-2 contrasts the behavior of VoIP as compared to high definition video at the packet level.4-5 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution Figure 4-2 VoIP versus High-Definition Video—At the Packet Level The network demands of high-definition video include not only radically more bandwidth, but also significantly higher transmission reliability, as compared to standard-definition video applications. The Explosion of Media Another factor driving the demand for video on IP networks is the sheer explosion of media content. The barriers to media production, distribution, and viewing have been dramatically lowered. For example, five to ten years ago video cameras became so affordable and prevalent that just about anyone could buy one and become an amateur video producer. Additionally, video cameras are so common that almost every cell phone, PDA, laptop, and digital still camera provides a relatively high-quality video capture capability. However, until recently, it was not that easy to be a distributor of video content, as distribution networks were not common. Today, social networking sites like YouTube, MySpace and many others appearing every day and have dramatically lowered the barrier to video publishing to the point where anyone can do it. Video editing software is also cheap and easy to use. Add to that a free, global video publishing and distribution system and essentially anyone, anywhere can be a film studio. With little or no training, people are making movie shorts that rival those of dedicated video studios. The resulting explosion of media content is now the overwhelming majority of consumer network traffic and is quickly crossing over to corporate networks. The bottom line is there are few barriers left to inhibit video communication and so this incredibly effective medium is appearing in new and exciting applications every day. 20 msec 33 msec Voice Packets Bytes 200 600 1000 Video Packets Time Video Frame Video Frame Video Frame Audio Samples 1400 200 600 1000 1400 2243764-6 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution The Phenomena of Social Networking Social networking started as a consumer phenomenon, with people producing and sharing rich media communications such as blogs, photos, and videos. When considering the effect it may have on corporate networks, some IT analysts believed social networking would remain a consumer trend, while others believed the appearance in corporate networks was inevitable. Skeptics look at social networking sites like YouTube, MySpace, and others and see them as fads primarily for the younger population. However, looking beyond the sites themselves, it is important to understand the new forms of communication and information sharing they are enabling. For example, with consumer social networking, typically people are sharing information about themselves, about subjects they have experience in, and interact with others in real-time who have similar interests. In the workplace, we already see parallel activities, because the same types of communication and information sharing are just as effective. The corporate directory used to consist of employee names, titles, and phone numbers. Companies embracing social networking are adding to that skillsets and experience, URL links to shared work spaces, blogs, and other useful information. The result is a more productive and effective workforce that can adapt and find the skillsets and people needed to accomplish dynamic projects. Similarly, in the past information was primarily shared via text documents, E-mail, and slide sets. Increasingly, we see employees filming short videos to share best practices with colleagues, provide updates to peers and reports, and provide visibility into projects and initiatives. Why have social networking trends zeroed in on video as the predominant communication medium? Simple: video is the most effective medium. People can show or demonstrate concepts much more effectively and easily using video than any other medium. Just as a progression occurred from voice exchange to text, to graphics, and to animated slides, video will start to supplant those forms of communications. Think about the time it would take to create a good set of slides describing how to set up or configure a product. Now how much easier would it be just to film someone actually doing it? That’s just one of many examples where video is supplanting traditional communication formats. Internally, Cisco has witnessed the cross-over of such social networking applications into the workplace, with applications like Cisco Vision (C-Vision). C-Vision started as an ad hoc service by several employees, providing a central location for employees to share all forms of media with one another, including audio and video clips. Cisco employees share information on projects, new products, competitive practices, and many other subjects. The service was used by so many employees that Cisco’s IT department had to assume ownership and subsequently scaled the service globally within Cisco. The result is a service where employees can become more effective and productive, quickly tapping into each other’s experiences and know-how, all through the effectiveness and simplicity of media. The Emergence of Bottom-Up Media Applications As demonstrated in the C-Vision example, closely related to the social-networking aspect of media applications is the trend of users driving certain types of media application deployments within the enterprise from the bottom-up (in other words, the user base either demands or just begins to use a given media application with or without formal management or IT support). Bottom-up deployment patterns have been noted for many Web 2.0 and multimedia collaboration applications. In contrast, company-sponsored video applications are pushed from the top-down (in other words, the management team decides and formally directs the IT department to support a given media application for their user base). Such top-down media applications may include Cisco TelePresence, digital signage, video surveillance, and live broadcast video meetings.4-7 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution The combination of top-down and bottom-up media application proliferation places a heavy burden on the IT department as it struggles to cope with officially-supported and officially-unsupported, yet highly proliferated, media applications. The Convergence Within Media Applications Much like the integration of rich text and graphics into documentation, audio and video media continue to be integrated into many forms of communication. Sharing of information with E-mailed slide sets will gradually be replaced with E-mailed video clips. The audio conference bridge will be supplanted with the video-enabled conference bridge. Collaboration tools designed to link together distributed employees will increasingly integrate desktop video to bring teams closer together. Cisco WebEx is a prime example of such integration, providing text, audio, instant messaging, application sharing, and desktop video conferencing easily to all meeting participates, regardless of their location. Instead of a cumbersome setup of a video conference call, applications such as CUPC and WebEx greatly simplify the process and video capability is added to the conference just as easily as any other type of media, such as audio. The complexity that application presents to the network administrator relates to application classification: as media applications include voice, video, and data sub-components, the question of how to mark and provision a given media application becomes more difficult and blurry, as illustrated in Figure 4-3. Figure 4-3 Media Application Convergence—Voice, Video, and Data Within an Application For example, since Cisco WebEx has voice, video, and data sub-components, how should it be classified? As a voice application? As a video application? As a data application? Or is an altogether new application-class model needed to accommodate multimedia applications? Data Apps Voice • IP Telephony Video • Interactive Video • Streaming Video • App Sharing • Web/Internet • Messaging • Email Data Apps • App Sharing • Web/Internet • Messaging • Email Voice Video Data Convergence Media Explosion Collaborative Media Data Apps • App Sharing • Web/Internet • Messaging • Email • IP Telephony • HD Audio • SoftPhone • Other VoIP • Desktop Streaming Video • Desktop Broadcast Video • Digital Signage • IP Video Surveillance • Desktop Video Conferencing • HD Video Unmanaged Applications • Internet Streaming • Internet VoIP • YouTube • MySpace • Other Voice Video 224515 WebEx TelePresence Ad-Hoc App4-8 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution The Globalization of the Workforce In the past, most companies focused on acquiring and retaining skilled and talented individuals in a single or few geographic locations. More recently, this focus has shifted to finding technology solutions to enable a geographically-distributed workforce to collaborate together as a team. This new approach enables companies to more flexibly harness talent “where it lives.” Future productivity gains will be achieved by creating collaborative teams that span corporate boundaries, national boundaries, and geographies. Employees will collaborate with partners, research and educational institutions, and customers to create a new level of collective knowledge. To do so, real-time multimedia collaboration applications are absolutely critical to the success of these virtual teams. Video offers a unique medium which streamlines the effectiveness of communications between members of such teams. For this reason, real-time interactive video will become increasingly prevalent, as will media integrated with corporate communications systems. The Pressures to be Green For many reasons, companies are seeking to reduce employee travel. Travel creates bottom line expenses, as well as significant productivity impacts while employees are in-transit and away from their usual working environments. Many solutions have emerged to assist with productivity while traveling, including wireless LAN hotspots, remote access VPNs, and softphones, all designed to keep the employee connected while traveling. More recently companies are under increasing pressures to demonstrate environmental responsibility, often referred to as being “green.” On the surface, such initiatives may seem like a pop-culture trend that lacks tangible corporate returns. However, it is entirely possible to pursue green initiatives while simultaneously increasing productivity and lowering expenses. Media applications, such as Cisco TelePresence, offer real solutions to remote collaboration challenges and have demonstrable savings as well. For example, during the first year of deployment, Cisco measured its usage of TelePresence in direct comparison to the employee travel that would otherwise have taken place. Cisco discovered that over 80,000 hours of meetings were held by TelePresence instead of physical travel, avoiding $100 million of travel expenses, as well as over 30,000 tons of carbon emissions, the equivalent of removing over 10,000 vehicles off the roads for a period of one year. Being green does not have to be a “tax;” but rather can improve productivity and reduce corporate expenses, offering many dimensions of return on investment, while at the same time sending significant messages to the global community of environmental responsibility. Thus, having reviewed several key business drivers for evolving QoS designs, relevant industry guidance and best practices are discussed next. New Industry Guidance and Best Practices A second set of drivers behind QoS design evolution are advances in industry standards and guidance. Cisco has long advocated following industry standards and recommendations—whenever possible—when deploying QoS, as this simplifies QoS designs, extends QoS policies beyond an administrative domain, and improves QoS between administrative domains. To the first point of simplifying QoS, there are 64 discrete Differentiated Services Code Point (DSCP) values to which IP packets can be marked. If every administrator were left to their own devices to arbitrarily pick-and-choose DSCP markings for applications, there would be a wide and disparate set of 4-9 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution marking schemes that would likely vary from enterprise to enterprise, perhaps even within an enterprise (such as department to department). However if industry standard marking values are used, then marking schemes become considerably simplified and consistent. To the second point of extending QoS policies beyond an administrative domain, if an enterprise administrator wishes a specific type of Per-Hop Behavior (PHB)—which is the manner in which a packet marked to a given DSCP value is to be treated at each network node—they mark the packet according to the industry recommended marking value that corresponds to the desired PHB. Then, as packets are handed off to other administrative domains, such as service provider networks or partner networks, these packets continue to receive the desired PHB (provided that the SP or partner network is also following the same industry standards). Therefore, the PHB treatment is extended beyond the original administrative domain and thus the overall quality of service applied to the packet end-to-end-is improved. To the third point of improving QoS between administrative domains, as networks pass packets to adjacent administrative domains, sometimes their QoS policies differ. Nonetheless, the differences are likely to be minor, as compared to the scenario in which every administrator handled packets in an arbitrary, locally-defined fashion. Thus, the mapping of QoS policies is much easier to handle between domains, as these ultimately use many—if not most—of the same industry-defined PHBs. However, there may be specific constraints, either financial, technical, or otherwise, that may preclude following industry standards 100% of the time. In such cases, administrators need to make careful decisions as to when and how to deviate from these standards and recommendations to best meet their specific objectives and constraints and to allow them maximum flexibility and consistency in the end-to-end scenarios described above. Therefore, in line with the principle of following industry standards and recommendations whenever possible, it would be beneficial to briefly review some of the standards and recommendations most relevant to QoS design. RFC 2474 Class Selector Code Points The IETF RFC 2474 standard defines the use of 6 bits in the IPv4 and IPv6 Type of Service (ToS) byte, termed Differentiated Services Code Points (DSCP). Additionally, this standard introduces Class Selector codepoints to provide backwards compatibility for legacy (RFC 791) IP Precedence bits, as shown in Figure 4-4. Figure 4-4 The IP ToS Byte—IP Precedence Bits and DiffServ Extensions Class Selectors, defined in RFC 2474, are not Per-Hop Behaviors per se, but rather were defined to provide backwards compatibility to IP Precedence. Each Class Selector corresponds to a given IP Precedence value, with its three least-significant bits set to 0. For example, IP Precedence 1 is referred to as Class Selector 1 (or DSCP 8), IP Precedence 2 is referred to as Class Selector 2 (or DSCP 16), and so on. Table 4-1 shows the full table of IP Precedence to Class Selector mappings. 226603 Version Length ToS Byte Len ID Offset TTL Proto Data 7 IPv4 Packet Original IPv4 Specification DiffServ Extensions FCS IP-SA IP-DA 6 5 4 3 2 1 0 DiffServ Code Points (DSCP) IP Precedence 4-10 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution RFC 2597 Assured Forwarding Per-Hop Behavior Group RFC 2597 defines four Assured Forwarding groups, denoted by the letters “AF” followed by two digits: • The first digit denotes the AF class number and can range from 1 through 4 (these values correspond to the three most-significant bits of the codepoint or the IPP value that the codepoint falls under). Incidentally, the AF class number does not in itself represent hierarchy (that is, AF class 4 does not necessarily get any preferential treatment over AF class 1). • The second digit refers to the level of drop precedence within each AF class and can range from 1 (lowest drop precedence) through 3 (highest drop precedence). Figure 4-5 shows the Assured Forwarding PHB marking scheme. Figure 4-5 Assured Forwarding PHB Marking Scheme The three levels of drop precedence are analogous to the three states of a traffic light: • Drop precedence 1, also known as the “conforming” state, is comparable to a green traffic light. • Drop precedence 2, also known as the “exceeding” state, is comparable to a yellow traffic light (where a moderate allowance in excess of the conforming rate is allowed to prevent erratic traffic patterns). • Drop precedence 3, also known as the “violating” state, is comparable to a red traffic light. Table 4-1 IP Precedence to Class Selector/DSCP Mappings IP Precedence Value IP Precedence Name IPP Binary Equivalent Class Selector CS Binary Equivalent DSCP Value (Decimal) 0 Normal 000 CS0 1 /DF 1. Class Selector 0 is a special case, as it represents the default marking value (defined in RFC 2474-Section 4.1); as such, it is not typically called Class Selector 0, but rather Default Forwarding or DF. 000 000 0 1 Priority 001 CS1 001 000 8 2 Immediate 010 CS2 010 000 16 3 Flash 011 CS3 011 000 24 4 Flash-Override 100 CS4 100 000 32 5 Critical 101 CS5 101 000 40 6 Internetwork Control 110 CS6 110 000 48 7 Network Control 111 CS7 111 000 56 226604 X AF Group AFxy X X Y Y 0 Drop Precedance DSCP IP ToS Byte4-11 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution Packets within an AF class are always initially marked to drop precedence of 1 and can only be remarked to drop precedence 2 or 3 by a policer, which meters traffic rates and determines if the traffic is exceeding or violating a given traffic contract. Then, for example, during periods of congestion on an RFC 2597-compliant node, packets remarked AF33 (representing the highest drop precedence for AF class 3) would be dropped more often than packets remarked AF32; in turn, packets remarked AF32 would be dropped more often than packets marked AF31. The full set of AF PHBs are detailed in Figure 4-6. Figure 4-6 Assured Forwarding PHBs with Decimal and Binary Equivalents RFC 3246 An Expedited Forwarding Per-Hop Behavior The Expedited Forwarding PHB is defined in RFC 3246. In short, the definition describes a strict-priority treatment for packets that have been marked to a DSCP value of 46 (101110), which is also termed Expedited Forwarding (or EF). Any packet marked 46/EF that encounters congestion at a given network node is to be moved to the front-of-the-line and serviced in a strict priority manner. It doesn’t matter how such behavior is implemented—whether in hardware or software—as long as the behavior is met for the given platform at the network node. Note Incidentally, the RFC 3246 does not specify which application is to receive such treatment; this is open to the network administrator to decide, although the industry norm over the last decade has been to use the EF PHB for VoIP. The EF PHB provides an excellent case-point of the value of standardized PHBs. For example, if a network administrator decides to mark his VoIP traffic to EF and service it with strict priority over his networks, he can extend his policies to protect his voice traffic even over networks that he does not have direct administrative control. He can do this by partnering with service providers and/or extranet partners who follow the same standard PHB and who thus continue to service his (EF marked) voice traffic with strict priority over their networks. RFC 3662 A Lower Effort Per-Domain Behavior for Differentiated Services While most of the PHBs discussed so far represent manners in which traffic may be treated preferentially, there are cases it may be desired to treat traffic deferentially. For example, certain types of non-business traffic, such as gaming, video-downloads, peer-to-peer media sharing, and so on might dominate network links if left unabated. 226605 AF11 AF21 AF31 AF41 AF12 AF13 AF22 AF23 AF32 AF33 AF42 AF43 AF PHB DSCP 001 010 010 010 011 010 100 010 AF Class 1 AF Class 2 AF Class 3 AF Class 4 Conforming DP Exceeding DP Violating DP 10 18 26 34 001 100 010 100 011 100 100 100 12 20 28 36 001 110 010 110 011 110 100 110 14 22 30 384-12 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution To address such needs, a Lower Effort Per-Domain Behavior is described in RFC 3662 to provide a less than Best Effort service to undesired traffic. Two things should be noted about RFC 3662 from the start: • RFC 3662 is in the “informational” category of RFCs (not the standards track) and as such is not necessary to implemented in order to be DiffServ standard-compliant. • A Per-Domain Behavior (PDB) has a different and larger scope than a Per-Hop Behavior (PHB). A PDB does not require that undesired traffic be treated within a “less than Best Effort service” at necessarily every network node (which it would if this behavior were defined as a Per-Hop Behavior); rather, as long as one (or more) nodes within the administrative domain provide a “less than best effort service” to this undesired traffic class, the Per-Domain Behavior requirement has been met. The reason a PDB is sufficient to provision this behavior, as opposed to requiring a PHB, is that the level of service is deferential, not preferential. To expand, when dealing with preferential QoS policies, sometimes it is said that “a chain of QoS policies is only as strong as the weakest link.” For example, if provisioning an EF PHB for voice throughout a network and only one node in the path does not have EF properly provisioned on it, then the overall quality of voice is (potentially) ruined. On the other hand, if the objective is to provide a deferential level of service, all one needs is a single weak link in the path in order to lower the overall quality of service for a given class. Thus, if only a single weak link is required per administrative domain, then a Per-Domain Behavior-rather than a Per-Hop Behavior-better suits the requirement. The marking value recommended in RFC 3662 for less than best effort service (sometimes referred to as a Scavenger service) is Class Selector 1 (DSCP 8). This marking value is typically assigned and constrained to a minimally-provisioned queue, such that it will be dropped the most aggressively under network congestion scenarios. Cisco’s QoS Baseline While the IETF DiffServ RFCs (discussed thus far) provided a consistent set of per-hop behaviors for applications marked to specific DSCP values, they never specified which application should be marked to which DiffServ Codepoint value. Therefore, considerable industry disparity existed in application-to-DSCP associations, which led Cisco to put forward a standards-based application marking recommendation in their strategic architectural QoS Baseline document (in 2002). Eleven different application classes were examined and extensively profiled and then matched to their optimal RFC-defined PHBs. The application-specific marking recommendations from Cisco’s QoS Baseline of 2002 are summarized in Figure 4-7.4-13 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution Figure 4-7 Cisco’s QoS Baseline Marking Recommendations Note The previous Cisco Enterprise QoS SRND (version 3.3 from 2003) was based on Cisco’s QoS Baseline; however, as will be discussed, newer RFCs have since been published that improve and expand on the Cisco QoS Baseline. RFC 4594 Configuration Guidelines for DiffServ Classes More than four years after Cisco put forward its QoS Baseline document, RFC 4594 was formally accepted as an informational RFC (in August 2006). Before getting into the specifics of RFC 4594, it is important to comment on the difference between the IETF RFC categories of informational and standard. An informational RFC is an industry recommended best practice, while a standard RFC is an industry requirement. Therefore RFC 4594 is a set of formal DiffServ QoS configuration best practices, not a requisite standard. RFC 4594 puts forward twelve application classes and matches these to RFC-defined PHBs. These application classes and recommended PHBs are summarized in Figure 4-8. 220199 Application L3 Classification PHB DSCP RFC Transactional Data AF21 18 RFC 2597 Call Signaling CS3 24 RFC 2474 Streaming Video CS4 32 RFC 2474 Interactive Video AF41 34 RFC 2597 Voice EF 46 RFC 3246 Network Management CS2 16 RFC 2474 IETF Bulk Data AF11 10 RFC 2597 Scavenger CS1 8 RFC 2474 Routing CS6 48 RFC 2474 Mission-Critical Data AF31 26 RFC 2597 Best Effort 0 0 RFC 24744-14 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution Figure 4-8 RFC 4594 Marking Recommendations It is fairly obvious that there are more than a few similarities between Cisco’s QoS Baseline and RFC 4594, as there should be, since RFC 4594 is essentially an industry-accepted evolution of Cisco’s QoS Baseline. However, there are some differences that merit attention. The first set of differences is minor, as they involve mainly nomenclature. Some of the application classes from the QoS Baseline have had their names changed in RFC 4594. These changes in nomenclature are summarized in Table 4- 2. The remaining changes are more significant. These include one application class deletion, two marking changes, and two new application class additions: • The QoS Baseline Locally-Defined Mission-Critical Data class has been deleted from RFC 4594. • The QoS Baseline marking recommendation of CS4 for Streaming Video has been changed in RFC 4594 to mark Multimedia Streaming to AF31. 220200 Application L3 Classification PHB DSCP RFC Low-Latency Data AF21 18 RFC 2597 Broadcast Video CS3 24 RFC 2474 Real-Time Interactive CS4 32 RFC 2474 Call Signaling CS5 40 RFC 2474 VoIP Telephony EF 46 RFC 3246 OAM CS2 16 RFC 2474 IETF High-Throughput Data AF11 10 RFC 2597 Low-Priority Data CS1 8 RFC 3662 Network Control CS6 48 RFC 2474 Multimedia Streaming AF31 26 RFC 2597 Best Effort DF 0 RFC 2474 Multimedia Conferencing AF41 34 RFC 2597 Best Effort DF 0 Table 4-2 Nomenclature Changes from Cisco QoS Baseline to RFC 4594 Cisco QoS Baseline Class Names RFC 4594 Class Names Routing Network Control Voice VoIP Telephony Interactive Video Multimedia Conferencing Streaming Video Multimedia Streaming Transactional Data Low-Latency Data Network Management Operations/Administration/Management (OAM) Bulk Data High-Throughput Data Scavenger Low-Priority Data 4-15 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Drivers for QoS Design Evolution • The QoS Baseline marking recommendation of CS3 for Call Signaling has been changed in RFC 4594 to mark Call Signaling to CS5. • A new application class has been added to RFC 4594, Real-Time Interactive. This addition allows for a service differentiation between elastic conferencing applications (which would be assigned to the Multimedia Conferencing class) and inelastic conferencing applications (which would include high-definition applications, like Cisco TelePresence, in the Realtime Interactive class). Elasticity refers to the applications ability to function despite experiencing minor packet loss. Multimedia Conferencing uses the AF4 class and is subject to markdown (and potential dropping) policies, while the Realtime Interactive class uses CS4 and is not subject neither to markdown nor dropping policies. • A second new application class has been added to RFC 4594, Broadcast video. This addition allows for a service differentiation between elastic and inelastic streaming media applications. Multimedia Streaming uses the AF3 class and is subject to markdown (and potential dropping) policies, while Broadcast Video uses the CS3 class and is subject neither to markdown nor dropping policies. The most significant of the differences between Cisco’s QoS Baseline and RFC 4594 is the RFC 4594 recommendation to mark Call Signaling to CS5. Cisco has completed a lengthy and expensive marking migration for Call Signaling from AF31 to CS3 (as per the original QoS Baseline of 2002) and, as such, there are no plans to embark on another marking migration in the near future. It is important to remember that RFC 4594 is an informational RFC (in other words, an industry best-practice) and not a standard. Therefore, lacking a compelling business case at the time of writing, Cisco plans to continue marking Call Signaling as CS3 until future business requirements arise that necessitate another marking migration. Therefore, for the remainder of this document, RFC 4594 marking values are used throughout, with the one exception of swapping Call-Signaling marking (to CS3) and Broadcast Video (to CS5). These marking values are summarized in Figure 4-9. Figure 4-9 Cisco-Modified RFC 4594-based Marking Values (Call-Signaling is Swapped with Broadcast Video) Call Signaling Multimedia Streaming Multimedia Conferencing Broadcast Video Application L3 Classification IETF 34 Real-Time Interactive OAM 16 High-Troughput Data 10 Best Effort 0 VoIP Telephony 46 DSCP Network Control 48 26 40 32 24 Low-Latency Data 18 AF41 CS2 AF11 DF EF PHB CS6 AF31 CS5 CS4 CS3 AF21 RFC 2597 RFC 2474 RFC 2597 RFC 2474 221258 Low-Priority Data CS1 8 RFC 3662 RFC 3246 RFC RFC 2474 RFC 2597 RFC 2474 RFC 2474 RFC 2474 RFC 25974-16 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset A final note regarding standards and RFCs is that there are other RFCs relating to DiffServ design that are currently in draft status (as of the time of writing). One such example is RFC 5127, “Aggregation of Diffserv Service Classes.” As such drafts are finalized, these will correspondingly impact respective areas of QoS design. Having reviewed various relevant industry guidance and best practices relating to QoS evolution, a final driver—namely advances in QoS technologies—is briefly introduced. New Platforms and Technologies As network hardware and software technologies evolve, so do their QoS capabilities and features. New switches and linecards boast advanced classification engines or queuing structures, new routers support sophisticated QoS tools that scale with greater efficiency, and new IOS software features present entirely new QoS options to solve complex scenarios. Therefore, a third set of drivers behind QoS design evolution are the advances in QoS technologies, which are discussed in detail in their respective Place-in-the-Network (PIN) QoS design chapters. As can be noted from the discussion to this point, all of the drivers behind QoS design evolution are in a constant state of evolution themselves—business drivers will continue to expand and change, as will relevant industry standards and guidance, and so too will platforms and technologies. Therefore, while the strategic and detailed design recommendations presented in this document are as forward-looking as possible, these will no doubt continue to evolve over time. Before discussing current strategic QoS design recommendations, it may be beneficial to set a base context by first overviewing Cisco’s QoS toolset. Cisco QoS Toolset This section describes the main categories of the Cisco QoS toolset and includes these topics: • Admission control tools • Classification and marking tools • Policing and markdown tools • Scheduling tools • Link-efficiency tools • Hierarchical QoS • AutoQoS • QoS management Classification and Marking Tools Classification tools serve to identify traffic flows so that specific QoS actions may be applied to the desired flows. Often the terms classification and marking are used interchangeably (yet incorrectly so); therefore, it is important to understand the distinction between classification and marking operations: • Classification refers to the inspection of one or more fields in a packet (the term packet is being used loosely here, to include all Layer 2 to Layer 7 fields, not just Layer 3 fields) to identify the type of traffic that the packet is carrying. Once identified, the traffic is directed to the applicable 4-17 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset policy-enforcement mechanism for that traffic type, where it receives predefined treatment (either preferential or deferential). Such treatment can include marking/remarking, queuing, policing, shaping, or any combination of these (and other) actions. • Marking, on the other hand, refers to changing a field within the packet to preserve the classification decision that was reached. Once a packet has been marked, a “trust-boundary” is established on which other QoS tools later depend. Marking is only necessary at the trust boundaries of the network and (as with all other QoS policy actions) cannot be performed without classification. By marking traffic at the trust boundary edge, subsequent nodes do not have to perform the same in-depth classification and analysis to determine how to treat the packet. Cisco IOS software performs classification based on the logic defined within the class map structure within the Modular QoS Command Line Interface (MQC) syntax. MQC class maps can perform classification based on the following types of parameters: • Layer 1 parameters—Physical interface, sub-interface, PVC, or port • Layer 2 parameters—MAC address, 802.1Q/p Class of Service (CoS) bits, MPLS Experimental (EXP) bits • Layer 3 parameters—Differentiated Services Code Points (DSCP), IP Precedence (IPP), IP Explicit Congestion Notification (IP ECN), source/destination IP address • Layer 4 parameters—TCP or UDP ports • Layer 7 parameters—Application signatures and URLs in packet headers or payload via Network Based Application Recognition (NBAR) NBAR is the most sophisticated classifier in the IOS tool suite. NBAR can recognize packets on a complex combination of fields and attributes. NBAR deep-packet classification engine examines the data payload of stateless protocols and identifies application-layer protocols by matching them against a Protocol Description Language Module (PDLM), which is essentially an application signature. NBAR is dependent on Cisco Express Forwarding (CEF) and performs deep-packet classification only on the first packet of a flow. The rest of the packets belonging to the flow are then CEF-switched. However, it is important to recognize that NBAR is merely a classifier, nothing more. NBAR can identify flows by performing deep-packet inspection, but it is up to the MQC policy-map to define what action should be taken on these NBAR-identified flows. Marking tools change fields within the packet, either at Layer 2 or at Layer 3, such that in-depth classification does not have to be performed at each network QoS decision point. The primary tool within MQC for marking is Class-Based Marking (though policers-sometimes called markers-may also be used, as is discussed shortly). Class-Based Marking can be used to set the CoS fields within an 802.1Q/p tag (as shown in Figure 4-10), the Experimental bits within a MPLS label (as shown in Figure 4-11), the Differentiated Services Code Points (DSCPs) within an IPv4 or IPv6 header (as shown in Figure 4-12), the IP ECN Bits (also shown in Figure 4-12), as well as other packet fields. Class-Based Marking, like NBAR, is CEF-dependant.4-18 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset Figure 4-10 Figure 1-10 802.1Q/p CoS Bits Figure 4-11 Figure 1-11 MPLS EXP Bits Figure 4-12 Figure 1-12 IP ToS Bits: DSCP and IP ECN PRI CFI VLAN ID 226606 Preamble 802.1Q Tag 4 bytes SFD SA Type PT FCS DA Three Bits for User Priority (802.1p CoS) Data 226607 Label/Tag CoS Label/Tag: 20 bits Time to Live (TTL): 8 bits MPLS Experimental (CoS): 3 bits Bottom of stack indicator (S): 1 bit TTL 3 2 1 0 MPLS EXP S 226608 Version Length ToS Byte Len ID Offset TTL Proto Data 7 IPv4 Packet Congestion Experienced (CE) Bit 0 = No Congestion Experienced 1 = Congestion Experienced ECN-Capable Transport (ECN) Bit 0 = Non ECN-Capable Transport 1 = ECN-Capable Transport FCS IP-SA IP-DA 6 5 4 3 2 1 0 DiffServ Code Points (DSCP) ECT CE RFC 2474 DiffServ Bits RFC 3168 IP ECN Bits4-19 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset Policing and Markdown Tools Policers are used to monitor traffic flows and to identify and respond to traffic violations. Policers achieve these objectives by performing ongoing, instantaneous checks for traffic violations and taking immediate prescribed actions when such violations occur. For example, a policer can determine if the offered load is in excess of the defined traffic rate and then drop the out-of-contract traffic, as illustrated in Figure 4-13. Figure 4-13 A Policing Action Alternatively, policers may be used to remark excess traffic instead of dropping it. In such a role, the policer is called a marker. Figure 4-14 illustrates a policer functioning as a marker. Figure 4-14 A Policer as a Marker The rate at which the policer is configured to either drop or remark traffic is called the Committed Information Rate (CIR). However, policers may police to multiple rates, such as the dual rate policer defined in RFC 2698. With such a policer, the CIR is the principle rate to which traffic is policed, but an upper limit, called the Peak Information Rate (PIR), is also set. The action of a dual-rate policer is analogous to a traffic light, with three conditional states—green light, yellow light, and red light. Traffic equal to or below the CIR (a green light condition) is considered to conform to the rate. An allowance for moderate amounts of traffic above this principal rate is permitted (a yellow light condition) and such traffic is considered to exceed the rate. However, a clearly-defined upper-limit of tolerance (the PIR) is also set (a red light condition), beyond which traffic is considered to violate the rate. As such, a dual-rate RFC 2698 policer performs the traffic conditioning for RFC 2597 Assured Forwarding PHBs, as previously discussed. The actions of such a dual-rate policer (functioning as a three-color marker) are illustrated in Figure 4-15. Policing Offered Traffic Time Time Offered Traffic Policing Rate Excess traffic is dropped 226609 Policing Offered Traffic Time Time Offered Traffic Policing Rate Excess traffic is remarked, but transmitted 2266104-20 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset Figure 4-15 A Dual-Rate Policer as a Three-Color Marker Shaping Tools Shapers operate in a manner similar to policers, in that they meter traffic rates. However, the principle difference between a policer and a shaper is that where a policer remarks or drops traffic as a policy action, a shaper merely delays traffic. Figure 4-16 illustrates generic traffic shaping. Figure 4-16 Traffic Shaping Shapers are particularly useful when traffic must conform to a specific rate of traffic in order to meet a service level agreement (SLA) or to guarantee that traffic offered to a service provider is within a contracted rate. Traditionally, shapers have been associated with Non-Broadcast Multiple-Access (NBMA) Layer 2 WAN topologies, like ATM and Frame-Relay, where potential speed-mismatches exist. However, shapers are becoming increasingly necessary on Layer 3 WAN access circuits, such as Ethernet-based handoffs, in order to conform to sub-line access-rates. Offered Traffic Time Time Offered Traffic 226611 Y Y A RFC 2698 “Two Rate Three Color Marker” can: • mark conforming traffic to one value (such as AF31) • remark exceeding traffic to another value (such as AF32) • remark violating traffic to yet another value (such as AF33) CIR PIR PIR CIR Exceeding Traffic (>CIR < PIR) Conforming Traffic (< CIR) Violating Traffic (> PIR) Y 226612 Line Rate CIR Traffic shaping limits the transmit rate of traffic to a value (CIR) lower than the interface’s line rate by temporarily buffering packets exceeding the CIR without Traffic Shaping with Traffic Shaping4-21 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset Queuing and Dropping Tools Normally, over uncongested interfaces, packets are transmitted in order on a First-In-First-Out (FIFO) basis. However, if packets arrive at an interface faster than they can be transmitted out the interface, then excess packets may be buffered. When packets are buffered, they may be reordered prior to transmission according to administratively-defined algorithms, which are generally referred to as queuing policies. It is important to recognize that queuing policies are engaged only when the interface is experiencing congestion and are deactivated shortly after the interface congestion clears. Queuing may be performed in software or in hardware. Within Cisco IOS Software there are two main queuing algorithms available, Class-Based Weighted-Fair Queuing (CBWFQ) and Low-Latency Queuing (LLQ). Within Cisco Catalyst hardware, queuing algorithms fall under a 1PxQyT model, which are overviewed in the following sections. CBWFQ Regardless of what queuing policy is applied to an interface within Cisco IOS, there is always an underlying queuing mechanism in place called the Tx-Ring, which is a final (FIFO) output buffer. The Tx-Ring serves the purpose of always having packets ready to be placed onto the wire so that link utilization can be driven to 100%. The Tx-Ring also serves to indicate congestion to the IOS software; specifically, when the Tx-Ring fills to capacity, then the interface is known to be congested and a signal is sent to engage any LLQ/CBWFQ policies that have been configured on the interface. Class-Based Weighted-Fair Queuing (CBWFQ) is a queuing algorithm that combines the ability to guarantee bandwidth with the ability to dynamically ensure fairness to other flows within a class of traffic. Each queue is serviced in a weighted-round-robin (WRR) fashion based on the bandwidth assigned to each class. The operation of CBWFQ is illustrated in Figure 4-17. Figure 4-17 CBWFQ Operation In Figure 4-17, a router interface has been configured with a 4-class CBWFQ policy, with an explicit CBWFQ defined for Network Control, Transactional Data, and Bulk Data respectively, as well as the default CBWFQ queue, which has a Fair-Queuing (FQ) pre-sorter assigned to it. Note CBWFQ is a bit of a misnomer because the pre-sorter that may be applied to certain CBWFQs, such as class-default, is not actually a Weighted-Fair Queuing (WFQ) pre-sorter, but rather a Fair-Queuing (FQ) pre-sorter. As such, it ignores any IP Precedence values when calculating bandwidth allocations traffic flows. To be more technically precise, this queuing algorithm would be more accurately named Class-Based Fair-Queuing or CBFQ. 226613 CBWFQ Mechanisms Packets In Packets Out Call-Signaling CBWFQ Transactional CBWFQ Bulk Data CBWFQ Default Queue CBWFQ Scheduler FQ TX Ring4-22 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset LLQ Low-Latency Queuing (LLQ) is essentially CBWFQ combined with a strict priority queue. In fact, the original name for the LLQ scheduling algorithm was PQ-CBWFQ. While this name was technically more descriptive, it was obviously clumsy from a marketing perspective and hence the algorithm was renamed LLQ. LLQ operation is illustrated in Figure 4-18. Figure 4-18 LLQ/CBWFQ Operation In Figure 4-18, a router interface has been configured with a 5-class LLQ/CBWFQ policy, with voice assigned to a 100 kbps LLQ, three explicit CBWFQs are defined for Call-Signaling, Transactional Data, and Bulk Data respectively, as well as a default queue that has a Fair-Queuing pre-sorter assigned to it. However, an underlying mechanism that doesn’t appear within the IOS configuration, but is shown in Figure 4-18, is an implicit policer attached to the LLQ. The threat posed by any strict priority-scheduling algorithm is that it could completely starve lower priority traffic. To prevent this, the LLQ mechanism has a built-in policer. This policer (like the queuing algorithm itself) engages only when the LLQ-enabled interface is experiencing congestion. Therefore, it is important to provision the priority classes properly. In this example, if more than 100 kbps of voice traffic was offered to the interface, and the interface was congested, the excess voice traffic would be discarded by the implicit policer. However, traffic that is admitted by the policer gains access to the strict priority queue and is handed off to the Tx-Ring ahead of all other CBWFQ traffic. Not only does the implicit policer for the LLQ protect CBWFQs from bandwidth-starvation, but it also allows for sharing of the LLQ. TDM of the LLQ allows for the configuration and servicing of multiple LLQs, while abstracting the fact that there is only a single LLQ “under-the-hood,” so to speak. For example, if both voice and video applications required realtime service, these could be provisioned to two separate LLQs, which would not only protect voice and video from data, but also protect voice and video from interfering with each other, as illustrated in Figure 4-19. 223243 LLQ/CBWFQ Mechanisms Packets In Packets Out Call-Signaling CBWFQ Transactional CBWFQ Bulk Data CBWFQ Default Queue CBWFQ Scheduler FQ TX Ring 100 kbps PQ 100 kbps VoIP Policer4-23 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset Figure 4-19 Dual-LLQ/CBWFQ Operation In Figure 4-19, a router interface has been configured with a 6-class LLQ/CBWFQ policy, with voice assigned to a 100 kbps LLQ, video assigned to a “second” 400 kbps LLQ, three explicit CBWFQs are defined for Call-Signaling, Transactional Data, and Bulk Data respectively, as well as a default queue that has a Fair-Queuing pre-sorter assigned to it. Within such a dual-LLQ policy, two separate implicit policers have been provisioned, one each for the voice class (to 100 kbps) and another for the video class (to 400 kbps), yet there remains only a single strict-priority queue, which is provisioned to the sum of all LLQ classes, in this case to 500 kbps (100 kbps + 400 kbps). Traffic offered to either LLQ class is serviced on a first-come, first-serve basis until the implicit policer for each specific class has been invoked. For example, if the video class attempts to burst beyond its 400 kbps rate then it is dropped. In this manner, both voice and video are serviced with strict-priority, but do not starve data flows, nor do they interfere with each other. 1PxQyT In order to scale QoS functionality to campus speeds (like GigabitEthernet or Ten GigabitEthernet), Catalyst switches must perform QoS operations within hardware. For the most part, classification, marking, and policing policies (and syntax) are consistent in both Cisco IOS Software and Catalyst hardware; however, queuing (and dropping) policies are significantly different when implemented in hardware. Hardware queuing across Catalyst switches is implemented in a model that can be expressed as 1PxQyT, where: • 1P represents the support of a strict-priority hardware queue (which is usually disabled by default). • xQ represents x number of non-priority hardware queues (including the default, Best-Effort queue). • yT represents y number of drop-thresholds per non-priority hardware queue. For example, consider a Catalyst 6500 48-port 10/100/1000 RJ-45 Module, the WS-X6748-GE-TX, which has a 1P3Q8T egress queuing structure, meaning that it has: • One strict priority hardware queue • Three additional non-priority hardware queues, each with: – Eight configurable Weighted Random Early Detect (WRED) drop thresholds per queue Traffic assigned to the strict-priority hardware queue is treated with an Expedited Forwarding Per-Hop Behavior (EF PHB). That being said, it bears noting that on some platforms there is no explicit limit on the amount of traffic that may be assigned to the PQ and as such, the potential to starve non-priority 226657 LLQ/CBWFQ Mechanisms Packets In Packets Out Call-Signaling CBWFQ Transactional CBWFQ Bulk Data CBWFQ Default Queue CBWFQ Scheduler FQ TX Ring 500 kbps PQ 400 kbps Video Policer 100 kbps VoIP Policer4-24 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset queues exists. However, this potential for starvation may be effectively addressed by explicitly configuring input policers that limit—on a per-port basis—the amount of traffic that may be assigned to the priority queue (PQ). Incidentally, this is the recommended approach defined in RFC 3246 (Section 3). Traffic assigned to a non-priority queue is provided with bandwidth guarantees, subject to the PQ being either fully-serviced or bounded with input policers. WRED Selective dropping of packets when the queues are filling is referred to as congestion avoidance. Congestion avoidance mechanisms work best with TCP-based applications because selective dropping of packets causes the TCP windowing mechanisms to “throttle-back” and adjust the rate of flows to manageable rates. Congestion avoidance mechanisms are complementary to queueing algorithms; queueing algorithms manage the front of a queue, while congestion avoidance mechanisms manage the tail of the queue. Congestion avoidance mechanisms thus indirectly affect scheduling. The principle congestion avoidance mechanism is WRED, which randomly drops packets as queues fill to capacity. However, the randomness of this selection can be skewed by traffic weights. The weight can either be IP Precedence values, as is the case with default WRED which drops lower IPP values more aggressively (for example, IPP 1 would be dropped more aggressively than IPP 6) or the weights can be AF Drop Precedence values, as is the case with DSCP-Based WRED which drops higher AF Drop Precedence values more aggressively (for example, AF23 is dropped more aggressively than AF22, which in turn is dropped more aggressively than AF21). WRED can also be used to set the IP ECN bits to indicate that congestion was experienced in transit. The operation of DSCP-based WRED is illustrated in Figure 4-20. Figure 4-20 DSCP-Based WRED Example Operation Link Efficiency Tools Link Efficiency Tools are typically relevant only on link speeds = 768 kbps, and come in two main types: 0 100% Begin dropping AF23 Packets Drop all AF22 Packets Drop all AF21 Packets Drop all AF23 Packets Begin dropping AF22 Packets Begin dropping AF21 Packets Max queue length Queue Depth (tail drop everything) Drop Probability … 2266144-25 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset • Link Fragmentation and Interleaving (LFI) tools—With slow-speed WAN circuits, large data packets take an excessively long time to be placed onto the wire. This delay, called serialization delay, can easily cause a VoIP packet to exceed its delay and/or jitter threshold. There are two LFI tools to mitigate serialization delay on slow speed (= 768 kbps) links, Multilink PPP Link Fragmentation and Interleaving (MLP LFI) and Frame Relay Fragmentation (FRF.12). • Compression tools—Compression techniques, such as compressed Real-Time Protocol (cRTP), minimize bandwidth requirements and are highly useful on slow links. At 40 bytes total, the header portion of a VoIP packet is relatively large and can account for up to two-thirds or the entire VoIP packet (as in the case of G.729 VoIP). To avoid the unnecessary consumption of available bandwidth, cRTP can be used on a link-by-link basis. cRTP compresses IP/UDP/RTP headers from 40 bytes to between two and five bytes (which results in a bandwidth savings of approximately 66% for G.729 VoIP). However, cRTP is computationally intensive, and therefore returns the best bandwidth-savings value vs. CPU-load on slow speed (= 768 kbps) links. This document is intended to address network designs for today’s media networks and, as such, link speeds that are = 768 kbps are unsuitable in such a context. Therefore, little or no mention is given to link efficiency tools. For networks that still operate at or below 768 kbps, refer to design recommendations within the Enterprise QoS SRND version 3.3 at http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND-Bo ok.html Hierarchical QoS Cisco IOS MQC-based tools may be combined in a hierarchical fashion, meaning QoS policies may contain other “nested” QoS policies within them. Such policy combinations are commonly referred to as Hierarchal QoS policies or HQoS policies. Consider a couple of examples where HQoS policies may be useful. In the first case, there may be scenarios where some applications require policing at multiple levels. Specifically, it might be desirable to limit all TCP traffic to 5 Mbps while, at the same time, limiting FTP traffic (which is a subset of TCP traffic) to no more than 1.5 Mbps. To achieve this nested policing requirement, Hierarchical Policing can be used. The policer at the second level in the hierarchy acts on packets transmitted or marked by the policer at the first level, as illustrated in Figure 4-21. Therefore, any packets dropped by the first level are not seen by the second level. Up to three nested levels are supported by the Cisco IOS Hierarchical Policing feature. Figure 4-21 Hierarchical Policing Policy Example TCP < 5 Mbps? FTP < 1.5 Mbps? Packet offered to HQoS Policer YES YES Packets transmitted out of interface NO Packet dropped NO Packet dropped Only packets transmitted by the upper-level (TCP) policer are seen by the nested lower-level (FTP) policer 2266154-26 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset Additionally, it is often useful to combine shaping and queuing policies in a hierarchical manner, particularly over sub-line rate access scenarios. As previously discussed, queuing policies only engage when the physical interface is congested (as is indicated to IOS software by a full Tx-Ring). This means that queuing policies never engage on media that has a contracted sub-line rate of access, whether this media is Frame Relay, ATM, or Ethernet. In such a scenario, queuing can only be achieved at a sub-line rate by introducing a two-part HQoS policy wherein: • Traffic is shaped to the sub-line rate. • Traffic is queued according to the LLQ/CBWFQ policies within the sub-line rate. With such an HQoS policy, it is not the Tx-Ring that signals IOS software to engage LLQ/CBWFQ policies, but rather it is the Class-Based Shaper that triggers software queuing when the shaped rate has been reached. Consider a practical example in which a service provider offers an enterprise subscriber a GigabitEthernet handoff, but with a (sub-line rate) contract for only 60 Mbps, over which he wants to deploy IP Telephony and TelePresence, as well as applications. Normally, queuing policies only engage on this GE interface when the offered traffic rate exceeds 1000 Mbps. However, the enterprise administrator wants to ensure that traffic within the 60 Mbps contracted rate is properly prioritized prior to the handoff so that both VoIP and TelePresence are given the highest levels of service. Therefore, the administrator configures an HQoS policy, such that the software shapes all traffic to the contracted 60 Mbps rate and attaches a nested LLQ/CBWFQ queuing policy within the shaping policy, such that traffic is properly prioritized within this 60 Mbps sub-line rate. Figure 4-22 illustrates the underlying mechanisms for this HQoS policy. Figure 4-22 Hierarchical Shaping and Queuing Policy Example AutoQoS The richness of the Cisco QoS toolset inevitably increases its deployment complexity. To address customer demand for simplification of QoS deployment, Cisco has developed the Automatic QoS (AutoQoS) features. AutoQoS is an intelligent macro that allows an administrator to enter one or two simple AutoQoS commands to enable all the appropriate features for the recommended QoS settings for an application on a specific interface. 20 Mbps PQ 5 Mbps VoIP Policer 15 Mbps TelePresence Policer 226616 LLQ/CBWFQ Mechanisms Class-Based Shaping Mechanism Packets In Packets Out GE Interface Call-Signaling CBWFQ Transactional CBWFQ Bulk Data CBWFQ Default Queue CBWFQ Scheduler Class-Based Shaper FQ TX Ring4-27 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset AutoQoS VoIP, the first release of AutoQoS, provides best-practice QoS designs for VoIP on Cisco Catalyst switches and Cisco IOS routers. By entering one global and/or one interface command (depending on the platform), the AutoQoS VoIP macro expands these commands into the recommended VoIP QoS configurations (complete with all the calculated parameters and settings) for the platform and interface on which the AutoQoS is being applied. In the second release, AutoQoS Enterprise, this feature consists of two configuration phases, completed in the following order: • Auto Discovery (data collection)—Uses NBAR-based protocol discovery to detect the applications on the network and performs statistical analysis on the network traffic. • AutoQoS template generation and installation—Generates templates from the data collected during the Auto Discovery phase and installs the templates on the interface. These templates are then used as the basis for creating the class maps and policy maps for the network interface. After the class maps and policy maps are created, they are then installed on the interface. Some may naturally then ask, Why should I read this lengthy and complex QoS design document when I have AutoQoS? It is true that AutoQoS-VoIP is an excellent tool for customers with the objective of enabling QoS for VoIP (only) on their campus and WAN infrastructures. It is also true that AutoQoS-Enterprise is a fine tool for enabling basic branch-router WAN-Edge QoS for voice, video, and multiple classes of data. And as such, customers that have such basic QoS needs and/or do not have the time or desire to do more with QoS, AutoQoS is definitely the way to go. However, it is important to remember where AutoQoS came from. AutoQoS tools are the result of Cisco QoS feature development coupled with Cisco QoS design guides based on large-scale lab-testing. AutoQoS VoIP is the product of the first QoS design guide (published in 1999). AutoQoS Enterprise is based on the second QoS design guide (published in 2002) and the AutoQoS feature has not been updated since. Therefore, if the business requirements for QoS are quite basic, then—as mentioned—AutoQoS would be an excellent tool to expedite the QoS deployment. If, on the other hand, there are more advanced requirements of QoS—such as those presented in this document—then the configurations presented herein would be recommended over AutoQoS. QoS Management Cisco offers a variety of applications to manage quality of service, including • Cisco QoS Policy Manager (QPM)—QPM supports centralized management of network QoS by providing comprehensive QoS provisioning and monitoring capabilities to deploy, tune, monitor, and optimize the performance characteristics of the network. QPM leverages intelligent network services such as NBAR and other QoS features to identify and monitor networked applications and control their behavior throughout the network. • Cisco Bandwidth Quality Manager (BQM)—BQM provides end-to-end network service quality monitoring with unique visibility and analysis of traffic, bandwidth, and service quality on IP access networks. BQM can be used to monitor, troubleshoot, and assure end-to-end network performance objectives for converged application traffic. BQM provides micro-level visibility into the network and the network service quality events compromising user experience. • Cisco Network Analysis Modules (NAM)—Available as Cisco router network modules or as Cisco Catalyst 6500 linecard modules, NAMs can perform extensive voice quality monitoring, intelligent application performance analytics, QoS analysis, and advanced troubleshooting. Such tools can enable administrators to more efficiently baseline, deploy, monitor, and manage QoS policies over their network infrastructure.4-28 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Cisco QoS Toolset Admission Control Tools Interactive applications—particularly voice and video applications—often require realtime services from the network. As these resources are finite, they must be managed efficiently and effectively. If the number of flows contending for such priority resources were not limited, then as these resources become oversubscribed, the quality of all realtime flows would degrade—eventually to the point of unusability. Note Admission Control (AC) is sometimes also referred to as Call Admission Control (CAC); however, as applications evolve, not all applications requiring priority services are call-oriented, and as such AC is a more encompassing designation. Admission control functionality is most effectively controlled an application-level, such as is the case with Cisco Unified CallManager, which controls VoIP and IP video and/or TelePresence flows. As such, admission control design is not discussed in detail in this document, but will be deferred to application-specific design guides, such as the Cisco Unified Communications design guides and/or the Cisco TelePresence design guides at www.cisco.com/go/designzone. As discussed previously, media applications are taxing networks as never before. To that end, current admission control tools are not sufficient to make the complex decisions that many collaborative media applications require. Thus, admission control continues to be an field for extended research and development in the coming years, with the goal of developing multi-level admission control solutions, as described below: • The first level of admission control is simply to enable mechanisms to protect voice-from-voice and/or video-from-video on a first-come, first-serve basis. This functionality provides a foundation on which higher-level policy-based decisions can be built. • The second level of admission control factors in dynamic network topology and bandwidth information into a real-time decision of whether or not a media stream should be admitted. These decisions could be made by leveraging intelligent network protocols, such as Resource Reservation Protocol (RSVP). • The third level of admission control introduces the ability to preempt existing flows in favor of “higher-priority” flows. • The fourth level of admission control contains policy elements and weights to determine what exactly constitutes a “higher-priority” flow, as defined by the administrative preferences of an organization. Such policy information elements may include—but are not limited to—the following: – Scheduled versus ad hoc—Media flows that have been scheduled in advance would likely be granted priority over flows that have been attempted ad hoc. – Users and groups—Certain users or user groups may be granted priority for media flows. – Number of participants—Multipoint media calls with larger number of participants may be granted priority over calls with fewer participants. – External versus internal participants—Media sessions involving external participants, such as customers, may be granted priority over sessions comprised solely of internal participants. – Business critical factor—Additional subjective elements may be associated with media streams, such as a business critical factor. For instance, a live company meeting would likely be given a higher business critical factor than a live training session. Similarly, a media call to close a sale or to retain a customer may be granted priority over regular, ongoing calls.4-29 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Note It should be emphasized this is not an exhaustive list of policy information elements that could be used for admission control, but rather is merely a sample list of possible policy information elements. Additionally, each of these policy information elements could be assigned administratively-defined weights to yield an overall composite metric to calculate and represent the final admit/deny admission control decision for the stream. • The fifth level of admission control provides graceful conflict resolution, such that—should preemption of a media flow be required—existing flow users are given a brief message indicating that their flow is about to be preempted (preferably including a brief reason as to why) and a few seconds to make alternate arrangements (as necessary). A five-level admission control model, deployed over a DiffServ-enabled infrastructure is illustrated in Figure 4-23. Figure 4-23 Five-Level Admission Control Model Deployed Over a DiffServ Infrastructure Thus, having laid a foundational context by reviewing QoS technologies, let us turn our attention to Cisco’s strategic QoS recommendations for enterprise medianets. Enterprise Medianet Strategic QoS Recommendations As media applications increase on the IP network, QoS will play a progressively vital role to ensure the required service level guarantees to each set of media applications, all without causing interference to each other. Therefore, the QoS strategies must be consistent at each PIN, including the campus, data center, branch WAN/MAN/VPN, and branch. Also, integration will play a key role in two ways. First, media streams and endpoints will be increasingly leveraged by multiple applications. For example, desktop video endpoints may be leveraged for desktop video conferencing, Web conferencing, and for viewing stored streaming video for training and executive communications. Technical Business DiffServ Infrastructure Admission Control Network Intelligence Policy Intelligence Policy Information Elements Graceful Conflict Resolution Business and User Expectations 2250814-30 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Additionally, many media applications will require common sets of functions, such as transcoding, recording, and content management. To avoid duplication of resources and higher implementation costs, common media services need to be integrated into the IP network so they can be leveraged by multiple media applications. Furthermore, because of the effectiveness of multimedia communication and collaboration, the security of media endpoints and communication streams becomes an important part of the media-ready strategy. Access controls for endpoints and users, encryption of streams, and securing content files stored in the data center are all part of a required comprehensive media application security strategy. Finally, as the level of corporate intellectual property migrates into stored and interactive media, it is critical to have a strategy to manage the media content, setting and enforcing clear policies, and having the ability to protect intellectual property in secure and managed systems. Just as companies have policies and processes for handling intellectual property in document form, they also must develop and update these policies and procedures for intellectual property in media formats. Therefore, to meet all these media application requirements, Cisco recommends—not to reengineer networks to support each wave of applications—but rather to utilize an architectural approach, namely a medianet architecture. Enterprise Medianet Architecture A medianet is built upon an architecture that supports the different models of media applications and optimizes their delivery, such as those shown in the architectural framework in Figure 4-24. Figure 4-24 Enterprise Medianet Architectural Framework Clients Medianet Services Media Content Media I/O User Interface Codec Identity Services Mobility Services Confidentiality Media Endpoint Access Services Location/Context Packet Delivery Session Admission Quality of Service Transport Services Optimization Conferencing Recording Transcoding Bridging Services Capture/Storage Distribution Content Mgmt Storage Services Call Agent(s) Session/Border Controllers Gateways Session Control Services QoS-enabled, High Availability Network Design Branch Campus Data Center MAN/WAN, Metro Ethernet, SONET, DWDM/CWDM IP 2266174-31 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations An enterprise medianet framework starts with and end-to-end QoS-enabled network infrastructure designed and built to achieve high availability, including the data center, campus, WAN, and branch office networks. The network provides a set of services to video applications, including: • Access services—Provide access control and identity of video clients, as well as mobility and location services. • Transport services—Provide packet delivery, ensuring the service levels with QoS and delivery optimization. • Bridging services—Transcoding, conferencing, and recording services. • Storage services—Content capture, storage, retrieval, distribution, and management services. • Session control services—Signaling and control to setup and tear-down sessions, as well as gateways. When these media services are made available within the network infrastructure, endpoints can be multi-purpose and rely upon these common media services to join and leave sessions for multiple media applications. Common functions such as transcoding and conferencing different media codecs within the same session can be deployed and leveraged by multiple applications, instead of being duplicated for each new media application. With this architectural framework in mind, let us take a closer look at the strategic QoS recommendations for a medianet. Enterprise Medianet QoS Application Class Recommendations As mentioned previously, Cisco has slightly modified its implementation of (informational) RFC 4594 (as shown in Figure 4-9). With Admission Control recommendations added to this model, these combined recommendations are summarized in Figure 4-25.4-32 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Figure 4-25 Enterprise Medianet QoS Recommendations The 12 classes of applications within this enterprise medianet QoS model—which have unique service level requirements and thus require explicit QoS PHBs—are outlined as follows: • VoIP Telephony • Broadcast Video • Realtime Interactive • Multimedia Conferencing • Network Control • Signaling • Operations, Administration, and Management (OAM) • Transactional Data and Low-Latency Data • Bulk Data and High-Throughput Data • Best Effort • Scavenger and Low-Priority Data VoIP Telephony This service class is intended for VoIP telephony (bearer-only) traffic (VoIP signaling traffic is assigned to the Call Signaling class). Traffic assigned to this class should be marked EF (DSCP 46) and should be admission controlled. This class is provisioned with an Expedited Forwarding Per-Hop Behavior. The EF PHB-defined in RFC 3246-is a strict-priority queuing service and as such, admission to this class should be controlled. Example traffic includes G.711 and G.729a. 224550 Application Class Transactional Data AF2 Real-Time Interactive CS4 VoIP Telephony EF Ops/Admin/Mgmt (OAM) CS2 Bulk Data AF1 Scavenger CS1 Network Control CS6 Multimedia Streaming AF3 Best Effort DF Multimedia Conferencing AF4 Broadcast Video CS5 Signaling CS3 (Optional) PQ BW Queue + DSCP WRED BW Queue BW Queue BW Queue BW Queue + DSCP WRED (Optional) PQ Priority Queue (PQ) Queuing and Dropping Min BW Queue Required Required Required Required Recommended Admission Control Per-Hop Behavior BW Queue + DSCP WRED BW Queue + DSCP WRED Default Queue + RED Cisco TelePresence Cisco Digital Media System (VoDs) EIGRP, OSPF, BGP, HSRP, IKE SCCP, SIP, H.323 SNMP, SSH, Syslog Cisco Unified Personal Communicator Cisco IP Video Surveillance/Cisco Enterprise TV Cisco IP Phones (G.711, G.729) Media Application Examples YouTube, iTunes, BitTorrent, Xbox Live Cisco WebEx/MeetingPlace/ERP Apps E-mail, FTP, Backup Apps, Content Distribution Default Class4-33 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Broadcast Video This service class is intended for broadcast TV, live events, video surveillance flows, and similar “inelastic” streaming media flows (“inelastic” flows refer to flows that are highly drop sensitive and have no retransmission and/or flow-control capabilities). Traffic in this class should be marked Class Selector 5 (CS5/DSCP 40) and may be provisioned with an EF PHB; as such, admission to this class should be controlled (either by an explicit admission control mechanisms or by explicit bandwidth provisioning). Examples traffic includes live Cisco Digital Media System (DMS) streams to desktops or to Cisco Digital Media Players (DMPs), live Cisco Enterprise TV (ETV) streams, and Cisco IP Video Surveillance (IPVS). Realtime Interactive This service class is intended for inelastic high-definition interactive video applications and is intended primarily for audio and video components of these applications. Whenever technically possible and administratively feasible, data sub-components of this class can be separated out and assigned to the Transactional Data traffic class. Traffic in this class should be marked CS4 (DSCP 32) and may be provisioned with an EF PHB; as such, admission to this class should be controlled. An example application is Cisco TelePresence. Multimedia Conferencing This service class is intended for desktop software multimedia collaboration applications and is intended primarily for audio and video components of these applications. Whenever technically possible and administratively feasible, data sub-components of this class can be separated out and assigned to the Transactional Data traffic class. Traffic in this class should be marked Assured Forwarding Class 4 (AF41/DSCP 34) and should be provisioned with a guaranteed bandwidth queue with DSCP-based Weighted-Random Early Detect (DSCP-WRED) enabled. Admission to this class should be controlled; additionally, traffic in this class may be subject to policing and re-marking. Example applications include Cisco Unified Personal Communicator, Cisco Unified Video Advantage, and the Cisco Unified IP Phone 7985G. Network Control This service class is intended for network control plane traffic, which is required for reliable operation of the enterprise network. Traffic in this class should be marked CS6 (DSCP 48) and provisioned with a (moderate, but dedicated) guaranteed bandwidth queue. WRED should not be enabled on this class, as network control traffic should not be dropped (if this class is experiencing drops, then the bandwidth allocated to it should be re-provisioned). Example traffic includes EIGRP, OSPF, BGP, HSRP, IKE, etc. Signaling This service class is intended for signaling traffic that supports IP voice and video telephony; essentially, this traffic is control plane traffic for the voice and video telephony infrastructure. Traffic in this class should be marked CS3 (DSCP 24) and provisioned with a (moderate, but dedicated) guaranteed bandwidth queue. WRED should not be enabled on this class, as signaling traffic should not be dropped (if this class is experiencing drops, then the bandwidth allocated to it should be re-provisioned). Example traffic includes SCCP, SIP, H.323, etc.4-34 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Operations, Administration, and Management (OAM) This service class is intended for—as the name implies—network operations, administration, and management traffic. This class is important to the ongoing maintenance and support of the network. Traffic in this class should be marked CS2 (DSCP 16) and provisioned with a (moderate, but dedicated) guaranteed bandwidth queue. WRED should not be enabled on this class, as OAM traffic should not be dropped (if this class is experiencing drops, then the bandwidth allocated to it should be re-provisioned). Example traffic includes SSH, SNMP, Syslog, etc. Transactional Data and Low-Latency Data This service class is intended for interactive, “foreground” data applications (“foreground” applications refer to applications from which users are expecting a response—via the network—in order to continue with their tasks. Excessive latency in response times of foreground applications directly impacts user productivity). Traffic in this class should be marked Assured Forwarding Class 2 (AF21 / DSCP 18) and should be provisioned with a dedicated bandwidth queue with DSCP-WRED enabled. This traffic class may be subject to policing and re-marking. Example applications include data components of multimedia collaboration applications, Enterprise Resource Planning (ERP) applications, Customer Relationship Management (CRM) applications, database applications, etc. Bulk Data and High-Throughput Data This service class is intended for non-interactive “background” data applications (“background” applications refer to applications from which users are not awaiting a response—via the network—in order to continue with their tasks. Excessive latency in response times of background applications does not directly impact user productivity. Furthermore, as most background applications are TCP-based file-transfers, these applications—if left unchecked—could consume excessive network resources away from more interactive, foreground applications). Traffic in this class should be marked Assured Forwarding Class 1 (AF11/DSCP 10) and should be provisioned with a moderate, but dedicated bandwidth queue with DSCP-WRED enabled. This traffic class may be subject to policing and re-marking. Example applications include E-mail, backup operations, FTP/SFTP transfers, video and content distribution, etc. Best Effort This service class is the default class. As only a relative minority of applications are assigned to priority, guaranteed-bandwidth, or even to deferential service classes, the vast majority of applications continue to default to this best effort service class; as such, this default class should be adequately provisioned (a minimum bandwidth recommendation, for this class is 25%). Traffic in this class is marked Default Forwarding (DF or DSCP 0) and should be provisioned with a dedicated queue. WRED is recommended to be enabled on this class. Although, since all the traffic in this class is marked to the same “weight” (of DSCP 0), the congestion avoidance mechanism is essentially Random Early Detect (RED). Scavenger and Low-Priority Data This service class is intended for non-business related traffic flows, such as data or media applications that are entertainment-oriented. The approach of a less-than best effort service class for non-business applications (as opposed to shutting these down entirely) has proven to be a popular, political compromise. These applications are permitted on enterprise networks, as long as resources are always available for business-critical media applications. However, as soon the network experiences congestion, this class is the first to be penalized and aggressively dropped. Furthermore, the scavenger class can be 4-35 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations utilized as part of an effective strategy for DoS and worm attack mitigation (discussed later in this chapter). Traffic in this class should be marked CS1 (DSCP 8) and should be provisioned with a minimal bandwidth queue that is the first to starve should network congestion occur. Example traffic includes YouTube, Xbox Live/360 Movies, iTunes, BitTorrent, etc. Media Application Class Expansion While there are merits to adopting a 12-class model, as outlined in the previous section, Cisco recognizes that not all enterprises are ready to do so, whether this be due to business reasons, technical constraints, or other reasons. Therefore, rather than considering these medianet QoS recommendations as an all-or-nothing approach, Cisco recommends considering a phased approach to media application class expansion, as illustrated in Figure 4-26. Figure 4-26 Media Application Class Expansion Utilizing such a phased approach to application class expansion, enterprise administrators can incrementally implement QoS policies across their infrastructures in a progressive manner, inline with their business needs and technical constraints. Familiarity with this enterprise medianet QoS model can assist in the smooth expansion of QoS policies to support additional media applications as future requirements arise. Nonetheless, at the time of QoS deployment, the enterprise needs to clearly define their business objectives with QoS, which correspondingly determines how many traffic classes will be required at each phase of deployment. Critical Data Realtime 4-Class Model Best Effort Time Signaling/Control Signaling Critical Data Interactive Video Voice 8-Class Model Scavenger Best Effort Streaming Video Network Control Network Management Realtime Interactive Transactional Data Multimedia Conferencing Voice 12-Class Model Bulk Data Scavenger Best Effort Multimedia Streaming Network Control Broadcast Video Signaling 2266184-36 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Cisco QoS Best Practices With an overall application PHB strategy in place, end-to-end QoS policies can be designed for each device and interface, as determined by their roles in the network infrastructure. These are detailed in the various PIN-specific QoS design chapters that follow. However, because the Cisco QoS toolset provides many QoS design and deployment options, a few succinct design principles can help simplify strategic QoS deployments. Hardware versus Software QoS A fundamental QoS design principle is to always enable QoS policies in hardware—rather than software—whenever a choice exists. Cisco IOS routers perform QoS in software, which places incremental loads on the CPU, depending on the complexity and functionality of the policy. Cisco Catalyst switches, on the other hand, perform QoS in dedicated hardware ASICS on Ethernet-based ports and as such do not tax their main CPUs to administer QoS policies. This allows complex policies to be applied at line rates at even Gigabit or Ten-Gigabit speeds. Classification and Marking Best Practices When classifying and marking traffic, a recommended design principle is to classify and mark applications as close to their sources as technically and administratively feasible. This principle promotes end-to-end Differentiated Services and PHBs. In general, it is not recommended to trust markings that can be set by users on their PCs or other similar devices, because users can easily abuse provisioned QoS policies if permitted to mark their own traffic. For example, if an EF PHB has been provisioned over the network, a PC user can easily configure all their traffic to be marked to EF, thus hijacking network priority queues to service non-realtime traffic. Such abuse could easily ruin the service quality of realtime applications throughout the enterprise. On the other hand, if enterprise controls are in place that centrally administer PC QoS markings, then it may be possible and advantageous to trust these. Following this rule, it is further recommended to use DSCP markings whenever possible, because these are end-to-end, more granular, and more extensible than Layer 2 markings. Layer 2 markings are lost when media changes (such as a LAN-to-WAN/VPN edge). There is also less marking granularity at Layer 2. For example, 802.1Q/p CoS supports only three bits (values 0-7), as does MPLS EXP. Therefore, only up to eight classes of traffic can be supported at Layer 2 and inter-class relative priority (such as RFC 2597 Assured Forwarding Drop Preference markdown) is not supported. On the other hand, Layer 3 DSCP markings allow for up to 64 classes of traffic, which is more than enough for most enterprise requirements for the foreseeable future. As the line between enterprises and service providers continues to blur and the need for interoperability and complementary QoS markings is critical, you should follow standards-based DSCP PHB markings to ensure interoperability and future expansion. Because the enterprise medianet marking recommendations are standards-based—as has been previously discussed—enterprises can easily adopt these markings to interface with service provider classes of service. Network mergers—whether the result of acquisitions, mergers, or strategic alliances—are also easier to manage when using standards-based DSCP markings. Policing and Markdown Best Practices There is little reason to forward unwanted traffic only to police and drop it at a subsequent node, especially when the unwanted traffic is the result of DoS or worm attacks. Furthermore, the overwhelming volume of traffic that such attacks can create can cause network outages by driving 4-37 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations network device processors to their maximum levels. Therefore, it is recommended to police traffic flows as close to their sources as possible. This principle applies also to legitimate flows, as worm-generated traffic can masquerade under legitimate, well-known TCP/UDP ports and cause extreme amounts of traffic to be poured onto the network infrastructure. Such excesses should be monitored at the source and marked down appropriately. Whenever supported, markdown should be done according to standards-based rules, such as RFC 2597 (AF PHB). For example, excess traffic marked to AFx1 should be marked down to AFx2 (or AFx3 whenever dual-rate policing—such as defined in RFC 2698—is supported). Following such markdowns, congestion management policies, such as DSCP-based WRED, should be configured to drop AFx3 more aggressively than AFx2, which in turn should be dropped more aggressively than AFx1. Queuing and Dropping Best Practices Critical media applications require service guarantees regardless of network conditions. The only way to provide service guarantees is to enable queuing at any node that has the potential for congestion, regardless of how rarely this may occur. This principle applies not only to campus-to-WAN/VPN edges, where speed mismatches are most pronounced, but also to campus interswitch links, where oversubscription ratios create the potential for congestion. There is simply no other way to guarantee service levels than by enabling queuing wherever a speed mismatch exists. Additionally, because each medianet application class has unique service level requirements, each should optimally be assigned a dedicated queue. However, on platforms bounded by a limited number of hardware or service provider queues, no fewer than four queues would be required to support medianet QoS policies, specifically: • Realtime queue (to support a RFC 3246 EF PHB service) • Guaranteed-bandwidth queue (to support RFC 2597 AF PHB services) • Default queue (to support a RFC 2474 DF service) • Bandwidth-constrained queue (to support a RFC 3662 Scavenger service) Additional queuing recommendations for these classes are discussed next. Strict-Priority Queuing Recommendations—The 33 Percent LLQ Rule The Realtime or Strict Priority class corresponds to the RFC 3246 EF PHB. The amount of bandwidth assigned to the realtime queuing class is variable. However, if the majority of bandwidth is provisioned with strict priority queuing (which is effectively a FIFO queue), then the overall effect is a dampening of QoS functionality, both for latency and jitter sensitive realtime applications (contending with each other within the FIFO priority queue) and also for non-realtime applications (as these may periodically receive wild bandwidth allocation fluctuations, depending on the instantaneous amount of traffic being serviced by the priority queue). Remember the goal of convergence is to enable voice, video, and data applications to transparently co-exist on a single IP network. When realtime applications dominate a link, then non-realtime applications fluctuate significantly in their response times, destroying the transparency of the converged network. For example, consider a (45 Mbps) DS3 link configured to support two TelePresence (CTS-3000) calls with an EF PHB service. Assuming that both systems are configured to support full high definition, each such call requires 15 Mbps of strict-priority queuing. Prior to TelePresence calls being placed, non-realtime applications have access to 100% of the bandwidth on the link (to simplify the example, assume there are no other realtime applications on this link). However, once these TelePresence calls are established, all non-realtime applications would suddenly be contending for less than 33% of the link. 4-38 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations TCP windowing would take effect and many applications hang, time-out, or become stuck in a non-responsive state, which usually translates into users calling the IT help desk complaining about the network (which happens to be functioning properly, albeit in a poorly-configured manner). To obviate such scenarios, Cisco Technical Marketing has done extensive testing and has found that a significant decrease in non-realtime application response times occurs when realtime traffic exceeds one-third of link bandwidth capacity. Extensive testing and customer deployments have shown that a general best queuing practice is to limit the amount of strict priority queuing to 33% of link bandwidth capacity. This strict priority queuing rule is a conservative and safe design ratio for merging realtime applications with data applications. Note As previously discussed, Cisco IOS software allows the abstraction (and thus configuration) of multiple strict priority LLQs. In such a multiple LLQ context, this design principle would apply to the sum of all LLQs to be within one-third of link capacity. It is vitally important to understand that this strict priority queuing rule is simply a best practice design recommendation and is not a mandate. There may be cases where specific business objectives cannot be met while holding to this recommendation. In such cases, enterprises must provision according to their detailed requirements and constraints. However, it is important to recognize the tradeoffs involved with over-provisioning strict priority traffic and its negative performance impact both on other realtime flows and also on non-realtime-application response times. And finally, any traffic assigned to a strict-priority queue should be governed by an admission control mechanism. Best Effort Queuing Recommendation The Best Effort class is the default class for all traffic that has not been explicitly assigned to another application-class queue. Only if an application has been selected for preferential/deferential treatment is it removed from the default class. Because most enterprises have several thousand applications running over their networks, adequate bandwidth must be provisioned for this class as a whole in order to handle the sheer number and volume of applications that default to it. Therefore, it is recommended to reserve at least 25 percent of link bandwidth for the default Best Effort class. Scavenger Class Queuing Recommendations Whenever Scavenger queuing class is enabled, it should be assigned a minimal amount of bandwidth, such as 1% (or whatever the minimal bandwidth allocation that the platform supports). On some platforms, queuing distinctions between Bulk Data and Scavenger traffic flows cannot be made, either because queuing assignments are determined by CoS values (and both of these application classes share the same CoS value of 1) or because only a limited amount of hardware queues exist, precluding the use of separate dedicated queues for each of these two classes. In such cases, the Scavenger/Bulk queue can be assigned moderate amount of bandwidth, such as 5%. These queuing rules are summarized in Figure 4-27, where the inner pie chart represents a hardware or service provider queuing model that is limited to four queues and the outer pie chart represents a corresponding, more granular queuing model that is not bound by such constraints.4-39 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Figure 4-27 Compatible 4-Class and 12-Class Medianet Queuing Models QoS for Security Best Practices While the primary objective of most QoS deployments is to provision preferential—and sometimes deferential—service to various application classes, QoS policies can also provide a additional layer of security to the network infrastructure, especially in the case of mitigating Denial-of-Service (DoS) and worm attacks. There are two main classes of DoS attacks: • Spoofing attacks—The attacker pretends to provide a legitimate service, but provides false information to the requester (if any). • Slamming attacks—The attacker exponentially generates and propagates traffic until service resources (servers and/or network infrastructure) are overwhelmed. 226619 Best Effort 25% VoIP Telephony 10% Broadcast Video 10% Realtime Interactive 13% Multimedia Conferencing 10% Multimedia Streaming 10% Network Control 2% OAM 2% Signaling 2% Transactional Data 10% Bulk Data 5% Scavenger 1% Realtime 33% Guaranteed BW Scavenger/Bulk 5% Best Effort 25%4-40 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Spoofing attacks are best addressed by authentication and encryption technologies. Slamming (also known as “flooding”) attacks, on the other hand, can be effectively mitigated through QoS technologies. In contrast, worms exploit security vulnerabilities in their targets and disguisedly carry harmful payloads that usually include a self-propagating mechanism. Network infrastructure usually is not the direct target of a worm attack, but can become collateral damage as worms exponentially self-propagate. The rapidly multiplying volume of traffic flows eventually drowns the CPU/hardware resources of routers and switches in their paths, indirectly causing Denial of Service to legitimate traffic flows, as shown in Figure 4-28. Figure 4-28 Direct and Indirect Collateral Damage from DoS/Worm Attacks A reactive approach to mitigating such attacks is to reverse-engineer the worm and set up intrusion detection mechanisms and/or ACLs and/or NBAR policies to limit its propagation. However, the increased sophistication and complexity of worms make them harder and harder to separate from legitimate traffic flows. This exacerbates the finite time lag between when a worm begins to propagate and when the following can take place: • Sufficient analysis has been performed to understand how the worm operates and what its network characteristics are. • An appropriate patch, plug, or ACL is disseminated to network devices that may be in the path of worm; this task may be hampered by the attack itself, as network devices may become unreachable for administration during the attacks. These time lags may not seem long in absolute terms, such as in minutes, but the relative window of opportunity for damage is huge. For example, in 2003, the number of hosts infected with the Slammer worm (a Sapphire worm variant) doubled every 8.5 seconds on average, infecting over 75,000 hosts in just 11 minutes and performing scans of 55 million more hosts within the same time period. A proactive approach to mitigating DoS/worm attacks within enterprise networks is to have control plane policing and data plane policing policies in place within the infrastructure which immediately respond to out-of-profile network behavior indicative of DoS or worm attacks. Control plane policing serves to protect the CPU of network devices—such as switches and routers—from becoming bogged down with interruption-handling and thus not having enough cycles to forward traffic. Data plane policing—also referred to as Scavenger-class QoS—serves to protect link bandwidth from being consumed by forwarding DoS/worm traffic to the point of having no room to service legitimate, in-profile flows. 226620 Core System under attack Distribution Access Routers overloaded High CPU Instability Loss of management Network links overload High packet loss Media Applications Impacted End systems overload High CPU Applications impacted4-41 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Control Plane Policing A router or switch can be logically divided into four functional components or planes: • Data plane • Management plane • Control plane • Services plane The vast majority of traffic travels through the router via the data plane. However the route processor must handle certain packets, such as routing updates, keepalives, and network management. This is often referred to as control and management plane traffic. Because the route processor is critical to network operations, any service disruption to the route processor or the control and management planes can result in business-impacting network outages. A DoS attack targeting the route processor, which can be perpetrated either inadvertently or maliciously, typically involves high rates of punted traffic (traffic that results in a processor-interruption) that results in excessive CPU utilization on the route processor itself. This type of attack, which can be devastating to network stability and availability, may display the following symptoms: • High route processor CPU utilization (near 100%) • Loss of line protocol keepalives and routing protocol updates, leading to route flaps and major network transitions • Interactive sessions via the Command Line Interface (CLI) are slow or completely unresponsive due to high CPU utilization • Route processor resource exhaustion—resources such as memory and buffers are unavailable for legitimate IP data packets • Packet queue backup, which leads to indiscriminate drops (or drops due to lack of buffer resources) of other incoming packets Control Plane Policing (CPP for Cisco IOS routers or CoPP for Cisco Catalyst Switches) addresses the need to protect the control and management planes, ensuring routing stability, availability, and packet delivery. It uses a dedicated control plane configuration via the Modular QoS CLI (MQC) to provide filtering and rate limiting capabilities for control plane packets. Figure 4-29 illustrates the flow of packets from various interfaces. Packets destined to the control plane are subject to control plane policy checking, as depicted by the control plane services block.4-42 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Figure 4-29 Packet Flow Within a Switch/Router By protecting the route processor, CPP/CoPP helps ensure router and network stability during an attack. For this reason, a best practice recommendation is to deploy CPP/CoPP as a key protection mechanism on all routers and switches that support this feature. To successfully deploy CPP, the existing control and management plane access requirements must be understood. While it can be difficult to determine the exact traffic profile required to build the filtering lists, the following summarizes the recommended steps necessary to properly define a CPP policy: 1. Start the deployment by defining liberal policies that permit most traffic. 2. Monitor traffic patter statistics collected by the liberal policy. 3. Use the statistics gathered in the previous step to tighten the control plane policies. Data Plane Policing/Scavenger-Class QoS The logic applied to protecting the control plane can also be applied to the data plane. Data plane policing has two components: • Campus access-edge policers that meter traffic flows from endpoint devices and remark “abnormal” flows to CS1 (the Scavenger marking value). • Queuing policies on all nodes that include a deferential service class for Scavenger traffic. These two components of data plane policing/Scavenger-class QoS are illustrated in Figure 4-30. Process Level Input Interface Output Interface Control Plane Services Interrupt Level Feature Checks and Switching 2266214-43 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations Figure 4-30 Data Plane Policing/Scavenger-class QoS Components Most endpoint devices have fairly predictable traffic patterns and, as such, can have metering policers to identify “normal” flows (the volume of traffic that represents 95% of the typically-generated traffic rates for the endpoint device) vs. “abnormal” flows (the remainder). For instance, it would be “abnormal” for a port that supposedly connects to an IP phone to receive traffic in excess of 128 kbps. Similarly, it would be “abnormal” for a port that supposedly connects to a Cisco TelePresence system to receive traffic in excess of 20 Mbps. Both scenarios would be indicative of network abuse—either intentional or inadvertent. Endpoint PCs also have traffic patterns that can be fairly accurately baselined with statistical analysis. For example, for users of Windows-based systems, the Windows Task Manager (which can be selected by simultaneously pressing CTRL-ALT-DEL) can graphically display networking statistics (available from the networking tab). Most users are generally surprised at how low the average network utilization rates of PCs are during everyday use, as compared to their link speed capacities. Such a graphical display of network utilization is shown in Figure 4-31, where the radical and distinctive difference in network utilization rates after worm-infection is highlighted. Figure 4-31 Sample PC Network Utilization Rates—Before and After Infection by a Worm These access edge metering policers are relatively unintelligent. They do not match specific network characteristics of specific types of attacks, but simply meter traffic volumes and respond to abnormally high volumes as close to the source as possible. The simplicity of this approach negates the need for the policers to be programmed with knowledge of the specific details of how the attack is being generated or propagated. It is precisely this unintelligence of such access layer metering policers that allow them WAN/VPN queuing polices include a Scavenger-class Campus queuing polices include a Scavenger-class Access-edge policers remark “abnormal” flows (BUT DO NOT DROP!) 226622 Normal/Abnormal Threshold Legitimate traffic bursts above Normal/Abnormal Threshold Worm-generated traffic Link Capacity Time 100 % 50 % 0 % 2266234-44 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Enterprise Medianet Strategic QoS Recommendations to maintain relevancy as worms mutate and become more complex. The policers do not care how the traffic was generated or what it looks like; they care only how much traffic is being put onto the wire. Therefore, they continue to police even advanced worms that continually change their tactics of traffic-generation. For example, in most enterprises it is quite abnormal (within a 95% statistical confidence interval) for PCs to generate sustained traffic in excess of 5% of link capacity. In the case of a GigabitEthernet access switch port, this means that it would be unusual in most organizations for an end user PC to generate more than 50 Mbps of uplink traffic on a sustained basis. Note It is important to recognize that this value (5%) for normal endpoint utilization by PC endpoints is just an example value. This value would likely vary from enterprise to enterprise, as well as within a given enterprise (such as by departmental functions). It is very important to recognize that what is being recommended by data plane policing/Scavenger class QoS is not to police all traffic to 50 Mbps and automatically drop the excess. Should that be the case, there would not be much reason to deploy GigabitEthernet switch ports to endpoint devices But rather, these campus access-layer policers do not drop traffic at all; they only perform remarking (if traffic rates appear abnormal). These policers are coupled with queuing polices on all network nodes that include a deferential service class for traffic marked as Scavenger (CS1). Queuing policies only engage when links are congested; as such, if links capacity exists, then traffic is never dropped. It is only in scenarios where offered traffic flows exceed link capacity—forcing queuing polices to engage and queuing buffers to fill to capacity—that drops may occur. In such scenarios, dropping can either occur indiscriminately (on a last-come-first-dropped basis) or with a degree of intelligence (as would be the case if abnormal traffic flows were previously identified). Let’s illustrate how this might work for both legitimate excess traffic and also the case of illegitimate excess traffic resulting from a DoS or worm attack. In the former case, assume that the PC generates over 50 Mbps of traffic, perhaps because of a large file transfer or backup. Congestion (under normal operating conditions) is rarely if ever experienced within the campus because there is generally abundant capacity to carry the traffic. Uplinks to the distribution and core layers of the campus network are typically GigabitEthernet or Ten Gigabit Ethernet, which would require 1,000 or 10,000 Mbps of traffic (respectively) from the access layer switch to congest. If the traffic is destined to the far side of a WAN/VPN link, queuing and dropping typically occurs even without the access layer policer, because of the bottleneck caused by the typical campus-to-WAN/VPN speed mismatch. In such a case, the TCP sliding windows mechanism would eventually find an optimal speed (under 50 Mbps) for the file transfer. Access layer policers that markdown out-of-profile traffic to Scavenger (CS1) would thus not affect legitimate traffic, aside from the obvious remarking. No reordering or dropping would occur on such flows as a result of these data plane policers that would not have occurred anyway. In the latter case, the effect of access layer policers on traffic caused by DoS or worm attacks is quite different. As hosts become infected and traffic volumes multiply, congestion may be experienced even within the campus. For example, if just 11 end user PCs on a single access switch begin spawning worm flows to their maximum GigabitEthernet link capacities, even Ten Gigabit Ethernet uplinks/core links will congest and queuing and dropping policies will engage. At this point, VoIP and media applications, and even best effort applications, would gain priority over worm-generated traffic (as Scavenger traffic would be dropped the most aggressively). Furthermore, network devices would remain accessible for administration of the patches/plugs/ACLs/NBAR policies required to fully neutralize the specific attack. WAN/VPN links would also be similarly protected, which is a huge advantage, as generally WAN/VPN links are the first to be overwhelmed by DoS/worm attacks. Scavenger class policies thus significantly mitigate network traffic generated by DoS or worm attacks.4-45 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations Summary Therefore, for network administrators to implement data plane policing/Scavenger class QoS, they need to first profile applications to determine what constitutes normal as opposed to abnormal flows, within a 95 percent confidence interval. Thresholds demarking normal/abnormal flows vary from enterprise to enterprise and from application to application. Beware of over-scrutinizing traffic behavior because this could exhaust time and resources and could easily change daily. Remember, legitimate traffic flows that temporarily exceed thresholds are not penalized by the presented Scavenger class QoS strategy. Only sustained, abnormal streams generated simultaneously by multiple hosts (highly indicative of DoS/worm attacks) are subject to aggressive dropping only after legitimate traffic has been serviced. To contain such abnormal flows, deploy campus access edge policers to remark abnormal traffic to Scavenger (CS1). Additionally, whenever possible, deploy a second line of policing defense at the distribution layer. And to complement these remarking policies, it is necessary to enforce deferential Scavenger class queuing policies throughout the network. A final word on this subject—it is important to recognize the distinction between mitigating an attack and preventing it entirely. Control plane policing and data plane policing policies do not guarantee that no DoS or worm attacks will ever happen, but serve only to reduce the risk and impact that such attacks could have on the network infrastructure. Therefore, it is vital to overlay a comprehensive security strategy over the QoS-enabled network infrastructure. Summary This chapter began by discussing the reasons driving the QoS design updates presented in this document by examining three sets of drivers behind QoS design evolution, including: • New applications and business requirements • New industry guidance and best practices • New platforms and technologies Business drivers—including the evolution of video applications, the phenomena of social networking, the convergence within media applications, the globalization of the workforce, and the pressures to be “green”—were examined to determine how these impact new QoS designs over enterprise media networks. Next, developments in industry standards and best practices—with particular emphasis on RFC 4594 Configuration Guidelines for DiffServ Classes—were discussed, as were developments in QoS technologies and their respective impacts on QoS design. Cisco’s QoS toolset was overviewed to provide a foundational context for the strategic best practices that followed. Classification and marking tools, policing and markdown tools, shaping, queuing, and dropping tools were all reviewed, as were AutoQoS and QoS management tools. An enterprise medianet architecture was then presented, along with strategic QoS design recommendations. These recommendations included an RFC 4594-based application class model and an application expansion class model (for enterprises not yet ready to deploy a 12-class QoS model). Additionally, QoS best practices for classification, marking, policing, and queuing were presented, including: • Always deploy QoS in hardware (over software) whenever possible. • Mark as close to the source as possible with standards-based DSCP values. • Police as close to the source as possible. • Markdown according to standards-based rules. • Deploy queuing policies on all network nodes.4-46 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations References • Optimally assign each medianet class a dedicated queue. • Limit strict-priority queuing to 33% of link-capacity whenever possible. • Provision at least 25% of a link’s capacity for best effort applications. • Provision a minimal queue (such as 1%) for the Scavenger applications class. • Enable control plane policing on platforms that support this feature. • Deploy data plane policing/Scavenger class QoS polices whenever possible. These strategic design recommendations will serve to make the PIN-specific designs that follow more cohesive, complementary, and consistent. References White Papers • Cisco Visual Networking Index—Forecast and Methodology, 2007-2012 http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns705/ns827/white_paper_c1 1-481360_ns827_Networking_Solutions_White_Paper.html • Approaching the Zettabyte Era http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns705/ns827/white_paper_c1 1-481374_ns827_Networking_Solutions_White_Paper.html • Cisco Enterprise QoS Solution Reference Design Guide, version 3.3 http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND -Book.html • Overview of a Medianet Architecture http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/vrn.html IETF RFCs • RFC 791 Internet Protocol http://www.ietf.org/rfc/rfc791 • RFC 2474 Definition of the Differentiated Services Field http://www.ietf.org/rfc/rfc2474 • RFC 2597 Assured Forwarding PHB Group http://www.ietf.org/rfc/rfc2597 • RFC 3246 An Expedited Forwarding PHB http://www.ietf.org/rfc/rfc3246 • RFC 3662 A Lower Effort Per-Domain Behavior for Differentiated Services http://www.ietf.org/rfc/rfc3662 • RFC 4594 Configuration Guidelines for DiffServ Service Classes http://www.ietf.org/rfc/rfc4594 • RFC 5187 [Draft] Aggregation of Diffserv Service Classes http://tools.ietf.org/html/rfc51274-47 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations References Cisco Documentation • Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4 http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_4/qos_12_4_book.html4-48 Medianet Reference Guide OL-22201-01 Chapter 4 Medianet QoS Design Considerations ReferencesC H A P T E R 5-1 Medianet Reference Guide OL-22201-01 5 Medianet Security Design Considerations A medianet is the foundation for media-rich collaboration across borderless networks. The availability and overall security of a medianet is thus critical to global business operations. The security challenge is enabling an enterprise to confidently embrace and deliver these rich global collaboration services without compromising the overall security posture of the company. The chapter illustrates the key strategies for enabling secure collaboration by employing a defense-in-depth approach that extends and integrates consistent, end-to-end security policy enforcement, and system-wide intelligence, across an enterprise medianet. An Introduction to Securing a Medianet The security of a medianet is addressed as two broad categories: • Medianet foundation infrastructure This consists of the end-to-end network infrastructure and services that are fundamental to a medianet, including switches, routers, wireless infrastructure, network clients, servers, baseline network services, as well as the WAN and other elements that enable pervasive access to medianet services. • Medianet collaboration services This consists of the media-rich collaboration and communication services that a medianet may support, such as TelePresence, Digital Media Systems (DMS), IP Video surveillance (IPVS), Unified Communications, desktop video and WebEx conferencing, along with their associated infrastructure and clients. In order to secure a medianet, Cisco SAFE guidelines are applied to these two broad categories of a medianet. The security of both being critical to the delivery of pervasive secure collaboration. Medianet Foundation Infrastructure The network infrastructure and clients of a medianet are its fundamental elements. Security of these medianet clients and infrastructure thus provides the secure foundation for all the collaboration services that a medianet enables. Without the security of this foundational element, secure collaboration is impossible to deliver and any additional security measures are futile. The Cisco SAFE guidelines must be applied to this fundamental area and each of its elements in order to provide a secure medianet foundation.5-2 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet Medianet Collaboration Services Each of the collaboration and communication services deployed on a medianet must each be assessed and secured in accordance with security policy and by applying the Cisco SAFE guidelines. This requires detailed analysis of the platforms and protocols used, the traffic flows and communication points, as well as possible attack vectors. The extension and integration of current, and possibly new, security techniques to each of these services can then be developed and deployed. The implementation details may vary but the Cisco SAFE guidelines provide a consistent blueprint of the security considerations that need to be addressed. Cisco SAFE Approach Cisco SAFE provides a reference guide, an architecture and design blueprints for consistent, end-to-end security policy enforcement and system-wide intelligence. We will apply Cisco SAFE to a medianet in order to extend this approach to all elements of a medianet. The Cisco SAFE approach includes proactive techniques to provide protection from initial compromise. This includes Network Foundation Protection, endpoint security, web and E-mail security, virtualization and network access control, as well as secure communications. These are complemented by reactive techniques that provide the ability to identify anomalous activity on the network and, where necessary, mitigate their impact. This includes telemetry, event correlation, firewall, IPS, data loss prevention and switching security. Figure 5-1 Cisco SAFE Identify Monitor Security Solutions Network Devices • PCI • DLP • Threat Control • Routers • Servers • Switches • VPNs • Monitoring • Firewall • Email Filtering • Admission Control • Intrusion Prevention Security Devices Correlate Harden Isolate Enforce Visibility Control Data Center Campus WAN Edge Branch Internet Edge Ecommerce Cisco Virtual Office Virtual User Partner Sites Secured Mobility, Unified Communications, Network Virtualization Network Foundation Protection Security Control Framework 2267935-3 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet For more information about Cisco SAFE, see the link referenced in Medianet Security Reference Documents, page 5-12. Security Policy and Procedures Every organization should have defined security policies and procedures that form the basis of a strong security framework. These policies concisely define the required security actions and may, in turn, specify associated standards and guidelines. Procedures define how these policy goals are to be accomplished. Security policies and procedures must be in place in order to achieve consistent, effective network security. The security guidelines provided in this chapter can be leveraged to enforce these policies, according to the specific policy requirements. For more information on developing and implementing a security policy, the SANS Technology Institute offers some excellent resources including training, guidelines and sample security policies, see Medianet Security Reference Documents, page 5-12. Security of Medianet Foundation Infrastructure The security of this foundational element of a medianet is critical to the security of all services that a medianet enables. If the medianet itself is vulnerable, fundamental network services are vulnerable and thus, all additional services are vulnerable. If the clients that access a medianet are vulnerable, any hosts, devices or services they have access to are vulnerable. To address this area, we can leverage the Cisco SAFE reference guide to provide the fundamental security guidelines. This chapters provides a brief overview of the key elements of Cisco SAFE; for the complete Cisco SAFE Reference Guide and additional Cisco SAFE collateral, see the link referenced in Medianet Security Reference Documents, page 5-12. Security Architecture The Cisco SAFE architecture features a modular design with the overall network represented by functional modules, including campus, branch, data center, Internet edge, WAN edge, and core. This enables the overall security design, as well as the security guidelines for each individual module to be leveraged, applied, and integrated into a medianet architecture.5-4 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet Figure 5-2 Cisco SAFE Architecture The Cisco SAFE architecture features virtualization and segmentation to enable different functional and security domains, secure communications for data in transit, centralized management and control for ease of operations and consistent policy enforcement, along with fundamental design principles such as the Cisco Security Control Framework and the architecture lifecycle. Network Foundation Protection The focus of Network Foundation Protection (NFP) is security of the network infrastructure itself, primarily protecting the control and management planes of a medianet. NFP mitigates unauthorized access, denial-of-service (DoS) and local attacks such as man-in-the-middle (MITM) attacks that can be used to perform eavesdropping, sniffing, and data steam manipulation. The key areas NFP addresses include the following: • Secure Device Access • Service Resiliency • Network Policy Enforcement • Routing Security • Switching Security Partner Extranet WAN Internet Internet Edge E-Commerce Campus Data Center Management Teleworker Branch M M IP IP IP Core WAN Edge 2266595-5 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet Integration of these elements is critical to medianet security and, unless implemented, renders any more advanced techniques futile. For instance, if a malicious user can access the local LAN switch using a simple password, they will have access to all traffic flowing through that switch, can reconfigure the device and mount a vast array of attacks. Endpoint Security Endpoints are exposed to a wide range of threats, including malware, botnets, worms, viruses, trojans, spyware, theft of information, and unauthorized access. Hardening these endpoints is thus critical to overall network security, protecting both the endpoint itself, the data they host and any network to which they connect. Endpoint security includes the following: • Operating system and application hardening It is critical that the operating system and applications running on an endpoint are hardened and secured in order to reduce the attack surface and render the endpoint as resilient as possible to attacks. This involves implementing a secure initial configuration, as well as the regular review of vulnerabilities and the timely application of any necessary updates and security patches. • User education and training End-users should receive ongoing education and training to make them aware of the critical role they play in mitigating existing and emerging threats, including security awareness, protection of corporate data, acceptable use policy and minimizing risk exposure. This should be presented in a simple, collaborative way to reinforce corporate policies. • Host-based IPS (HIPS) HIPS provides endpoints with protection against both known and zero-day or unpatched attacks, whichever network they may be connected to. This is achieved through both signature- and behavior-based threat detection and mitigation that are key features of HIPS. This functionality is offered by the Cisco Security Agent (CSA), along with the ability to enforce policy and perform data loss prevention on the endpoint itself. Some of this functionality may also be available in the host operating system. • Cisco Security Services Client (CSSC) The CSSC is a software supplicant that enables identity-based access and policy enforcement on a client, across both wired and wireless networks. This includes the ability to enforce secure network access controls, such as requiring the use of WPA2 for wireless access and automatically starting a VPN connection when the endpoint is connected to a non-corporate network. For more information about Cisco CSA and CSSC, see Medianet Security Reference Documents, page 5-12.5-6 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet Web Security The web is increasingly being used to distribute malware and, whilst malicious sites continue to operate as one key delivery method, the majority of today’s web-based threats are delivered through legitimate websites that have been compromised. Add to this the threats posed by spyware, traffic tunneling, client usage of unauthorized sites and services, and the sharing of unauthorized data, and it is easy to see why web security is critical to any organization. Cisco offers four web security options: • Cisco Ironport S-Series Web Security Appliance (WSA) An on-premise, dedicated appliance offering high performance web-based threat mitigation and security policy enforcement. The WSA provides web usage controls, known and unknown malware protection through multiple scanning engines and reputation filtering, data loss prevention, URL filtering, protocol tunneling protection and malware activity monitoring. • Cisco ScanSafe Hosted web security (SaaS) offering web-based malware protection in the cloud. ScanSafe provides real-time scanning of inbound and outbound web traffic for known and unknown malware, as well as monitoring of malware activity. • Cisco ASA 5500 Series Content Security and Control Security Services Module (CSC-SSM) Service module for the Cisco ASA 5500 Series providing comprehensive antivirus, anti-spyware, file blocking, anti-spam, anti-phishing, URL blocking and filtering, and content filtering. • Cisco IOS Content Filtering Integrated web security in Cisco IOS platforms offering whitelist and blacklist URL filtering, keyword blocking, security rating, and category filtering For more information about Cisco Ironport WSA, ScanSafe, and Cisco IOS security, see Medianet Security Reference Documents, page 5-12. E-mail Security E-mail is one of the primary malware distribution methods, be it through broad phishing attacks, malware in attachments or more sophisticated, targeted E-mail attacks. E-mail spam is a major revenue generator for the miscreant community, and E-mail is one of the most common methods for unauthorized data exchange. Consequently, E-mail security is critical to an enterprise. Cisco offers E-mail security through the Ironport C-Series E-mail Security Appliance (ESA), providing spam filtering, malware filtering, reputation filtering, data loss prevention (DLP) and E-mail encryption. This is available in three deployment options: • On-premise appliance enforcing both inbound and outbound policy controls. • Hybrid Hosted service offering an optimal design that features inbound filtering in the cloud for spam and malware filtering, and an on-premise appliance performing outbound control for DLP and encryption. • Dedicated hosted E-mail security service (SaaS) offering the same rich E-mail security features but with inbound and outbound policy enforcement being performed entirely in the cloud. For more information on Cisco Ironport ESA, see Medianet Security Reference Documents, page 5-12.5-7 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet Network Access Control With the pervasiveness of networks, controlling who has access and what they are subsequently permitted to do are critical to network and data security. Consequently, identity, authentication and network policy enforcement are key elements of network access control. Cisco Trusted Security (TrustSec) is a comprehensive solution that offers policy-based access control, identity-aware networking, and data confidentiality and integrity protection in the network. Key Cisco technologies integrated in this solution include: • Cisco Catalyst switches providing rich infrastructure security features such as 802.1X, web authentication, MAC authentication bypass, MACSec, Security Group Tags (SGT), and a selection of dynamic policy enforcement mechanisms and deployment modes. • Cisco Secure Access Control System (ACS) as a powerful policy server for centralized network identity and access control. • Cisco Network Access Control (NAC) offering appliance-based network access control and security policy enforcement, as well as posture assessment. For more information about Cisco TrustSec, see Medianet Security Reference Documents, page 5-12. User Policy Enforcement User policy enforcement is a broad topic and, based on the defined security policy, may include: • Acceptable Use Policy (AUP) Enforcement For example, restricting web access and application usage, such as P2P applications and adult content. This can be achieved through Cisco IOS Content Filtering and Ironport WSA Web Usage Controls (WUC). • Data Loss Prevention (DLP) DLP is often required for regulatory purposes and refers to the ability to control the flow of certain data, as defined by security policy. For example, this may include credit card numbers or medical records. DLP can be enforced at multiple levels, including on a host, through the use of Cisco Security Agent (CSA), in E-mail through integration of the Ironport ESA and via web traffic through integration of the Ironport WSA. Secure Communications The confidentiality, integrity, and availability of data in transit is critical to business operations and is thus a key element of network security. This encompasses the control and management, as well as data planes. The actual policy requirements will typically vary depending on the type of data being transferred and the network and security domains being transited. This is a reflection of the risk and vulnerabilities to which data may be subject, including unauthorized access, and data loss and manipulation from sniffing or man-in-the-middle (MITM) attacks. For example, credit card processing over the Internet is governed by regulatory requirements that require it to be in an isolated security domain and encrypted. A corporate WLAN may require the use of WPA2 for internal users and segmented wireless access for guests. Secure communications is typically targeted at securing data in transit over WAN and Internet links that are exposed to external threats, but the threats posed by compromised internal hosts is not to be overlooked. Similarly, sensitive data or control and management traffic transiting internal networks may also demand additional security measures.5-8 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet Cisco offers a range of VPN technology options for securing WAN access, either site-to-site or for remote access, along with PKI for secure, scalable, and manageable authentication. Cisco VPN technologies include MPLS, IPSec VPN, SSL VPN, GRE, GETVPN, DMVPN. For more information about Cisco VPN technologies, see Medianet Security Reference Documents, page 5-12. Firewall Integration Firewall integration enables extended segmentation and network policy enforcement of different security policy domains. For example, to isolate and secure servers that store highly sensitive data or segment users with different access privileges. In addition, firewall integration offers more advanced, granular services, such as stateful inspection and application inspection and control on Layer 2 through Layer 7. These advanced firewall services are highly effective of detecting and mitigating TCP attacks and application abuse in HTTP, SMTP, IM/P2P, voice, and other protocols. Cisco offers the following two key firewall integration options: • Adaptive Security Appliance (ASA) 5500 Series Dedicated firewall enabling a highly scalable, high performance, high availability and fully featured deployment that is available on a range of platforms. The ASA 5500 Series also features the Cisco ASA Botnet Traffic Filter, providing real-time traffic monitoring, anomalous traffic detection, and reputation-based control that enables the mitigation of botnets and other malware that shares phone-home communication patterns. • Cisco IOS Firewall Cost-effective, integrated firewall offered as a classic, interface-based firewall or as a zone-based firewall (ZBFW) that enables the application of policies to defined security zones. For more information about the Cisco ASA 5500 Series and Cisco IOS Firewall, see Medianet Security Reference Documents, page 5-12. IPS Integration The integration of network IPS provides the ability to accurately identify, classify, and stop malicious traffic on the network, including worms, spyware, adware, attacks, exploits, network viruses, and application abuse. Cisco IPS offers dynamic and flexible signature, vulnerability, exploit, behavioral and reputation-based threat detection and mitigation, as well as protocol anomaly detection. In addition, the collaboration of Cisco IPS with other Cisco devices provides enhanced visibility and control through system-wide intelligence. This includes host-based IPS collaboration with Cisco Security Agent (CSA), reputation-based filtering and global correlation using SensorBase, automated threat mitigation with the WLAN controller (WLC), multi-vendor event correlation and attack path identification using Cisco Security Monitoring, Analysis, and Response System (CS-MARS), and common policy management using Cisco Security Manager (CSM). Cisco IPS is available in a wide range of network IPS deployment options, including: • Cisco IPS 4200 Series Appliances Dedicated high scalability, high availability hardware appliances. • Integrated modules for ISR, ASA and Catalyst 6500 Offering flexible deployment options but consistent rich signature set and policy enforcement5-9 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet • Cisco IOS IPS Cost-effective integrated IPS with sub-set of common signatures. For more information about the Cisco IPS offerings, see Medianet Security Reference Documents, page 5-12. Telemetry Visibility into the status of a medianet and the identification of any anomalous activity is critical to overall network security. Security monitoring, analysis & correlation is thus essential to the timely and accurate detection and mitigation of anomalies. The baseline elements of telemetry are very simple and inexpensive to implement, and include: • Time Synchronization Synchronize all network devices to the same network clock by using Network Time Protocol (NTP) to enable accurate and effective event correlation. • Monitoring of System Status Information Maintain visibility into overall device health by monitoring CPU, memory and processes. • Implementation of CDP Best Common Practices Enable CDP on all infrastructure interfaces for operational purposes but disable CDP on any interfaces where CDP may pose a risk, such as external-facing interfaces. • Remote Monitoring Leverage syslog, SNMP and additional telemetry techniques, such as Netflow, to a centralized server, such as CS-MARS, for cross-network data aggregation. This enables detailed and behavioral analysis of the data which is key to traffic profiling, anomaly-detection and attack forensics, as well as general network visibility and routine troubleshooting. For more information about management and visibility in a medianet, see Chapter 6, “Medianet Management and Visibility Design Considerations.” Security of Medianet Collaboration Services Once the foundational elements of a medianet are secured, the next step is to address the security of each of the collaboration and communication services that a medianet is being used to deliver, whether it is TelePresence, DMS, IPVS, Unified Communications, desktop video, WebEx conferencing, or any other collaboration and communication service. As each collaboration service is deployed, the service must be well-researched and understood, security policy must be reviewed and applied, and network security measures extended to encompass it. To achieve this, the same Cisco SAFE guidelines are applied to each medianet collaboration service and their associated infrastructure, enabling consistent, end-to-end, security policy enforcement.5-10 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet Security Policy Review Prior to deployment of a new service, it is critical to review it in relation to security policy. This will initially require detailed analysis of the service itself, including the protocols it uses, the traffic flows and traffic profile, the type of data involved, as well as its associated infrastructure devices and platforms. This enables a security threat and risk assessment to be generated that identifies possible attack vectors and their associated risk. In addition, there may be regulatory requirements to take into consideration. The service can then be reviewed in relation to security policy in order to determine how to enforce the security policy and, if necessary, what changes are required to the policy. This is generally referred to as a policy impact assessment. Reviewing a new service in relation to the security policy enables consistent enforcement that is critical to overall network security. Architecture Integration Integration of a new service into a medianet requires an assessment of the traffic flows, the roles of its associated infrastructure and the communications that take place, as well as an understanding of the current corporate network design. This enables the most appropriate deployment model to be adopted, including the appropriate segmentation of security domains. For example, a WebEx Node resides on the corporate network, but communicates with the external WebEx cloud as well as internal clients. Consequently, the logical placement for this device, performing an intermediary role between internal clients and an external service, is the DMZ. For more information about WebEx Node integration, see Medianet Security Reference Documents, page 5-12. Application of Cisco SAFE Guidelines For each medianet collaboration service, we will apply the Cisco SAFE guidelines to enable the consistent enforcement of security policy. Taking each of the Cisco SAFE security areas, we will assess if and how they apply to this service and its associated infrastructure, and what additions or changes may need to be made to the current security measures. The Cisco SAFE security areas we will apply include: • Network Foundation Protection (NFP) Hardening of each of the service infrastructure components and services, including secure device access and service resiliency. QoS and Call Admission Control (CAC) being two key features of service resiliency for media-rich communication services. • Endpoint Security Hardening of each of the service endpoints and a review of current endpoint security policies. For instance, if the CSA Trusted QoS feature is currently employed, this may need to be modified to reflect the requirements of a new desktop video deployment. • Web Security Extension of web security policies to the service, including perhaps the modification of web usage controls, DLP policies, and URL filtering. For instance, a WebEx Node should only connect to the WebEx Cloud and so corporate URL filtering policies may be modified to enforce this. • E-mail Security A review of E-mail security policies may be required if the service involves the use of E-mail, either as an integral part of the service itself or as part of its monitoring and management.5-11 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations An Introduction to Securing a Medianet • Network Access Control (NAC) Extension of network access control to the service, including identification, authentication and network policy enforcement of users and devices. This may involve the extension of policies to include service-specific policy enforcement, such as to restrict the authorized users, devices, protocols and flows of a particular service, thereby only granting minimum access privileges and reducing the risk exposure of the service endpoints. • User Policy Enforcement A review of user policies may be required to reflect the new service offerings. For instance, to define the data sharing policy for external Cisco WebEx Connect Spaces. • Secure Communications The path and risk exposure of data in transit must be assessed in order to deploy the most appropriate security solution. This may include the security of control and management planes, as well as the data plane. For example, the encryption of TelePresence media flows may be required if data traverses an insecure security domain or the media content is sensitive. • Firewall Integration Firewall policies may need to be modified to allow firewall traversal for the service. For instance, if you wish to provide secure access to your UC infrastructure from external softphones, you may enable the ASA Phone Proxy feature. • IPS Integration IPS integration and signature tuning may be required to ensure the accurate and timely detection and mitigation of anomalies in these new services. For instance, to identify SIP attacks or DoS attacks against UC servers. • Telemetry Extension of monitoring to the new service in order to provide visibility into its operational status, to enable the detection of anomalous activity that may be indicative of an incident, as well as to record activity for detailed analysis and forensics. Implementation involves leveraging the available security features on the service infrastructure devices themselves and those offered within the service, as well as extending existing or new network security techniques to these new services. Since the actual implementation of security for each service is very specific and often very different, it should be addressed as an integral part of the overall design and deployment of each service. For more information on securing each of the collaboration services, see Medianet Security Reference Documents, page 5-12 for additional collateral.5-12 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations Medianet Security Reference Documents Medianet Security Reference Documents • ASA 5500 Series http://www.cisco.com/go/asa • Cisco Data Center Security http://www.cisco.com/en/US/netsol/ns750/networking_solutions_sub_program_home.html • Cisco IOS Content Filtering http://www.cisco.com/en/US/products/ps6643/index.html • Cisco IOS Firewall http://www.cisco.com/en/US/products/sw/secursw/ps1018/index.html • Cisco IOS NetFlow http://www.cisco.com/en/US/products/ps6601/products_ios_protocol_group_home.html • Cisco IP Video Surveillance (IPVS) http://www.cisco.com/en/US/solutions/ns340/ns414/ns742/ns819/landing_vid_surveillance.html • Cisco IronPort C-Series E-mail Security Appliance (ESA) http://www.ironport.com/products/email_security_appliances.html • Cisco IronPort S-Series Web Security Appliance (WSA) http://www.ironport.com/products/web_security_appliances.html • Cisco Medianet http://www.cisco.com/web/solutions/medianet/index.html • Cisco Network Admission Control (NAC) http://cisco.com/en/US/netsol/ns466/networking_solutions_package.html • Cisco SAFE http://www.cisco.com/go/safe • Cisco SAFE WebEx Node Integration http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/WebEx_wpf.html • Cisco ScanSafe Web Security http://www.scansafe.com/ • Cisco Secure Services Client (CSSC) http://cisco.com/en/US/products/ps7034/index.html • Cisco Security Portfolio http://www.cisco.com/go/security • Cisco Security Agent (CSA) http://www.cisco.com/go/csa • Cisco Trust and Identity Management Solutions http://cisco.com/en/US/netsol/ns463/networking_solutions_sub_solution_home.html • Cisco Trusted Security (TrustSec) http://www.cisco.com/en/US/netsol/ns774/networking_solutions_package.html5-13 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations Medianet Security Reference Documents • Cisco Unified Communications (UC) Security http://www.cisco.com/en/US/netsol/ns340/ns394/ns165/ns391/networking_solutions_package.htm l • Cisco VPN http://cisco.com/en/US/products/ps5743/Products_Sub_Category_Home.html • Cisco WebEx Security Overview http://www.cisco.com/en/US/prod/collateral/ps10352/cisco_webex_security_overview.pdf • SANS Policy Resources http://www.sans.org/security-resources/policies/5-14 Medianet Reference Guide OL-22201-01 Chapter 5 Medianet Security Design Considerations Medianet Security Reference DocumentsC H A P T E R 6-1 Medianet Reference Guide OL-22201-01 6 Medianet Management and Visibility Design Considerations This chapter provides a high-level overview of various functionalities that can be used to provide management and visibility into video flows within an enterprise medianet. This functionality can be divided into the following two broad categories: • Network-embedded—Management functionality embedded within the IP network infrastructure itself (that is, routers, switches, and so on). Network-embedded management functionality may benefit a single video application solution, or may benefit all video application solutions, depending on the specific functionality. • Application-specific—Management functionality embedded within the components that comprise individual video application solutions, such as Cisco TelePresence, Cisco Digital Media Systems, Cisco IP Video Surveillance, and Cisco Desktop Video Collaboration. Although individual video application solutions co-exist over a converged IP network infrastructure, the application-specific management functionality may be unique to the video solution. Note Management applications that make use of the functionality embedded within both the IP network infrastructure and/or individual components of video application solutions to provide a centralized point of monitoring, control, and reporting within the medianet infrastructure, may be considered a third category of functionality. Examples of such applications are the Cisco QoS Policy Manager (QPM), which provides centralized QoS provisioning and monitoring for Cisco router platforms. Future revisions of this design chapter may include discussion around these applications. In this design guide, management functionality is presented using the International Organization for Standardization (ISO)/International Telecommunications Union (ITU) Fault, Configuration, Accounting, Performance, and Security (FCAPS) model. The five major categories of network management defined within the FCAPS model are as follows: • Fault management—Detection and correction of problems within the network infrastructure or end device. • Configuration management—Configuration of network infrastructure components or end devices, including initial provisioning and ongoing scheduled changes. • Accounting management—Scheduling and allocation of resources among end users, as well as billing back for that use if necessary. • Performance management—Performance of the network infrastructure or end devices, including maintaining service level agreements (SLAs), quality of service (QoS), network resource allocation, and long-term trend analysis.6-2 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality • Security management—Maintaining secure authorization and access to network resources and end devices, as well as maintaining confidentiality of information crossing the network infrastructure. Note Note that the security management aspects of the medianet infrastructure are only briefly discussed in this chapter. A separate chapter of this design guide deals with medianet security design considerations. Network-Embedded Management Functionality The following sections highlight functionality embedded within network infrastructure devices that can be used to provide visibility and management of video flows within an enterprise medianet. Although specific examples within each section discuss the use of a particular functionality for a specific video application solution (Cisco TelePresence, Cisco Digital Media Systems, Cisco IP Video Surveillance, or Cisco Desktop Video Collaboration), the features discussed can generally provide benefit across multiple video application solutions. A complete list of network-embedded management functionality is outside the scope of this document. Instead, for brevity, only specific features relevant to medianet management and visibility are discussed. Table 6- 1 provides a high level summarization of the functionality discussed in following sections. 6-3 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality Table 6-1 Summary of Network-Embedded Management Functionality Management Product /Tool Management Functionality Description NetFlow Performance and security management • NetFlow services embedded within Cisco router and Cisco Catalyst switch platforms provide the ability to collect and export flow information that can be used to determine the amount of video traffic crossing key points within a medianet. Flow information collected at a NetFlow collector, such as the Cisco Network Analysis Module (NAM) can be used to provide ongoing monitoring and/or reports that may be used to determine whether adequate bandwidth is provisioned per service class to support the video traffic applications. • NetFlow export version 9 provides the ability to export multicast flows as well, providing some visibility into the amount of multicast traffic crossing key points within the medianet infrastructure. • Netflow can also be used to identify anomalous flows within the medianet infrastructure, alerting security operations staff of potential worm propagation or a DDoS attack. For further information, see the Cisco SAFE Reference Guide at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Sec urity/SAFE_RG/SAFE_rg.html. Cisco Network Analysis Module (NAM) Performance management • The Cisco Catalyst 6500 Series Network Analysis Module (NAM) provides the ability to monitor and generate reports regarding data flows within a medianet. Data flows from the supervisor of a Cisco Catalyst 6500 switch platform, SPAN/RSPAN ports, or NetFlow Data Export (NDE) from other routers and switches within the medianet infrastructure can be analyzed. • The NAM provides the ability to monitor and generate reports on traffic flows aggregated by Differentiated Services Code Point (DSCP) marking. This can assist in providing visibility into the amount of traffic per service class crossing key points within the medianet, and can aid in provisioning adequate bandwidth per service class across the network infrastructure. IP service level agreements (IPSLAs) Performance management • IPSLA functionality embedded within Cisco Catalyst switches, Cisco IOS routers, and Cisco TelePresence endpoints can be used as a pre-assessment tool, to determine whether the medianet infrastructure has the capability to support additional video flows before becoming production resources. • IPSLAs may be used cautiously to perform ongoing performance monitoring of the medianet infrastructure to determine whether a particular video class is experiencing degradation because of packet loss and/or jitter.6-4 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality Router and switch command-line interface Performance management and fault management • The traceroute utility can be used to determined the Layer 3 hop path of video flows through a medianet infrastructure. • After the path has been determined, high-level CLI commands such as show interface summary and show interface can be used on each router and switch along the path to determine quickly whether drops or errors are occurring on relevant interfaces. • Other platform-specific commands can be used to display packet drops per queue on Cisco Catalyst switch platforms. When separate traffic service classes (corresponding to different video applications) are mapped to different queues, network administrators can use these commands to determine whether particular video applications are experiencing degradation because of packet loss within the medianet infrastructure. • When policy maps are used to map specific traffic service classes (corresponding to different video applications) to software queues within Cisco router platforms, or hardware queues within certain Cisco Catalyst switch platforms, the show policy-map command can be used to display the amount of traffic per service class as well as drops experienced by the particular service class. Network administrators can use this command to determine whether adequate bandwidth is provisioned, as well as to determine whether particular video applications are experiencing degradation because of packet loss within the medianet infrastructure. Syslog Security management and fault management • Telemetry using syslog can be used to provide some key fault management information on network infrastructure devices within a medianet, such as CPU utilization, memory utilization, and link status. • For further information regarding network security best practices, see the Cisco SAFE Reference Guide at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Sec urity/SAFE_RG/SAFE_rg.html. Table 6-1 Summary of Network-Embedded Management Functionality (continued) Management Product /Tool Management Functionality Description6-5 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality NetFlow NetFlow services provide network administrators access to information regarding IP flows within their networks. IP flows are unidirectional streams of packets flowing through a network device. They share common properties such as source address, destination address, protocol, port, DSCP value, and so on. Network devices, such as switches and routers, can collect and store flow data in the form of flow records within a NetFlow table or cache. Flow records can then be periodically exported from the NetFlow cache to one or more NetFlow management collectors located centrally within a data center or campus service module. NetFlow collectors aggregate exported NetFlow records to provide monitoring and reporting information regarding the IP traffic flows within the network. NetFlow provides a means of gaining additional visibility into the various video flows within an enterprise medianet. From an FCAPS perspective, this visibility can be used for either performance management purposes or for accounting management purposes. More specifically, NetFlow data can assist in determining whether sufficient bandwidth has been provisioned across the network infrastructure to support existing video applications. NetFlow data records can be exported in various formats depending on the version. The most common formats are versions 1, 5, 7, 8, and 9. NetFlow export version 9 is the latest version, which has been submitted to the IETF as informational RFC 3954, providing a model for the IP Flow Information Export (IPFIX) working group within the IETF. NetFlow version 9 provides a flexible and extensible means of exporting NetFlow data, based on the use of templates that are sent along with the flow record. Templates contain structural information about the flow record fields, allowing the NetFlow collector to interpret the flow records even if it does not understand the semantics of the fields. For more information regarding NetFlow version 9, see the following URL: http://www.ietf.org/rfc/rfc3954.txt. Simple Network Management Protocol (SNMP) Security management, fault management, and performance management • Telemetry using SNMP can also be used to provide key fault management information on network infrastructure devices within a medianet. • SNMP can be used to collect statistics from network infrastructure devices for performance management purposes. • SNMP traps can be generated for authentication failures to devices, providing an additional layer of security management. AAA services Security management • AAA services can be used to provide centralized access control for security management, as well as an audit trail providing visibility into access of network infrastructure devices. • For further information regarding network security best practices, see the Cisco SAFE Reference Guide at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Sec urity/SAFE_RG/SAFE_rg.html. Table 6-1 Summary of Network-Embedded Management Functionality (continued) Management Product /Tool Management Functionality Description6-6 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality NetFlow Strategies Within an Enterprise Medianet Simply enabling NetFlow on every interface on every network device, exporting all the flow data to a central NetFlow collector, and then aggregating the flow data into a single set of information across the entire enterprise medianet, is generally considered only marginally useful for anything but small networks. This strategy typically results in information overload, in which a lot of statistics are collected, yet the network administrator has no idea where traffic is flowing within the network infrastructure. An alternative strategy is to collect flow information based on specific requirements for the flow data itself. One such strategy is to selectively enable NetFlow to collect traffic flows on certain interfaces at key points within the enterprise medianet. The data from each collection point in the network can then be kept as separate information sets, either at a single NetFlow collector or in multiple NetFlow collectors, rather than aggregated together. This can be used to provide a view of what traffic is flowing through the different points within the enterprise medianet. Depending on the capabilities of the NetFlow collector, this can be done in various ways. Some NetFlow collectors allow different UDP port numbers to be used for flows from different devices. This allows the aggregation of NetFlow information from multiple interfaces on a single router or switch to appear as a single data set or source. It also allows the flows from a redundant set of routers or switches to appear as a single data set or source. Other NetFlow collectors, such as the Cisco Network Analysis Module (NAM), use a fixed port (UDP 3000) for flows from devices. Flows from multiple interfaces on the same device can be aggregated into a single custom data source. Flows from multiple devices, such as a redundant pair of routers or switches, appear as separate data sources. However, the use of Virtual Switching System (VSS) on a pair of Cisco Catalyst 6500 Series switches allows flows from multiple interfaces on the redundant switch pair to appear as a single data source on the NAM. Figure 6-1 shows an example of some key network points within an enterprise medianet where NetFlow collection can be enabled. Note that pairs of Cisco Catalyst 6500 Series Switches can be VSS-enabled, although not specifically shown. Figure 6-1 Example of Collecting NetFlow Data at Key Network Points Enterprise WAN Campus Datacenter Campus Core Branch Internet Edge Module WAN Module Campus Building Module 228413 3 2 4 1 56-7 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality This example is not the only recommended model for enabling NetFlow within an enterprise medianet, but is an example of a methodology for collecting NetFlow data to gain some useful insight regarding video flows at various points within the network infrastructure. You can choose to selectively enable NetFlow collection at one or more strategic aggregation points in the network, such as the distribution layer within different modules of a campus, depending on the desired visibility for video flows. For example, NetFlow statistics can be collected at the ingress interfaces of the distribution layer switch pairs at each module within a campus. In other words, statistics can be collected for traffic flows exiting the core and entering each campus module. Statistics gathered from this type of NetFlow deployment can be used to determine the following video traffic flows: • Aggregated flows outbound across the corporate WAN to all the branch locations • Flows into each building within the campus • Aggregated flows outbound toward the Internet This model can be useful because many video flows emanate from a central point within a campus data center or campus service module, and flow out to users within each campus building or each branch location. For example, unicast or broadcast enterprise TV as well as video-on-demand (VoD) flows to desktop devices often follow this flow pattern. Likewise, because of the nature of TelePresence video, the majority of the video flows within a multipoint meeting are from a centralized Cisco TelePresence Multipoint Switch, potentially located within a data center or campus service module, out to the Cisco TelePresence System endpoints located within the campus buildings and branch locations. Additional flow information can be gathered by implementing NetFlow bidirectionally at the distribution layer of each module. Note that this can preferably be done by enabling NetFlow statistics collection in an ingress direction on other interfaces. Although video broadcasts, VoD, and multipoint TelePresence tend to follow a flow model where the majority of traffic emanates from a central point outward to the endpoints, Cisco IP video surveillance follows the opposite model. The majority of traffic in a Cisco IP video surveillance deployment flows from cameras deployed within the campus buildings back to the Video Surveillance Operations Manager (VSOM) server potentially deployed within a data center or campus service module. However, note that implementing NetFlow collection bidirectionally can result in some duplication of flow information when multiple collection points exist within the network infrastructure. Additional flow information can also be gathered by implementing NetFlow at the branch router itself, to gain insight into the flows into and out of individual branch locations, if that level of detail is needed. Keep in mind, however, that the NetFlow data export uses some of the available branch bandwidth. Also, NetFlow in Cisco IOS router platforms is performed in software, potentially resulting in somewhat higher CPU utilization depending on the platform and the amount of flow statistics collected and exported. The use of flow filters and/or sampling may be necessary to decrease both CPU utilization and bandwidth usage because of NetFlow flow record exports. Even with the campus distribution switches, it may be desirable to implement flow filters and/or sampling to decrease CPU and bandwidth usage. Note that data sampling may distort statistics regarding how much traffic is flowing across a single point in the network. However, the relative percentages of the flows can still be useful from a bandwidth allocation perspective. An alternative strategy may be to SPAN the flow traffic from the Cisco Catalyst switch to a separate device, such as the Cisco Service Control Engine (SCE), which can then perform analysis of the flows and export records to a centralized NetFlow collector for monitoring and reporting. NetFlow Collector Considerations The aggregation capabilities of the NetFlow collector determine to a large extent the usefulness of the NetFlow data from a medianet perspective. Most NetFlow collectors provide monitoring and historical reporting of aggregate bit rates, byte counts, and packet counts of overall IP data. Typically, this can be further divided into TCP, UDP, and other IP protocols, such as Internet Control Message Protocol (ICMP). However, beyond this level of analysis, some NetFlow collectors simply report Real-Time 6-8 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality Transport Protocol (RTP) traffic as “Other UDP “or “VoIP”, because RTP can use a range of UDP ports. Further, the ability to drill down to monitor and generate reports that show the specific hosts and flows that constitute RTP video and/or VoIP traffic, versus all UDP flows, may be limited. Further, both VoD, and in some cases video surveillance traffic, can be sent using HTTP instead of RTP. Therefore, generating useful reports showing medianet-relevant information, such as how much video data (RTP- and/or HTTP-based) is crossing a particular point within the network, may not be straightforward. For devices such as TelePresence endpoints and IP video surveillance cameras, you can often simply assume that most of the data generated from the device is video traffic, and therefore use the overall amount of IP traffic from the device as a good estimate of the overall amount of video traffic generated by the device. Figure 6-2 shows a sample screen capture from a generic NetFlow collector, showing flow information from Cisco TelePresence System endpoints to a Cisco TelePresence Multipoint Switch, in a multipoint call. Figure 6-2 Sample Host Level Reporting From a NetFlow Collector Showing TelePresence Endpoints Note Figure 6-2 shows a screen capture from the open source ntop NetFlow collector. The IP addresses of the TelePresence devices have been replaced by a hostname to more easily identify the endpoints. As can be seen, both the actual traffic sent and received, in terms of bytes, as well as the percentage of the overall traffic seen across this particular interface over time are recorded. Such information may be useful from the perspective of determining whether the percentage of bandwidth allocated for TelePresence calls relative to other traffic, across the interfaces of this particular collection point, matches the actual data flows captured over an extended period of time. However, this information must also be used with caution. Flow records are exported by NetFlow based on the following: • The flow transport has completed; for example, when a FIN or RST is seen in a TCP connection. • The flow cache has become full. The cache default size is typically 64 K flow cache entries on Cisco IOS platforms. This can typically be changed to between 1024 and 524,288 entries. • A flow becomes inactive. By default on Cisco IOS platforms, a flow unaltered in the last 15 seconds is classified as inactive. This can typically be set between 10 and 600 seconds. • An active flow has been monitored for a specified number of minutes. By default on Cisco IOS platforms, active flows are flushed from the cache when they have been monitored for 30 minutes. You can configure the interval for the active timer between 1 and 60 minutes.6-9 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality • Routing device default timer settings are 15 seconds for the inactive timer and 30 minutes for the active timer. You can configure your own time interval for the inactive timer between 10 and 600 seconds. You can configure the interval for the inactive timer between 10 and 600 seconds. Long-lived flows such as TelePresence meetings may export flow data while the meeting is still ongoing. Therefore, the amount of data sent and/or received may not reflect the entire flow. In addition, the percentage of overall traffic does not indicate a particular timeframe, but more likely the percentage since collection began on the Netflow collector. The network administrator would benefit more from information that indicated the percentage of traffic during specific time intervals, such as peak times of the work day. Finally, the percentage of overall traffic represents an average over time, not peak usage, which may again be necessary to truly determine whether sufficient bandwidth is provisioned per service class across the medianet infrastructure. The aggregation of flows based on type of service (ToS) may be useful from a medianet perspective, to characterize the amount or relative percentage of video traffic flows at given points within the network; provided the enterprise has deployed a QoS model that differentiates the various video flows into different service classes. This methodology also assumes a NetFlow collector capable of reporting flows based on ToS markings. NetFlow collectors such as the Cisco NAM Traffic Analyzer provide the ability to monitor and/or generate reports that show traffic flows based on DSCP values. NAM Analysis of NetFlow Traffic, page 6-15 discusses this functionality. If a NetFlow collector that provides aggregation and reporting based on medianet-relevant parameters is not available, it may be necessary in some situations to develop custom applications that show the appropriate level of flow details to provide relevant reporting information from an enterprise medianet perspective. NetFlow Export of Multicast Traffic Flows From a medianet perspective, NetFlow version 9 offers the advantage of being able to export flow data from multicast flows. Multicast is often used to efficiently broadcast live video events across the enterprise IP infrastructure, rather than duplicate multiple unicast streams to each endpoint. Figure 6-3 shows an example of multicast flows exported to a generic NetFlow collector. Figure 6-3 Example of Multicast Flows Captured By a NetFlow Collector Note Figure 6-3 shows a screen capture from the open source ntop NetFlow collector.6-10 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality Besides individual flows, which may be challenging to identify from all the other flow data, some NetFlow collectors can generate aggregate reporting information regarding the total amount of unicast, broadcast, and multicast flows seen at a given point within the network infrastructure. An example is shown in Figure 6-4. Figure 6-4 Example of Aggregated Flow Data Reported By a NetFlow Collector Note Figure 6-4 shows a screen capture from the open source ntop NetFlow collector. The combination of individual multicast flow information as well as aggregated flow information may be useful in determining whether sufficient bandwidth has been provisioned across a particular point within the medianet infrastructure to support existing multicast flows. NetFlow Configuration Example The configuration snippets in Example 6-1 and Example 6-2 show a basic NetFlow configuration on a Cisco Catalyst 6500 Series Switch as well as on a Cisco IOS router platform. Note that this example shows no flow filtering or sampling, which may be necessary to decrease CPU and/or bandwidth utilization for NetFlow collection in production environments. Example 6-1 NetFlow Configuration on a Cisco Catalyst 6500 Series Switch mls netflow ! Enables NetFlow on the PFC mls flow ip interface-full ! Sets the NetFlow flow mask mls nde sender ! Enables NetFlow device export ! ! ~ ! ! interface TenGigabitEthernet6/1 description CONNECTION TO ME-EASTCORE-1 TEN5/4 ip address 10.16.100.13 255.255.255.252 ip flow ingress ! Enables MSFC NetFlow ingress on the interface6-11 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Network-Embedded Management Functionality ip multicast netflow ingress ! Enables multicast NetFlow ingress on the interface ip pim sparse-mode no ip route-cache load-interval 30 wrr-queue bandwidth 5 35 30 priority-queue queue-limit 30 wrr-queue queue-limit 5 35 30 wrr-queue random-detect min-threshold 3 60 70 80 90 100 100 100 100 wrr-queue random-detect max-threshold 1 100 100 100 100 100 100 100 100 wrr-queue random-detect max-threshold 2 100 100 100 100 100 100 100 100 wrr-queue random-detect max-threshold 3 70 80 90 100 100 100 100 100 wrr-queue cos-map 1 1 1 wrr-queue cos-map 2 1 0 wrr-queue cos-map 3 1 2 wrr-queue cos-map 3 2 3 wrr-queue cos-map 3 3 6 wrr-queue cos-map 3 4 7 priority-queue cos-map 1 4 5 mls qos trust dscp ! interface TenGigabitEthernet6/2 description CONNECTION TO ME-EASTCORE-2 TEN1/1 ip address 10.16.100.1 255.255.255.252 ip flow ingress ! Enables MSFC NetFlow ingress on the interface ip multicast netflow ingress ! Enables multicast NetFlow ingress on the interface ip pim sparse-mode no ip route-cache load-interval 30 udld port wrr-queue bandwidth 5 35 30 priority-queue queue-limit 30 wrr-queue queue-limit 5 35 30 wrr-queue random-detect min-threshold 3 60 70 80 90 100 100 100 100 wrr-queue random-detect max-threshold 1 100 100 100 100 100 100 100 100 wrr-queue random-detect max-threshold 2 100 100 100 100 100 100 100 100 wrr-queue random-detect max-threshold 3 70 80 90 100 100 100 100 100 wrr-queue cos-map 1 1 1 wrr-queue cos-map 2 1 0 wrr-queue cos-map 3 1 2 wrr-queue cos-map 3 2 3 wrr-queue cos-map 3 3 6 wrr-queue cos-map 3 4 7 priority-queue cos-map 1 4 5 mls qos trust dscp ! ! ~ ! ! ip flow-export source Loopback0 ! Sets the source interface of NetFlow export packets ip flow-export version 9 ! Sets the NetFlow export version to version 9 ip flow-export destination 10.17.99.2 3000 ! Sets the address & port of the NetFlow collector Example 6-2 NetFlow Configuration on a Cisco IOS Router interface GigabitEthernet2/0 description CONNECTS to BRANCH LAN SWITCH ip address 10.31.0.1 255.255.255.252 ip flow ingress ! Enables NetFlow collection ingress on the interface ! ~ !6-12 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module ip flow-export source Loopback0 ! Sets the source interface of NetFlow export packets ip flow-export version 9 ! Sets the NetFlow export version to version 9 ip flow-export destination 10.16.4.10 2061 ! Sets the address and port of the NetFlow collector For more information regarding the configuration of NetFlow on Cisco IOS routers, see the Cisco IOS NetFlow Configuration Guide, Release 12.4 at the following URL: http://www.cisco.com/en/US/docs/ios/netflow/configuration/guide/12_4/nf_12_4_book.html. For more information regarding the configuration of NetFlow on Cisco Catalyst 6500 Series Switch platforms, see the following documents: • Configuring NetFlow— http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/netfl ow.html • Configuring NDE— http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/nde. html Cisco Network Analysis Module The Cisco Network Analysis Module (NAM) enables network administrators to understand, manage, and improve how applications and services are delivered over network infrastructures. The NAM offers the following services: • Flow-based traffic analysis of applications, hosts, and conversations • Performance-based measurements on application, server, and network latency • Quality of experience metrics for network-based services such as VoIP • Problem analysis using packet captures From an FCAPS management perspective, the NAM is most applicable as a performance management tool within an enterprise medianet, although both the packet capture and the monitoring statistics can also be used for fault management purposes. The current release of NAM software is version 4.1. The NAM software runs on the platforms listed in Table 6- 2. Specific hardware configurations and OS versions required for support of NAM modules and/or software can be found in the documentation for each specific platform. Table 6-2 NAM Platform Support Cisco Product Platform NAM Model Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers WS-SVC-NAM-1-250S or WS-SVC-NAM-2-250S Cisco 3700 Series Routers; Cisco 2811, 2821, and 2851 Series ISRs; Cisco 3800 Series ISRs; Cisco 2911, 2921, and 2951 Series ISR G2s; Cisco 3900 Series ISR G2s NME-NAM-120S Cisco WAVE-574 and Cisco WAE-674 with NAM 4.1 Software Running on a Virtual Blade NAM-WAAS-VB Standalone NAM Appliance NAM 2204 or NAM 2220 Appliance6-13 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module This document discusses only the use of the Cisco Catalyst 6500 Series Network Analysis Module (WS-SVC-NAM-2). Specific testing was performed with a WS-SVC-NAM-2 with a WS-SUP32P-10GE supervisor within a Cisco Catalyst 6506-E chassis. Other platforms may have slightly different functionality. The WS-SVC-NAM-2 can analyze and monitor network traffic in the following ways: • The NAM can analyze chassis traffic via Remote Network Monitoring (RMON) support provided by the Cisco Catalyst 6500 Series supervisor engine. • The NAM can analyze traffic from local and remote NetFlow Data Export (NDE). • The NAM can analyze Ethernet LAN traffic via Switched Port Analyzer (SPAN), remote SPAN (RSPAN), or VLAN ACL (VACL); allowing the NAM to serve as an extension to the basic RMON support provided by the Cisco Catalyst 6500 Series supervisor engine. This document discusses only certain functionality of the NAM as it relates to gaining visibility into video flows within an enterprise medianet. A comprehensive discussion of the configuration and monitoring functionality of the NAM is outside the scope of this document. For the end-user and configuration guides for the Cisco Network Analysis Module Software, see the following URL: http://www.cisco.com/en/US/products/sw/cscowork/ps5401/tsd_products_support_series_home.html. NAM Analysis of Chassis Traffic The WS-SVC-NAM-2 has the ability to collect basic traffic statistics, per interface, from the supervisor line card within the Cisco Catalyst 6500 chassis. These statistics can be viewed as current rates or as cumulative data collected over time. Current rate data includes statistics such as the following: • Input and output percentage utilization of the interface • Input and output packets/second • Input and output bit or byte rates • Input and output non-unicast (multicast and broadcast) packets/second • Input and output discards/second • Input and output errors/second. Figure 6-5 shows an example of the monitoring output.6-14 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-5 Example of WS-SVC-NAM-2 Traffic Analyzer Chassis Interface Statistics From a medianet management perspective, these statistics can be used for high-level troubleshooting of traffic crossing the particular chassis, because even small rates of packet discards or interface errors can result in degraded video quality. Note, however, that the interface statistics alone cannot be used to determine whether video traffic is being discarded, because packet discards can be occurring only within a particular switch port queue that may or may not hold video traffic. However, as is discussed in Router and Switch Command-Line Interface, page 6-35, many router and switch platforms can show drops down to the level of individual queues within the CLI. If mini-RMON port statistics are enabled, the WS-SVC-NAM-2 provides slightly more information regarding the types of errors encountered per interface, including undersized and oversized packets, Cyclic Redundancy Check (CRC) errors, fragments, jabbers, and collisions. Figure 6-6 provides an example showing port statistics on the uplink ports of a Cisco Catalyst 6500 switch. Figure 6-6 Example of W-SVC-NAM-2 Traffic Analyzer Chassis Port Statistics The port statistics can also provide information regarding the amount multicast traffic crossing the interfaces. When viewed as current rates, the NAM port statistics show the number of multicast packets/second seen by the interface. These can be graphed in real time as well, or viewed as cumulative data. The port statistics do not show current rates in terms of bits/second or bytes/seconds for multicast data, which would be useful for determining bandwidth provisioning for multicast traffic. However, the design engineer can still gain some visibility into the amount of multicast traffic crossing a particular interface on the Cisco Catalyst 6500 through the WS-SVC-NAM-2 port statistics.6-15 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module If the WS-SVC-NAM-2 is installed within a Cisco Catalyst 6500 chassis that contains a Sup-32 PISA supervisor, you have the option of enabling Network-Based Application Recognition (NBAR) analysis of traffic forwarded through the supervisor, on a per-interface basis. NBAR adds the ability to analyze the traffic statistics collected through the supervisor at the protocol level. An example is shown in Figure 6-7. Figure 6-7 Example of NAM Traffic Analyzer with NBAR Enabled As before, the data can be viewed as current rates or as cumulative data. Individual protocol rates can also be graphed in real-time. As can be seen in Figure 6-7, NBAR has the ability to identify audio and video media as RTP streams, along with Real-Time Control Protocol (RTCP) control channels. NBAR can also identify signaling protocols, such as SIP. Therefore, NBAR can provide useful information regarding how much video traffic is crossing interfaces of the particular Cisco Catalyst 6500 chassis. This information may be used in determining whether sufficient bandwidth has been provisioned for a particular type of traffic, such as RTP. However, the combination of the NAM with NBAR still does not specifically identify a particular type of RTP flow as possibly being an IP video surveillance flow or a desktop video conferencing flow. Also, because different RTP flows from different video applications can be configured for different service classes, they may be placed into separate egress queues on the Cisco Catalyst 6500 switch ports. Therefore, simply knowing the aggregate bit rate of RTP flows through an interface still does not necessarily provide the level of detail to determine whether sufficient bandwidth is allocated per service class, and therefore per queue, on the particular Cisco Catalyst switch port. As is discussed in the next section, the NetFlow Data Export and SPAN monitoring functionality of the NAM can provide further detailed information to assist in determining whether sufficient bandwidth has been provisioned per service class. NAM Analysis of NetFlow Traffic As mentioned in NetFlow Strategies Within an Enterprise Medianet, page 6-6, the NAM Traffic Analyzer can also function as a NetFlow collector. This allows the NAM to analyze traffic flows from remote devices within the enterprise medianet, without having to use the SPAN and RSPAN functionality 6-16 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module of Cisco Catalyst switches. Although NetFlow provides less information than a SPAN or RSPAN of the actual traffic, the overall bandwidth utilization can be significantly less, and NetFlow can therefore be far more scalable as a mechanism to view traffic flow data throughout a medianet. In this type of configuration, NetFlow traffic statistics can be collected from remote switches and routers throughout the enterprise medianet and forwarded to one or more WS-SVC-NAM-2 modules centrally located, perhaps within a Cisco Catalyst 6500 service switch within a campus data center service module. Alternatively NetFlow traffic may be forwarded to a NAM 2200 Series Appliance. To configure NetFlow collector functionality within the NAM, each remote NetFlow Data Export (NDE) device must be added to the NetFlow Devices screen of the NAM web-based GUI, as shown in Figure 6-8. An optional SNMP v1/2c read-only community string can be configured to allow the NAM to include the configured description next to interface definitions. Note Note that the NAM does not currently support SNMP v3. Figure 6-8 Configuration of NetFlow Devices within the NAM The NAM allows multiple interfaces on a single physical device to be treated a single NetFlow custom data source. Interfaces from different devices cannot currently be aggregated into a single data source. This means that redundant pairs of switches or routers that load balance traffic (as shown in Figure 6-1) appear as multiple data sources to the NAM Traffic Analyzer. You may have to manually combine the results from the individual NetFlow data sources to gain an understanding of the total traffic flows through a given set of redundant devices. The exception to this is if VSS is deployed across a pair of redundant Cisco Catalyst 6500 switches. VSS allows a redundant pair of Cisco Catalyst 6500s to appear 6-17 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module as a single device. Therefore, the NetFlow statistics from multiple interfaces on both switches can appear as a single data set. Figure 6-9 shows an example of how multiple interfaces on a single device are aggregated into a single NetFlow custom data source on the NAM. Figure 6-9 Configuration of Custom Data Sources on the NAM From a medianet management perspective, one of the attractive features of the NAM as a NetFlow collector is its ability to monitor and generate reports on traffic flows, based on their DSCP values. If the various video applications running over the network are separated into different service classes, gaining visibility into the amount of traffic per service class allows you to gain visibility into the amount of traffic that a particular application is generating across key parts of the medianet infrastructure. To accomplish this, you first need to create a diffserv aggregation profile that maps traffic with different DSCP values into aggregation groups for reporting. An example of an aggregation profile based on the Cisco enterprise 12-class QoS model is shown in Figure 6-10.6-18 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-10 Diffserv Profile Based on the Cisco Enterprise 12-Class QoS Model As can be seen, each of the DSCP markings corresponds to one of the 12 QoS classes. Because assured forwarding (AF) traffic may be marked down (for example from AFx1 to AFx2 or AFx3) within service provider Multiprotocol Label Switching (MPLS) networks, these have been added to the diffserv aggregation profile as separate aggregation groups in the example above. This can provide additional value in that you may be able determine whether traffic within the particular assured forwarding traffic classes is being marked down because the traffic rates are outside the contracted rates of the service 6-19 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module provider network. The downside to this approach, however, is that you may have to manually combine the monitoring and reporting statistics from the separate aggregation groups to gain a view of all the traffic within a single assured forwarding (AFx1, AFx2, and AFx3) class. Alternatively, the AFx1, AFx2, and AFx3 traffic can be placed into a single aggregation group (for instance AF41, AF42, and AF42 all placed into a multimedia-conferencing group). This makes it easier to view the overall amount of traffic within a particular AF class, but at the loss of the information regarding if or how much of the traffic was marked down. After the diffserv aggregation profile has been created, it must be applied to monitor each data source in which it is desired to see traffic statistics, application statistics, and/or host statistics; based on the aggregation groupings defined within in the profile. An example of this is shown in Figure 6-11, in which the 12-Class-QoS diffserv profile has been applied to the NDE source corresponding to a WAN edge router. Figure 6-11 Application of the Diffserv Aggregation Profile to an NDE Source When applied, the traffic, application, and/or IP host statistics can be viewed as current rates or cumulative data. Figure 6-12 shows an example of the output from the traffic statistics shown as current rates.6-20 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-12 Traffic Statistics per Service Class from an NDE Source The example above shows the breakout of traffic flows from a campus core to a WAN edge switch (as shown in Figure 6-1). This level of traffic analysis may be used to assist in determining whether the provisioning of traffic on existing WAN policy maps is appropriate for the actual traffic levels that cross the WAN interfaces. Policy maps on Cisco IOS router platforms are often configured to allow applications to exceed the allocated bandwidth for a particular service class, if available bandwidth exists on the WAN link. Therefore, just because no drops are being seen on a particular service class on a WAN link, does not mean the provisioned bandwidth is sufficient for the traffic within that service class. The service class may be borrowing from other service classes. Visibility into the amount of actual traffic flows per service class can help ensure that you allocate the appropriate amount of bandwidth per service class. You can drill down further into each service class to identify particular application flows, based on their TCP or UDP port numbers. This is done through the Diffserv Application Statistics screen, as shown in Figure 6-13.6-21 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-13 Application Statistics per Service Class from an NDE Source Here, note again what was previously mentioned in NetFlow Collector Considerations, page 6-7. The NAM itself cannot identify the particular application flows per service class as being IP video surveillance flows, TelePresence flows, or VoD flows. However, if different video applications are separated into different service classes, you may be able to determine to which video application the flows belong. For example, in the network used for the example in Figure 6-13, only Cisco TelePresence traffic was placed in the Real-Time Interactive service class. Therefore, you can easily identify that the flows within Figure 6-13 represent TelePresence meetings. By selecting any one of the flows and clicking the Details button, you can see the host IP addresses that generated the flows. Alternatively, you can drill down into each service class to identify particular hosts responsible for the flows, based on their IP addresses. This is done through the Diffserv Application Hosts screen, as shown in Figure 6-14.6-22 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-14 Host Statistics per Service Class from an NDE Source Note that if the particular device is an application-specific video device, such as a Cisco TelePresence System endpoint or an IP video surveillance camera, DNS address translation may be useful to provide a meaningful name that indicates the type of video device instead of an IP address. NAM Analysis of SPAN/RSPAN Traffic When configured to analyze traffic that has been sent to the WS-SVC-NAM-2 via the Cisco Catalyst 6500 SPAN or RSPAN features, the NAM provides the same ability to monitor and generate reports for traffic based on service class, as was discussed in the previous section. In addition, the NAM can provide more detailed monitoring of RTP streams included within the SPAN or RSPAN traffic flows. An example of the RTP stream traffic is shown in Figure 6-15.6-23 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-15 NAM RTP Stream Traffic As can be seen from Figure 6-15, the NAM has the ability to collect detailed performance data from RTP flows down to individual synchronization sources (SSRCs), including packet loss counts for the session, packet loss percentages for the session, jitter, and whether the RTP session is still active. Further information can be viewed by highlighting and selecting the details regarding each individual flow, as shown in Figure 6-16. Figure 6-16 RTP Flow Details Here you can view the flow in increments over time, to see whether the packet loss and high jitter levels were a one-time event during the session, or were continuous throughout the session. This level of detail can be used to assist in identifying performance issues within the network down to the level of individual cameras within a multi-screen (CTS-3000) TelePresence meeting. 6-24 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Cisco IP Service Level Agreements Cisco IPSLAs are an active traffic monitoring utility for measuring network performance. IPSLA support is included within most Cisco IOS router platforms, Cisco Catalyst switch platforms (including the Cisco Catalyst 6500, Cisco Catalyst 4500, and Cisco Catalyst 3750E Series), and some Cisco video endpoints such as Cisco TelePresence Systems endpoints. IPSLAs operate in a sender/responder configuration. Typically a Cisco IOS router or switch platform is configured as a source (the IPSLA sender) of packets, otherwise known as IPSLA probes, which are crafted specifically to simulate a particular IP service on the network. These packets are sent to the remote device (the IPSLA responder), which may loop the packets back to the IPSLA Sender. In this manner, enterprise medianet service level parameters such as latency, jitter, and packet loss can be measured. There are a variety of Cisco IPSLA operations, meaning that various types of IP packets can be generated by the IPSLA sender and returned by the IPSLA responder. Depending on the particular platform, these can include the following operations: • UDP jitter • ICMP path jitter • UDP jitter for VoIP • UDP echo • ICMP echo • ICMP path echo • HTTP • TCP connect • FTP • DHCP • DNS • Data Link Switching Plus (DLSW+) • Frame Relay For a discussion of each of the different IPSLA operations and how to configure them on Cisco IOS router platforms, see the Cisco IOS IPSLAs Configuration Guide, Release 12.4 at the following URL: http://www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html. IPSLAs as a Pre-Assessment Tool From an FCAPS management perspective, IPSLAs are most applicable as a performance management tool within an enterprise medianet. They can be used to pre-assess the ability of the IP network infrastructure to support a new service, such as the deployment of Cisco TelePresence, between two points within the network. Because most video flows are RTP-based, the UDP jitter IPLSA operation typically has the most relevance from a medianet pre-assessment perspective. Note Note that many video flows use other transport protocols. For example, both VoD and MJPEG-based IP video surveillance may use HTTP as the transport protocol instead of RTP. The usefulness of IPSLAs as a pre-assessment tool depends to a large extent on the knowledge of the medianet video flow that is to be simulated by IPSLA traffic, and whether an IPSLA operation can be crafted to accurately replicate the medianet video flow. This can be particularly challenging for high 6-25 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module definition video for several reasons. First, video flows are sent as groups of packets every frame interval. These groups of packets can be bunched-up at the beginning of the frame interval, or spread evenly across the frame interval, depending on how the video application (that is, the transmitting codec) is implemented. Also, each packet within a single frame can vary in size. Operations such as the UDP jitter IPSLA operation transmit fixed-sized packets at regular intervals, similarly to VoIP. Second, high definition video frames often consist of more than ten packets per frame, meaning that the interval between the individual packets sent within a single video frame can vary from less than one millisecond to several milliseconds. Observations on a highly loaded Cisco Catalyst 6500 with a Sup-32 processor have shown that individual UDP jitter IPSLA operations can generate packets with intervals of 4 milliseconds or greater with large packet payload sizes. Smaller platforms such as the Cisco 2800 Series ISR may be capable of generating packets with intervals of only 8–12 milliseconds or greater, depending on the loading of the platform. Note Although some platforms allow configuration of intervals down to one millisecond, the design engineer may find it necessary to capture a data trace of the IPSLA probes to determine the actual frame rate generated by the IPSLA sender. Partly because the loading on the CPU affects the rate at which IPSLA probes are generated, pre-assessments services of deployments such as Cisco TelePresence are often performed with dedicated ISR router platforms. Likewise, some organizations deploy router platforms at campus and branch locations dedicated for IPSLA functions. Crafting one or more UDP jitter IPSLA operations that accurately replicate the size of the individual packets sent, the interval between individual packets sent, and the frame-based nature of video can be challenging. These attributes are important to factor in because network parameters such as jitter and packet loss are often largely dependent on the queue depths and buffer sizes of networking gear along the path between the endpoints. Sending a smooth flow of evenly spaced packets, or larger packets less frequently, may result in significantly different results than the actual video flows themselves. As an example, to accurately pre-assess the ability of the network to handle a flow such as a TelePresence endpoint, you must craft a sequence of packets that accurately simulates the endpoint. Figure 6-17 shows a close-up of the graph from a data capture of the video stream from a Cisco TelePresence CTS-1000 running Cisco TelePresence System version 1.6 software.6-26 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-17 Detailed Graph of a CTS-1000 Video Stream (Version 1.6) As can be seen from Figure 6-17, TelePresence video packets average slightly under 1100 bytes in size. Each video frame consists of approximately 16 packets, spaced from 1–3 msec apart, spread across the 33 msec frame interval. Based on this analysis, a UDP jitter IP SLA operation consisting of 1060 byte packets with a interval of 2 msec between packets, sent with a ToS value equivalent to CS4 traffic, would simulate the size and packet rate of a TelePresence video stream. The overall data rate would be approximately 1060 bytes/packet * 500 packets/sec * 8 bits/byte = 4.24 Mbps. Figure 6-18 shows a close-up of the graph from a data capture of a single audio stream from a TelePresence CTS-1000 running Cisco TelePresence System version 1.6 software.6-27 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-18 Detailed Graph of a CTS-1000 Audio Stream (Version 1.6) As shown in Figure 6-18, TelePresence audio packets are approximately 225 bytes in size, sent every 20 msec. Based on this analysis, a UDP jitter IP SLA operation consisting of 225-byte packets with a interval of 20 msec between packets, sent with a ToS value equivalent to CS4 traffic (because Cisco TelePresence sends audio with the same marking as video) would simulate the size and packet rate of a single TelePresence audio stream. The overall data rate would be approximately 225 bytes/packet * 50 packets/sec * 8 bits/byte = 90 Kbps. As previously mentioned, however, a lightly loaded Cisco Catalyst 6500 with Sup-32 processor was observed to be able to generate packets with a minimum packet interval of only 4 milliseconds. Therefore, one method of simulating the number of packets and their sizes within the TelePresence video stream is to implement two UDP jitter IPSLA operations on the Cisco Catalyst 6500, each with a packet interval of 4 milliseconds, and to schedule them to start simultaneously. A third UDP jitter IPSLA operation can also be run simultaneously to simulate the audio stream. Figure 6-19 shows a close-up of the graph from a data capture of the actual data stream from these UDP jitter IPSLA operations.6-28 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Figure 6-19 Detailed Graph of Multiple UDP Jitter IPSLA Operations Simulating a Cisco TelePresence CTS-1000 From Figure 6-19, it appears that UDP jitter IPSLA operations #1 and #2 space their packets each 1 millisecond apart. However, this is just because of the graphing of the data points. The actual data trace reveals that the Cisco Catalyst 6500 switch sends packets from both UDP jitter IPSLA operations roughly back-to-back every four milliseconds. Therefore, the IPSLA-simulated video packets are slightly more clumped together than actual TelePresence video packets, but still considered acceptable from a pre-assessment perspective. The third UDP jitter IPSLA operation generates a simulated audio stream of packets every 20 milliseconds. Note that a CTS-1000 can receive up to three audio streams and an additional auxiliary video stream for presentations. Simulation of these streams are not shown in this example for simplicity. However, the method discussed above can be extended to include those streams as well if needed. Likewise, the method may be used to simulate other video flows simply by capturing a data trace, analyzing the flow, and setting up the appropriate IPSLA operations. The configuration snippet on Example 6-3 shows the configuration of the UDP jitter IPSLA operations on the Cisco Catalyst 6500 switch that were used to create the simulation from which the data in Figure 6-19 was captured. Example 6-3 IPSLA Sender Configuration on a Cisco Catalyst 6500 Series Switch ip sla monitor 24 type jitter dest-ipaddr 10.24.1.11 dest-port 32800 source-ipaddr 10.16.1.1 source-port 32800 num-packets 16500 interval 2 request-data-size 1018 tos 128 ip sla monitor 25 type jitter dest-ipaddr 10.24.1.11 dest-port 32802 source-ipaddr 10.16.1.1 source-port 32802 num-packets 16500 interval 2 request-data-size 1018 tos 128 ip sla monitor 26 type jitter dest-ipaddr 10.24.1.11 dest-port 32804 source-ipaddr 10.16.1.1 source-port 32804 num-packets 3300 interval 206-29 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module request-data-size 183 tos 128 ! ip sla monitor group schedule 1 24,25,26 schedule-period 1 frequency 70 start-time now life 700 ! ~ Even though the packet interval has been configured at 2 milliseconds for ip sla monitor 25 and ipsla monitor 26, the real interval between packets was observed to be 4 milliseconds. Sending 16,500 packets spaced at 4 milliseconds apart takes approximately 66 seconds. The configuration of ip sla monitor group schedule 1 with a schedule period of one second causes the three UDP jitter operations to simultaneously start. The frequency of 70 seconds ensures that the previous operations complete before they begin again. The operation was set to run for approximately 10 intervals, or 700 seconds. Note that the length of time needed to perform a real assessment of a network to support a service such as a CTS-1000 is completely at the discretion of the network administrator. The aggregated output from the IPSLA tests can be displayed via the show ip sla monitor statistics aggregated details command on the Cisco Catalyst 6500 switch, as shown in Example 6-4. It shows the packet loss; minimum and maximum jitter; and minimum, maximum and average latency for each of the three UDP jitter IPSLA operations. Example 6-4 IPSLA Aggregated Statistics on a Cisco Catalyst 6500 Series Switch me-eastdc-1#show ip sla monitor statistics aggregated details Round trip time (RTT) Index 24 Start Time Index: .10:53:07.852 EST Mon Nov 16 2009 Type of operation: jitter Voice Scores: MinOfICPIF: 0 MaxOfICPIF: 0 MinOfMOS: 0 MaxOfMOS: 0 RTT Values Number Of RTT: 94674 RTT Min/Avg/Max: 1/1/7 Latency one-way time milliseconds Number of Latency one-way Samples: 0 Source to Destination Latency one way Min/Max: 0/0 Destination to Source Latency one way Min/Max: 0/0 Source to Destination Latency one way Sum/Sum2: 0/0 Destination to Source Latency one way Sum/Sum2: 0/0 Jitter time milliseconds Number of Jitter Samples: 94664 Source to Destination Jitter Min/Max: 1/4 Destination to Source Jitter Min/Max: 1/6 Source to destination positive jitter Min/Avg/Max: 1/1/4 Source to destination positive jitter Number/Sum/Sum2: 1781/1849/2011 Source to destination negative jitter Min/Avg/Max: 1/1/4 Source to destination negative jitter Number/Sum/Sum2: 1841/1913/2093 Destination to Source positive jitter Min/Avg/Max: 1/1/6 Destination to Source positive jitter Number/Sum/Sum2: 3512/3532/3632 Destination to Source negative jitter Min/Avg/Max: 1/1/6 Destination to Source negative jitter Number/Sum/Sum2: 3447/3468/3570 Interarrival jitterout: 0 Interarrival jitterin: 0 Packet Loss Values Loss Source to Destination: 0 Loss Destination to Source: 0 Out Of Sequence: 0 Tail Drop: 0 Packet Late Arrival: 0 Number of successes: 10 Number of failures: 0 Failed Operations due to over threshold: 0 Failed Operations due to Disconnect/TimeOut/Busy/No Connection: 0/0/0/0 Failed Operations due to Internal/Sequence/Verify Error: 0/0/0 Distribution Statistics: Bucket Range: 0-19 ms6-30 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Avg. Latency: 0 ms Percent of Total Completions for this Range: 100 % Number of Completions/Sum of Latency: 10/3 Sum of RTT squared low 32 Bits/Sum of RTT squared high 32 Bits: 3/0 Operations completed over thresholds: 0 Round trip time (RTT) Index 25 Start Time Index: .10:53:07.856 EST Mon Nov 16 2009 Type of operation: jitter Voice Scores: MinOfICPIF: 0 MaxOfICPIF: 0 MinOfMOS: 0 MaxOfMOS: 0 RTT Values Number Of RTT: 94672 RTT Min/Avg/Max: 1/1/8 Latency one-way time milliseconds Number of Latency one-way Samples: 0 Source to Destination Latency one way Min/Max: 0/0 Destination to Source Latency one way Min/Max: 0/0 Source to Destination Latency one way Sum/Sum2: 0/0 Destination to Source Latency one way Sum/Sum2: 0/0 Jitter time milliseconds Number of Jitter Samples: 94662 Source to Destination Jitter Min/Max: 1/4 Destination to Source Jitter Min/Max: 1/7 Source to destination positive jitter Min/Avg/Max: 1/1/3 Source to destination positive jitter Number/Sum/Sum2: 2498/2559/2691 Source to destination negative jitter Min/Avg/Max: 1/1/4 Source to destination negative jitter Number/Sum/Sum2: 2553/2620/2778 Destination to Source positive jitter Min/Avg/Max: 1/1/7 Destination to Source positive jitter Number/Sum/Sum2: 4470/4511/4725 Destination to Source negative jitter Min/Avg/Max: 1/1/6 Destination to Source negative jitter Number/Sum/Sum2: 4413/4448/4622 Interarrival jitterout: 0 Interarrival jitterin: 0 Packet Loss Values Loss Source to Destination: 0 Loss Destination to Source: 0 Out Of Sequence: 0 Tail Drop: 0 Packet Late Arrival: 0 Number of successes: 10 Number of failures: 0 Failed Operations due to over threshold: 0 Failed Operations due to Disconnect/TimeOut/Busy/No Connection: 0/0/0/0 Failed Operations due to Internal/Sequence/Verify Error: 0/0/0 Distribution Statistics: Bucket Range: 0-19 ms Avg. Latency: 0 ms Percent of Total Completions for this Range: 100 % Number of Completions/Sum of Latency: 10/5 Sum of RTT squared low 32 Bits/Sum of RTT squared high 32 Bits: 5/0 Operations completed over thresholds: 0 Round trip time (RTT) Index 26 Start Time Index: .10:53:02.892 EST Mon Nov 16 2009 Type of operation: jitter Voice Scores: MinOfICPIF: 0 MaxOfICPIF: 0 MinOfMOS: 0 MaxOfMOS: 0 RTT Values Number Of RTT: 16500 RTT Min/Avg/Max: 1/1/8 Latency one-way time milliseconds Number of Latency one-way Samples: 0 Source to Destination Latency one way Min/Max: 0/0 Destination to Source Latency one way Min/Max: 0/0 Source to Destination Latency one way Sum/Sum2: 0/0 Destination to Source Latency one way Sum/Sum2: 0/0 Jitter time milliseconds6-31 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Number of Jitter Samples: 16490 Source to Destination Jitter Min/Max: 1/4 Destination to Source Jitter Min/Max: 1/6 Source to destination positive jitter Min/Avg/Max: 1/1/4 Source to destination positive jitter Number/Sum/Sum2: 440/457/505 Source to destination negative jitter Min/Avg/Max: 1/1/4 Source to destination negative jitter Number/Sum/Sum2: 496/512/558 Destination to Source positive jitter Min/Avg/Max: 1/1/6 Destination to Source positive jitter Number/Sum/Sum2: 571/587/679 Destination to Source negative jitter Min/Avg/Max: 1/1/6 Destination to Source negative jitter Number/Sum/Sum2: 513/529/621 Interarrival jitterout: 0 Interarrival jitterin: 0 Packet Loss Values Loss Source to Destination: 0 Loss Destination to Source: 0 Out Of Sequence: 0 Tail Drop: 0 Packet Late Arrival: 0 Number of successes: 10 Number of failures: 0 Failed Operations due to over threshold: 0 Failed Operations due to Disconnect/TimeOut/Busy/No Connection: 0/0/0/0 Failed Operations due to Internal/Sequence/Verify Error: 0/0/0 Distribution Statistics: Bucket Range: 0-19 ms Avg. Latency: 1 ms Percent of Total Completions for this Range: 100 % Number of Completions/Sum of Latency: 10/10 Sum of RTT squared low 32 Bits/Sum of RTT squared high 32 Bits: 10/0 Operations completed over thresholds: 0 For the example above, the IPSLA responder was an actual Cisco TelePresence CTS-1000. Only IPSLA responder operations can be configured on Cisco TelePresence System endpoints; they cannot function as IPSLA sources. Configuration is only via the SSH CLI, as shown in Example 6-5. Example 6-5 IPSLA Responder Configuration on a CTS-1000 admin: utils ipsla responder initiators add net 10.16.1.0/24 admin: utils ipsla responder enable start The configuration above enables the IPSLA responder function for initiators (senders) on the 10.16.1.0/24 subnet. This corresponds to the source of the IPSLA packets from the Cisco Catalyst 6500. By default, the range of ports enabled on the CTS-1000 is from 32770 to 33000. However, the port range can be enabled by including start and end ports within the utils ipsla responder enable command. For a discussion of all the commands available via the SSH CLI, including all the IPSLA commands, see the Cisco TelePresence System Release 1.6 Command-Line Interface Reference Guide at the following URL: http://www.cisco.com/en/US/docs/telepresence/cts_admin/1_6/CLI/cts1_6cli.html. The use of IPSLA as a pre-assessment tool can be disruptive to existing traffic on the IP network infrastructure. After all, the objective of the pre-assessment test is to see whether the network infrastructure can support the additional service. For example, if a particular link within the network infrastructure has insufficient bandwidth, or a switch port has insufficient buffering capacity to support existing TelePresence traffic as well as the additional traffic generated from the IPSLA pre-assessment tests, both the existing TelePresence call and the IPSLA operation show degraded quality during the tests. You must therefore balance the possibility of temporarily degrading production services on the network against the value of the information gathered from running an IPSLA pre-assessment test during normal business hours. Running the IPSLA tests after hours may not accurately assess the ability of the network to handle the additional service, because after-hour traffic patterns may vary significantly from traffic patterns during normal business hours. Further, running a successful pre-assessment test after hours may lead to the installation of a production system that then results in degraded quality both for itself and for other production systems during normal business hours.6-32 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Finally, when multiple redundant equal-cost paths exist within the medianet infrastructure, Cisco Express Forwarding (formerly known as CEF) load balances the traffic across the equal-cost paths using a hash of the source and destination IP addresses for each session. Each router and switch along the path independently creates its Cisco Express Forwarding table based on IP routing protocols, and load balances sessions across its interfaces that represent equal-cost paths to the next hop along the path to the destination. An IPSLA probe generated by a switch or router has a different IP source address than the actual video device that is being pre-assessed. Therefore, the path taken by the IPSLA probes within a highly redundant network infrastructure may not be exactly the path taken by the actual video traffic from the device. The use of dedicated routers to perform an IPSLA network assessment eases this issue slightly, because the routers can be configured to use the actual IP addresses that the video endpoints will ultimately use. However, any changes to the Cisco Express Forwarding tables, brought about through routing changes or reloading of the switches/routers along the path, may result in a slightly different path established for the traffic when the actual video devices are installed. You should be aware of these limitations of IPSLA within a highly redundant medianet infrastructure. IPSLA as an Ongoing Performance Monitoring Tool If configured with careful consideration, IPSLAs can also be used as an ongoing performance monitoring tool. Rather than simulating an actual medianet video flow, IPSLA operations can be used to periodically send small amounts of traffic between two points within the network, per service class, to assess parameters such as packet loss, one-way latency, and jitter. Figure 6-20 shows an example of such a deployment between two branches. Figure 6-20 Example of IPSLA Used for Ongoing Performance Monitoring Campus #1 QFP Metro-Ethernet or MPLS Service Campus #2 Branch #1 Branch #2 IPSLA Operation SNMP Threshold Traps 228432 QFP6-33 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module For example, Figure 6-20 shows both TelePresence and desktop video conferencing endpoints. Following the Cisco 12-class QoS model, TelePresence traffic can be marked CS4 and placed within a real-time interactive service class because it traverses both the private WAN links as well as an MPLS service between the branches. Likewise, desktop video conferencing traffic can be marked AF41 and placed within a Multimedia Conferencing service class because it traverses both the private WAN links and MPLS service between the branches. (Note that both traffic types may be remarked as it enters and exits the MPLS network). The configuration snippets in Example 6-6 and Example 6-7 show this type of IPSLA configuration with a pair of Cisco 3845 ISRs, one configured as the IPSLA sender and the other configured as the corresponding IPSLA responder. Example 6-6 IPSLA Sender Configuration on a Cisco ISR 3845 ip sla 10 udp-jitter 10.31.0.1 32800 source-ip 10.17.255.37 source-port 32800 num-packets 5 interval 200 request-data-size 958 tos 128 frequency 300 ! ip sla 11 udp-jitter 10.31.0.1 32802 source-ip 10.17.255.37 source-port 32802 num-packets 5 interval 200 request-data-size 958 tos 136 frequency 300 ! ip sla reaction-configuration 10 react jitterDSAvg threshold-value 10 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 10 react rtt threshold-value 300 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 10 react jitterSDAvg threshold-value 10 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 10 react packetLossDS threshold-value 1 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 10 react packetLossSD threshold-value 1 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 10 react connectionLoss threshold-type immediate action-type trapOnly ip sla reaction-configuration 10 react timeout threshold-type immediate action-type trapOnly ! ip sla reaction-configuration 11 react rtt threshold-value 300 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 11 react jitterDSAvg threshold-value 10 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 11 react jitterSDAvg threshold-value 10 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 11 react packetLossDS threshold-value 1 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 11 react packetLossSD threshold-value 1 1 threshold-type immediate action-type trapOnly ip sla reaction-configuration 11 react connectionLoss threshold-type immediate action-type trapOnly ip sla reaction-configuration 11 react timeout threshold-type immediate action-type trapOnly ! ip sla group schedule 1 10-11 schedule-period 5 frequency 300 start-time now life forever ! ~6-34 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Example 6-7 IPSLA Responder Configuration on a Cisco ISR 3845 ip sla monitor responder ip sla monitor responder type udpEcho ipaddress 10.31.0.1 port 32800 ip sla monitor responder type udpEcho ipaddress 10.31.0.1 port 32802 ! ~ In the configuration example above, five 1000-byte packets (probes) with a CS4 DSCP marking, each spaced 200 milliseconds apart, are sent every 300 seconds. Likewise, five 1000-byte packets with an AF41 DSCP marking are sent every 300 seconds. Note The request-data-size parameter within the UDP jitter IPSLA operation specifies only the UDP payload size. The overall packet size on an Ethernet network can be obtained by adding the IP header (20 bytes), UDP header (8 bytes), and Layer 2 Ethernet header (14 bytes). This is a relatively small amount of traffic that can be used to measure parameters such as jitter, one-way latency, and packet loss per service class on an ongoing basis. As with the Cisco Catalyst 6500 example above, statistics can be viewed via the show ip sla monitor statistics aggregated details command on the Cisco 3845 ISR configured as the IPSLA sender. However, in this example, the IPSLA sender has also been configured to send SNMP traps in response to the IPSLA traffic in the following situations: • When destination-to-source jitter or source-to-destination jitter is outside the range of 1–10 milliseconds • When the round trip latency is outside the range of 1–300 milliseconds • When any packet loss occurs • When the IPSLA operation times out or the IPSLA control session indicates a connection loss Note that the jitter, packet loss, and round-trip-time latency parameters for the SNMP traps are configurable. The values used here are examples only. The settings chosen on a real implementation depend entirely on the service level targets for the particular traffic service class. For a discussion of each of the various traps and how to configure them on Cisco IOS router platforms, see Cisco IOS IPSLAs Configuration Guide, Release 12.4 at the following URL: http://www.cisco.com/en/US/docs/ios/12_4/ip_sla/configuration/guide/hsla_c.html. Rather than having to periodically log on to the IPSLA sender to view the statistics, you can simply monitor a central SNMP trap collector to determine whether the jitter, packet loss, and latency targets are being met. The usefulness of this approach depends to a large extend on how often the IPSLA traffic is sent and what the network is experiencing in terms of congestion. If a network is experiencing somewhat continuous congestion, resulting in high jitter (because of queueing) and some packet loss, an IPSLA operation that sends a few packets every few minutes is likely to experience some degradation, and therefore generate an SNMP trap to alert the network administrator. However, even under these circumstances, it may be several IPSLA cycles before one of the IPSLA packets is dropped or experiences high jitter. If the network experiences very transient congestion, resulting in brief moments of high jitter and packet loss, possibly periodic in nature (because of some traffic that sends periodic bursts of packets, such as high definition video frames), it may be many cycles before any of the IPSLA packets experience any packet loss or high jitter. Therefore, you must again balance the amount and frequency of traffic sent via the IPSLA operations against the additional overhead and potential degradation of network performance caused by the IPSLA operation itself. However, if implemented carefully, IPSLA operations can be used to proactively monitor service-level parameters such as jitter, packet loss, and latency per service class, on an ongoing basis. As discussed earlier, you may also choose to implement dedicated routers for IPSLA probes used for ongoing performance monitoring, rather than using the existing routers at branch and campus locations.6-35 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Router and Switch Command-Line Interface The following sections present several Cisco router and switch commands that can be run from the CLI, to gain visibility into traffic flows across an enterprise medianet. As with the functionality discussed in previous sections, a complete listing of all possible CLI commands is outside the scope of this document. Instead, this discussion focuses on commands that assist in determining at a high level whether drops are occurring within router and switch interfaces along the path of a video flow; and more specifically, to determine whether drops are occurring within service classes that are mapped to separate queues within the interfaces on the respective platforms. It is assumed that a QoS model has been implemented in which the various video applications are mapped to different service classes within the medianet infrastructure. The mapping of video applications can be accomplished through classification and marking of the application within the Cisco Catalyst switch port at the ingress edge of the network infrastructure; or by trusting an application-specific device, which is then connected to the Cisco Catalyst switch port, to correctly mark its traffic. Figure 6-21 shows an example of such a QoS model. The reader is encouraged to review Chapter 4, “Medianet QoS Design Considerations” before proceeding. Figure 6-21 Cisco RFC-4594 Based 12-Class QoS Model As can be seen from Figure 6-21, IP video surveillance traffic is assigned to the Broadcast Video service class with a CS5 marking; TelePresence traffic is assigned to the Real-Time Interactive service class with a CS4 marking; desktop videoconferencing is assigned to the Multimedia Conferencing service class with an AF4x marking; and VoD/enterprise TV is assigned to the Multimedia Streaming service class with an AF3x marking. After the traffic from the various video applications has been classified and marked, it can then be mapped to specific ingress and egress queues and drop thresholds on Cisco router and switch platforms. Each queue can then be allocated a specific percentage of the overall bandwidth of the interface as well as a percentage of the overall buffer space of the particular interface. This provides a level of protection where one particular video and/or data application mapped to a particular service class cannot use all the available bandwidth, resulting in the degradation of all other video and/or data applications mapped to other service classes. The more granular the mapping of the service classes to separate queues (in other words, the more queues implemented on a platform), the more granular the OAM Network Control Broadcast Video Application Class Call-Signaling CS3 Realtime Interactive CS5 CS2 Transactional Data AF2 Bulk Data AF1 Best Effort DF Best Effort DF Scavenger CS1 Best Effort default VoIP Telephony Multimedia Streaming AF3 Recommended Multimedia Conferencing AF4 Required Required Admission Control Required Required BW Queue BW Queue BW Queue + DSCP WRED BW Queue + DSCP WRED Optional (PQ) Queueing and Dropping BW Queue Optional (PQ) BW Queue + DSCP WRED BW Queue + DSCP WRED Best Effort Min BW Queue (Deferential) Best Effort Default Queue + RED Default Class Traffic Priority Queue (PQ) Cisco IP Phones Cisco Digital Media System (VoD) Cisco Unified Personal Communicator Cisco IP Surveillance, Cisco Enterprise TV Application Examples SCCP, SIP, H.323 Cisco TelePresence Cisco WebEx, Cisco MeetingPlace, ERP Apps YouTube, iTunes, BitTorrent, Xbox Live Best Effort PHB EF CS6 227922 CS4 EIGRP, OSPF, BGP, HSRP, IKE SNMP, SSH, Syslog Email, FTP, Backup Apps, Content Distribution6-36 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module control and therefore the protection of service classes. When multiple service classes are mapped to a single queue, separate drop thresholds can be implemented (on platforms that support them) to provide differentiation of service classes within the queue. The implementation of queueing and drop thresholds is viewed as necessary to provide the correct per-hop treatment of the video application traffic to meet the overall desired service levels of latency, jitter, and packet loss across the medianet infrastructure. An example of the mapping of service classes to egress queueing on a Cisco Catalyst 6500 WS-X6704-10GE line card, which has a 1P7Q8T egress queueing structure, as shown in Figure 6-22. Note that the percentage of bandwidth allocated per queue depends on the customer environment; Figure 6-22 shows only an example. Figure 6-22 Example Mapping of Service Classes to Egress Queueing on a Cisco Catalyst 6500 Line Card with 1P7Q8T Structure This QoS methodology can also provide enhanced visibility into the amount of traffic from individual video application types crossing points within the medianet infrastructure. The more granular the mapping of individual video applications to service classes that are then mapped to ingress and egress queues, the more granular the visibility into the amount of traffic generated by particular video applications. You can also gain additional visibility into troubleshooting video quality issues caused by drops within individual queues on router and switch platforms. The following high-level methodology can be useful for troubleshooting video performance issues using the router and switch CLI. As with anything, this methodology is not perfect. Some of the shortcomings of the methodology are discussed in the sections that cover the individual CLI commands. However, it can often be used to quickly identify the point within the network infrastructure where video quality issues are occurring. The steps are as follows: 1. Determine the Layer 3 hop-by-hop path of the particular video application across the medianet infrastructure from end-to-end, starting from the Layer 3 device closest to one end of the video session. The traceroute CLI utility can be used for this function. Transactional Data Multimedia Streaming TelePresence Voice Application Call Signaling Multimedia Conferencing Network Management Bulk Data Best Effort Scavenger Best Effort Internetwork Control Network Control Q8 (PQ) Q7 (10%) 1P7Q4T CS4 EF 228433 AF2 Q3 (10%) AF3 Q4 (10%) AF4 Q5 (10%) Q6 (10%) CS7 CS6 CS2 CS3 Q1 (5%) DF/0 Q2 (25%) Q6T4 Q6T3 Q6T2 Q6T1 Q1T2 Q1T1 AF1 CS1 CS3 CS4 EF AF2 AF1 CS1 DF DF DSCP (CS7) CS6 AF3 AF4 CS26-37 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module 2. Determine at a high level whether any drops are being seen by interfaces on each of the Layer 3 devices along the path. The show interface summary command can be used to provide this function quickly. If drops are being seen on a Layer 3 device, further information can be gained by observing the specific interfaces in which drops are occurring. The show interface <interface> command can be used for this. 3. To determine whether drops are occurring within the specific queue to which the video application is mapped on the platform, various show commands that are specific to a particular platform can be used. The following sections discuss the commands for each of the steps. Traceroute Traceroute is a command-line utility within Cisco router and switch products (and also in Unix and Linux systems) that can be used to produce a list of Layer 3 devices between two points within an IP network infrastructure. The Cisco traceroute utility sends a series of UDP packets with incrementing time-to-live (TTL) values from one IP address configured on the Layer 3 router or switch, to the desired destination IP address. Each Layer 3 device along the path either decrements the TTL value and forwards the UDP packet to the next hop in the path; or, if the TTL value is down to 1, the Layer 3 device discards the packet and sends an ICMP Time Exceeded (Type 11) message back to the source IP address. The ICMP Time Exceeded messages received by the source IP address (in other words, the originating router or switch device) are used to create a list of Layer 3 hops between the source and destination addresses. Note that ICMP Time Exceeded messages need to be allowed within the medianet infrastructure for traceroute to work. Also, if a Layer 3 device along the path does not send ICMP Time Exceeded messages, that device is not included in the list of Layer 3 hops between the source and destination addresses. Further, any Layer 2 devices along the path, which may themselves be the cause of the video quality degradation, are not identified in the traceroute output, because traceroute uses the underlying Layer 3 IP routing infrastructure to operate. The traceroute utility works best when there are no equal-cost routes between network devices within the IP network infrastructure, and the infrastructure consists of all Layer 3 switches and routers, as shown in the sample network in Figure 6-23. Figure 6-23 Traceroute in an IP Network with a Single Route Between Endpoints In this network, if the traceroute command is run from me-eastcamp-1 using the VLAN 161 interface as the source interface, the output looks similar to that shown in Example 6-8. VLAN 161 10.16.1.1/24 10.16.2.2/24 10.16.1.11 / 24 10.16.2.1 / 24 10.16.3.1 / 24 10.16.3.2/24 10.16.4.1 / 24 10.16.4.2/24 VLAN 165 10.16.5.1/24 10.16.5.20/24 228434 me-eastctms-1 CTS-1000 me-eastcamp-1 me-eastcamp-2 me-eastwan-1 me-eastwan-26-38 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Example 6-8 Example Output from the Traceroute Utility Over a Non-Redundant Path Network me-eastcamp-1#traceroute Protocol [ip]: Target IP address: 10.16.5.20 Source address: 10.16.1.1 Numeric display [n]: yes Timeout in seconds [3]: Probe count [3]: 4 ! Sets the number of packets generated with each TTL value. Minimum Time to Live [1]: Maximum Time to Live [30]: 6 ! Sets the max TTL value of the UDP packets generated. Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: v Loose, Strict, Record, Timestamp, Verbose[V]: Type escape sequence to abort. Tracing the route to 10.16.5.20 1 10.16.2.2 0 msec 4 msec 0 msec 0 msec 2 10.16.3.2 0 msec 0 msec 4 msec 0 msec 3 10.16.4.2 0 msec 0 msec 4 msec 4 msec 4 10.16.5.20 0 msec 0 msec 0 msec 8 msec Traceroute returns the IP addresses of each Layer 3 hop in the route between me-eastcamp-1 and me-eastctms-1. More specifically, because traceroute traces the hop route in one direction only, it returns the IP address of the interface of each router or switch that is closest to the source IP address. These IP addresses are shown in blue in Figure 6-23. Note that because traceroute is initiated by the me-eastcamp-1 switch, it does not appear within the traceroute output itself. If the traceroute command is run from me-eastcamp-2 using the VLAN 165 interface as the source interface, the output looks similar to that shown in Example 6-9. Example 6-9 Example Output from the Traceroute Utility From the Other Direction me-eastcamp-1#traceroute Protocol [ip]: ip Target IP address: 10.16.1.11 Source address: 10.16.5.1 Numeric display [n]: yes Timeout in seconds [3]: Probe count [3]: 4 Minimum Time to Live [1]: Maximum Time to Live [30]: 6 Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: V Loose, Strict, Record, Timestamp, Verbose[V]: Type escape sequence to abort. Tracing the route to 10.16.1.11 1 10.16.4.1 0 msec 0 msec 0 msec 4 msec 2 10.16.3.1 0 msec 0 msec 0 msec 0 msec 3 10.16.2.1 0 msec 0 msec 4 msec 0 msec 4 * * * * 5 * * * * 6 * * * * Destination not found inside max TTL diameter. ! Indicates the end device did not return ! an ICMP Time Exceeded Pkt. The IP addresses returned from traceroute run in this direction are shown in red in Figure 6-23. Note that because traceroute is initiated by the me-eastcamp-2 switch, it does not appear within the traceroute output itself. Because a single path exists between the CTS-1000 and the Cisco TelePresence Multipoint Switch, the same Layer 3 hops (routers and switches) are returned regardless of which direction the 6-39 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module traceroute is run, although different IP addresses corresponding to different interfaces are returned, and the list of devices is reversed. Therefore, you need to run the traceroute in only one direction to understand the media flows in both directions. However, note that this may not necessarily be the case in a network with multiple equal-cost paths. Also note that the CTS-1000 does not return ICMP Time Exceeded packets, and therefore the traceroute utility times out. For a TelePresence endpoint, this can be rectified by directing the traceroute to the IP Phone associated with the TelePresence endpoint. However, be aware that some video endpoints may not respond to UDP traceroute packets with ICMP Time Exceeded packets. Single-path non-redundant IP network infrastructures are somewhat counter to best practices for network designs with high availability in mind. Unfortunately, the use of traceroute within an equal-cost redundant IP network infrastructure can sometimes return unclear results regarding the path of an actual video flow between two endpoints. An example of why this occurs can be seen with the output of two traceroute commands run on a Cisco Catalyst 4500 Series switch to a TelePresence Cisco TelePresence Multipoint Switch (IP address 10.17.1.20), as shown in Example 6-10. Example 6-10 Example Output from the Traceroute Utility me-westcamp-1#traceroute Protocol [ip]: Target IP address: 10.17.1.20 Source address: 10.24.1.1 Numeric display [n]: yes Timeout in seconds [3]: Probe count [3]: 4 Minimum Time to Live [1]: Maximum Time to Live [30]: 10 Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: v Loose, Strict, Record, Timestamp, Verbose[V]: Type escape sequence to abort. Tracing the route to 10.17.1.20 1 10.17.100.37 8 msec 0 msec 4 msec 0 msec 2 10.17.100.17 0 msec 0 msec 4 msec 0 msec 3 10.17.100.94 0 msec 0 msec 0 msec 0 msec 4 10.17.101.10 4 msec 0 msec 0 msec 0 msec 5 10.17.101.13 0 msec 4 msec 0 msec 0 msec 6 10.17.1.20 0 msec 4 msec 0 msec 0 msec me-westcamp-1#traceroute Protocol [ip]: Target IP address: 10.17.1.20 Source address: 10.26.1.1 Numeric display [n]: yes Timeout in seconds [3]: Probe count [3]: 4 Minimum Time to Live [1]: Maximum Time to Live [30]: 10 Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: v Loose, Strict, Record, Timestamp, Verbose[V]: Type escape sequence to abort. Tracing the route to 10.17.1.20 1 10.17.100.37 0 msec 0 msec 0 msec 0 msec 2 10.17.100.29 4 msec 0 msec 0 msec 0 msec 3 10.17.100.89 0 msec 4 msec 0 msec 0 msec 4 10.17.101.10 0 msec 0 msec 0 msec 4 msec 5 10.17.101.13 0 msec 0 msec 0 msec 4 msec 6 10.17.1.20 0 msec 0 msec 0 msec 0 msec6-40 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module The output from this traceroute was obtained from the network shown in Figure 6-24. Figure 6-24 Test Network Used for Traceroute Example As can be seen from Example 6-10 and Figure 6-24, the first traceroute is run using the source interface VLAN 241 on switch me-westcamp-1, which has IP address 10.24.1.1. The output is Route #1: from me-westcamp-1 to me-westdist-3 to me-westcore-1 to me-westdc7k-2 (VDC #1) to me-westdcserv-2 back to me-westdc7k-2 (VDC #2) and finally to me-westctms-1. The second traceroute is run using the source interface VLAN 261 on switch me-westcamp-1, which has IP address 10.26.1.11. The output is Route #2: from me-westcamp-1 to me-westdist-3 to me-westcore-2 to me-westdc7k-2 (VDC #1) to me-westdcserv-2 back to me-westdc7k-2 (VDC #2) and finally to me-westctms-1. Note that the devices greyed out in Figure 6-22 do not show up at all within the output of either traceroute command. These include any Layer 2 devices as well as some Layer 3 devices, and also the actual Cisco TelePresence System endpoints, because the traceroute is initiated from the switches. The two traceroutes follow different routes through the redundant network infrastructure. This is because Cisco Express Forwarding me-westdc7k-2 me-westdc5k-2 Route #1 Route #2 me-w-dcserv-1 me-w-dcserv-2 me-westdc5k-1 me-westctms-1 me-westcore-1 me-westcore-3 me-westcamp-1 CTS-1000 10.24.1.11/24 VLAN 241 10.24.1.1/24 VLAN 261 10.26.1.1/24 CTS-1000 10.26.1.11/24 me-westcore-2 me-westcore-4 Nexus 2000 Layer 2 Infrastructure Layer 3 Infrastructure me-westdc7k-1 10.17.100.37/30 10.17.100.17/30 10.17.1.20/24 10.17.100.21/30 10.17.100.25/30 10.17.100.89/30 10.17.101.10/30 10.17.100.94/30 10.17.101.13/30 VDC #2 VDC #1 10.17.100.29/30 2284356-41 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module switching, which itself is based on IP routing protocols, by default load balances sessions based on a hash of the source and destination IP address, when equal-cost paths exist. Therefore, different source and destination address pairs may yield different routes through an equal-cost redundant path network infrastructure. Cisco Express Forwarding switching can be configured for per-packet load balancing. However, this is not recommended because it can result in out-of-order packets for voice and video media. Therefore, you may not be able to tell from the traceroute utility alone whether the route returned through the network is the actual route taken by the video media, because the source IP address of the video endpoint is different than that used for the traceroute utility on the router or switch. Ideally, if traceroute can be run on the video endpoint itself, the actual route followed by the media through the network infrastructure can more easily be determined. However, most video endpoints such as Cisco TelePresence endpoints, Cisco IP video surveillance cameras, and Cisco digital media players (DMPs) do not currently support the traceroute utility. On some switch platforms, such as Cisco Catalyst 6500 Series platforms, the show ip cef exact-route <source ip address> <destination ip address> command may be used to determine the actual route taken by the media flow of interest. An example of the output using the actual source IP address of a TelePresence CTS-1000, 10.24.1.11, and the destination IP address of the Cisco TelePresence Multipoint Switch, 10.17.1.20, is shown in Example 6-11. Example 6-11 Example Output from show ip cef exact-route Command me-westdist-3>show ip cef exact-route 10.24.1.11 10.17.1.20 10.24.1.11 -> 10.17.1.20 : GigabitEthernet1/1 (next hop 10.17.100.29) As can be seen, the actual route take by the video and audio streams from the CTS-1000 follows Route #2 from me-westdist-3 to me-westcore-2 within this hop, and not Route #1 from me-westdist-3 to me-westcore-1. The same command can be run on all the switches in the path that support the command to determine the actual route of the video flow in question. When the initial switch, from which the traceroute utility is run, has equal-cost paths to the first hop along the path to the destination, the output becomes somewhat undeterministic. This is because traceroute packets generated by the switch are CPU-generated, and therefore process-switched packets. These do not follow the Cisco Express Forwarding tables within the switch that generated them. Instead, the switch round-robins the multiple UDP packets generated, each with a given TTL value, out to each next hop with equal cost to the destination. The result is that only some of the hops corresponding to equal-cost paths appear in the traceroute output. However, the list of the actual hops returned by the traceroute depends on the Cisco Express Forwarding tables of the downstream switches and routers. An example of this behavior is shown in Example 6-12 and Figure 6-25. Example 6-12 Example Output from Traceroute on a Switch with Redundant Paths me-westcamp-1#traceroute Protocol [ip]: Target IP address: 10.17.1.20 Source address: 10.24.1.1 Numeric display [n]: yes Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 10.17.1.20 1 10.17.100.37 0 msec 10.17.100.42 0 msec6-42 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module 10.17.100.37 0 msec 2 10.17.100.21 4 msec 10.17.100.17 0 msec 10.17.100.21 0 msec 3 10.17.100.94 0 msec 0 msec 0 msec 4 10.17.101.10 0 msec 0 msec 0 msec 5 10.17.101.13 0 msec 4 msec 0 msec 6 10.17.1.20 0 msec 0 msec 4 msec Figure 6-25 Test Network Used for Redundant Switch Traceroute Example The traceroute shown in Example 6-12 is again run from source interface VLAN 241 with source IP address 10.24.1.11 to the Cisco TelePresence Multipoint Switch with destination IP address 10.20.1.11. Because the switch from which the traceroute command is run has equal-cost paths to the first hop in the path, both switches me-westdist-3 and me-westdist-4 appear as the first hop in the path. Both paths then converge at the next switch hop, me-westcore-1, with me-westcore-2 not showing up at all in the me-westdc7k-2 me-westdc5k-2 Route #1 me-w-dcserv-1 me-w-dcserv-2 me-westdc5k-1 me-westctms-1 me-westcore-1 me-westcore-3 me-westcamp-1 CTS-1000 10.24.1.11/24 VLAN 241 10.24.1.1/24 me-westcore-2 me-westcore-4 Nexus 2000 Layer 2 Infrastructure Layer 3 Infrastructure me-westdc7k-1 10.17.100.37/30 10.17.100.42/30 10.17.100.17/30 10.17.1.20/24 10.17.100.21/30 10.17.100.25/30 10.17.100.89/30 10.17.101.10/30 10.17.100.94/30 10.17.101.13/30 VDC #2 VDC #1 10.17.100.29/30 2284366-43 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module traceroute output. However, note that a video traffic session (consisting of a source IP address and a destination IP address) that is Cisco Express Forwarding-switched through the router follows one or the other first hop through me-westdist-3 or me-westdist-4, and not both hops, as indicated within the traceroute output. Again, the use of the show ip cef exact-route command on switches along the path may be necessary to determine the exact route of the video flows. show interface summary and show interface Commands After you have discovered the path of the actual video stream, possibly from using a combination of traceroute and the show ip cef exact-route command on switches along the path, a next logical step in troubleshooting a video quality issue is to see at a very high level whether interfaces are dropping packets. The show interface summary command can be used on Cisco Catalyst switch and IOS router platforms for this purpose (note that this command is not supported on Cisco Nexus switch platforms). Example 6-13 shows an example output from this command on a Cisco Catalyst 6500 platform. Example 6-13 Partial Output from the show interface summary Command on a Cisco Catalyst 6500 Switch me-westcore-1#show interface summary *: interface is up IHQ: pkts in input hold queue IQD: pkts dropped from input queue OHQ: pkts in output hold queue OQD: pkts dropped from output queue RXBS: rx rate (bits/sec) RXPS: rx rate (pkts/sec) TXBS: tx rate (bits/sec) TXPS: tx rate (pkts/sec) TRTL: throttle count Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL ------------------------------------------------------------------------------------------ Vlan1 0 0 0 0 0 0 0 0 0 * GigabitEthernet1/1 0 0 0 0 1000 1 0 0 0 GigabitEthernet1/2 0 0 0 0 0 0 0 0 0 ... * TenGigabitEthernet3/1 0 0 0 0 1000 1 2000 1 0 * TenGigabitEthernet3/2 0 0 0 0 1000 1 1000 1 0 TenGigabitEthernet3/3 0 0 0 0 0 0 0 0 0 TenGigabitEthernet3/4 0 0 0 0 0 0 0 0 0 * GigabitEthernet5/1 00 0 0 1000 1 2000 3 0 * GigabitEthernet5/2 00 0 0 2000 2 0 0 0 * Loopback0 0 0 0 0 0 0 0 0 0 The show interface summary command can be used to quickly identify the following: • Which interfaces are up on the switch or router, as indicated by the asterisk next to the interface • Whether any interfaces are experiencing any input queue drops (IQD) or output queue drops (OQD) • The amount of traffic transmitted by the interface in terms of bits/second (TXBS) or packets/second (TXPS) • The amount of traffic received by the interface in terms of bits/second (RXBS) or packets/second (RXPS) The show interface summary command may need to be run multiple times over a short time interval to determine whether drops are currently occurring, rather than having occurred previously. Alternatively, the clear counters command can typically be used to clear all the counters on all the interfaces. 6-44 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module However, simply because an interface is determined to be experiencing drops does not necessarily mean that the interface is relevant to the path of the video flow in question. You may still need to run the show ip cef exact-route command, or consult the IP routing tables via the show ip route command to determine whether the particular interface experiencing drops is along the path of the video flow. Example 6-14 shows an example output from both of these commands. Example 6-14 Example Output from the show ip route and show ip cef exact-route Commands me-westdist-3#show ip route 10.17.1.0 Routing entry for 10.17.1.0/24 Known via "eigrp 111", distance 90, metric 6144, type internal Redistributing via eigrp 111 Last update from 10.17.100.29 on GigabitEthernet1/1, 2w2d ago Routing Descriptor Blocks: * 10.17.100.17, from 10.17.100.17, 2w2d ago, via GigabitEthernet5/3 Route metric is 6144, traffic share count is 1 Total delay is 140 microseconds, minimum bandwidth is 1000000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 4 10.17.100.29, from 10.17.100.29, 2w2d ago, via GigabitEthernet1/1 Route metric is 6144, traffic share count is 1 Total delay is 140 microseconds, minimum bandwidth is 1000000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 4 me-westdist-3#show ip cef exact-route 10.24.1.11 10.17.1.20 10.24.1.11 -> 10.17.1.20 : GigabitEthernet1/1 (next hop 10.17.100.29) Example 6-14 shows that the IP routing tables indicate that there are equal-cost paths to IP subnet 10.17.1.20 through next hops 10.17.100.17 and 10.17.100.29, via interfaces GigabitEthernet5/3 and GigabitEthernet1/1, respectively. The asterisk next to the 10.17.100.17 route indicates that the next session will follow that route. However, the output from the show ip cef exact-route command shows that the Cisco Express Forwarding table has already been populated with a session from source IP address 10.24.1.11, corresponding to the CTS-1000, to destination IP address 10.17.1.20, corresponding to the Cisco TelePresence Multipoint Switch, via interface GigabitEthernet1/1. Therefore, when troubleshooting drops along the path for this particular video flow, you should be concerned with drops shown on interface GigabitEthernet1/1. Having determined which relevant interfaces are currently experiencing drops, you can drill down further into the interface via the show interface <interface> command. Example 6-15 shows an example output from this command on a Cisco Catalyst 6500 platform. Example 6-15 Example Output from the show interface Command me-westdist-3#show interface gigabitethernet1/1 GigabitEthernet1/1 is up, line protocol is up (connected) Hardware is C6k 1000Mb 802.3, address is 0018.74e2.7dc0 (bia 0018.74e2.7dc0) Description: CONNECTION TO ME-WESTCORE-2 GIG1/25 Internet address is 10.17.100.30/30 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 1000Mb/s input flow-control is off, output flow-control is off Clock mode is auto ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:04, output 00:00:00, output hang never Last clearing of "show interface" counters 00:13:53 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0! Input & output 6-45 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module ! queue drops. Queueing strategy: fifo Output queue: 0/40 (size/max) 30 second input rate 0 bits/sec, 0 packets/sec 30 second output rate 0 bits/sec, 0 packets/sec L2 Switched: ucast: 117 pkt, 22493 bytes - mcast: 184 pkt, 14316 bytes L3 in Switched: ucast: 14 pkt, 7159 bytes - mcast: 0 pkt, 0 bytes mcast L3 out Switched: ucast: 0 pkt, 0 bytes mcast: 0 pkt, 0 bytes 374 packets input, 53264 bytes, 0 no buffer Received 250 broadcasts (183 IP multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored ! May indicate link-level errors 0 watchdog, 0 multicast, 0 pause input 0 input packets with dribble condition detected 282 packets output, 32205 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets ! May indicate link-level errors. 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out The show interface command can provide an instantaneous display of the current depth of the input and output queues, as well as a running total of input and output drops seen by the interface. This can be used to detect possible congestion issues occurring within the switch interface. It also provides additional detail in terms of the type of traffic: unicast versus multicast switched by the interface. More importantly, the show interface command provides additional detail regarding potential link level errors, such as CRCs, collisions, and so on. These can be the result of cabling issues or even duplex mismatches between switch interfaces that are difficult to detect, but can be the cause of degraded video quality as well. Note that changing the load interval from the default of 5 minutes to a lower value, such as 60 seconds, can provide increased visibility, so that the statistics are then more up-to-date. Platform Specific Queue-Level Commands Because a relevant interface along the path of the video flow in question is experiencing drops does not necessarily mean that the drops are occurring within the queue that holds the particular video application traffic. You may need to run additional platform-specific commands to display drops down to the queue level to determine whether video degradation is occurring on a particular switch or router. The following sections discuss some of these platform-specific commands. Cisco Catalyst 6500 Series Commands When QoS is enabled on Cisco Catalyst 6500 Series switches, the show queueing interface command allows you to view interface drops per queue on the switch port. Example 6-16 shows the output from a Cisco Catalyst 6500 WS-X6708-10GE line card. Selected areas for discussion have been highlighted in bold. Example 6-16 Output from Cisco Catalyst 6500 show queueing interface Command me-eastcore-1#show queueing interface tenGigabitEthernet 1/1 Interface TenGigabitEthernet1/1 queueing strategy: Weighted Round-Robin Port QoS is enabled Trust boundary disabled Trust state: trust DSCP Extend trust state: not trusted [COS = 0] Default COS is 0 Queueing Mode In Tx direction: mode-dscp Transmit queues [type = 1p7q4t]: Queue Id Scheduling Num of thresholds6-46 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module ----------------------------------------- 01 WRR 04 02 WRR 04 03 WRR 04 04 WRR 04 05 WRR 04 06 WRR 04 07 WRR 04 08 Priority 01 WRR bandwidth ratios: 1[queue 1] 25[queue 2] 4[queue 3] 10[queue 4] 10[queue 5] 10[queue 6] 10[queue 7] queue-limit ratios: 1[queue 1] 25[queue 2] 4[queue 3] 10[queue 4] 10[queue 5] 10[queue 6] 10[queue 7] 30[Pri Queue] queue tail-drop-thresholds -------------------------- 1 70[1] 100[2] 100[3] 100[4] 2 70[1] 100[2] 100[3] 100[4] 3 100[1] 100[2] 100[3] 100[4] 4 100[1] 100[2] 100[3] 100[4] 5 100[1] 100[2] 100[3] 100[4] 6 100[1] 100[2] 100[3] 100[4] 7 100[1] 100[2] 100[3] 100[4] queue random-detect-min-thresholds ---------------------------------- 1 80[1] 100[2] 100[3] 100[4] 2 80[1] 100[2] 100[3] 100[4] 3 70[1] 80[2] 90[3] 100[4] 4 70[1] 80[2] 90[3] 100[4] 5 70[1] 80[2] 90[3] 100[4] 6 70[1] 80[2] 90[3] 100[4] 7 60[1] 70[2] 80[3] 90[4] queue random-detect-max-thresholds ---------------------------------- 1 100[1] 100[2] 100[3] 100[4] 2 100[1] 100[2] 100[3] 100[4] 3 80[1] 90[2] 100[3] 100[4] 4 80[1] 90[2] 100[3] 100[4] 5 80[1] 90[2] 100[3] 100[4] 6 80[1] 90[2] 100[3] 100[4] 7 70[1] 80[2] 90[3] 100[4] WRED disabled queues: queue thresh cos-map --------------------------------------- 1 1 0 1 2 1 1 3 1 4 2 1 2 2 2 3 4 2 3 2 4 3 1 6 7 3 2 3 3 3 4 4 1 4 2 4 3 6-47 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module 4 4 5 1 5 2 5 3 5 4 6 1 6 2 6 3 6 4 7 1 7 2 7 3 7 4 8 1 5 queue thresh dscp-map --------------------------------------- 1 1 1 2 3 4 5 6 7 8 9 11 13 15 17 19 21 23 25 27 29 31 33 39 41 42 43 44 45 47 1 2 1 3 1 4 2 1 0 2 2 2 3 2 4 3 1 14 3 2 12 3 3 10 3 4 4 1 22 4 2 20 4 3 18 4 4 5 1 30 35 37 5 2 28 5 3 26 5 4 6 1 38 49 50 51 52 53 54 55 57 58 59 60 61 62 63 6 2 36 6 3 34 6 4 7 1 16 7 2 24 7 3 48 7 4 56 8 1 32 40 46 Queueing Mode In Rx direction: mode-dscp Receive queues [type = 8q4t]: Queue Id Scheduling Num of thresholds ----------------------------------------- 01 WRR 04 02 WRR 04 03 WRR 04 04 WRR 04 05 WRR 04 06 WRR 04 07 WRR 04 08 WRR 04 WRR bandwidth ratios: 10[queue 1] 0[queue 2] 0[queue 3] 0[queue 4] 0[queue 5] 0[queue 6] 0[queue 7] 90[queue 8]6-48 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module queue-limit ratios: 80[queue 1] 0[queue 2] 0[queue 3] 0[queue 4] 0[queue 5] 0[queue 6] 0[queue 7] 20[queue 8] queue tail-drop-thresholds -------------------------- 1 70[1] 80[2] 90[3] 100[4] 2 100[1] 100[2] 100[3] 100[4] 3 100[1] 100[2] 100[3] 100[4] 4 100[1] 100[2] 100[3] 100[4] 5 100[1] 100[2] 100[3] 100[4] 6 100[1] 100[2] 100[3] 100[4] 7 100[1] 100[2] 100[3] 100[4] 8 100[1] 100[2] 100[3] 100[4] queue random-detect-min-thresholds ---------------------------------- 1 40[1] 40[2] 50[3] 50[4] 2 100[1] 100[2] 100[3] 100[4] 3 100[1] 100[2] 100[3] 100[4] 4 100[1] 100[2] 100[3] 100[4] 5 100[1] 100[2] 100[3] 100[4] 6 100[1] 100[2] 100[3] 100[4] 7 100[1] 100[2] 100[3] 100[4] 8 100[1] 100[2] 100[3] 100[4] queue random-detect-max-thresholds ---------------------------------- 1 70[1] 80[2] 90[3] 100[4] 2 100[1] 100[2] 100[3] 100[4] 3 100[1] 100[2] 100[3] 100[4] 4 100[1] 100[2] 100[3] 100[4] 5 100[1] 100[2] 100[3] 100[4] 6 100[1] 100[2] 100[3] 100[4] 7 100[1] 100[2] 100[3] 100[4] 8 100[1] 100[2] 100[3] 100[4] WRED disabled queues: 2 3 4 5 6 7 8 queue thresh cos-map --------------------------------------- 1 1 0 1 1 2 2 3 1 3 4 1 4 6 7 2 1 2 2 2 3 2 4 3 1 3 2 3 3 3 4 4 1 4 2 4 3 4 4 5 1 5 2 5 3 5 4 6 1 6 2 6 3 6 4 6-49 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module 7 1 7 2 7 3 7 4 8 1 5 8 2 8 3 8 4 queue thresh dscp-map --------------------------------------- 1 1 0 1 2 3 4 5 6 7 8 9 11 13 15 16 17 19 21 23 25 27 29 31 33 39 41 42 43 44 45 47 1 2 1 3 1 4 2 1 14 2 2 12 2 3 10 2 4 3 1 22 3 2 20 3 3 18 3 4 4 1 24 30 4 2 28 4 3 26 4 4 5 1 32 34 35 36 37 38 5 2 5 3 5 4 6 1 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 6 2 6 3 6 4 7 1 7 2 7 3 7 4 8 1 40 46 8 2 8 3 8 4 Packets dropped on Transmit: BPDU packets: 0 queue dropped [dscp-map] --------------------------------------------- 1 0 [1 2 3 4 5 6 7 8 9 11 13 15 17 19 21 23 25 27 29 31 33 39 41 42 43 44 45 47 ] 2 0 [0 ] 3 0 [14 12 10 ] 4 0 [22 20 18 ] 5 0 [30 35 37 28 26 ] 6 0 [38 49 50 51 52 53 54 55 57 58 59 60 61 62 63 36 34 ] 7 0 [16 24 48 56 ] 8 0 [32 40 46 ] Packets dropped on Receive: BPDU packets: 06-50 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module queue dropped [dscp-map] --------------------------------------------- 1 0 [0 1 2 3 4 5 6 7 8 9 11 13 15 16 17 19 21 23 25 27 29 31 33 39 41 42 43 44 45 47 ] 2 0 [14 12 10 ] 3 0 [22 20 18 ] 4 0 [24 30 28 26 ] 5 0 [32 34 35 36 37 38 ] 6 0 [48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 ] 8 0 [40 46 ] The information within the first highlighted section can be used to quickly verify that the queueing and bandwidth ratios have been set correctly for the traffic service class of interest that is crossing the particular interface. As can be seen, the line card has a 1p7q4t egress queueing structure, meaning one priority queue and seven additional queues, each with four different drop thresholds. Egress queueing is configured to use a weighted-round robin (WRR) algorithm. The WRR bandwidth ratios are used by the scheduler to service the queues, which effectively allocates bandwidth across the seven non-priority queues based on the weight ratios. Note that the priority queue is always serviced first, and therefore has no weight. The queue-limit ratios allocate available egress queue space based on the ratios as well. Note that egress queueing space for the priority queue is included. The second highlighted section can be used to quickly verify that a particular traffic service class is mapped to the correct egress queue on the line card. It provides a quick view of the mapping of DSCP values to egress queues and drop thresholds. Further, this can then be used to identify which video applications are mapped to which queues, based on DSCP values. This assumes specific video applications have been mapped to service classes with separate DSCP values. Note that in older Cisco Catalyst 6500 line cards, egress queues may be mapped to internal switch class of service (CoS) values that are then mapped to DSCP values. In such cases, you may need to use the show mls qos maps dscp-cos command to display the mapping of DSCP values to internal CoS values within the Cisco Catalyst switch. Finally, the third highlighted block shows the number of packets dropped by the interface, per transmit queue. This can be used for either performance management, in the case where a particular video application mapped to the queue is experiencing degraded service because of packet loss; or for fault isolation, in the case where a particular video application is dropping the connection because of packet loss. The same information is also provided for ingress queueing with this particular line card. Note, however, that the various Cisco Catalyst 6500 line cards support different ingress and egress queueing structures, as well as modes of operations. Older Cisco Catalyst 6500 line cards support ingress queuing based on Layer 2 CoS marking only. Ingress queueing may not be used within a routed (non-trunked) infrastructure on Cisco Catalyst 6500 line cards. Cisco Catalyst 4500/4900 Series Commands Visibility into traffic flows down at the queue level within a Cisco Catalyst 4500 Series switch depends on the supervisor line card within the switch. For Cisco Catalyst 4500 Series switches with a Supervisor-II-Plus, Supervisor-IV, or Supervisor-V (also referred to as classic supervisors), and for Cisco Catalyst 4900 Series switches, the show interface counters command provides a similar ability to view interface drops per queue on the switch port. Example 6-17 shows a partial output from a Cisco Catalyst 4948 switch. For brevity, output from only the first two interfaces and the last interface on the switch are shown. Selected areas for discussion have been highlighted in bold. Example 6-17 Output from Cisco Catalyst 4948 show interface counters detail Command tp-c2-4948-1#show interface counters detail6-51 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Port InBytesIn UcastPkts InMcastPkts InBcastPkts ! Provides info on ingress multicast packets Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 500745084 946163 4778144 892284 Port OutBytes OutUcastPkts OutMcastPkts OutBcastPkts ! Provides info on egress multicast packets Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 18267775 20009 190696 2 Port InPkts 64 OutPkts 64InPkts 65-127 OutPkts 65-127 Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 5676114 107817 705522 97227 Port InPkts 128-255 OutPkts 128-255 InPkts 256-511 OutPkts 256-511 Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 58703 1700 169614 2283 Port InPkts 512-1023 OutPkts 512-1023 Gi1/1 0 0 Gi1/2 0 0 ... Gi1/48 5859 1461 Port InPkts 1024-1518 OutPkts 1024-1518InPkts 1519-1548 OutPkts 1519-1548 Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 779 219 0 0 Port InPkts 1549-9216OutPkts 1549-9216 Gi1/1 0 0 Gi1/2 0 0 ... Gi1/48 0 0 Port Tx-Bytes-Queue-1Tx-Bytes-Queue-2Tx-Bytes-Queue-3Tx-Bytes-Queue-4 ! Provides ! transmitted byte count per queue Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 67644 1749266 181312 16271855 Port Tx-Drops-Queue-1Tx-Drops-Queue-2Tx-Drops-Queue-3 Tx-Drops-Queue-4 ! Provides ! packet drop count per queue Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 0 0 0 0 Port Dbl-Drops-Queue-1Dbl-Drops-Queue-2Dbl-Drops-Queue-3Dbl-Drops-Queue-4 ! Provides DBL ! packet drop count per queue Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 0 0 0 0 6-52 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Port Rx-No-Pkt-Buff RxPauseFrames TxPauseFrames PauseFramesDrop Gi1/1 0 0 0 0 Gi1/2 0 0 0 0 ... Gi1/48 0 0 0 0 Port UnsupOpcodePause Gi1/1 0 Gi1/2 0 ... Gi1/48 0 The first two highlighted sections can provide information regarding how many unicast and multicast packets have crossed the interface in the inbound or outbound direction. Multicast traffic is often used to support real-time and VoD broadcasts. The multicast packet count within the switch interface increments from when the switch was reloaded or the counters were manually cleared. Because of this, and because the information does not include the byte count, you cannot use the statistics alone to determine the data rate of multicast traffic across the interface. However, you may be able to gain some useful information regarding the percentage of multicast traffic on the interface based on the ratio of the unicast to multicast packets seen. The third highlighted section provides two additional pieces of information. First, it indicates the number of queues per interface. Because the output above is from a Cisco Catalyst 4948 switch, four transmit queues per interface are supported. Second, the output indicates the amount of traffic, in bytes, that has been transmitted per queue per interface. Because this is a summation of bytes since the counters were last cleared or the switch reloaded, you must run the command multiple times over a time interval to get a rough estimate of the byte rate over that time period. This can be used to gain an idea of the current data rate of a particular traffic service class across the switch interface. The final two highlighted sections indicate the number of packets dropped in the egress direction, per transmit queue. You can use this information to assist in troubleshooting a video application performance issue or fault condition caused by packet loss. Note that Dbl-Drops are drops that are the result of the dynamic buffer limiting (DBL) algorithm, which attempts to fairly allocate buffer usage per flow through the Cisco Catalyst 4500 switch. You have the option of enabling or disabling DBL per service class on the switch. To make use of information regarding transmit queues drops shown in Example 6-17, you must understand which traffic classes are assigned to which transmit queues. For Cisco Catalyst 4500 Series switches with classic supervisors as well as Cisco Catalyst 4900 Series switches, the show qos maps command can be used to display which DSCP values are mapped to which transmit queues on the switch, as shown in Example 6-18. Example 6-18 Output from Cisco Catalyst 4948 show qos maps Command tp-c2-4948-1#show qos maps DSCP-TxQueue Mapping Table (dscp = d1d2) ! Provides mapping of DSCP value to transmit ! queue on the switch d1 : d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------- 0 : 02 01 01 01 01 01 01 01 01 01 1 : 01 01 01 01 01 01 04 02 04 02 2 : 04 02 04 02 04 02 04 02 04 02 3 : 04 02 03 03 04 03 04 03 04 03 4 : 03 03 03 03 03 03 03 03 04 04 5 : 04 04 04 04 04 04 04 04 04 04 6 : 04 04 04 04 Policed DSCP Mapping Table (dscp = d1d2) d1 : d2 0 1 2 3 4 5 6 7 8 96-53 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module ------------------------------------- 0 : 00 01 02 03 04 05 06 07 08 09 1 : 10 11 12 13 14 15 16 17 18 19 2 : 20 21 22 23 24 25 26 27 28 29 3 : 30 31 32 33 34 35 36 37 38 39 4 : 40 41 42 43 44 45 46 47 48 49 5 : 50 51 52 53 54 55 56 57 58 59 6 : 60 61 62 63 DSCP-CoS Mapping Table (dscp = d1d2) d1 : d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------- 0 : 00 00 00 00 00 00 00 00 01 01 1 : 01 01 01 01 01 01 02 02 02 02 2 : 02 02 02 02 03 03 03 03 03 03 3 : 03 03 04 04 04 04 04 04 04 04 4 : 05 05 05 05 05 05 05 05 06 06 5 : 06 06 06 06 06 06 07 07 07 07 6 : 07 07 07 07 CoS-DSCP Mapping Table CoS: 0 1 2 3 4 5 6 7 -------------------------------- DSCP: 0 8 16 24 32 46 48 56 The highlighted section in the example above shows the mapping of the DSCP values to transmit queues. The vertical column, marked d1, represents the first decimal number of the DSCP value, while the horizontal column, marked d2, represents the second decimal number of the DSCP value. For example, a d1 value of 3 and a d2 value of 2 yields a DSCP decimal value of 32, which corresponds to the CS4 service class. You still need to separately understand the mapping of specific video applications to service classes that are then marked with a particular DSCP value. However, combined with the knowledge of which traffic classes are mapped to which transmit queue, you can use this information to troubleshoot video application performance issues across the Cisco Catalyst 4500/Cisco Catalyst 4900 switch platform. Note DSCP markings are represented by 6-bit values within the ToS byte of the IP packet. The DSCP values are the upper 6 bits of the ToS byte. Therefore, a DSCP decimal value of 32 represents a binary value of 100000, or the CS4 service class. The full ToS byte would have a value of 10000000 or a hexidecimal value of 0x80. For the Cisco Catalyst 4500 with a Sup-6E supervisor line card, the mapping of traffic classes to egress queues is accomplished via an egress policy map applied to the interface. The policy map can be viewed through the show policy-map interface command. Example 6-19 shows the output from a GigabitEthernet interface. Selected areas for discussion have been highlighted in bold. Example 6-19 Output from Cisco Catalyst 4500 Sup-6E show policy-map interface Command me-westcamp-1#show policy-map int gig 3/3 GigabitEthernet3/3 Service-policy output: 1P7Q1T ! Name and direction of the policy map applied to the ! interface. Class-map: PRIORITY-QUEUE (match-any)! Packet counters increment across all 22709 packets ! interfaces to which the policy map is applied. Match: dscp ef (46) 0 packets6-54 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Match: dscp cs5 (40) 0 packets Match: dscp cs4 (32) 22709 packets police: ! Byte counters under 'police' line increment per interface. cir 300000000 bps, bc 12375000 bytes, be 12375000 bytes conformed Packet count - n/a, 10957239 bytes; actions: transmit exceeded Packet count - n/a, 0 bytes; actions: drop violated Packet count - n/a, 0 bytes; actions: drop conformed 2131000 bps, exceed 0 bps, violate 0 bps priority queue: ! Byte counters and packet drops under 'priority queue' line Transmit: 9877576 Bytes, Queue Full Drops: 0 Packets ! increment per interface. Class-map: CONTROL-MGMT-QUEUE (match-any) 17 packets Match: dscp cs7 (56) 0 packets Match: dscp cs6 (48) 8 packets Match: dscp cs3 (24) 9 packets Match: dscp cs2 (16) 0 packets bandwidth: 10 (%) ! Byte counters and packet drops under 'bandwidth' line Transmit: 1616 Bytes, Queue Full Drops: 0 Packets ! increment per interface. Class-map: MULTIMEDIA-CONFERENCING-QUEUE (match-all) 0 packets Match: dscp af41 (34) af42 (36) af43 (38) bandwidth: 10 (%) Transmit: 0 Bytes, Queue Full Drops: 0 Packets Class-map: MULTIMEDIA-STREAMING-QUEUE (match-all) 0 packets Match: dscp af31 (26) af32 (28) af33 (30) bandwidth: 10 (%) Transmit: 0 Bytes, Queue Full Drops: 0 Packets Class-map: TRANSACTIONAL-DATA-QUEUE (match-all) 0 packets Match: dscp af21 (18) af22 (20) af23 (22) bandwidth: 10 (%) Transmit: 0 Bytes, Queue Full Drops: 0 Packets dbl Probabilistic Drops: 0 Packets Belligerent Flow Drops: 0 Packets Class-map: BULK-DATA-QUEUE (match-all) 0 packets Match: dscp af11 (10) af12 (12) af13 (14) bandwidth: 4 (%) Transmit: 0 Bytes, Queue Full Drops: 0 Packets dbl Probabilistic Drops: 0 Packets Belligerent Flow Drops: 0 Packets Class-map: SCAVENGER-QUEUE (match-all) 0 packets Match: dscp cs1 (8) bandwidth: 1 (%)6-55 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Transmit: 0 Bytes, Queue Full Drops: 0 Packets Class-map: class-default (match-any) 6 packets Match: any 6 packets bandwidth: 25 (%) Transmit: 436 Bytes, Queue Full Drops: 0 Packets dbl Probabilistic Drops: 0 Packets Belligerent Flow Drops: 0 Packets In Example 6-19, the first highlighted line shows the name of the service policy and direction (outbound or inbound) applied to the interface. The second highlighted section shows the mapping of DSCP markings to each queue defined within the policy map. Directly under that, the number of packets that matched the service class are displayed. Take special note that if a policy map is shared among multiple interfaces, these packet counters increment for all interfaces that have traffic that matches the particular class-map entry. For example, if the policy map named 1P7Q1T shown in the example above were applied across two uplink interfaces, the packet counters would show the total packets that matched each class-map entry for both interfaces. This can lead to some confusion, as shown in Example 6-20. Selected areas for discussion have been highlighted in bold. Example 6-20 Second Example Output from Cisco Catalyst 4500 Sup-6E show policy-map interface Command me-westcamp-1#show policy-map int gig 3/1 GigabitEthernet3/1 Service-policy output: 1P7Q1T Class-map: PRIORITY-QUEUE (match-any) 15360 packets Match: dscp ef (46) 0 packets Match: dscp cs5 (40) 0 packets Match: dscp cs4 (32) 15360 packets police: cir 300000000 bps, bc 12375000 bytes, be 12375000 bytes conformed 0 packets, 0 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop conformed 0 bps, exceed 0 bps, violate 0 bps priority queue: Transmit: 0 Bytes, Queue Full Drops: 0 Packets Notice in Example 6-20 that interface GigabitEthernet3/1 appears to have seen 15,360 packets that match the PRIORITY-QUEUE class-map entry. Yet, both the policer and the priority queue statistics indicate that no packets that match the PRIORITY-QUEUE class-map entry have been sent by this interface. In this scenario, the 15,360 packets were sent by the other interface, GigabitEthernet3/3, which shared the policy map named 1P7Q1T. To prevent this type of confusion when viewing statistics from the show policy-map interface command on the Cisco Catalyst 4500 with Sup6E, you can simply define a different policy map name for each interface. Example 6-21 shows an example of this type of configuration.6-56 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Example 6-21 Partial Configuration Example Showing Separate Policy Map Per Interface class-map match-all MULTIMEDIA-STREAMING-QUEUE match dscp af31 af32 af33 class-map match-any CONTROL-MGMT-QUEUE match dscp cs7 match dscp cs6 match dscp cs3 match dscp cs2 class-map match-all TRANSACTIONAL-DATA-QUEUE match dscp af21 af22 af23 class-map match-all SCAVENGER-QUEUE match dscp cs1 class-map match-all MULTIMEDIA-CONFERENCING-QUEUE match dscp af41 af42 af43 class-map match-all BULK-DATA-QUEUE match dscp af11 af12 af13 class-map match-any PRIORITY-QUEUE match dscp ef match dscp cs5 match dscp cs4 ! ! policy-map 1P7Q1T-GIG3/3 class PRIORITY-QUEUE police cir percent 30 bc 33 ms conform-action transmit exceed-action drop violate-action drop priority class CONTROL-MGMT-QUEUE bandwidth percent 10 class MULTIMEDIA-CONFERENCING-QUEUE bandwidth percent 10 class MULTIMEDIA-STREAMING-QUEUE bandwidth percent 10 class TRANSACTIONAL-DATA-QUEUE bandwidth percent 10 dbl class BULK-DATA-QUEUE bandwidth percent 4 dbl class SCAVENGER-QUEUE bandwidth percent 1 class class-default bandwidth percent 25 dbl policy-map 1P7Q1T-GIG3/1 class PRIORITY-QUEUE police cir percent 30 bc 33 ms conform-action transmit exceed-action drop violate-action drop priority class CONTROL-MGMT-QUEUE bandwidth percent 10 class MULTIMEDIA-CONFERENCING-QUEUE bandwidth percent 10 class MULTIMEDIA-STREAMING-QUEUE bandwidth percent 10 class TRANSACTIONAL-DATA-QUEUE bandwidth percent 10 dbl class BULK-DATA-QUEUE6-57 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module bandwidth percent 4 dbl class SCAVENGER-QUEUE bandwidth percent 1 class class-default bandwidth percent 25 dbl ! ~ ! interface GigabitEthernet3/1 description CONNECTION TO ME-WESTDIST-3 GIG1/13 no switchport ip address 10.17.100.38 255.255.255.252 ip pim sparse-mode load-interval 30 service-policy output 1P7Q1T-GIG3/1 ! ~ ! interface GigabitEthernet3/3 description CONNECTION TO ME-WESTDIST-4 GIG1/2 no switchport ip address 10.17.100.41 255.255.255.252 ip pim sparse-mode load-interval 30 service-policy output 1P7Q1T-GIG3/3 ! ~ Notice that the class-map definitions shown at the top of the configuration example are shared between the policy maps. However, a unique policy map name is applied to each of the GigabitEthernet uplink interfaces. Referring back to Example 6-20, when a policer is applied to a queue, the bit rates of the data that conform, exceed, and violate the policer committed information rate (CIR) are also displayed within the show policy-map interface command. This information can provide a view of how much traffic is currently being handled by a policed queue, and whether sufficient bandwidth has been provisioned on the policer for the service classes handled by the queue. The final two highlighted sections in Example 6-20 provide an aggregate byte count of the packets handled by the particular queue, as well as the number of packets dropped because of insufficient buffer space on the queue. This holds for either the priority queue defined via the priority command, or a class-based weighted fair queueing (CBWFQ) defined via the bandwidth command. You can get an estimate of the overall data rate through a particular queue by running the show policy-map interface command several times over fixed time intervals and dividing the difference in byte count by the time interval. Cisco Catalyst 3750G/3750E Series Commands When QoS is enabled on the Cisco Catalyst 3750G/3750E Series switches with the mls qos global command, egress queueing consists of four queues; one of which can be a priority queue, each with three thresholds (1P3Q3T). The third threshold on each queue is pre-defined for the queue-full state (100 percent). Queue settings such as buffer allocation ratios and drop threshold minimum and maximum settings are defined based on queue-sets applied across a range of interfaces; not defined per interface. The Cisco Catalyst 3750G/3750E Series switches support two queue sets. Ports are mapped to one of the two queue-sets. By default, ports are mapped to queue-set 1. The show platform port-asic stats drop command allows you to view interface drops per queue on the switch port. Example 6-22 shows the output from a NME-XD-24ES-1S-P switch module within a Cisco 3845 ISR, which runs the same code base as the Cisco Catalyst 3750G.6-58 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Example 6-22 Output from Cisco Catalyst 3750G/3750E show platform port-asic stats drop Command me-eastny-3#show platform port-asic stats drop fast 1/0/1 Interface Fa1/0/1 TxQueue Drop Statistics Queue 0 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 1 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 2 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 3 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 To make use of information regarding transmit queues drops shown in Example 6-22, you must understand which traffic classes are assigned to which transmit queues and which drop thresholds within those queues. For Cisco Catalyst 3750G or 3750E Series switches, the show mls qos maps dscp-output-q command can be used to display which DSCP values are mapped to which transmit queues and drop thresholds on the switch, as shown in Example 6-23. Example 6-23 Output from Cisco Catalyst 3750G or 3750E Series show mls qos maps dscp-output-q Command me-eastny-3#show mls qos maps dscp-output-q Dscp-outputq-threshold map: d1 :d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------------------------------------------------------------ 0 : 03-03 02-01 02-01 02-01 02-01 02-01 02-01 02-01 04-01 02-01 1 : 04-02 02-01 04-02 02-01 04-02 02-01 02-01 03-01 02-01 03-01 2 : 02-01 03-01 02-01 03-01 02-03 03-01 02-02 03-01 02-02 03-01 3 : 02-02 03-01 01-03 04-01 02-02 04-01 02-02 04-01 02-02 04-01 4 : 01-01 01-01 01-01 01-01 01-01 01-01 01-03 01-01 02-03 04-01 5 : 04-01 04-01 04-01 04-01 04-01 04-01 02-03 04-01 04-01 04-01 6 : 04-01 04-01 04-01 04-01 The vertical column, marked d1, represents the first decimal number of the DSCP value, while the horizontal column, marked d2, represents the second decimal number of the DSCP value. For example, a d1 value of 3 and a d2 value of 2 yields a DSCP decimal value of 32, which corresponds to the CS4 service class. This is mapped to queue 1, drop threshold 3 in Example 6-23 (highlighted in bold). Again, you still need to separately understand the mapping of specific video applications to service classes that are then marked with a particular DSCP value. However, combined with the knowledge of which traffic classes and are mapped to which transmit queue and drop threshold, you can use this information to troubleshoot video application performance issues across the Cisco Catalyst 3750G/3750E Series platforms. To see the particular values of the buffer allocation and drop thresholds, you can issue the show mls qos queue-set command. An example of the output is shown in Example 6-24.6-59 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Example 6-24 Example Output From Cisco Catalyst 3750G or 3750E Switch Stack show mls qoe queue-set Command me-eastny-3#show mls qos queue-set Queueset: 1 Queue : 1 2 3 4 ----------------------------------------------------------- buffers : 30 30 35 5 threshold1 : 100 70 100 40 threshold2 : 100 80 100 100 reserved : 50 100 50 100 maximum : 400 100 400 100 Queueset: 2 Queue : 1 2 3 4 ----------------------------------------------------------- buffers : 25 25 25 25 threshold1 : 100 200 100 100 threshold2 : 100 200 100 100 reserved : 50 50 50 50 maximum : 400 400 400 400 In Example 6-24, buffers are allocated according to weight ratios across the four egress queues. Threshold1 and threshold2 correspond to the two configurable thresholds per queue, with the third non-configurable threshold being at 100 percent queue depth. The Cisco Catalyst 3750G and 3750E Series switches dynamically share buffer space across an ASIC that may support more than one physical interface. The reserved and maximum settings are used to control the minimum reserved buffer percentage size guaranteed per queue per port, and the maximum buffer percentage size a particular port and queue can dynamically allocate when it needs additional capacity. The combination of drop statistics per queue, mapping of DSCP value to output queue, and the buffer allocations per queue-set, can be used to determine whether sufficient bandwidth has been allocated per service class (and per application if individual video applications are mapped to separate service classes corresponding to different DSCP values) on the Cisco Catalyst 3750G/3750E Series platforms. When configured in a switch stack, statistics such as those found within the show platform port-asic stats drop command are not directly accessible on member switches from the master switch. To determine which switch is the master switch, and which switch you are currently logged into within the switch stack, you can run the show switch command. An example of this output is shown in Example 6-25. Example 6-25 Sample Output From Cisco Catalyst 3750G or 3750E Switch Stack show switch Command me-eastny-3#show switch Switch/Stack Mac Address : 0015.2b6c.1680 H/W Current Switch# Role Mac Address Priority Version State -------------------------------------------------------------------------------- *1 Master 0015.2b6c.1680 15 0 Ready 2 Member 001c.b0ae.bf00 1 0 Ready The output from Example 6-25 shows that Switch 1 is the Master switch, and the asterisk next to Switch 1 indicates that the output was taken from a session off this switch. To access the statistics from the show platform port-asic stats drop command on member switches of the stack, you must first establish a session to the member switch via the session command. This is shown in Example 6-26. Example 6-26 Example Output From Member Cisco Catalyst 3750G or 3750E Switch me-eastny-3#session 26-60 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module me-eastny-3-2#show platform port-asic stats drop gig 2/0/24 Interface Gi2/0/24 TxQueue Drop Statistics Queue 0 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 1 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 2 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Queue 3 Weight 0 Frames 0 Weight 1 Frames 0 Weight 2 Frames 0 Note that when the session 2 command is run, the command prompt changed from me-eastny-3 to me-eastny-3-2, indicating that a session to member switch #2 has been established. After the session is established to the remote switch, the show platform port-asic stats drop command can be run on an interface, such as GigabitEthernet 2/0/24 shown in the example above, to obtain the drop statistics per queue on the port. Router Show Policy Map Commands For Cisco routers, the mapping of traffic classes to egress queues over WAN interfaces is accomplished via an egress policy map applied to the interface, in the same manner as the Cisco Catalyst 4500 with a Sup-6E supervisor. Again, the policy map can be viewed through the show policy-map interface command. Example 6-27 shows the output from a Cisco ASR 1000 Series router with a OC-48 packet-over-SONET (POS) interface. Selected areas for discussion have been highlighted in bold. Example 6-27 Output from Cisco 1000 Series ASR show policy-map interface Command me-westwan-1#show policy-map int pos 1/1/0 POS1/1/0 Service-policy output: OC-48-WAN-EDGE queue stats for all priority classes: Queueing queue limit 512 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 18577357/16278388540 Class-map: VOIP-TELEPHONY (match-all) 3347 packets, 682788 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp ef (46) police: cir 49760000 bps, bc 1555000 bytes, be 1555000 bytes conformed 3347 packets, 682788 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop conformed 0000 bps, exceed 0000 bps, violate 0000 bps Priority: Strict, b/w exceed drops: 0 6-61 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Class-map: REAL-TIME-INTERACTIVE (match-all) 18574010 packets, 16277705752 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp cs4 (32) police: cir 821040000 bps, bc 12315600 bytes, be 12315600 bytes conformed 18574010 packets, 16277705752 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop violated 0 packets, 0 bytes; actions: drop conformed 0000 bps, exceed 0000 bps, violate 0000 bps Priority: Strict, b/w exceed drops: 0 Class-map: NETWORK-CONTROL (match-all) 1697395 packets, 449505030 bytes 30 second offered rate 1000 bps, drop rate 0000 bps Match: ip dscp cs6 (48) Queueing queue limit 173 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 1644399/446219278 bandwidth 5% (124400 kbps) Class-map: CALL-SIGNALING (match-any) 455516 packets, 157208585 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp cs3 (24) Queueing queue limit 173 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 455516/157208585 bandwidth 5% (124400 kbps) Class-map: OAM (match-all) 0 packets, 0 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp cs2 (16) Queueing queue limit 173 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 bandwidth 5% (124400 kbps) Class-map: MULTIMEDIA-CONFERENCING (match-all) 0 packets, 0 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp af41 (34) af42 (36) af43 (38) Queueing queue limit 347 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 bandwidth 10% (248800 kbps) Class-map: MULTIMEDIA-STREAMING (match-all) 0 packets, 0 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp af31 (26) af32 (28) af33 (30) Queueing queue limit 173 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 bandwidth 5% (124400 kbps) Exp-weight-constant: 4 (1/16) Mean queue depth: 0 packets class Transmitted Random drop Tail drop Minimum Maximum Mark pkts/bytes pkts/bytes pkts/bytesthresh thresh prob6-62 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module Class-map: BROADCAST-VIDEO (match-all) 771327514 packets, 1039749488872 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp cs5 (40) Queueing queue limit 173 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 771327514/1039749488872 bandwidth 5% (124400 kbps) Class-map: TRANSACTIONAL-DATA (match-all) 0 packets, 0 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp af21 (18) af22 (20) af23 (22) Queueing queue limit 173 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 bandwidth 5% (124400 kbps) Class-map: BULK-DATA (match-all) 0 packets, 0 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp af11 (10) af12 (12) af13 (14) Queueing queue limit 139 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 0/0 bandwidth 4% (99520 kbps) Class-map: SCAVENGER (match-all) 79 packets, 6880 bytes 30 second offered rate 0000 bps, drop rate 0000 bps Match: ip dscp cs1 (8) Queueing queue limit 64 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 79/6880 bandwidth 1% (24880 kbps) Class-map: class-default (match-any) 3209439 packets, 908940688 bytes 30 second offered rate 1000 bps, drop rate 0000 bps Match: any Queueing queue limit 695 packets (queue depth/total drops/no-buffer drops) 0/0/0 (pkts output/bytes output) 3052981/905185696 bandwidth 20% (497600 kbps) Exp-weight-constant: 4 (1/16) Mean queue depth: 1 packets class Transmitted Random dropTail drop Minimum Maximum Mark pkts/bytes pkts/bytes pkts/bytes thresh thresh prob 0 3052981/905185696 0/0 0/0 173 347 1/10 1 0/0 0/0 0/0 194 347 1/10 2 0/0 0/0 0/0 216 347 1/10 3 0/0 0/0 0/0 237 347 1/10 4 0/0 0/0 0/0 259 347 1/10 5 0/0 0/0 0/0 281 347 1/10 6 0/0 0/0 0/0 302 347 1/10 7 0/0 0/0 0/0 324 347 1/10 The main difference between the router and the Cisco Catalyst 4500 switch with Sup6E is that the router implements queues in software. It is therefore not limited to eight egress queues as is the Cisco Catalyst 4500 with Sup6E. Example 6-27 shows the 12-class QoS model implemented with 12 separate egress queues over the OC-48 POS interface. Each class-map entry highlighted in bold corresponds to a queue. With this model, traffic from multiple service classes do not have to share a 6-63 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module single queue. This can provide a higher level of granularity into the visibility of various video applications, if separate applications are mapped to separate service classes. The traffic rate and drop rate, as well as counts of total packets and bytes outbound, and also counts of total drops for each queue can be seen from the show policy-map interface command when such a policy map is applied to the interface. Simple Network Management Protocol The Simple Network Management Protocol (SNMP) refers both to a specific protocol used to collect information and configure devices over an IP network, as well as an overall Internet-standard network management framework. The SNMP network management framework consists of the following components: • Network management stations (NMSs)—Typically a server that runs network management applications, which in turn uses the SNMP protocol to monitor and control network elements. • Network elements—The actual managed devices (routers, switches, TelePresence codecs, and so on) on the IP network. • Agents—Software components running within network elements that collect and store management information. • Managed objects—Specific characteristics of network elements that can be managed. Objects can be single entities or entire tables. Specific instances of managed objects are often referred to as variables. • Management information bases (MIBs)—Collections of related management objects. MIBs define the structure of the management data through a hierarchical namespace using object identifiers (OIDs). Each OID describes a particular variable that can either be read from a managed object or set on a managed object. MIBs can be standards-based or proprietary. Because SNMP management information uses a hierarchical namespace, individual vendors can extend the management capabilities of their products through proprietary MIBs, which are typically published. Currently, three versions of SNMP are commonly deployed: • SNMPv1—The initial version introduced in the late 1980s. The security model used by SNMPv1 consists of authentication only, using community strings (read-only and read/write) that are sent in clear text within SNMP messages. Because of this, SNMPv1 is considered inherently insecure, and read/write capability should be used with caution, even over private networks. • SNMPv2c—Proposed in the mid 1990s. The “c” in SNMPv2c indicates a simplified version of SNMPv2 that also uses a security model based on community strings. SNMPv2 improved the performance of SNMPv1 by introducing features such as the get-bulk-request protocol data unit (PDU) and notifications, both listed in Table 6- 3. However, because SNMPv2c still uses the same security model as SNMPv1, read/write capability should be used with caution. • SNMPv3—Introduced in the early 2000s, and is currently defined primarily under IETF RFCs 3411-3418. A primary benefit of SNMPv3 is its security model, which eliminates the community strings of SNMPv1 and SNMPv2. SNMPv3 supports message integrity, authentication, and encryption of messages; allowing both read and read/write operation over both public and private networks. As mentioned above, the SNMP protocol defines a number of PDUs, some of which are shown in Table 6-3, along with the particular version of SNMP that supports them. These PDUs are essentially the commands for managing objects through SNMP.6-64 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module SNMP traps and/or informs (generically referred to a notifications) can be used to send critical fault management information, such as cold start events, link up or down events, and so on, from a medianet infrastructure device back to an NMS. This may be helpful in troubleshooting issues in which a video session has failed. SNMP GET commands can be used to pull statistics medianet infrastructure devices, which may then be used for assessing performance. Example 6-28 shows basic configuration commands for enabling SNMP on a Cisco Catalyst 6500 Switch. Example 6-28 Sample SNMP Configuration on a Cisco Catalyst 6500 Switch me-westcore-1(config)#snmp-server group group1 v3 priv access 10 me-westcore-1(config)#snmp-server user trapuser group1 v3 auth sha trappassword priv des privacypassword me-westcore-1(config)#snmp-server trap-source Loopback0 me-westcore-1(config)#snmp-server ip dscp 16 Table 6-3 SNMP Versions and PDUs Version PDU Description SNMPv1 get-request Command/response mechanism by which an NMS queries a network element for a particular variable SNMPv1 response Command/response mechanism by which an NMS receives information about a particular variable from a network element, based on a previously issued SNMP request message SNMPv1 get-next-request Command/response mechanism that can be used iteratively by an NMS to retrieve sequences of variables from a network element SNMPv1 set-request Issued by an NMS to change the value of a variable on a network element, or to initialize SNMP traps or notifications to be sent from a network element SNMPv1 trap Asynchronous mechanism by which a network elements issues alerts or information about an event to an NMS SNMPv2 get-bulk-request Improved command/response mechanism that can be used by an NMS to retrieve sequences of variables from a network element with a single command SNMPv2 inform-request Provides similar functionality as the trap PDU, but the receiver acknowledges the receipt with a response PDU6-65 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Cisco Network Analysis Module me-westcore-1(config)#snmp-server host 10.17.2.10 version 3 priv trapuser me-westcore-1(config)#snmp-server enable traps me-westcore-1(config)#access-list 10 permit 10.17.2.10 This configuration creates an SNMP group called group1 that uses SNMPv3 and access-list 10 to limit access to only the NMS workstation at IP address 10.17.2.10. A userid called trapuser is associated with the SNMP group. The userid uses Secure Hash Algorithm (SHA) for authentication with password trappassword, and DES for encryption with password privacypassword. The commands snmp-server enable traps and snmp-server host 10.17.2.10 version 3 priv trapuser cause the switch to send SNMP traps to the NMS workstation. Note that this enables all traps available on the Cisco Catalyst switch to be enabled. The network administrator may desire to pare this down to traps applicable to the configuration of the Cisco Catalyst switch. Finally, the switch is configured to send traps using the Loopback0 interface with the DSCP marking of CS2 (note that not all platforms support the ability to set the DSCP marking of SNMP data). The SNMP group information can be displayed with the show snmp group command shown in Example 6-29. Example 6-29 Sample Output From show snmp group Command on a Cisco Catalyst 6500 Switch me-westcore-1#show snmp group groupname: group1 security model:v3 priv readview : v1default writeview: <no writeview specified> notifyview: *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.F row status: active access-list: 10 Similarly, the SNMP user information can be displayed with the show snmp user command shown in Example 6-30. Example 6-30 Sample Output From show snmp user Command on a Cisco Catalyst 6500 Switch me-westcore-1#show snmp user User name: trapuser Engine ID: 800000090300001874E18540 storage-type: nonvolatile active Authentication Protocol: SHA Privacy Protocol: DES Group-name: group1 Note that the specific management objects that can be accessed via SNMP depend on the platform and software version of the platform. The Cisco MIB Locator, at the following URL, can be helpful in determining supported MIBS: http://tools.cisco.com/ITDIT/MIBS/servlet/index.6-66 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Application-Specific Management Functionality The following sections summarize the components that provide application-specific management functionality for each of the four major video application solutions that co-exist over a converged medianet infrastructure: Cisco TelePresence, Cisco Digital Media Suite, Cisco IP Video Surveillance, and Cisco Desktop Video Collaboration. Cisco TelePresence Within Cisco TelePresence, application-specific management functionality is distributed among the following four major components of the deployment: • Cisco TelePresence System Manager • Cisco TelePresence Multipoint Switch • Cisco Unified Communications Manager • Cisco TelePresence System endpoints Figure 6-26 provides a high-level summary of the main management roles of each of the components of a TelePresence deployment, each of which is discussed in the following sections. Figure 6-26 Summary of the Management Roles of the Components of a TelePresence Deployment Table 6-4 highlights the application-specific management functionality of each component. CTS-MAN Accounting Management Fault Management Performance Management Accounting Management Fault Management Configuration Management Security Management Accounting Management Performance Management CUCM CTMS CTS Endpoint 228412 M IP Network Infrastructure6-67 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Table 6-4 Cisco TelePresence Application-Specific Management Functionality Management Product /Tool Management Functionality Description Cisco TelePresence Manager Fault management • The Cisco TelePresence Manager web-based GUI provides a centralized view of the status of Cisco TelePresence Multipoint Switch devices and Cisco TelePresence System endpoints; including the status of the connectivity between Cisco TelePresence System endpoints and the Cisco Unified Communications Manager, the status of connectivity between Cisco TelePresence System endpoints and the Cisco TelePresence System Manager, and the synchronization of Cisco TelePresence System rooms with the e-mail/calendaring system used for scheduling meetings. • The Cisco TelePresence Manager web-based GUI also provides a centralized view of scheduled meetings, including those that have error conditions. Configuration management • The Cisco TelePresence Manager web-based GUI provides device/element management capabilities, in that the configuration of the Cisco TelePresence Manager itself is accomplished through the GUI. Limited configuration support of the Cisco TelePresence Manager is available via a Secure Shell (SSH) command-line interface (CLI) as well. • The Cisco TelePresence Manager web-based GUI also provides a centralized view of the configuration capabilities of individual Cisco TelePresence System endpoints; including features such as high-speed auxiliary codec support, document camera support, interoperability support, and so on. Accounting management • The Cisco TelePresence Manager interoperates with an e-mail/calendaring system to retrieve information for meetings scheduled by end users, and update individual Cisco TelePresence System endpoints regarding upcoming meetings. • The Cisco TelePresence Manager interoperates with one or more Cisco TelePresence Multipoint Switch devices to allocate segment resources for multipoint meetings scheduled by end users. • The Cisco TelePresence Manager web-based GUI provides a centralized view of ongoing and scheduled meetings for the entire TelePresence deployment, and per individual Cisco TelePresence System endpoint. Security management • The Cisco TelePresence Manager web-based GUI provides a centralized view of the web services security settings of each Cisco TelePresence System endpoint, as well as a centralized view of the security settings of scheduled and ongoing meetings. • The Cisco TelePresence Manager currently provides administrative access via the local user database only.6-68 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Cisco Unified Communications Manager Fault management • The Cisco Unified Communications Manager provides limited fault management capability for Cisco TelePresence deployments. The Session Initiation Protocol (SIP) registration status of the Cisco TelePresence System endpoints to the Cisco Unified Communications Manager can be centrally viewed from the Cisco Unified Communications Manager Administration web-based GUI. Configuration management • The Cisco Unified Communications Manager centrally controls the configuration of Cisco TelePresence System endpoints via the Cisco Unified Communications Manager Administration web-based GUI. • The Cisco Unified Communications Manager centrally controls the provisioning (that is, downloading of system load and device configuration) for Cisco TelePresence System endpoints via TFTP/HTTP server functionality. Accounting management • Call detail records (CDRs) captured by the Cisco Unified Communications Manager can be used to determine start and stop times for Cisco TelePresence meetings. These may be used to bill back individual departments based on TelePresence room resource usage. Performance management • The Cisco Unified Communications Manager Administration web-based GUI provides the ability to statically limit the amount of network bandwidth resources used for audio and video per TelePresence meeting and per overall location. Note Note that Cisco Unified Communications Manager location-based admission control has no knowledge of network topology. Security management • The Cisco Unified Communications Manager centrally controls the security configuration of Cisco TelePresence System endpoints via the Cisco Unified Communications Manager Administration web-based GUI. • In combination with the Certificate Authority Proxy Function (CAPF) and Certificate Trust List (CTL) Provider functionality, Cisco Unified Communications Manager provides the framework for enabling secure communications (media) and signaling (call signaling, and web services) for TelePresence deployments. Table 6-4 Cisco TelePresence Application-Specific Management Functionality (continued)6-69 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Cisco TelePresence Multipoint Switch Fault management • The Cisco TelePresence Multipoint Switch provides limited fault management capabilities. The web-based GUI interface can display errors and warnings for scheduled and non-scheduled meetings, as well as system errors. Configuration management • The Cisco TelePresence Multipoint Switch web-based GUI provides device/element management capabilities, in that the configuration of the Cisco TelePresence Multipoint Switch itself is accomplished through the GUI. Limited configuration support of the Cisco TelePresence Multipoint Switch is available via an SSH CLI as well. • The Cisco TelePresence Multipoint Switch web-based GUI also provides the interface for administrators and meeting schedulers to configure static and ad hoc TelePresence meetings. Performance management • The Cisco TelePresence Multipoint Switch web-based GUI provides centralized call statistics for multipoint calls, including SLA parameters such as bit rates, latency, drops, jitter, and so on, per Cisco TelePresence System endpoint. • The Cisco TelePresence Multipoint Switch web-based GUI also provides historical statistics for Cisco TelePresence Multipoint Switch resources including CPU utilization, traffic load per interface, packet discards, TCP connections, memory, and disk usage. Security management • The Cisco TelePresence Multipoint Switch web-based GUI provides the interface for configuration of the security requirements for static and ad hoc TelePresence meetings. • Access control to the Cisco TelePresence Multipoint Switch is via the local database with three roles: administrator, meeting scheduler, or diagnostic technician. Cisco TelePresence System Endpoint Fault management • The Cisco TelePresence System web-based GUI and SSH interfaces both provide device/element management capabilities, including a view of the system status, as well as diagnostics that can be used to troubleshoot the camera, microphone, and display components of the Cisco TelePresence System endpoint. • SIP Message log files accessed through the Cisco TelePresence System web-based GUI can be used to troubleshoot SIP signaling between the Cisco TelePresence System endpoint and Cisco Unified Communications Manager. • Additional Cisco TelePresence System log files can be collected and downloaded via the web-based GUI to provide system-level troubleshooting capabilities. • Status of peripheral devices (cameras, displays, microphones, and so on) can be accessed centrally via SNMP through the CISCO-TELEPRESENCE-MIB. Configuration management • The Cisco TelePresence System web-based GUI and SSH interfaces both provide information regarding current hardware and software versions and current configuration of the Cisco TelePresence System endpoint. Limited configuration is done on the Cisco TelePresence System endpoint itself. Most of the configuration is done via the Cisco Unified Communications Manager Administrator web-based GUI. Table 6-4 Cisco TelePresence Application-Specific Management Functionality (continued)6-70 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Note Both static location-based admission control and RSVP are considered part of performance management within this document, because the scheduling of resources is not done per end user, but to ensure that necessary resources are allocated to meet service level requirements. Cisco TelePresence Manager From a management perspective, the primary functions of Cisco TelePresence Manager are resource allocation, which is part of accounting management; and fault detection, which is part of fault management. Cisco TelePresence Manager allocates Cisco TelePresence System endpoints (meeting rooms) and Cisco TelePresence Multipoint Switch segment resources based on meetings scheduled by end users through an e-mail/calendaring system such as Microsoft Exchange or IBM Lotus Domino. Note that the Cisco TelePresence Manager has no knowledge of the underlying IP network infrastructure, and therefore has no ability to schedule any network resources or provide Call Admission Control (CAC) to ensure that the TelePresence call goes through during the scheduled time. Figure 6-27 shows an example of the resource scheduling functionality of Cisco TelePresence Manager. Accounting management • The Cisco TelePresence System web-based GUI provides access to statistics for ongoing calls, or the previous call if the Cisco TelePresence System endpoint is currently not in a call. Accounting management statistics include the call start time, duration of the call, remote number, bit rate, and the number of packets and bytes transmitted and received during the call. These statistics are also available via an SSH CLI as well as through SNMP. Performance management • The Cisco TelePresence System web-based GUI provides access to statistics for ongoing calls, or the previous call if the Cisco TelePresence System endpoint is currently not in a call. Performance management statistics include parameters such as packet loss, latency, jitter, and out-of-order packets for audio and video media streams. These can be used to assess the performance of the network infrastructure in meeting service level agreements. These statistics are also available via SNMP through the CISCO-TELEPRESENCE-CALL-MIB. • An IP service level agreements (IPSLA) responder within the Cisco TelePresence System endpoint can be enabled, allowing the Cisco TelePresence System endpoint to respond to packets sent by an IPSLA initiator. IPSLA can be used to pre-assess network performance before commissioning the Cisco TelePresence System endpoint onto a production network, or used to assess ongoing network performance or when troubleshooting. Security management • Access control to the individual Cisco TelePresence System endpoints is currently handled via a local database, although the userid and password used for access control are centrally managed via the configuration within the Cisco Unified Communications Manager Administration web-based GUI. • SNMP notifications can be set on the Cisco TelePresence System endpoint to alert after failed access control attempts. Table 6-4 Cisco TelePresence Application-Specific Management Functionality (continued)6-71 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Figure 6-27 Cisco TelePresence Manager Resource Scheduling Cisco TelePresence Manager periodically queries the e-mail/calendaring system to determine whether an end user has scheduled TelePresence rooms for an upcoming meeting. Having previously synchronized the TelePresence rooms defined within the Cisco Unified Communications Manager database with the TelePresence rooms defined within the e-mail/calendaring system database, the Cisco TelePresence Manager then pushes the meeting schedule the IP Phone associated with each TelePresence room. If a multipoint meeting has been scheduled by the end user, the Cisco TelePresence Manager selects an appropriate Cisco TelePresence Multipoint Switch for the meeting, and schedules the necessary resources for the meeting. The Cisco TelePresence Multipoint Switch then updates the end user via an e-mail confirmation. Note In Figure 6-27 and throughout this chapter, the CTS codec and associated IP phone together are considered the CTS endpoint. The IP phone shares the same dial extension as the CTS codec, is directly connected to it, and is used to control TelePresence meetings. The other primary management function of the Cisco TelePresence Manager is fault detection. Cisco TelePresence Manager includes the ability to centrally view error conditions in the various components of a Cisco TelePresence deployment. It also allows you to view error conditions that resulted in the failure of scheduled meetings. Figure 6-28 shows an example of the Cisco TelePresence Manager screen used to view the status of Cisco TelePresence System endpoints. 228403 CUCM CTS-MAN User IP Phone M CTMS CTS Codec Enail/Calendaring Server Primary IP User schedules meeting rooms via email/calendaring server CTS-MAN reads the event in room mailboxes Primary codec pushes XML content to the phone in the room User now has a “Single Button to Push”to join the meeting CTS-MAN discovers and monitors CTS systems in CUCM via AXL/SOAP and JTAPI CTS-MAN validates rooms in the directory server and pulls room schedules from the email/calendaring server CTS-MAN pushes XML content to the primary codec of the CTS endpoints CTS-MAN sends meeting confirmation to the user via email CTS-MAN sends the meeting details to the CTMS 6-72 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Figure 6-28 Fault Detection Using the Cisco TelePresence Manager As shown in Figure 6-28, a red X indicates some type of error condition that may need to be further investigated. These error conditions can include communication problems between the Cisco TelePresence System endpoint and the Cisco Unified Communications Manager, or between the Cisco TelePresence System endpoint and the Cisco TelePresence Manager itself. Other error conditions include problems within the Cisco TelePresence System endpoint itself, such as an issue with one of the peripherals (cameras, displays, and so on). Still other error conditions include synchronizing the TelePresence room defined within the Cisco Unified Communications Manager with the room definition within the e-mail/calendaring system. The System Status panel in the lower left corner of Figure 6-28 provides information regarding whether any meetings scheduled for the current day had errors. By clicking on the icons within the panel, you can gain additional details about the scheduled meetings and error conditions. The Cisco TelePresence Manager also plays a minor role in both configuration management and security management. Cisco TelePresence Manager allows central viewing of specific configured features supported by a particular Cisco TelePresence System endpoint, such as a projector, document camera, or high-speed auxiliary codec support. It also allows you to centrally view the web service security settings for particular Cisco TelePresence System endpoints. Both of these functions are illustrated in Figure 6-29.6-73 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Figure 6-29 Cisco TelePresence Manager View of Configuration and Security Options for Cisco TelePresence System Endpoints A red X indicates that the particular feature is either not configured or currently unavailable on the Cisco TelePresence System endpoint. A locked padlock indicates that web services communications from the Cisco TelePresence System endpoint are secured via Transport Layer Security (TLS). An open padlock indicates that web services communications from the Cisco TelePresence System endpoint are in clear text. Note that this functionality allows the viewing of only certain capabilities configured on the Cisco TelePresence System endpoint. All changes to the Cisco TelePresence System endpoint configuration are handled through the Cisco Unified Communications Manager, which is discussed next. Cisco Unified Communications Manager From an overall TelePresence deployment perspective, the primary function of the Cisco Unified Communications Manager is a SIP back-to-back user agent for session signaling. However, the Cisco Unified Communications Manager also plays a central management role for TelePresence deployments. From an FCAPS perspective, the primary roles of the Cisco Unified Communications Manager are in configuration management and security management. The device configuration and software image version for each of the Cisco TelePresence System endpoints is centrally managed through the Cisco Unified Communications Manager Administration web-based GUI, and downloaded to each Cisco TelePresence System endpoint when it boots up. The Cisco Unified Communications Manager therefore plays a central role in the initial provisioning of Cisco TelePresence System endpoints onto the network infrastructure, as well as any ongoing changes to the configuration of the Cisco TelePresence System endpoints. Figure 6-30 provides an example of the Cisco Unified Communications Manager Administrator web page, showing the TelePresence endpoints configured for the particular Cisco Unified Communications Manager.6-74 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Figure 6-30 Centralized Configuration Management via the Cisco Unified Communications Manager The detailed configuration for each Cisco TelePresence System endpoint can be viewed and modified by clicking on each device listed under the Device Name column shown in Figure 6-30. Included within the configuration of each Cisco TelePresence System endpoint is the security configuration. TelePresence security includes the use of Secure Real-time Transport Protocol (SRTP) for confidentiality and data authentication of the audio and video media streams; as well as TLS for confidentiality and data authentication of the SIP signaling and web services signaling between the various TelePresence components. For a thorough discussion of Cisco TelePresence security, see Cisco TelePresence Secure Communications and Signaling at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/telepresence.html. Cisco Unified Communications Manager also plays a role in accounting management, in that call detail records (CDRs) can be captured and used to bill back end users for TelePresence room usage. Cisco Unified Communications Manager can also play a role in performance management, in terms of bandwidth allocation, using static location-based CAC, although it is not in widespread use today for TelePresence deployments. The amount of bandwidth used for the audio and video components of an individual TelePresence call can be centrally controlled per zone via Cisco Unified Communications Manager. Also the total amount of bandwidth allocated for aggregate audio and video traffic to and from a location can be centrally controlled, via Cisco Unified Communications Manager. When a new TelePresence call requested via SIP signaling results in the amount of bandwidth allocated either for the individual call or aggregated for the entire location exceeding the configured zone or location bandwidth, the new call does not proceed. This helps maintain the overall quality of ongoing TelePresence calls. Because static location-based CAC has no knowledge of the underlying network infrastructure, it is typically effective only in hub-and-spoke network designs. Cisco offers location-based CAC integrated with Resource Reservation Protocol (RSVP), using an RSVP agent device, for VoIP and Cisco Unified Communications Manager-based Desktop Video Conferencing. However, this is currently not supported for Cisco TelePresence deployments. 6-75 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Finally, the Cisco Unified Communications Manager plays a minor role in fault management. The SIP registration state of Cisco TelePresence System endpoints can be centrally viewed, and faults detected, from the Cisco Unified Communications Manager Administration web-based GUI interface, as shown in the Status column of Figure 6-30. Cisco TelePresence Multipoint Switch From an overall TelePresence deployment perspective, the primary function of the Cisco TelePresence Multipoint Switch is to provide switching of the video and audio media for multipoint TelePresence calls. However, as with the Cisco Unified Communications Manager, the Cisco TelePresence Multipoint Switch also plays a management role for TelePresence deployments. From an FCAPS perspective, the primary function of Cisco TelePresence Multipoint Switch is in performance management. The Cisco TelePresence Multipoint Switch can collect performance data regarding the Cisco TelePresence System endpoints in an ongoing multipoint meeting. Figure 6-31 shows an example of the call statistics collected by the Cisco TelePresence Multipoint Switch for one of the Cisco TelePresence System endpoints within a three-party multipoint call. Figure 6-31 Cisco TelePresence Multipoint Switch Performance Statistics for Ongoing Meetings Call statistics include the maximum jitter seen for the last period (ten seconds), the maximum jitter seen for the duration of the call, latency, and lost packets in both the transmit and receive directions. These statistics are collected by the Cisco TelePresence Multipoint Switch for both the audio and video channels for each of the endpoints. Cisco TelePresence Multipoint Switch call statistics can be used to quickly view whether any leg of a multipoint call is outside the required service level agreement (SLA) parameters of jitter, packet loss, and latency. Statistics regarding the overall status of the Cisco TelePresence Multipoint Switch are also collected, as shown in Figure 6-32. These statistics include CPU loading of the Cisco TelePresence Multipoint Switch, traffic loading for the FastEthernet interfaces, Cisco TelePresence Multipoint Switch memory and disk utilization, open TCP connections, and Cisco TelePresence Multipoint Switch packet discards.6-76 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Figure 6-32 Cisco TelePresence Multipoint Switch Statistics for Overall Status Each of the categories shown in Figure 6-32 can be expanded by clicking on it. For example, the Active CPU Load Average Value * 100 statistics can be expanded, as shown in Figure 6-33. This provides detail regarding CPU utilization on a daily, weekly, monthly, and yearly basis.6-77 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Figure 6-33 Expanded Statistics for Active CPU Load Average Value * 100 The statistics collected by the Cisco TelePresence Multipoint Switch can be used to perform long-term trend analysis, allowing you to plan the deployment of additional Cisco TelePresence Multipoint Switch resources before capacity limits are reached and service is degraded. The Cisco TelePresence Multipoint Switch also plays a role in both configuration management and security management. Static and ad hoc meetings, as well as the security requirements for those meetings, are configured directly on the Cisco TelePresence Multipoint Switch by network administrators or meeting schedulers. Meetings can be configured as non-secured, secured, or best effort. Best effort means that if all endpoints support encryption, the call goes through as secured. However, if any endpoint does not support encryption, the call falls back to an unencrypted or non-secured call. Access control to the Cisco TelePresence Multipoint Switch is controlled through its local database, with the capability of defining three roles: administrators, who have full access to the system; meeting schedulers, who can only schedule static or ad hoc meetings; and diagnostic technicians, who can perform diagnostics on the Cisco TelePresence Multipoint Switch. Finally, the Cisco TelePresence Multipoint Switch plays a minor role in fault management. The Cisco TelePresence Multipoint Switch logs system errors as well as error or warning conditions regarding meetings. For example, a error message might indicate that a Cisco TelePresence System endpoint cannot join a secure multipoint meeting because it is not configured to support encryption. The error messages can be viewed via the web-based GUI interface of the Cisco TelePresence Multipoint Switch.6-78 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Cisco TelePresence System Endpoint From an overall TelePresence deployment perspective, the primary function of the Cisco TelePresence System endpoint is to transmit and receive the audio and video media for TelePresence calls. However, from an FCAPS management perspective, the Cisco TelePresence System endpoint also plays a role in performance management. The Cisco TelePresence System endpoint collects statistics regarding ongoing TelePresence meetings, or the previous meeting if the device is not in a current call. These can be viewed through the Cisco TelePresence System web-based GUI interface, as shown in the example in Figure 6-34. Figure 6-34 Cisco TelePresence System Endpoint Call Statistics6-79 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality As with the Cisco TelePresence Multipoint Switch, statistics are collected for both the audio and video channels for each of the endpoints. The statistics include SLA parameters such as average latency for the period (ten seconds) and for the call; average jitter for the period and the call; percentage of lost packets for the period and the call; as well as total lost packets, out of order packets, late packets, or duplicate packets. They also include some accounting management information such as the call start time, call duration, and the remote phone number; as well as the bandwidth of the call, and the number of bytes or packets sent and received. These statistics can also be collected and stored centrally via SNMP through the CISCO-TELEPRESENCE-CALL-MIB supported by Cisco TelePresence System endpoints running Cisco TelePresence System version 1.5 or higher software. These statistics can then be used for performance analysis and/or billing purposes. A more limited set of call statistics, primarily the accounting management statistics, is available through the SSH CLI, as shown in Example 6-31. Example 6-31 Call Statistics Available via the SSH Command-Line Interface admin:show call statistics all Call Statistics Registered to Cisco Unified Communications Manager : Yes Call Connected: Yes Call type : Audio/Video Call Call Start Time: Oct 27 11:48:29 2009 Duration (sec) : 2119 Direction: Outgoing Local Number : 9193921003 Remote Number: 9193926001 State : Answered Bit Rate: 4000000 bps,1080p Security Level : Non-Secure -- Audio -- IP Addr Src: 10.22.1.11:25202 Dst : 10.16.1.20:16444 Latency Avg: 1 Period: 1 Statistics Left Center Right Aux Tx Media Type N/A AAC-LD N/A AAC-LD Tx Bytes 0 17690311 0 0 Tx Packets 0 105930 0 0 Rx Media Type AAC-LD AAC-LD AAC-LD AAC-LD Rx Bytes 0 0 0 0 Rx Packets 0 0 0 0 Rx Packets Lost0 0 0 0 -- Video -- IP Addr Src: 10.22.1.11:20722 Dst : 10.16.1.20:16446 Latency Avg: 1 Period: 1 Statistics Center Aux Tx Media Type H.264 H.264 Tx Bytes 1068119107 0 Tx Packets 1087322 0 Rx Media Type H.264 H.264 Rx Bytes 1067246669 0 Rx Packets 1055453 0 Rx Packets Lost 1876 0 -- Audio Add-in -- IP Addr Src: 10.22.1.11:0 Dst : 0.0.0.0:0 Latency Avg: N/A Period: N/A Statistics Center Tx Media Type N/A Tx Bytes 0 Tx Packets 0 Rx Media Type N/A6-80 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality Rx Bytes 0 Rx Packets 0 Rx Packets Lost 0 In addition to passive collection of statistics during calls, Cisco TelePresence System endpoints can also function as IPSLA responders, as of Cisco TelePresence System version 1.4 or higher. IPSLA can be used to pre-assess network performance before commissioning the Cisco TelePresence System endpoint onto a production network. Optionally, IPSLA can be used to assess network performance when troubleshooting a performance issue of a production device. See Network-Embedded Management Functionality, page 6-2 for more information regarding the use of IPSLA for performance management. The Cisco TelePresence System endpoint also supports extensive fault management capabilities through diagnostics that can be used to troubleshoot the camera, microphone, and display components of the Cisco TelePresence System endpoint. These diagnostics can be accessed through either the web-based GUI interface of the Cisco TelePresence System endpoint, or through the SSH CLI. Additionally, SIP log files stored within the Cisco TelePresence System endpoint can be accessed through the web-based GUI to troubleshoot call signaling between the Cisco TelePresence System endpoint and the Cisco Unified Communications Manager. Finally, the status of each component (displays, microphones, speakers, and so on) of the Cisco TelePresence System endpoint can be accessed centrally via SNMP through the CISCO-TELEPRESENCE-MIB. This management information base (MIB) is supported on Cisco TelePresence System endpoints running software version 1.5 and higher. The Cisco TelePresence System endpoint itself also plays a minor role in configuration management and security management. In terms of configuration management, the configuration of the Cisco TelePresence System endpoint, including specific hardware and software levels of each component (displays, microphones, speakers, and so on), can be viewed through the web-based GUI interface, or accessed through the SSH CLI. However, modifications to the configuration of the Cisco TelePresence System endpoint is primarily controlled centrally by the Cisco Unified Communications Manager. In terms of security management, access to the Cisco TelePresence System endpoint is via its local database. However, the userid and passwords are configured centrally within the Cisco Unified Communications Manager and downloaded to the Cisco TelePresence System endpoint. Cisco TelePresence System 1.6 introduces password aging for the SSH and web-based GUI interface of the Cisco TelePresence System endpoints. The security settings of the Cisco TelePresence System endpoint are controlled via the Cisco Unified Communications Manager centrally, as discussed previously. Finally, the Cisco TelePresence System endpoint also supports the ability to generate SNMP traps for authentication failures when attempting to access the system. This can be used to monitor the Cisco TelePresence System endpoints against brute-force password attacks. Cisco TelePresence SNMP Support As of this writing (CTS version 1.6), CTS, CTMS, and CTS Manager support the MIBs listed in Table 6-5. Future versions of Cisco TelePresence may add additional SNMP MIB support. Table 6-5 MIB Support in TelePresence Endpoints (CTS, CTMS, and CTS-MAN) MIB Name Description CISCO-SYSLOG-MIB Provides an SNMP interface into syslog messages CISCO-CDP-MIB Provides Ethernet neighbor information, such as the attached IP phone and upstream switch HOST-RESOURCES-MIB Provides system operating system information such as system CPU, memory, disk, clock, and individual process information6-81 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Application-Specific Management Functionality IP Video Surveillance For information regarding the medianet management functionality of the Cisco IP Video Surveillance solution, see the Cisco IP Video Surveillance Design Guide at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/IPVS/IPVS_DG/IPVS_DG.pdf. Digital Media Systems For information regarding the medianet management functionality of the Cisco Digital Media Systems solution, see the Cisco Digital Media System 5.1 Design Guide for Enterprise Medianet at the following URL: http://www.cisco.com/en/US/docs/solutions/Enterprise/Video/DMS_DG/DMS_DG.html. Desktop Video Collaboration Future revisions of this document will include discussion regarding medianet management functionality for Cisco Desktop Video Collaboration solutions. RFC-1213-MIB Provides basic MIB2 structure/information such as system uptime, system description, SNMP location, and SNMP contact IF-MIB Provides Ethernet interface statistics, such as bytes and packets transmitted and received, as well as interface errors UDP-MIB Provides the number of inbound and outbound UDP packets, as well as drops TCP-MIB Provides the number of inbound and outbound TCP packets, connections, and number of TCP retransmissions CISCO-TELEPRESENCE-MIB Provides notification on peripheral and user authentication failures; also allows for the remote restart of the CTS device CISCO-TELEPRESENCE-CALL-MIB Provides detailed call statistics for TelePresence meetings CISCO-ENVMON-MIB Provides system temperature SNMP protocol-specific MIBs: • SNMP-FRAMEWORK-MIB • SNMP-MPD-MIB • SNMP-NOTIFICATION-MIB • SNMP-TARGET-MIB • SNMP-USM-MIB • SNMP-VACM-MIB Provides information relating to the SNMP daemon configuration and current state Table 6-5 MIB Support in TelePresence Endpoints (CTS, CTMS, and CTS-MAN) (continued)6-82 Medianet Reference Guide OL-22201-01 Chapter 6 Medianet Management and Visibility Design Considerations Summary Summary This design chapter has focused on functionality that can be used to provide increased visibility and management of video flows within an enterprise medianet. From a high-level perspective, the functionality can be separated into two broad categories: application-specific management functionality and network-embedded management functionality. Application-specific management refers to functionality within the components of a particular video solution: Cisco TelePresence, Cisco IP Video Surveillance, Cisco Digital Media Systems, and Cisco Desktop Video Collaboration. Network-embedded management refers to functionality embedded within the medianet infrastructure itself, which allows both visibility and management of video flows. These include specific embedded software features such as NetFlow and IPSLA, the Cisco router and Cisco Catalyst switch CLI itself, and also hardware modules such as the Cisco NAM embedded within Cisco Catalyst 6500 Series Switches. By implementing a QoS model that separates the various video applications into different service classes, which are then mapped to separate queues and drop thresholds within Cisco router and switch platforms, you can gain additional visibility into the video applications themselves by collecting flow information based on DSCP aggregation, as well as monitoring the router and switch queues. Typically, the more granular the QoS model (that is, up to 12 service classes) and the more queues and drop thresholds deployed throughout medianet infrastructure devices, the greater the visibility and ability to manage the flows. C H A P T E R 7-1 Medianet Reference Guide OL-22201-01 7 Medianet Auto Configuration Medianet auto configuration is designed to ease the administrative burden on the network administrator by allowing the network infrastructure to automatically detect a medianet device attached to a Cisco Catalyst switch via the Cisco Medianet Service Interface (MSI) and configure the switch port to support that particular device. Figure 7-1 shows an example with a Cisco digital media player (DMP) and a Cisco IP Video Surveillance (IPVS) camera connected to a Cisco Catalyst switch. Figure 7-1 Example of Auto Configuration From an FCAPS perspective, auto configuration is part of configuration management. The current medianet auto configuration functionality includes two features: • Auto Smartports • Location Services Auto Smartports Auto Smartports (ASP) macros are an extension to Cisco Static Smartports macros. With Static Smartports, either built-in or user-defined macros can be applied manually to an interface by a network administrator. Macros contain multiple interface-level switch commands bundled together under the macro name. For repetitive tasks, such as multiple interfaces which require the same configuration, 229923 CDP: Device (ex. Cisco DMP 4310G) CDP: Device (ex. Cisco CIVS-IPC-4500) CDP: Location (ex. Floor 2, Room 100) Switch Access Port = DMP QoS Configuration, Security Configuration, etc… Gig 1/0/1 Gig 1/0/5 Switch Access Port = IPVS Camera QoS Configuration, Security Configuration, etc… HDTV7-2 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Static Smartports can reduce both switch configuration errors and the administrative time required for such configuration. ASP macros extend this concept by allowing the macro to be automatically applied to the interface based upon built-in or user-defined trigger events. The mechanisms for detecting trigger events include the use of Cisco Discovery Protocol (CDP) packets, Link-Level Discovery Protocol (LLDP) packets, packets which include specific MAC addresses or Organizational Unique Identifiers (OUIs), and attribute-value (AV) pairs within a RADIUS response when utilizing ASP macros along with 802.1x/MAB. Note Triggering an ASP macro by passing a RADIUS AV pair to the Catalyst switch has not been validated at the time this document was written. Platform Support Table 7-1 shows Cisco Catalyst switch platforms and IOS software revisions which currently support ASP macros. There are basically two versions of ASP macros, which are referred to as ASP macros and Enhanced ASP macros within this document. This is due to differences in functionality between ASP macros running on older IOS software revisions and ASP macros running on the latest IOS software revisions. Table 7-2 highlights some of these differences. Table 7-1 Platform and IOS Revision for Auto Smartports Support Platform ASP IOS Revisions Enhanced ASP IOS Revisions Catalyst 3750-X Series Switches 12.2(53)SE2 12.2(55)SE Catalyst 3750, 3560, 3750-E, and 3560-E Series Switches 12.2(50)SE, 12.2(52)SE 12.2(55)SE Cisco ISR EtherSwitch Modules 1 1. This applies to ISR EtherSwitch Modules which run the same code base as Catalyst 3700 Series switches. 12.2(50)SE, 12.2(52)SE 12.2(55)SE Catalyst 4500 Series Switches IOS 12.2(54)SG Future Release Catalyst 2975 Series Switches 12.2(52)SE 12.2(55)SE Catalyst 2960-S and 2960 Series Switches 12.2(50)SE, 12.2(52)SE, 12.2(53)SE1 12.2(55)SE Table 7-2 Partial List of Feature Differences Between ASP Macros and Enhanced ASP Macros Feature ASP Macros Enhanced ASP Macros Macro-of-last-resort No Yes Custom macro No Yes Ability to enable/disable individual device macros No Yes Ability to enable/disable individual detection mechanisms No Yes Built-in ip-camera macro Yes, without AutoQos Yes, with AutoQoS7-3 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Throughout this document, the term “ASP Macros” is generally used to refer to both the non-enhanced and enhanced Auto Smartports macro functionality. The term “Enhanced ASP Macros” is only used when specific features which are supported by the enhanced Auto Smartports functionality are discussed. As mentioned above, from a medianet perspective the primary benefit of ASP macros is to ease the administrative burden of provisioning medianet devices onto the IP network infrastructure. Table 7- 3 lists the medianet devices currently supported by built-in ASP macros. Auto Smartports also has built-in macros for devices which are not specific to a medianet. These devices include routers, switches, access-points, and lightweight (CAPWAP/LWAP enabled) access-points. Switch Configuration Auto Smartports macro processing is enabled globally on supported Catalyst switches with the command: macro auto global processing This command also automatically enables ASP macro processing on all switchports. This could lead to unwanted consequences when first enabling ASP macros on a Catalyst switch. For example, the network administrator may not want Auto Smartports to automatically change the configuration of existing Built-in media-player macro Yes, with MAC-address/OUI trigger Yes, with CDP trigger or MAC-address/OUI trigger Built-in phone macro Yes Yes Built-in lightweight access-point macro Yes Yes Built-in access-point macro Yes Yes Built-in router macro Yes Yes Built-in switch macro Yes Yes Built-in detection mechanisms CDP, LLDP, mac-address, and RADIUS AV pair CDP, LLDP, mac-address, and RADIUS AV pair Table 7-2 Partial List of Feature Differences Between ASP Macros and Enhanced ASP Macros Feature ASP Macros Enhanced ASP Macros Table 7-3 Medianet Devices with Built-in ASP Macros Device Models Software Revisions and Comments Cisco IPVS Cameras CIVS-IPC-2400 Series, CIVS-IPC-2500 Series, CIVS-IPC-4300, CIVS-IPC-4500 1 1. Cisco 5000 Series IPVS cameras currently do not support CDP. Revision 1.0.7. CDP detection mechanism only. Cisco DMPs Cisco DMP 4305G, Cisco DMP 4400G Revision 5.2.1. OUI detection mechanism only. Cisco DMPs Cisco DMP 4310G Revision 5.2.2. CDP or OUI detection mechanisms7-4 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports uplink ports connected to infrastructure devices such as switches and routers. Such changes could result in an unintentional service outage when first enabling ASP macros. The network administrator should first disable ASP macro processing on interfaces where it is not desired. The following examples show how to disable ASP macro processing at the interface-level for a single interface and a range of interfaces. Note The no macro auto processing interface-level command will currently not appear within the switch configuration—even if it has been typed in—until the macro auto global processing global command is entered into the switch configuration. Therefore, the network administrator must manually keep track of which interfaces they have disabled for ASP macro processing before enabling the macro auto global processing global command. The macro auto global processing command has one or two optional forms as shown below, depending upon the Catalyst switch platform. These forms of the command may be used when the network administrator has deployed 802.1x or MAB and wishes either CDP packets or LLDP packets to be used for ASP macro trigger detection—after 802.1x/MAB authentication is successful. This functionality may also be enabled per interface with the following interface-level command: macro auto processing fallback <fallback method> The fallback method can either be CDP or LLDP, depending upon the platform, as discussed above. Security Considerations further describes the use of MAB with CDP fallback. Note Since none of the medianet devices currently support an 802.1x supplicant, all testing was performed utilizing MAB with CDP fallback only. By default, all built-in ASP device macros (also referred to as ASP scripts) are enabled when ASP macro processing is enabled on a Catalyst Switch. Table 7- 4 shows the built-in device ASP macros, any configurable parameters which can be passed into the macros when they execute, and the default values of those parameters. These can be displayed through the show macro auto device command on the Catalyst switch. Single Interface Range of Interfaces interface GigabitEthernet1/0/1 no macro auto processing interface range GigabitEthernet1/0/1 - 48 no macro auto processing Catalyst Access Switches Catalyst 4500 Series Switches macro auto global processing fallback cdp macro auto global processing fallback cdp Or: macro auto global processing fallback lldp7-5 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports As listed in Table 7-2, one of the benefits of implementing Enhanced ASP macros is the ability to enable/disable individual built-in device macros. This can be accomplished through the following global switch command: macro auto global control device <list of devices separated by spaces> The list of devices includes one or more of the macro names listed in Table 7- 4. For example, in order to enable only the built-in ip-camera and media-player ASP macros, the network administrator would configure the following command on a switch platform which supports Enhanced ASP macros: macro auto global control device ip-camera media-player Built-in device macros can also be enabled/disabled per interface with the following interface-level command: macro auto control device <list of devices separated by spaces> The list of devices includes one or more of the macro names listed in Table 7-4. Security Considerations discusses some potential security reasons why the network administrator may choose to restrict which macros are enabled on a particular switch platform. With regular ASP macro support, the only way the network administrator can “disable” a built-in macro is to override the macro in such a manner that does nothing. Overriding Built-in Macros discusses this further. For the most part, the only parameters which can be passed into the built-in ASP macros are VLAN parameters, as shown in Table 7-4. These can be passed using the following global switch configuration command: macro auto device <device> <line> The device is one of the macro names listed in Table 7-4 and line is one of the following forms: For example, in order to set the access VLAN to VLAN302 for IPVS cameras which use ASP macros, the network administrator would configure the following global switch command: Table 7-4 ASP Built-in Device Macros Macro Name Cisco Device Configurable Parameters Defaults access-point Autonomous Access Point NATIVE_VLAN VLAN1 ip-camera Video Surveillance Camera ACCESS_VLAN VLAN1 lightweight-ap CAPWAP / LWAP Access Point ACCESS_VLAN VLAN1 media-player Digital Media Player Access_VLAN VLAN1 phone IP Phone ACCESS_VLAN, VOICE_VLAN VLAN1, VLAN2 router Router NATIVE_VLAN VLAN1 switch Catalyst Switch NATIVE_VLAN VLAN1 ACCESS_VLAN=<vlan> Used for ip-camera, lightweight-ap, and media-player macros NATIVE_VLAN=<vlan> Used for access-point, router, and switch macros ACCESS_VLAN=<vlan> VOICE_VLAN=<vlan> Used for the phone macro7-6 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports macro auto device ip-camera ACCESS_VLAN=VLAN302 From a network design perspective, the ability to set the VLAN for medianet devices is important for two reasons. First, the default macro parameters typically set the access VLAN to VLAN1. Cisco SAFE security best practices have long recommended that network administrators utilize a VLAN other than VLAN1 for devices. Second, the ability to set the VLAN allows different medianet devices to be placed on separate VLANS. This may be beneficial from a traffic isolation perspective, either for QoS or for security purposes. For example, a network administrator may wish to separate all IPVS cameras on a particular Catalyst switch to a VLAN which is separate from normal PC data traffic. The downside of this is that all devices of a particular type are placed into the same VLAN by Auto Smartports. For example, currently there is no ability to place certain DMPs into one VLAN and other DMPs into another VLAN. This may be desirable if two departments within an organization each control their own sets of DMPs and the content to be displayed. By default, three mechanisms for detecting ASP trigger events are enabled automatically when ASP macro processing is enabled on a Catalyst Switch. These detection mechanisms are shown in Table 7-5. Note The list above does not include the use of an RADIUS AV pair to return a trigger name, which can be used when 802.1x/MAB authentication is enabled as well as ASP macros. ASP Macro Details details how ASP macros are triggered. With Enhanced ASP macros, the network administrator can disable any of the detection mechanisms via the following global switch configuration command: macro auto global control detection <list of detection mechanism names> The list of detection mechanism names corresponds to one or more of the detection mechanism names in Table 7- 5. For example, in order enable only CDP and MAC address detection mechanisms on a given Catalyst switch, the network administrator can configure the following global switch configuration command: macro auto global control detection cdp mac-address Detection mechanisms can also be enabled/disabled per interface with the following interface-level command: macro auto control detection <list of detection mechanism names> From a network design perspective, it may be beneficial to disable unused detection mechanisms if the network administrator knows that there are no devices which will utilize a particular mechanism. This can prevent unexpected switchport configuration changes due to accidental triggering of an ASP macro. For instance, medianet specific devices such as Cisco DMPs and IPVS cameras do not currently support the LLDP protocol. Therefore a network administrator who is interested in using Enhanced ASP macros Table 7-5 ASP Detection Mechanisms Detection Mechanism Name Description cdp Instructs the switch to look for ASP triggers within CDP packets. lldp Instructs the switch to look for ASP triggers within LLDP packets. mac-address Instructs the switch to look for either full MAC addresses or the OUI portion of MAC addresses which match in list contained within either a built-in or user-defined MAC-address trigger.7-7 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports to ease the administrative burden of configuring these devices across the network infrastructure may decide to enable only CDP and MAC address detection mechanisms. Finally, note that for regular ASP macros, there is no method of disabling a particular ASP detection mechanism. One additional command is worth noting. Normally ASP macros are applied to an interface upon detecting a trigger event after link-up and removed upon a link-down event by an anti-macro. Since it is recommended that the interface begin with a default interface configuration (with exceptions when using Location Services, the custom macro, or 802.1x/MAB), the link-down returns the interface to its initial default configuration. The macro auto sticky global configuration command causes the macro which is applied upon link-up to remain applied upon link-down. The macro auto port sticky interface-level configuration command has the same effect on a port-by-port basis. The benefit of the macro auto sticky and macro auto port sticky commands is that the macro is only run once when the medianet device is first seen on the interface, versus every time the interface is transitioned from down to up. The running configuration of the switch always shows the applied macro as well, regardless of whether the device is currently up or down. This may be beneficial from a troubleshooting perspective. The downside is that ASP macros which include the switchport port-security command may cause the interface to go into an error-disabled state should another device with a different MAC address be placed onto the switchport. This document is primarily concerned with the built-in ip-camera and media-player ASP macros, since they relate directly to medianet devices. The built-in access-point and lightweight-ap ASP macros were not evaluated for this document. Future revisions of the Medianet Reference Design may include design guidance regarding wireless connectivity and video. The built-in phone macro was evaluated only from the perspective of its effect on medianet devices such as Cisco TelePresence (CTS) endpoints and desktop video conferencing units which consists of a PC running software daisy-chained to an IP phone. ASP Macro Details An understanding of the implementation of ASP will assist in general troubleshooting, customization, and security considerations. The macros are fairly transparent and supported by several useful show commands and debugging tools. The logical flow is organized into three distinct functions: detection, policy, and function. Detection is used to determine that an actionable event has occurred and selects an appropriate method to classify the device. Three detection methods are available. These are neighbor discovery using either LLDP or CDP, Mac Address, or 802.1x identity. They can be seen with the IOS exec command: sh macro auto event manager detector all No. Name Version Node Type 1 identity 01.00 node0/0 RP 2 neighbor-discovery 01.00 node0/0 RP 3 mat 01.00 node0/0 RP A detail of each detector is also available that lists more information concerning events and variables that are passed back and forth between the IOS event manager and the ASP detector. The details are not explained here. It is only important to know that ASP starts when IOS calls one or more of these detectors and passes information such as interface, mac-address, and link events into the detector. The detectors are associated to a policy that can examine the variables that are passed and make a decision. The policy generates an event trigger. These policy shell scripts do the major work within ASP. The link between detector and policy can be seen with the show command: sh macro auto event manager policy registered Typically six policies are registered with the three detectors. Output from the show command is summarized in Table 7- 6.7-8 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports As an example, when a link-event down occurs, neighbor discovery will run the script Mandatory.link.sh. Details of the script can be seen with the command: sh macro auto event manager policy registered detailed <policy script> The scripts can be read with a little background in programming. It is possible to register user-generated scripts, although the details of that procedure are not included in this document. There are significant differences in the system scripts packaged in Auto Smartports and those found in Enhanced Auto Smartports. Each script fetches information from the router configuration, such as the current macro description. Based on the calling event, passed variables, and interface configuration, the policy script generates a trigger. Triggers are mapped to shell functions. This mapping can be seen with the command: sh shell trigger This displays all of the mapped triggers. However ASP is only relevant to those triggers that map to a function that contains AUTO_SMARTPORT in the function name. Arguments are passed into the shell function from the trigger. Common arguments include $LINKUP, $INTERFACE, $TRIGGER, and $ACCESS_VLAN. With this information, the function applies the appropriate configuration to the interface of the switch. The functions can be customized. The shell function details can be seen with the command: show shell function As an example, consider the case were a CDP packet is received on an interface that was previously configured with the appropriate ASP configuration. Neighbor-discovery calls the script Mandatory.cdp.sh. The script first checks to see if CDP detection is available; if so, then the CDP capabilities are checked. If the host bit is set, then the CDP platform type is compared against known types. The previous trigger is noted by pulling the macro description from the interface configuration. Another check is made to see if discovery is enabled for that particular type of device. If so, then the script continues to check the other capabilities bits for Phone, Access Point, Router, or Switch. If the host bit is set in conjunction with the phone bit, then the phone trigger takes precedence. Finally a trigger is generated and mapped to a shell function. Different policies can generate the same trigger. For example, both Mandatory.link.sh and Mandatory.cdp.sh can generate a CISCO_DMP_EVENT trigger, but pass the variable LINKUP with a different value into the shell function. The event policy has the logic to handle various situations, such as the case where the new trigger is the same as the previous trigger that was last used to configure the interface. The event policy also checks to see if the interface is configured with a sticky macro. These are not removed when the link is down. As discussed previously, this could result in an err_disabled state if a different device is attached to a sticky interface with port security. Sticky configurations should not be used if the intent is to dynamically configure the interface based on device discovery when devices move from port to port. The relationship between the various components is shown in Figure 7-2. The example flow shows the result of a CDP event. Table 7-6 Policies Associated With ASP Detectors Detector Policy Event 1 neighbor-discovery Mandatory.link.sh link-event down 2 neighbor-discovery Mandatory.link2.sh link-event admindown 3 neighbor-discovery Mandatory.lldp.sh lldp update 4 mat Mandatory.mat.sh use-mat-db yes hold-down 65.000 5 neighbor-discovery Mandatory.cdp.sh cdp update 6 identity Mandatory.identity.sh aaa-attribute {auto-smart-port}7-9 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Figure 7-2 Auto Smartports Event Flow Medianet Devices with Built-in ASP Macros The following devices are currently supported by built-in ASP macros. Cisco IPVS Cameras Cisco IPVS cameras support CDP as the detection mechanism for executing the built-in ip-camera ASP macro. There are slight differences in the built-in ip-camera macro applied depending upon the platform (Catalyst access switch or Catalyst 4500) and upon whether the platform supports Enhanced ASP macros or regular ASP macros. The example in Table 7-7 shows the switchport configuration applied after a link-up event for a Catalyst access switch, both with regular ASP Macros and Enhanced ASP Macros. The configuration assumes the initial switchport configuration was a default configuration (meaning no configuration on the interface). Shell Functions CISCO_DMP_AUTO_SMAR TPORT UP / DOWN CISCO_IP_CAMERA_AUTO _SMARTPORT UP/DOWN flash:/overridden_last_res ort.txt UP/DOWN CISCO_PHONE_AUTO_SM ARTPORT UP/DOWN CISCO_ROUTER_AUTO_S MARTPORT UP/DOWN CISCO_SWITCH_AUTO_SM ARTPORT UP/DOWN CISCO_DMP_EVENT CISCO_DMP_AUTO_SMAR TPORT CISCO_IPVSC_EVENT CISCO_IP_CAMERA_AUTO _SMARTPORT CISCO_LAST_RESORT EVENT flash:/overridden_ last_resort.txt CISCO_PHONE_EVENT CISCO_PHONE_AUTO_SM ARTPORT CISCO_ROUTER_EVENT CISCO_ROUTER_AUTO_S MARTPORT CISCO_SWITCH_EVENT CISCO_SWITCH_AUTO_SM ARTPORT 229924 Detection Manager Policy Manager sh macro auto event manager detector all Link Down Link Admin Down LLDP MAC Address MAB Identity Neighbor MAC Address sh macro auto event manager history events sh macro auto event manager policy registered Trigger Mappings sh shell trigger sh shell functions brief | in SMARTPORT CDP Radius cdp lldp Rx Packet 7-10 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Brief explanations of the commands are shown in Table 7-8. Table 7-7 Configuration Example 1—Switchport Configuration Resulting from the Built-in IP-Camera Macro Regular ASP Macro Enhanced ASP Macro ! interface GigabitEthernet1/0/40 switchport access vlan 302 1 switchport mode access switchport block unicast switchport port-security mls qos trust dscp macro description CISCO_IPVSC_EVENT spanning-tree portfast spanning-tree bpduguard enable ! 1. Access VLAN set by macro auto device ip-camera ACCESS_VLAN=VLAN302 global configuration command. ! interface GigabitEthernet1/0/40 switchport access vlan 302 switchport mode access switchport block unicast switchport port-security srr-queue bandwidth share 1 30 35 5 queue-set 2 priority-queue out mls qos trust device ip-camera mls qos trust dscp macro description CISCO_IPVSC_EVENT auto qos video ip-camera spanning-tree portfast spanning-tree bpduguard enable ! Table 7-8 Summary of ASP Commands Command Description switchport access vlan 302 Configures the switchport as a static access port using the access VLAN specified through the following manually configured global command: macro auto device ip-camera ACCESS_VLAN=302 switchport mode access The port is set to access unconditionally and operates as a nontrunking, single VLAN interface that sends and receives nonencapsulated (non-tagged) frames. switchport block unicast By default, all traffic with unknown MAC addresses is sent to all ports. This command blocks unicast packets with unknown MAC addresses received by this port from being sent to other ports on the switch. This feature is designed to address the cam table overflow vulnerability, in which the cam table overflows and packets are sent out all ports. switchport port-security Enables port security on the interface. Defaults to one secure MAC address. Defaults to set the port in error-disable state upon a security violation. SNMP Trap and Syslog message are also sent. auto qos video ip-camera Automatically configures QoS on the port to support a Cisco IPVS camera. Causes the following interface level commands to be added: srr-queue bandwidth share 1 30 35 5 queue-set 2 priority-queue out mls qos trust device ip-camera mls qos trust dscp Causes global configuration changes to the switch configuration to occur as well.7-11 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports The main difference between the Enhanced ASP macro and the regular ASP macro is that the Enhanced ASP macro includes the auto qos video ip-camera interface-level command. AutoQoS has been extended in IOS version 12.2(55)SE on the Catalyst access switches to support video devices as well as VoIP. Among other things, the auto qos video ip-camera command causes DSCP markings from the device to be trusted when the switchport detects CDP from the attached Cisco IPVS camera. On Catalyst access switches, the auto qos video ip-camera command also causes changes to the queue-sets, which globally affect the switch configuration. These global changes—which result from the AutoQoS commands within ASP macros—are not reversed when the anti-macro is run, returning the interface to its default configuration. Instead the global configuration changes remain within the running configuration of the switch. The network administrator may need to manually access the switch in order to save these changes in the running configuration into the startup configuration. Note also that minor disruptions to switch processing may occur the first time the queue-sets are modified. However, this occurs only when the first switchport configured for Enhanced ASP macros detects an IPVS camera. Subsequent switchports which detect an IPVS camera do not cause further changes to the queue-sets, since they have already been modified. For further discussion of the effects of AutoQoS video, see the Medianet Campus QoS Design 4.0 document at: http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus _40.html Note Cisco recommends a DSCP setting of CS5 for IPVS cameras. However this is not currently the default value which ships in the firmware. The network administrator may have to manually change the DSCP value to CS5 within the IPVS cameras. srr-queue bandwidth share 1 30 35 5 Sets ratio by which the shaped round robin (SRR) scheduler services each of the four egress queues (Q1 through Q4 respectively) of the interface. Bandwidth is shared, meaning that if sufficient bandwidth exists, each queue can exceed its allocated ratio. Note that the priority-queue out command overrides the bandwidth ratio for Q1. queue-set 2 Maps the port to the 2nd queue set within the switch. Catalyst 3560, 3750, and 2960 Series switches support two queue sets. priority-queue out Enables egress priority queuing. Automatically nullifies the srr-queue bandwidth share ratio for queue 1 since the priority queue is always serviced first (unlimited bandwidth). mls qos trust device ip-camera Enables the QoS trust boundary if CDP packets are detected indicating the connection of a IP surveillance camera to the interface. mls qos trust dscp Classify an ingress packet by using the packet’s DSCP value. macro description CISCO_IPVSC_EVENT Description indicating which built-in macro has been applied to the interface, in this case the built in ip-camera macro. spanning-tree portfast When the Port Fast feature is enabled, the interface changes directly from a blocking state to a forwarding state without making the intermediate spanning-tree state changes. spanning-tree bpduguard enable Puts the interface in the error-disabled state when it receives a bridge protocol data unit (BPDU). This should not occur on a port configured for access mode. Table 7-8 Summary of ASP Commands7-12 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Cisco Digital Media Players (DMPs) Cisco 4310G DMPs running revision 5.2.2 are the only DMPs which support CDP as the detection mechanism for executing the built-in media-player ASP macro. The CDP detection mechanism for DMPs only works for Enhanced ASP macros as well. However, the MAC address detection mechanism automatically works for Cisco 4305G, 4400G, and 4310G DMPs for both Enhanced ASP macros and regular ASP macros. Catalyst switches which support ASP macros have a built-in MAC address trigger which matches on the OUI values of 00-0F-44 or 00-23-AC, corresponding to Cisco DMPs. The built-in media-player ASP macro is the same regardless of whether the platform supports Enhanced ASP macros or regular ASP macros. The example in Table 7-9 shows the switchport configuration applied after a link-up event for a Catalyst access switch. The configuration assumes the initial switchport configuration was a default configuration (meaning no configuration on the interface). Brief explanations of the commands are shown in Table 7-10. Table 7-9 Configuration Example 2—Switchport Configuration Resulting from the Built-in Media-Player Macro Regular and/or Enhanced ASP Macro ! interface GigabitEthernet2/0/8 switchport access vlan 282 1 switchport mode access switchport block unicast switchport port-security priority-queue out mls qos trust dscp macro description CISCO_DMP_EVENT spanning-tree portfast spanning-tree bpduguard enable ! 1. Access VLAN set by macro auto device media-player ACCESS_VLAN=VLAN282 global configuration command. Table 7-10 Summary of ASP Commands Command Description switchport access vlan 282 Configures the switchport as a static access port using the access VLAN specified through the following manually configured global command: macro auto device media-player ACCESS_VLAN=282 switchport mode access The port is set to access unconditionally and operates as a nontrunking, single VLAN interface that sends and receives nonencapsulated (non-tagged) frames. switchport block unicast By default, all traffic with unknown MAC addresses is sent to all ports. This command blocks unicast packets with unknown MAC addresses received by this port from being sent to other ports on the switch. This feature is designed to address the cam table overflow vulnerability, in which the cam table overflows and packets are sent out all ports.7-13 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports The network administrator should note that MAC-address triggers are executed only after a timeout of either CDP or LLDP triggers. The timeout value is roughly 65 seconds. In other words, when deploying DMPs which do not support CDP, or deploying DMPs on Catalyst switch platforms which do not support Enhanced ASP macros, the Catalyst switch listens for CDP or LLDP triggers for approximately one minute. After the timeout, the switch executes the built-in MAC-address trigger corresponding to the DMP. It is also important for the network administrator to understand the order in which certain services start when devices such as DMPs boot up. When using dynamic IP addressing, CDP should be sent before any DHCP packets are sent. This is because the access VLAN is often passed into the ASP macro. A device which acquires an IP address before the ASP macro has run will acquire an IP address corresponding to the default VLAN (VLAN 1). When the ASP macro subsequently runs, the device is moved onto a different access VLAN. Therefore, the device will need to release the existing IP address and acquire a new IP address. Typically this is done when the device sees the line-protocol transitioned when the VLAN is changed on the switch port. The built-in macros do not transition the link upon VLAN reassignment. Failure to release and renew the IP address results in an unreachable device, since its IP address corresponds to the wrong VLAN. This issue also exists when using the built-in MAC address trigger to execute the built-in media-player ASP macro for DMPs. Medianet Devices without Built-in ASP Macros The following devices are not currently supported by built-in ASP macros. Cisco TelePresence (CTS) Endpoints Currently there are no built-in ASP macros for Cisco TelePresence (CTS) endpoints within the Catalyst switch software. CTS endpoints consist of one or more codecs and an associated IP phone. As of CTS software version 1.6(5), both the codec and the phone send CDP packets to the Catalyst switch with the phone bit enabled within the capabilities field of CDP packets. Catalyst switchports currently apply the built-in phone ASP macro for attached CTS endpoints, based on the CDP trigger from the combination switchport port-security Enables port security on the interface. Defaults to one secure MAC address. Defaults to set the port in error-disable state upon a security violation. SNMP Trap and Syslog message are also sent. priority-queue out Enables egress priority queuing. Automatically nullifies the srr-queue bandwidth share ratio for queue 1, since the priority queue is always serviced first (unlimited bandwidth). mls qos trust dscp Classify an ingress packet by using the packet’s DSCP value. macro description CISCO_DMP_EVENT Description indicating which built-in macro has been applied to the interface, in this case the built-in media-player macro. spanning-tree portfast When the Port Fast feature is enabled, the interface changes directly from a blocking state to a forwarding state without making the intermediate spanning-tree state changes. spanning-tree bpduguard enable Puts the interface in the error-disabled state when it receives a bridge protocol data unit (BPDU). This should not occur on a port configured for access mode. Table 7-10 Summary of ASP Commands7-14 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports of the IP phone and codec, assuming the phone macro is enabled globally on the Catalyst switch. For customers who have both Cisco IP phones and CTS endpoints attached to the same Catalyst switch and who wish to use ASP macros, this is a likely scenario. The application of the built-in phone ASP macro does not cause CTS endpoints to stop working, provided the network administrator has deployed the TelePresence endpoint to share the voice VLAN with IP phones. However, the configuration is not optimal or recommended for CTS endpoints. The application of the built-in phone ASP macro includes the interface-level auto qos voip cisco-phone command. This applies AutoQoS VoIP to both the global configuration of the Catalyst switch as well as the interface. The current AutoQoS VoIP configuration only identifies, marks, and polices EF and CS3 traffic from an IP phone accordingly. Since TelePresence is recommended to be configured to send traffic with a CS4 DSCP marking, the AutoQoS VoIP configuration does not address TelePresence traffic at all. However, the traffic from the TelePresence codec is still trusted at the ingress port. Therefore the TelePresence traffic still crosses the network with a CS4 marking. A recommended work-around for this situation is to disable ASP macros via the no macro auto processing interface-level command for Catalyst switchports which support Cisco TelePresence endpoints. Either manually configure the switchports or use Static Smartports with the recommended configuration to support a CTS endpoint. Note As of IOS version 12.2(55)SE, Catalyst access switches support AutoQos for CTS endpoints with the auto qos video cts command. For more information, see the Medianet Campus QoS Design 4.0 guide: http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCampus _40.html. Other Video Conferencing Equipment Cisco desktop video conferencing software which consists of a PC daisy chained off of a Cisco IP phone will exhibit similar characteristics as Cisco CTS endpoints when implementing ASP macros. The attached Cisco IP phone will result in the built-in phone ASP macro being executed. The resulting configuration may not be optimal for desktop video conferencing. No built-in ASP macros currently exist for Cisco Tandberg video conferencing equipment at the time this document was written. Therefore, it is recommended to either manually configure the switchports or use Static Smartports with the recommended configuration to support Cisco Tandberg video conferencing equipment. Overriding Built-in Macros Generally the built-in ASP macros support the requirements of most customers while easing the deployment of medianet devices onto the network infrastructure. However, sometimes there may be reasons why a network administrator may wish to change the functionality of a built-in ASP macro. For example, with regular ASP macros, there is no ability to disable an individual built-in macro, such as the switch or router macros. Since these macros automatically configure the port as a trunk allowing all VLANS, there may be potential security issues with allowing them to run. The network administrator may desire to override the existing macro in such a manner that it is effectively disabled. Alternatively, the network administrator may wish to only slightly modify the function of an existing built-in ASP macro. For example, as previously mentioned, the deployment of sticky macros in a dynamic environment causes Auto Smartports to be less effective due to the switchport port-security7-15 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports interface-level command within both the built-in ip-camera and media-player macros. An overridden macro may be configured in order to modify or remove port-security for these devices if the network administrator desires to use sticky macros. Built-in macros can be overridden by creating a new macro with the same name as an existing built-in macro. These overridden macros can be located in one of three places: • Embedded within the switch configuration • A standalone macro file within the switch flash • A standalone macro file accessed remotely by the switch The partial configuration example in Table 7- 11 shows an overridden switch macro embedded within the configuration of a Catalyst access switch. The overridden switch macro example above simply causes the interface to be put into a shutdown state when the switchport detects the presence of another switch via the CDP triggering mechanism. The benefit of embedding an overridden macro directly within the switch configuration is the ability to view the macro directly from the configuration. The downside is that the network administrator may need to duplicate the same overridden macro on every switch which requires it. This can be both time consuming and error prone in large deployments, limiting the overall ability to scale Auto Smartports deployments. The second method of overriding a built-in macro is to put the overridden macro in a file located within the flash memory of the switch. In order to override a built-in macro from a flash file, the network administrator needs to include the macro auto execute <trigger name> remote <remote file location> command within the global configuration of the switch. The example in Table 7- 12 shows the command line added to a Catalyst access switch to override the built-in media-player ASP macro and the file contents of the overridden macro itself. Table 7-11 Configuration Example 3—Overridden ASP Macro within the Switch Configuration ! macro auto execute CISCO_SWITCH_EVENT { if [[ $LINKUP -eq YES ]]; then conf t interface $INTERFACE macro description $TRIGGER description ROGUE SWITCH DETECTED - PORT ENABLED switchport mode access shutdown exit end else conf t interface $INTERFACE no macro description description ROGUE SWITCH DETECTED - PORT DISABLED no switchport mode access exit end fi } !7-16 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports The benefit of this method is that a single overridden macro file can be created centrally—perhaps on a management server—and copied to each switch which needs to override the built-in ASP macro. This can help reduce the administrative burden and potential for errors, increasing the scalability of Auto Smartports deployments. The downside is that there is no method to validate that the overridden macro actually functions correctly when it is typed in a separate text file and subsequently downloaded to the Catalyst switch. It is recommended that the network administrator test any overridden macros—perhaps using a non-production lab or backup switch—before deploying them in order to avoid such errors. Errors in overridden macros will cause macro processing to immediately exit. This can result in un-deterministic results in the configuration of an interface, based upon where in the macro the error occurred. The network administrator should also note that currently no error or warning will be generated to the switch console or syslog when the macro exits due to an error. A second downside is that there is no method to validate that the overridden macro is correct for the particular model of switch to which it is being downloaded. There are slight command differences between Catalyst access switches and Catalyst 4500 Series switches which could cause a macro written for the wrong switch model to execute incorrectly. This can again result in un-deterministic results in Table 7-12 Configuration Example 4—Overridden Macro within a Flash File on the Switch Global Configuration Command ! macro auto execute CISCO_DMP_EVENT remote flash:DMP_macro.txt ! Contents of the Flash File Overriding the Built-in Macro me-w-austin-3#more DMP_macro.txt if [[ $LINKUP -eq YES ]]; then conf t interface $INTERFACE macro description $TRIGGER switchport access vlan $ACCESS_VLAN switchport mode access switchport block unicast mls qos trust dscp spanning-tree portfast spanning-tree bpduguard enable priority-queue out exit end fi if [[ $LINKUP -eq NO ]]; then conf t interface $INTERFACE no macro description no switchport access vlan $ACCESS_VLAN no switchport block unicast no mls qos trust dscp no spanning-tree portfast no spanning-tree bpduguard enable no priority-queue out if [[ $AUTH_ENABLED -eq NO ]]; then no switchport mode access fi exit end fi7-17 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports the configuration of an interface, based upon where the command differences occurred. In order to avoid this potential issue, the network administrator may choose to include the Catalyst switch model within the file name of the overridden macro. This gives the network administrator a quick visual indication if the file being downloaded is correct for the switch model. The third method of overriding a built-in ASP macro is to put the overridden macro in a file on a remote server and configure the switch to access the file when it needs to run the macro. In order to override a built-in macro from a file on a remote server, the network administrator needs to include the macro auto execute <trigger name> remote <remote file location> command again within the global configuration of the switch. However, this time the remote file location includes the protocol, network address or hostname, userid and password, and path to the file on the remote server. The example in Table 7-13 shows the command line added to a Catalyst access switch to override the built-in media-player ASP macro. The contents of the overridden macro itself are the same as that shown in Table 7-12. The switch is capable of using the following protocols for download of remote macros: FTP, HTTP, HTTPS, RCP, SCP, and TFTP. In production networks, it is recommended to implement a secure protocol, such as SCP or HTTPS. The benefit to this approach is that the overridden ASP macro files can again be managed centrally on a management server. This further eases the administrative burden of not having to manually copy the macro file to each switch which requires it. This is particularly useful when changing the behavior of an overridden macro that is already deployed on switches throughout the network infrastructure. The network administrator should note that the overridden ASP macro file is downloaded to the Catalyst switch every time a link-up or link down event occurs. The switch does not cache the macro file; it simply requests the file every time there is a link-up or link-down event on the port. Testing did not investigate any potential scalability implications for processing on the switch, since multiple ports on the same switch may simultaneously request a file for download in order to apply the macro, particularly in scenarios where the switch has just been reloaded. This method also has potential scalability implications for the remote server, since it may have to process multiple simultaneous downloads from multiple ports on a single switch and from multiple switches throughout the network. A downside to this method is that if the remote server is unavailable, the overridden ASP macro will not be run and the device will end up with a default configuration on the Catalyst switch. In many cases, the device will not function since it may be on the wrong VLAN. If the interface is already up and configured via the overridden ASP macro when the medianet device is removed, the configuration will remain on the Catalyst switchport if the remote server is unavailable. This is because the anti-macro will not be run to clean-up the switchport configuration. If another device is subsequently connected to the switchport, the resulting switchport configuration could be somewhat un-deterministic. This situation should be avoided. The remote server could be unavailable either due to a network error or a server error. Therefore, it is recommended that the network administrator implement both network-level redundancy as well as server-level redundancy in order to ensure the availability of the remote ASP macro when utilizing this method. Obviously the built-in router Auto Smartport macro should not be used to configure the interface that would route to the FTP server. Extra care will also be needed if the account password is to be changed on a reoccurring basis due to a security policy. Table 7-13 Configuration Example 5—Example Configuration for Overriding a Macro via a File on a Remote Server Global Configuration ! macro auto execute CISCO_DMP_EVENT remote ftp://admin:cisco@10.16.133.2/DMP_macro.txt !7-18 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Finally, as with the previous method, there is no mechanism to validate the overridden ASP macro has no errors or is the correct macro for the model of switch to which it will be automatically downloaded. It is again recommended that the network administrator test any overridden macros— perhaps using a non-production lab or backup switch—before making them available for automatic download in order to avoid such errors. Note CiscoWorks LMS is targeted to add support for managing Auto Smartports macros in an upcoming release. Future updates to this document may include details about LMS as it relates to ASP macros. Macro-of-Last-Resort As highlighted in Table 7-2, Enhanced ASP macros support a feature known as the macro-of-last-resort (also referred to as the LAST_RESORT macro). The macro-of-last-resort is a built-in ASP macro which is run if no other trigger event is seen and therefore no other ASP macro (built-in or user-defined) is run. Without the use of the macro-of-last-resort, devices such as end-user PCs—which typically will not trigger any ASP macros—may end up with a default switchport configuration, depending on whether the custom macro has been overridden. This may not be the desired switchport configuration, particularly if the network administrator uses a VLAN other than VLAN1 for the normal data VLAN. The custom macro is discussed in Custom Macro. Note The use of a VLAN other than the default (VLAN 1) for the data VLAN is consistent with Cisco SAFE security guidelines. The built-in macro-of-last-resort is enabled on Catalyst switches which support Enhanced ASP macros via the following global configuration command: macro auto global control trigger last-resort The macro-of-last-resort can also be enabled per interface with the following interface-level command: macro auto control trigger last-resort The only parameter which can be passed into the built-in ASP macro-of-last-resort is the access VLAN. This can be passed using the following global switch configuration command: macro auto execute CISCO_LAST_RESORT_EVENT built-in CISCO_LAST_RESORT_SMARTPORT ACCESS_VLAN=<vlan> For example, in order to set the access VLAN to VLAN100 for the macro-of-last-resort, the network administrator would configure the following global switch command: macro auto execute CISCO_LAST_RESORT_EVENT built-in CISCO_LAST_RESORT_SMARTPORT ACCESS_VLAN=100 The example in Table 7-14 shows the switchport macro-of-last-resort configuration applied after a link-up event for a Catalyst access switch. The configuration assumes the initial switchport configuration was a default configuration (meaning no configuration on the interface).7-19 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Brief explanations of the commands are shown in Table 7-15. When the device is removed from the interface, the anti-macro will return the switchport to a default interface configuration. The macro-of-last-resort can also be overridden. This allows the network administrator to implement a completely custom default switchport configuration for devices which do not match any built-in or user-defined ASP macros. Since the macro-of-last resort executes if no other triggering events are seen, including MAC-address trigger events, there could be a delay of over one minute between the time the switchport interface becomes active and the execution of the macro-of-last-resort. During this time period, the device will be active on the default VLAN (VLAN 1)—unless it was left on a different VLAN by the custom macro. Table 7-14 Configuration Example 6—Switchport Configuration Resulting from the Built-in Macro-of-Last-Resort ! interface GigabitEthernet1/0/7 switchport access vlan 100 1 switchport mode access load-interval 60 macro description CISCO_LAST_RESORT_EVENT spanning-tree portfast spanning-tree bpdufilter enable ! 1. Access VLAN set by macro auto execute CISCO_LAST_RESORT_EVENT built-in CISCO_LAST_RESORT_SMARTPORT ACCESS_VLAN=100 global configuration command. Table 7-15 Summary of ASP Commands Command Description switchport access vlan 100 Configures the switchport as a static access port using the access VLAN specified through the following manually configured global command: macro auto execute CISCO_LAST_RESORT_EVENT built-in CISCO_LAST_RESORT_SMARTPORT ACCESS_VLAN=100 switchport mode access The port is set to access unconditionally and operates as a nontrunking, single VLAN interface that sends and receives nonencapsulated (non-tagged) frames. load-interval 60 Sets the interval over which interface statistics are collected to average over 60 seconds. macro description CISCO_LAST_RESORT_EVENT Description indicating which built-in macro has been applied to the interface, in this case the built in last-resort macro. spanning-tree portfast When the Port Fast feature is enabled, the interface changes directly from a blocking state to a forwarding state without making the intermediate spanning-tree state changes. spanning-tree bpduguard enable Puts the interface in the error-disabled state when it receives a bridge protocol data unit (BPDU). This should not occur on a port configured for access mode.7-20 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports An end-user PC which uses DHCP could obtain an IP address before the switch moves the VLAN configuration to that specified by the macro-of-last-resort if the default VLAN contains a DHCP server. When the switchport is subsequently moved to the new VLAN, the end-user PC should release and renew the DHCP lease based on the line protocol transition of the switch. The network administrator may wish to test the PC hardware and operating systems deployed within his/her network to ensure they function properly before deploying Enhanced Auto Smartports. An alternative is to simply not provision a DHCP server on the default VLAN. Typically most DHCP clients will try to DISCOVER a server for more than the macro-of-last-resort timeout, however it is possible the end-user PC will timeout when attempting to obtain a DHCP address. In this case, the end-user may need to manually re-activate DHCP again after the macro-of-last-resort has moved the PC to the correct VLAN in order to obtain an IP address corresponding to the correct VLAN. Note Testing with the macro-of-last resort did not include the use of 802.1x/MAB on the end-user PC. Therefore, no design guidance around the interaction of 802.1x/MAB and the macro-of-last-resort is provided in this document at this time. Custom Macro The custom macro is a built-in Enhanced ASP macro which is automatically executed upon an interface link down event. The following example output from the show shell function CISCO_CUSTOM_AUTOSMARTPORT exec-level command shows the built-in custom macro. me-w-austin-3>show shell function CISCO_CUSTOM_AUTOSMARTPORT function CISCO_CUSTOM_AUTOSMARTPORT () { if [[ $LINKUP -eq YES ]]; then conf t interface $INTERFACE exit end fi if [[ $LINKUP -eq NO ]]; then conf t interface $INTERFACE exit end fi } By default, the custom macro does nothing at all unless it is overridden by the network administrator. The network administrator may choose to override the custom macro to provide functionality, such as a VLAN configuration other than the default VLAN (VLAN 1) to a port when there is no device connected to it. The following two examples illustrate possible uses of the custom macro. Example Scenario #1 The network administrator has pre-configured all unused ports to be on the data VLAN, instead of the default VLAN. If a DMP device is connected to a switchport configured for Enhanced ASP macros, it will be recognized as a DMP and moved into the VLAN specified by the network administrator through the built-media-player Enhanced ASP macro. For example, the port may be moved to a DMP VLAN. If the DMP device is then removed, the DMP anti-macro executes, removing the switchport from the DMP VLAN (which places it into the default VLAN). The custom macro will then execute, moving the switchport into the VLAN specified within the overridden custom macro. This may correspond to the data VLAN again. If a normal PC device is subsequently placed onto the same switchport, the PC will immediately come up within the data VLAN. It will remain there since it will not trigger any other 7-21 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports built-in Enhanced ASP macros. This scenario assumes the macro-of-last-resort has not been enabled. Therefore, in this example, the custom macro provides the network administrator an alternative method of placing devices which do not trigger any built-in Enhanced ASP macros (such as normal PCs) onto a VLAN other than the default VLAN. The advantage of the custom macro in this scenario is that the device does not have to wait until the macro-of-last resort is executed to be moved into the correct VLAN. This may help minimize issues regarding PCs acquiring an incorrect DHCP addresses because they were moved to another VLAN by the macro-of-last-resort. However, the network administrator should be careful of medianet devices such as DMPs and IPVS cameras accidently getting the wrong IP addresses, since they initially come up within the data VLAN as well. Finally, the network administrator may have to manually pre-configure all unused switchports be within the data VLAN initially. The custom macro will not be run until another macro has been run on the port and the device has subsequently been removed. Example Scenario #2 The network administrator has pre-configured all unused ports to be on an unused or isolated VLAN, instead of the default VLAN. If a DMP device is connected to a switchport configured for Enhanced ASP macros, it will be recognized as a DMP and moved into the VLAN specified by the network administrator through the built-media-player Enhanced ASP macro. For example, the port may be moved to a DMP VLAN. If the DMP device is then removed, the DMP anti-macro executes, removing the switchport from the DMP VLAN (which places it into the default VLAN). The custom macro will then execute, moving the switchport into the VLAN specified within the overridden custom macro. This may correspond to the unused or isolated VLAN in this scenario. If a normal PC device is subsequently placed onto the same switchport, the PC will immediately come up within the unused or isolated VLAN. If the macro-of-last-resort has been enabled, it will trigger, moving the device into another VLAN, such as the normal data VLAN. If the PC is then removed from the switchport, its anti-macro will execute, removing switchport from the data VLAN (which places it into the default VLAN). Then the custom macro will again execute, moving the switchport back into the unused or isolated VLAN. In this scenario, the custom macro provides the network administrator a method of placing unused ports into an unused or isolated VLAN—which is more consistent with Cisco SAFE guidelines. If the unused or isolated VLAN has no DHCP server, then devices will not accidently get the wrong IP address before they are subsequently moved into their correct VLANs by the Enhanced ASP macros. However, PCs may have to wait longer until the macro-of-last-resort executes in order to become active on the network. Finally, the network administrator may have to manually pre-configure all unused switchports to be within the unused or isolated VLAN initially. The custom macro will not be run until another macro has been run on the port and the device has subsequently been removed. Overridden Custom Macro Table 7-16 shows an example of an overridden custom macro.7-22 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports The overridden macro example simply places the switchport into VLAN 402 when it goes into a link down state. Note that the VLAN can either be hardcoded into the overridden macro or passed in via a variable declaration as shown in this example. Security Considerations CDP and LLDP are not considered to be secure protocols. They do not authenticate neighbors, nor make any attempt to conceal information via encryption. The only difficulty in crafting a CDP packet is that the checksum is calculated with a non-standard algorithm. Even this has been reversed engineered and published in public forums. As a result, CDP and LLDP offer an attractive vulnerability to users with mal-intent. For example, by simply sending in a CDP packet with the “S” bit (otherwise referred to as the switch bit) set in the capabilities TLV, the switch can be tricked into configuring a trunk port that will pass all VLANs and accept 802.1d BPDUs from the hacker. This could be used in man-in-the-middle (MIM) attacks on any VLAN in the switch. Below is an example of a CDP spoofing device that has set the switch bit. Notice that the platform is set to a DMP. An obvious give-away in this example is the host name, CDP Tool1, which was chosen to be obvious. Normally the host name would have been selected to make the device appear to be a legitimate DMP device. me-w-austin-3#sh cdp neigh g1/0/39 Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, D - Remote, C - CVTA, M - Two-port Mac Relay Device ID Local Intrfce Holdtme Capability Platform Port ID CDP Tool1 Gig 1/0/39 30 S DMP 4305G eth0 Because the switch policy ignores the platform, this field can be used to make the entry appear to be legitimate while still tricking the switch to configure a trunk, as shown below. ! interface GigabitEthernet1/0/39 location civic-location-id 1 port-location floor 2 room Broken_Spoke Table 7-16 Configuration Example 7—Overridden Custom Macro Within the Switch Configuration ! macro auto execute CISCO_CUSTOM_EVENT ACCESS_VLAN=402 { if [[ $LINKUP -eq YES ]]; then conf t interface $INTERFACE exit end fi if [[ $LINKUP -eq NO ]]; then conf t interface $INTERFACE switchport access vlan $ACCESS_VLAN exit end fi } !7-23 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports switchport mode trunk srr-queue bandwidth share 1 30 35 5 queue-set 2 priority-queue out mls qos trust cos macro description CISCO_SWITCH_EVENT macro auto port sticky auto qos trust end Fortunately with Enhanced ASP macros, the user is allowed to disable specific scripts. The recommendation is to only enable host type macros. Switches, routers, and access-points are rarely attached to a network in a dynamic fashion. Therefore, ASP macros corresponding to these devices should be disabled where possible. As discussed previously, ASP allows the use of remote servers to provide macros. Secure sessions such as HTTPS should be used. If the MIM above is used in conjunction with an unsecured remote configuration, the network administrator has released full control of the device to the hacker. Authenticating Medianet Devices Device authentication has been an ongoing concern since the early days of wireless access. The topic is the subject of several books. A common approach is to enable 802.1x. This authentication method employs a supplicant located on the client device. If a device does not have a supplicant, as is the case with many printers, then the device can be allowed to bypass authentication based on its MAC address. This is known as MAC-Authentication-Bypass or MAB. As the name implies, this is not authentication, but a controlled way to bypass that requirement. Currently all ASP medianet devices must use MAB if device authentication is in use, since these devices do not support an 802.1x supplicant. With MAB the client’s MAC address is passed to a RADIUS server. The server authenticates the devices based solely on its MAC address and can pass back policy information to the switch. Administrators should recognize that MAC addresses are not privileged information. A user can assign a locally-administered MAC address. Another key point is that MAB and ASP can happen independently of one another. A device may use MAB to get through authentication and then use CDP to trigger and ASP event. Security policy must also consider each independently. A user could hijack the MAC address from a clientless IP phone, then spoof CDP to trigger the SWITCH_EVENT macro. The risk is greatly reduced by following the recommendation to turn off ASP support for static devices such as switches and routers. MAB with ASP can be configured as shown in the example in Table 7-17. Table 7-17 Configuration Example 7—MAB with ASP ! interface GigabitEthernet1/0/7 description me-austin-c1040 (new_home) switchport mode access authentication event fail action authorize vlan 301 authentication event no-response action authorize vlan 301 authentication host-mode multi-domain authentication order dot1x mab authentication priority dot1x mab authentication port-control auto mab eap end !7-24 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports If the built-in macros have been overridden by the user, care should be taken to ensure they do not interfere with the MAB configuration. This includes the anti-macro section that removes the applied macro. CDP Fallback This feature is used to provide an alternate trigger method when RADIUS does not return an event trigger. If this feature is not used, then an authenticated device that does not include a RADIUS trigger will execute the LAST_RESORT Macro if enabled. The network administrator may want to disable CDP fallback to prevent CDP spoofing tools from hijacking a MAC-Address known to be authenticated by MAB. This does not prevent the device from being authenticated, but it does prevent the device from assuming capabilities beyond those of the true MAC address. While there is an incremental security gain from this approach, there are service availability concerns if the RADIUS server does not provide a recognized trigger event. As noted previously, this has not been fully validated at the time of this writing. Guest VLANs and LAST_RESORT Macro With MAB enabled, the MAC address is sent to a RADIUS server for authentication. If the MAC address is unknown, MAB may direct the interface to join a Guest VLAN if the switch is configured to do so. This is independent of any action invoked via ASP. As a result, there could be inconsistencies in VLAN assignment between MAB and ASP. In this case, the MAB result takes precedence, as shown in Table 7-18. The LAST RESORT VLAN corresponds to the access VLAN configured for the macro-of-last-resort, assuming the network administrator has enabled its use. The final VLAN assignment may not be the initial VLAN that was configured on the interface when line protocol initially came up. The timing is important. If the client’s DHCP stack successfully obtains an IP address prior to the final VLAN assignment, the client may become unreachable. In this case, the client should be reconfigured to use static addressing. In most situations, MAB and ASP will complete the VLAN assignment prior to DHCP completion. One area of concern arises when CDP packets are not sent by the client. In this case, a MAC-address-based ASP will wait 65 second prior to executing a trigger. The client may have completed DHCP and will not be aware that a VLAN change has occurred. If MAB was also enabled, an unknown client will be in the placed in the GUEST_VLAN. VLAN reassignments as a result of ASP are transparent to the client’s stack. This is also the case if a VLAN is manually changed on an enabled interface. Manual VLAN changes are accompanied by shutting and no shutting the interface. ASP does not do this for the built-in system macros. Table 7-18 Precedence Between ASP and MAB ASP recognized device MAB Authenticated Result NO NO GUEST VLAN NO YES LAST RESORT VLAN YES NO GUEST VLAN YES YES ASP ASSIGNED VLAN7-25 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Auto Smartports Verifying the VLAN Assignment on an Interface The best method to determine if an ASP has executed correctly is to validate the interface configuration. The macro description can be used to determine which macro has executed. The administrator should also review the configuration settings put in place by the macro. However, when MAB and ASP are running concurrently, the configuration cannot be used to determine the state of the interface. Instead the show interface switchport command may be used. The following example shows that the interface has executed the LAST_RESORT macro and therefore could be in VLAN 100 or VLAN 301, depending on the authentication result. ! interface GigabitEthernet1/0/39 description Overridden Macro-of-Last-Resort (Port Active) switchport access vlan 100 switchport mode access authentication event fail action authorize vlan 301 authentication event no-response action authorize vlan 301 authentication port-control auto mab eap macro description CISCO_LAST_RESORT_EVENT end The show command below indicates that the device was not authenticated and it currently is in VLAN 301: me-w-austin-3#sh int g1/0/39 swi Name: Gi1/0/39 Switchport: Enabled Administrative Mode: static access Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 301 (VLAN0301) ! <additional lines omitted > ! ASP with Multiple Attached CDP Devices In some situations, there may be two CDP devices on a single interface. A common case is seen with Cisco TelePresence. In this situation both the CTS codec and IP phone appear as CDP neighbors on a single port of the switch. There are other situations that could also arise, such as a downstream hub with multiple LLDP or CDP devices, although in a practical sense this is quite uncommon. Another case may be a CDP spoofing tool. In any case, the script will make an initial determination based on the first trigger selected. Once the macro has configured the interface with a macro description, no further configuration changes will be made. If a user incorrectly removes the macro description, the interface will be reconfigured on the next trigger event. Because only the first trigger is significant, there may be some concern as to which script will run when multiple devices are present. In the case of the CTS, the phone script will be triggered regardless of whether the codec or phone presents its CDP packet first. This is because the phone bit is set in both the CTS codec and its associated IP phone in the capabilities TLV and the script will override any host trigger with a phone trigger. Even if the codec presents a CDP packet first, the phone trigger will execute. If a hub is attached to an ASP port, several built-in macro scripts include port security that would likely err_disable the switch interface. In the academic situation where two different classes of CDP or LLDP devices may be attached to a hub, where port security is not being used and where each different type is a known ASP class device, then the first CDP packet seen would set the port configuration. Subsequent 7-26 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Location Services CDP packets from adjacent devices will not cause the interface to change configurations. Hubs are rarely seen in today’s networks. Even small four port devices are typically switching. Medianet devices would not typically be found attached via a hub, therefore the LAST_RESORT macro would likely be applied to any switchport supporting Enhanced ASP. Deployment Considerations When deploying Auto Smartports, the network administrator does not necessarily have to enable ASP macros across the entire switch. Instead the network administrator may wish to consider initially enabling ASP macros only on a range of interfaces. This method of incremental deployment may facilitate a smoother transition from the paradigm of manual configuration to that of auto configuration. For example, if the network administrator is only beginning the transition toward a medianet by deploying digital signage and IP video surveillance cameras over a converged IP infrastructure, he/she may choose to set aside the first several ports on access switches for DMPs and/or IP cameras. ASP macro processing would only need to be enabled for these “reserved” switchports. All end-user PCs and uplinks to other switches, routers, or access points would still be done via either Static Smartports or manual configuration. This methodology works best if the medianet devices (DMPs and IPVS cameras) are placed on a separate VLAN or VLANs from the data VLAN. The macro-of-last resort can be used to simply “quarantine” the medianet device to an unused VLAN if the built-in ASP macro failed to trigger. With this method, the network administrator can still gain the administrative advantages of auto configuration for what may be hundreds or thousands of medianet specific devices, such as IP cameras and DMPs across the network infrastructure. Normal change control mechanisms can be maintained for uplink ports and infrastructure devices such as routers, switches, and access points, since they do not utilize ASP macros in the initial phased rollout of auto configuration. The network administrator can disable the unused built-in ASP macros for these devices, as well as unused detection mechanisms. As the network administrator becomes more familiar with the use of ASP macros, the deployment can then be extended to include other devices as well as infrastructure connections if desired. Location Services Location Services is another feature of the Medianet Service Interface (MSI) that provides the ability for the Catalyst switch to send location information to a device via CDP or LLDP-MED. Future benefits of a medianet device learning its location from the network infrastructure may be the ability to customize the configuration of the device based upon its location or the ability to automatically display content based on its learned location. Catalyst access switches support the ability to pass either civic location information or emergency location information (ELIN) to devices via CDP or LLDP-MED in IOS revision 12.2(55)SE. Catalyst 4500 Series switches support the ability to pass either civic location information or ELIN to devices via LLDP-MED only in IOS revision 12.2(54)SG. This document will only address civic location information. Civic location is discussed under various IETF proposed standards, including RFCs 4119 and 5139. Civic location information can be configured on a global basis (for location elements which pertain to the entire switch) and on an interface-level basis (for location elements which pertain to the specific switchport). The configuration example in Table 7-19 shows and example of civic location information configured both globally and on a switchport.7-27 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Location Services The location of the switch—identified via the location civic-location identifier 1 global command—corresponds to the following hypothetical address: 12515 Research_Blvd, building 2, Austin, Texas, US, 33301. The location of the switchport extends the civic location via the location civic-location identifier 1 port-location interface-level command to identify the device as being in the Broken_Spoke room on floor two. The use of civic location in this manner does require the network administrator to manually keep accurate records as to which switchports are wired to which rooms within the facility. Note There are limitations regarding the total size of the location information which can be sent via CDP and LLDP. The network administrator should keep the location information size under 255 bytes. The network administrator can enable or disable the sending of location information via CDP on all ports for the entire switch with the cdp tlv location or no cdp tlv location global commands. For individual switchports, the network administrator can enable or disable the sending of location information via CDP with the cdp tlv location or no cdp tlv location interface-level commands. The network administrator can enable or disable the sending of location information via LLDP-MED for individual switchports with the lldp-med-tlv-select location or no lldp-med-tlv-select location interface-level commands. Currently the only medianet specific device which supports Location Services is the Cisco 4310G DMP running revision 5.2.2 software. Figure 7-3 shows the configuration of a Cisco 4310G DMP with location information which has been passed to the DMP via CDP from an attached Catalyst 2960-S switch. Table 7-19 Configuration Example 8—Example Civic Location Configuration ! location civic-location identifier 1 building 2 city Austin country US postal-code 33301 primary-road-name Research_Blvd state Texas number 12515 ! ! interface GigabitEthernet1/0/39 location civic-location-id 1 port-location floor 2 room Broken_Spoke !7-28 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration Summary Figure 7-3 GUI Interface of a Cisco 4310G DMP Showing Location Passed via CDP Note CiscoWorks LMS is targeted to add support for Location Services in an upcoming release. Future updates to this document may include details around LMS as it relates to Location Services. Summary Auto configuration can help facilitate the transition of the network infrastructure towards a medianet by easing the administrative burden of having to manually configure multiple switchports for devices such as digital media players (DMPs) and IP video surveillance (IPVS) cameras. The Auto Smartports (ASP) feature allows the network infrastructure to automatically detect a medianet device attached to a Cisco Catalyst switch via the Cisco Medianet Service Interface (MSI) and configure the switchport to support that particular device. Additionally, Location Services allow the switchport to send civic location information to the medianet device. Such location information may be used in the future for functionality such as customizing the configuration of the device based upon its location or automatically displaying content based upon the learned location of the medianet device.7-29 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration References References • Medianet Campus QoS Design 4.0: http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND_40/QoSCa mpus_40.html • Auto Smartports Configuration Guide, Release 12.2(55)SE: http://www.cisco.com/en/US/docs/switches/lan/auto_smartports/12.2_55_se/configuration/guide/a sp_cg.html • Configuring LLDP, LLDP-MED, and Wired Location Service: http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/12.2_55_se /configuration/guide/swlldp.html7-30 Medianet Reference Guide OL-22201-01 Chapter 7 Medianet Auto Configuration References Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) This document describes the Command Line Interface (CLI) commands that are available for the Cisco Unified Operating System. Contents This document comprises the following sections: • Starting a CLI Session, page 2 • CLI Basics, page 2 • Delete Commands, page 6 • File Commands, page 9 • Run Commands, page 19 • Set Commands, page 21 • Show Commands, page 40 • Unset Commnds, page 87 • Utils Commands, page 88 • Related Documentation, page 121 • Obtaining Documentation, Obtaining Support, and Security Guidelines, page 1222 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Starting a CLI Session Starting a CLI Session You can access the Cisco Unified Operating System CLI remotely or locally: • From a web client workstation, such as the workstation that you use for Cisco Unified Operating System Administration, you can use SSH to connect securely to the Cisco Unified Operating System. • You can access the Cisco Unified Operating System CLI directly by using the monitor and keyboard that you used during installation or by using a terminal server that is connected to the serial port. Use this method if a problem exists with the IP address. Before You Begin Ensure you have the following information that gets defined during installation: • A primary IP address and hostname • An administrator ID • A password You will need this information to log in to the Cisco IPT Platform. Perform the following steps to start a CLI session: Step 1 Do one of the following actions depending on your method of access: • From a remote system, use SSH to connect securely to the Cisco IPT Platform. In your SSH client, enter ssh adminname@hostname where adminname specifies the Administrator ID and hostname specifies the hostname that was defined during installation. For example, ssh admin@ipt-1. • From a direct connection, you receive this prompt automatically: ipt-1 login: where ipt-1 represents the host name of the system. Enter your administrator ID. In either case, the system prompts you for a password. Step 2 Enter your password. The CLI prompt displays. The prompt represents the Administrator ID; for example: admin: CLI Basics The following section contains basic tips for using the command line interface. • Completing Commands, page 3 • Getting Help on Commands, page 33 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 CLI Basics • Exiting a Command with the Ctrl-C Key Sequence, page 4 • Ending a CLI Session, page 5 Completing Commands To complete commands, use Tab: • Enter the start of a command and press Tab to complete the command. For example, if you enter se and press Tab, set gets completed. • Enter a full command name and press Tab to display all the commands or subcommands that are available. For example, if you enter set and press Tab, you see all the set subcommands. An * identifies the commands that have subcommands. • If you reach a command, keep pressing Tab, and the current command line repeats; this indicates that no additional expansion is available. Getting Help on Commands You can get two kinds of help on any command: • Detailed help that includes a definition of the command and an example of its use • Short query help that includes only command syntax Procedure To get detailed help, at the CLI prompt, enter help command Where command specifies the command name or the command and parameter. See Example 1-1. Note If you enter the help command without specifying the name of a particular command as the optional parameter, the system provides information about the CLI system. To query only command syntax, at the CLI prompt, enter command? Where command represents the command name or the command and parameter. See Example 1-2. Note If you enter a ? after a menu command, such as set, it acts like the Tab key and lists the commands that are available. Example 1-1 Detailed Help Example: admin:help file list activelog activelog help:4 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 CLI Basics This will list active logging files options are: page - pause output detail - show detailed listing reverse - reverse sort order date - sort by date size - sort by size file-spec can contain '*' as wildcards Example: admin:file list activelog platform detail 02 Dec,2004 12:00:59 <dir> drf 02 Dec,2004 12:00:59 <dir> log 16 Nov,2004 21:45:43 8,557 enGui.log 27 Oct,2004 11:54:33 47,916 startup.log dir count = 2, file count = 2 Example 1-2 Query Example: admin:file list activelog? Syntax: file list activelog file-spec [options] file-spec mandatory file to view options optional page|detail|reverse|[date|size] Exiting a Command with the Ctrl-C Key Sequence You can stop most interactive commands by entering the Ctrl-C key sequence, as shown in the following example: Example 3 Exiting a Command with Ctrl-C admin:utils system upgrade initiate Warning: Do not close this window without first exiting the upgrade command. Source: 1) Remote Filesystem 2) DVD/CD q) quit Please select an option (1 - 2 or "q" ): Exiting upgrade command. Please wait... Control-C pressed admin: Note If you execute the command utils system switch-version and enter Yes to start the process, entering Ctrl-C exits the command but does not stop the switch-version process.5 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 CLI Basics Ending a CLI Session At the CLI prompt, enter quit. If you are logged in remotely, you get logged off, and the ssh session gets dropped. If you are logged in locally, you get logged off, and the login prompt returns. The following sections list and describe the CLI commands that are available for the Cisco Unified Operating System. Conventions This document uses the following conventions: Notes use the following conventions: Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication. Timesavers use the following conventions: Timesaver Means the described action saves time. You can save time by performing the action described in the paragraph. Tips use the following conventions: Convention Description boldface font Commands and keywords are in boldface. italic font Arguments for which you supply values are in italics. [ ] Elements in square brackets are optional. { x | y | z } Alternative keywords are grouped in braces and separated by vertical bars. [ x | y | z ] Optional alternative keywords are grouped in brackets and separated by vertical bars. string A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks. screen font Terminal sessions and information the system displays are in screen font. boldface screen font Information you must enter is in boldface screen font. italic screen font Arguments for which you supply values are in italic screen font. This pointer highlights an important line of text in an example. ^ The symbol ^ represents the key labeled Control—for example, the key combination ^D in a screen display means hold down the Control key while you press the D key. < > Nonprinting characters, such as passwords, are in angle brackets.6 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Delete Commands Tip Means the information contains useful tips. Cautions use the following conventions: Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. Warnings use the following conventions: Warning This warning symbol means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, you must be aware of the hazards involved with electrical circuitry and familiar with standard practices for preventing accidents. Delete Commands This section contains descriptions of the following commands: • delete account, page 6 • delete cuc futuredelivery (Cisco Unity Connection Only), page 6 • delete cuc locale (Cisco Unity Connection Only), page 7 • delete dns, page 7 • delete ipsec, page 8 • delete process, page 8 • delete smtp, page 9 delete account This command allows you to delete an administrator account. Command Syntax delete account account-name Parameters • account-name represents the name of an administrator account. Requirements Command privilege level: 4 Allowed during upgrade: No delete cuc futuredelivery (Cisco Unity Connection Only) This command deletes all messages that have been marked for future delivery.7 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Delete Commands Command Syntax delete cuc futuredelivery Requirements Command privilege level: 1 Allowed during upgrade: Yes Example delete cuc futuredelivery Deleting File : UmssMtaFutureDelivery/UnityMbxDb1/5C56C086-E64B-11DC-9BAF-41FC55D89593.eml Deleting File : UmssMtaFutureDelivery/UnityMbxDb1/6D7DD796-E64B-11DC-A0E6-D1FD55D89593.eml Files : Found = 2, Deleted = 2 Note: Files that are in use cannot be deleted delete cuc locale (Cisco Unity Connection Only) This command deletes the specified locale and all of the associated files and settings from Connection. Command Syntax delete cuc locale locale-id Parameters • locale-id represents the ID of the locale that you want to delete. For a list of installed locales and their IDs, run the show cuc locales (Cisco Unity Connection Only) command. Be aware that locale IDs are case sensitive. Usage Guidelines Before you run this command, you must stop the Connection Conversation Manager and Connection Mixer services. After you run this command, you must restart the Connection Conversation Manager and Connection Mixer services. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example deletes the en-GB locale and all of the associated files and settings. delete cuc locale en-GB en-GB uninstalled delete dns This command allows you to delete the IP address for a DNS server.8 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Delete Commands Command Syntax delete dns ip-address Parameters • ip-address represents the IP address of the DNS server that you want to delete. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, this command causes a temporary loss of network connectivity. Requirements Command privilege level: 1 Allowed during upgrade: No delete ipsec This command allows you to delete IPSec policies and associations. Command Syntax delete ipsec policy {ALL | policy-name} association policy name {ALL | association-name} Parameters • policy-name represents an IPSec policy. • association-name represents an IPSec association. Requirements Command privilege level: 1 Allowed during upgrade: No delete process This command allows you to delete a particular process. Command Syntax delete process process-id [force | terminate | crash] Parameters • process-id represents the process ID number. Options • force—Tells the process to stop.9 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands • terminate—Tells the operating system to terminate the process. • crash—Crashes the process and produces a crash dump. Usage Guidelines Note Use the force option only if the command alone does not delete the process and use the terminate option only if force does not delete the process. Requirements Command privilege level: 1 Allowed during upgrade: Yes delete smtp This command allows you to delete the SMTP host. Command Syntax delete smtp Requirements Command privilege level: 1 Allowed during upgrade: No File Commands This section contains descriptions of the following commands: • file check, page 9 • file delete, page 10 • file dump, page 11 • file fragmentation sdi, page 12 • file fragmentation sdl, page 13 • file get, page 13 • file list, page 15 • file search, page 16 • file tail, page 17 • file view, page 18 file check This command checks the /usr directory tree to see whether any files or directories have been added, removed, or changed in size since the last fresh installation or upgrade and displays the results.10 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands Command Syntax file check [detection-size-kb] Options detection-size-kb specifies the minimum file size change that is required for the command to display the file as changed. Usage Guidelines The command notifies you about a possible impact to system performance and asks you whether you want to continue. Caution Because running this command can affect system performance, Cisco recommends that you run the command during off-peak hours. The display includes both deleted and new files. Defaults The default value of detection-size-kb specifies 100 KB. Requirements Command privilege level: 0 Allowed during upgrade: No file delete This command deletes one or more files. Command Syntax file delete activelog directory/filename [detail] [noconfirm] dir tftp directory [detail] inactivelog directory/filename [detail] [noconfirm] install directory/filename [detail] [noconfirm] license filename [detail] tftp directory/filename [detail] Parameters • activelog specifies a log on the active side. • dir tftp directory deletes the TFTP directory that is specified by directory. You cannot enter the wildcard character (*) in directory. • inactivelog specifies a log on the inactive side. • install specifies an installation log. • license filename deletes the license file that is specified by license. You can enter the wildcard character (*) as filename to delete all the license files.11 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands • tftp specifies a TFTP file. • directory/filename specifies the path and filename of the file(s) to delete. You can use the wildcard character, *, for filename. Options • detail—Displays a listing of deleted files with the date and time. • noconfirm—Deletes files without asking you to confirm each deletion. Usage Guidelines Caution You cannot recover a deleted file except, possibly, by using the Disaster Recovery System. You get prompted for confirmation after entering the command. You cannot delete directories or files that are in use. If you delete a TFTP data file on the inactive side, you may need to manually restore that file if you switch versions to the inactive side. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example deletes the install log. file delete install install.log file dump This command dumps the contents of a file to the screen, a page at a time. Command Syntax file dump activelog directory/filename [detail] [hex] activelog audit directory/filename [detail] [hex] inactivelog directory/filename [detail] [hex] inactivelog audit directory/filename [detail] [hex] install directory/filename [detail] [hex] sftpdetails filename [hex] [regexp expression] [recent] tftp directory/filename [detail] [hex] Parameters • activelog specifies a log on the active side. • activelog audit specifies an audit log on the active side. • inactivelog specifies a log on the inactive side.12 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands • inactivelog audit specifies an audit log on the inactive side. • install specifies an installation log. • sftpdetails specifies SFTP-related files. • tftp specifies a TFTP file. • directory/filename specifies the path and filename of the file to dump. You can use the wildcard character, *, for filename as long as it resolves to one file. • filename specifies the filename of the file to dump. Options • detail—Displays listing with the date and time • hex—Displays output in hexadecimal • regexp expression—Displays only the lines in the file that match the regular expression expression. • recent—Displays the most recently modified file in the directory. Usage Guidelines To determine which files you can dump with the sftpdetails parameter, first enter the following command: file list sftpdetails * The output lists the filenames that you can dump. Requirements Command privilege level: 1 for logs, 0 for TFTP files Allowed during upgrade: Yes Example This command dumps contents of file _cdrIndex.idx. file dump activelog cm/cdr/_cdrIndex.idx file fragmentation sdi This command displays file fragmentation information about SDI log files. Command Syntax file fragmentation sdi all outfilename file filename {verbose} most fragmented number most recent number Parameters • all records information about all files in the directory in the file that is specified by outfilename. • file displays information about the file that is specified by filename.13 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands • most fragmented displays information about the most fragmented files. • most recent displays information about the most recently logged fragmented file. • number specifies the number of files to list. Options • verbose—Displays more detailed information. Requirements Command privilege level: 1 Allowed during upgrade: Yes file fragmentation sdl This command displays file fragmentation information about SDL log files. Command Syntax file fragmentation sdl all outfilename file filename {verbose} most fragmented number most recent number Parameters • all records information about all files in the directory in the file that is specified by outfilename. • file displays information about the file that is specified by filename. • most fragmented displays information about the most fragmented files. • most recent displays information about the most recently logged fragmented file. • number specifies the number of files to list. Options • verbose—Displays more detailed information Requirements Command privilege level: 1 Allowed during upgrade: Yes file get This command sends the file to another system by using SFTP. Command Syntax file get activelog directory/filename [reltime] [abstime] [match] [recurs]14 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands activelog audit directory/filename [reltime] [abstime] [match] [recurs] inactivelog directory/filename [reltime] [abstime] [match] [recurs] inactivelog audit directory/filename [reltime] [abstime] [match] [recurs] install directory/filename [reltime] [abstime] [match] [recurs] partBsalog directory/filename [reltime] [abstime] [match] [recurs] salog directory/filename [reltime] [abstime] [match] [recurs] tftp directory/filename [reltime] [abstime] [match] [recurs] Parameters • activelog specifies a log on the active side. • activelog audit specifies an audit log on the active side. • inactivelog specifies a log on the inactive side. • inactivelog audit specifies an audit log on the inactive side. • install specifies an installation log. • partBsalog specifies the partBsalog log directory. • salog specifies the salog log directory. • tftp specifies a TFTP file. • directory/filename specifies the path to the file(s) to delete. You can use the wildcard character, *, for filename as long as it resolves to one file. Options • abstime—Absolute time period, specified as hh:mm:MM/DD/YY hh:mm:MM/DD/YY • reltime—Relative time period, specified as minutes | hours | days | weeks | months value • match—Match a particular string in the filename, specified as string value • recurs—Get all files, including subdirectories Usage Guidelines After the command identifies the specified files, you get prompted to enter an SFTP host, username, and password. Requirements Command privilege level: 0 Allowed during upgrade: Yes Examples This command gets all files in the activelog operating system directory that match the string “plat”. file get activelog platform match plat This command gets all operating system log files for a particular time period. file get activelog platform/log abstime 18:00:9/27/2005 18:00:9/28/200515 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands file list This command lists the log files in an available log directory. Command Syntax file list activelog directory [page] [detail] [reverse] [date | size] activelog audit directory [page] [detail] [reverse] [date | size] inactivelog directory [page] [detail] [reverse] [date | size] inactivelog audit directory [page] [detail] [reverse] [date | size] install directory [page] [detail] [reverse] [date | size] partBsalog directory [page] [detail] [reverse] [date | size] salog directory [page] [detail] [reverse] [date | size] tftp directory [page] [detail] [reverse] [date | size] Parameters • activelog specifies a log on the active side. • activelog audit specifies audit logs on the active side. • inactivelog specifies a log on the inactive side. • inactivelog audit specifies audit logs on the inactive side. • install specifies an installation log. • partBsalog specifies the partBsalog log directory. • salog specifies the salog log directory. • tftp specifies a TFTP file. • directory specifies the path to the directory to list. You can use a wildcard character, *, for directory as long as it resolves to one directory. Options • detail—Long listing with date and time • date—Sort by date • size—Sort by file size • reverse—Reverse sort direction • page—Displays the output one screen at a time. Requirements Command privilege level: 1 for logs, 0 for TFTP files Allowed during upgrade: Yes Examples This example lists operating system log files with details. file list activelog platform/log page detail16 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands This example lists directories in CDR repository. file list activelog cm/cdr_repository This example lists CDR files in a specified directory by size. file list activelog cm/cdr_repository/processed/20050812 size In Cisco Unity Connection and in Cisco Unified Communications Manager Business Edition, this example lists all files in the cuc log directory. file list activelog cuc * file search This command searches the content of a log and displays the matching lines a page at a time. Command Syntax file search activelog directory/filename reg-exp [abstime hh:mm:ss mm/dd/yyyy hh:mm:ss mm/dd/yyyy] [ignorecase] [reltime {days | hours | minutes} timevalue] activelog audit directory/filename reg-exp [abstime hh:mm:ss mm/dd/yyyy hh:mm:ss mm/dd/yyyy] [ignorecase] [reltime {days | hours | minutes} timevalue] inactivelog directory/filename reg-exp [abstime hh:mm:ss mm/dd/yyyy hh:mm:ss mm/dd/yyyy] [ignorecase] [reltime {days | hours | minutes} timevalue] inactivelog audit directory/filename reg-exp [abstime hh:mm:ss mm/dd/yyyy hh:mm:ss mm/dd/yyyy] [ignorecase] [reltime {days | hours | minutes} timevalue] install directory/filename reg-exp [abstime hh:mm:ss mm/dd/yyyy hh:mm:ss mm/dd/yyyy] [ignorecase] [reltime {days | hours | minutes} timevalue] tftp directory/filename reg-exp [abstime hh:mm:ss mm/dd/yyyy hh:mm:ss mm/dd/yyyy] [ignorecase] [reltime {days | hours | minutes} timevalue] Parameters • activelog specifies a log on the active side. • activelog audit specifies an audit log on the active side. • inactivelog specifies a log on the inactive side. • inactivelog audit specifies a log on the inactive side. • install specifies an installation log. • tftp specifies a TFTP file. • reg-exp represents a regular expression. • directory/filename represents the path to the file(s) to search. You can use the wildcard character, *, to represent all or part of the filename. Options • abstime—Specifies which files to search based on file creation time. Enter a start time and an end time. • days|hours|minutes—Specifies whether the file age is in days, hours, or minutes.17 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands • ignorecase—Ignores case when searching. • reltime—Specifies which files to search based on file creation time. Enter the age of files to search. • hh:mm:ss mm/dd/yyyy—An absolute time, in the format hours:minutes:seconds month/day/year. • timevalue—The age of files to search. Specify the unit of this value with the {days | hours | minutes} option. Usage Guidelines Write the search term in the form of a regular expression, which is a special text string for describing a search pattern. If the search term is found in only one file, the filename appears at the top of the output. If the search term is found in multiple files, each line of the output begins with the filename in which the matching line was found. Requirements Command privilege level: 0 Allowed during upgrade: Yes Example file search activelog platform/log/platform.log Err[a-z] ignorecase file tail This command tails (prints the last few lines) of a log file. Command Syntax file tail activelog directory/filename [detail] [hex] [lines] inactivelog directory/filename [detail] [hex] [lines] install directory/filename [detail] [hex] [lines] tftp directory/filename [detail] [hex] [lines] Parameters • activelog specifies a log on the active side. • inactivelog specifies a log on the inactive side. • install specifies an installation log. • tftp specifies a TFTP file. • directory/filename specifies the path to the file to tail. You can use the wildcard character, *, for filename as long as it resolves to one file. Options • detail—Long listing with date and time • hex—Hexadecimal listing • lines—Number of lines to display18 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 File Commands Requirements Command privilege level: 1 for logs, 0 for TFTP files Allowed during upgrade: Yes Example This example tails the operating system CLI log file. file tail activelog platform/log/cli00001.log file view This command displays the contents of a file. Command Syntax file view activelog directory/filename activelog audit directory/filename inactivelog directory/filename inactivelog audit directory/filename install directory/filename system-management-log tftp directory/filename Parameters • activelog specifies a log on the active side. • activelog audit specifies an audit log on the active side. • inactivelog specifies a log on the inactive side. • inactivelog audit specifies an audit log on the inactive side. • install specifies an installation log. • system-management-log displays the contents of the Integrated Management Logs (IML). • tftp specifies a TFTP file. • directory/filename specifies the path to the file to view. You can use the wildcard character, *, for filename as long as it resolves to one file. Usage Guidelines Caution Do not use this command to view binary files because this can corrupt the terminal session. Requirements Command privilege level: 0 Allowed during upgrade: Yes19 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Run Commands Examples This example displays the install log. file view install install.log This example displays a particular CDR file. file view activelog /cm/cdr_repository/processed/20058012/{filename} Run Commands This section contains descriptions of the following commands: • run cuc dbquery (Cisco Unity Connection Only), page 19 • run cuc sysagent task (Cisco Unity Connection Only), page 20 • run cuc vui rebuild (Cisco Unity Connection Only), page 20 • run loadxml, page 21 • run sql, page 21 run cuc dbquery (Cisco Unity Connection Only) This command runs an SQL query and displays the results. Command Syntax run cuc dbquery database_name sql_statement [page] Parameters • database_name specifies the database that sql_statement operates on. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. • sql_statement specifies the SQL query that you want to run. Option • page—Causes the output to display one page at a time. Be aware that Be aware that page is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes20 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Run Commands Example The following example runs the SQL query select alias from vw_usertemplate on the unitydirdb database. run cuc dbquery unitydirdb select alias from vw_usertemplate alias --------------------- AdministratorTemplate VoiceMailUserTemplate run cuc sysagent task (Cisco Unity Connection Only) This command runs a Sysagent task. Command Syntax run cuc sysagent task task_name Parameters • task_name specifies the name of the sysagent task that you want to run. For a list of Sysagent tasks, run the command show cuc sysagent task list (Cisco Unity Connection Only). Be aware that sysagent task names are case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example runs the Sysagent task CleanDeletedMessagesTask. run cuc sysagent task CleanDeletedMessagesTask CleanDeletedMessagesTask started run cuc vui rebuild (Cisco Unity Connection Only) This command instructs the voice recognition transport utility to immediately rebuild the voice recognition name grammars with any pending changes. Command Syntax run cuc vui rebuild Usage Guidelines Running this command will only rebuild grammars that have changes flagged in the database. This command ignores any name grammar update blackout schedules and will execute immediately. Due to the overhead of retrieving potentially large amounts of name-related data from the database, you should use this command sparingly and only when absolutely necessary.21 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes run loadxml Run this command as a workaround when service parameters or product-specific information does not appear in the administration window as expected. You may need to restart of some services after this command. Command Syntax run loadxml Requirements Command privilege level: 1 Allowed during upgrade: No run sql This command allows you to run an SQL command. Command Syntax run sql sql_statement Parameters • sql_statement represents the SQL command to run. Requirements Command privilege level: 1 Allowed during upgrade: No Example This example runs an SQL command. run sql select name from device Set Commands This section contains descriptions of the following commands: • set account, page 22 • set commandcount, page 23 • set cli pagination, page 23 • set cuc trace (Cisco Unity Connection Only), page 2522 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands • set ipsec, page 25 • set logging, page 26 • set network dhcp, page 26 • set network dns, page 27 • set network dns options, page 27 • set network domain, page 28 • set network failover, page 28 • set network gateway, page 28 • set network hostname (Cisco Unified Communications Manager Only), page 29 • set network ip, page 30 • set network ipv6, page 30 • set network mtu, page 31 • set network max_ip_conntrack, page 32 • set network nic, page 32 • set network pmtud, page 33 • set network restore, page 33 • set network status, page 34 • set password age maximum, page 34 • set password complexity character, page 35 • set password complexity minimum-length, page 35 • set password user, page 35 • set smtp, page 36 • set timezone, page 37 • set trace, page 37 • set web-security, page 39 • setset workingdir, page 40 set account This command sets up a new account on the operating system. Command Syntax set account name Parameters • name represents the username for the new account. Usage Guidelines After you enter the username, the system prompts you to enter the privilege level and password for the new account.23 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Requirements Command privilege level: 0 Allowed during upgrade: No set commandcount This command changes the CLI command prompt, so it displays how many CLI commands have executed. Command Syntax set commandcount {enable | disable} Parameters • enable turns on command count. • disable turns off command count. Requirements Command privilege level: 1 Allowed during upgrade: No set cli pagination For the current CLI session, this command turns automatic pagination On or Off. Command Syntax set cli pagination {on | off} Parameters • on turns pagination On. • off turns pagination Off. Requirements Level privilege: 1 Command privilege: 1 Allowed during upgrade: No Example admin:set cli pagination off Automatic pagination is turned off set cuc ldapfilter (Cisco Unity Connection Only) This command filters the users in the LDAP directory whose accounts can be accessed by Connection.24 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Command Syntax set cuc ldapfilter Usage Guidelines • You can only create one filter for each Connection server, so the LDAP filter must specify all of the users that you want to synchronize with Connection users that are homed on this Connection server. • When you configure LDAP synchronization in Connection, you can further filter the LDAP users by your choice of user search bases. • The filter must adhere to the LDAP filter syntax specified in RFC 2254, “The String Representation of LDAP Search Filters.” • The filter syntax is not verified, and no error message is returned. We recommend that you verify the LDAP filter syntax before you include it in this command. • After you run this command, you must do the following steps for the LDAP users specified by the filter to be accessible to Connection: a. Deactivate and reactivate the Cisco DirSync service. In Cisco Unified Serviceability, click Tools > Service Activation. Uncheck the check box next to Cisco DirSync, and click Save to deactivate the service. Then check the check box next to Cisco DirSync, and click Save to reactivate the service. b. Perform a full synchonization in Cisco Unity Connection Administration. • If you re-run this command and specify a filter that excludes some of the users who were accessible with the previous filter, the Connection users who are associated with the now-inaccessible LDAP users will be converted to standalone Connection users over the next two scheduled synchronizations or 24 hours, whichever is greater. The users will still be able to log on to Connection using the telephone user interface, callers can still leave messages for them, and their messages will not be deleted. However, they will not be able to log on to Connection web applications while Connection is converting them to standalone users, and after they have become standalone users, their web-application password will be the password that that was assigned when their Connection account was created. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example In the following example, values entered by the user are in bold. set cuc ldapfilter Please select the LDAP server type for which you wish to set the filter: 1 Microsoft Active Directory 2 Netscape or Sun ONE LDAP Server 3 OpenLDAP Selection: 3 Current filter: (objectclass=user) New Filter: (objectclass=inetOrgPerson)25 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Filter updated successfully. set cuc trace (Cisco Unity Connection Only) This command enables or disables the specified traces and trace levels. Command Syntax set cuc trace {enable | disable} trace_name level Parameters • enable enables Connection traces. Be aware that enable is case sensitive. • disable disables Connection traces. Be aware that disable is case sensitive. • trace_name specifies the name of the trace to enable or disable. Be aware that trace names are case sensitive. • level specifies the level(s) of trace_name that you want to enable or disable. Each trace comprises up to 31 levels, numbered 0 to 30; each level provides a different type of information for the specified trace. When you are enabling or disabling multiple levels, use a comma to separate levels and a hyphen to indicate a range of levels. Do not include spaces. Usage Guidelines To display a list of the traces and trace levels that are currently enabled, use the show cuc trace levels (Cisco Unity Connection Only) command. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example enables VUI traces 1, 13, and 17 through 20. set cuc trace enable VUI 1,13,17-20 VUI trace levels are now set to: 1,13,17-20 The following example disables vui traces 17 through 20. VUI trace levels 1 and 13 are still set. set cuc trace disable VUI 17-20 VUI trace levels are now set to: 1,13 set ipsec This command allows you to set IPSec policies and associations. Command Syntax set ipsec policy {ALL | policy-name} association policy-name {ALL | association-name}26 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Parameters • policy-name represents an IPSec policy. • association-name represents an IPSec association. Requirements Command privilege level: 1 Allowed during upgrade: No set logging This command allows you to enable or disable CLI Admin logs. Command Syntax set logging {enable | disable} Requirements Command privilege level: 0 Allowed during upgrade: No set network dhcp This command enables or disables DHCP for Ethernet interface 0. You cannot configure Ethernet interface 1. Command Syntax set network dhcp eth0 enable disable node_ip net_mask gateway_ip Parameters • eth0 specifies Ethernet interface 0. • enable enables DHCP. • disable disables DHCP. • node_ip represents the new static IP address for the server. • net_mask represnets the subnet mask for the server. • gateway_ip represents the IP address of the default gateway. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, this command causes the system to restart. Cisco also recommends that you restart all nodes whenever any IP address gets changed.27 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Requirements Command privilege level: 1 Allowed during upgrade: No set network dns This command sets the IP address for the primary or secondary DNS server. Command Syntax set network dns {primary | secondary} ip-address Parameters • ip-address represents the IP address of the primary or secondary DNS server. Usage Guidelines The system asks whether you want to continue to execute this command. Note If you change the IP address for the primary DNS server, you must also restart the Cisco Tomcat service. For more information, see the utils service command. Caution If you continue, this command causes a temporary loss of network connectivity. If you change the IP address of the DNS server, you must restart Cisco Tomcat and Cluster Manager. For more information, see utils service, page 118. Requirements Command privilege level: 1 Allowed during upgrade: No set network dns options This command sets DNS options. Command Syntax set network dns options [timeout seconds] [attempts number] [rotate] Parameters • timeout sets the DNS request timeout. • attempts sets the number of times to attempt a DNS request before quitting. • rotate causes the system to rotate among the configured DNS servers, distributing the load. • seconds specifies the DNS timeout period, in seconds. • number specifies the number of attempts.28 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Requirements Command privilege level: 0 Allowed during upgrade: Yes set network domain This command sets the domain name for the system. Command Syntax set network domain domain-name Parameters • domain-name represents the system domain that you want to assign. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, this command causes a temporary loss of network connectivity. Requirements Command privilege level: 1 Allowed during upgrade: No set network failover This command enables and disables Network Fault Tolerance on the Media Convergence Server network interface card. Command Syntax failover {enable | disable} Parameters • enable enables Network Fault Tolerance. • disable disables Network Fault Tolerance. Requirements Command privilege level: 1 Allowed during upgrade: No set network gateway This command enables you to configure the IP address of the network gateway.29 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Command Syntax set network gateway ip-address Parameters • ip-address represents the IP address of the network gateway that you want to assign. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, this command causes the system to restart. Requirements Command privilege level: 1 Allowed during upgrade: No set network hostname (Cisco Unified Communications Manager Only) Note For information on changing the host name of a Cisco Unity Connection server, see the “Renaming Cisco Unity Connection Servers” chapter in the applicable Reconfiguration and Upgrade Guide for Cisco Unity Connection at http://www.cisco.com/en/US/products/ps6509/prod_installation_guides_list.html. This commands sets the network host name and then causes a restart of the system. Command Syntax set network hostname hostname Parameters • hostname represents the new network hostname of the system. Note The host name must follow the rules for ARPANET host hames. It must start with an alphabetic character, end with an alphanumeric character, and consist of alphanumeric characters and hyphens. The host name can have have a maximum length of 63 characters. Usage Guidelines The system asks whether you want to coninue to execute this command. Caution If you continue, this command causes the system to restart. Requirements Level privilege: 1 Command privilege: 1 Allowed during upgrade: No30 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Example admin:set network hostname myname *** W A R N I N G *** This will cause the system to restart - Do you want to continue ? Enter "yes" to continue and restart or any other key to abort yes executing... Broadcast message from root (Thu Jun 24 13:00:21 2008): The system is going down for restart NOW! set network ip This command sets the IP address for Ethernet interface 0. You cannot configure Ethernet interface 1. Command Syntax set network ip eth0 ip-address ip-mask Parameters • eth0 specifies Ethernet interface 0. • ip-address represents the IP address that you want to assign. • ip-mask represents the IP mask that you want to assign. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, this command causes the system to restart. Requirements Command privilege level: 1 Allowed during upgrade: No set network ipv6 This command sets system and network options for IPv6. Note IPv6 is not supported in Cisco Unified Communications Manager Business Edition or Cisco Unity Connection. Command Syntax set network ipv6 dhcp {enable|disable} [reboot] service {enable|disable} [reboot]31 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands static_address ipv6_address mask [reboot] Parameters • dhcp enables or disables the DHCPv6 client on the server. By default, the server does not restart after you enable the DHCPv6 client. For your changes to take effect, you must restart the server by either entering the reboot parameter or manually restarting the server. • service enables or disables the IPv6 service on the server. By default, the server restarts after you enable or disable the IPv6 service. If you enter the noreboot parameter, the server does not restart automatically, and you must restart it manually before your changes take effect. • static_address assigns a static IPv6 address to the server. By default, the server does not restart after you assign the static IPv6 address. For your changes to take effect, you must restart the server by either entering the reboot parameter or manually restarting the server. • ipv6_address specifies the static IPv6 address you assign to the server. • mask specifies the IPv6 network mask (0-128). • reboot causes the server to automaticfally restart after you enter the command. Requirements Command privilege level: 1 Allowed during upgrade: No set network mtu This command sets the maximum MTU value. Command Syntax set network mtu mtu_max Parameters • mtu_max specifies the maximum MTU value. Note The system default MTU value equals 1500. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, the system will temporarily lose network connectivity. Requirements Level privilege: 1 Command privilege: 1 Allowed during upgrade: No Example admin:set network mtu 57632 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands *** W A R N I N G *** This will cause the system to temporarily lose network connectivity Do you want to continue ? Enter "yes" to continue or any other key to abort yes executing... set network max_ip_conntrack This command sets the ip_conntrack_max value. Command Syntax set network max_ip_conntrack ip_conntrack_max Parameters • ip_conntrack_max specifies the value for ip_conntrack_max. set network nic This command sets the properties of the Ethernet Interface 0. You cannot configure Ethernet interface 1. Command Syntax set network nic eth0 [auto en | dis] [speed 10 | 100] [duplex half | full] Parameters • eth0 specifies Ethernet interface 0. • auto specifies whether auto negotiation gets enabled or disabled. • speed specifies whether the speed of the Ethernet connection: 10 or 100 Mb/s. • duplex specifies half-duplex or full-duplex. Usage Guidelines The system asks whether you want to continue to execute this command. Note You can enable only one active NIC at a time. Caution If you continue, this command causes a temporary loss of network connections while the NIC gets reset. Requirements Command privilege level: 1 Allowed during upgrade: No33 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands set network pmtud This command enables and disables Path MTU Discovery. Command Syntax set network pmtud [enable | disable] Parameters • enable enables Path MTU Discovery. • disable disables Path MTU Discovery. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, the system will temporarily lose network connectivity. Requirements Level privilege: 1 Command privilege: 1 Allowed during upgrade: No Example admin:set network pmtud enable *** W A R N I N G *** This will cause the system to temporarily lose network connectivity Do you want to continue ? Enter "yes" to continue or any other key to abort yes executing... admin: set network restore This command configures the specified Ethernet port to use a specified static IP address. Caution Only use this command option if you cannot restore network connectivity by using any other set network commands. This command deletes all previous network settings for the specified network interface, including Network Fault Tolerance. After running this command, you must restore your previous network configuration manually. Caution The server temporarily loses network connectivity when you run this command. Command Syntax set network restore eth0 ip-address network-mask gateway34 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Parameters • eth0 specifies Ethernet interface 0. • ip-address specifies the IP address. • network-mask specifies the subnet mask. • gateway specifies the IP address of the default gateway. Requirements Command privilege level: 0 Allowed during upgrade: Yes set network status This command sets the status of Ethernet 0 to up or down. You cannot configure Ethernet interface 1. Command Syntax set network status eth0 {up | down} Parameters • eth0 specifies Ethernet interface 0. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, the system will temporarily lose network connectivity. Requirements Command privilege level: 1 Allowed during upgrade: No set password age maximum This command modifies the value for maximum password age, in days, for Cisco Unified Operating System accounts. Command Syntax set password age maximum days Parameters days specifies the maximum password age and must be greater-than or equal-to 90 days. Requirements Command privilege level: 1 Allowed during upgrade: No35 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands set password complexity character This command to enables password complexity rules for the type of characters in a password. Command Syntax set password complexity character {enable|disable} Parameters • enable turns on password complexity for characters. • disable turns off password complexity for characters. Usage Notes When you enable password complexity, you must follow these guidelines when assigning a password: • It must have at least one lower-case character. • It must have at least one uppercase, one digit, and one special character. • You cannot use adjacent characters on the keyboard. • You cannot reuse any of the previous ten passwords. • The admin user password can only be changed only once in 24 hours. Requirements Command privilege level: 1 Allowed during upgrade: No set password complexity minimum-length This command to modifies the value for the minimum password length for Cisco Unified Operating System accounts. Note Use this command only after you enable password character complexity. Command Syntax set password complexity minimum-length length Parameters • length specifies the minimum number of characters and must be greater-than or equal-to 6. Requirements Command privilege level: 1 Allowed during upgrade: No set password user This command allows you to change the administrator and security passwords.36 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Command Syntax set password user {admin | security} Parameters • admin specifies the administrator password. • security specifies the security password. Usage Guidelines The systems prompts you for the old and new passwords. Note The password must contain at least six characters, and the system checks it for strength. Servers in a cluster use the security password to authenticate communication between servers. You must reset the cluster after you change the security password. Procedure Step 1 Change the security password on the publisher server (first node) and then reboot the server (node). Step 2 Change the security password on all the subsequent servers/nodes to the same password that you created on the first node and restart subsequent nodes, including application servers, to propagate the password change. Note Cisco recommends that you restart each server after the password is changed on that server. Caution Failure to reboot the servers (nodes) causes system service problems and problems with the Cisco Unified Communications Manager Administration windows on the subscriber servers. Requirements Command privilege level: 1 Allowed during upgrade: No set smtp This command sets the SMTP server hostname. Command Syntax set smtp hostname Parameters • hostname represents the SMTP server name.37 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands Requirements Command privilege level: 0 Allowed during upgrade: No set timezone This command lets you change the system time zone. Command Syntax set timezone timezone Parameters • timezone specifies the new time zone. Note Although the list of available time zones produced by the show timezone list command includes Factory, Cisco Unified Communications Manager does not support the Factory time zone. Usage Guidelines Enter enough characters to uniquely identify the new time zone. Be aware that the time-zone name is case-sensitive. Caution You must restart the system after you change the time zone. Requirements Command privilege level: 0 Allowed during upgrade: No Example This example sets the time zone to Pacific time. set timezone Pac set trace This command sets trace activity for the specified task. Command Syntax set trace enable Error tname enable Special tname enable State_Transition tname enable Significant tname enable Entry_exit tname38 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands enable Arbitrary tname enable Detailed tname disable tname Parameters • tname represents the task for which you want to enable or disable traces. • enable Error sets task trace settings to the error level. • enable Special sets task trace settings to the special level. • enable State_Transition sets task trace settings to the state transition level. • enable Significant sets task trace settings to the significant level. • enable Entry_exit sets task trace settings to the entry_exit level. • enable Arbitrary sets task trace settings to the arbitrary level. • enable Detailed sets task trace settings to the detailed level. • disable unsets the task trace settings. Requirements Command privilege level: 1 Allowed during upgrade: No39 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Set Commands set web-security This command sets the web security certificate information for the operating system. Command Syntax set web-security orgunit orgname locality state [country alternatehostname] Parameters • orgunit represents the organizational unit (OU) name. Tip You can use this command to enter multiple organizational units. To enter more than one organizational unit name, separate the entries with a comma. For entries that already contain a comma, enter a backslash before the comma that is included as part of the entry. To enter multiple values for organizational unit, enclose them in quotation marks, as shown in the example for this command. • orgname represents the organizational name. • locality represents the organization location. • state represents the organization state. • country (optional) represents the organization country. • alternatehostname (optional) specifies an alternate name for the host when you generate a web-server (Tomcat) certificate. Note When you set an alternate-host-name parameter with the set web-security command, self-signed certificates for tomcat will contain the Subject Alternate Name extension with the alternate-host-name specified. CSR for Cisco Unified Communications Manager will contain Subject Alternate Name Extension with the alternate host name included in the CSR. Requirements Command privilege level: 0 Allowed during upgrade: No Example This example shows the set web-security command with multiple organizational unit names that include commas. set web-security “accounting,personnel\,CA,personnel\,MA” Cisco Milpitas CA In the above example, the certificate will have three OU fields: • OU=accounting • OU=personnel, CA • OU=personnel, MA40 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands set workingdir This command sets the working directory for active, inactive, and installation logs. Command Syntax set workingdir activelog directory inactivelog directory install directory tftp directory Parameters • activelog sets the working directory for active logs. • inactivelog set the working directory for inactive logs. • install sets the working directory for installation logs. • tftp sets the working directory for TFTP files. • directory represents the current working directory. Requirements Command privilege level: 0 for logs, 1 for TFTP Allowed during upgrade: Yes Show Commands This section contains descriptions of the following commands: • show account, page 43 • show cert, page 43 • show cli pagination, page 43 • show ctl, page 44 • show cuc cluster status (Cisco Unity Connection Only), page 44 • show cuc config groups (Cisco Unity Connection Only), page 44 • show cuc config settings (Cisco Unity Connection Only), page 45 • show cuc dbconsistency (Cisco Unity Connection Only), page 46 • show cuc dbcontents (Cisco Unity Connection Only), page 47 • show cuc dbschema (Cisco Unity Connection Only), page 47 • show cuc dbserver disk (Cisco Unity Connection Only), page 48 • show cuc dbserver session (Cisco Unity Connection Only), page 49 • show cuc dbserver sessions all (Cisco Unity Connection Only), page 50 • show cuc dbserver sessions list (Cisco Unity Connection Only), page 51 • show cuc dbserver user list (Cisco Unity Connection Only), page 5141 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands • show cuc dbserver user waiting (Cisco Unity Connection Only), page 52 • show cuc dbtable contents (Cisco Unity Connection Only), page 52 • show cuc dbtable list (Cisco Unity Connection Only), page 53 • show cuc dbtable schema (Cisco Unity Connection Only), page 54 • show cuc dbview contents (Cisco Unity Connection Only), page 55 • show cuc dbview list (Cisco Unity Connection Only), page 56 • show cuc dbview schema (Cisco Unity Connection Only), page 57 • show cuc locales (Cisco Unity Connection Only), page 58 • show cuc sysagent task list (Cisco Unity Connection Only), page 58 • show cuc sysagent task results (Cisco Unity Connection Only), page 59 • show cuc tech dbschemaversion (Cisco Unity Connection Only), page 59 • show cuc tech dbserver all (Cisco Unity Connection Only), page 60 • show cuc tech dbserver integrity (Cisco Unity Connection Only), page 60 • show cuc tech dbserver log diagnostic (Cisco Unity Connection Only), page 61 • show cuc tech dbserver log message (Cisco Unity Connection Only), page 61 • show cuc tech dbserver status (Cisco Unity Connection Only), page 62 • show cuc trace levels (Cisco Unity Connection Only), page 62 • show cuc version (Cisco Unity Connection Only), page 63 • show diskusage, page 63 • show environment, page 64 • show hardware, page 65 • show ipsec, page 65 • show logins, page 66 • show memory, page 66 • show myself, page 66 • show network, page 67 • show network ipprefs, page 68 • show network ipv6, page 69 • show open, page 69 • show packages, page 69 • show perf counterhelp, page 70 • show perf list categories, page 70 • show perf list classes, page 71 • show perf list counter, page 71 • show perf list instances, page 71 • show perf query class, page 72 • show perf query counter, page 72 • show perf query instance, page 7342 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands • show perf query path, page 73 • show process, page 74 • show registry, page 75 • show risdb, page 75 • show smtp, page 76 • show stats io, page 76 • show status, page 77 • show tech all, page 77 • show tech ccm_service, page 78 • show tech database, page 78 • show tech dbintegrity, page 78 • show tech dbinuse, page 78 • show tech dbschema, page 79 • show tech dbstateinfo, page 79 • show tech devdefaults, page 79 • show tech gateway, page 79 • show tech locales, page 80 • show tech network, page 80 • show tech notify, page 81 • show tech params all, page 81 • show tech params enterprise, page 81 • show tech params service, page 81 • show tech prefs, page 82 • show tech procedures, page 82 • show tech routepatterns, page 82 • show tech routeplan, page 82 • show tech runtime, page 83 • show tech systables, page 83 • show tech system, page 84 • show tech table, page 84 • show tech triggers, page 85 • show tech version, page 85 • show timezone, page 85 • show trace, page 86 • show ups status, page 86 • show version, page 87 • show web-security, page 87 • show workingdir, page 8743 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show account This command lists current administrator accounts, except the master administrator account. Command Syntax show account Requirements Command privilege level: 4 Allowed during upgrade: Yes show cert This command displays certificate contents and certificate trust lists. Command Syntax show cert own filename trust filename list {own | trust} Parameters • filename represents the name of the certificate file. • own specifies owned certificates. • trust specifies trusted certificates. • list specifies a certificate trust list. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example This command displays owned certificate trust lists. show cert list own show cli pagination This command diplays the status of automatic CLI pagination. Command Syntax show cli pagination44 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Parameters None Requirements Level privilege: 0 Command privilege: 0 Allowed during upgrade: Yes Example admin: show cli pagination Automatic Pagination : Off. show ctl This command displays the contents of the Certificate Trust List (CTL) file on the server. It notifies you if the CTL is not valid. Command Syntax show ctl show cuc cluster status (Cisco Unity Connection Only) This command shows the status of the servers in the cluster.. Command Syntax show cuc cluster status Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc cluster status Server Name Member ID Server State Internal State Reason -------------- --------- ------------ -------------- ------ cuc-server-1 0 Primary Pri Active Normal cuc-server-2 1 Secondary Sec Active Normal show cuc config groups (Cisco Unity Connection Only) This command displays a list of the valid configuration group names. Command Syntax show cuc config groups [page]45 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Usage Guidelines To see a list of the settings for a specified group, run the command show cuc config settings (Cisco Unity Connection Only). Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc config groups CiscoLicensing ConfigurationAssistant Conversations Directory Groupware LogMgr Messaging : : Telephony show cuc config settings (Cisco Unity Connection Only) This command displays the settings and values for a specified group of Connection configuration settings. Command Syntax show cuc config settings group_name [page] Parameter • group_name specifies the name of the configuration group whose settings you want to display. To see a list of valid group names, run the command show cuc config groups (Cisco Unity Connection Only). Be aware that group names are case sensitive. Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example shows the configuration settings for the group SA. show cuc config settings SA46 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands SA Setting Value ------------------ ----- SessionTimeout 20 Use24HrClockFormat 0 show cuc dbconsistency (Cisco Unity Connection Only) This command checks the tables and indexes of a specified database for inconsistencies. Command Syntax show cuc dbconsistency database_name Parameters • database_name specifies the name of the database that you want to check. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. Usage Guidelines When the command completes, the system saves detailed information in a log file and displays a summary of the results, including the location of the log file. Use the file commands to display the contents of the file. Caution Checking database consistency makes a significant impact on system performance. Run this command only when little or no system activity is occurring. After the operation begins, you cannot cancel it. Do not restart the server during the operation; the operation must complete successfully before Connection will function properly. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example checks the consistency of the unityrptdb database. show cuc dbconsistency unityrptdb Checking consistency of unityrptdb tables. Please wait. Consistency check of unityrptdb tables successful. Validation of unityrptdb indexes successful. Output is in file: cuc/cli/consistency_unityrptdb_070404-123636.txt47 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show cuc dbcontents (Cisco Unity Connection Only) This command exports the data from a specified database to a CSV file. Command Syntax show cuc dbcontents database_name Parameters • database_name specifies the name of the database whose data you want to export to a CSV file. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. Usage Guidelines When the command completes, the location of the CSV file displays. Use the file commands to display the contents of the file. Caution Saving the contents of a database to a CSV file affects system performance. Run this command only when little or no system activity is occurring. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example exports the data from the unitydirdb database to a CSV file and displays the location of the file. show cuc dbcontents unitydirdb This operation may take a few minutes to complete. Please wait. Output is in file: cuc/cli/contents_unitydirdb_070404-124027.csv show cuc dbschema (Cisco Unity Connection Only) This command exports the SQL statements that are necessary to replicate the schema for a specified database to a file.48 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Command Syntax show cuc dbschema database_name Parameters • database_name specifies the name of the database whose schema you want to export. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. Usage Guidelines When the command completes, the location of the file displays. Use the file commands to display the file. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example exports the schema of the unitydirdb database to a file and displays the location of the file. show cuc dbschema unitydirdb Output is in file: cuc/cli/schema_unitydirdb_061013-115815.sql show cuc dbserver disk (Cisco Unity Connection Only) This command displays summary information about Informix storage space for all Connection databases on the current server. Command Syntax show cuc dbserver disk [page | file] Options • page—Causes the output to display one page at a time. Be aware that page is case sensitive. • file—Saves the output to a file. If you include this option, the summary includes the location of the file. Be aware that file is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes49 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Example show cuc dbserver disk Dbspaces ======== Dbspace Dbspace Size Used Free Percent Number Name MB MB MB Free ------- ------------------ ------ ----- ------ ------- 1 rootdbs 300.0 107.3 192.7 64 2 ciscounity_sbspace 20.0 19.0 1.0 5 Chunks ====== Size Free Chunk Offset MB MB Path ----- ------ ------ ------ ------------------------------------------------- 1 0 300.0 192.7 /var/opt/cisco/connection/db/root_dbspace 2 250 20.0 1.0 /usr/local/cm/db/informix/databases/ciscounity_sbspace show cuc dbserver session (Cisco Unity Connection Only) This command displays summary information about a specified Informix database user session. Command Syntax show cuc dbserver session session_id [page | file] Parameter • session_id specifies the database user session for which you want to display summary information. To get a list of current sessions, use either the show cuc dbserver sessions list (Cisco Unity Connection Only) command or the show cuc dbserver user list (Cisco Unity Connection Only) command. Options • page—Causes the output to display one page at a time. Be aware that page is case sensitive. • file—Saves the output to a file. If you include this option, the summary includes the location of the file. Be aware that file is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example displays summary information about database user session 63. show cuc dbserver session 63 IBM Informix Dynamic Server Version 10.00.UC4W3 -- On-Line -- Up 5 days 20:38:40 -- 255716 Kbytes session #RSAM total used dynamic id user tty pid hostname threads memory memory explain 63 dbuser - 11488 smilliga 1 184320 143808 off 50 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands tid name rstcb flags curstk status 108 sqlexec 4bedd2b0 Y--P--- 4064 cond wait(netnorm) Memory pools count 1 name class addr totalsize freesize #allocfrag #freefrag 63 V 4e774020 180224 38064 134 30 name free used name free used sql 0 40 rdahead 0 448 Sess SQL Current Iso Lock SQL ISAM F.E. Id Stmt type Database Lvl Mode ERR ERR Vers Explain 63 - ccm0500v0000 CR Wait 30 0 0 9.03 Off Last parsed SQL statement : select paramvalue from processconfig where paramName='RisCleanupTimeOftheDay' show cuc dbserver sessions all (Cisco Unity Connection Only) This command displays summary information about all the current Informix database user sessions. Command Syntax show cuc dbserver sessions all [page | file] Options • page—Causes the output to display one page at a time. Be aware that page is case sensitive. • file—Saves the output to a file. If you include this option, the summary includes the location of the file. Be aware that file is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc dbserver sessions all IBM Informix Dynamic Server Version 10.00.UC4W3 -- On-Line -- Up 5 days 20:38:40 -- 255716 Kbytes session #RSAM total used dynamic id user tty pid hostname threads memory memory explain 63 dbuser - 11488 smilliga 1 184320 143808 off tid name rstcb flags curstk status 108 sqlexec 4bedd2b0 Y--P--- 4064 cond wait(netnorm) Memory pools count 1 name class addr totalsize freesize #allocfrag #freefrag 63 V 4e774020 180224 38064 134 30 name free used name free used opentable 0 3256 filetable 0 704 Sess SQL Current Iso Lock SQL ISAM F.E.51 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Id Stmt type Database Lvl Mode ERR ERR Vers Explain 63 - ccm0500v0000 CR Wait 30 0 0 9.03 Off Last parsed SQL statement : select paramvalue from processconfig where paramName='RisCleanupTimeOftheDay' show cuc dbserver sessions list (Cisco Unity Connection Only) This command displays a list of the current Informix database user sessions. Command Syntax show cuc dbserver sessions list [page] Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Usage Guidelines The names of internal database users generally correspond with the names of Connection components. Run this command before you run the show cuc dbserver session (Cisco Unity Connection Only) command to obtain the required session id. Results are sorted by session id. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc dbserver sessions list Session Database User PID ------- ----------- ------------------ ---- 14 unitydirdb tomcat 4707 4986 unitydirdb cudbeventpublisher 5818 show cuc dbserver user list (Cisco Unity Connection Only) This command displays a list of the active Connection internal database users. Command Syntax show cuc dbserver user list [page] Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Usage Guidelines The names of internal database users generally correspond with the names of Connection components. 52 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Results get sorted first by database and then by user. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc dbserver user list Database User Session PID ----------- ------------------ ------- ---- unitydirdb tomcat 18 4707 unitydirdb cunotifier 5064 8690 unitydirdb cumta 5028 8504 unitydirdb cumixer 5018 8190 unitydirdb cuscavenger 5114 8943 show cuc dbserver user waiting (Cisco Unity Connection Only) This command displays a list of the Connection internal users, if any, that are waiting for a resource. Command Syntax show cuc dbserver user waiting [page] Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Usage Guidelines The names of internal database users generally correspond with the names of Connection components. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc dbserver user waiting User Session Waiting On Name ID Latch Lock Buffer Chkpt Trans In Crit ------------------ ------- ----- ---- ------ ----- ----- ------- cucsmgr 5403 N N N N N N cudbeventpublisher 4989 N N N N N N cugalsvc 5097 N N N N N N show cuc dbtable contents (Cisco Unity Connection Only) This command exports the contents of a specified Connection table to a CSV file.53 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Command Syntax show cuc dbtable contents database_name table_name Parameters • database_name specifies the database that contains the table whose contents you want to export to a CSV file. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. • table_name specifies the table whose contents you want to export to a CSV file. For a list of the tables in a specified database, use the show cuc dbtable list (Cisco Unity Connection Only) command. Be aware that table names are case sensitive. Usage Guidelines When the command completes, the location of the CSV file displays. Use the file commands to display the contents of the file. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc dbtable contents unitydirdb tbl_cos Output is in file: cuc/cli/contents_tbl_cos_1013-113910.csv show cuc dbtable list (Cisco Unity Connection Only) This command displays a list of the tables in a specified database. Command Syntax show cuc dbtable list database_name [page] Parameter • database_name specifies the database for which you want a list of tables. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. 54 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. Option • page—Causes the output to display one page at a time. Be aware that page is is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc dbtable list unitydirdb tbl_accountlogonpolicy tbl_agency tbl_agencyextensionrange tbl_alias tbl_alternatename tbl_broadcastmessage tbl_broadcastmessagerecipient ... tbl_waveformat show cuc dbtable schema (Cisco Unity Connection Only) This command displays a description for a specified table and a list of the columns in the table. Command Syntax show cuc dbtable schema database_name table_name [page] Parameters • database_name specifies the database that contains the table whose schema you want to display. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. • table_name specifies the table whose schema you want to display. For a list of the tables in a specified database, use the show cuc dbtable list (Cisco Unity Connection Only) command. Be aware that table names are case sensitive.55 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example displays the schema for the table tbl_user in the database unitydirdb. show cuc dbtable schema unitydirdb tbl_cos A collection of service privileges for subscribers that control access to features and use of the system into classes. Class Of Service objects determine which features a subscriber is licensed to use, the maximum length of their greetings and messages, what numbers they are allowed to dial, and what options are available to the subscriber among other things. Columns: displayname movetodeletefolder accessunifiedclient ... accesslivereply show cuc dbview contents (Cisco Unity Connection Only) This command saves the results from a specified SQL view in a CSV file. Command Syntax show cuc dbview contents database_name view_name Parameters • database_name specifies the database that contains the view whose results you want to save to a file. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. • view_name specifies the view whose results you want to save to a file. For a list of the views in a specified database, use the show cuc dbview list (Cisco Unity Connection Only) command. Be aware that view names are case sensitive. Usage Guidelines When the command completes, the location of the CSV file displays. Use the file commands to display the contents of the file. 56 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example saves the results from the view vw_cos, in the database unitydirdb, to a CSV file. show cuc dbview contents unitydirdb vw_cos Output is in file: cuc/cli/contents_vw_cos_061013-113910.csv show cuc dbview list (Cisco Unity Connection Only) This command displays a list of the views in a specified database. Command Syntax show cuc dbview list database_name [page] Parameter • database_name specifies the database for which you want a list of views. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example displays a list of the views in the unitydirdb database. show cuc dbview list unitydirdb vw_agency vw_agencyextensionrange vw_alias vw_alternatename vw_broadcastmessage vw_broadcastmessagerecipient vw_callaction ... vw_waveformat57 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show cuc dbview schema (Cisco Unity Connection Only) This command displays the schema for a specified view. Command Syntax show cuc dbview schema database_name view_name [page] Parameters • database_name specifies the database that contains the view for which you want to display the schema. Be aware that database names are case sensitive. Connection databases include – unitydirdb—contains the directory and configuration data. – unitydyndb—contains dynamic data that Connection uses internally. – unitymbxdb1 to unitymbxdb5—contains the data about the current voice messages in the corresponding mailbox store, including pointers to the audio files that are stored in the file system. If only one mailbox store is configured, the name of the mailbox store database is always unitymbxdb1. – unityrptdb—contains audit log data. • view_name specifies the view for which you want to display the schema. For a list of the views in a specified database, use the show cuc dbview list (Cisco Unity Connection Only) command. Be aware that view names are case sensitive. Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example displays the schema for the view vw_user in the database unitydirdb. show cuc dbview schema unitydirdb vw_cos A simple view for tbl_Cos. Columns: objectid accessfaxmail accesstts callholdavailable callscreenavailable canrecordname ... requiresecuremessages58 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show cuc locales (Cisco Unity Connection Only) This command displays a list of the locales currently installed. Command Syntax show cuc locales Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc locales Installed Locale Package Locale ------------------------- ------ uc-locale-en_GB-6.0.0.0-0 en-GB uc-locale-fr_CA-6.0.0.0-0 fr-CA show cuc sysagent task list (Cisco Unity Connection Only) This command displays a list of the Sysagent tasks. Command Syntax show cuc sysagent task list [page] Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Usage Guidelines To run a sysagent task, use the run cuc sysagent task (Cisco Unity Connection Only) command. If the value of the Is Singleton column is Y for a specified task, the task can only be run on the primary server in a multi-server cluster. If this server is standalone, then all tasks will run on this server. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc sysagent task list Task Name Is Singleton -------------------------------------- ------------ BroadcastMessagePurge N CallManagerSubscriberTemplateSynchTask Y CallManagerUserSynchTask Y CleanDeletedMessagesTask Y CleanDirectoryStreamFilesTask N CleanOrphanAttachmentFilesTask Y ...59 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands UpdateDatabaseStats N show cuc sysagent task results (Cisco Unity Connection Only) This command displays the time(s) at which the specified task started and completed, with the most recent time listed first. Command Syntax show cuc sysagent task results task_name [page] Parameters • task_name specifies the task for which you want to display information about when the task was started and completed. For a list of task names, run the show cuc sysagent task list (Cisco Unity Connection Only) command. Be aware that task names are case sensitive. Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Usage Guidelines To run a Sysagent task, use the run cuc sysagent task (Cisco Unity Connection Only) command. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example The following example displays the times at which the Sysagent task CleanDeletedMessages started and completed. show cuc sysagent task results CleanDeletedMessagesTask Time Started Time Completed ----------------------- ----------------------- 2006-10-25 17:31:45.689 2006-10-25 17:31:45.785 2006-10-25 17:16:45.702 2006-10-25 17:16:45.742 2006-10-25 17:01:45.690 2006-10-25 17:01:45.730 show cuc tech dbschemaversion (Cisco Unity Connection Only) This command displays the schema version information for each database. Command Syntax show cuc tech dbschemaversion [page] Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive.60 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc tech dbschemaversion unitydirdb ========== Schema Version Product Version Date -------------- --------------- --------------------- 1.2.363 2.1 2007-02-13 19:10:50.0 show cuc tech dbserver all (Cisco Unity Connection Only) This command runs all the show cuc tech commands in sequence and saves the results in a text file. Command Syntax show cuc tech dbserver all Usage Guidelines When the command completes, detailed information gets saved in a text file, and the location of the text file displays. Use the file commands to display the contents of the file. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc tech dbserver all Output is in file: cuc/cli/dbserverall_061013-111801.txt show cuc tech dbserver integrity (Cisco Unity Connection Only) This command checks the integrity of the Informix database server storage space structure. Command Syntax show cuc tech dbserver integrity Usage Guidelines When the command completes, detailed information gets saved in a text file, and a summary of the results displays, including the location of the file. Use the file commands to display the contents of the file. Be aware that the following warning is expected and should be ignored in the output file: WARNING: No syssyntable records found61 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc tech dbserver integrity Database system catalog tables were successfully validated. Database disk extents were successfully validated. Database reserved pages were successfully validated. Output is in file: cuc/cli/integrity_061013-95853.txt show cuc tech dbserver log diagnostic (Cisco Unity Connection Only) This command checks for the existence of Informix assertion-failure and shared-memory-dump logs. Command Syntax show cuc tech dbserver log diagnostic Usage Guidelines If the logs exist, their location displays. Use the file commands to display the contents of the files. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc tech dbserver log diagnostic The following Informix logs are available for the UC database server: core/af.3599c core/af.36858 show cuc tech dbserver log message (Cisco Unity Connection Only) This command displays the last n lines of the Informix message log. Command Syntax show cuc tech dbserver log message [lines] [page] Parameter • lines specifies the number of lines that display at the end of the Informix message log. If the lines parameter is not included, the last 20 lines of the log are displayed.62 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc tech dbserver log message Message Log File: online.ciscounity.log 18:09:01 Fuzzy Checkpoint Completed: duration was 0 seconds, 6 buffers not flushed. 18:09:01 Checkpoint loguniq 57, logpos 0x208418, timestamp: 0x33b807 18:09:01 Maximum server connections 159 18:14:01 Fuzzy Checkpoint Completed: duration was 0 seconds, 6 buffers not flushed. 18:14:01 Checkpoint loguniq 57, logpos 0x20a57c, timestamp: 0x33b9fc show cuc tech dbserver status (Cisco Unity Connection Only) This command saves a detailed status report of the database server instance to a file. Command Syntax show cuc tech dbserver status Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc tech dbserver status Output is in file: cuc/cli/status_061013-95031.txt show cuc trace levels (Cisco Unity Connection Only) This command displays a list of all the diagnostic traces and trace levels that are currently enabled. Command Syntax show cuc trace levels [page] Option • page—Causes the output to display one page at a time. Be aware that page is case sensitive. Usage Guidelines To enable or disable specified traces and trace levels, use the set cuc trace (Cisco Unity Connection Only) command.63 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc trace levels Trace Name Levels ------------------------- -------------- Arbiter - AudioStore 0 AxlAccess - BulkAdministrationTool 0 CCL 10,11 CDE 3,14 CDL 11,13,15,17 : : VirtualQueue - show cuc version (Cisco Unity Connection Only) This command displays the Cisco Unity Connection version that is currently installed on the active and inactive partitions. Command Syntax show cuc version Usage Guidelines This command always displays the version in the active partition. If the active partition contains an upgrade, the command will also show the version in the inactive partition. The current Engineering Special, if any, also displays. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example show cuc version Active version: 7.0.1.10000-323 Inactive version: 7.0.0.39700-277 show diskusage This command displays information about disk usage on the server. Command Syntax show diskusage64 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands activelog {filename filename | directory | sort} common {filename filename | directory | sort} inactivelog {filename filename | directory | sort} install {filename filename | directory | sort} tftp {filename filename | directory | sort} tmp {filename filename | directory | sort} Parameters • activelog displays disk usage information about the activelog directory. • common displays disk usage information about the common directory. • inactivelog displays disk usage information about the inactivelog directory. • install displays disk usage information about the install directory. • tftp displays disk usage information about the TFTP directory. • tmp displays disk usage information about the TMP directory. Options • filename filename—Saves the output to a file that is specified by filename. These files get stored in the platform/cli directory. To view saved files, use the file view activelog command. • directory—Displays just the directory sizes. • sort—Sorts the output on the basis of file size. File sizes display in 1024-byte blocks. Requirements Command privilege level: 0 Allowed during upgrade: Yes show environment This command displays environmental information for three types of hardware components. Command Syntax show environment fans power-supply temperatures Options • fans—Displays the fan speeds in Rotations per Minute (RPMs), fan-speed thresholds, and status. • power-supply—Displays the power-supply status only on servers with redundant power supplies. • temperatures—Displays the temperture sensor temperature values, thresholds, and status. Note The output data from the show environment command varies between IBM and HP server models.65 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show hardware This command displays the following information on the platform hardware. Command Syntax show hardware Usage Guidelines This command displays the following information on the platform hardware: • Platform • Serial number • BIOS build level • BIOS manufacturer • Active processors • RAID controller status Requirements Command privilege level: 0 Allowed during upgrade: Yes show ipsec This command displays information on IPSec policies and associations. Command Syntax show ipsec policy association policy information policy association status Parameters • policy displays all IPSec policies on the node. • association displays the association list and status for the policy. • information displays the association details and status for the policy. • status displays the status of all IPsec tunnels that are defined in the system. • policy represents the name of a specific IPSec policy. • association represents the association name. Requirements Command privilege level: 166 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Allowed during upgrade: yes Example This example displays IPSec policies. show ipsec policy show logins This command lists recent logins to the server. Command Syntax show logins number Parameters number specifies the number of most recent logins to display. The default equals 20. show memory This command displays information about the onboard memory. Command Syntax show memory count modules size Options • count—Displays the number of memory modules on the system. • modules—Displays detailed information about all the memory modules. • size—Displays the total amount of physical memory. Parameters None show myself This command displays information about the current account. Command Syntax show myself Requirements Command privilege level: 067 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Allowed during upgrade: Yes show network This command displays network information. Command Syntax show network cluster eth0 [detail] failover [detail] [page] route [detail] status [detail] [listen] [process] [all] [nodns] [search stext] ip_conntrack max_ip_conntrack dhcp eth0 status all [detail] Parameters • cluster displays a list of the nodes in the network cluster. • eth0 specifies Ethernet 0. • failover specifies Network Fault Tolerance information. • route specifies network routing information. • status specifies active Internet connections. • ip_conntrack specifies ip_conntrack usage information. • max_ip_conntrack specifies max_ip_conntrack information. • dhcp eth0 status displays DHCP status information. • all specifies all basic network information. Options • detail—Displays additional information. • page—Displays information 1 page at a time. • listen—Displays only listening sockets • process—Displays the process ID and name of the program to which each socket belongs. • all—Displays both listening and nonlistening sockets. • nodns—Displays numerical addresses without any DNS information. • search stext—Searches for the stext in the output. Usage Guidelines The eth0 parameter displays Ethernet port 0 settings, including DHCP and DNS configurations and options.68 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 0 Allowed during upgrade: Yes Example This example displays active Internet connections. show network status show network ipprefs This command displays the list of ports that have been requested to be opened or translated in the firewall. Command Syntax ipprefs {all | enabled | public} Parameters all—Displays all incoming ports that may be used on the product. enabled—Displays all incoming ports that are currently opened. public—Displays all incoming ports that are currently opened for any remote client. Requirements Level privilege: 0 Command privilege: 0 Allowed during upgrade: Yes Example admin:show network ipprefs public Application IPProtocol PortValue Type XlatedPort Status Description ------------ ------------ ------------ ------------ ------------ ------------ ------------ sshd tcp 22 public - enabled sftp and ssh access tomcat tcp 8443 translated 443 enabled secure web access tomcat tcp 8080 translated 80 enabled web access clm udp 8500 public - enabled cluster manager clm tcp 8500 public - enabled cluster manager ntpd udp 123 public - enabled network time sync snmpdm udp 161 public - enabled SNMP ccm tcp 2000 public - enabled SCCP-SIG ctftp udp 6969 translated 69 enabled TFTP access to CUCM TFTP Server ctftp tcp 6970 public - enabled HTTP access to CUCM TFTP Server admin:69 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show network ipv6 This command displays IPv6 network routes and network settings. Note IPv6 is not supported in Cisco Unified Communications Manager Business Edition or Cisco Unity Connection. Command Syntax show network ipv6 {route|settings} Parameters route displays all IPv6 routes. settings displays IPv6 network settings. Command privilege: 0 Allowed during upgrade: Yes show open This command displays open files and ports on the system. Command Syntax show open files [all] [process processID] [regexp reg_exp] ports [all] [regexp reg_exp] Parameters • files displays open files on the system. • ports displays open ports on the system. Options • all—Displays all open files or ports. • process—Displays open files that belong to the specified process. • processID—Specifies a process. • regexp—Displays open files or ports that match the specified regular expression. • reg_exp—Represents a regular expression. show packages This command displays the name and version for installed packages. Command Syntax show packages active name [page]70 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands inactive name [page] Parameters name represents the package name. To display all active or inactive packages, use the wildcard character, *. Options • page—Displays the output one page at a time Requirements Command privilege level: 0 Allowed during upgrade: Yes show perf counterhelp This command displays the explanation text for the specified perfmon counter. Command Syntax show perf counterhelp class-name counter-name Parameters • class-name represents the class name that contains the counter. • counter-name represents the counter that you want to view. Note If the class name or counter name contains white spaces, enclose the name in double quotation marks. Requirements Command privilege level: 0 Allowed during upgrade: Yes show perf list categories This command lists all categories in the perfmon system. Command Syntax show perf list categories Requirements Command privilege level: 0 Allowed during upgrade: Yes71 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show perf list classes This commands lists the perfmon classes or objects. Command Syntax show perf list classes [cat category] [detail] Options • detail—Displays detailed information • cat category—Displays perfmon classes for the specified category Requirements Command privilege level: 0 Allowed during upgrade: Yes show perf list counter This command lists perfmon counters for the specified perfmon class. Command Syntax list counters class-name [detail] Parameters class-name represents a perfmon class name for which you want to list the counters. Note If the class name or counter name contains white spaces, enclose the name in double quotation marks. Options detail—Displays detailed information Requirements Command privilege level: 0 Allowed during upgrade: Yes show perf list instances The command lists the perfmon instances for the specified perfmon class. Command Syntax list instances class-name [detail] Parameters class-name represents a perfmon class name for which you want to list the counters.72 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Note If the class name contains white spaces, enclose the name in double quotation marks. Options detail—Displays detailed information Requirements Command privilege level: 0 Allowed during upgrade: Yes show perf query class This command queries a perfmon class and displays all the instances and counter values of each instance. Command Syntax show perf query class class-name [,class-name...] Parameters class-name specifies the perfmon class that you want to query. You can specify a maximum of five classes per command. Note If the class name contains white spaces, enclose the name in double quotation marks. Requirements Command privilege level: 0 Allowed during upgrade: Yes show perf query counter This command queries the specified counter and displays the counter value of all instances. Command Syntax show perf query counter class-name counter-name [,counter-name...] Parameters • class-name specifies the perfmon class that you want to query. • counter-name specifies the counter to view. You can specify a maximum of five counters per command. Note If the class name or counter name contains white spaces, enclose the name in double quotation marks. Requirements Command privilege level: 073 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Allowed during upgrade: Yes show perf query instance This command queries the specified instance and displays all its counter values. Command Syntax show perf query instance class-name instance-name [,instance-name...] Parameters • class-name specifies the perfmon class that you want to query. • instance-name specifies the perfmon instance to view. You can specify a maximum of five instances per command. Note If the class name or instance name contains white spaces, enclose the name in double quotation marks. Usage Guidelines This command does not apply to singleton perfmon classes. Requirements Command privilege level: 0 Allowed during upgrade: Yes show perf query path This command queries a specified perfmon path. Command Syntax show perf query path path-spec [,path-spec...] Parameters • For an instance-based perfmon class, specify path-spec as class-name(instance-name)\counter-name. • For a noninstance-based perfmon class (a singleton), specify path-spec as class-name\counter-name. You can specify a maximum of five paths per command. Note If the path name contains white spaces, enclose the name in double quotation marks. Requirements Command privilege level: 0 Allowed during upgrade: Yes74 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Example show perf query path “Cisco Phones(phone-0)\CallsAttempted”, “Cisco Unified Communications Manager\T1ChannelsActive” show process This command displays information about process that is running on the system. Syntax show process list [file filename] [detail] load [cont] [clear] [noidle] [num number] [thread] [cpu | memory| time] [page] name process [file filename] open-fd process-id [, process-id2] search regexp [file filename] using-most cpu [number] [file filename] using-most memory [number] [file filename] Parameters • list displays a list of all the processes and critical information about each process and visually indicates the child-parent relationships between the processes. • load displays the current load on the system. • name displays the details of processes that share the same name and indicates their parent-child relationship. • open-fd lists the open file descriptors for a comma-separated list of process IDs. • search searches for the pattern that the regular expression regexp specifies in the output of the operating system-specific process listing. • using-most cpu displays a list of the most CPU-intensive processes. • using-most memory displays a list of the most memory-intensive processes. Options • file filename—Outputs the results to the file that is specified by filename • detail—Displays detailed output • cont—Repeats the command continuously • clear—Clears the screen before displaying output • noidle—Ignore the idle/zombie processes • num number—Displays the number of processes that are specified by number. The default number of processes equals 10. Set number to all to display all processes. • thread—Displays threads • [cpu | memory | time]—Sorts output by CPU usage, memory usage, or time usage. The default specifies to sort by CPU usage.75 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands • page—Displays the output in pages • process—Specifies the name of a process • process-id—Specifies the process ID number of a process • regexp—Represents a regular expression • number—Specifies the number of processes to display. The default equals 5. show registry This command displays the contents of the registry. Command Syntax show registry system component [name] [page] Parameters • system represents the registry system name. • component represents the registry component name. • name represents the name of the parameter to show. Note To display all items, enter the wildcard character, *. Options page—Displays one page at a time Requirements Command privilege level: 1 Allowed during upgrade: Yes Example This example shows contents of the cm system, dbl/sdi component. show registry cm dbl/sdi show risdb This command displays RIS database table information. Command Syntax show risdb list [file filename] query table1 table2 table3 ... [file filename] Parameters • list displays the tables that are supported in the Realtime Information Service (RIS) database.76 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands • query displays the contents of the RIS tables. Options file filename—Outputs the information to a file. Note The file option saves the information to platform/cli/filename.txt. Ensure that the file name does not contain the “.” character. Requirements Command privilege level: 0 Allowed during upgrade: Yes Example This example displays a list of RIS database tables. show risdb list show smtp This command displays the name of the SMTP host. Command Syntax show snmp Requirements Command privilege level: 0 Allowed during upgrade: Yes show stats io This command displays system IO statistics. Command Syntax show stats io [kilo] [detail] [page] [file filename] Options • kilo—Displays statistics in kilobytes. • detail—Displays detailed statistics on every available device on the system and overrides the kilo option. • file filename—Outputs the information to a file. Note The file option saves the information to platform/cli/filename.txt. Ensure that the file name does not contain the “.” character.77 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes show status This command displays basic platform status. Command Syntax show status Usage Guidelines This command displays the following basic platform status: • Host name • Date • Time zone • Locale • Product version • Platform version • CPU usage • Memory and disk usage Requirements Command privilege level: 0 show tech all This command displays the combined output of all show tech commands. Command Syntax show tech all [page] [file filename] Options • page—Displays one page at a time. • file filename—Outputs the information to a file. Note The file option saves the information to platform/cli/filename.txt. Ensure that the file name does not contain the “.” character. Requirements Command privilege level: 1 Allowed during upgrade: Yes78 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show tech ccm_service This command displays information on all Cisco Unified Communications Manager services that can run on the system. Command Syntax show tech ccm_service Requirements Command privilege level: 0 Allowed during upgrade: Yes show tech database This command shows information about the database. Command Syntax show tech database dump sessions Parameters • dump creates a CSV file of the entire database. • sessions redirects the session and SQL information of the present session IDs to a file. Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech dbintegrity This command displays the database integrity. Command Syntax show tech dbintegrity show tech dbinuse This command displays the database in use. Command Syntax show tech dbinuse79 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech dbschema This command displays the database schema in a CSV file. Command Syntax show tech dbschema Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech dbstateinfo This command displays the state of the database. Command Syntax show tech dbstateinfo show tech devdefaults This command displays the device defaults table. Command Syntax show tech devdefaults Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech gateway This command displays the gateway table from the database. Command Syntax show tech gateway Requirements Command privilege level: 1 Allowed during upgrade: Yes80 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show tech locales This command displays the locale information for devices, device pools, and end users. Command Syntax show tech locales Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech network This command displays network aspects of the server. Command Syntax show tech network all [page] [search text] [file filename] hosts [page] [search text] [file filename] interfaces [page] [search text] [file filename] resolv [page] [search text] [file filename] routes [page] [search text] [file filename] sockets {numeric} Parameters • all displays all network tech information. • hosts displays information about hosts configuration. • interfaces displays information about the network interfaces. • resolv displays information about hostname resolution. • routes displays information about network routes. • sockets displays the list of open sockets. Options • page—Displays one page at a time. • search text—Searches the output for the string that text specifies. Be aware that the search is case insensitive. • file filename—Outputs the information to a file. • numeric—Displays the numerical addresses of the ports instead of determining symbolic hosts. This parameter is equivalent to running the Linux shell command netstat [-n] command. Usage Guidelines The file option saves the information to platform/cli/filename.txt. Ensure that the file name does not contain the “.” character.81 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech notify This command displays the database change notify monitor. Command Syntax show tech notify Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech params all This command displays all the database parameters. Command Syntax show tech params all Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech params enterprise This command displays the database enterprise parameters. Command Syntax show tech params enterprise Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech params service This command displays the database service parameters. Command Syntax show tech params service82 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech prefs This command displays database settings. Command Syntax show tech prefs show tech procedures This command displays the procedures that are in use for the database. Command Syntax show tech procedures Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech routepatterns This command displays the route patterns that are configured for the system. Command Syntax show tech routepatterns Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech routeplan This command displays the route plan that are configured for the system. Command Syntax show tech routeplan Requirements Command privilege level: 1 Allowed during upgrade: Yes83 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show tech runtime This command displays runtime aspects of the server. Command Syntax show tech runtime all [page] [file filename] cpu [page] [file filename] disk [page] [file filename] env [page] [file filename] memory [page] [file filename] Parameters • all displays all runtime information. • cpu displays CPU usage information at the time the command is run. • disk displays system disk usage information. • env displays environment variables. • memory displays memory usage information. Options • page—Displays one page at a time. • file filename—Outputs the information to a file. Usage Guidelines The file option saves the information to platform/cli/filename.txt. Ensure that the file name cannot contain the “.” character. Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech systables This command displays the name of all tables in the sysmaster database. Command Syntax show tech systables Requirements Command privilege level: 1 Allowed during upgrade: Yes84 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands show tech system The show tech system command gets updated as described in this section. This command displays system aspects of the server. Command Syntax show tech system all [page] [file filename] bus [page] [file filename] hardware [page] [file filename] host [page] [file filename] kernel [page] [file filename] software [page] [file filename] tools [page] [file filename] Parameters • all displays all the system information. • bus displays information about the data buses on the server. • hardware displays information about the server hardware. • host displays information about the server. • kernel lists the installed kernel modules. • software displays information about the installed software versions. • tools displays information about the software tools on the server. Options • page—Displays one page at a time. • file filename—Outputs the information to a file. Usage Guidelines The file option saves the information to platform/cli/filename.txt. Ensure that the file name does not contain the “.” character. Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech table This command displays the contents of the specified database table. Command Syntax show tech table table_name [page] [csv]85 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Parameters table_name represents the name of the table to display. Options • page—Displays the output one page at a time. • csv—Sends the output to a comma separated values file. Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech triggers This command displays table names and the triggers that are associated with those tables. Command Syntax show tech triggers Requirements Command privilege level: 1 Allowed during upgrade: Yes show tech version This command displays the version of the installed components. Command Syntax show tech version [page] Options Page—Displays the output one page at a time. Requirements Command privilege level: 1 Allowed during upgrade: Yes show timezone This command displays time zone information. Command Syntax show timezone config list [page]86 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Show Commands Parameters • config displays the current time zone settings. • list displays the available time zones. Note Although the list of available time zones includes Factory, Cisco Unified Communications Manager does not support the Factory time zone. Options • page—Displays the output one page at a time. Requirements Command privilege level: 0 Allowed during upgrade: Yes show trace This command displays trace information for a particular task. Command Syntax show trace [task_name] Parameters task_name represents the name of the task for which you want to display the trace information. Note If you do not enter any parameters, the command returns a list of available tasks. Requirements Command privilege level: 0 Allowed during upgrade: Yes Example This example displays trace information for CDP. show trace cdps show ups status This command shows the current status of the USB-connected APC smart-UPS device and starts the monitoring service if it is not already started. This command provides full status only for 7835-H2 and 7825-H2 servers. Command Syntax show ups status87 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Unset Commnds show version Be aware that this command displays the software version on the active or inactive partition. Command Syntax show version active inactive Requirements Command privilege level: 0 Allowed during upgrade: Yes show web-security This command displays the contents of the current web-security certificate. Command Syntax show web-security Requirements Command privilege level: 0 Allowed during upgrade: Yes show workingdir This command retrieves the current working directory for activelog, inactivelog, install, and TFTP. Command Syntax show workingdir Requirements Command privilege level: 0 Allowed during upgrade: Yes Unset Commnds This section contains descriptions of the following commands: • unset ipsec, page 88 • unset network, page 8888 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands unset ipsec This command allows you to disable IPSec policies and associations. Command Syntax unset ipsec policy {ALL | policy-name} association policy-name {ALL | association-name} Parameters • policy-name represents the name of an IPSec policy. • association-name represents the name of an IPSec association. Requirements Command privilege level: 1 Allowed during upgrade: No unset network This command unsets DNS options. Command Syntax unset network dns options [timeout] [attempts] [rotate] Parameters • timeout sets the wait time before the system considers a DNS query as failed to the default. • attempts sets the number of DNS attempts to make before failing to the default. • rotate sets the method for selecting a nameserver to the default. This affects how loads are distributed across nameservers. Usage Guidelines The system asks whether you want to continue to execute this command. Caution If you continue, the system will temporarily lose network connectivity. Utils Commands This section contains descriptions of the following commands: • utils auditd, page 90 • utils core list, page 91 • utils core analyze, page 91 • utils create report, page 9189 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • utils csa disable, page 92 • utils csa enable, page 92 • utils csa status, page 92 • utils cuc cluster activate (Cisco Unity Connection Only), page 93 • utils cuc cluster deactivate (Cisco Unity Connection Only), page 93 • utils cuc cluster makeprimary (Cisco Unity Connection Only), page 93 • utils cuc cluster overwritedb (Cisco Unity Connection Only), page 94 • utils cuc cluster renegotiate (Cisco Unity Connection Only), page 94 • utils cuc create report (Cisco Unity Connection Only), page 95 • utils cuc networking clear_replication (Cisco Unity Connection Only), page 96 • utils cuc reset password (Cisco Unity Connection Only), page 96 • utils dbreplication clusterreset, page 96 • utils dbreplication dropadmindb, page 97 • utils dbreplication forcedatasyncsub, page 97 • utils dbreplication quickaudit, page 98 • utils dbreplication repair, page 98 • utils dbreplication repairreplicate, page 99 • utils dbreplication repairtable, page 99 • utils dbreplication reset, page 100 • utils dbreplication runtimestate, page 100 • utils dbreplication setrepltimeout, page 100 • utils dbreplication status, page 101 • utils dbreplication stop, page 102 • utils diagnose, page 102 • utils disaster_recovery backup tape, page 102 • utils disaster_recovery backup network, page 103 • utils disaster_recovery cancel_backup, page 103 • utils disaster_recovery restore tape, page 103 • utils disaster_recovery restore network, page 104 • utils disaster_recovery show_backupfiles network, page 104 • utils disaster_recovery show_backupfiles tape, page 105 • utils disaster_recovery show_registration, page 105 • utils disaster_recovery show_tapeid, page 105 • utils disaster_recovery status, page 106 • utils fior, page 106 • utils firewall ipv4, page 107 • utils firewall ipv6, page 108 • utils iostat, page 10890 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • utils iothrottle enable, page 109 • utils iothrottle disable, page 109 • utils iothrottle status, page 109 • utils netdump client, page 109 • utils netdump server, page 110 • utils network arp, page 111 • utils network capture eth0, page 111 • utils network connectivity, page 112 • utils network host, page 112 • utils network ipv6 firewall, page 113 • utils network ping, page 115 • utils network tracert, page 115 • utils ntp, page 115 • utils ntp restart, page 116 • utils ntp start, page 116 • utils remote_account, page 117 • utils reset_ui_administrator_name (Cisco Unified Communications Manager Only), page 117 • utils reset_ui_administrator_password (Cisco Unified Communications Manager Only), page 118 • utils service list, page 118 • utils service, page 118 • utils sftp handshake, page 119 • utils snmp, page 119 • utils soap realtimeservice test, page 120 • utils system, page 120 • utils system boot, page 121 • utils system upgrade, page 121 utils auditd This command enables, disables, and provides the status of audit logging. When enabled, the system monitors and records user actions in both Cisco Unified Communications Manager and Cisco Unified Serviceability. Cisco recommends that you retrieve the audit log by using the Real-Time Monitoring Tool, but you can also retrieve it by using the CLI. Command Syntax utils auditd {enable|disable|status} Parameters enable—Turns on audit logging.91 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands disable—Turns off audit logging. status—Displays whether audit logging is on or off. Requirements Command privilege level: 1 Allowed during upgrade: No utils core list This command lists all existing core files. Command Syntax utils core list utils core analyze This command generates a backtrace for the specified core file, a thread list, and the current value of all CPU registers. Command Syntax utils core analyze core file name Parameters • core file name specifies the name of a core file. Usage Guidelines The command creates a file of the same name as the core file, with a .txt extension, in the same directory as the core file. This command works only on the active partition. utils create report This command creates reports about the server in the platform/log directory. Command Syntax utils create report hardware platform csa Parameters • hardware creates a system report that contains disk array, remote console, diagnostic, and environmental data. • platform collects the platform configuration files into a TAR file.92 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • csa collects all the files required for CSA diagnostics and assembles them ino a single CSA diagnostics file. You can retrieve this file by using the file get command. Usage Guidelines You are prompted to continue after you enter the command. After creating a report, use the command file get activelog platform/log/filename, where filename specifies the report filename that displays after the command completes, to get the report. Requirements Level privilege: 1 Command privilege: 1 Allowed during upgrade: No utils csa disable This command stops Cisco Security Agent (CSA). Command Syntax utils csa disable Requirements Command privilege level: 1 Allowed during upgrade: No utils csa enable This command enables Cisco Security Agent (CSA). Command Syntax utils csa enable Usage Guidelines The system prompts you to confirm that you want to enable CSA. Caution You must restart the system after you start CSA.ca Requirements Command privilege level: 1 Allowed during upgrade: No utils csa status This command displays the current status of Cisco Security Agent (CSA).93 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Command Syntax utils csa status Usage Guidelines The system indicates whether CSA is running. Requirements Command privilege level: 0 Allowed during upgrade: No utils cuc cluster activate (Cisco Unity Connection Only) This command activates this server in a Cisco Unity Connection cluster. Command Syntax utils cuc cluster activate Requirements Command privilege level: 1 Allowed during upgrade: Yes Example utils cuc cluster activate utils cuc cluster deactivate (Cisco Unity Connection Only) This command deactivates this server in a Cisco Unity Connection cluster. Command Syntax utils cuc cluster deactivate Requirements Command privilege level: 1 Allowed during upgrade: Yes Example utils cuc cluster deactivate utils cuc cluster makeprimary (Cisco Unity Connection Only) This command forces the specified server to take the primary server status in a Cisco Unity Connection cluster. 94 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Command Syntax utils cuc cluster makeprimary [server] Parameters • server specifies the name of the server to take the primary server status. If you do not specify a server, the other server in the Connection cluster takes the primary server status. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example utils cuc cluster makeprimary utils cuc cluster overwritedb (Cisco Unity Connection Only) This command overwrites the database on this server with the database on the other server in a Connection cluster. Command Syntax utils cuc cluster overwritedb Usage Guidelines This command overwrites the database on the server on which you run this command with the database from the other server in the Connection cluster. Replication will restart after the database is overwritten. This method is used when you restore one server from a backup and must copy the restored data to the other server. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example utils cuc cluster overwritedb utils cuc cluster renegotiate (Cisco Unity Connection Only) This command creates a cluster relationship with the publisher server in a Connection cluster after the server was replaced or after Connection was reinstalled on the publisher server. The command overwrites all data on the publisher server with data from the subscriber server and initializes data replication between the servers. Command Syntax utils cuc cluster renegotiate95 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Usage Guidelines Run this command on the subscriber server in a Connection cluster to set up a trust with a publisher server that has been replaced or on which Connection has been reinstalled. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example utils cuc cluster renegotiate utils cuc create report (Cisco Unity Connection Only) This command collects data that is helpful to technical support staff for troubleshooting the system. Data collected includes version information, cluster status, service information, database information, trace files, log files, disk information, memory information, and restart information. Command Syntax utils cuc create report Usage Guidelines When the command completes, detailed information gets saved in a .zip file, and the location of the .zip file displays. Use the file get command to move the file to a computer on which you can uncompress the file and view the contents. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example utils cuc create report Getting unity connection version. Please wait...Done Getting cluster status. Please wait...Done Getting service information. Please wait...Done Getting installed locales. Please wait...Done Getting database schema version. Please wait...Done Getting database integrity. Please wait...Done Getting database diagnostic log. Please wait...Done Getting database message log. Please wait...Done Getting trace files. Please wait...Done Getting log files. Please wait...Done Getting platform status. Please wait...Done Compressing 75 files. Please wait...Done Output is in file: cuc/cli/systeminfo_080318-140843.zip To free disk space, delete the file after copying it to another computer96 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands utils cuc networking clear_replication (Cisco Unity Connection Only) This command stops all Digital Networking replication activities occurring on the server. Command Syntax utils cuc networking clear_replication Usage Guidelines This command stops the Connection Digital Networking Replication Agent, deletes the drop, queue, and pickup replication folders, clears the status of in-progress directory pushes to or pulls from this server, and restarts the Connection Digital Networking Replication Agent. Depending on the size of the replication folders, this operation may take several minutes Requirements Command privilege level: 1 Allowed during upgrade: No utils cuc reset password (Cisco Unity Connection Only) This command resets the password for a specified user account. Syntax utils cuc reset password Requirements Command privilege level: 1 Allowed during upgrade: Yes Example admin:utils cuc reset password jdoe Enter password: Re-enter password: jdoe 07/29/2008 12:41:14.704 : Update SUCCEEDED utils dbreplication clusterreset You can use this command to debug database replication. However, you should only use it if you have already tried utils dbreplication reset all, and it failed to restart replication on the cluster. This command will tear down and rebuild replication for the entire cluster. After using this command, you must restart each subscriber server. After all subscriber servers have been restarted, you must go to the publisher server and issue the CLI command utils dbreplication reset all. Command Syntax utils dbreplication clusterreset97 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Usage Guidelines Before you run this command, run the command utils dbreplication stop first on all subscribers servers and then on the publisher server. Requirements Command privilege level: 0 Allowed during upgrade: No utils dbreplication dropadmindb This command drops the Informix syscdr database on any server in the cluster. Command Syntax utils dbreplication dropadmindb Usage Guidelines You should run this command only if database replication reset or cluster reset fails and replication cannot be restarted. Requirements Command privilege level: 0 Allowed during upgrade: No utils dbreplication forcedatasyncsub This command forces a subscriber server to have its data restored from data on the publisher server. Use this command only after you have run the utils dbreplication repair command several times, but the utils dbreplication status command still shows non-dynamic tables that are not in sync Note Do not run this command if only dynamic tables are out of sync; dynamic tables can be out of sync during normal system operation. You can only run this command from the publisher server. Use the all parameter to force sync on all subscriber servers in the cluster. If only one subscriber server is out of sync, use the hostname parameter. After you run this command, you must restart the restored subscriber servers. This command can take a significant amount of time to execute and can affect the system-wide IOWAIT. Command Syntax utils dbreplication forcedatasyncsub {all|hostname} Parameters • all causes all subscriber servers in the cluster to have their data restored from data on the publisher server.98 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • hostname specifies a particular subscriber server to have its data restored from data on the publisher server. Usage Guidelines The utils dbreplication forcedatasyncsub command takes a database backup of the publisher server and restores that data into the database on the subscriber server. Note This command erases all existing data on the subscriber server and replaces it with the database from the publisher server, which makes it impossible to determine the original root cause for the subscriber server tables going out of sync. Requirements Command privilege level: 0 Allowed during upgrade: No utils dbreplication quickaudit This command runs a quick database check on selected content on dynamic tables. Command Syntax utils dbreplication quickaudit nodename | all Parameters • nodename specifies the node on which the quick audit should be run. • all causes the audit to be run on all nodes. Requirements Command privilege level: 0 Allowed during upgrade: Yes utils dbreplication repair This command repairs database replication. Command Syntax utils dbreplication repair {all|hostname} Parameters • all causes data repair to take place on all subscriber servers. • hostname specifies a particular subscriber server for data repair. Usage Guidelines If the command utils dbreplication status show that servers are connected but one or more tables have data that is out of sync, this command will repair the data on the subscriber servers so that it is in sync with the data on the publisher server. 99 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Use the all parameter to repair all nodes in the cluster, or if only one subscriber server is out of sync, specifiy the hostname parameter. Requirements Command privilege level: 0 Allowed during upgrde: No utils dbreplication repairreplicate This command repairs mismatched data between cluster nodes; and changes the node data to match the publisher server data. It does not repair replication setup. Command Syntax utils dbreplication repairreplicate replicatename [nodename]|alll Parameters • replicatename specifies the replicate to repair. • nodename specifies which node to repair replication on. • all causes fix replication on all nodes. Requirements Command Privilege level: 0 Allowed during upgrade: Yes utils dbreplication repairtable This command repairs mismatched data between cluster nodes and changes the node to match the publisher data. Command Syntax utils dbreplication repairtable tablename [nodename]|all Parameters • tablename specifies the table to repair. • nodename specifies on which node to repair replication. • all causes fix replication on all nodes. Usage Guidelines This command can be executed on the publisher server. It does not repair replication setup. Requirements Command privilege level: 0 Allowed during upgrade: Yes100 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands utils dbreplication reset This command resets and restarts database replication. It can be used to tear down and rebuild replication when the system has not set up properly. Command Syntax utils dbreplication reset {all|hostname} • all causes all subscriber servers in the cluster to have replication torn down and rebuilt. • hostname specifies a particular subscriber server to have replication torn down and rebuilt. Usage Guidelines This is the best command to use when servers show an RTMT state of 4. If only one subscriber server is showing an RTMT state of 4, you may reset that server by specifying the hostname parameter. To reset the entire cluster, use the all parameter. Tip Before you run this command, first run the command utils dbreplication stop on all subscriber servers that will be reset and then on the publisher server. Requirements Command privilege level: 0 Allowed during upgrde: No utils dbreplication runtimestate This command monitors progress of the database replication process and provides replication state in the cluster. Command Syntax utils dbreplication runtimestate [nodename] Parameters • nodename (optional) specifies the node to monitor. Usage Guidelines If a nodename is provided, the replication state is provided from the view point of the selected node. Requirements Command privilege level: 0 Allowed during upgrade: Yes utils dbreplication setrepltimeout You can use this command to set the timeout for database replication on large clusters.101 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Command Syntax utils dbreplication setrepltimeout timeout Options • timeout—The new database replication timeout, in seconds. Ensure that the value is between 300 and 3600. Usage Guidelines The default database replication timeout equals 5 minutes (value of 300). When the first subscriber server requests replication with the publisher server, the system sets this timer. When the timer expires, the first subscriber server, plus all other subscriber servers that requested replication within that time period, begin data replication with the publisher server in a batch. If you have several subscriber servers, batch replication is more efficient than individual server replication. For large clusters, you can use the command to increase the default timeout value, so that more subscriber servers will be included in the batch. Note After you upgrade the publisher server and restart it on the upgraded partition, you should set this timer value before you switch the first subscriber server to the new release. When the first subscriber server requests replication, the publisher server will set the replication timer based on the new value. Tip Cisco recommends that you restore this value back to the default of 300 (5 minutes) after you finish upgrading the entire cluster, and the subscriber servers have successfully set up replication. Requirements Command privilege level: 0 Allowed during upgrade: No utils dbreplication status This command displays the status of database replication and indicates whether the servers in the cluster are connected and the data is in sync. You should run this command only on the first node (publisher server) of a cluster. Command Syntax utils dbreplication status Requirements Command privilege level: 0 Allowed during upgrde: No102 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands utils dbreplication stop This command stops the automatic setup of database replication. Use this command on subscriber and publisher servers prior to executing the CLI command utils dbreplication reset or utils dbreblication clusterreset. You can run this command on the subscriber servers simultaneously, before you run it on the publisher server. Command Syntax utils dbreplication stop Requirements Command privilege level: 0 Allowed during upgrde: No utils diagnose This command enables you to diagnose and attempt to automatically fix system problems. Command Syntax utils diagnose fix list module module_name test version Parameters • fix runs all diagnostic commands and attempts to fix problems. • list lists all available diagnostic commands. • module runs a single diagnostic command or group of commands and attempts to fix problems. • test runs all diagnostic commands but does not attempt to fix problems. • version displays the diagnostic framework version. • module_name specifies the name of a diagnostics module. utils disaster_recovery backup tape This command starts a backup job and stores the resulting Tar file on tape. Command Syntax utils disaster_recovery backup tape featurelist tapeid Parameters • featurelist specifies the list of features to back up, separated by commas.103 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • tapeid represents the ID of an available tape device. Requirements Command privilege level: 1 Allowed during upgrade: Yes utils disaster_recovery backup network This command starts a backup job and stores the resulting Tar file on a remote server. Command Syntax utils disaster_recovery backup network featurelist path servername username Parameters • featurelist specifies the list of features to back up, separated by commas. • path represents the location of the backup files on the remote server. • servername represents the IP address or host name of the server where you stored the backup files. • username represents the username that is needed to log in to the remote server. Usage Guidelines Note The system prompts you to enter the password for the account on the remote server. Requirements Command privilege level: 1 Allowed during upgrade: Yes utils disaster_recovery cancel_backup This command cancels the ongoing backup job. Command Syntax utils disaster_recovery cancel_backup Usage Guidelines The system prompts you to confirm that you want to cancel the backup job. Requirements Command privilege level: 1 Allowed during upgrade: Yes utils disaster_recovery restore tape This command starts a restore job and takes the backup tar file from tape.104 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Command Syntax utils disaster_recovery restore tape server tarfilename tapeid Parameters • server specifies the hostname of the server that you want to restore. • tarfilename specifies the name of the file to restore. • tapeid specifies the name of the tape device from which to perform the restore job. Requirements Command privilege level: 1 Allowed during upgrade: Yes utils disaster_recovery restore network This command starts a restore job and takes the backup Tar file from a remote server. Command Syntax utils disaster_recovery restore network restore_server tarfilename path servername username Parameters • restore_server specifies the hostname of the server that you want to restore. • tarfilename specifies the name of the file to restore. • path represents the location of the backup files on the remote server. • servername represents the IP address or host name of the server where you stored the backup files. • username represents the username that is needed to log in to the remote server. Usage Guidelines Note The system prompts you to enter the password for the account on the remote server. Requirements Command privilege level: 1 Allowed during upgrade: Yes utils disaster_recovery show_backupfiles network This command starts a restore job and takes the backup Tar file from a remote server. Command Syntax utils disaster_recovery show_backupfiles network path servername username Parameters • path represents the location of the backup files on the remote server.105 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • servername represents the IP address or host name of the server where you stored the backup files. • username represents the username that is needed to log in to the remote server. Usage Guidelines Note The system prompts you to enter the password for the account on the remote server. Requirements Command privilege level: 1 Allowed during upgrade: No utils disaster_recovery show_backupfiles tape This command displays information about the backup files that are stored on a tape. Command Syntax utils disaster_recovery show_backupfiles tape tapeid Parameters • tapeid represents the ID of an available tape device. Requirements Command privilege level: 1 Allowed during upgrade: No utils disaster_recovery show_registration This command displays the registered features and components on the specified server. Command Syntax utils disaster_recovery show_registration hostname Parameters • hostname specifies the server for which you want to display registration information. Requirements Command privilege level: 1 Allowed during upgrade: No utils disaster_recovery show_tapeid This command displays a list of tape device IDs.106 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Command Syntax utils disaster_recovery show_tapeid Requirements Command privilege level: 1 Allowed during upgrade: No utils disaster_recovery status This command displays the status of the current backup or restore job. Command Syntax utils disaster_recovery status operation Parameters • operation specifies the name of the ongoing operation: backup or restore. Requirements Command privilege level: 1 Allowed during upgrade: No utils fior This command allows you to monitor the I/O on the server. The File I/O Reporting service provides a kernel-based daemon for collecting file I/O per process. Command Syntax utils fior disable enable list [start=date-time] [stop=date-time] start status stop top number [read | write | read-rate | write-rate] [start=date-time] [stop=date-time] Options • disable—Prevents the file I/O reporting service from starting automatically when the machine boots. This command does not stop the service without a reboot. Use the stop option to stop the service immediately. • enable—Enables the file I/O reporting service to start automatically when the machine boots. This command does not start the service without a reboot. Use the start option to start the service immediately. • list—This command displays a list of file I/O events, in chronological order, from oldest to newest.107 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • start—Starts a previously stopped file I/O reporting service. The service remains in a started state until it is manually stopped or the machine is rebooted. • status—Displays the status of the file I/O reporting service. • stop—Stops the file I/O reporting service. The service remains in a stopped state until it is manually started or the machine is rebooted. • top—Displays a list of top processes that create file I/O. You can sort this list by the total number of bytes read, the total number of bytes written, the rate of bytes read, or the rate of bytes written. • start—Specifies a starting date and time. • stop—Specifies a stopping date and time. • date-time—specifies a date and time, in any of the following formats: H:M, H:M:S a, H:M, a, H:M:S Y-m-d, H:M, Y-m-d, H:M:S. • number—Specifies how many of the top processes to list. • [read | write | read-rate | write-rate]—Specifies the metric that is used to sort the list of top process. Requirements Command privilege level: 1 Allowed during upgrade: Yes utils firewall ipv4 This commands sets options and displays status for the IPv4 firewall. Command Syntax utils network ipv4 firewall debug [off|time] disable [time] enable list status Parameters • debug turns debugging on or off. If you do not enter the time parameter, this command turns on debugging for 5 minutes. • disable turns off the IPv6 firewall. If you do not enter the time parameter, this command disables the firewall for 5 minutes. • enable turns on the IPv6 firewall. • list displays the current configuration of the firewall. • status displays the current status of the firewall. • time sets duration for the command in one of the following formats: – Minutes: 0–1440m – Hours: 0–23h108 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands – Hours and minutes: 0–23h 0–60m utils firewall ipv6 This commands sets options and displays status for the IPv6 network firewall. Note IPv6 is not supported in Cisco Unified Communications Manager Business Edition or Cisco Unity Connection. Command Syntax utils network ipv6 firewall debug [off|time] disable [time] enable list status Parameters • debug turns debugging on or off. If you do not enter the time parameter, this command turns on debugging for 5 minutes. • disable turns off the IPv6 firewall. If you do not enter the time parameter, this command disables the firewall for 5 minutes. • enable turns on the IPv6 firewall. • list displays the current configuration of the firewall. • status displays the current status of the firewall. • time sets duration for the command in one of the following formats: – Minutes: 0–1440m – Hours: 0–23h – Hours and minutes: 0–23h 0–60m utils iostat This command displays the iostat output for the given number of iterations and interval. Command Syntax utils iostat [interval] [iterations] [filename] Parameters • interval represents the value in seconds between two iostat readings (mandatory if you specify the number of iterations) • interations represents the number of iostat iterations to be performed (mandatory if you specify an interval)109 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • filename redirects the output to a file Requirements Level privilege: 0 Command privilege: 1 Allowed during upgrade: No utils iothrottle enable This command enables I/O throttling enhancements. When enabled, I/O throttling enhancements lower the impact of upgrades on an active system. Command Syntax utils iothrottle enable utils iothrottle disable This command disables I/O throttling enhancements. This could adversely affect the system during upgrades. Command Syntax utils iothrottle disable utils iothrottle status This command displays the status of I/O throttling enhancements. Command Syntax utils iothrottle status utils netdump client This command configures the netdump client. Command Syntax utils netdump client start ip-address-of-netdump-server status stop Parameters • start starts the netdump client. • status displays the status of the netdump client.110 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • stop stops the netdump client. • ip-address-of-netdump-server specifies the IP address of the netdump server to which the client will send diagnostic information. Usage Guidelines If a kernel panic crash occurs, the netdump client sends diagnostic information about the crash to a netdump server. Requirements Command privilege level: 0 Allowed during upgrade: No utils netdump server This command configures the netdump server. Command Syntax utils netdump server add-client ip-address-of-netdump-client delete-client ip-address-of-netdump-client list-clients start status stop Parameters • add-client adds a netdump client. • delete-client deletes a netdump client. • list-clients lists the clients that are registered with this netdump server. • start starts the netdump server. • status displays the status of the netdump server. • stop stops the netdump server. • ip-address-of-netdump-client specifies the IP address of a netdump client. Usage Guidelines If a kernel panic crash occurs, a netdump-enabled client system sends diagnostic information about the crash to the netdump server. The netdump diagnostic information gets stored in the following location on the netdump server: crash/. The subdirectories whose names comprise a client IP address and a date contain netdump information. You can configure each Cisco Unified Operating System server as both a netdump client and server. If the server is on another Cisco Unified Operating System server, only the kernel panic trace signature gets sent to the server; otherwise, an entire core dump gets sent.111 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Requirements Command privilege level: 0 Allowed during upgrade: No utils network arp This command lists, sets, or deletes Address Resolution Protocol (ARP) table entries. Command Syntax utils network arp list [host host] [page] [numeric] set {host} {address} delete host Parameters • list lists the contents of the address resolution protocol table. • set sets an entry in the address resolution protocol table. • delete deletes an entry in the address resolution table. • host represents the host name or IP address of the host to add or delete to the table. • address represents the MAC address of the host to be added. Enter the MAC address in the following format: XX:XX:XX:XX:XX:XX. Options • page—Displays the output one page at a time • numeric—Displays hosts as dotted IP addresses Requirements Command privilege level: 0 Allowed during upgrade: Yes utils network capture eth0 This command captures IP packets on the specified Ethernet interface. Command Syntax utils network capture eth0 [page] [numeric] [file fname] [count num] [size bytes] [src addr] [dest addr] [port num] Parameters • eth0 specifies Ethernet interface 0. Options • page—Displays the output one page at a time112 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands When you use the page or file options, the complete capture of all requested packets must occur before the command completes. • numeric—Displays hosts as dotted IP addresses • file fname—Outputs the information to a file The file option saves the information to platform/cli/fname.cap. The filename cannot contain the “.” character. • count num—Sets a count of the number of packets to capture For screen output, the maximum count equals 1000, and, for file output, the maximum count equals 10,000. • size bytes—Sets the number of bytes of the packet to capture For screen output, the maximum number of bytes equals 128, for file output, the maximum of bytes can be any number or ALL • src addr—Specifies the source address of the packet as a host name or IPV4 address • dest addr—Specifies the destination address of the packet as a host name or IPV4 address • port num—Specifies the port number of the packet, either source or destination Requirements Command privilege level: 0 Allowed during upgrade: Yes utils network connectivity This command verifies the node network connection to the first node in the cluster. Be aware that it is only valid on a subsequent node. Command Syntax utils network connectivity Requirements Command privilege level: 0 Allowed during upgrade: Yes utils network host This command resolves a host name to an address or an address to a host name. Command Syntax utils network host hostname [server server-name] [page] [detail] [srv] Parameters • hostname represents the host name or IP address that you want to resolve. Options • server-name—Specifies an alternate domain name server.113 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • page—Displays the output one screen at a time. • detail—Displays a detailed listing. • srv—Displays DNS SRV records. Requirements Command privilege level: 0 Allowed during upgrade: Yes utils network ipv6 firewall This commands sets options and displays status for the IPv6 network firewall. Note IPv6 is not supported in Cisco Unified Communications Manager Business Edition or Cisco Unity Connection. Command Syntax utils network ipv6 firewall debug [off|time] disable [time] enable list status Parameters • debug turns debugging on or off. If you do not enter the time parameter, this command turns on debugging for 5 minutes. • disable turns off the IPv6 firewall. If you do not enter the time parameter, this command disables the firewall for 5 minutes. • enable turns on the IPv6 firewall. • list displays the current configuration of the firewall. • status displays the current status of the firewall. • time sets duration for the command in one of the following formats: – Minutes: 0–1440m – Hours: 0–23h – Hours and minutes: 0–23h 0–60m utils network ipv6 host This command does an IPv6 host lookup (or IPv6 address lookup) for the specified host name or IPv6 address.114 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Note IPv6 is not supported in Cisco Unified Communications Manager Business Edition or Cisco Unity Connection. Command Syntax utils network ipv6 host {host_name|ipv6_address} Parameters • host_name specifies the name of the server. • ipv6_address specifies the IPv6 address of the server. utils network ipv6 ping This command allows you to ping an IPv6 address or hostname. Note IPv6 is not supported in Cisco Unified Communications Manager Business Edition or Cisco Unity Connection. Command Syntax utils network destination [count] Parameters • destination specifies a valid IPv6 address or host name that you want to ping. • count specifies the number of times to ping the external server. The default count equals 4. Requirements Command privilege level: 0 Allowed during upgrade: Yes set network ipv6 traceroute This command traces and displays route information for an IPv6 destination. Note IPv6 is not supported in Cisco Unified Communications Manager Business Edition or Cisco Unity Connection. Command Syntax set network ipv6 traceroute {host_name|ipv6_address} Parameters • host_name specifies the name of an IPv6 server. • ipv6_address specifies the IPv6 address of the server.115 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Requirements Command privilege level: 0 Allowed during upgrade: Yes utils network ping This command allows you to ping another server. Command Syntax utils network ping destination [count] Parameters • destination represents the hostname or IP address of the server that you want to ping. Options • count—Specifies the number of times to ping the external server. The default count equals 4. Requirements Command privilege level: 0 Allowed during upgrade: Yes utils network tracert This command traces IP packets that are sent to a remote destination. Command Syntax utils network tracert destination Parameters • destination represents the hostname or IP address of the server to which you want to send a trace. Requirements Command privilege level: 0 Allowed during upgrade: Yes utils ntp This command displays the NTP status or configuration. Command Syntax utils ntp {status | config}116 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands Note To avoid potential compatibility, accuracy, and network jitter problems, the external NTP servers that you specify for the primary node should be NTP v4 (version 4). If you are using IPv6 addressing, external NTP servers must be NTP v4. Requirements Command privilege level: 0 Allowed during upgrade: Yes utils ntp restart This command restarts the NTP service. Command Syntax utils ntp restart Parameters None Requirements Level privilege: 0 Command privilege: 0 Allowed during upgrade: Yes utils ntp start If it is not already running, this command starts the NTP service. Note You cannot stop the NTP service from the command line interface. Use this command when the utils ntp status command returns stopped. Command Syntax utils ntp start Parameters None Requirements Level privilege: 0 Command privilege: 0 Allowed during upgrade: Yes117 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands utils remote_account This command allows you to enable, disable, create, and check the status of a remote account. Command Syntax utils remote_account status enable disable create username life Parameters • username specifies the name of the remote account. The username can contain only lowercase characters and must be more than six characters long. • life specifies the life of the account in days. After the specified number of day, the account expires. Usage Guidelines A remote account generates a pass phrase that allows Cisco Systems support personnel to get access to the system for the specified life of the account. You can have only one remote account that is enabled at a time. Requirements Command privilege level: 1 Allowed during upgrade: Yes Example utils remote_account status utils reset_ui_administrator_name (Cisco Unified Communications Manager Only) Note To change the administrator user name for Cisco Unity Connection, use Cisco Unity Connection Administration. This command resets the administrator user name you use to log in the administration user interface for the installed product. Command Syntax utils reset_ui_administrator_name118 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands utils reset_ui_administrator_password (Cisco Unified Communications Manager Only) Note To change the password for a Cisco Unity Connection user, use the utils cuc reset password command. See the “utils cuc reset password (Cisco Unity Connection Only)” section on page 96. This command resets the administrator password you use to log in the administration user interface for the installed product. Command Syntax utils reset_ui_administrator_password utils service list This command retrieves a list of all services and their status. Command Syntax utils service list [page] Options • page—Displays the output one page at a time Requirements Command privilege level: 0 Allowed during upgrade: Yes utils service This command stops, starts, or restarts a service. Command Syntax utils service start service-name stop service-name restart service-name auto-restart {enable | disable | show} service-name Parameters • service-name represents the name of the service that you want to stop or start: – System SSH – Cluster Manager – Service Manager119 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands – Cisco Tomcat – Cisco Database Layer Monitor – Cisco CallManager Serviceability • auto-restart causes a service to automatically restart. • enable enables auto-restart. • disable disables auto-restart. • show shows the auto-restart status. Requirements Command privilege level: 1 Allowed during upgrade: No utils sftp handshake This command exchanges SFTP SSH keys to all members of the cluster. Command Syntax utils sftp handshake utils snmp This command manages SNMP on the server. Command Syntax utils snmp get version community ip-address object [file] hardware-agents [status | stop | restart] test walk version community ip-address object [file] Parameters • get displays the value of the specified SNMP object. • hardware-agents status displays the status of the hardware agents on the server. • hardware-agents stop stops all SNMP agents provided by the hardware vendor. • hardware-agents restart restarts the hardware agents on the server. • test tests the SNMP host by sending sample alarms to local syslog, remote syslog, and SNMP trap. • walk walks the SNMP MIB, starting with the specified SNMP object. • version specifies the SNMP version. Possible values include 1 or 2c. • community specifies the SNMP community string. • ip-address specifies the IP address of the server. Enter 127.0.0.0 to specify the local host. You can enter the IP address of another node in the cluster to run the command on that node.120 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Utils Commands • object specifies the SNMP Object ID (OID) to get. • file specifies a file in which to save the command output. Requirements Command privilege level: 1 Allowed during upgrade: Yes utils soap realtimeservice test This command executes a number of test cases on the remote server. Command Syntax utils soap realtimeservice test remote-ip remote-https-user remote-https-password Parameters • remote-ip specifies the IP address of the server under test. • remote-https-user specifies a username with access to the SOAP API. • remote-https-password specifies the password for the account with SOAP API access. Requirements Command privilege level: 0 Allowed during upgrade: No utils system This command allows you to restart the system on the same partition, restart the system on the inactive partition, or shut down the system. Command Syntax utils system {restart | shutdown | switch-version} Parameters restart restarts the system. shutdown shuts down the system. switch-version switches to the product release that is installed on the inactive partition. Usage Guidelines The utils system shutdown command provides a 5-minute timeout. If the system does not shut down within 5 minutes, the command gives you the option of doing a forced shutdown. Requirements Command privilege level: 1 Allowed during upgrade: No121 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Related Documentation utils system boot This commands redirects where the system boot output gets sent. Command Syntax utils system boot {console | serial | status} Parameters • console redirects the system boot output to the console. • serial redirects the system boot output to the COM1 (serial port 1). • status displays the where the serial boot output will currently get sent. Requirements Level privilege: 1 Command privilege: 1 Allowed during upgrade: Yes utils system upgrade This command allows you to install upgrades and Cisco Option Package (COP) files from both local and remote directories. Command Syntax utils system upgrade {initiate | cancel | status} Parameters • cancel cancels the active upgrade. • initiate starts a new upgrade wizard or assumes control of an existing upgrade wizard. The wizard prompts you for the location of the upgrade file. • status displays the status of an upgrade. Related Documentation For further information about related Cisco IP telephony applications and products, refer to the Cisco Unified Communications Manager Documentation Guide for your release at http://cisco.com/en/US/products/sw/voicesw/ps556/products_documentation_roadmaps_list.html122 Command Line Interface Reference Guide for Cisco Unified Communications Solutions Release 7.1(2) OL-16419-01 Obtaining Documentation, Obtaining Support, and Security Guidelines Obtaining Documentation, Obtaining Support, and Security Guidelines For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Cisco Product Security Overview This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. Further information regarding U.S. export regulations may be found at http://www.access.gpo.gov/bis/ear/ear_data.html Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Copyright © 2009 Cisco Systems, Inc. All rights reserved. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R) © 2010 Cisco Systems, Inc. All rights reserved. OL-23960-01 QUICK REFERENCE Cisco Unified IP Phone Quick Reference for Cisco Unified Communications Manager 8.5(1) (SCCP and SIP) For Cisco Unified IP Phone 7962G, 7942G, 7961G, 7961G-GE, 7941G, and 7941G-GE Softkey Definitions Phone Screen Icons Button Icons Common Phone Tasks Softkey Definitions AbbrDial Dial using a speed-dial index number Answer Answers a call Back Returns to previous Help topic Barge Adds you to a call on a shared line CallBack Receive notification when a busy extension becomes available Cancel Cancels an action or exit a screen without applying changes cBarge Adds you to a call on a shared line and establish a conference CFwdALL Sets up/cancels call forwarding Clear Deletes records or settings Close Closes the current window ConfList View conference participants Confrn Creates a conference call Delete Removes characters to the right of the cursor when using EditDial Details Opens the Details record for a multiparty call in the Missed Calls and Received Calls logs Dial Dials a phone number DND Turns on/off Do Not Disturb (DND) EditDial Edits a number in a call log EndCall Disconnects the current call or the current intercom call Erase Resets settings to their defaults Exit Returns to the previous screen GPickUp Answers a call that is ringing in another group or on another line Common Phone Tasks View online help on the phone Press . Place a call Lift the handset or press the speakerphone or headset. Redial a number Press Redial. Or press the Navigation button while on hook to see your Placed Calls log. Switch to the handset during a call Pick up the handset. Switch to the speaker or headset during a call Press or , then hang up the handset. Mute your phone Press . Use your call logs Press to choose a call log. To dial, highlight a listing and go off hook. Edit a number Press EditDial, << or >>. Hold/resume a call Press Hold or Resume. Transfer a call to a new number Press Tr ans f er, enter the number, and then press Tr ansf er again. Place an intercom call Press intercom button, enter a number if necessary, and speak after you hear the tone. Start a standard (ad hoc) conference call Press more > Confrn, dial the participant, then press Confrn again. ?iDivert Diverts or redirects a call to a voice-messaging system Join Combines existing calls to create a conference Links View related Help topics Main Displays the Help main menu MeetMe Hosts a Meet-Me conference call more Displays additional softkeys New Call Makesa new call OPickUp Answers a call that is ringing in an associated group Park Stores a call using Call Park PickUp Answers a call that is ringing on another phone in your group QRT Submits call problems to the system administrator Redial Redials the most recently dialed number Remove Removes a conference participant Resume Resumes a call on hold RmLstC Drops the last party added to a conference call Save Saves the chosen settings Search Searches for a directory listing Select Selects a menu item or call Transf er Transfers a call Update Refreshes content VidMode (SCCP only) Chooses a video display mode << Deletes entered characters >> Moves through entered characters Phone Screen Icons Call Forwarding enabled Call on hold; remote call on hold Connected call Incoming call Off hook On hook Shared line in use Message waiting Authenticated call Encrypted call BLF-monitored line is in-use BLF-monitored line is idle BLF-monitored line is ringing (BLF Pickup) Speed-dial, call log, or directory listing (line status unknown) Line in Do Not Disturb (BLF feature) Idle intercom line One-way intercom call Two-way intercom call Handset in use Headset in use Speakerphone in use Button Icons Video enabled (SCCP only) Feature assigned to button Mobility assigned to button Hold assigned to button Conference assigned to button Transfer assigned to button Phone service URL assigned to button URL entry in a call log is ready to edit (SIP only) Option selected Feature enabled Messages Services Help Directories Settings Volume Speaker Mute Headset ? Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 November 2009 Text Part Number: OL-20896-01THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R) Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 © 2009 Cisco Systems, Inc. All rights reserved.EM-iii Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Preface This reference describes the Cisco IOS XR System Error Messages for the Cisco CRS-1 and Cisco XR 12000 Series Router. The preface for Cisco IOS XR System Error Reference Guide contains the following sections: The preface contains the following sections: • Changes to This Document, page iii • Obtaining Documentation and Submitting a Service Request, page iii Changes to This Document Table 1 lists the technical changes made to this document since it was first printed. Obtaining Documentation and Submitting a Service Request For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0. Ta b l e 1 Changes to This Document Revision Date Change Summary OL-20896-01 October 2009 Initial release of this document.Preface EM-iv Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-1 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 System Error Messages Overview This publication lists and describes Cisco IOS XR system error messages. The system software sends these messages to the console (and, optionally, to a logging server on another system) during operation. Not all system error messages indicate problems with your system. Some are purely informational, and others may help diagnose problems with communications lines, internal hardware, or the system software. This manual also includes messages that appear when the system crashes. Obtaining Technical Assistance When the recommended action of an error message advises that you contact Cisco technical support, open a case with the Cisco Technical Assistance Center (TAC). Please see the section “Contacting TAC by Using the Cisco TAC Website” in the preface of “About Cisco IOS XR Software.” How This Manual Is Organized The individual chapters provide descriptions of system messages related to Cisco IOS XR software. The messages are organized according to the particular system category that produces the messages. The category sections appear in alphabetical order, and within each category section, messages are listed alphabetically by group code. Each message is followed by an explanation and a recommended action. For alphabetizing purposes, lowercase and uppercase letters are treated the same. How to Read System Messages System messages begin with a percent sign (%) and are structured as follows. %CATEGORY-GROUP-SEVERITY-MNEMONIC: Message-text CATEGORY is a code consisting of two or more uppercase letters that indicate the category to which the message refers. Table 1 lists the system category codes for the Cisco CRS-1 Cisco XR 12000 Series Router. GROUP is a code consisting of two or more uppercase letters that indicate the group to which the message refers. A group can be a hardware device, a protocol, or a module of the system software. System Error Messages Overview How to Read System Messages EM-2 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SEVERITY is a single-digit code from 0 to 7 that reflects the severity of the condition. The lower the number, the more serious the situation. Table 2 lists the severity levels. MNEMONIC is a code that uniquely identifies the error message. Message-text is a text string describing the condition. This portion of the message sometimes contains detailed information about the event, including terminal port numbers, network addresses, or addresses that correspond to locations in the system memory address space. Because the information in these variable fields changes from message to message, it is represented here by short strings enclosed in square brackets ([ ]). A decimal number, for example, is represented as [dec]. Table 3 lists the representations of variable fields and the type of information in them. The following is a sample system error message: %ACL-IP_ACL_PARSE-2-ALLOC Unable to allocate memory for [chars] Ta b l e 1 Category Codes Code Description of Category ACL All Access Control List (ACL) related messages. APP_INFRA All Application infrastructure related messages. DIAG All Diagnostic related messages. FABRIC All Fabric (HW and SW both) related messages. FORWARDING All CEF and FIB related messages. HA All High Availability (HA) related messages. INSTALL All Installation related messages. IP All Internet Protocol (IP) related messages. L1 All Layer 1 (L1) related messages. L2 All Layer 2 (L2) related messages, for instance ethernet drivers, PoS, SONET, PLIMS, and so forth. MEDIA All Media related messages, including disk, nvram, flash, and so forth. MGBL All Managament Plane and Managability related messages, for instance, config, cli, sml, pm, and so forth. OS All Operating System (OS) and OS infrastructure related messages. PKT_INFRA All Packet Infrastructure related messages, such as ifmgr, tunnels, bundlemgr, pakman, and so forth. PLATFORM All Platform related commands, for instance, shelf magr, chassis, env ctrl, and so forth. QOS All Quality of Service (QoS) related messages. ROUTING All routing related messages, such as MPLS, OSPF, BGP, Multicast, MRIB, RIB, and so forth. SECURITY All security related messages, such as AAA, IPSec and related protocols, and so forth. SERVICES All service related messages, such as RSPP, and SD. SNMP All Simple Network Management Protocol (SNMP) related messages, such as BGP MIB, CONFIG MIB, SNMP agent. MIB location does not matter. SYSDB All system database related messages.System Error Messages Overview How to Read System Messages EM-3 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Message severity levels correspond to the keywords assigned by the logging console and logging monitor global configuration commands that define where and at what level these messages appear. In general, the default is to log messages from level 0 (emergencies) to level 7 (debugging). However, the default level varies by platform. For more information, see the system configuration chapter and descriptions of the logging console and logging monitor commands in the appropriate Cisco IOS configuration guide and command reference publications. Ta b l e 2 Error Message Severity Levels Level Description 0 – emergency System unusable 1 – alert Immediate action needed 2 – critical Critical condition 3 – error Error condition 4 – warning Warning condition 5 – notification Normal but significant condition 6 – informational Informational message only 7 – debugging Appears during debugging only Ta b l e 3 Representation of Variable Fields in Messages Representation Type of Information [atalk_address] AppleTalk address [atalk_net] AppleTalk network, either 600 or 600-601 [char] Single character [chars] Character string [dec] Decimal number [enet] Ethernet address (for example, 0000.FEED.00C0) [hex] Hexadecimal number [inet] Internet address (for example, 10.0.2.16) [int] Integer [ipv6_addr] IP version 6 (IPv6) address [node] Address or node name [p] Packet [sci_notation] Scientific notation [t-line] Terminal line number in octal (or decimal if the decimal-TTY service is enabled) [v-name] VINES name; or number (hex or decimal)System Error Messages Overview Message Traceback Reports EM-4 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Message Traceback Reports Some messages describe internal errors and contain traceback information. This information is very important and should be included when you report a problem to your technical support representative. The following sample message includes traceback information: -Process= ”Exec”, level= 0, pid= 17 -Traceback= 1A82 1AB4 6378 A072 1054 1860EM-5 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Access Control List (ACL) Messages This section contains all ACL related System Error Messages. APPS_ES_ACLMGR Messages Error Message %ACL-APPS_ES_ACLMGR-7-ERROR [chars] Explanation This is simply a debug message. If any severe errors occur the process will exit and will be restarted by the sysmgr. Recommended Action None ES_ACL Messages Error Message %ACL-ES_ACL-6-ESACCESSLOGV access-list [chars] ([dec]) [chars] [hex] Outer vlan [dec] dei [dec] cos [dec] inner vlan [dec] dei [dec] cos [dec] [chars] - [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. It has both outer and inner vlan. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action NoneAccess Control List (ACL) Messages IP_ACL_PARSE Messages EM-6 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IP_ACL_PARSE Messages Error Message %ACL-IP_ACL_PARSE-7-ERR_MEM_ALLOC Unable to allocate memory for [chars] Explanation Memory allocation failed, probably due to memory depletion. An entry could not be added to the cache, the associated command will be blocked by the parser. Recommended Action None Error Message %ACL-IP_ACL_PARSE-7-ERR_THREAD_MUTEX_LOCK Unable to lock cache mutex. Error: [chars] Explanation A mutex is used to protect the ACL and Prefix List caches. An attempt to lock a mutex failed with the error reported. Recommended Action Abort the configuration operation and restart the parser server. IPV4_ACL_DP Messages Error Message %ACL-IPV4_ACL_DP-4-DUP_NAME ’[chars]’ is already configured as [chars] Explanation The name specified in the message has already been used as the feature also specified. If you are configuring an ACL then the name has already been used as a prefix list. And, if you are configuring a prefix-list then the name has already been used as an access list. Recommended Action Reconfigure the feature with a different name. Error Message %ACL-IPV4_ACL_DP-7-INIT ipv4_acl_dipatch initialization failed at [chars] with error [chars], exiting Explanation ipv4_acl_dispatch initialization failed at the specified step. The error code is also displayed. If this condition occurs, the sysmgr will restart the ipv4_acl_dispatch process. Recommended Action NoneAccess Control List (ACL) Messages IPV4_ACL Messages EM-7 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPV4_ACL Messages Error Message %ACL-IPV4_ACL-6-IPACCESSLOGDP access-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars] ([dec]/[dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-6-IPACCESSLOGDP access-list [chars] ([dec]) [chars] [chars] [chars] [chars]- [chars] ([dec]/[dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-6-IPACCESSLOGNP access-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-6-IPACCESSLOGNP access-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Access Control List (ACL) Messages IPV4_ACL Messages EM-8 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ACL-IPV4_ACL-6-IPACCESSLOGP access-list [chars] ([dec]) [chars] [dec] [chars]([dec]) [chars]- [chars]([dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-6-IPACCESSLOGP access-list [chars] ([dec]) [chars] [chars] [chars]([dec]) [chars]- [chars]([dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-6-IPACCESSLOGRP access-list [chars] ([dec]) [chars] [chars] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-6-IPACCESSLOGRP access-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Access Control List (ACL) Messages IPV4_ACL Messages EM-9 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ACL-IPV4_ACL-6-IPACCESSLOGS access-list [chars] ([dec]) [chars] [chars] [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-6-IPACCESSLOGS access-list [chars] ([dec]) [chars] [chars] [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. These messages are issued whenever access lists are configured with the ’log’ option. Any access list entry that has had hits are logged via this message. These messages are issued either at 5 minute intervals, or whenever the log buffer overflows. Recommended Action None Error Message %ACL-IPV4_ACL-7-INIT IPv4 ACL Manager initialisation failed in function [chars]: [chars] Explanation The ACL manager process encountered the specified error while initializing the specified facility. If this error occurs, the sysmgr process will restart the ACL manager process. Recommended Action None Error Message %ACL-IPV4_ACL-7-IPACCESSPTHREAD failed to [chars] ACL mutex, error [[dec]]: [chars] Explanation The mutex used to protect access to the ACL data structure could not be locked or unlocked. The error message will include details of the particular failure. Because the mutex could not be used the process was restarted to recover from the failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Access Control List (ACL) Messages IPV6_ACL_DAEMON Messages EM-10 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ACL-IPV4_ACL-7-IPACCESSPTHREAD failed to [chars] ACL mutex, error [[dec]]: [chars] Explanation The mutex used to protect access to the ACL data structure could not be locked or unlocked. The error message will include details of the particular failure. Because the mutex could not be used the process was restarted to recover from the failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV6_ACL_DAEMON Messages Error Message %ACL-IPV6_ACL_DAEMON-7-INIT Failed to initialize [chars], because of [chars] Explanation Initialization failed. Both the initialization type and the error code are displayed. The sysmgr process will restart the IPv6 daemon if this condition happens. Recommended Action None IPV6_ACL_LTRACE Messages Error Message %ACL-IPV6_ACL_LTRACE-3-INIT ltrace_init failed for ’[chars]’: [chars] Explanation ltrace_initialization_failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV6_ACL Messages Error Message %ACL-IPV6_ACL-1-IPACCESSDLLOPEN failed to open dll: [chars] Explanation The specified DLL could not be found. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Access Control List (ACL) Messages IPV6_ACL Messages EM-11 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ACL-IPV6_ACL-1-IPACCESSDLLOPEN failed to open dll: [chars] Explanation The specified DLL could not be found. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ACL-IPV6_ACL-1-IPACCESSDLSYM dlsym lookup for ipv6_acl_api_functions failed for dll: [chars] Explanation dlsym failed for symbol ipv6_acl_api_functions for the specified dll. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ACL-IPV6_ACL-1-IPACCESSDLSYM dlsym lookup for ipv6_acl_api_functions failed for dll: [chars] Explanation dlsym failed for symbol ipv6_acl_api_functions for the specified dll. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ACL-IPV6_ACL-1-IPACCESSNOMEM insufficient memory for dll: [chars] Explanation there is not sufficient memory available to load the specified dll. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ACL-IPV6_ACL-1-IPACCESSNOMEM insufficient memory for dll: [chars] Explanation there is not sufficient memory available to load the specified dll. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Access Control List (ACL) Messages IPV6_ACL Messages EM-12 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ACL-IPV6_ACL-3-IPACCESSPTHREAD failed to [chars] ACL mutex, error [[dec]]: [chars] Explanation The mutex used to protect access to the ACL data structure could not be locked or unlocked. The error message will include details of the particular failure. Because the mutex could not be used the process was restarted to recover from the failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ACL-IPV6_ACL-3-IPACCESSPTHREAD failed to [chars] ACL mutex, error [[dec]]: [chars] Explanation The mutex used to protect access to the ACL data structure could not be locked or unlocked. The error message will include details of the particular failure. Because the mutex could not be used the process was restarted to recover from the failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGDP access-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars] ([dec]/[dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGDP access-list [chars] ([dec]) [chars] [chars] [chars] [chars]- [chars] ([dec]/[dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGNP access-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. Access Control List (ACL) Messages IPV6_ACL Messages EM-13 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ACL-IPV6_ACL-6-IPACCESSLOGNP access-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGP access-list [chars] ([dec]) [chars] [chars] [chars]([dec]) [chars]- [chars]([dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGP access-list [chars] ([dec]) [chars] [dec] [chars]([dec]) [chars]- [chars]([dec]), [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGRP accesss-list [chars] ([dec]) [chars] [dec] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was etected. Recommended Action No action is required. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGRP accesss-list [chars] ([dec]) [chars] [chars] [chars] [chars]- [chars], [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was etected. Recommended Action No action is required. Error Message %ACL-IPV6_ACL-6-IPACCESSLOGS access-list [chars] ([dec]) [chars] [chars] [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. Access Control List (ACL) Messages LI Messages EM-14 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ACL-IPV6_ACL-6-IPACCESSLOGS access-list [chars] ([dec]) [chars] [chars] [dec] packet[chars] Explanation A packet matching the log criteria for the given access list was detected. Recommended Action No action is required. LI Messages Error Message %ACL-LI-3-ERROR [chars]: [chars]: ([dec])[chars] Explanation The LI Netio thread encountered the specified error while initializing the specified facility. If this error occurs, the LawfulIntercept thread will exit. Recommended Action None PFILTER_NETIO_LTRACE Messages Error Message %ACL-PFILTER_NETIO_LTRACE-7-INIT ltrace_init failed for ’[chars]’: [chars] Explanation Initialization failed. Both the initialization type and the error code are displayed. The sysmgr process will restart the ipv4_aclmgr if this condition happens. Recommended Action NoneEM-15 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Application Infrastructure Messages This section contains all application infrastructure related System Error Messages, such as policy manager, PLMGR_BAG_OPS Messages Error Message %PLMGR_UIBAG_OPS-PLMGR_BAG_OPS-3-NOMEM Unable to allocate [unsigned int] bytes. Explanation The node which logged this message is running low on memory and the requested operation could not be completed. Recommended Action Either reduce the configuration applied on this node or increase it memory. Error Message %PLMGR_UIBAG_OPS-PLMGR_BAG_OPS-4-DEBUG Failed to [chars] debug [chars]:’[chars]’ Explanation The policy manager bag ops library debug(s) could not be initialized. The is a non-fatal error and should not affect the normal functioning of the system. The only effect of this error will be that the policy manager ui library debugs may not show up . Recommended Action None. PLMGR_OBJ_LIB Messages Error Message %PLMGR_OBJ_LIB-PLMGR_OBJ_LIB-3-NAME_DLLINIT Failed to [chars]:’[chars]’ Explanation The policy manager obj name library could not be initialized. This is an error and should affect the function of using AAA downloaded policies. Recommended Action Restart the process using the DLL. Application Infrastructure Messages PLMGR_UI Messages EM-16 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLMGR_OBJ_LIB-PLMGR_OBJ_LIB-4-DEBUG Failed to [chars] debug [chars]:’[chars]’ Explanation The policy manager ui library debug(s) could not be initialized. The is a non-fatal error and should not affect the normal functioning of the system. The only effect of this error will be that the policy manager ui library debugs may not show up . Recommended Action None. PLMGR_UI Messages Error Message %APP_INFRA-PLMGR_UI-3-CLI_ERR [chars] Explanation An unexpected error occurred while parsing the policy manager configuration command. Please try the suggested action in the error message, if any. Recommended Action If the action suggested in the error message does not help, try exiting and re-entering the config mode. If this doesn’t help either try restarting parser_server. Error Message %APP_INFRA-PLMGR_UI-3-NOMEM Unable to allocate [dec] bytes. Explanation The node which logged this message is running low on memory and the requested operation could not be completed. Recommended Action Either reduce the configuration applied on this node or increase it memory. Error Message %APP_INFRA-PLMGR_UI-3-PTHREAD [chars] failed. Parsing of class-map/policy-map configuration may not work as expected. Error: ’[chars]’ Explanation The policymgr ui library encountered an error in a pthread operation. This may be critical for proper parsing of class-map or policy-map configuration. Recommended Action Try exiting and re-entering the config mode. If this doesn’t help try restarting parser_server. Error Message %APP_INFRA-PLMGR_UI-4-DEBUG Failed to [chars] debug [chars]:’[chars]’ Explanation The policy manager ui library debug(s) could not be initialized. The is a non-fatal error and should not affect the normal functioning of the system. The only effect of this error will be that the policy manager ui library debugs may not show up . Recommended Action None. Application Infrastructure Messages POLICYMGR Messages EM-17 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %APP_INFRA-PLMGR_UI-4-INVAL_DATA [chars] [dec] Explanation The policymgr ui library received invalid data from the user interface. Ideally this should never happen and would be caused only by a bug in the code. Recommended Action Try exiting and re-entering the config mode. If this doesn’t help try restarting parser_server. Error Message %APP_INFRA-PLMGR_UI-4-LTRACE Failed to [chars] ltrace [chars]:’[chars]’ Explanation The policymgr ui library ltrace infrastructure encountered an error during initialization or displaying ltrace messages, as indicated in the syslog. This should not affect the normal functioning of the system. Recommended Action None. POLICYMGR Messages Error Message %APP_INFRA-POLICYMGR-3-APP_NAME_FAILURE [chars] : [unsigned int] Explanation Error occured in trying to lookup name for an application type. Recommended Action None. Error Message %APP_INFRA-POLICYMGR-3-STATE_CHANGE [chars]: [chars] Explanation A fata error occured in policymgr that caused a partial or total dis-function of policymgr Recommended Action Try restarting policymgr. Error Message %APP_INFRA-POLICYMGR-7-INIT Policy manager initialization failed in [chars]: [chars] Explanation The policy manager process encountered the specified error while initializing the specified facility. If this error occurs, the sysmgr process will restart the policy manager process. Recommended Action None Recommended ActionApplication Infrastructure Messages POLICYMGR Messages EM-18 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-19 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Diagnostic Messages This section contains all Diagnostics related System Error Messages. DIAG Messages Error Message %DIAG-DIAG-3-ALWAYS_ENABLE_TEST [chars]: The users are not allow to disable monitoring for Test #[dec] Explanation The specified health monitoring test must be run and cannot be disabled. Recommended Action Nothing. The specific health monitoring test cannot be disabled by design. The system is working properly. Error Message %DIAG-DIAG-3-CARD_ABSENT [chars] is not detected Explanation A line card could not be located in a slot where a diagnostic action was requested. Recommended Action Ensure the targeted line card is properly seated in the specified slot. If the line card is properly seated, ensure the correct slot was indicated in the command-line interface. If the line card is well-seated and the correct slot was specified, copy the error message exactly as it appears on the screen as well as the output of show tech-support and paste the output into a separate file. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-CERR_REGISTER Unable to register GOLD-XR error messages: [chars] Explanation The GOLD-XR error number/messages table could not be registered with the cerrno system. Error translations will not be available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Diagnostic Messages DIAG Messages EM-20 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-3-CREATE_PROCESS_FAIL Create process [chars] failed Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-DIAG_RUNNING [chars]: Diagnostic is currently running Explanation A diagnostic test is currently being run on the specified card and additional tests cannot be run until the previously requested tests have been completed. Recommended Action The system is working properly and no user action is required. If you want to run the specified diagnostic test, either wait for the current diagnostic test to finish and then run the test, or stop the current test and run the new test. Error Message %DIAG-DIAG-3-ENQUEUE_FAIL [chars]: process_enqueue() failed Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-FIXED_INTERVAL_TEST [chars]: The users are not allow to change monitoring interval of Test #[dec] Explanation The specified health monitoring test interval is not user-configurable and therefore cannot be changed. Recommended Action Nothing. The specific health monitoring interval is not user-configurable by design so nothing can be done to change the interval. Error Message %DIAG-DIAG-3-GET_ARGU_FAIL Get argument failed Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Diagnostic Messages DIAG Messages EM-21 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-3-GOLDXR_ERROR [chars] Explanation An error occurred, likely due to an invalid argument was entered. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-INVALID_DEVICE Invalid device number : [chars] Explanation A diagnostic request is being made on a device that does not exist. Recommended Action Ensure that the specified device number (1-based) exists and is valid Error Message %DIAG-DIAG-3-INVALID_MONITORING_INTERVAL [chars]: The [chars][ID equals [dec]] monitoring interval must be at least [dec] millisec Explanation The specified test monitoring interval is too small. Recommended Action The system is working properly and no user action is required. If you want to specify a smaller testing interval, the error message text provides the lowest possible configurable interval for the specified monitoring interval. Error Message %DIAG-DIAG-3-INVALID_PORT Invalid port number : [chars] Explanation A diagnostic request is being made on a port that does not exist. Recommended Action Ensure the specified port number exists and that the correct port number is being specified. Error Message %DIAG-DIAG-3-INVALID_TEST Invalid test IDs : [chars] Explanation A test ID for diagnostics that does not exist was requested. Recommended Action Ensure the specified test ID number is supported by the line card. The list of available tests and their associated test IDs can be retrieved using show diagnostic content. Diagnostic Messages DIAG Messages EM-22 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-3-MAJOR [chars]: [chars] detected a Major Error. Please use ’show diagnostic result location node’ to see test results. Explanation A major error was detected during diagnostic testing. Recommended Action Re-seat the card and retry the test. If the same result occurs after reseating the card and retrying the test, copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-MINOR [chars]: [chars] detected a Minor Error. Please use ’show diagnostic result location node’ to see test results. Explanation A minor error was detected during diagnostic testing. Recommended Action Re-seat the card and retry the test. If the same result occurs after reseating the card and retrying the test, copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-MONITOR_DISABLE [chars]: The monitoring test:[dec] is disable since default interval is Zero Explanation The specified test is no longer a health monitoring test because health monitoring has been disabled. Recommended Action The system is working properly and no user action is required. If you want the requested test to be a health monitoring test, enable health monitoring and ensure your test is enabled as a health monitoring test. Error Message %DIAG-DIAG-3-MONITOR_INTERVAL_ZERO [chars]: Monitoring interval is 0. Cannot enable monitoring for Test #[dec] Explanation Health Monitoring cannot be enabled for the specified test because the interval for the test has been set to 0. Recommended Action If you want the scheduling tests to be removed, nothing. If you want the scheduled tests to still be run, reconfigure the scheduled tests. Error Message %DIAG-DIAG-3-NO_DIAG_RUNNING [chars]: Diagnostic is not running Explanation An attempt to stop a diagnostic test that was not running was made. Recommended Action None. This is an informational message. Diagnostic Messages DIAG Messages EM-23 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-3-NOT_MONITORING_TEST [chars]: The test:[dec] cannot be used as health monitoring test Explanation The specified test number cannot be used as a health monitoring test. Recommended Action Nothing. The system is working properly and the specified test cannot be configured as a health monitoring test. Error Message %DIAG-DIAG-3-SET_ARGU_FAIL Set argument failed Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-SW_ERROR [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-TEST_FAIL [chars]: [chars]{ID equals [dec]} has failed. Error code equals [hex] ([chars]) Explanation A diagnostic test has found an error on the line card. Recommended Action Ensure the line card is firmly in the slot, reseat if necessary, and attempt to run the test again if the line card is not seated properly in the slot. If the line card was properly seated in the slot, copy the error message exactly as it appears on the console, gather the output of show tech-support, and contact your Cisco technical support representative with the gathered information. Error Message %DIAG-DIAG-3-TEST_NOT_SUPPORT [chars]: [chars]{ID equals [dec]} is not supported Explanation The diagnostic test is not supported on current chassis configuration. Recommended Action Nothing. The test cannot be run but this message does not indicate a problem with the system. Diagnostic Messages DIAG Messages EM-24 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-3-TEST_SKIPPED [chars]: [chars]{ID equals [dec]} is skipped Explanation The specified diagnostic test cannot be run. Recommended Action Nothing. Although the test cannot be run, this message does not indicate a problem. Error Message %DIAG-DIAG-3-TIMER_FAIL [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-3-UNKNOWN_OPCODE [chars]: Unknown opcode ([dec]) is received Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather the output of show tech-support and any other relevant information. Contact your technical support representative with the gathered information. Error Message %DIAG-DIAG-6-BYPASS [chars]: Diagnostics is bypassed Explanation This is an informational message stating that diagnostics testing was not performed on the card because diagnostic testing was disabled in the user configuration. Recommended Action This behavior is consistent with the user configuration and no action needs to be taken. If you want to run bootup diagnostics, enable bootup diagnostics by using the diagnostic bootup command. Error Message %DIAG-DIAG-6-DIAG_OK [chars]: Passed [chars] Explanation The diagnostic tests did not detect any error on the card. Recommended Action Nothing. This is an informational message stating that the line card passed the diagnostic tests. Diagnostic Messages DIAG Messages EM-25 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-6-DIAG_STOPPED [chars]: Diagnostic is stopped. Explanation Diagnostic test has stopped. Recommended Action Nothing. This is an informational message stating that diagnostic testing has been stopped. If you want the test to run to completion, rerun the test. Error Message %DIAG-DIAG-6-GOLDXR_GENERAL [chars] Explanation GOLD-XR general information. Recommended Action None. Error Message %DIAG-DIAG-6-NO_TEST [chars]: No test to run Explanation The diagnostic test cannot find tests to run. Recommended Action In some cases on some platforms, a Field Diagnostic image needs to be loaded onto the line card if you want to run the test. If applicable, download a Field Diagnostic image onto the line card. In other cases, the test is simply not available. This message is an informational and does not require user action. Error Message %DIAG-DIAG-6-RUN_COMPLETE [chars]: Running Complete Diagnostics... Explanation Complete Diagnostic is running on the card Recommended Action Nothing. This is an informational message and the system is working properly. Error Message %DIAG-DIAG-6-RUN_MINIMUM [chars]: Running Minimum Diagnostics... Explanation Minimum Diagnostic is running on the card Recommended Action Nothing. This is an informational message and the system is working properly. Error Message %DIAG-DIAG-6-SCHED_COMPLETE [chars]: Scheduled Online Diagnostic is completed Explanation The scheduled Diagnostic test is complete. Recommended Action Check the results and proceed accordingly. This is an information message only to indicate that Diagnostic testing is complete. The router is working properly and no action is needed based on this message. Diagnostic Messages DIAG Messages EM-26 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-6-SCHED_RUNNING [chars]: Performing Scheduled Online Diagnostic... Explanation The scheduled diagnostic test is running. Recommended Action Nothing. The diagnostic test is being run as configured and the system is working properly. Error Message %DIAG-DIAG-6-SCHED_STOPPED [chars]: Scheduled Online Diagnostic is stopped Explanation The scheduled Diagnostic test has been stopped. Recommended Action If you do not want the test to run, nothing. If you want the test to run, schedule the test or run the test manually. Error Message %DIAG-DIAG-6-SCHEDULE_IS_REMOVED [chars]: Schedule Diagnostic for [[chars] [chars] [dec]:[dec].] is removed Explanation The scheduled online diagnostic tests are no longer configured. This message usually appears after a scheduled test is removed by the user or a card is removed from the chassis. Recommended Action If you want the scheduling tests to be removed, nothing. If you want the scheduled tests to still be run, reconfigure the scheduled tests. Error Message %DIAG-DIAG-6-SKIP_ONDEMAND_ACTIVE_TO_STANDBY_TEST [chars]: [chars] cannot be executed. Explanation The specified test can only be run from the active supervisor to test standby supervisor. Recommended Action Nothing. The test cannot be run but the system is working properly. Error Message %DIAG-DIAG-6-SKIP_ONDEMAND_STANDBY_CARD_TEST [chars]: [chars] cannot be executed. Explanation The specified test can only be run on a standby supervisor from the standby supervisor. Recommended Action Nothing. The test cannot be run but the system is working properly. Diagnostic Messages HFRDIAG Messages EM-27 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-DIAG-6-TEST_OK [chars]: [chars]{ID equals [dec]} has completed successfully Explanation Diagnostic testing was completed and no errors were found on the line card. Recommended Action This is an informational message indicating that Field Diagnostic ’ testing has completed successfully. The system is working properly and ’ no action is required based on this error message. Error Message %DIAG-DIAG-6-TEST_RUNNING [chars]: Running [chars]{ID equals [dec]} ... Explanation Diagnostic testing is running a test on the card Recommended Action Nothing. This is an informational message and the system should be working properly. Error Message %DIAG-DIAG-6-TEST_SKIPPED_FROM_ACTIVE [chars]: [chars] cannot be executed from active node. Explanation The specified test cannot be run from active node. Recommended Action Nothing. The test cannot be run but the system is working properly. Error Message %DIAG-DIAG-6-TEST_SKIPPED_FROM_STANDBY [chars]: [chars] cannot be executed from standby node. Explanation The specified test cannot be run from standby node. Recommended Action Nothing. The test cannot be run but the system is working properly. HFRDIAG Messages Error Message %DIAG-HFRDIAG-3-ERROR [chars] Explanation The diagnostic test has detected an error. Recommended Action Repair or replace the failing unit under test (UUT). Diagnostic Messages PFDIAGBASE Messages EM-28 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-HFRDIAG-6-INFO [chars] Explanation Informational diagnostics message. Recommended Action Nothing. Reporting normal progress of diagnostics. PFDIAGBASE Messages Error Message %DIAG-PFDIAGBASE-3-INIT_ERROR [chars] ([hex] - [chars]) Explanation An error occurred during initialization. Recommended Action Normally this message type indicates a transient error, and even though it will cause the process to be terminated, the problem will usually be remedied once the emitting process is restarted. If the error keeps occuring frequently then copy the error message exactly as it appears on the screen and gather any relevant information about the circumstances. Contact your technical support representative with the gathered information. Error Message %DIAG-PFDIAGBASE-3-INIT_ERROR [chars] ([hex] - [chars]) Explanation An error occurred during initialization. Recommended Action Normally this message type indicates a transient error, and even though it will cause the process to be terminated, the problem will usually be remedied once the emitting process is restarted. If the error keeps occuring frequently then copy the error message exactly as it appears on the screen and gather any relevant information about the circumstances. Contact your technical support representative with the gathered information. Error Message %DIAG-PFDIAGBASE-3-INIT_ERROR [chars] ([hex] - [chars]) Explanation An error occurred during initialization. Recommended Action Normally this message type indicates a transient error, and even though it will cause the process to be terminated, the problem will usually be remedied once the emitting process is restarted. If the error keeps occuring frequently then copy the error message exactly as it appears on the screen and gather any relevant information about the circumstances. Contact your technical support representative with the gathered information. Diagnostic Messages PFDIAGBASE Messages EM-29 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-PFDIAGBASE-3-SW_ERROR [chars] ([hex] - [chars]) Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather any relevant information about the circumstances. Contact your technical support representative with the gathered information. Error Message %DIAG-PFDIAGBASE-3-SW_ERROR [chars] ([hex] - [chars]) Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather any relevant information about the circumstances. Contact your technical support representative with the gathered information. Error Message %DIAG-PFDIAGBASE-3-SW_ERROR [chars] ([hex] - [chars]) Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the screen and gather any relevant information about the circumstances. Contact your technical support representative with the gathered information. Error Message %DIAG-PFDIAGBASE-4-WARNING [chars] ([hex] - [chars]) Explanation Software detected an unexpected error or condition, which is not fatal to the features performance, but which may have affected a test result or similar. Recommended Action Take note of the message, to see if it may explain a later test failure or similar. Error Message %DIAG-PFDIAGBASE-4-WARNING [chars] ([hex] - [chars]) Explanation Software detected an unexpected error or condition, which is not fatal to the features performance, but which may have affected a test result or similar. Recommended Action Take note of the message, to see if it may explain a later test failure or similar. Diagnostic Messages XR_DIAG Messages EM-30 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %DIAG-PFDIAGBASE-4-WARNING [chars] ([hex] - [chars]) Explanation Software detected an unexpected error or condition, which is not fatal to the features performance, but which may have affected a test result or similar. Recommended Action Take note of the message, to see if it may explain a later test failure or similar. XR_DIAG Messages Error Message %DIAG-XR_DIAG-2-ERR_PLANE_FAILURE_NOTIFY Plane [dec] is detected to be at fault. Unable to notify fabric process to shut down the plane. Explanation The diagnostic test has detected an error on a fabric plane but failed to notify the fabric management process to take the plane out of service. Recommended Action 1) Get the output from the following commands: ’sh control fabric trace fsdb-server fsdb-all location dsc node’’ sh diagnostic result location node that printed out this msg detail sh diagnostic trace error location all sh diagnostic trace message location all 2) shut down the identified faulty plane in admin configuration: controller fabric plane shutdown Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %DIAG-XR_DIAG-3-ERROR [chars] Explanation The diagnostic test has detected an error. Recommended Action Repair or replace the failing unit under test (UUT). Error Message %DIAG-XR_DIAG-6-INFO [chars] Explanation Informational diagnostics message. Recommended Action Nothing. Reporting normal progress of diagnostics.EM-31 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Fabric Messages This section contains all Fabric (hardware and software both) related System Error Messages. FAB_SVR Messages Error Message %FABRIC-FAB_SVR-7-ERR_ASIC_INIT Failed to initialize the the CPU control ASIC interface to [chars]: [chars]. Exiting... Explanation Fabric server encountered an error while initializing the CPU control ASIC to either receive packets from the fabricq ASIC or transmit packets from the ingressq ASIC. This is crucial for the process and is automatically restarted on this failure. Recommended Action If problem either persists (following a process restart) then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FAB_SVR-7-ERR_ASIC_INIT Failed to initialize the the CPU control ASIC interface to [chars]: [chars]. Exiting... Explanation Fabric server encountered an error while initializing the CPU control ASIC to either receive packets from the fabricq ASIC or transmit packets from the ingressq ASIC. This is crucial for the process and is automatically restarted on this failure. Recommended Action If problem either persists (following a process restart) then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FAB_SVR Messages EM-32 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_CREATE Failed to create event connection to EVM, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to create a connection to event manager to manage the posix message queue. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_CREATE Failed to create event connection to EVM, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to create a connection to event manager to manage the posix message queue. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_EVM_HANDLER Failed to register event handler, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to register event handler for the posix message queue. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_EVM_HANDLER Failed to register event handler, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to register event handler for the posix message queue. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Fabric Messages FAB_SVR Messages EM-33 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_NOTIFY Failed to register handler for disconnection with EVM, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to register event handler for disconnection or connection error event. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_NOTIFY Failed to register handler for disconnection with EVM, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to register event handler for disconnection or connection error event. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_OPEN Failed to open connection with EVM, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to open connection with event manager. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_OPEN Failed to open connection with EVM, Reason: [chars]([dec]). Exiting... Explanation Fabric server encountered an error while trying to open connection with event manager. This facility is deemed crucial and the process automatically restarts on this failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Fabric Messages FAB_SVR Messages EM-34 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FAB_SVR-7-ERR_EVM_CREATE Failed to create the event manager. Reason: [chars]. Exiting... Explanation Fabric server encountered an error while attempting to create an event manager. This failures affects the ability of the process to service various messages / pulses from other threads / processes. This facility is deemed crucial and the process automatically restarts on this failure. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_EVM_CREATE Failed to create the event manager. Reason: [chars]. Exiting... Explanation Fabric server encountered an error while attempting to create an event manager. This failures affects the ability of the process to service various messages / pulses from other threads / processes. This facility is deemed crucial and the process automatically restarts on this failure. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_INIT [chars] during the initialization. Reason: [chars]. Exiting... Explanation Fabric server encountered the specified error during the initialization sequence. This facility is deemed crucial and hence the process is automatically restarted on this failure. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Fabric Messages FAB_SVR Messages EM-35 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FAB_SVR-7-ERR_INIT [chars] during the initialization. Reason: [chars]. Exiting... Explanation Fabric server encountered the specified error during the initialization sequence. This facility is deemed crucial and hence the process is automatically restarted on this failure. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %FABRIC-FAB_SVR-7-ERR_THREAD_ATTRIBUTE Failed to set the thread attribute: [chars]. Exiting... Explanation Fabric server encountered an error while setting the thread attribute during the process initialization sequence. This is crucial for the process and is automatically restarted on this failure. Recommended Action If the problem is experienced only by this process in the system, restart the fabric server process by executing the following command at the CLI of the active RP: process restart fab_svr location loc If problem either persists (following a process restart) or also noticed on other processes then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FAB_SVR-7-ERR_THREAD_ATTRIBUTE Failed to set the thread attribute: [chars]. Exiting... Explanation Fabric server encountered an error while setting the thread attribute during the process initialization sequence. This is crucial for the process and is automatically restarted on this failure. Recommended Action If the problem is experienced only by this process in the system, restart the fabric server process by executing the following command at the CLI of the active RP: process restart fab_svr location loc If problem either persists (following a process restart) or also noticed on other processes then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABQ Messages EM-36 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FAB_SVR-7-ERR_THREAD_MUTEX_INIT Failed to initialize a mutex for client with ID [dec]: [chars]. Exiting... Explanation Fabric server encountered an error while creating a mutex for use by a client with the specified ID. This is crucial for the process and is automatically restarted on this failure. Recommended Action If the problem is experienced only by this process in the system, restart the fabric server process by executing the following command at the CLI of the active RP: process restart fab_svr location loc If problem either persists (following a process restart) or also noticed on other processes then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FAB_SVR-7-ERR_THREAD_MUTEX_INIT Failed to initialize a mutex for client with ID [dec]: [chars]. Exiting... Explanation Fabric server encountered an error while creating a mutex for use by a client with the specified ID. This is crucial for the process and is automatically restarted on this failure. Recommended Action If the problem is experienced only by this process in the system, restart the fabric server process by executing the following command at the CLI of the active RP: process restart fab_svr location loc If problem either persists (following a process restart) or also noticed on other processes then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FABQ Messages Error Message %FABRIC-FABQ-0-PRP3_FAULT_RECOVERY_ERR The fault recovery procedure for the ToFab component of the fabric driver has failed. The root fault was: [chars] Explanation When a hardware fault occurs and the device driver cannot correct it, the Platform Manager is required to reset the ASICs. This error indicates that the Platform Manager failed to reset the ASICs and the hardware on the PRP may not be in an operational state. This condition affects the functionality of the entire router. %s is the Interrupt Source. Recommended Action If the system has not failed over automatically and a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0 ’ where x is the slot of route processor that generated the error. If no redundant RP is configured you will need to reboot the router by issuing the reload command. Call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABQ Messages EM-37 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABQ-2-PRP3_DRVR_INIT_ERROR Process initialization failed: ([chars]%s) Explanation PRP fabric queue process failed to initialize. The fabric driver process handles fabric connectivity. It initializes the packet FPGA and coordinates with that fabric DLLs that allow applications to send and recieve packets via the fabric. An unrecoverable failure of the process may prevent this route processor from communicating with other cards in the chassis. %s - indicates the reason for the failure. %s - is the error reason. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-2-PRP3_PKT_INIT_ERROR Packet carving failed to initialize: ([chars]%s) Explanation Initial carving of a packet particle pool failed. Platform specific memory region, packet header and particle pool configuration information are required by the generic packet manager process (PAKMAN) to operate. A failure in packet carving initialization may prevent this route processor from communicating with other cards in the chassis. %s - indicates the reason for the failure. %s - is the error reason. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-FATAL FABQ: fatal error encountered, reason equals [chars] Explanation Fabric Queue Driver encountered a fatal error and is not able recover from the error. A reason text will be supplied. Call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABQ Messages EM-38 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABQ-3-INIT_ERROR Process initialization failed: ([chars]%s) Explanation PRP fabric queue process failed to initialize. The fabric queue process handles fabric connectivity. It initializes and starts up the threads in ToFab and FrFab components. An unrecoverable failure of the process may prevent this route processor from communicating with other cards in the chassis. %s - indicates the reason for the failure. %s - is the error reason. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PKT_INIT_ERROR Packet carving failed to initialize: ([chars]%s) Explanation Initial carving of a packet particle pool failed. Platform specific memory region, packet header and particle pool configuration information are required by the generic packet manager process (PAKMAN) to operate. A failure in packet carving initialization may prevent this route processor from communicating with other cards in the chassis. %s - indicates the reason for the failure. %s - is the error reason. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PKT_INIT_FAIL PKT_INIT: [chars] failed, rc equals [dec], reason:[chars] Explanation Packet carving function has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABQ Messages EM-39 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABQ-3-PKT_INIT_POOL PKT_INIT: particle_multi_pool_define failed ([chars]), rc equals [dec], reason:[chars] Explanation Initial carving of a packet particle pool has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_FABMSG Fabric messaging infrastructure error: ([chars]%s) Explanation PRP fabric messaging infrastructure failed. The fabric driver process handles fabric connectivity. It initializes the packet FPGA and coordinates with that fabric DLLs that allow applications to send and recieve packets via the fabric. An unrecoverable failure of the process may prevent this route processor from communicating with other cards in the chassis. %s - indicates the reason for the failure. %s - is the error reason. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_FRFAB_PKT_NO_STREAM Client([dec]) Port([dec]) From Fabric Packet from slot [dec] has invalid Stream ID([dec]) Explanation The packet received from the fabric begins with a header with Stream ID not initialized. The issue can happen due to hardware issue or the sender of the packet encoded invalid information in the packet header. %d - Client ID. Every process that uses the fabric API has an unique Client ID. %d - Port number (0 to 15) %d - Sender’s slot number (0 to 15) %d - Stream ID encoded in the packet’s header Recommended Action If the error recurs very frequently call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABQ Messages EM-40 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABQ-3-PRP3_FRFAB_PKT_STARTOFFSET Client([dec]) Port([dec]) From Fabric Packet from slot [dec] has invalid Start Offset([dec]) Explanation The packet received from the fabric begins with a header with Start Offset less than the required. This suggests the packet is corrupted. The issue can happen due to hardware issue or the sender of the packet encoded invalid information in the packet header. %d - Client ID. Every process that uses the fabric API has an unique Client ID. %d - Port number (0 to 15) %d - Sender’s slot number (0 to 15) %d - Start Offset encoded in the packet’s header Recommended Action If the error recurs very frequently call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_FRFAB_TAIL_PAR_ERR Client([dec]) Port([dec]) Fabric FPGA detects parity error from a packet received from the fabric Explanation The Hummer detects a parity error on a packet received from the fabric. This is likely due to a hardware issue, or software misconfigured the hardware. %d - Client ID. Every process that uses the fabric API has an unique Client ID. %d - Port number (0 to 15) Recommended Action The prp3_fabric_driver process should be able to detect the error and decide to reset fabric FPGA if necessary. If the error is persistent, and router traffic is affected, and if the system has not failed over automatically and a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0 ’ where x is the slot of route processor that generated the error. If no redundant RP is configured you will need to reboot the router by issuing the reload command. Call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_HW_IRQ_ERR Port([dec]) Interrupt([dec]) - [chars]: [chars] Explanation An error is detected when the software is trying to service an interrupt from the Hummer FPGA. Hummer is the fabric packet processing FPGA on the route processor. There are 16 bidirectional ports for 16 different traffic streams. A Hummer port needs to be enabled in the hardware level in order to function. A failure in servicing the Hummer interrupt may prevent this route processor from communicating with other cards in the chassis. %d - indicates the port number (0 to 15) %d - interrupt number that identifies the type %s - a decription of the interrupt event failure %s - is the error reason Recommended Action Try restarting the process where the error message was found. Otherwise, try the following: If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support Fabric Messages FABQ Messages EM-41 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_IRQ_ERR Fabric FPGA Error Interrupt: [chars] Explanation An error is detected when the software is trying to service an interrupt from the Hummer fabric FPGA. Hummer is the fabric packet processing FPGA on the route processor. There are 16 bidirectional ports for 16 different traffic streams. A Hummer port needs to be enabled in the hardware level in order to function. An error status interrupt may indicate a hardware condition that may prevent this route processor from communicating with other cards in the chassis. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_PORT_DISABLE_ERR Cannot disable port([dec]): [chars] Explanation Failed to disable Hummer port. Hummer is the fabric packet processing FPGA on the route processor. There are 16 bidirectional ports for 16 different traffic streams. A Hummer port needs to be enabled in the hardware level in order to function. A failure in disabling the Hummer port may prevent this route processor from communicating with other cards in the chassis. It points to a HW issue or a serious software defects. %d - indicates the port number (0 to 15) %s - is the error reason. Recommended Action Try restarting the process where the error message was found. Otherwise, try the following: If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABQ Messages EM-42 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABQ-3-PRP3_PORT_ENABLE_ERR Cannot enable port([dec]): [chars] Explanation Failed to enable Hummer port. Hummer is the fabric packet processing FPGA on the route processor. There are 16 bidirectional ports for 16 different traffic streams. A Hummer port needs to be enabled in the hardware level in order to function. A failure in enabling the Hummer port may prevent this route processor from communicating with other cards in the chassis. %d - indicates the port number (0 to 15) %s - is the error reason. Recommended Action Try restarting the process where the error message was found. Otherwise, try the following: If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_REUSE_NO_BUFFER Client([dec]) Port([dec]) Packet passed to client cannot be reused since there is no buffer Explanation The packet processing code formats packets from the fabric and passes them to the clients. When the client finished with the packet, the packet processing code cannot reuse the packet buffer because none is found associated with the packet. The issue can happen due to a software issue with the client. %d - Client ID. Every process that uses the fabric API has an unique Client ID. %d - Port number (0 to 15) Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_SHM shared memory failed during [chars]: [chars] Explanation An internal software error occurred that prevented the fabric interface from working properly with shared memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_TOFAB_CREDIT_CNT_EXCEEDED RP To Fabric Credit Count([dec]) for destination slot [dec] is greater than the limit. Port([dec]) Explanation PRP3 fabric hardware requires software to track To Fabric hardware resources for each chassis slot. During the update of this shared per slot information, software detected the resources for this slot exceeded that actual maximum available. This is likely the side affect of a packet Fabric Messages FABQ Messages EM-43 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 resource management event in the fabric driver DLL. %d To Fabric count that exceeds maximum %d The slot associated with the error %d The fabric application port that detected the error (but not necessarily the port that caused the error. Recommended Action The error is likely a software bug in tofab packet error or process restart handling. Copy the error message exactly as it appears and report it to your Cisco technical representative together with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_TOFAB_QUEUE_BLOCKED RP To Fabric Queue slot:[dec] is blocked, report fault to sysldr Explanation The PRP3 to fabric queue of the particular priority and slot is blocked. This means packets that go that slot of that priority will fail. In addition, at least one of the multicast queues (high or low priority) is blocked as well. This likely means the particular slot is failing to accept packets and will cause backpressure on the PRP to fabric queue. Because of hardware design, if a multicast packet includes the one faulty slot then it will be stuck in the tofab multicast queue, and subsequent multicast packets will be stuck even if they do not include the faulty slot in their slotmask. Having the unicast queue blocked is somewhat allowable, but having the multicast queue blocked is not acceptable. This error message is raised when both unicast and multicast are blocked. In order to alleviate this problem, the fault is sent to sysldr, for sylsdr to decide to reload the slot. It is very likely that the problem slot was not accepting packets. slot:%d is the slot that is back pressuring to the PRP Recommended Action The slot should be reloaded to correct the problem, if not done already by sysldr. Copy the error message exactly as it appears and report it to your Cisco technical representative together with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-3-PRP3_TX_DONE_RING RP To Fabric Tx Done Ring. Port:[dec] Index: [dec]: [chars] Explanation While servicing To Fabric packets which the PRP3 Fabric FPGA indicates have been transmitted, software detects differences between hardware packet list and software cache of what was to be transmitted. Port:%d the PRP3 hardware fabric port that reported the issue Index:%d the index of the Tx Done Ring when error reported %s a decription of the To Fabric event failure Recommended Action Copy the error message exactly as it appears and report it to your Cisco technical representative together with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABQ Messages EM-44 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABQ-3-SHOW_ERR FABQ_SHOW: fatal error encountered: [chars] Explanation Error while executing a show command Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABQ-6-PKT_INIT_INFO PKT_INIT: pak mem size:[hex], pak mem start: [hex], pak scaling:[dec] Explanation Information on packet memory carving Recommended Action This is information and does not require any correction. Error Message %FABRIC-FABQ-7-PKT_INIT_INFO Packet initialization: pak mem size:[hex], pak mem start: [hex], pak scaling:[dec] Explanation Information on packet memory carving. Recommended Action This is informational and does not require any correction. Error Message %FABRIC-FABQ-7-PRP3_PKT_INIT_INFO Packet initialization: pak mem size:[hex], pak mem start: [hex], pak scaling:[dec] Explanation Information on packet memory carving. Recommended Action This is informational and does not require any correction.Fabric Messages FABRIC_DRIVER_LITE Messages EM-45 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FABRIC_DRIVER_LITE Messages Error Message %FABRIC-FABRIC_DRIVER_LITE-3-ERR_ASIC_ACCESS_EXCEPTION Fabric ASIC access timed out (reported by lite process) Explanation This indicates that the fabric ASIC failed to acknowledge an access request from the CPU. This can happen if the host CPU tries to access an address that is out of range for the ASIC. Also, accessing a register from a block that is still in the logic reset state could stall this access and subsequent accesses to the ASIC. Recommended Action If this condition is noticed for every access to the ASIC, then the ASIC is possibly wedged. Resetting the ASIC or reloading the fabric card will help to recover from this condition. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRIVER_LITE-3-ERR_DRIVER_INIT Initialization of fabric driver lite failed: [chars] ; exiting... Explanation Fabric driver encountered the annunciated error during the driver initialization. The System Manager process (sysmgr) will automatically respawn the (sfe_drvr_lite) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRIVER_LITE-3-ERR_EVM_CREATE Failed to create event manager for ’[chars]’ Explanation The Fabric driver was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr_lite) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRIVER_LITE Messages EM-46 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRIVER_LITE-3-ERR_SHMEM_INIT Shared Memory Error: [chars] Explanation Attempt to init/open the shared memory fails Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRIVER_LITE-3-ERR_THREAD_ATTRIBUTE FABRIC driver lite failed to change interupt thread to an IO thread: [chars] Explanation The Fabric driver was unable to change the interrupt thread to an IO thread. Because of this failure, the interupt thread will not be able to receive the interupt thread events. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr_lite) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRIVER_LITE-4-ERR_LTRACE_INIT Fabric driver lite failed to initialize the ltrace - rc equals [chars] Explanation The Fabric driver could not open/initialize the ltrace buffer. The Fabric driver and the system should stll function as normal, with the exception that ltrace will not be available for sfe_drvr process. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRIVER_LITE-6-ASIC_INITIALIZED Fabric ASICs initialized (reported by lite process) Explanation This indicates Fabric ASICs are initialized and is expected during normal operation. Recommended Action No action is required.Fabric Messages FABRIC_DRVR Messages EM-47 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FABRIC_DRVR Messages Error Message %FABRIC-FABRIC_DRVR-2-ERR_MAINTENANCE_MODE Failed to put card in maintenance mode by sysmgr. error code([hex]) - [chars] Explanation Fabric driver detected hardware errors and requested sysmgr to place the card in maintenance mode. But sysmgr failed to do so. The card and its fabric ASICs should have been isolated from the system before attempting going to maintenance mode. Recommended Action Check the health of the sysmgr process on the node. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-2-ERR_SHUTDOWN Failed to shutdown by shelfmgr. error code([hex]) - [chars] Explanation Fabric driver detected hardware errors and requested shelfmgr to shut down the node. But shelfmgr failed to do so. The card and its fabric ASICs should have been isolated from the system before the shutdown attempt. Recommended Action Check the health of the shelfmgr process on the RP in its rack. If shelfmgr is healthy, and the card cannot self reload, then reload the card with the following command in admin mode: ’hw shut loc y/SMx/sp’, where x is the SM module number that generated the error, y is the rack that it is in. If manual shutdown does not work, or if the error recurs, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_ASIC_ACCESS_EXCEPTION Fabric ASIC access timed out. Explanation This indicates that the fabric ASIC failed to acknowledge an access request from the CPU. This can happen if the host CPU tries to access an address that is out of range for the ASIC. Also, accessing a register from a block that is still in the logic reset state could stall this access and subsequent accesses to the ASIC. Recommended Action If this condition is noticed for every access to the ASIC, then the ASIC is possibly wedged. Resetting the ASIC or reloading the fabric card will help to recover from this condition. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRVR Messages EM-48 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-3-ERR_BOARD_PLD_VERSION Fabric Board PLD Version ([dec]) not supported. Upgrade to latest. Explanation This indicates that the fabric board is running with PLD version that is not supported. Version lower than (0x1c) is not supported. Please upgrade to the latest PLD Version. Recommended Action Shut down the plane associated to this fabric card, and upgrade the PLD Version of this board. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_DRV_INIT Initialization of fabric driver failed: [chars] ; exiting... Explanation Fabric driver encountered the annunciated error during the driver initialization. The System Manager process (sysmgr) will automatically respawn the (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_DRV_INIT Initialization of fabric driver failed: [chars] ; exiting... Explanation Fabric driver encountered the annunciated error during the driver initialization. The System Manager process (sysmgr) will automatically respawn the (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRVR Messages EM-49 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-3-ERR_EVM_CREATE Failed to create event manager for ’[chars]’ Explanation The Fabric driver was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_EVM_CREATE Failed to create event manager for ’[chars]’ Explanation The Fabric driver was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_FGID_ACCESS Fabric Board Going down. FGID access being aborted. Explanation One or more ASICs for the stage on the fabric card are being reset. Hence this multicast FGID access operation for the specified stage is aborted. This may be seen on any SM node going down, during asic reset cleanup process. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-3-ERR_FGID_REFRESH Request [dec] to refresh FGID entry [hex]. Explanation An FGID entry is disabled following a parity error. A request to refresh the entry is issued. Recommended Action No action is required. Fabric Messages FABRIC_DRVR Messages EM-50 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-3-ERR_FGID_REFRESH_RETRY Failed to refresh FGID entry. Reload the fabric card. Explanation An FGID entry is disabled following a parity error. Request to refresh the entry wasn’t entertained. This will reload the fabric card to recover. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-3-ERR_FGID_WRITE Device(s) being reset. [chars] FGID write to offset [hex] aborted. Explanation One or more ASICs for the stage on the fabric card are in being reset. Hence this multicast FGID write operation for the specified stage is aborted. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-3-ERR_MAX_TOPO_TIME_OUT Maximum attempts to receive topology information exceeded. Restarting sfe_drvr ... Explanation This indicates that the maximum tries for the driver to receive the necessary topology information to initialize the asic has exceeded. The driver will not continually re-request topology information. Recommended Action Check if all the required fabric cards are UP and running. Error Message %FABRIC-FABRIC_DRVR-3-ERR_POD_INIT Failed to initialize POD for node: [hex], error : [chars]; exiting... Explanation Fabric Driver failed to initialize one of the POD hardware modules. The System Manager process (sysmgr) will automatically respawn the (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRVR Messages EM-51 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-3-ERR_POD_INIT Failed to [chars] POD (node: [hex], module: [hex], asic: [unsigned int], POD:[unsigned int]) - error : [chars]; exiting... Explanation Fabric Driver failed to initialize one of the POD hardware modules. The System Manager process (sysmgr) will automatically respawn the (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_RELOAD Failed to reload. [chars] Explanation Fabric driver encountered an error when trying to reload. The card cannot be reloaded at the time of the message. Fabric driver may retry again when resources and conditions are met. The card and its fabric ASICs should have been isolated from the system. Recommended Action Check the health of the shelfmgr process on the dSC RP. If shelfmgr is healthy, and the card does not reload after waiting for minutes, reload the card with the following command in admin mode: ’reload loc 0/SMx/sp’, where x is the SM module number that generated the error. If manual reload does not work, or if the error recurs, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_SELF_RELOAD Failed to reload by shelfmgr. error code([hex]) Self-reloading... Explanation Fabric driver encountered a system error which shelfmgr cannot reload the node. The fabric driver self-reloads instead. The card and its fabric ASICs should have been isolated from the system before the self-reload. Recommended Action Check the health of the shelfmgr process on the dSC RP. If shelfmgr is healthy, and the card cannot self reload, then reload the card with the following command in admin mode: ’reload loc y/SMx/sp’, where x is the SM module number that generated the error, and y is the rack that it is in. If manual reload does not work, or if the error recurs, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRVR Messages EM-52 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-3-ERR_STUCK_BARRIER_FLOW Barriers stuck for type [dec] at phase [dec] [curr: [hex] prev: [hex]] on [chars]. Explanation Barrier flow of certain type is stuck at identified phase on the specified ASIC. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-3-ERR_THREAD_ATTRIBUTE FABRIC driver failed to change interupt thread to an IO thread: [chars] Explanation The Fabric driver was unable to change the interrupt thread to an IO thread. Because of this failure, the interupt thread will not be able to receive the interupt thread events. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_THREAD_ATTRIBUTE FABRIC driver failed to change interupt thread to an IO thread: [chars] Explanation The Fabric driver was unable to change the interrupt thread to an IO thread. Because of this failure, the interupt thread will not be able to receive the interupt thread events. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERR_TIMER_START Leaf Timer Failed to start. Timer Type: [dec]. Explanation Fabric driver could not start timer. Recommended Action No action is required. Fabric Messages FABRIC_DRVR Messages EM-53 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-3-ERR_WAITING_FOR_TOPO_TIMED_OUT Driver timed out waiting for topology information. Attempt re-request for topology. Explanation This indicates that the driver has not received the necessary topology information to initialize the asic. The driver will continually re-request topology. This message can also be seen in a multichassis system when a fabric card is pulled out or powered down and the other end is still up and running or if the plane config for this card is missing. Recommended Action Check if all the required fabric cards are UP and running. Error Message %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_GLACIAL [chars] ; Node Key equals [hex] Explanation The Fabric driver encountered the annunciated error. For Error Node Keys - 0x1050016; 0x1050018; 0x105001A : This indicates a hardware problem in Fabric ASIC. Sysmgr will reload the node up to a fixed number of times the error is encountered, to recover. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_GLACIAL [chars] ; Node Key equals [hex] Explanation The Fabric driver encountered the annunciated error. For Error Node Keys - 0x1050016; 0x1050018; 0x105001A : This indicates a hardware problem in Fabric ASIC. If the displayed error is one of the following ’Correctable Single-Bit Error in Cell Reference FIFO’ ’Correctable Single-Bit Error in Reference Count Table’ ’Correctable Single-Bit Error in Cell Store SRAM’ The data will be corrected. The number of correctable single-bit errors occur on reading these memory is aggregated, When the aggregate count exceeds threshold (2 in 2 days), This ios msg is reported. The shelf-mgr reloads the fabric card. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_NO_LIMIT [chars] Explanation The fabric driver encountered the annunciated error. Sysmgr will reload the node up to a fixed number of times the error is encountered, to recover. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRVR Messages EM-54 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_SLOW [chars] Explanation The fabric driver encountered the annunciated error. Sysmgr will reload the node up to a fixed number of times the error is encountered, to recover. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-4-ERR_LTRACE_INIT Fabric driver failed to initialize the ltrace - rc equals [chars] Explanation The Fabric driver could not open/initialize the ltrace buffer. The Fabric driver and the system should stll function as normal, with the exception that ltrace will not be available for sfe_drvr process. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-4-ERR_LTRACE_INIT Fabric driver failed to initialize the ltrace - rc equals [chars] Explanation The Fabric driver could not open/initialize the ltrace buffer. The Fabric driver and the system should stll function as normal, with the exception that ltrace will not be available for sfe_drvr process. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-6-ASIC_INITIALIZED Fabric ASICs initialized Explanation This indicates Fabric ASICs are initialized and is expected during normal operation. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-6-ASIC_INITIALIZED Fabric ASICs initialized Explanation This indicates Fabric ASICs are initialized and is expected during normal operation. Recommended Action No action is required. Fabric Messages FABRIC_DRVR Messages EM-55 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-6-BARRIER_FLOW_STARTED Barrier flow started on all ASICs Explanation Barriers started flowing on all the nodes/types. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-6-DLL_LOAD SEA ASIC driver loaded Explanation Fabric driver loaded for the SEA asics. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-6-MISSING_PLANE_CONFIG Plane config is missing or inconsistent. Explanation Missing admin plane configuration for this module. Recommended Action Check the admin plane configuration to ensure that it corresponds with the actual physical topology of the system. If this configuration looks correct then contact support, otherwise correct the configuration and the system should recover. Error Message %FABRIC-FABRIC_DRVR-7-ERR_BP_CFG [chars]: Error in Back pressure configuration, BP Groups : [dec], [dec], [dec] Explanation The Fabric driver encountered an error in back pressure configuration. This indicates BP configuration received from the fabric control software is incorrect. If this condition prevails, it could impact data traffic when fabric gets congested. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-7-ERR_BP_CFG [chars]: Error in Back pressure configuration, BP Groups : [dec], [dec], [dec] Explanation The Fabric driver encountered an error in back pressure configuration. This indicates BP configuration received from the fabric control software is incorrect. If this condition prevails, it could impact data traffic when fabric gets congested. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRVR Messages EM-56 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-7-ERR_DEBUG_REG Fabric driver failed to register with the debug; rc equals [chars] Explanation The Fabric driver was unable to register with the debug. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-7-ERR_DEBUG_REG Fabric driver failed to register with the debug; rc equals [chars] Explanation The Fabric driver was unable to register with the debug. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-7-ERR_INTERNAL_SW [chars] Explanation The Fabric driver encountered the annunciated internal SW error. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-7-ERR_INTERNAL_SW [chars] Explanation The Fabric driver encountered the annunciated internal SW error. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_DRVR Messages EM-57 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-7-ERR_LINK_TOPO Topology mismatch for [chars] Explanation The upstream information received from idle cells on this link does not match with FSDB information. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-7-ERR_LINK_TOPO Topology mismatch for [chars] Explanation The upstream information received from idle cells on this link does not match with FSDB information. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-7-ERRRATE_EXCEED_DEBUG [chars] Explanation The fabric driver encountered the annunciated error. The Fabric driver and the System should still continue to function as normal. Recommended Action No action is required. Error Message %FABRIC-FABRIC_DRVR-7-ERRRATE_EXCEED_DEBUG [chars] Explanation The fabric driver encountered the annunciated error. If the displayed error is one of the following ’Multicast High Priority Acknowledge Barrier Timeout’ ’Multicast Low Priority Acknowledge Barrier Timeout’ ’Unicast High Priority Acknowledge Barrier Timeout’ ’Unicast Low Priority Acknowledge Barrier Timeout ’Multicast High Priority Request Barrier Timeout’ ’Multicast Low Priority Request Barrier Timeout’ ’Unicast High Priority Request Barrier Timeout’ ’Unicasts Low Priority Request Barrier Timeout’ The Fabric driver and the System should still continue to function as normal.The affected link will be identified and taken offline momentarily. These errors are expected during OIR operations. If the error happens during steady state, investigation should be done for other unexpected oir events. If there is no other unexpected oir or anything, and the issue happened 2 in 2 days, then some effort should be done to identify the source link. Recommended Action No action is required. Fabric Messages FABRIC_SRVR Messages EM-58 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_DRVR-7-LINK_SHUT_DOWN Fabric Link: [chars] - Shutdown: [chars] Explanation The Fabric driver encountered an error on the annunciated Fabric Switching Element link and the link is brought down. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_DRVR-7-LINK_SHUT_DOWN Fabric Link: [chars] - Shutdown: [chars] Explanation The Fabric driver encountered an error on the annunciated Fabric Switching Element link and the link is brought down. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FABRIC_SRVR Messages Error Message %FABRIC-FABRIC_SRVR-3-ERR_ANNOUNCE EES announcement failed, rc equals [chars] Explanation EES domain enabling failed. This will prevent ucd/mcd messages to be exchanged between the applications and driver. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-3-ERR_DRV_INIT Initialization of fabric driver failed: [chars] ; exiting... Explanation Fabric driver encountered the annunciated error during the driver initialization. The System Manager process (sysmgr) will automatically respawn the (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_SRVR Messages EM-59 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-3-ERR_DRV_INIT Initialization of fabric driver failed: [chars] ; exiting... Explanation Fabric driver encountered the annunciated error during the driver initialization. The System Manager process (sysmgr) will automatically respawn the (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-3-ERR_EES_REG EES registration failed, rc equals [chars] Explanation EES domain enabling failed. This will prevent ucd/mcd messages to be exchanged between the applications and driver. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-3-ERR_ENABLE [chars] domain enable failed for ucd [dec], rc equals [chars] Explanation EES domain enabling failed. This will prevent ucd/mcd messages to be exchanged between the applications and driver. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-3-ERR_EVM_CREATE Failed to create event manager for ’[chars]’ Explanation The Fabric driver was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_SRVR Messages EM-60 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-3-ERR_EVM_CREATE Failed to create event manager for ’[chars]’ Explanation The Fabric driver was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-3-ERR_FGID_CONS_THREAD Process sfe_drvr will be restarted. Asic status(oper_up/avl_map) equals [hex]/[hex]. Cfg availability (topo/oob/bpe) equals [hex]/[hex]/[hex]. Explanation This is an error message and is seen in the abnormal condition when the fgid consumer thread fails to start successfully. Fgid consumer thread will successfully start if all the asics are operationally up. If the asics do not report oper-up within the timeout period fgid_consumer thread cannot be started. As a consequence SFE Driver is restarted. avl_map is a bitmap representing all the asics that are required to be operationally up to successfully start the fgid consumer thread. The oper_up bitmap indicates the asics that are currently operationally up. The topo/oob/bpe information indicates which of the asics have received the specific (topo/oob/bpe) configuration. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-3-ERR_FGID_DOWNLOAD_FAILED Initial FGID Download failed (after total delay of [dec] secs) Explanation The message is seen when initial FGID download from the FGID server to SFE driver does not get completed even after multiple attempts to reset the EES connection. This means the communication between SFE driver and FGID driver is broken and indicates a EES transport issue. Recommended Action Capture the output of the CLIs as specified in required_info and contact your Cisco technical support representative. Once the required information is captured, a restart of sfe_drvr process on the affected fabric card, followed by a restart of fgid_server process on the appropriate RP/DRP can be attempted to recover from this error. Error Message %FABRIC-FABRIC_SRVR-3-RESET_ALL_ASICS FDI request to reset all the ASICs on the fabric board. Explanation Process a request received from FSDB to reset all the ASICs on the fabric card. Recommended Action No action is required. Fabric Messages FABRIC_SRVR Messages EM-61 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-4-ERR_ECM_CREATE Failed to create Event Connection Manager : [chars] Explanation The Fabric driver was unable to create an event connection manager for EDM. Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-4-ERR_ECM_CREATE Failed to create Event Connection Manager : [chars] Explanation The Fabric driver was unable to create an event connection manager for EDM. Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-4-ERR_ECM_NOTIFY Failed to register with ECM to receive notifications : [chars] Explanation The Fabric driver was unable register with ECM to receive notifications when the connection to Sysdb goes down/up/closed. Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-4-ERR_ECM_NOTIFY Failed to register with ECM to receive notifications : [chars] Explanation The Fabric driver was unable register with ECM to receive notifications when the connection to Sysdb goes down/up/closed. Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_SRVR Messages EM-62 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-4-ERR_FGID_DOWNLOAD Initial FGID Download did not complete within timeout period ([dec] secs). Retrying.. Explanation The message is seen when initial FGID download from the FGID server to SFE driver does not get completed. Generally this indicates a transient EES transport issue. The SFE driver will try to recover from this error by resetting the EES connection to FGID server. Recommended Action There is no specific manual intervention needed to be taken by the customer for this message. As mentioned in the explanation, SFE driver will try to recover from this situation on its own. However, if this message is being seen often, then please capture the output of the CLIs mentioned in the required_info, and contact Cisco technical support representative. Error Message %FABRIC-FABRIC_SRVR-4-ERR_LTRACE_INIT Fabric driver failed to initialize the ltrace - rc equals [chars] Explanation The Fabric driver could not open/initialize the ltrace buffer. The Fabric driver and the system should stll function as normal, with the exception that ltrace will not be available for sfe_drvr process. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-4-ERR_LTRACE_INIT Fabric driver failed to initialize the ltrace - rc equals [chars] Explanation The Fabric driver could not open/initialize the ltrace buffer. The Fabric driver and the system should stll function as normal, with the exception that ltrace will not be available for sfe_drvr process. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-6-ASIC_RESET_REASONS Asics being reset, Respawn Count equals [dec] Checkpoint status equals [dec] Interrupt Status equals [hex] ASICs are ready equals [dec] Explanation This message is seen when fabric ASICS are being reset. The status reported here provide information about the reason for the reset. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-6-FAB_MODULE [chars] Explanation This is to give infomation regarding fabric module type. Recommended Action No action is required. Fabric Messages FABRIC_SRVR Messages EM-63 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-6-FAB_MODULE [chars] Explanation This is to give infomation regarding fabric module type. Recommended Action No action is required. Error Message %FABRIC-FABRIC_SRVR-6-INVALID_CARD_TYPE_ERROR Cannot find board revision Explanation The message is seen when we fail to read the EEPROM for board revison. Check platform libraries & i2c bus connectivity. Recommended Action Check the EEPROM programming, environmental condition and the type of board that is inserted. Error Message %FABRIC-FABRIC_SRVR-7-ERR_BAG_REG [chars] Explanation The Fabric driver was unable to register Fabric driver bags. The Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-7-ERR_BAG_REG [chars] Explanation The Fabric driver was unable to register Fabric driver bags. The Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_SRVR Messages EM-64 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_INIT Fabric driver failed to initialize the debug; rc equals [chars] Explanation The Fabric driver was unable to initialize debug. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_INIT Fabric driver failed to initialize the debug; rc equals [chars] Explanation The Fabric driver was unable to initialize debug. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_REG Fabric driver failed to register with the debug; rc equals [chars] Explanation The Fabric driver was unable to register with the debug. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRIC_SRVR Messages EM-65 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_REG Fabric driver failed to register with the debug; rc equals [chars] Explanation The Fabric driver was unable to register with the debug. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-7-ERR_INTERNAL_SW [chars] Explanation The Fabric driver encountered the annunciated internal SW error. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-7-ERR_INTERNAL_SW [chars] Explanation The Fabric driver encountered the annunciated internal SW error. The System Manager process (sysmgr) will automatically respawn this (sfe_drvr) process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRIC_SRVR-7-ERR_SYSDB_EDM_REG [chars] Explanation The Fabric driver was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. The Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRICQ_MGR Messages EM-66 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRIC_SRVR-7-ERR_SYSDB_EDM_REG [chars] Explanation The Fabric driver was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. The Fabric driver and the System should continue to function as normal, with the exception that the ’show’ commands for Fabric driver will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FABRICQ_MGR Messages Error Message %FABRIC-FABRICQ_MGR-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation Fabricq manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation Fabricq manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation Fabricq encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRICQ_MGR Messages EM-67 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ_MGR-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation Fabricq encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-4-ERR_CHKPT_INIT Checkpoint Initialization failed. Reason: [chars] Explanation Fabricq Checkpoint Init error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-4-ERR_CHKPT_INIT Checkpoint Initialization failed. Reason: [chars] Explanation Fabricq Checkpoint Init error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_BAG_REG Bag register failed for rules. Reason: [chars] Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_BAG_REG Bag register failed for rules. Reason: [chars] Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRICQ_MGR Messages EM-68 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ_MGR-7-ERR_CLIENT_REG Client [chars] failed. Reason: [chars] Explanation Fabricq Manager client Registration/Unregistration error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_CLIENT_REG Client [chars] failed. Reason: [chars] Explanation Fabricq Manager client Registration/Unregistration error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_DLL_INIT Dll Initialization for [chars] failed. Reason: [chars] Explanation Fabricq driver tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_DLL_INIT Dll Initialization for [chars] failed. Reason: [chars] Explanation Fabricq driver tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation Fabricq Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRICQ_MGR Messages EM-69 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ_MGR-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation Fabricq Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation Fabricq Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation Fabricq Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation Fabricq Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation Fabricq Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRICQ_MGR Messages EM-70 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ_MGR-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation Fabricq LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation Fabricq LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Reason: [chars] Explanation Fabricq Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ_MGR-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Reason: [chars] Explanation Fabricq Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Fabric Messages FABRICQ Messages EM-71 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FABRICQ Messages Error Message %FABRIC-FABRICQ-3-ERR_ASIC_FCRAM_ASSERT Assert error in Fabricq ASIC [dec]. FCRAM Channel [dec]. Explanation Fabricq ASIC encountered a FCRAM Channel error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-ERR_ASIC_FCRAM_ASSERT Assert error in Fabricq ASIC [dec]. FCRAM Channel [dec]. Explanation Fabricq ASIC encountered a FCRAM Channel error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-ERR_BIST Error during [chars] BIST Explanation Fabricq BIST error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-3-ERR_BIST Error during [chars] BIST Explanation Fabricq BIST error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-3-ERR_INIT Instance: [dec]. Error: [chars] Explanation Fabricq Asic driver encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRICQ Messages EM-72 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-3-ERR_INIT Instance: [dec]. Error: [chars] Explanation Fabricq Asic driver encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-3-PCL_CCNT_ERR Major error in PCL of fabricq asic [dec]: [chars] data. Explanation Sponge encountered a PCL cell count mistmatch error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-PCL_CCNT_ERR Major error in PCL of fabricq asic [dec]: [chars] data. Explanation Sponge encountered a PCL cell count mistmatch error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-PCL_CSLOT_SYNC Major internal error in PCL of fabricq asic [dec]: [chars]. Explanation Sponge encountered a PCL internal error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-PCL_CSLOT_SYNC Major internal error in PCL of fabricq asic [dec]: [chars]. Explanation Sponge encountered a PCL internal error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-PCL_PKT Minor error in PCL of fabricq asic [dec]. [chars] Explanation Sponge encountered a PCL Packet error Recommended Action *SUPPORT* Fabric Messages FABRICQ Messages EM-73 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-3-PCL_PKT Minor error in PCL of fabricq asic [dec]. [chars] Explanation Sponge encountered a PCL Packet error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-PCL_XCELL_ERR Major error in PCL of fabricq asic [dec]: [chars] Explanation Sponge encountered a PCL extra cell error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-PCL_XCELL_ERR Major error in PCL of fabricq asic [dec]: [chars] Explanation Sponge encountered a PCL extra cell error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-3-RESET Reseting Fabricq ASIC Device [dec]. Reason: [chars] Explanation Reseting Fabricq ASIC on detecting fatal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-3-RESET Reseting Fabricq ASIC Device [dec]. Reason: [chars] Explanation Reseting Fabricq ASIC on detecting fatal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-4-ERR_ASIC_MBE Fabricq Asic [dec] detected multibit error(s). Details: [chars] Explanation Fabricq Asic encountered a memory uncorrectable error Recommended Action The multi-bit errors can happen in one of many blocks of the fabricq ASIC. One of them is the Fabric Interface (FI). If these error messages are generated for short intervals for FI links when a fabric card is disabled / reloaded / OIR’ed, then they are harmless. If these messages Fabric Messages FABRICQ Messages EM-74 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 continue for more than 2 minutes, with incrementing uncorrectable error (UCE) counters, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-4-ERR_ASIC_MBE Fabricq Asic [dec] detected multibit error(s). Details: [chars] Explanation Fabricq Asic encountered a memory uncorrectable error Recommended Action The multi-bit errors can happen in one of many blocks of the fabricq ASIC. One of them is the Fabric Interface (FI). If these error messages are generated for short intervals for FI links when a fabric card is disabled / reloaded / OIR’ed, then they are harmless. If these messages continue for more than 2 minutes, with incrementing uncorrectable error (UCE) counters, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-4-ERR_ASIC_PARITY Fabricq Asic [dec] detected parity error(s). Details: [chars] Explanation Fabricq Asic encountered a parity error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-ERR_ASIC_PARITY Fabricq Asic [dec] detected parity error(s). Details: [chars] Explanation Fabricq Asic encountered a parity error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-ERR_ASIC_SN_LINK Fabricq ASIC [dec] encountered a CpuCtrl [chars] error Explanation Fabricq ASIC encountered a CpuCtrl CRC/Sync error Recommended Action *SUPPORT* Fabric Messages FABRICQ Messages EM-75 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-4-ERR_ASIC_SN_LINK Fabricq ASIC [dec] encountered a CpuCtrl [chars] error Explanation Fabricq ASIC encountered a CpuCtrl CRC/Sync error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-FI_LINK_ALARM Link Alarm on Fabricq ASIC [dec] link [dec] Explanation Fabricq ASIC encountered a link alarm Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-FI_LINK_ALARM Link Alarm on Fabricq ASIC [dec] link [dec] Explanation Fabricq ASIC encountered a link alarm Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-FI_LINK_BRINGDOWN Fabric link [dec] on ASIC [dec] may be brought down due to too many errors Explanation A fabric link was brought down due to too many UCE or parity errors. Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-FI_TOPOLOGY Fabric topology inconsistency detected for ASIC [unsigned int] link [unsigned int] (observed topology information: [hex], expected: [hex]) Explanation An inconsistency between the expected and observed topologies of the fabric was detected. Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-FI_TOPOLOGY Fabric topology inconsistency detected for ASIC [unsigned int] link [unsigned int] (observed topology information: [hex], expected: [hex]) Explanation An inconsistency between the expected and observed topologies of the fabric was detected. Recommended Action *SUPPORT* Fabric Messages FABRICQ Messages EM-76 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-4-MI_WEDGE Major error in Fabricq ASIC [dec]. MI [chars] Wedged Explanation Fabricq ASIC encountered a MI Unicast/Multicast Wedge error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-MI_WEDGE Major error in Fabricq ASIC [dec]. MI [chars] Wedged Explanation Fabricq ASIC encountered a MI Unicast/Multicast Wedge error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-PSN_WRAP Major error in PCL of Fabricq asic [dec]: [chars] . [hex] spo_pcl_mem_ppbr [hex][hex]%08x[hex]%08x[hex]%08x[hex] Explanation Fabricq encountered a PCL Packet Sequence Wrap error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-4-PSN_WRAP Major error in PCL of Fabricq asic [dec]: [chars] . [hex] spo_pcl_mem_ppbr [hex][hex]%08x[hex]%08x[hex]%08x[hex] Explanation Fabricq encountered a PCL Packet Sequence Wrap error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-5-ERR_RES_PROG Error during Resource Programming [chars] [unsigned int] Reason: [chars] Explanation An error occured while the Fabricq driver was trying to create queues for an interface. This may leave one or more interfaces out of operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FABRICQ Messages EM-77 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-5-ERR_RES_PROG Error during Resource Programming [chars] [unsigned int] Reason: [chars] Explanation An error occured while the Fabricq driver was trying to create queues for an interface. This may leave one or more interfaces out of operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-5-MI_BPDECODE Major error in Fabricq ASIC [dec]. MI [chars] Backpressure decode error Explanation Fabricq ASIC encountered a MI Unicast/Multicast BP Decode error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-5-MI_BPDECODE Major error in Fabricq ASIC [dec]. MI [chars] Backpressure decode error Explanation Fabricq ASIC encountered a MI Unicast/Multicast BP Decode error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-6-ERR_ASIC_EOP Minor error in Fabricq ASIC [dec]. [chars] End of Packet error Explanation Fabricq ASIC encountered a Unicast/Multicast Unexpected/Missing End Of Packet error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-6-ERR_ASIC_EOP Minor error in Fabricq ASIC [dec]. [chars] End of Packet error Explanation Fabricq ASIC encountered a Unicast/Multicast Unexpected/Missing End Of Packet error Recommended Action *SUPPORT* Fabric Messages FABRICQ Messages EM-78 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-6-ERR_ASIC_GENERIC Fabric Asic [dec] encountered generic error(s). Details: [chars] Explanation Fabricq encountered an interrupt that has exceeded its threshold value. Software takes appropriate action to log and fix the error. Recommended Action No action is required. Error Message %FABRIC-FABRICQ-6-ERR_ASIC_GENERIC Fabric Asic [dec] encountered generic error(s). Details: [chars] Explanation Fabricq encountered an interrupt that has exceeded its threshold value. Software takes appropriate action to log and fix the error. Recommended Action No action is required. Error Message %FABRIC-FABRICQ-6-ERR_ASIC_OOR Fabricq Asic [dec] encountered [chars] Out Of Resources error. Explanation Fabricq encountered an out of resources error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-FABRICQ-6-ERR_ASIC_OOR Fabricq Asic [dec] encountered [chars] Out Of Resources error. Explanation Fabricq encountered an out of resources error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-FABRICQ-6-ERR_ASIC_SBE Fabricq Asic [dec] detected single bit error(s). Details: [chars] Explanation Fabricq Asic encountered a memory correctable error Recommended Action *SUPPORT* Fabric Messages FABRICQ Messages EM-79 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-6-ERR_ASIC_SBE Fabricq Asic [dec] detected single bit error(s). Details: [chars] Explanation Fabricq Asic encountered a memory correctable error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-6-SPI_FBP Minor error: Cluster: [dec] in Fabricq ASIC [dec] has SPI FBP [chars] error Explanation The Fabricq asic encounted a fabric backpressure error. These sort of errors are to be expected during bootup or during OIR events, and are harmless for the vast majority of the time. The only time they would signify a serious error is if they recur for long periods. Recommended Action If these messages are recurring and/or you’re seeing other faults (such as traffic loss) then contact your support agent. Error Message %FABRIC-FABRICQ-6-SPI_FBP Minor error: Cluster: [dec] in Fabricq ASIC [dec] has SPI FBP [chars] error Explanation The Fabricq asic encounted a fabric backpressure error. These sort of errors are to be expected during bootup or during OIR events, and are harmless for the vast majority of the time. The only time they would signify a serious error is if they recur for long periods. Recommended Action If these messages are recurring and/or you’re seeing other faults (such as traffic loss) then contact your support agent. Error Message %FABRIC-FABRICQ-6-URG_CTX Minor error in PCL of Fabricq asic [dec]. Urgent Context exceeded 5 equals [hex] Explanation Fabricq encountered a PCL Urgent Context error Recommended Action *SUPPORT* Error Message %FABRIC-FABRICQ-6-URG_CTX Minor error in PCL of Fabricq asic [dec]. Urgent Context exceeded 5 equals [hex] Explanation Fabricq encountered a PCL Urgent Context error Recommended Action *SUPPORT* Fabric Messages FDI Messages EM-80 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FABRICQ-7-ERR_DMA Error during DMA transfer: Source Addr [hex], Dest Addr [pointer]. Reason: [chars] Explanation An error occurred while a DMA transfer initiated by the FQM process was taking place. This means certain data requested by the FQM process will not be available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FABRICQ-7-ERR_DMA Error during DMA transfer: Source Addr [hex], Dest Addr [pointer]. Reason: [chars] Explanation An error occurred while a DMA transfer initiated by the FQM process was taking place. This means certain data requested by the FQM process will not be available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FDI Messages Error Message %FABRIC-FDI-2-ERR_CONNECTION [chars]; Conn_id equals [dec] Conn_name equals [chars] Explanation The FDI library encountered the annunciated connection error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-2-ERR_CONNECTION [chars]; Conn_id equals [dec] Conn_name equals [chars] Explanation The FDI library encountered the annunciated connection error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FDI Messages EM-81 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FDI-2-ERR_INTERNAL_SW [chars] ; rc equals [chars] Explanation The FDI encountered the annunciated internal sw error. Recommended Action No action is required. Error Message %FABRIC-FDI-2-ERR_INTERNAL_SW [chars] ; rc equals [chars] Explanation The FDI encountered the annunciated internal sw error. Recommended Action No action is required. Error Message %FABRIC-FDI-2-ERR_MSG_TYPE FDI received incorrect message type - [dec] from mid ([dec]:[dec]:[dec]) Explanation FDI received incorrect message type and failed to process the message. The System Manager process (sysmgr) will automatically respawn the process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-3-EES_ANNOUNCEMENT_ERR EES Announcement Failed: [chars] Explanation This process encountered an internal software error. [chars] provide detailed information about this error Process will restart to recover from this error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-3-ERR_BUFF_Q FDI Buffers are full; Conn_id [dec]. Data_Size [dec]. Buffer_states ([dec] [dec]) Explanation FDI buffers are full and FDI can’t buffer any more messages. The System Manager process (sysmgr) will automatically respawn the process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action Examine the state of GSP on the node of the FDI application. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FDI Messages EM-82 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FDI-3-ERR_BUFF_Q FDI Buffers are full; Conn_id [dec]. Data_Size [dec]. Buffer_states ([dec] [dec]) Explanation FDI buffers are full and FDI can’t buffer any more messages. Buffer will fill up for 2 main reasons: 1. Receiver is blocked and not able to return ack 2. Some kind of transport problem In such cases, FDI would flap the connection and flush the buffers hoping that conditions 1 or 2 were transient. Recommended Action Examine the state of GSP on the node of the FDI application. Collect gsp stats for the sender and receiver application. Also determine if receiver application was ever blocked during the time buffer went full. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-3-ERR_CORRUPT_MSG Possible Corrupt Msg Returned By GSP Case ([chars]) Explanation 1. Possible null msg returned back by gsp 2. Possible corrupt msg causing msgtype outofbounds Recommended Action Examine the state of GSP on the node of the FDI application. Collect gsp stats for the sender and receiver application. Also determine if receiver application was ever blocked during the time buffer went full. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-3-ERR_MSG_TYPE FDI received incorrect message type - [dec] Explanation FDI received incorrect message type and failed to process the message. The System Manager process (sysmgr) will automatically respawn the process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-3-ERR_SEND_FAIL Unable to send message to peer [dec]-[hex]-[dec]: [chars] Explanation An unexpected error occurred while sending an message. Process will restart to recover from this error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FDI Messages EM-83 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FDI-7-ERR_COMM_SYSTEM_ERROR IPC non blocking communication failed to group id: [dec], tag [hex] - id [dec], seq [dec], status [dec]: [chars] Explanation The FDI Library uses gsp_group_memberset_nb ( non blocking api ). Any errors are communicated back via a callback. These errors are considered bad, since it is likely a member did not receive a message. These errors returned are communicated via this msg. This may indicate some transport issue. Recommended Action Restart application may be required, if messages continued to be logged. Error Message %FABRIC-FDI-7-ERR_DEBUG_CLEAN FDI library failed to cleanup FDI debug info in debug infrastructure ; rc equals [chars] Explanation The FDI library was unable to cleanup FDI debug info in debug infrastructure. The System should still continue to function as normal. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-7-ERR_DEBUG_CLEAN FDI library failed to cleanup FDI debug info in debug infrastructure ; rc equals [chars] Explanation The FDI library was unable to cleanup FDI debug info in debug infrastructure. The System should still continue to function as normal. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-7-ERR_DEBUG_INIT FDI library failed to initialize debug for fdi - [chars]; rc equals [chars] Explanation The FDI library was unable to initialize debug. The FDI component and the System should still continue to function as normal, with the exception that the debugs will not be available for FDI. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FDI Messages EM-84 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FDI-7-ERR_DEBUG_INIT FDI library failed to initialize debug for fdi - [chars]; rc equals [chars] Explanation The FDI library was unable to initialize debug. The FDI component and the System should still continue to function as normal, with the exception that the debugs will not be available for FDI. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-7-ERR_DEBUG_REG FDI library failed to register with debug infrastructure ; rc equals [chars] Explanation The FDI library was unable to register with debug infrastructure. The FDI component and the System should still continue to function as normal, with the exception that the debugs will not be available for FDI. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-7-ERR_DEBUG_REG FDI library failed to register with debug infrastructure ; rc equals [chars] Explanation The FDI library was unable to register with debug infrastructure. The FDI component and the System should still continue to function as normal, with the exception that the debugs will not be available for FDI. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-7-ERR_EDM_INIT [chars]; rc equals [chars] Explanation The FDI Library encountered the annunciated EDM Initialization error. The System should still continue to function as normal, with the exception that the ’show’ commands for FDI will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FDI Messages EM-85 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FDI-7-ERR_EDM_INIT [chars]; rc equals [chars] Explanation The FDI Library encountered the annunciated EDM Initialization error. The System should still continue to function as normal, with the exception that the ’show’ commands for FDI will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FDI-7-ERR_GROUP_MEMBER_ALREADY_EXISTS Group ([dec]) Member ([dec]:[dec]:[dec]) already exsts overriding with latest member info([dec]:[dec]:[dec]). Explanation A member is attempting to be added to a group with an entry already present. The member likely did not get cleaned up correctly. Assumed latest member info is correct, and override existing entry. Recommended Action No action is required. Error Message %FABRIC-FDI-7-ERR_MEM_ALLOC FDI failed to allocate [dec] bytes Explanation The FDI was unable to allocate memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-FDI-7-ERR_MEM_ALLOC FDI failed to allocate [dec] bytes Explanation The FDI was unable to allocate memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-FDI-7-ERR_MEMBER_ALREADY_EXISTS Member [chars] entry already exists and registered. Updating with new member info. Explanation The FDI Library has received a new member notification for a member that already exists in the FDI db, and registered. Possible that we failed to cleanup old member, or a delayed new member msg. There should be no system impact as FDI will just update with the latest info. Recommended Action No action is required. Fabric Messages FEATURE_LPTS Messages EM-86 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FDI-7-ERR_MSG_SEQ_GT Out of sequence (greater than) message received from [chars] [chars] reset connection. Explanation The FDI Library encountered an internal error with a message received. Since one message is active at one time, the message received should be the next expected seqnum. This may indicate system resource issue, or a period where system is heavily loaded. If message persists, application may need to be restarted. Recommended Action Restart application may be required, if messages continued to be logged. FEATURE_LPTS Messages Error Message %FABRIC-FEATURE_LPTS-3-ERR_DOUBLE_FREE Double free of FGID [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FEATURE_LPTS-3-ERR_DOUBLE_FREE Double free of FGID [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FEATURE_LPTS-3-ERR_FGID_DB_RETRIES_EXCEEDED Number of unknown errors from FGID-DB ([dec]) has exceeded maximum Explanation A software error occurred, when the PA attempted to allocate FGID’s from the FGID aggregator. Recommended Action The process will attempt to recover by restarting. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FEATURE_LPTS Messages EM-87 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FEATURE_LPTS-3-ERR_UNALLOCATED_FREE Attempt to free unallocated FGID [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FEATURE_LPTS-3-ERR_UNALLOCATED_FREE Attempt to free unallocated FGID [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FEATURE_LPTS-3-ERR_UNKNOWN_FGID_DB_ERROR Unknown error from FGID-DB, [chars] FGID [dec] [[dec]]([dec], [dec]): [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FEATURE_LPTS-3-ERR_UNKNOWN_FGID_DB_ERROR Unknown error from FGID-DB, [chars] FGID [dec] [[dec]]([dec], [dec]): [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Fabric Messages FGID_AGG Messages EM-88 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FGID_AGG Messages Error Message %FABRIC-FGID_AGG-3-ERR_DEBUG_INIT fgid_aggregator unable to initialize dbg ; rc equals [chars] Explanation The FGID Aggregator was unable to initialize debug. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_DEBUG_INIT fgid_aggregator unable to initialize dbg ; rc equals [chars] Explanation The FGID Aggregator was unable to initialize debug. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_EVM_CREATE FGID Aggregator failed to create [chars] evm ; rc equals [chars] Explanation The FGID aggregator was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_AGG Messages EM-89 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_AGG-3-ERR_EVM_CREATE FGID Aggregator failed to create [chars] evm ; rc equals [chars] Explanation The FGID aggregator was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_EVM_SYNC_ATTACH FGID Aggregator failed to attach [chars] to evm ; rc equals [chars] Explanation The FGID Aggregator was unable to attach the indicated event handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_EVM_SYNC_ATTACH FGID Aggregator failed to attach [chars] to evm ; rc equals [chars] Explanation The FGID Aggregator was unable to attach the indicated event handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_AGG Messages EM-90 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_AGG-3-ERR_GSP [chars]: rc equals [chars] Explanation The FGID Aggregator was unable to create/join GSP group. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_GSP [chars]: rc equals [chars] Explanation The FGID Aggregator was unable to create/join GSP group. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_INTERNAL_SW [chars]; [chars] Explanation The FGID Aggregator encountered the annunciated SW error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_INTERNAL_SW [chars]; [chars] Explanation The FGID Aggregator encountered the annunciated SW error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_AGG Messages EM-91 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_AGG-3-ERR_MEM_ALLOC FGID Aggregator unable to allocate [dec] bytes Explanation The FGID Aggregator was unable to allocate memory. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_MEM_ALLOC FGID Aggregator unable to allocate [dec] bytes Explanation The FGID Aggregator was unable to allocate memory. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_SYSMGR [chars]; rc equals [chars] Explanation The FGID Aggregator encountered the annunciated sysmgr error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_AGG-3-ERR_SYSMGR [chars]; rc equals [chars] Explanation The FGID Aggregator encountered the annunciated sysmgr error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_ALLOC Messages EM-92 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_AGG-7-ERR_LTRACE_INIT FGID Aggregator failed to initialize the ltrace file [chars] : [chars] Explanation The FGID Aggregator Could not open the annunciated ltrace buffer. The FGID component and the system should stll function as normal, with the exception that ltrace will not be available for fgid_aggregator process. Recommended Action No action is required. Error Message %FABRIC-FGID_AGG-7-ERR_LTRACE_INIT FGID Aggregator failed to initialize the ltrace file [chars] : [chars] Explanation The FGID Aggregator Could not open the annunciated ltrace buffer. The FGID component and the system should stll function as normal, with the exception that ltrace will not be available for fgid_aggregator process. Recommended Action No action is required. FGID_ALLOC Messages Error Message %FABRIC-FGID_ALLOC-3-ERR_EVM_CREATE FGID Allocator failed to create [chars] evm; rc equals [chars] Explanation The FGID allocator was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_ALLOC Messages EM-93 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_ALLOC-3-ERR_EVM_CREATE FGID Allocator failed to create [chars] evm; rc equals [chars] Explanation The FGID allocator was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-3-ERR_GSP [chars]: rc equals [chars] Explanation The FGID Allocator encountered the annunciated GSP error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-3-ERR_GSP [chars]: rc equals [chars] Explanation The FGID Allocator encountered the annunciated GSP error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-3-ERR_INTERNAL_SW [chars] ; rc equals [chars] Explanation The FGID Allocator encountered the annunciated internal SW error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_ALLOC Messages EM-94 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_ALLOC-3-ERR_INTERNAL_SW [chars] ; rc equals [chars] Explanation The FGID Allocator encountered the annunciated internal SW error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-3-ERR_MEM_ALLOC FGID Allocator failed to allocate [dec] bytes Explanation The FGID Allocator was unable to allocate memory. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-3-ERR_MEM_ALLOC FGID Allocator failed to allocate [dec] bytes Explanation The FGID Allocator was unable to allocate memory. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-3-ERR_SYSMGR [chars]; rc equals [chars] Explanation The FGID Allocator encountered the annunciated sysmgr error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_ALLOC Messages EM-95 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_ALLOC-3-ERR_SYSMGR [chars]; rc equals [chars] Explanation The FGID Allocator encountered the annunciated sysmgr error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_BAG_REG FGID allocator failed to register FGID bags; rc equals [chars] Explanation The FGID allocator was unable to register FGID bags. The FGID component and the System should continue to function as normal, with the exception that the ’show’ commands for FGID allocator will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_BAG_REG FGID allocator failed to register FGID bags; rc equals [chars] Explanation The FGID allocator was unable to register FGID bags. The FGID component and the System should continue to function as normal, with the exception that the ’show’ commands for FGID allocator will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_CHKPT_INIT FGID Allocator failed to initialize the checkpoint library ; rc equals [chars] Explanation The FGID Allocator was unable to initialize the checkpoint library. The fgid_allocator process may need restarting, if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_ALLOC Messages EM-96 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_ALLOC-7-ERR_CHKPT_INIT FGID Allocator failed to initialize the checkpoint library ; rc equals [chars] Explanation The FGID Allocator was unable to initialize the checkpoint library. The fgid_allocator process may need restarting, if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_CHKPT_ITERATE_START FGID Allocator failed to start to iterate Checkpoint table [chars]; rc equals [chars] Explanation The FGID Allocator was unable to start to iterate checkpoint table. The fgid_allocator process may need restarting, if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_CHKPT_ITERATE_START FGID Allocator failed to start to iterate Checkpoint table [chars]; rc equals [chars] Explanation The FGID Allocator was unable to start to iterate checkpoint table. The fgid_allocator process may need restarting, if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_CHKPT_REG FGID Allocator failed to register the Checkpoint table [chars] ; rc equals [chars] Explanation The FGID Allocator was unable to register the checkpoint table. The fgid_allocator process may need restarting, if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_ALLOC Messages EM-97 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_ALLOC-7-ERR_CHKPT_REG FGID Allocator failed to register the Checkpoint table [chars] ; rc equals [chars] Explanation The FGID Allocator was unable to register the checkpoint table. The fgid_allocator process may need restarting, if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_DEBUG_INIT FGID Allocator failed to initialize debug ; rc equals [chars] Explanation The FGID Allocator failed to initialize debug. The FGID component and the System should still continue to function as normal, with the exception that the debugs will not be available fgid_allocator process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_DEBUG_INIT FGID Allocator failed to initialize debug ; rc equals [chars] Explanation The FGID Allocator failed to initialize debug. The FGID component and the System should still continue to function as normal, with the exception that the debugs will not be available fgid_allocator process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_LTRACE_INIT FGID Allocator failed to initialize the ltrace file [chars]; rc equals [chars] Explanation The FGID Allocator could not open the annunciated ltrace buffer. The FGID component and the system should function as normal, with the exception that ltrace will not be available for fgid_aggregator process. Recommended Action No action is required. Fabric Messages FGID_ALLOC Messages EM-98 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_ALLOC-7-ERR_LTRACE_INIT FGID Allocator failed to initialize the ltrace file [chars]; rc equals [chars] Explanation The FGID Allocator could not open the annunciated ltrace buffer. The FGID component and the system should function as normal, with the exception that ltrace will not be available for fgid_aggregator process. Recommended Action No action is required. Error Message %FABRIC-FGID_ALLOC-7-ERR_SYSDB_BIND FGID Allocator failed to bind to Sysdb name space [chars]; rc equals [chars] Explanation The FGID-DB allocator unable to bind to sysdb name space. The fgid_allocator may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_SYSDB_BIND FGID Allocator failed to bind to Sysdb name space [chars]; rc equals [chars] Explanation The FGID-DB allocator unable to bind to sysdb name space. The fgid_allocator may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_ALLOC-7-ERR_SYSDB_EDM_REG FGID allocator failed to perform EDM registration; rc equals [chars] Explanation The FGID allocator was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. The FGID component and the System should continue to function as normal, with the exception that the ’show’ commands for FGID allocator will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_BCDL_CONSUMER Messages EM-99 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_ALLOC-7-ERR_SYSDB_EDM_REG FGID allocator failed to perform EDM registration; rc equals [chars] Explanation The FGID allocator was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. The FGID component and the System should continue to function as normal, with the exception that the ’show’ commands for FGID allocator will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FGID_BCDL_CONSUMER Messages Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BCDL [chars] ; rc equals [chars] Explanation The BCDL Consumer process has encountered the annunciated BCDL error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BCDL [chars] ; rc equals [chars] Explanation The BCDL Consumer process has encountered the annunciated BCDL error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BOARD_TYPE FGID BCDL Consumer failed to get hardware board type: rc equals [chars] Explanation The FGID BCDL Consumer was unable to get the board type. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_BCDL_CONSUMER Messages EM-100 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BOARD_TYPE FGID BCDL Consumer failed to get hardware board type: rc equals [chars] Explanation The FGID BCDL Consumer was unable to get the board type. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_DEBUG_INIT The FGID BCDL Consumer Failed to initialize debug; rc equals [chars] Explanation The FGID BCDL Consumer was unable to initialize debug. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_DEBUG_INIT The FGID BCDL Consumer Failed to initialize debug; rc equals [chars] Explanation The FGID BCDL Consumer was unable to initialize debug. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_EVM [chars] : [chars] Explanation The FGID BCDL consumer encountered the annunciated Event Manager Error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_BCDL_CONSUMER Messages EM-101 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_EVM [chars] : [chars] Explanation The FGID BCDL consumer encountered the annunciated Event Manager Error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FDI_CLIENT_REG Unable to perform FDI client registration; rc equals [chars] Explanation The FGID BCDL Consumer was unable to register with the FDI client. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FDI_CLIENT_REG Unable to perform FDI client registration; rc equals [chars] Explanation The FGID BCDL Consumer was unable to register with the FDI client. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_DOWNLOAD_DONE_NOTIF FGID BCDL Consumer failed to notify SFE driver about FGID download complete; rc equals [chars] Explanation The FGID BCDL Consumer encountered an error while notifying the SFE driver about FGID download completion. This indicates a problem with communication between SFE_DRVR and FGID BCDL consumer. Restart SFE driver manually. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_BCDL_CONSUMER Messages EM-102 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_DOWNLOAD_DONE_NOTIF FGID BCDL Consumer failed to notify SFE driver about FGID download complete; rc equals [chars] Explanation The FGID BCDL Consumer encountered an error while notifying the SFE driver about FGID download completion. This indicates a problem with communication between SFE_DRVR and FGID BCDL consumer. Restart SFE driver manually. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_SET FGID BCDL Consumer failed to set FGID [chars] bitmap; rc equals [chars] Explanation The FGID BCDL Consumer encountered an error while setting S2 or S3 bitmap. This indicates a problem with the communication between the SFE driver and the FGID BCDL consumer. The FGID BCDL consumer and/or SEA driver may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_SET FGID BCDL Consumer failed to set FGID [chars] bitmap; rc equals [chars] Explanation The FGID BCDL Consumer encountered an error while setting S2 or S3 bitmap. This indicates a problem with the communication between the SFE driver and the FGID BCDL consumer. The FGID BCDL consumer and/or SEA driver may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_RACK_NUM FGID BCDL Consumer failed to get the rack value; rc equals [chars] Explanation The FGID BCDL Consumer encountered an error while retrieving the rack value from nodeid. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_BCDL_CONSUMER Messages EM-103 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_RACK_NUM FGID BCDL Consumer failed to get the rack value; rc equals [chars] Explanation The FGID BCDL Consumer encountered an error while retrieving the rack value from nodeid. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_USAGE Invalid argument. USAGE: [chars] Explanation The FGID BCDL consumer process was invoked with an unknown argument. The BCDL Consumer process was started with an invalid parameter. This is not an expected field event and details about software versions and the .startup file should be returned to engineering. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-3-ERR_USAGE Invalid argument. USAGE: [chars] Explanation The FGID BCDL consumer process was invoked with an unknown argument. The BCDL Consumer process was started with an invalid parameter. This is not an expected field event and details about software versions and the .startup file should be returned to engineering. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_BCDL_CONSUMER-7-ERR_LTRACE_INIT FGID BCDL Consumer failed to initialize the ltrace file [chars] : rc equals [chars] Explanation The FGID BCDL Consumer could not open the annunciated ltrace buffer. The FGID component and the system should function as normal, with the exception that ltrace will not be available for FGID BCDL Consumer process. Recommended Action No action is required. Fabric Messages FGID_LIB Messages EM-104 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_BCDL_CONSUMER-7-ERR_LTRACE_INIT FGID BCDL Consumer failed to initialize the ltrace file [chars] : rc equals [chars] Explanation The FGID BCDL Consumer could not open the annunciated ltrace buffer. The FGID component and the system should function as normal, with the exception that ltrace will not be available for FGID BCDL Consumer process. Recommended Action No action is required. FGID_LIB Messages Error Message %FABRIC-FGID_LIB-7-ERR_DEBUG_INIT FGID library failed to initialize the debug ; rc equals [chars]. Explanation The FGID library failed to initialize debug. The FGID component and the system should still function as normal, with the exception that the debugs will not be available for FGID library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_LIB-7-ERR_DEBUG_INIT FGID library failed to initialize the debug ; rc equals [chars]. Explanation The FGID library failed to initialize debug. The FGID component and the system should still function as normal, with the exception that the debugs will not be available for FGID library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_LIB-7-ERR_LTRACE_INIT FGID library failed to initialize the ltrace ; rc equals [chars]. Explanation The FGID library failed to initialize ltrace. The FGID component and the system should still function as normal, with the exception that the ltrace will not be available for FGID library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_SVR Messages EM-105 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_LIB-7-ERR_LTRACE_INIT FGID library failed to initialize the ltrace ; rc equals [chars]. Explanation The FGID library failed to initialize ltrace. The FGID component and the system should still function as normal, with the exception that the ltrace will not be available for FGID library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FGID_SVR Messages Error Message %FABRIC-FGID_SVR-2-ERR_EES_INIT Rack num could not be determined, rc equals [chars] Explanation Rack num could not be determined because platform_get_my_nodeid failed. Recommended Action Whenever this happens, fgid_server will dump a core file. No action is required. Error Message %FABRIC-FGID_SVR-3-ERR_BCDL [chars]; rc equals [chars] Explanation The FGID Server encountered the annunciated BCDL error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_BCDL [chars]; rc equals [chars] Explanation The FGID Server encountered the annunciated BCDL error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_SVR Messages EM-106 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_SVR-3-ERR_DSC Failed to register for DSC notification; rc equals [chars] Explanation The FGID Server encountered DSC error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_DSC Failed to register for DSC notification; rc equals [chars] Explanation The FGID Server encountered DSC error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_EES [chars], rc equals [chars] Explanation Issue with EES Recommended Action No action is required. Error Message %FABRIC-FGID_SVR-3-ERR_EVM_CREATE FGID Server failed to create [chars] evm; rc equals [chars] Explanation The FGID Server was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_SVR Messages EM-107 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_SVR-3-ERR_EVM_CREATE FGID Server failed to create [chars] evm; rc equals [chars] Explanation The FGID Server was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_EVM_SYNC_ATTACH FGID Server failed to attach [chars] evm; rc equals [chars] Explanation The FGID Server was unable to attach the indicated event handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_EVM_SYNC_ATTACH FGID Server failed to attach [chars] evm; rc equals [chars] Explanation The FGID Server was unable to attach the indicated event handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_SVR Messages EM-108 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_SVR-3-ERR_GSP [chars] ; rc equals [chars] Explanation The FGID-DB server encountered the annunciated GSP error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_GSP [chars] ; rc equals [chars] Explanation The FGID-DB server encountered the annunciated GSP error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_INTERNAL_SW [chars]; [chars] Explanation The FGID Server encountered the annunciated SW error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_INTERNAL_SW [chars]; [chars] Explanation The FGID Server encountered the annunciated SW error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_SVR Messages EM-109 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_SVR-3-ERR_MEM_ALLOC FGID Server unable to allocate [dec] bytes Explanation The FGID Server was unable to allocate memory. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_MEM_ALLOC FGID Server unable to allocate [dec] bytes Explanation The FGID Server was unable to allocate memory. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_USAGE FGID Server : Server Id requested [chars] is not a allowed server_id Explanation Incorrect command line parameters were passed to the FGID Server, and so it failed to start. Recommended Action Check the startup arguments passed to FGID-DB. A default configuration will be used if no parameters are passed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-3-ERR_USAGE FGID Server : Server Id requested [chars] is not a allowed server_id Explanation Incorrect command line parameters were passed to the FGID Server, and so it failed to start. Recommended Action Check the startup arguments passed to FGID-DB. A default configuration will be used if no parameters are passed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FGID_SVR Messages EM-110 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FGID_SVR-4-WARNING_INTERNAL_SW [chars]; [chars] Explanation The FGID Server encountered the annunciated SW error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-7-ERR_LTRACE_INIT FGID Server failed to initiaize the ltrace file [chars]; rc equals [chars] Explanation The FGID Server Could not open the annunciated ltrace buffer. The FGID component and the system should function as normal, with the exception that ltrace will not be available for fgid_server process. Recommended Action No action is required. Error Message %FABRIC-FGID_SVR-7-ERR_LTRACE_INIT FGID Server failed to initiaize the ltrace file [chars]; rc equals [chars] Explanation The FGID Server Could not open the annunciated ltrace buffer. The FGID component and the system should function as normal, with the exception that ltrace will not be available for fgid_server process. Recommended Action No action is required. Error Message %FABRIC-FGID_SVR-7-ERR_SYSMGR [chars] ; rc equals [chars] Explanation The FGID-DB server failed in sysmgr API Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FGID_SVR-7-ERR_SYSMGR [chars] ; rc equals [chars] Explanation The FGID-DB server failed in sysmgr API Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Fabric Messages FIA_API Messages EM-111 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FIA_API Messages Error Message %FABRIC-FIA_API-7-ERR_ECM Event Connection Manager (ECM) Error: [chars] : [chars] Explanation The FIA driver client library encountered the annunciated error condition. There are 3 types of this failure. - ECM create failure: In this case the FIA driver client library will not be able to connect to the FIA driver. - Register notification handler failure: In this case the FIA driver client library will not receive notification of ECM events. - Failure to open a connection: Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA_API-7-ERR_ECM Event Connection Manager (ECM) Error: [chars] : [chars] Explanation The FIA driver client library encountered the annunciated error condition. There are 3 types of this failure. - ECM create failure: In this case the FIA driver client library will not be able to connect to the FIA driver. - Register notification handler failure: In this case the FIA driver client library will not receive notification of ECM events. - Failure to open a connection: Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FIA Messages Error Message %FABRIC-FIA-2-ARB_SERDES_0_FAIL Arbitration Serdes Link 0 Failure Explanation Arbitration serdes link 0 failure. Recommended Action Wait a few minutes. If it doesn’t recover, please reload the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-112 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-2-ARB_SERDES_1_FAIL Arbitration Serdes Link 1Failure Explanation Arbitration serdes link 1 failure. Recommended Action Wait a few minutes. If it doesn’t recover, please reload the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-2-DATA_SERDES_0_FAIL Data Serdes Link 0 Failure Explanation Data serdes link 0 failure. Recommended Action Wait a few minutes. If it doesn’t recover, please reload the board using command ’reload location ’. Make sure board is seated properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-2-DATA_SERDES_1_FAIL Data Serdes Link 1 Failure Explanation Data serdes link 1 failure. Recommended Action Wait a few minutes. If it doesn’t recover, please reload the board using command ’reload location ’. Make sure board is seated properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-2-DATA_SERDES_2_FAIL Data Serdes Link 2 Failure Explanation Data serdes link 2 failure. Recommended Action Wait a few minutes. If it doesn’t recover, please reload the board using command ’reload location ’. Make sure board is seated properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-2-DATA_SERDES_3_FAIL Data Serdes Link 3 Failure Explanation Data serdes link 3 failure. Recommended Action Wait a few minutes. If it doesn’t recover, please reload the board using command ’reload location ’. Make sure board is seated properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-113 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-2-FIAHW_INT_FIFO [chars] [chars] ([hex]) Explanation This error usually indicates an internal hardware problem on the card. The internal parity error affects the communication bus between adjacent ASICs on the hardware datapath. The From Fabric or To Fabric direction, the detailed error string and the slot number are provided as part of the message. Recommended Action If there are other error reports about the switch fabric (CSC/SFC) then wait atleast 3 minutes for corrective action. Otherwise, run diagnostics for slot reporting error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-2-FIAHW_INT_PARITY [chars] [chars] ([hex]) Explanation This error usually indicates an internal hardware problem on the card. The internal parity error affects the communication bus between adjacent ASICs on the hardware datapath. The From Fabric or To Fabric direction, the detailed error string and the slot number are provided as part of the message. Recommended Action If there are other error reports about the switch fabric (CSC/SFC) then wait atleast 3 minutes for corrective action. Otherwise, run diagnostics for slot reporting error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-2-PKT_INT_ERR_AT_DDRIF_0 Pkt Integrity Error at DDR interface from Punt/Bridge-0 FPGA Explanation Packet Integrity Error at DDR interface from Punt/Bridge-0 FPGA. Recommended Action Verify correct version of Punt/Bridge FPGA is loaded. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-2-PKT_INT_ERR_AT_DDRIF_1 Pkt Integrity Error at DDR interface from Punt/Bridge-1 FPGA Explanation Packet Integrity Error at DDR interface from Punt/Bridge-1 FPGA. Recommended Action Verify correct version of Punt/Bridge FPGA is loaded. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-114 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-2-TEMP_TOO_HIGH Crossbar fabric interface ASIC temperature is too high Explanation Crossbar fabric interface ASIC is reporting a very high temperature. Recommended Action Check if board is reporting temperature alarm. If not, it is due to Crossbar fabric interface heatsink not being installed properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_ECM_CREATE Failed to create Event Connection Manager[[chars]]: [chars], exiting.... Explanation The FIA driver encountered an event connection manager error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_ECM_CREATE Failed to create Event Connection Manager[[chars]]: [chars], exiting.... Explanation The FIA driver encountered an event connection manager error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_ECM_REG Failed to register [chars] connection notification handler with the Event Connection Manager: [chars], exiting.... Explanation The FIA driver encountered an event connection manager error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-115 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-ERR_ECM_REG Failed to register [chars] connection notification handler with the Event Connection Manager: [chars], exiting.... Explanation The FIA driver encountered an event connection manager error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_EIO_TRAIN EIO link training failure threshold reached. Link will not be re-trained. ASIC instance: [dec], EIO link ID: [dec] Explanation Repeated attempts to train the EIO links between the FIA and Ingressq/Fabric ASIC has failed. No further attempts to retrain the link will be made. This is indicative of a hardware failure on the serial link between the ASICs or an inter-process communication error between the driver processes. Recommended Action Collect the required information indicated below. Also, run the field diags and the health check. If the health check or diags fail, then initiate the RMA process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_EIO_TRAIN EIO link training failure threshold reached. Link will not be re-trained. ASIC instance: [dec], EIO link ID: [dec] Explanation Repeated attempts to train the EIO links between the FIA and Ingressq/Fabric ASIC has failed. No further attempts to retrain the link will be made. This is indicative of a hardware failure on the serial link between the ASICs or an inter-process communication error between the driver processes. Recommended Action Collect the required information indicated below. Also, run the field diags and the health check. If the health check or diags fail, then initiate the RMA process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-116 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-ERR_EVM_INIT Failed to initialize the event manager: [chars], exiting... Explanation The FIA driver was unable to initialize an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_EVM_INIT Failed to initialize the event manager: [chars], exiting... Explanation The FIA driver was unable to initialize an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_INIT Initialization Error [[chars]]: [chars], exiting.... Explanation The FIA driver failed to initialize the device resulting in the restart of the FIA driver process. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action Verify that the fia_driver is up and running by executing the following command at the CLI of the active RP: ’show process fia_driver location ’ If it is still non-operational, enable the following debugs of the FIA driver process: eio All EIO library events error Errors in the driver fatal Fatal errors which cause driver to exit info All informational events init Initialization events Restart the driver by executing the following command at the CLI of the active RP: process restart fia_driver loc loc If the problem persists, this could be indicative of a hardware failure and it is recommended to run the field diagnostics on the failing MSC. Fabric Messages FIA Messages EM-117 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-ERR_INIT Initialization Error: [chars]. Exiting. Explanation FIA Driver encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_INIT Initialization Error [[chars]]: [chars], exiting.... Explanation The FIA driver failed to initialize the device resulting in the restart of the FIA driver process. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action Verify that the fia_driver is up and running by executing the following command at the CLI of the active RP: ’show process fia_driver location ’ If it is still non-operational, enable the following debugs of the FIA driver process: eio All EIO library events error Errors in the driver fatal Fatal errors which cause driver to exit info All informational events init Initialization events Restart the driver by executing the following command at the CLI of the active RP: process restart fia_driver loc loc If the problem persists, this could be indicative of a hardware failure and it is recommended to run the field diagnostics on the failing MSC. Error Message %FABRIC-FIA-3-ERR_MEM_ALLOC Memory allocation failed for internal data structures Explanation Memory was not available for an internal data structure. The requested operation could not be accomplished because of a low memory condition. The LC will not boot up successfully and will not be able to participate in data forwarding. Recommended Action Run the debug show commands, gather data and contact tac. Also ensure the LC is populated with the minimum amount of memory required for proper operation. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-118 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-ERR_MEM_ALLOC Memory allocation failed for internal data structures Explanation Memory was not available for an internal data structure. The requested operation could not be accomplished because of a low memory condition. The LC will not boot up successfully and will not be able to participate in data forwarding. Recommended Action Run the debug show commands, gather data and contact tac. Also ensure the LC is populated with the minimum amount of memory required for proper operation. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_MEM_MAP Failed to map ASIC instance [dec] into memory (PROT flags: [dec], MAP flags: [dec]): [chars] Explanation The FIA driver was unable to map the hardware of the specified ASIC instance into its memory space and therefore failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_MEM_MAP Failed to map ASIC instance [dec] into memory (PROT flags: [dec], MAP flags: [dec]): [chars] Explanation The FIA driver was unable to map the hardware of the specified ASIC instance into its memory space and therefore failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-119 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-ERR_PLL Failed to lock TX slice PLL after [unsigned int] retries (ASIC instance: [dec], slice ID: [unsigned int]). Explanation While initializing the transmit slices of the FIA, the driver failed to lock the PLL. This is caused due to a clock synchronization problem between the MSC and the fabric board. This would result in loss of connectivity and bandwidth to affected fabric board. Recommended Action Collect the required information indicated below. Also, run the field diags and the health check. If the health check or diags fail, then initiate the RMA process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-ERR_PLL Failed to lock TX slice PLL after [unsigned int] retries (ASIC instance: [dec], slice ID: [unsigned int]). Explanation While initializing the transmit slices of the FIA, the driver failed to lock the PLL. This is caused due to a clock synchronization problem between the MSC and the fabric board. This would result in loss of connectivity and bandwidth to affected fabric board. Recommended Action Collect the required information indicated below. Also, run the field diags and the health check. If the health check or diags fail, then initiate the RMA process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FFIAHW_ERR_FIFO [chars]: [chars] [hex] Explanation This error usually indicates an internal hardware problem on the card. The internal parity error affects the communication bus between adjacent ASICs on the hardware datapath. In this case parity error was detected in the FFIA internal reassembly memory. This error will trigger a recovery operation. The LC may not be able to forward data packets and traffic loss may be observed due to this error. Recommended Action If there are other error reports about the switch fabric (CSC/SFC) then wait several minutes for corrective action. Otherwise, run diagnostics for slot reporting error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-120 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-FFIAHW_ERR_PARITY [chars]: [chars] [hex] Explanation This error usually indicates an internal hardware problem on the card. The internal parity error affects the communication bus between adjacent ASICs on the hardware datapath. In this case the backpressure signals between FFIA and Tx PSE is having signal integrity issue. This error will trigger a recovery operation. The LC may not be able to forward data packets and traffic loss may be observed due to this error. Recommended Action If there are other error reports about the switch fabric (CSC/SFC) then wait several minutes for corrective action. Otherwise, run diagnostics for slot reporting error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_CHIP Failed to configure [chars] config value : [hex] in hardware, fc_mask equals [hex], staus equals [hex] Explanation The low level FIA driver was unable to complete its write operation. Possible cause is harware failure. Error recovery will be triggered for this error. The direction value of fia_config passed and status returned of the failure are indicated in th emessage. Recommended Action Wait atleast 3 minutes for corrective action to occur. Look for error reports about the switch fabric (CSC/SFC.) Error Message %FABRIC-FIA-3-FIAHW_CRC16 Too many CRC errors on fabric serial line (from fabric plane [dec]) Explanation This error indicates a problem in the interface between the card reporting error and the switch fabric card in the indicated fabric plane. Data corruption is imminent. Recommended Action Wait several minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) If errors persist, Move the card to another slot. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-121 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-FIAHW_CRC16 Too many CRC errors on fabric serial line (from fabric plane [dec]) Explanation This error indicates a problem in the interface between the card reporting error and the switch fabric card in the indicated fabric plane. Data corruption is imminent. Recommended Action Wait atleast 3 minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) If errors persist, you can try moving the card to another slot. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_DEVCTL FIA device access (read) failed for [chars] Explanation The low level fabric interface ASIC driver was unable to complete its hardware access operation. Hardware configuration may not have been successfully completed. This may result in traffic loss. The output of the show command may not be valid. The direction of the error is indicated in the message. Recommended Action Restart the fiad process on the LC. If the error persists, reload the LC using ’hw-module’ command. Error Message %FABRIC-FIA-3-FIAHW_EMPTY_DEST_SOFTREQ [chars] Empty destination software request error [hex] Explanation An unexpected error has occurred. This error typically means that a unicast or a multicast packet was received by the fabric interface ASIC to be forwarded across the switching fabric without any destination slot set in the header of the data packet. The direction of the error and the slot are indicated by the parameter in the message. Recommended Action None, this is a transient error and can be safely ignored. However multiple occurrences of this error indiactes a software problem. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-122 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-FIAHW_EXT_FIFO [chars] [chars] ([hex]) Explanation This error indicates a (possibly temporary) problem in the interface between the card reporting error and the switch fabric. Either the switch fabric is not able source or drain the data packets to this LC. This error is traffic affecting. Error recovery will be triggered. The From Fabric or To Fabric direction, the detailed error string and the slot number are provided as part of the message. Recommended Action Wait atleast 3 minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) If errors persist, you can try moving the card to another slot. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_EXT_PARITY [chars] [chars] ([hex]) Explanation This error indicates a (possibly temporary) problem in the interface between the card reporting error and the switch fabric. The error recovery will be triggered and the process should recover after a reset of the affected ASIC. The From Fabric or To Fabric direction, the detailed error string and the slot number are provided as part of the message. Recommended Action Wait atleast 3 minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) If errors persist, you can try moving the card to another slot. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_INT Unexpected [chars] interrupt Explanation An unexpected error has occurred. This error will trigger an error recovery and is traffic affecting. The direction in which the error occurred is specified as part of the meassage. This error message indicates a masked interrupt occured, even though its handled by the driver, this error should not have happened. Recommended Action Wait atleast 3 minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) Fabric Messages FIA Messages EM-123 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-FIAHW_LOS Persistent LOS on serial link (from fabric plane [dec]) Explanation This error indicates a problem (Loss of Sync) in the interface between the card reporting error and the switch fabric card in the indicated fabric plane. This error is traffic affecting. Error recovery is triggered by this error. Recommended Action Wait several minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) If errors persist, Move the card to another slot. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_LOS Persistent LOS on serial link (from fabric plane [dec]) Explanation This error indicates a problem (Loss of Sync) in the interface between the card reporting error and the switch fabric card in the indicated fabric plane. This error is traffic affecting. Error recovery is triggered by this error. Recommended Action Wait atleast 3 minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) If errors persist, you can try moving the card to another slot. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_LOS_CLEAR LOS cleared on serial link (from fabric plane [dec]) Explanation An earlier reported error (Loss of Sync) is now cleared. Normal operations can resume. Recommended Action No action is required. Error Message %FABRIC-FIA-3-FIAHW_LOS_CLEAR LOS cleared on serial link (from fabric plane [dec]) Explanation An earlier reported error (Loss of Sync) is now cleared. Normal operations can resume. Recommended Action No action is required. Fabric Messages FIA Messages EM-124 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-FIAHW_MULTI_DEST_SOFTREQ [chars] Multi destination unicast software request error [hex] Explanation An unexpected error has occurred. This error typically means that a unicast data packet was received by the fabric interface ASIC to be forwarded across the switching fabric with more than one destination slot. The direction of the error and the slot are indicated by the parameter in the message. Recommended Action None, this is a transient error and can be safely ignored. However multiple occurrences of this error indiactes a software problem. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_NOHALT Unexpected [chars] interrupt without halt Explanation An unexpected error has occurred. This error will trigger an error recovery procedure & is traffic affecting. The direction in which the error occurred is specified as part of the meassage. Recommended Action Wait atleast 3 minutes for the corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) Error Message %FABRIC-FIA-3-FIAHW_RATE Error report timer wheel failure detected Explanation An internal data structure was missing a field. Some errors may not be reported to the fabric control software. This error indicates data corruption in internal structures. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_RATE Error report timer wheel failure detected Explanation An internal data structure was missing a field. Some errors may not be reported to the fabric control software. This error indicates data corruption in internal structures. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-125 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-FIAHW_TMR Forced timeout of an internal timer failed, error [chars] Explanation The library call failed. This indicates internal data corruption on the LC. Certain errors may not be reported to the fabric control software. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_TMR Forced timeout of an internal timer failed, error [chars] Explanation The library call failed. This indicates internal data corruption on the LC. Certain errors may not be reported to the fabric control software. The error string as returned by the library call is included in the message. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-FIAHW_UNHANDLED Unexpected error case Explanation An unexpected error has occurred. This error will trigger an error recovery and is traffic affecting. An error other than the CRC or LOS has occurred. Recommended Action Wait atleast 3 minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) Error Message %FABRIC-FIA-3-FIAHW_UNHANDLED Unexpected error case Explanation An unexpected error has occurred. This error will trigger an error recovery and is traffic affecting. Recommended Action Wait several minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about the switch fabric (CSC/SFC.) Fabric Messages FIA Messages EM-126 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-3-TFIAHW_ERR_PACKET [chars]: [chars] [hex] Explanation This error usually indicates an internal hardware problem on the card. A corrupted packet was received from the Rx BMA, this indicates communication bus between the FIA and Rx BMA on the hardware datapath may have signal integrity issues. This error will trigger an error recovery. The LC may not be able to forward data packets and traffic loss may be observed due to this error. Recommended Action If there are other error reports about the switch fabric (CSC/SFC) then wait several minutes for corrective action. Otherwise, run diagnostics for slot reporting error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-3-TFIAHW_ERR_PARITY [chars]: [chars] [hex] Explanation This error usually indicates an internal hardware problem on the card. The internal parity error affects the communication bus between adjacent ASICs on the hardware datapath. The LC may not be able to forward data packets and traffic loss may be observed due to this error. The From Fabric or To Fabric direction, the detailed error string and the slot number are provided as part of the message. Recommended Action If there are other error reports about the switch fabric (CSC/SFC) then wait several minutes for corrective action. Otherwise, run diagnostics for slot reporting error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-4-ERR_CHKPT Failed to [chars] checkpoint record: [chars] Explanation The FIA driver encountered an error while updating or accessing its checkpoint information. Further high availability of the driver may be impacted. Recommended Action Verify that the fia_driver process is up and running by executing the following command at the CLI of the active RP: ’show process fia_driver’ If the high availability of the FIA driver is not important, then this message may be ignored. However, if this functionality is necessary then restart the FIA driver by issuing the following command at the CLI of the active RP: ’process restart fia_driver’ Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-127 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-4-ERR_CHKPT Failed to [chars] checkpoint record: [chars] Explanation The FIA driver encountered an error while updating or accessing its checkpoint information. Further high availability of the driver may be impacted. Recommended Action Verify that the fia_driver process is up and running by executing the following command at the CLI of the active RP: ’show process fia_driver’ If the high availability of the FIA driver is not important, then this message may be ignored. However, if this functionality is necessary then restart the FIA driver by issuing the following command at the CLI of the active RP: ’process restart fia_driver’ Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-4-ERR_SYSDB_CONN_TO_COID Failed to [chars] (despite connection to SysDB being open): [chars] Explanation The FIA driver was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-4-ERR_SYSDB_CONN_TO_COID Failed to [chars] (despite connection to SysDB being open): [chars] Explanation The FIA driver was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-4-ERR_SYSDB_EDM_REG Failed to register [chars] (despite connection to SysDB being open): [chars] Explanation The FIA driver was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-128 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-4-ERR_SYSDB_EDM_REG Failed to register [chars] (despite connection to SysDB being open): [chars] Explanation The FIA driver was unable to become an external data manager (EDM) despite having a connection to SysDB. The operation will be retried. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-4-FIAHW_WARNING_UNSUPPORTED_CARD Warning: This is an unsupported SIP-600 card with lower revision Fabric Interface ASIC Explanation This warning indicates that this is an older version of SIP-600 card which does not have a supported Fabric Interface ASIC (FIA). As a result, any CSC switch-over, RP fail-over or fabric card OIR may result in FIA ASIC errors, and the router may experience abnormal behavior. Recommended Action Replace with a later version of SIP-600. Error Message %FABRIC-FIA-5-ERR_DEV_NOT_FOUND Driver has not discovered ASIC instance [dec] yet [[chars]], retrying.... Explanation The FIA driver is polling for the device. Recommended Action If the message appears once and then stops, there is no cause for concern. If it persists or if fia_driver gets respawned by sysmgr for not returning EOI, then this could indicate a problem. Error Message %FABRIC-FIA-6-PCDS_STATS_TIMESTAMP_FAILURE pcds_get_timestamp failed for fia stats Explanation This is a message indicating failed to get timestamp for fia stats. Recommended Action No action is required. Error Message %FABRIC-FIA-6-PCDS_STATS_TIMESTAMP_FAILURE pcds_get_timestamp failed for superfish stats Explanation This is a message indicating failed to get timestamp for superfish stats. Recommended Action No action is required. Fabric Messages FIA Messages EM-129 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-7-ERR_CHKPT_INIT Failed to initialize checkpoint library: [chars]. Explanation The FIA driver failed to initialize the checkpoint library. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_CHKPT_INIT Failed to initialize checkpoint library: [chars]. Explanation The FIA driver failed to initialize the checkpoint library. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_CHKPT_REG Failed to register checkpoint table: [chars]. Explanation The FIA driver failed to register the checkpoint table. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_CHKPT_REG Failed to register checkpoint table: [chars]. Explanation The FIA driver failed to register the checkpoint table. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-130 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-7-ERR_EVM Failed to attach [chars] to event manager:[chars], exiting... Explanation The FIA driver was unable to attach the indicated event / handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_EVM Failed to attach [chars] to event manager:[chars], exiting... Explanation The FIA driver was unable to attach the indicated event / handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_EVM_ASYNC_ATTACH Failed to attach an asynchronous [chars] handler to event manager: [chars]. Explanation The FIA driver was unable to attach the indicated asynchronous handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-131 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-7-ERR_EVM_ASYNC_ATTACH Failed to attach an asynchronous [chars] handler to event manager: [chars]. Explanation The FIA driver was unable to attach the indicated asynchronous handler to the event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_EVM_CREATE Failed to create event manager for ’[chars]’: [chars], exiting... Explanation The FIA driver was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_EVM_CREATE Failed to create event manager for ’[chars]’: [chars], exiting... Explanation The FIA driver was unable to create an event manager for processing messages and hence failed to initialize. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-132 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed on [chars] thread: [chars] Explanation The FIA driver LWM event manager has failed to block on the indicated thread. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed on [chars] thread: [chars] Explanation The FIA driver LWM event manager has failed to block on the indicated thread. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_LWM_REPLY Failed to send reply: [chars]. Explanation The FIA driver failed to send messaging reply. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_LWM_REPLY Failed to send reply: [chars]. Explanation The FIA driver failed to send messaging reply. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_MEM_ALLOC Failed to allocate memory. Explanation FIA driver memory allocation error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIA Messages EM-133 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-7-ERR_MEM_ALLOC Failed to allocate memory. Explanation FIA driver memory allocation error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_SYSDB_EDM_DATALIST Failed to [chars] SYSDB EDM datalist: [chars]. Explanation The FIA driver has failed to either create / add a external data manager datalist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_SYSDB_EDM_DATALIST Failed to [chars] SYSDB EDM datalist: [chars]. Explanation The FIA driver has failed to either create / add a external data manager datalist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_SYSDB_EDM_OPEN Failed to open EDM event connection manager: [chars], exiting... Explanation The FIA driver to failed open the SysDB EDM connection by binding to it and registering using the event connection manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FIFO Messages EM-134 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FIA-7-ERR_SYSDB_EDM_OPEN Failed to open EDM event connection manager: [chars], exiting... Explanation The FIA driver to failed open the SysDB EDM connection by binding to it and registering using the event connection manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_THREAD_CREATE Failed to create [chars] thread: [chars], exiting.... Explanation The FIA driver failed to create the specified thread. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FIA-7-ERR_THREAD_CREATE Failed to create [chars] thread: [chars], exiting.... Explanation The FIA driver failed to create the specified thread. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FIFO Messages Error Message %FABRIC-FIFO-2-SW_FATAL_ERROR fatal s/w error encountered - [chars], [chars] Explanation An unrecoverable fatal s/w error was encountered, which results in severe board malfunction. The exact cause is appended to the error msg. Recommended Action Reload the board. *SUPPORT*Fabric Messages FSDB_FADB_MAIN Messages EM-135 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FSDB_FADB_MAIN Messages Error Message %FABRIC-FSDB_FADB_MAIN-3-EVT_MGR_CREATE_FAIL event manager create failed: [chars] Explanation FSDB FADB encountered an error while attempting to create an event manager for process fsdb_fadb Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB_FADB_MAIN-3-EXTRACT_NODE_ID_FAIL nodeid_extract_fields failed: [chars] Explanation FSDB FADB encountered an error while attempting to extract info from node id in process fsdb_fadb Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB_FADB_MAIN-3-GET_NODE_ID_FAIL platform_get_my_nodeid failed: [chars] Explanation FSDB FADB encountered an error while attempting to get node id in process fsdb_fadb Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB_FADB_MAIN-3-RESPAWN_COUNT_GET_FAIL respawn count get failed: [chars] Explanation FSDB FADB encountered an error while attempting to attach sync event handler for process fsdb_fadb Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB_FADB Messages EM-136 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB_FADB_MAIN-3-SYNC_HDLR_ATTACH_FAIL sync event handler attach failed: [chars] Explanation FSDB FADB encountered an error while attempting to attach sync event handler for process fsdb_fadb Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB_FADB_MAIN-3-SYSDB_BIND_FAIL sysdb bind failed: [chars] Explanation FSDB FADB encountered an error while attempting to bind to the rack endpoint to get router inventory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB_FADB_MAIN-3-SYSDB_LIST_FREE_FAIL sysdb list free failed: [chars] Explanation FSDB FADB encountered an error while attempting to free a list while getting the sysdb inventory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FSDB_FADB Messages Error Message %FABRIC-FSDB_FADB-3-SHM_CREATE_FAIL Shared memory creation failed: [chars] Explanation FSDB FADB encountered an error while attempting to create the FADB shared memory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-137 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB_FADB-3-SHM_OPEN_FAIL shm_open failed: [chars] Explanation FSDB FADB encountered an error while attempting to open the FADB shared memory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB_FADB-4-SHM_FILE_TRUNCATE_FAIL [chars]: shared memory file truncate failed: [chars] Explanation FSDB FADB encountered an error while attempting to truncate the FADB shared memory file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB_FADB-4-SHM_MMAP_FAIL [chars]: shared memory mapping failed: [chars] Explanation FSDB FADB encountered an error while attempting to map the FADB shared memory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FSDB Messages Error Message %FABRIC-FSDB-0-BARRIER_STALL_RACK_RELOAD Rack [dec] reloading due to fabric barrier stall on the rack. Fabric shutdown log saved in file [chars]. Explanation Rack is brought down if RPs on the rack are detected stalling on fabric barriers. If the rack is isolated from fabric via CLI, then this is expected. If this message occurs otherwise, it could be due to a software error or an unexpected hw error. Recommended Action If fabric links, fabric cards or fabric chassis connecting to the rack are brought down via CLI, then this is expected. If the problem happens otherwise, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-138 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-0-BARRIER_STALL_ROUTER_RELOAD Router reloading due to fabric barrier stall. Fabric shutdown log saved in file [chars]. Explanation Router is brought down if RPs on the dsc rack are detected stalling on fabric barriers. If the dsc rack is isolated from fabric via CLI, then this is expected. If this message occurs otherwise, it could be due to a software error or an unexpeced hw error. Recommended Action If fabric links, fabric cards or fabric chassis connecting to the dsc rack are brought down via CLI, then this is expected. If the problem happens otherwise, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-0-FABRIC_LOSS_LC_RELOAD [chars] reloading due to loss of fabric connectivity Explanation A line-card is reloading after detecting that it has totally lost connectivity to the fabric. If all the fabric boards are OIR’ed or brought down through CLI, this is expected. If this message occurs otherwise, it could be due to a software error. Recommended Action If the fabric planes are brought down or the S3-Sponge links are brought down intentionally, then this is expected. If the problem happens otherwise, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-0-FABRIC_LOSS_LC_RELOAD [chars] reloading due to loss of fabric connectivity Explanation A line-card is reloading after detecting that it has totally lost connectivity to the fabric. If all the fabric boards are OIR’ed or brought down through CLI, this is expected. If this message occurs otherwise, it could be due to a software error. Recommended Action If the fabric planes are brought down or the S3-Sponge links are brought down intentionally, then this is expected. If the problem happens otherwise, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-139 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-1-ERR_PLANE_CONFIG Fabric hardware found at location [chars] is inconsistent with current configured values : [chars] Explanation The fabric plane configuration for this multi-chassis system cannot be implemented with the hardware that has been discovered. This error may cause one or more fabric planes to stay down which will affect the bringup of the rest of the system. Possible causes could be incorrect admin plane configuration (ie the configuration states that slot 1 is the first card in a plane whereas slot 0 really is) or an incorrectly sized fiber module is inserted in a slot. Recommended Action Check the admin plane configuration to ensure that it corresponds with the actual physical topology of the system. If this configuration looks correct then contact support, otherwise correct the configuration and the system should recover. Error Message %FABRIC-FSDB-1-ERR_PLANE_CONFIG Fabric hardware found at location [chars] is inconsistent with current configured values : [chars] Explanation The fabric plane configuration for this multi-chassis system cannot be implemented with the hardware that has been discovered. This error may cause one or more fabric planes to stay down which will affect the bringup of the rest of the system. Possible causes could be incorrect admin plane configuration (ie the configuration states that slot 1 is the first card in a plane whereas slot 0 really is) or an incorrectly sized fiber module is inserted in a slot. Recommended Action Check the admin plane configuration to ensure that it corresponds with the actual physical topology of the system. If this configuration looks correct then contact support, otherwise correct the configuration and the system should recover. Error Message %FABRIC-FSDB-1-FABRIC_UPDOWN Fabric [chars] for data traffic Explanation If the fabric is reported down, it means that none of the fabric planes are UP. If the fabric is not UP, system cannot be used for any data traffic. Recommended Action Ensure that fabric cards are installed in the system. For multichassis systems ensure that the fabric racks have booted and the fabric cables are installed. Fabric can come up late if the fabric rack or fabric cards are booted up late. Wait for more time to see if the fabric comes UP. For MC systems, check if plane admin config exists on the router. If not, configure the plane admin config. If condition persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-1-PLANE_UPDOWN Plane [dec] state changed to [chars]%s; [chars] Explanation If the plane is reported down other than when administratively brought down, it means that the sprayer cannot reach *any* destination on the plane. This a symptom of too many other fabric errors (DESTINATION_UPDOWN) than an error itself. The plane can no longer be used to Fabric Messages FSDB Messages EM-140 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 send any traffic. If the plane is reported mcast_down, it means that certain fabric destinations are not reachable on this plane.It is still good for unicast traffic, but for destinations which are reachable on this plane. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-1-PLANE_UPDOWN Plane [dec] state changed to [chars]%s; [chars] Explanation If the plane is reported down other than when administratively brought down, it means that the sprayer cannot reach *any* destination on the plane. This a symptom of too many other fabric errors (DESTINATION_UPDOWN) than an error itself. The plane can no longer be used to send any traffic. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-2-ERR_CONTROL_MSG Rack [dec] sent illegal fabric control message - [chars] Explanation Fabric control software running in another rack has notified a status change that is impossible or illegal. Recommended Action This error can be caused by an attempt to use the router with in a fabric configuration that is not supported. For example, there may be three or more linecard racks that have dual-rack fabric cards installed. Ensure that the correct racks are installed in the router and that software displays the correct rack numbers and rack types for each rack. Ensure that the software fabric configuration is correct. If these steps do not find an error, restart fabric control software on the rack that produced this message, and on the rack sending the illegal message. ’admin process restart fsdb_server loc loc’. As restart process is disruptive, save output of all the commands mentioned in required_info before restarting the process. If problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-2-ERR_CONTROL_MSG Rack [dec] sent illegal fabric control message - [chars] Explanation Fabric control software running in another rack has notified a status change that is impossible or illegal. Recommended Action This error can be caused by an attempt to use the router with in a fabric configuration that is not supported. For example, there may be three or more linecard racks that have dual-rack fabric cards installed. Ensure that the correct racks are installed in the router and that software displays the correct rack numbers and rack types for each rack. Ensure that the software fabric configuration is correct. If these steps do not find an error, restart fabric control software on Fabric Messages FSDB Messages EM-141 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 the rack that produced this message, and on the rack sending the illegal message. ’admin process restart fsdb_server loc loc’. As restart process is disruptive, save output of all the commands mentioned in required_info before restarting the process. If problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-2-INVALID_PLANE_SHUT_REQ Plane [dec] is reported to be defective. Unable to shut down the plane: [chars] Explanation This indicates that fsdb aserver process has received the request to shut down a fault plane. The plane is not shut down by the fsdb aserver due to the reason mentioned. Recommended Action If the identified plane is not already shut, shut down the plane in admin configuration: controller fabric plane shutdown Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-2-MSG_TO_FSDB_FAILED_CONNECT Cannot connect to fabric management process to report plane [dec] defective Explanation This is to indicate that the process has failed to connect to the fabric management process to report that the plane is defective. Recommended Action 1) Get the output from the following commands: ’sh controller fabric trace all’ on the dSC sh diagnostic result location this node detail sh diagnostic trace error location all sh diagnostic trace message location all 2) shut down the identified faulty plane in admin configuration: controller fabric plane shutdown 3) restart the process that is seeing the issue Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-2-MSG_TO_FSDB_FAILED_SEND Cannot send report of plane [dec] defective to the fabric management process Explanation This is to indicate that the process has failed to send an IPC message to the fabric management process that the plane is defective. Recommended Action 1) Get the output from the following commands: ’sh controller fabric trace all’ on the dSC sh diagnostic result location this node detail sh diagnostic trace error location all sh diagnostic trace message location all 2) shut down the identified faulty plane in admin configuration: controller fabric plane shutdown 3) restart the process that is seeing the issue Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-142 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ASERVER_DOWNLOAD Fabric configuration download [chars]: [chars] Explanation Fabric control software failed to synchronize configuration details between the fsdb_server and fsdb_aserver processes. If the affected rack is being added to the system it cannot be brought into service. If the affected rack is already in service, then it cannot respond to fabric failures or changes. Recommended Action No action is necessary. If condition persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ASERVER_DOWNLOAD Fabric configuration download [chars]: [chars] Explanation Fabric control software failed to synchronize configuration details between the fsdb_server and fsdb_aserver processes. If the affected rack is being added to the system it cannot be brought into service. If the affected rack is already in service, then it cannot respond to fabric failures or changes. Recommended Action No action is necessary. If condition persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_BUNDLE_LINK [dec] link down in bundle [chars] on plane [dec] Explanation This is to indicate that the no. of down links in a bundle has changed from zero to non-zero or vice versa. Recommended Action This message is expected if a cable is inserted or removed, or if a fabric card (or chassis) to which the cable connects is powered on or off, or rebooted. If a change to DOWN is seen in other circumstances it may be due to a hardware failure. Error Message %FABRIC-FSDB-3-ERR_BUNDLE_STATE Bundle [chars] on plane [dec] is [chars] Explanation Bundle state has changed. This can be because the state of one of the bundle ports comprising the bundle has changed. A bundle port is considered down if all the links comprising the bundle port go down. Recommended Action This message is expected if a cable is inserted or removed, or if a fabric card (or chassis) to which the cable connects is powered on or off, or rebooted. If a change to DOWN is seen in other circumstances it may be due to a hardware failure. Fabric Messages FSDB Messages EM-143 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_CHKPT Failed to register checkpoint record: [chars]. Exiting... Explanation FSDB server encountered an error while updating or accessing its checkpoint information. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_CHKPT Failed to [chars] checkpoint record: [chars]. Exiting... Explanation FSDB server encountered an error while updating or accessing its checkpoint information. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_CHKPT_INIT Failed to initialize check point library: [chars]. Exiting... Explanation FSDB was unable to setup the checkpointing facility to offer high availability functionality. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-144 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_CHKPT_INIT Failed to initialize check point library: [chars]. Exiting... Explanation FSDB was unable to setup the checkpointing facility to offer high availability functionality. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_DEBUG Failed to setup the debugging services: [chars]. Exiting... Explanation FSDB was unable to initialize the debugging services. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_DEBUG Failed to setup the debugging services: [chars]. Exiting... Explanation FSDB was unable to initialize the debugging services. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_DSC FSDB Server: DSC Error [[chars]]: [chars] Explanation Fabric Status Database server (FSDB) failed to communicate with the DSC server. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-145 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_DSC FSDB Server: DSC Error [[chars]]: [chars] Explanation Fabric Status Database server (FSDB) failed to communicate with the DSC server. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_ECM_CREATE Failed to create the event connection manager for [chars]: [chars]. Exiting... Explanation FSDB encountered an error while attempting to create an event connection manager for the specified path. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_ECM_CREATE Failed to create the event connection manager for [chars]: [chars]. Exiting... Explanation FSDB encountered an error while attempting to create an event connection manager for the specified path. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_ECM_NOTIFY Failed to install ECM notification hanlder for [chars] path: [chars]. Exiting... Explanation FSDB encountered an error while attempting to install an ECM notification handler for the specified path. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-146 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_ECM_NOTIFY Failed to install ECM notification hanlder for [chars] path: [chars]. Exiting... Explanation FSDB encountered an error while attempting to install an ECM notification handler for the specified path. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_EVM_CREATE Failed to create the event manager: [chars]. Exiting... Explanation FSDB encountered an error while attempting to create an event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_EVM_CREATE Failed to create the event manager: [chars]. Exiting... Explanation FSDB encountered an error while attempting to create an event manager. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_GET_NODEID FSDB Server: Failed to [chars]: [chars] Explanation FSDB server failed to obtain either its node ID or extract rack/slot/instance information (having obtained the node ID). The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-147 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_GET_NODEID FSDB Server: Failed to [chars]: [chars] Explanation FSDB server failed to obtain either its node ID or extract rack/slot/instance information (having obtained the node ID). The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_INTERNAL [chars] : [chars] Explanation An internal error occurred that was expected to succeed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_INTERNAL [chars] : [chars] Explanation An internal error occurred that was expected to succeed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_PARSE_FILE Parse error in fabric definition file [chars], line [dec] Explanation A file describing switch fabric components has errors. Some fabric components cannot be brought into service. Recommended Action A failed or incomplete software upgrade could cause this error. It could also be caused by corruption of an existing definition file. Ensure that the definition file is not damaged. If the problem persists, re-install the fabric control software. Fabric Messages FSDB Messages EM-148 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_PARSE_FILE Parse error in fabric definition file [chars], line [dec] Explanation A file describing switch fabric components has errors. Some fabric components cannot be brought into service. Recommended Action A failed or incomplete software upgrade could cause this error. It could also be caused by corruption of an existing definition file. Ensure that the definition file is not damaged. If the problem persists, re-install the fabric control software. Error Message %FABRIC-FSDB-3-ERR_RESYNC_ASSERT Restarting to recover from resync timeout Explanation During the deferral window, fsdb_server didnt hear from a driver or rack due to some connection/transport issue. Restarting fsdb_server will try to recover it. Recommended Action This clearly indicates an underlying transport issue. Error Message %FABRIC-FSDB-3-ERR_RESYNC_TIMEOUT Timeout during initial synchronization with [chars] Explanation When FSDB starts up it attempts to resynchronise the state with all current entities. This message indicates that one or more of these entities has not responded within the timeout period. This could lead to FSDB having an inconsistent view of the fabric, and can potentially cause traffic loss. Recommended Action Restarting FSDB process on any racks suffering from traffic loss may help, if not, restart FSDBs on all racks might resolve the issue. ’admin process restart fsdb_server location loc’ Since ’restart process’ is a disruptive operation and all the previous state is lost, all the logs for the commands mentioned in required_info should be saved. If problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_RESYNC_TIMEOUT Timeout during initial synchronization with [chars] Explanation When FSDB starts up it attempts to resynchronise the state with all current entities. This message indicates that one or more of these entities has not responded within the timeout period. This could lead to FSDB having an inconsistent view of the fabric, and can potentially cause traffic loss. Recommended Action Restarting FSDB process on any racks suffering from traffic loss may help, if not, restart FSDBs on all racks might resolve the issue. ’admin process restart fsdb_server location loc’ Since ’restart process’ is a disruptive operation and all the previous state is lost, all the logs for the commands mentioned in required_info should be saved. If problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-149 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_SYSDB FSDB Server: Sysdb failed to [chars]: [chars] Explanation FSDB encountered a Sysdb communication failure. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_SYSDB FSDB Server: Sysdb failed to [chars]: [chars] Explanation FSDB encountered a Sysdb communication failure. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_SYSDB_BIND Connection to the sysdb server failed: [chars] Explanation FSDB failed to open a connection to the Sysdb Server process for one of the paths. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_SYSDB_BIND Connection to the sysdb server failed: [chars] Explanation FSDB failed to open a connection to the Sysdb Server process for one of the paths. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-150 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_SYSDB_EDM_NOTIF_GEN FSDB Server: Failed generating [chars] notification: [chars] Explanation FSDB external data manager failed to generate a trap notification. Process would continue to run normally. Recommended Action This message indicate that trap notifications of the operational states of planes and bundles would not occur. If snmp managability is not enabled, this message can be ignored. However, if this functionality is necessary then restart the process by issuing the following command at the CLI of the active RP after collecting all the output of all the specified commands. ’admin process restart fsdb_server/fsdb_aserver loc loc’ Restart fsdb_server if the bundle state traps are missing else if plane state traps are missing restart fsdb_aserver. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_SYSDB_EDM_NOTIF_GEN FSDB Server: Failed generating [chars] notification: [chars] Explanation FSDB external data manager failed to generate a trap notification. Process would continue to run normally. Recommended Action This message indicate that trap notifications of the operational states of planes and bundles would not occur. If snmp managability is not enabled, this message can be ignored. However, if this functionality is necessary then restart the process by issuing the following command at the CLI of the active RP after collecting all the output of all the specified commands. ’admin process restart fsdb_server/fsdb_aserver loc loc’ Restart fsdb_server if the bundle state traps are missing else if plane state traps are missing restart fsdb_aserver. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_SYSDB_EDM_REG Failed to register as an EDM for [chars]: [chars], exiting... Explanation The FSDB was unable to become an external data manager (EDM) for the specified path. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-151 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_SYSDB_EDM_REG Failed to register as an EDM for [chars]: [chars], exiting... Explanation The FSDB was unable to become an external data manager (EDM) for the specified path. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger respective RP/SC switchover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_SYSDB_REG_NOTIF FSDB Server: Failed to register notification for [chars] path: [chars]. SNMP traps will not be generated for this path Explanation FSDB external data manager failed to register for notifications for the specified path. Process would continue to run normally, except that SNMP traps will not be generated for changes in fabric state. Recommended Action This message indicate that trap notifications of the operational states of planes and bundles would not occur. If snmp managability is not enabled, this message can be ignored. However, if this functionality is necessary then restart the process by issuing the following command at the CLI of the active RP after collecting all the output of all the specified commands. ’admin process restart fsdb_server/fsdb_aserver loc loc’ Restart fsdb_server if the bundle state traps are missing else if plane state traps are missing restart fsdb_aserver. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-3-ERR_SYSDB_REG_NOTIF FSDB Server: Failed to register notification for [chars] path: [chars]. SNMP traps will not be generated for this path Explanation FSDB external data manager failed to register for notifications for the specified path. Process would continue to run normally, except that SNMP traps will not be generated for changes in fabric state. Recommended Action This message indicate that trap notifications of the operational states of planes and bundles would not occur. If snmp managability is not enabled, this message can be ignored. However, if this functionality is necessary then restart the process by issuing the following command at the CLI of the active RP after collecting all the output of all the specified commands. ’admin process restart fsdb_server/fsdb_aserver loc loc’ Restart fsdb_server if the bundle state traps are missing else if plane state traps are missing restart fsdb_aserver. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-152 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-3-ERR_UNKNOWN_FAB_DEF Cannot find fabric definition file [chars] Explanation A file describing switch fabric components is not present on the router. Recommended Action If the hardware installed in the router has changed, ensure that fabric control software has been upgraded to the correct version. If the correct software has been installed, report the problem to technical support. Error Message %FABRIC-FSDB-3-ERR_UNKNOWN_FAB_DEF Cannot find fabric definition file [chars] Explanation A file describing switch fabric components is not present on the router. Recommended Action If the hardware installed in the router has changed, ensure that fabric control software has been upgraded to the correct version. If the correct software has been installed, report the problem to technical support. Error Message %FABRIC-FSDB-4-ERR_DEST_CONN Node ([chars]) is not reachable on plane [dec] Explanation This is to indicate that a node has lost connectivity to a plane. Most likely, back plane connectivity between the node and the fabric card has failed. Recommended Action To fix the issue please reinsert the card and make sure it seats well. If that doesn’t help than verify the integrity of mid-plane pins. Error Message %FABRIC-FSDB-4-ERR_FLED [chars] : [chars], LED(Row [dec], col [dec]), corresponding to node [dec] Explanation Fabric LED internal software error occurred. It is possible to continue operation, although some LEDs on fabric led board may incorrectly illuminate. However, if this functionality is necessary then restart the process by issuing the following command at the CLI of the active RP after collecting all the output of all the specified commands. ’admin process restart fsdb_server loc loc’ *SUPPORT* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-153 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-4-ERR_FLED [chars] : [chars], LED(Row [dec], col [dec]), corresponding to node [dec] Explanation Fabric LED internal software error occurred. It is possible to continue operation, although some LEDs on fabric led board may incorrectly illuminate. However, if this functionality is necessary then restart the process by issuing the following command at the CLI of the active RP after collecting all the output of all the specified commands. ’admin process restart fsdb_server loc loc’ *SUPPORT* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_INTERNAL_WARN [chars] : [chars] Explanation FSDB encountered a minor internal software error. It is possible that fabric operates normally without any issues. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_INTERNAL_WARN [chars] : [chars] Explanation FSDB encountered a minor internal software error. It is possible that fabric operates normally without any issues. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_THREAD_COND_SIGNAL Failed thread conditional signal on [chars]: [chars]. Explanation FSDB encountered an error while attempting to signal a thread conditionally. The operation related to the resource will be affected and the process will continue to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-154 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-4-ERR_THREAD_COND_SIGNAL Failed thread conditional signal on [chars]: [chars]. Explanation FSDB encountered an error while attempting to signal a thread conditionally. The operation related to the resource will be affected and the process will continue to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_THREAD_COND_WAIT Failed thread conditional wait on [chars]: [chars]. Explanation FSDB encountered an error while attempting to wait conditionally on a thread. The operation related to the resource will be affected and the process will continue to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_THREAD_COND_WAIT Failed thread conditional wait on [chars]: [chars]. Explanation FSDB encountered an error while attempting to wait conditionally on a thread. The operation related to the resource will be affected and the process will continue to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_THREAD_MUTEX_LOCK Failed to lock [chars] mutex : [chars]. Explanation FSDB encountered an error while locking a mutex to access the specified shared resource. The operation related to the resource may be affected while the process continues to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSDB Messages EM-155 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-4-ERR_THREAD_MUTEX_LOCK Failed to lock [chars] mutex : [chars]. Explanation FSDB encountered an error while locking a mutex to access the specified shared resource. The operation related to the resource may be affected while the process continues to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_THREAD_MUTEX_UNLOCK Failed to unlock [chars] mutex : [chars]. Explanation FSDB encountered an error while locking unlocking a mutex to access the specified shared resource. The operation related to the resource may be affected while the process continues to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-ERR_THREAD_MUTEX_UNLOCK Failed to unlock [chars] mutex : [chars]. Explanation FSDB encountered an error while locking unlocking a mutex to access the specified shared resource. The operation related to the resource may be affected while the process continues to run normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-4-PLANE_SHUTDOWN It is advisable to have [chars] to be up. Shutting down all the planes will leave the router in unrecoverable state. Explanation In a CRS-16 system, at least one odd plane and at least one even plane is required. In others, at least one plane is required. If all the planes are shutdown, the router goes into an unrecoverable state. Recommended Action Try to unshut a plane. If it doesnt help, the only way out is to reload the router either from the CLI or powercycle. Fabric Messages FSDB Messages EM-156 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-6-PLANE_DEST_UNREACHABLE Fabric address [dec] unreachable on plane [dec]. [dec] links up. Threshold [dec] Explanation This message gives additional information related to a plane in multicast-down state. It reports the number of operating fabric links from the plane to the destination. The threshold reported is the number of fabric links that are required for the destination to be considered reachable. Recommended Action No action is required. Error Message %FABRIC-FSDB-6-PLANE_GROUP_DISABLED Disabled fabric traffic from group [dec] of rack [dec] in plane [dec]. [dec] links up. Threshold [dec] Explanation This message gives additional information related to a plane in multicast-down state. It reports that a group of fabric cards are unable to send traffic to any destination. For CRS-1 16-slot chassis, group 0 is the upper shelf containing line cards 0 to 7. Group 1 is the lower shelf containing line cards 8 to 15 and both RPs The message reports the number of operating data links from the specified group to the fabric plane that are operating. The reported threshold is the number of data links that should be operating in order to make the fabric group usable. Recommended Action No action is required. Error Message %FABRIC-FSDB-6-PLANE_GROUP_UNREACHABLE All fabric addresses in group [dec] of rack [dec] unreachable on plane [dec]. [dec] links up. Threshold [dec] Explanation This message gives additional information related to a plane in multicast-down state. It reports that a group of fabric addresses have become unreachable. For CRS-1 16-slot chassis, group 0 is the upper shelf containing line cards 0 to 7. Group 1 is the lower shelf containing line cards 8 to 15 and both RPs. The message reports the number of data links that are operating from the fabric plane to the specified group. The threshold is the number of data links that should be operating in order to make the fabric group reachable. Recommended Action No action is required. Error Message %FABRIC-FSDB-6-PLANE_RACK_MCAST_DOWN Plane [dec] reported in multicast-down state by rack(s)[chars] Explanation This message gives additional information related to a plane in multicast-down state. The message contains a comma-separated list of the line card racks that reported the multicast-down state. Recommended Action No action is required. Fabric Messages FSDB Messages EM-157 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSDB-7-ERR_MEM_ALLOC Failed to allocate memory. Explanation FSDB has failed to allocate memory for its resources. This would affect proper functioning of fabric. Recommended Action This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-FSDB-7-ERR_MEM_ALLOC Failed to allocate memory. Explanation FSDB has failed to allocate memory for its resources. This would affect proper functioning of fabric. Recommended Action This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-FSDB-7-ERR_SYSDB_BAG_ENCODE FSDB Server: SYSDB Bag encode[[chars]]: [chars] Explanation FSDB server encountered error in sysdb bag encode operation. This could affect output of some of the fabric CLI commands. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSDB-7-ERR_SYSDB_BAG_ENCODE FSDB Server: SYSDB Bag encode[[chars]]: [chars] Explanation FSDB server encountered error in sysdb bag encode operation. This could affect output of some of the fabric CLI commands. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Fabric Messages FSTATSA Messages EM-158 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FSTATSA Messages Error Message %FABRIC-FSTATSA-3-ERR_BAG_REG Bag register error is detected; [chars]. Explanation Fabric statistics aggregator process encountered a fatal error to register its bags to bag software. This software error will cause process termination for recovery The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_BAG_REG Bag register error is detected; [chars]. Explanation Fabric statistics aggregator process encountered a fatal error to register its bags to bag software. This software error will cause process termination for recovery The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_DEBUG_INIT_EVENT Debug initialization for the fstats/server/[chars] event failed; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to initialize debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSA Messages EM-159 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSA-3-ERR_DEBUG_INIT_EVENT Debug initialization for the fstats/server/[chars] event failed; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to initialize debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_DEBUG_REGISTER Debug registration for fabric statistics server failed; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to register debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_DEBUG_REGISTER Debug registration for fabric statistics server failed; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to register debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSA Messages EM-160 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSA-3-ERR_EVM_CREATE Failed to create event manager; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to create its event manager for receiving events. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_EVM_CREATE Failed to create event manager; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to create its event manager for receiving events. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_GSP_GROUP_CREATE GSP group [chars] creation/join was failed; [chars]; rc equals [hex]. Explanation Fabric statistics aggregator process encountered a fatal error to create group for group communication. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSA Messages EM-161 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSA-3-ERR_GSP_GROUP_CREATE GSP group [chars] creation/join was failed; [chars]; rc equals [hex]. Explanation Fabric statistics aggregator process encountered a fatal error to create group for group communication. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_INTERNAL Internal software error: [chars]; [chars] Explanation Fabric statistics aggregator process encountered a fatal internal software error. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. *RECUR* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_INTERNAL Internal software error: [chars]; [chars] Explanation Fabric statistics aggregator process encountered a fatal internal software error. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. *RECUR* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_SYSDB_BIND Can’t bind to SysDB at [chars]; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to bind to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSA Messages EM-162 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSA-3-ERR_SYSDB_BIND Can’t bind to SysDB at [chars]; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to bind to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_SYSDB_EDM_REG Failed to register SysDB EDM at [chars]; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to register EDM to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_SYSDB_EDM_REG Failed to register SysDB EDM at [chars]; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to register EDM to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSA-3-ERR_SYSMGR_PROC_READY Failed to report process ready to sysmgr; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to report process ready to sysmgr. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSC Messages EM-163 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSA-3-ERR_SYSMGR_PROC_READY Failed to report process ready to sysmgr; [chars] Explanation Fabric statistics aggregator process encountered a fatal error to report process ready to sysmgr. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FSTATSC Messages Error Message %FABRIC-FSTATSC-3-ERR_GSP_GROUP_CREATE GSP group [chars] creation/join was failed; [chars]. Explanation Fabric statistics client library encountered failure of creating group for GSP group communication. Recommended Action Restart Fabric statistics client manually if the error is persistent. Error Message %FABRIC-FSTATSC-3-ERR_GSP_GROUP_CREATE GSP group [chars] creation/join was failed; [chars]. Explanation Fabric statistics client library encountered failure of creating group for GSP group communication. Recommended Action Restart Fabric statistics client manually if the error is persistent. Error Message %FABRIC-FSTATSC-7-ERR_DEBUG_CLEANUP Debug cleanup for fabric statistics client library failed: [chars] Explanation Fabric statistics client library encountered debug facility clean up failure. Recommended Action None. Fabric Messages FSTATSC Messages EM-164 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSC-7-ERR_DEBUG_CLEANUP Debug cleanup for fabric statistics client library failed: [chars] Explanation Fabric statistics client library encountered debug facility clean up failure. Recommended Action None. Error Message %FABRIC-FSTATSC-7-ERR_DEBUG_INIT_EVENT Debug initialization for the fstats/client/[chars] event failed: [chars] Explanation Fabric statistics client library encountered debug facility initialization failure. When this error happens, the library will not able to enable debug. Recommended Action Restart Fabric statistics client manually if the error is persistent. Error Message %FABRIC-FSTATSC-7-ERR_DEBUG_INIT_EVENT Debug initialization for the fstats/client/[chars] event failed: [chars] Explanation Fabric statistics client library encountered debug facility initialization failure. When this error happens, the library will not able to enable debug. Recommended Action Restart Fabric statistics client manually if the error is persistent. Error Message %FABRIC-FSTATSC-7-ERR_DEBUG_REG Debug registration for fabric statistics client library failed: [chars] Explanation Fabric statistics client library encountered debug facility registration failure. When this error happens, the library will not able to enable debug. Recommended Action Restart Fabric statistics client manually if the error is persistent. Error Message %FABRIC-FSTATSC-7-ERR_DEBUG_REG Debug registration for fabric statistics client library failed: [chars] Explanation Fabric statistics client library encountered debug facility registration failure. When this error happens, the library will not able to enable debug. Recommended Action Restart Fabric statistics client manually if the error is persistent. Fabric Messages FSTATSS Messages EM-165 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSC-7-ERR_GSP_LOOKUP_LWG GSP lightweight group [chars] lookup was failed; [chars]. Explanation Fabric statistics client library encountered failure when it looks up Fabric server light weight group for light weight group communication. Normally, this is a transient error. It can be a true error if the error is persistent. Recommended Action Restart Fabric statistics client manually if the error is persistent in a specific fabric card. Restart Fabric statistics server manually if the error is persistent in many fabric cards. Error Message %FABRIC-FSTATSC-7-ERR_GSP_LOOKUP_LWG GSP lightweight group [chars] lookup was failed; [chars]. Explanation Fabric statistics client library encountered failure when it looks up Fabric server light weight group for light weight group communication. Normally, this is a transient error. It can be a true error if the error is persistent. Recommended Action Restart Fabric statistics client manually if the error is persistent in a specific fabric card. Restart Fabric statistics server manually if the error is persistent in many fabric cards. FSTATSS Messages Error Message %FABRIC-FSTATSS-3-ERR_BAG_REG Bag register error is detected; [chars]. Explanation Fabric statistics server process encountered a fatal error to register its bags to bag software. This software error will cause process termination for recovery The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSS Messages EM-166 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSS-3-ERR_BAG_REG Bag register error is detected; [chars]. Explanation Fabric statistics server process encountered a fatal error to register its bags to bag software. This software error will cause process termination for recovery The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_DEBUG_INIT_EVENT Debug initialization for the fstats/server/[chars] event failed; [chars] Explanation Fabric statistics server process encountered a fatal error to initialize debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_DEBUG_INIT_EVENT Debug initialization for the fstats/server/[chars] event failed; [chars] Explanation Fabric statistics server process encountered a fatal error to initialize debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSS Messages EM-167 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSS-3-ERR_DEBUG_REGISTER Debug registration for fabric statistics server failed; [chars] Explanation Fabric statistics server process encountered a fatal error to register debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_DEBUG_REGISTER Debug registration for fabric statistics server failed; [chars] Explanation Fabric statistics server process encountered a fatal error to register debug facility and hence failed to initialize. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_EVM_CREATE Failed to create event manager; [chars] Explanation Fabric statistics server process encountered a fatal error to create its event manager for receiving events. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSS Messages EM-168 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSS-3-ERR_EVM_CREATE Failed to create event manager; [chars] Explanation Fabric statistics server process encountered a fatal error to create its event manager for receiving events. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_GSP_GROUP_CREATE GSP group [chars] creation/join was failed; [chars]; rc equals [hex]. Explanation Fabric statistics server process encountered a fatal error to create group for group communication. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_GSP_GROUP_CREATE GSP group [chars] creation/join was failed; [chars]; rc equals [hex]. Explanation Fabric statistics server process encountered a fatal error to create group for group communication. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSS Messages EM-169 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSS-3-ERR_INTERNAL Internal software error: [chars]; [chars] Explanation Fabric statistics server process encountered a fatal internal software error. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_INTERNAL Internal software error: [chars]; [chars] Explanation Fabric statistics server process encountered a fatal internal software error. This software error will cause process termination to recover. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_MEM_ALLOC Could not allocate memory for [chars]. Explanation Fabric statistics server process encountered memory allocation error for creating statistics database or storing statistics data. This software error will cause process termination to recover during process initialization. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action Memory allocation failures will happen if the the router runs out of memory or memory leak in this process or other processes. User needs to do ’process restart memory hog process job id’ to recover. Error Message %FABRIC-FSTATSS-3-ERR_MEM_ALLOC Could not allocate memory for [chars]. Explanation Fabric statistics server process encountered memory allocation error for creating statistics database or storing statistics data. This software error will cause process termination to recover during process initialization. The System Manager process (sysmgr) will automatically Fabric Messages FSTATSS Messages EM-170 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action Memory allocation failures will happen if the the router runs out of memory or memory leak in this process or other processes. User needs to do ’process restart memory hog process job id’ to recover. Error Message %FABRIC-FSTATSS-3-ERR_SYSDB_BIND Can’t bind to SysDB at [chars]: [chars] Explanation Fabric statistics server process encountered a fatal error to bind to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_SYSDB_BIND Can’t bind to SysDB at [chars]: [chars] Explanation Fabric statistics server process encountered a fatal error to bind to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_SYSDB_EDM_REG Failed to register SysDB EDM at at [chars]: [chars] Explanation Fabric statistics server process encountered a fatal error to register EDM to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages FSTATSS Messages EM-171 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSS-3-ERR_SYSDB_EDM_REG Failed to register SysDB EDM at at [chars]: [chars] Explanation Fabric statistics server process encountered a fatal error to register EDM to admin plane sysdb server. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_SYSMGR_PROC_READY Failed to report process ready to sysmgr; [chars] Explanation Fabric statistics server process encountered a fatal error to report process ready to sysmgr. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-FSTATSS-3-ERR_SYSMGR_PROC_READY Failed to report process ready to sysmgr; [chars] Explanation Fabric statistics server process encountered a fatal error to report process ready to sysmgr. This software error will cause process termination for recovery. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages HFR_FSDB_FADB_LTRACE Messages EM-172 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-FSTATSS-7-ERR_RSC_REG_INCONSISTENT_VALUE [chars]: fabric resource registration error due to inconsistent value. Explanation Fabric statistics server process encountered a transient error due to the inconsistent checking of the received message. This error message will be a true error if many error message is logged and the error is persistent. Recommended Action If the error continues, user will need to restart the process for recovery. Error Message %FABRIC-FSTATSS-7-ERR_RSC_REG_INCONSISTENT_VALUE [chars]: fabric resource registration error due to inconsistent value. Explanation Fabric statistics server process encountered a transient error due to the inconsistent checking of the received message. This error message will be a true error if many error message is logged and the error is persistent. Recommended Action If the error continues, user will need to restart the process for recovery. HFR_FSDB_FADB_LTRACE Messages Error Message %FABRIC-HFR_FSDB_FADB_LTRACE-3-ERROR_INIT_FAIL ltrace initialization operation failed for error traces: [chars] Explanation The FSDB FADB ltrace lib failed to initialize the error ltrace Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-HFR_FSDB_FADB_LTRACE-3-EVENT_INIT_FAIL ltrace initialization operation failed for events: [chars] Explanation The FSDB FADB ltrace lib failed to initialize the events ltrace Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_ALARM Messages EM-173 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-HFR_FSDB_FADB_LTRACE-3-INTERNAL_INIT_FAIL ltrace initialization operation failed for internal traces: [chars] Explanation The FSDB FADB ltrace lib failed to initialize the internal ltrace Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INGRESSQ_ALARM Messages Error Message %FABRIC-INGRESSQ_ALARM-2-DEVICE_HALT INGRESSQ: device halted, sub-block: [chars], halted entity: [chars] Explanation INGRESSQ, ASIC got halted. The halted block and its parent block are provided Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_ALARM-2-DEVICE_HALT INGRESSQ: device halted, sub-block: [chars], halted entity: [chars] Explanation INGRESSQ, ASIC got halted. The halted block and its parent block are provided Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INGRESSQ_DLL Messages Error Message %FABRIC-INGRESSQ_DLL-2-ASIC_RESET_FAILED Ingressq ASIC reset failed. Bringing the MSC down. Explanation Ingressq, ASIC reset failed and it could be due to several reasons. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-174 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-2-ERR_EIO_TRAIN EIO link training threshold exceeded, link: [dec] Explanation Ingressq DLL encountered a fatal error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-2-ERR_EIO_TRAIN EIO link training threshold exceeded, link: [dec] Explanation Repeated attempts to train the EIO links to the neighboring Asic have failed. No further attempts to retrain the link will be made. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-2-TAKING_NODE_DOWN Taking the node down, Reason: [chars] Explanation Ingressq DLL encountered a fatal error and taking the node down. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-2-TAKING_NODE_DOWN Taking the node down, Reason: [chars] Explanation Ingressq DLL encountered an fatal error mentioned above. The driver triggers MSC node-down to recover from the error. Recommended Action This might be a recovery action from a fault. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-BRM_BARRIER_SYNCUP_FAILED BRM Block: Barrier sync up failed for this node. Last sync state equals [dec] Explanation There might be a fabric disconnect in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-175 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_FCRAM_ASSERT Assert Error valid: [dec], block: [dec], debug_info: [dec] Explanation Ingressq encountered an assert error indicated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_FCRAM_ASSERT Assert Error valid: [dec], block: [dec], debug_info: [dec] Explanation Ingressq encountered an assert error in the FCRAM. The driver triggers a device reset. The device should be reinitialized. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_MBE Multiple Bit Error in Block: [chars] Error: [chars] at Memory Address [hex]. Explanation Ingressq encountered a multiple bit error in the mentioned block. This error is an uncorrectable error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_MBE Multiple Bit Error in Block: [chars] Error: [chars] at Memory Address [hex]. Explanation Ingressq encountered a multiple bit error in the mentioned block. This error is an uncorrectable error. Driver takes appropriate action to log and fix the error which may include a device reset. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-176 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-3-ERR_BIST Error during [chars] BIST Explanation BIST failed for the mentioned block. The driver should trigger a device reset to fix this error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-ERR_BIST Error during [chars] BIST Explanation Ingressq BIST error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-ERR_INIT [chars] Explanation The Ingressq driver failed to initialize the device resulting in the restart of the Ingressq driver process. Recommended Action Collect all the event logs and the output of the following command executed from the CLI of the active RP: ’show process ingressq’ Also, collect the fabric snapshot: ’show fabric-snapshot file loc ’ Error Message %FABRIC-INGRESSQ_DLL-3-ERR_INIT [chars] Explanation Ingressq dll manager encountered an fatal error and is not able recover from the error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-3-ERR_MEM_ALLOC Error Allocating memory for [chars] Explanation The Ingressq dll Memory Allocation Error message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-177 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-3-ERR_MEM_ALLOC Error Allocating memory for [chars] Explanation The Ingressq dll Memory Allocation Error message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-RESET Resetting IQM ASIC Device Explanation Reseting IQM ASIC on detecting fatal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-RESET Resetting IQM ASIC Device Explanation Ingressq, cpuctrl net interface encountered a CRC/Sync Error. This will result in the PIO or CDMA failure. Recommended Action If it is possible to isolate the trigger point for the sn link error, collect all the necessary condition that caused the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_POST_OP_FAILED Post OP Failed: sequencer state: [dec], reason: [chars] : [chars], #retries: [dec] Explanation Sprayer sequencer post op failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_POST_OP_FAILED Sequencer state: [dec], reason: [chars] : [chars], #retries: [dec] Explanation Ingressq driver state machine encountered a failure in initializing the device above threshold number of times. Driver will continue to initialize the device. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-178 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_PRE_OP_FAILED Pre OP Failed - Exiting : sequencer state: [dec], reason: [chars] : [chars] Explanation Sprayer sequencer pre op failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_PRE_OP_FAILED Exiting. sequencer state: [dec], reason: [chars] : [chars] Explanation Ingressq driver state machine encountered an unrecoverable error. This will result in driver restart. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Verify that the ingressq driver is up and running by executing the following command at the CLI of the active RP: ’show process ingressq location ’ If it is still non-operational, enable the following debugs of the ingressq driver process: asic error asic fatal asic info and restart the driver by executing the following command at the CLI of the active RP: ’process restart ingressq location ’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-WDG_SEG_HUNG Spiller Seg blk is hung, reseting spiller - pkt_fifo [hex], ctrl_fifo [hex], icf_fifo [hex] Explanation Watchdog detected that spiller seg block is hung, reseting spiller to recover Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-3-WDG_SEG_HUNG Spiller Seg blk is hung, reseting spiller - pkt_fifo [hex], ctrl_fifo [hex], icf_fifo [hex] Explanation Watchdog detected that spiller seg block is hung, reseting spiller to recover Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-179 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-4-BRM_AGGR_DELTA_THRSHLD BRM aggr delta, spo link: [dec], cast: [dec], threshold: [unsigned long int] Explanation There might be a fabric disconnect in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_AGGR_DELTA_THRSHLD BRM aggr delta, spo link: [dec], cast: [dec], threshold: [dec] Explanation Hardware halt is not handled. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_DELTA_THRSHLD BRM delta threshold, spo link: [dec], cast: [dec], threshold: [unsigned long int] Explanation There might be a fabric disconnect in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_DELTA_THRSHLD BRM delta threshold, spo link: [dec], cast: [dec], threshold: [dec] Explanation Hardware halt is not handled. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_DID_CULPRIT BRM double in delta culprit, spo link: [dec], cast: [dec] Explanation Hardware halt is not handled. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Fabric Messages INGRESSQ_DLL Messages EM-180 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-4-BRM_DID_CULPRIT BRM double in delta culprit, spo link: [dec], cast: [dec] Explanation There might be a fabric disconnect in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_INVALID_INPUT BRM invalid input; spo: [dec], cast: [dec], input_barr: [hex], current_barr: [hex] Explanation Invalid input on a link Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_INVALID_INPUT BRM invalid input; spo: [dec], cast: [dec], current_barr: [hex] input_barr: [hex] Explanation There might be a fabric disconnect in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_PHASE_CHANGE_COUNTER BRM, phase didn’t change, spo link: [dec], cast: [dec], phase: [hex], phase to counter: [hex], phase to thr: [hex] Explanation Barrier Manager encountered a phase change error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-BRM_PHASE_CHANGE_COUNTER BRM, phase didn’t change, spo link: [dec], cast: [dec], phase: [hex], phase to counter: [hex], phase to thr: [hex] Explanation Barrier Manager encountered a phase change error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Fabric Messages INGRESSQ_DLL Messages EM-181 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-4-CDMA_REQ_ERROR CpuCtrl error, addr:([hex],[hex]), dir: [dec], rc: [dec] Explanation CpuCtrl driver was not able to complete the CDMA request for the above specified address location. This may be caused if the device is not initialized correctly or synchronized correctly. Recommended Action If it is possible to isolate the trigger point for the cdma failure, collect all the necessary condition that caused the error. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-CDMA_REQ_ERROR CpuCtrl error, addr:([hex],[hex]), dir: [dec], rc: [dec] Explanation cpuctrl driver was not able to complete the CDMA request. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-4-CONFIG_ERR Ingressq recieved packets in invalid queue(s). [chars] Explanation Ingressq has various queues that are used by Ingress ASICs to send specific stream of traffic. These queues are specifically configured before they are used to forward traffic. Ingressq recived a few packets in queues that were misconfigured or not configured at all. The driver will automatically try to recover from the condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_CRC CRC Error: Block:[chars] Error:[chars] Count: [dec] Explanation Ingressq block received a packet with a CRC error. It is primarily caused by either the link errors between the devices or packet corruption in the upstream asic. This error may cause performance degradation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-182 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_CRC Block: [chars], entity: [chars] had CRC error(s), count: [dec] Explanation PII block got a packet from the entity mentioned above with a CRC error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_LENGTH Block: [chars] encountered error: [chars]. It received a packet with length error(s), expected: [dec], received: [dec] Explanation Ingressq received a packet with incorrect length either from cpuctrl or Ingress PSE. It is primarily caused by either the link errors between the devices or packet corruption in the upstream asic. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_LENGTH Block: [chars], entity: [chars] has length error(s), expected: [dec], received: [dec] Explanation PII block got a packet from the entity mentioned above with a length error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_SN_LINK CpuCtrl Interface RxFIFO Error: [chars] Explanation Ingressq, cpuctrl net interface Rx FIFO last sync. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_SN_LINK CpuCtrl Interface RxFIFO Error: [chars] Explanation Ingressq, cpuctrl net interface Rx FIFO last sync. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-183 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INIT Error encountered during Checkpoint Initialization Explanation Ingressq Checkpoint Init error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INIT Error encountered during Checkpoint Initialization Explanation Ingressq Checkpoint Init error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INSERT Error encountered during [chars] Checkpoint Insertion Explanation Ingressq Checkpoint Insert error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INSERT Error encountered during [chars] Checkpoint Insertion Explanation Ingressq Checkpoint Insert error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-INTR_ENABLE_FAIL Interrupt enable at addr: [hex] mask: [hex] failed. Explanation hardware state is not correct. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Fabric Messages INGRESSQ_DLL Messages EM-184 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-4-INTR_ENABLE_FAIL Interrupt enable at addr: [hex] mask: [hex] failed. Explanation Hardware state is not correct. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-LNS_CCDF_OVERFLOW_ERROR control cell fifo overflow error Explanation Ingressq LNS control cell fifo overflow. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-LNS_CCDF_OVERFLOW_ERROR control cell fifo overflow error Explanation Ingressq LNS control cell fifo overflow. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-LNS_LOP_DROP Error: Cells dropped due to low availability of planes, aggr cell drop count: [unsigned long long int] Explanation Ingressq dropped a few cells because of unavailability of enough planes to forward the cells to its destination. If the cells are dropped intermittently during system reconfiguration (LC reload, RP fail over, etc), then these drops are expected. System will recover after the hardware reprogramming completes. If these drops are seen continuously for long periods, then this indicates that either the node is not programmed correctly, or there is an error in data plane software. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-185 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-4-LNS_LOP_DROP low availability of planes, aggr cell drop count: [unsigned long long int] Explanation Ingressq LNS dropped cells because of low availability of planes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-PFI_PARITY_ERROR parity error in plane RA, name: [chars], link: [dec], RA: [dec], Addr: [dec] Explanation Ingressq, cpuctrl net interface Rx FIFO last sync. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-4-PFI_PARITY_ERROR parity error in plane RA, name: [chars], link: [dec], RA: [dec], Addr: [dec] Explanation Ingressq, cpuctrl net interface Rx FIFO last sync. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_PARITY Block: [chars], entity: [chars] had parity error(s), addr: [dec], parity: [dec] Explanation One of the Ingressq blocks had a parity error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Fabric Messages INGRESSQ_DLL Messages EM-186 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_PARITY Block: [chars], entity: [chars] had parity error(s), addr: [dec], parity: [dec] Explanation In the specified block a parity error encountered at mentioned addr offset. If the error exceeds its threshold, the driver trigger a corrective action which may include device reset or MSC reload. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_SBE Single Bit Error in Block: [chars] Error: [chars] at Memory Address: [hex] Explanation Ingressq encountered a single bit error in the mentioned block. Persistent errors are corrected by the software. Non-persistent errors are automatically corrected by the next write operation. Recommended Action This error is an correctable error. There are no side effects. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_SBE Single Bit Error in Block: [chars] Error: [chars] at Memory Address: [hex] Explanation Ingressq encountered a single bit error in the mentioned block. Persistent errors are corrected by the software. Non-persistent errors are automatically corrected when the memory location is eventually overwritten. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-6-BRM_BARRIER_SYNCED_UP BRM Block: Barrier synced up on this node. Explanation This message indicates that system barriers synced on this node. This message is expected during normal operation. Recommended Action No action is required. Fabric Messages INGRESSQ_DLL Messages EM-187 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-6-BRM_BARRIER_SYNCUP_FAILED BRM BlocK: Barrier sync up failed for this node. Explanation Ingressq, Barrier is not synced up. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_GENERIC Block: [chars], Generic Error [chars] at Memory Address [hex]. Explanation Ingressq encountered an interrupt that has exceeded its threshold value. Software takes appropriate action to log and fix the error. Recommended Action No action is required. Error Message %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_GENERIC Block: [chars], Generic Error [chars] at Memory Address [hex]. Explanation Ingressq encountered a device error that has exceeded its threshold value. Driver takes appropriate action to log and fix the error which may include a device reset. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_OOR Block: [chars], entity: [chars] had Out Of Resources error(s), count: [dec] Explanation Ingressq block is unable to get packet memory for the incoming packets. This condition is caused by over subscription or hitting the Packet Per Second rate. This will affect the QOS. Thus it is recommended to reduce the packet rate to this MSC. Recommended Action Reduce the incoming packet rate to this MSC as under the OOR condition the QOS If the OOR is seen in non-oversubscribed case, contact TAC Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Fabric Messages INGRESSQ_DLL Messages EM-188 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_OOR Block: [chars], entity: [chars] had Out Of Resources error(s), count: [dec] Explanation Ingressq block is unable to get packet memory from FQM. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-6-SEQ_STATE_THRESHOLD_EXCEEDED sequencer state: [dec], threshold: [dec], reason: [chars], #retries: [dec] Explanation Ingressq sequencer state threshold exceeded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-6-SEQ_STATE_THRESHOLD_EXCEEDED sequencer state: [dec], threshold: [dec], reason: [chars], #retries: [dec] Explanation Ingressq sequencer state threshold exceeded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALL_CLEARED [chars]: barrier stall cleared. Explanation Ingressq, Barrier stall cleared on one of the casts Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALL_CLEARED [chars]: barrier stall cleared. Explanation Ingressq, Barrier stall cleared on one of the casts Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_DLL Messages EM-189 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALLED [chars]: barrier stalled. Explanation Ingressq, Barrier stalled on one of the casts Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALLED [chars]: barrier stalled. Explanation Ingressq, Barrier stalled on one of the casts Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-7-ERR_REGISTER_GET Register get failed for address [hex], Reason: [chars] Explanation Hardware register read failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %FABRIC-INGRESSQ_DLL-7-ERR_REGISTER_GET Register get failed for address [hex], Reason: [chars] Explanation An attempt to read a Hardware register failed. This could result in inconsistent behavior of the device. Recommended Action Run diags on the board and contact TAC support. If it is possible to isolate the trigger point for the read failure, collect all the necessary condition that caused the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_DLL-7-ERR_RES_PROG Error during Resource Programming: [chars] Reason: [chars] Explanation Ingressq encountered an error during resource programming. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ_LIB Messages EM-190 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ_DLL-7-ERR_RES_PROG Error during Resource Programming: [chars] Reason: [chars] Explanation Ingressq encountered an error during resource programming. If there are no further attempts to reprogram the device, the device behavior may be inconsistent. Recommended Action The driver/client processes try to recover from this error. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INGRESSQ_LIB Messages Error Message %FABRIC-INGRESSQ_LIB-7-ERR_LWM_SEND Ingressq Lib: LWM Message send failed msg: [dec], retried: [dec] time(s), errno: [chars] Explanation Unable to send a LWM message to the Ingressq server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ_LIB-7-ERR_LWM_SEND Ingressq Lib: LWM Message send failed msg: [dec], retried: [dec] time(s), errno: [chars] Explanation Unable to send a LWM message to the Ingressq server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INGRESSQ Messages Error Message %FABRIC-INGRESSQ-2-ASIC_RESET_FAILED Ingressq: Error encountered during hw reset of sprayer. Explanation Ingressq hw reset error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-191 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-2-ASIC_RESET_FAILED Ingressq: Error encountered during hw reset of sprayer. Explanation Ingressq hw reset error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-3-ERR_INIT Fatal error encountered, reason equals [chars] Explanation Ingressq encountered a fatal unrecoverable error. This process is mandatory and it will restart itself. Recommended Action Ingressq Process will restart itself and recover from the error if possible. Otherwise, after fixed number of retries, sysmgr will bring the MSC down. Error Message %FABRIC-INGRESSQ-3-ERR_INIT Fatal error encountered, reason equals [chars] Explanation The Ingressq driver failed to initialize the device resulting in the restart of the Ingressq driver process. Recommended Action Collect all the event logs and the output of the following command executed from the CLI of the active RP: ’show process ingressq’ Also, collect the fabric snapshot: show fabric-snapshot file loc Error Message %FABRIC-INGRESSQ-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation Ingressq encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation Ingressq encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-192 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-4-ERR_CHKPT_INIT Error encountered during Checkpoint Init. Exiting Explanation Ingressq Checkpoint Init error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-4-ERR_CHKPT_INIT Ingressq Dll: Error encountered during Checkpoint Init. Exiting Explanation Ingressq Checkpoint Init error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-6-LINK_DOWN Ingressq: Link [dec] administratively shut down. Plane [dec] disabled for traffic from this node. Explanation Ingressq link has been shut down due to admin configuration. Ingressq ASIC won’t be able to use this link for data traffic. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_BAG_REG Bag register failed for rules Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-193 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-7-ERR_BAG_REG ingressq: bag register failed for rules Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_CHKPT_DELETE Error encountered during [chars] Checkpoint Deletion Explanation Ingressq Checkpoint delete error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_CHKPT_DELETE Error encountered during [chars] Checkpoint Deletion Explanation Ingressq Checkpoint delete error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_CHKPT_INSERT Error encountered during [chars] Checkpoint Insertion Explanation Ingressq Checkpoint Insert error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_CHKPT_INSERT Error encountered during [chars] Checkpoint Insertion Explanation Ingressq Checkpoint Insert error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-194 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-7-ERR_CLIENT_REG Client [chars] failed. Error: [chars] Explanation Ingressq client failed to Register/Unregister with Ingressq Server process. This error is also detected from the client’s side. Retrial attempts would be made by the client. Recommended Action 1. Verify the connectivity between the client and the Ingressq process. ’show controllers ingressq clients location ’ Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_CLIENT_REG Client [chars] failed. Error: [chars] Explanation Ingressq client Registration/Unregistration error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_DLL_REG Dll registration for [chars] failed Explanation Ingressq driver tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_DLL_REG Dll registration for [chars] failed Explanation Ingressq driver tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_EVM_CREATE Event Manager create failed for [chars] Explanation Ingressq Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-195 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-7-ERR_EVM_CREATE Event Manager create failed for [chars] Explanation Ingressq Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars] Explanation Ingressq Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars] Explanation Ingressq Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_LWM_CREATE Event Manager create failed. Error([dec]) [chars] Explanation Ingressq Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_LWM_CREATE Event Manager create failed Explanation Ingressq Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-196 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed Explanation Ingressq Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed Explanation Ingressq Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_LWM_REPLY An Error occurred during LWM message reply. Reason: [chars] Explanation Ingressq LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_LWM_REPLY An Error occurred during LWM message reply. Reason: [chars] Explanation Ingressq LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_RES_PROG Error during Resource Programming: [chars] Reason: [chars] Explanation Ingressq encountered an error during resource programming. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-197 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-7-ERR_RES_PROG Error during Resource Programming: [chars] Reason: [chars] Explanation Ingressq encountered an error during resource programming. If there are no further attempts to reprogram the device, the device behavior may be inconsistent. Recommended Action The driver/client processes try to recover from this error. If any discrepancies are found in the device functionality, contact TAC Support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_BIND Sysdb Bind failed. Explanation Ingressq Sysdb Bind error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_BIND Sysdb Bind failed. Explanation Ingressq Sysdb Bind error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Explanation Ingressq Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Explanation Ingressq Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Fabric Messages INGRESSQ Messages EM-198 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_REG_VERIFY Sysdb Registration verification failed. Explanation Ingressq Sysdb Registration verification error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_REG_VERIFY Sysdb Registration verification failed. Explanation Ingressq Sysdb Registration verification error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_SET Sysdb Item Set Failed : [chars] Explanation Ingressq Sysdb Set error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FABRIC-INGRESSQ-7-ERR_SYSDB_SET Sysdb Item Set Failed : [chars] Explanation Ingressq Sysdb Set error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.EM-199 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Forwarding Messages This section contains all CEF and FIB related System Error Messages. FWD_EDGE_ADJ Messages Error Message %FORWARDING-FWD_EDGE_ADJ-2-EDGE_ADJ_ERR GSR edge adj dll layer internal error [chars] : [chars] Explanation A runtime error occurred in GSR adj’s egine layer. The reason for the failure is displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FWD_HAL Messages Error Message %FORWARDING-FWD_HAL-2-ACCESSOR Failed to access [chars] field of [chars] object, error: [dec] [chars] Explanation A runtime error occurred while trying to access the specified field of the specified object in the Platform Independent SW Data Structures. The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages FWD_HAL Messages EM-200 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_HAL-2-ADJ_ERR GSR adj internal error: [chars] Explanation A runtime error occurred in GSR adj module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-BACKWALK_ERR Backwalk on [dec] object due to [chars] event failed, error: [dec] [chars] Explanation A runtime error occurred while trying to walk and update dependent objects in the forwarding chain. The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-ECD_ERR GSR ECD internal error: [chars] Explanation A runtime error occurred in GSR ecd module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-ECD_TRKR_ERR GSR ECD internal error: [chars] Explanation A runtime error occurred in GSR ecd tracker module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages FWD_HAL Messages EM-201 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_HAL-2-FASTCONV_CLI_ERR FastConvergence CLI: [chars], error: [chars] Explanation A runtime error occurred while apply the Fast convergence CLI. The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-HW_OCE_NULL [chars] - GSR HAL internal error: hal object ([chars]) getting a NULL hw_oce Explanation A runtime error occurred in GSR MPLS module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-IDB_ERR GSR IDB internal error: [chars] Explanation A runtime error occurred in GSR IDB module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-INIT [chars], error: [dec] [chars] Explanation A runtime error occurred while initalizing GSR Hardware Abstraction Layer (HAL) module. The reason for the failure is displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages FWD_HAL Messages EM-202 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_HAL-2-INVALID_PARENT_OBJ GSR FIB internal error: [chars] failed to get parent [chars] obj - [chars] Explanation A runtime error occurred in GSR FIB module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-LDI_ERR GSR loadinfo internal error: [chars] Explanation A runtime error occurred in GSR loadinfo module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-MTRIE_MODE_CLI_ERR MTRIE Mode CLI: [chars], error: [chars] Explanation A runtime error occurred while connecting to SysDB Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-PFX_ERR GSR prefix internal error: [chars] Explanation A runtime error occurred in GSR prefix module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages FWD_HAL Messages EM-203 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_HAL-2-SHMWIN_ERR [chars], error: [dec] [chars] Explanation A runtime error occurred while operating on a shared memory window. The reason for the failure is displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-STATS_INTF_REGISTER Failed to register interface [hex] with Stats module, error: [dec] [chars] Explanation A runtime error occurred while trying to register the specified interface with Stats module for stats collection. The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-STATS_INTF_UNREGISTER Failed to unregister interface [hex] from Stats module, error: [dec] [chars] Explanation A runtime error occurred while trying to unregister the specified interface from Stats module for stats collection. The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-STATS_VALIDATION Stats validation error: [chars] ([dec]): [chars] Explanation A validation error occurred while doing an LSP/TE statistics operation. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages FWD_HAL Messages EM-204 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_HAL-2-TUNNEL_NH_ERR GSR l3VPNOIP internal error: [chars] Explanation A runtime error occurred in GSR L3VPNOIP module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-UNSUPT_TERMINATE Forwarding requested unsupported platform HW resource recovery and platform is forcing line card reset to recover hardware resources Explanation The FIB encountered an unrecoverable error afer one or more crashes. It is attempting to purge all hardware and software resources before starting a clean initialization. The platform does not support hardware resource recovery and is resetting the line card to recover all hardware resources. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-2-USED_BY_BGP_STATUS_CHANGE Used by BGP status changed from [chars] to [chars] on obj 0x[pointer] Explanation Used by BGP status on the loadinfo changed. This is not generally expected and config needs to be examined to understand the cause. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-3-PM_ERR Platform Manager returned an error looking up interface [hex]: [chars] Explanation A runtime error occured, whereby Platform Manager returned an unexpected error while looking up an interface. If the error is ’Resource temporarily unavailable’ then the error is not fatal. Any other error is unexpected, and more serious. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages FWD_HAL Messages EM-205 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_HAL-3-PP_NFN_LIB_GET_INFO Error encountered by HAL ppinfo notification library while receiving ppinfo notification batch. Error: [chars] Explanation An error was encountered while processing a notification of a change to the packet path info for one or more adjacencies. Forwarding for the affected adjacencies may now be inconsistent. Recommended Action Restarting the affected client may solve the issue. If not, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-3-PP_NFN_MSG_HDLR Error handling a [chars] message from a HAL ppinfo notification client. Error: [chars] ([chars]) Explanation An error was encountered while processing a message of the given type from client for HAL notifications of changes to the packet path info for adjacencies for a given interface type. Forwarding for the affected adjacencies may now be inconsistent. Recommended Action Restarting the affected client may solve the issue. If not, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_HAL-6-CHANGE_MTRIE_MODE_CLI_INFO WARNING: Mtrie mode you selected will only take effect on Engine 3 linecards and will be effective on each linecard after it has been reloaded. Please reload using the command: hw-module reload location r/s/CPU0 Explanation This command requires reprogramming all the prefixes in the LC hardware. Recommended Action Please reload each Engine 3 linecard using the command: hw-module reload location r/s/CPU0 Error Message %FORWARDING-FWD_HAL-6-FASTCONVERGENCE_CLI_INFO WARNING: This command will take effect only after reloading the node. Please reload the node using the command hw-module reload location r/s/CPU0 Explanation This command will take effect only after reloading the node. Please reload the node using the command hw-module reload location r/s/CPU0 Recommended Action Please reload the node using the command hw-module reload location r/s/CPU0Forwarding Messages FWD_L2HAL Messages EM-206 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FWD_L2HAL Messages Error Message %FORWARDING-FWD_L2HAL-2-ACCESSOR Failed to access [chars] field of [chars] object, error: [dec] [chars] Explanation A runtime error occurred while trying to access the specified field of the specified object in the Platform Independent SW Data Structures. The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_L2HAL-2-BACKWALK_ERR Backwalk on [dec] object due to [chars] event failed, error: [dec] [chars] Explanation A runtime error occurred while trying to walk and update dependent objects in the forwarding chain. The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_L2HAL-2-CONFIG_NOT_SUPPORTED LC cannot be edge and core simultaneously. Explanation A runtime error occurred in GSR L2HAL module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_L2HAL-2-HW_OCE_NULL [chars] - GSR L2 HAL internal error: hal object ([chars]) getting a NULL hw_oce Explanation A runtime error occurred in GSR MPLS module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages FWD_L2HAL Messages EM-207 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_L2HAL-2-INIT [chars], error: [dec] [chars] Explanation A runtime error occurred while initializing GSR Layer 2 VPN Hardware Abstraction Layer (L2 HAL) module. The reason for the failure is displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_L2HAL-2-INVALID_PARENT_OBJ GSR L2 FIB internal error: [chars] failed to get parent [chars] obj - [chars] Explanation A runtime error occurred in GSR L2 FIB module.The reason for the failure is also displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_L2HAL-2-MQOS [chars], error: [dec] [chars] Explanation A runtime error occurred while initalizing GSR Layer 2 VPN Hardware Abstraction Layer (L2 HAL MCAST QoS) Multicast QoS module. The reason for the failure is displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-FWD_L2HAL-2-SHMWIN_ERR [chars], error: [dec] [chars] Explanation A runtime error occurred while operating on a shared memory window. The reason for the failure is displayed. Please call Cisco Support with the error information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages HAL_PDFIB Messages EM-208 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-FWD_L2HAL-6-INIT_RETRY [chars], error: [dec] ([chars]) Explanation A transient error occurred while initializing GSR Layer 2 VPN Hardware Abstraction Layer (L2 HAL) module. The reason for the failure is displayed. No action is required as this initialization will be retried. Recommended Action No action is required. HAL_PDFIB Messages Error Message %FORWARDING-HAL_PDFIB-6-PD_UPDATE [chars] FIB object [chars], action [chars], HAL_OBJ [chars], Ctx 0x[pointer] FIB Ctx [hex], error [chars] Explanation This is a supplementary error message generated by c12000 platform FIB mgr to provide additional information with platform specific error codes. We would expect platform independent FIB Mgr generate the main error message FORWARDING FIB PLATF_UPD_FAIL to drive main error message. Recommended Action Please collect console logs and identify both PD_UPDATE failure and FIB PLATF_UPD_FAIL messge to correlate the root cause of the failure. Recommende action need to be driven as per the ’FORWARDING FIB PLATF_UPD_FAIL’ message. Error Message %FORWARDING-HAL_PDFIB-6-PD_UPDATE_IFH [chars] FIB object [chars], action [chars], HAL_OBJ [chars], Ctx 0x[pointer] FIB Ctx [hex], ifh [hex], error1 [chars], error2 [chars] Explanation This is a supplementary error message generated by c12000 platform FIB mgr to provide additional information with platform specific error codes. We would expect platform independent FIB Mgr generate the main error message FORWARDING FIB PLATF_UPD_FAIL to drive main error message. Recommended Action Please collect console logs and identify both PD_UPDATE failure and FIB PLATF_UPD_FAIL messge to correlate the root cause of the failure. Recommende action need to be driven as per the ’FORWARDING FIB PLATF_UPD_FAIL’ message.Forwarding Messages IP_TUNNEL_MA_LTRACE Messages EM-209 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IP_TUNNEL_MA_LTRACE Messages Error Message %FORWARDING-IP_TUNNEL_MA_LTRACE-7-INIT ltrace_init failed for ’[chars]’: [chars] Explanation Initialization failed. Both the initialization type and the error code are displayed. The sysmgr process will restart the ip_tunnel if this condition happens. Recommended Action None IP_TUNNEL Messages Error Message %FORWARDING-IP_TUNNEL-3-AIB Failed to link AIB: [chars] [[dec]: [chars]] Explanation Failed to link AIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-AIBSERVER AIB Server error: [chars] [[dec]: [chars]] Explanation AIB Server internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-ASYNC_MSG Invalid message: [chars] [code equals [dec], value equals [dec]] Explanation Invalid message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages IP_TUNNEL Messages EM-210 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-IP_TUNNEL-3-BADCHECKSUM Bad checksum - computed equals [hex], received equals [hex] Explanation Mismatch in received/computed checksum was detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-BADKEY Incorrect key - received: [dec], expected: [dec] Explanation A packet was received with a bad key. Recommended Action No action is required. Error Message %FORWARDING-IP_TUNNEL-3-EAIDB EA IDB error: [chars] Explanation EA IDB related error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-EAINIT Error initializing EA of IP Tunnel: [chars] Explanation Initialization of IP Tunnel’s EA failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-ENS_READ Client [chars] failed to read data from server (ip_tunnel_ma) : [chars] Explanation Client process issued ens_read and it failed. It is because the server is either busy or there is problem is gsp communicatoin. Recommended Action Restarting the client process could recover Forwarding Messages IP_TUNNEL Messages EM-211 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-IP_TUNNEL-3-EVENTMGR Error of EventMgr: [chars] [[dec]: [chars]] Explanation EventMgr failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-FEA FEA internal error: [chars] Explanation FEA internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-FIB_ERROR FIB DLL error: [chars] [[dec]: [chars]] Explanation FIB DLL error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-FIB_INIT FIB DLL initialization error: [chars] [[dec]: [chars]] Explanation Failed to initialize in FIB DLL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-FIB_SEND Message send error: [chars] [[dec]: [chars]] Explanation Failed to send the message to FIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages IP_TUNNEL Messages EM-212 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-IP_TUNNEL-3-IMPSERVER IMP Server error: [chars] [[dec]: [chars]] Explanation IMP Server internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-IPT_DEBUG IP Tunnel debug: [chars] [[dec]: [chars]] Explanation Failed to initialize the debug events for IP tunnel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-LOOPING Encapsulation looping detected: inner: [chars], outer: [chars] Explanation An encapsulation loop was detected. Recommended Action No action is required. Error Message %FORWARDING-IP_TUNNEL-3-MAINIT Error initializing MA of IP Tunnel: [chars] [[dec]: [chars]] Explanation Initialization of IP Tunnel’s MA failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-MEM Memory operation error: [chars] Explanation Memory operation error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages IP_TUNNEL Messages EM-213 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-IP_TUNNEL-3-NETIOIDB NetIO IDB error: [chars] Explanation NetIO IDB related error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-P2MP_TUNNEL Failed to process P2MP tunnel updates: [chars] [[dec]: [chars]] Explanation Failed to process P2MP tunnel updates. Recommended Action The P2MP tunnel fails to program the tunnel information updates. To recover, please try: shut and no shut the tunnel source interface, or restart the gre_ipip_ea process. For further action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-ROUTING GRE tunnel packet received with source routing Explanation A GRE tunnel packet with the source routing option was received. Recommended Action No action is required. Error Message %FORWARDING-IP_TUNNEL-3-SEQUENCE GRE tunnel packet received with sequence option Explanation A GRE packet was received with the sequence option. Recommended Action No action is required. Error Message %FORWARDING-IP_TUNNEL-3-THREAD Error of pthread: [chars] [[dec]: [chars]] Explanation Error of pthread function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Forwarding Messages IP_TUNNEL Messages EM-214 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-IP_TUNNEL-3-UNKNOWN_GRE_TUNNEL Packet received for unknown tunnel or bad key. Source: [chars], Destination: [chars], Key: [dec] Explanation A GRE tunnel packet was received for a tunnel that is not configured in this router or there was a key mis-match. Recommended Action No action is required. Error Message %FORWARDING-IP_TUNNEL-3-UNKNOWN_IPIP_TUNNEL Packet received for unknown tunnel. Source: [chars], Destination: [chars] Explanation An IPinIP tunnel packet was received for a tunnel that is not configured in this router. Recommended Action No action is required. Error Message %FORWARDING-IP_TUNNEL-3-UNKNOWN_MSG Invalid message: [chars] [type equals [dec]] Explanation Invalid message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-3-UNSUP_PROTO Unsupported protocol [[dec]] Explanation Unsupported protocol. Recommended Action No action is required. Error Message %FORWARDING-IP_TUNNEL-3-VERSION GRE tunnel packet received with bad version number ([dec]) Explanation A GRE tunnel packet was received with a bad version number. Recommended Action No action is required. Forwarding Messages IPT_EA_LTRACE Messages EM-215 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %FORWARDING-IP_TUNNEL-4-DECAP IP Tunnel Decapsulation fail: [chars] [[dec]: [chars]] Explanation Failed to decap the packet. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-4-ENCAP IP Tunnel Encapsulation fail: [chars] Explanation Failed to encaps the packet. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-4-FIB_CONNECTION Initialization failed: [chars] [[dec]: [chars]] Explanation Initialization failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %FORWARDING-IP_TUNNEL-4-MTU Tunnel MTU operation fail: [chars] [[dec]: [chars]] Explanation Failed to set/change tunnel mtu. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPT_EA_LTRACE Messages Error Message %FORWARDING-IPT_EA_LTRACE-3-INIT ltrace_init failed for ’[chars]’: [chars] Explanation Initialization failed. Both the initialization type and the error code are displayed. Recommended Action NoneForwarding Messages IPT_EA_LTRACE Messages EM-216 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-217 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 High Availability (HA) Messages This section contains all High Availability related System Error Messages. CDM_CLI Messages Error Message %HA-CDM_CLI-3-MUTEX_COUNT Mutex(0x[pointer]) locked already is being locked again, count equals [dec] Explanation A mutex is being locked more than once in the same thread. Recommended Action Collect coredump and dll info for the process printing the msg. Error Message %HA-CDM_CLI-7-BAD_BUFFER A client library returned an empty buffer: [chars] [chars] Explanation A NULL pointer was encountered unexpectedly. Recommended Action Collect system log information. Error Message %HA-CDM_CLI-7-BUFFER_MISMATCH Buffer size mismatch: [dec]: [dec] Explanation A NULL pointer was encountered unexpectedly. Recommended Action Collect system log information. Error Message %HA-CDM_CLI-7-INVALID_ARG An invalid argument was passed: [chars] Explanation An argument was passed with an invalid value. Recommended Action Collect system log information.High Availability (HA) Messages CDM_MEMMGR_HEAP Messages EM-218 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CDM_MEMMGR_HEAP Messages Error Message %HA-CDM_MEMMGR_HEAP-7-BAD_HEAPIDX heap index [hex] (seg [dec] offset [dec] segsize [dec]) cannot be mapped to segment pointer Explanation Internally heap pointers are kept as offset indices. A given heap index was found to be outside the heap. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-BAD_HEAPPAGE Bad heap page block pointer: [chars]: [pointer] Explanation A heap page address is misaligned or lies in some invalid range. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-BAD_HEAPPTR heap pointer cannot be mapped to segment offset: [pointer] Explanation Internally heap pointers are kept as offset indices. A given heap pointer was found to be outside the heap. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-BAD_NCTDELETE Bad record pointer to free ([char]): [pointer] Explanation Bad NCT record is being freed. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-CORRUPTION CDM heap corruption was detected ([chars]). Process will be cold restarted. Explanation The process crashed during CDM heap modification, resulting in an unrecoverable heap. Process will be started from an empty heap. Recommended Action Collect system log information. No action is required. High Availability (HA) Messages CDM_MEMMGR_HEAP Messages EM-219 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CDM_MEMMGR_HEAP-7-DATA_CORRUPTION Data corruption: [chars]: 0x[dec], 0x[dec], 0x[dec], 0x[dec] Explanation Data corruption is detected in CDM data structures. This will generally result in a single process failure. Recommended Action Collect system log information. No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-MUNMAP unmap and reserve failed: addr [hex] len [dec], [chars] Explanation When attempting to free memory that is no longer in use, the CDM library received an error from the kernel. Recommended Action Collect system log information and forward to technical support. Error Message %HA-CDM_MEMMGR_HEAP-7-NCT_BIGNEW NCT: requested size too large: [dec] Explanation Higher layers of heap are requesting a size for a variable-size record that is too large. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-OBJ_NOT_FOUND Objid [hex] in table [hex] could not be found Explanation The object could not be found in the given table when attempting to map the object ID to a memory address. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-PROC_RUNNING CDM segment operation failed: Process [chars] tag [chars] is running on node [chars]. Explanation A request to move or copy CDM data from one node to another has failed because an instance of the process is running on the destination node. Recommended Action Determine why the process is running on the destination node. High Availability (HA) Messages CDM_MEMMGR_UTIL Messages EM-220 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CDM_MEMMGR_HEAP-7-SEGMENT_RENAMED CDM file [chars] has been renamed to [chars] for later analysis due to corruption found during restart. Explanation A corrupted CDM segment has been renamed for later analysis. Recommended Action Collect system log information. No action is required. Error Message %HA-CDM_MEMMGR_HEAP-7-TBL_OBJ_SEG_MISMATCH Tblid [hex] objid [hex] segment mismatch (tbl-seg [dec] obj-seg [dec]) Explanation When the table ID and object ID are mapped to segment numbers, they do not match. Since an object belongs to a table and therefore resides in the same segment, this indicates a coding error. Recommended Action No action is required. CDM_MEMMGR_UTIL Messages Error Message %HA-CDM_MEMMGR_UTIL-3-ASSERT_MSG [chars].[dec]: hit assert condition. ’val1 equals [hex]’ expected to be [chars] ’val2 equals [hex]’ Explanation cdm hit an internal assert. Recommended Action Contact support. Error Message %HA-CDM_MEMMGR_UTIL-7-COLD_RESTART Process has been restarted without CDM data due to request from sysmgr Explanation Due to too many contiguous failed restarts, sysmgr has requested that the process be restarted without CDM data. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_UTIL-7-COLD_RESTART_IGNORED Ignoring sysmgr cold restart flag Explanation The process has failed to restart multiple times. By design, the process will continue to restart with its existing CDM data. Recommended Action Analyze the restart failure and take appropriate recovery action. High Availability (HA) Messages CDM_MEMMGR_UTIL Messages EM-221 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CDM_MEMMGR_UTIL-7-DEBUG_REGISTER Debug register failed ([hex]): [chars] Explanation Registration of debug services failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-CDM_MEMMGR_UTIL-7-DUP_KEY [chars]: User key [dec] is in use by object [hex] in table [hex] Explanation A client of the CDM library attempted to create an object with a key that was already in use. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_UTIL-7-INIT_ERROR initialization error: [chars]: [dec] ([chars]) Explanation An error was encountered during intialization of the CDM library. The message should indicate the error condition. This is most likely due to a coding error. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_UTIL-7-NOT_IMPLEMENTED function not implemented yet: [chars] Explanation Unimplemented functionality. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_UTIL-7-REGISTRATION Error during table registration: [chars]: name: [dec] version: [dec] Explanation An error was encountered during table registration. The message should indicate the error condition. This is most likely due to a coding error. Recommended Action No action is required. High Availability (HA) Messages CDM_TDM Messages EM-222 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CDM_MEMMGR_UTIL-7-SYSERR OS/System error: [chars]: [dec] ([chars]) Explanation This message signals an unrecoverable condition reported from the underlying system services. The severity of such errors cannot be determined locally by CDM, so it treats them all such conditions as non-fatal, transient errors. The CDM user must abort its immediate operation. Recommended Action No action is required. Error Message %HA-CDM_MEMMGR_UTIL-7-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere. Recommended Action Collect system log information. No action is required. Error Message %HA-CDM_MEMMGR_UTIL-7-WARNING Warning: [chars]: [chars]: [dec] Explanation This provides information about non-error conditions which may even be expected under certain circumstances. Nevertheless, these are not considered ’desirable’ conditions. Recommended Action Collect system log information. No action is required. CDM_TDM Messages Error Message %HA-CDM_TDM-7-BAD_ALIGNMENT Index not aligned: [hex] Explanation A heap index was not word aligned. Recommended Action No action is required. Error Message %HA-CDM_TDM-7-COLD_RESTART Cold restart: Reason: [chars]: Application [chars]: table [dec]: version [dec] Explanation A process failed to restore state from a table in the CDM store. Recommended Action No action is required. High Availability (HA) Messages CDM_TDM Messages EM-223 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CDM_TDM-7-DUP_TABLE Duplicate table found: Application [chars], table [dec] Explanation During registration, two copies of a table were found in the CDM store at the same version. This indicates corruption in the CDM store. Recommended Action No action is required. Error Message %HA-CDM_TDM-7-NO_TRANSLATOR No translator found: [chars]: [chars]: [chars] Explanation A required translator was not loaded. Recommended Action No action is required. Error Message %HA-CDM_TDM-7-NOT_INDEXED unable to setup index structure for indexed table: [chars]: [hex]: [dec] Explanation Errors (most likely lack of memory) prevent CDM from creating an index structure associated with an indexed table. This condition does not affect the functionality at all, only the performance will suffer. Recommended Action The CDM software will periodically try again to set up the index structure. So, in general no action is required. Error Message %HA-CDM_TDM-7-OBJ_COUNT table object count not correct: [hex]: [dec] (! equals [dec]) Explanation A table’s object count is not what it’s supposed to be. This is an internal accounting error and does not cause any problems inside CDM, but it may cause applications which depend on this accounting info to mis-behave. Recommended Action No action is required. Error Message %HA-CDM_TDM-7-OBJ_LEN Bad object length: [chars] tblname: [hex]: object size: [dec] record length: [dec] Explanation An object save or get operation is being done with the wrong length buffer. This points to a logical bug in the client application. Recommended Action No action is required. High Availability (HA) Messages CHKPT_BASIC Messages EM-224 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CDM_TDM-7-REG_MISMATCH table attributes changed upon re-register: [hex], [hex] Explanation An application is trying to register for its table. A table with the same name, version exists, but other attributes have changed, so the table is not allowed to be used. Recommended Action No action is required. Error Message %HA-CDM_TDM-7-TRANSLATION_FATAL Fatal translation error: [hex] Explanation An error occurred during data translation. The process will restart without CDM data. Recommended Action No action is required. CHKPT_BASIC Messages Error Message %HA-CHKPT_BASIC-7-COLD_RESTART Process has been restarted without checkpoint data due to request from sysmgr Explanation Due to too many contiguous failed restarts, sysmgr has requested that the process be restarted without checkpoint data. Recommended Action No action is required. Error Message %HA-CHKPT_BASIC-7-COLD_RESTART_IGNORED Ignoring sysmgr cold restart flag Explanation The process has failed to restart multiple times. By design, the process will continue to restart with its existing checkpoint data. Recommended Action Analyze the restart failure and take appropriate recovery action. Error Message %HA-CHKPT_BASIC-7-DEBUG_REGISTER Debug register failed ([hex]): [chars] Explanation Registration of debug services failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages CHKPT_BASIC Messages EM-225 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_BASIC-7-DUP_KEY [chars]: User key [dec] is in use by object [hex] in table [hex] Explanation A client of the checkpoint library attempted to create an object with a key that was already in use. Recommended Action No action is required. Error Message %HA-CHKPT_BASIC-7-INCONSISTENT_VERSIONS Inconsistent versioning information: [chars]: native_version: [dec], storage_version: [dec], VS_version: [dec] Explanation An invalid combination of version numbers was encountered during table registration or table versioning. This is most likely due to a coding error. Recommended Action No action is required. Error Message %HA-CHKPT_BASIC-7-INIT_ERROR initialization error: [chars]: [dec] ([chars]) Explanation An error was encountered during intialization of the checkpoint library. The message should indicate the error condition. This is most likely due to a coding error. Recommended Action No action is required. Error Message %HA-CHKPT_BASIC-7-NOT_IMPLEMENTED function not implemented yet: [chars] Explanation Unimplemented functionality. Recommended Action No action is required. Error Message %HA-CHKPT_BASIC-7-REGISTRATION Error during table registration: [chars]: name: [dec] version: [dec] Explanation An error was encountered during table registration. The message should indicate the error condition. This is most likely due to a coding error. Recommended Action No action is required. High Availability (HA) Messages CHKPT_CLI Messages EM-226 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_BASIC-7-SYSERR OS/System error: [chars]: [dec] ([chars]) Explanation This message signals an unrecoverable condition reported from the underlying system services. The severity of such errors cannot be determined locally by Checkpointing, so it treats them all such conditions as non-fatal, transient errors. The chkpt user must abort its immediate operation. Recommended Action No action is required. Error Message %HA-CHKPT_BASIC-7-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere. Recommended Action Collect system log information. No action is required. Error Message %HA-CHKPT_BASIC-7-WARNING Warning: [chars]: [chars]: [dec] Explanation This provides information about non-error conditions which may even be expected under certain circumstances. Nevertheless, these are not considered ’desirable’ conditions. Recommended Action Collect system log information. No action is required. CHKPT_CLI Messages Error Message %HA-CHKPT_CLI-7-BAD_BUFFER A client library returned an empty buffer: [chars] [chars] Explanation A NULL pointer was encountered unexpectedly. Recommended Action Collect system log information. Error Message %HA-CHKPT_CLI-7-BUFFER_MISMATCH Buffer size mismatch: [dec]: [dec] Explanation A NULL pointer was encountered unexpectedly. Recommended Action Collect system log information. High Availability (HA) Messages CHKPT_HEAP Messages EM-227 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_CLI-7-INVALID_ARG An invalid argument was passed: [chars] Explanation An argument was passed with an invalid value. Recommended Action Collect system log information. CHKPT_HEAP Messages Error Message %HA-CHKPT_HEAP-7-BAD_HEAPIDX heap index [hex] (seg [dec] offset [dec] segsize [dec]) cannot be mapped to segment pointer Explanation Internally heap pointers are kept as offset indices. A given heap index was found to be outside the heap. Recommended Action No action is required. Error Message %HA-CHKPT_HEAP-7-BAD_HEAPPAGE Bad heap page block pointer: [chars]: [pointer] Explanation A heap page address is misaligned or lies in some invalid range. Recommended Action No action is required. Error Message %HA-CHKPT_HEAP-7-BAD_HEAPPTR heap pointer cannot be mapped to segment offset: [pointer] Explanation Internally heap pointers are kept as offset indices. A given heap pointer was found to be outside the heap. Recommended Action No action is required. Error Message %HA-CHKPT_HEAP-7-BAD_NCTDELETE Bad record pointer to free ([char]): [pointer] Explanation Bad NCT record is being freed. Recommended Action No action is required. High Availability (HA) Messages CHKPT_HEAP Messages EM-228 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_HEAP-7-CORRUPTION Checkpoint heap corruption was detected ([chars]). Process will be cold restarted. Explanation The process crashed during checkpoint heap modification, resulting in an unrecoverable heap. Process will be started from an empty heap. Recommended Action Collect system log information. No action is required. Error Message %HA-CHKPT_HEAP-7-DATA_CORRUPTION Data corruption: [chars]: 0x[dec], 0x[dec], 0x[dec], 0x[dec] Explanation Data corruption is detected in checkpointing data structures. This will generally result in a single process failure. Recommended Action Collect system log information. No action is required. Error Message %HA-CHKPT_HEAP-7-MUNMAP unmap and reserve failed: addr [hex] len [dec], [chars] Explanation When attempting to free memory that is no longer in use, the checkpoint library received an error from the kernel. Recommended Action Collect system log information and forward to technical support. Error Message %HA-CHKPT_HEAP-7-NCT_BIGNEW NCT: requested size too large: [dec] Explanation Higher layers of heap are requesting a size for a variable-size record that is too large. Recommended Action No action is required. Error Message %HA-CHKPT_HEAP-7-OBJ_NOT_FOUND Objid [hex] in table [hex] could not be found Explanation The object could not be found in the given table when attempting to map the object ID to a memory address. Recommended Action No action is required. High Availability (HA) Messages CHKPT_LIB_COMMS Messages EM-229 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_HEAP-7-PROC_RUNNING checkpoint segment operation failed: Process [chars] tag [chars] is running on node [chars]. Explanation A request to move or copy checkpoint data from one node to another has failed because an instance of the process is running on the destination node. Recommended Action Determine why the process is running on the destination node. Error Message %HA-CHKPT_HEAP-7-SEGMENT_RENAMED Checkpoint file [chars] has been renamed to [chars] for later analysis due to corruption found during restart. Explanation A corrupted checkpoint segment has been renamed for later analysis. Recommended Action Collect system log information. No action is required. Error Message %HA-CHKPT_HEAP-7-TBL_OBJ_SEG_MISMATCH Tblid [hex] objid [hex] segment mismatch (tbl-seg [dec] obj-seg [dec]) Explanation When the table ID and object ID are mapped to segment numbers, they do not match. Since an object belongs to a table and therefore resides in the same segment, this indicates a coding error. Recommended Action No action is required. CHKPT_LIB_COMMS Messages Error Message %HA-CHKPT_LIB_COMMS-3-SYSTEM_ERROR [chars]: [chars] failed with error [hex] Explanation A call to a system function failed with the specified error code. Recommended Action No action is required. Error Message %HA-CHKPT_LIB_COMMS-6-INFO [chars]:[dec] Explanation Internal Information messages Recommended Action No action is required. High Availability (HA) Messages CHKPT_MESSAGING Messages EM-230 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_LIB_COMMS-7-DEBUG [chars] Explanation Internal Debug Messages Recommended Action No action is required. CHKPT_MESSAGING Messages Error Message %HA-CHKPT_MESSAGING-3-COMMS_INIT_FAIL Chkpt was unable to asynchronously initialise the Replicator Library (error [hex] - [chars]). The client process will be restarted in order to attempt to recover. Explanation Lib/replicator returned a non-retryable error after the asynchronous retry thread was spawned. There is no way to return an error to the client process, so the library will force an exit to try again. A voluntary core dump should accompany this message to allow further debugging. Recommended Action Collect system log information and copy core file for offline analysis. Communications debug (e.g. ’show tech gsp’) may also be useful. Error Message %HA-CHKPT_MESSAGING-3-IDT_FAILED Checkpoint Initial Data Transfer failed at [chars] with status code [hex] Explanation An error occurred during checkpoint Initial Data Transfer which resulted in its failure. A retry of IDT will happen automatically. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-BAD_MSGLEN [chars]: message lengths invalid (msglen [dec] srcmsglen [dec] error [hex] ([chars]) Explanation The source message length is less than the message length. This is a situation which should never happen. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-BAD_MSGTYPE [chars]: message type [dec] invalid; error [hex] ([chars]) Explanation The message type has the checkpoint component ID, but does not have a message type in the correct range. This is a situation which should never happen. Recommended Action Collect system log information. High Availability (HA) Messages CHKPT_MESSAGING Messages EM-231 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_MESSAGING-7-BAD_REQUEST [chars]: Bad request type [dec] msglen [dec] Explanation A bad message request was received by the event handler function. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-BAD_SEQNO [chars]: request type [dec] had sequence number [dec] (expected [dec]) Explanation The mirroring request had an incorrect sequence number. This indicates either an algorithm error, or data corruption on the active node or in the data transfer between nodes. Initial Data Transfer will be redone, and no data loss should occur. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-BAD_TOTALSIZE [chars]: msg totalsize ([dec]) ! equals srcmsglen ([dec] error [hex] ([chars]) Explanation The message header totalsize value must be equal to the source message length. If not, this indicates an IPC or coding error. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-BUFFER_TOO_SMALL Checkpoint library message buffer must be at least [dec] bytes; [dec] bytes is too small for correct operation. Explanation The message buffer assigned to the checkpoint library by the application is less than the minimum size for successful messaging functionality. The application should increase the size of its event manager message buffer. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-DUPLICATE_PROCESS [chars]: process name [chars] tag [chars] is already running - this should not happen: aborting Explanation An attempt to exclusive-create on a local channel failed. This indicates that there’s already a copy of this same process running, and it cannot be allowed to continue, since corruption can result. Recommended Action Collect system log information. High Availability (HA) Messages CHKPT_MESSAGING Messages EM-232 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_MESSAGING-7-EVENT_MANAGER [chars]: call to [chars] failed with errno [dec] Explanation A call to an event manager function failed. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-GET_MSGLEN [chars]: [chars] failed with error [hex] ([chars]) Explanation Extracting message or source message length failed. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-IDT_ALL_FAILED All attempts to do Initial Data Transfer to standby failed (error [hex]) Explanation Multiple attempts to transfer initial mirrored data to the standby have failed, and the attempts have been stopped. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-LWM_FAILURE [chars]: call to [chars] failed with error [hex] ([chars]) Explanation A call to a LightWeight Messaging function failed. This may be due to a server being unavailable at the time of the call. Recommended Action Collect system log information if it appears that this message is linked with failures in functionality. Otherwise, the message can be ignored. Error Message %HA-CHKPT_MESSAGING-7-MALLOC_FAILED [chars]: malloc of [dec] bytes failed; errno [dec] Explanation A call to allocate memory failed. Recommended Action Collect system log information. High Availability (HA) Messages CHKPT_MESSAGING Messages EM-233 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_MESSAGING-7-MSG_READ [chars]: msg_read (case [dec]) failed with return [dec]; status [hex] ([chars]) Explanation A msg_read call in the message handler failed. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-MSG_REPLY [chars]: msg_reply (reqtype [dec]) failed with errno [dec] Explanation A msg_reply call in the message handler failed. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-MSG_SEND_EVENT [chars]: msg_send_event failed with return [dec] Explanation A msg_send_event call in a checkpoint mirroring function failed. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-NON_CHKPT_MSG [chars]: Non-checkpoint message received: comp-id [dec] Explanation A message request for a non-checkpoint component was received by the handler function. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-PTHREAD_FAILURE [chars]: call to [chars] failed with errno [dec] Explanation A call to a Posix Pthreads function failed. Recommended Action Collect system log information. High Availability (HA) Messages CHKPT_MESSAGING Messages EM-234 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_MESSAGING-7-REPLICA_NAME Replica name [chars]%s[chars] exceeded the maximum length permitted by Group Services, and has been truncated to [chars]. Replication problems may result if the truncated replica name is non-unique. Explanation A replica name passed to the Replicator Library was truncated. This is not an issue in itself, but may cause problems further down the line, if the replica name becomes non-unique within the system. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-STANDBY_OPEN_TIMEOUT Attempts to open standby channel [chars] failed after [dec] retries - continuing Explanation Multiple attempts to open the messasge channel to the standby node (either the application itself or the checkpoint proxy) failed due to either the proxy not running on the standby or the application itself not running on the standby. If the application should run on the standby, then it must call chkpt_init() in order for mirroring to succeed. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-STANDBY_PROXY_SPAWN All attempts to spawn checkpoint proxy on the standby failed (error [hex]) Explanation Multiple attempts to spawn a copy of the checkpoint proxy for this application on the standby were done, and the attempts have been stopped. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-STBY_CAPABLE Call to sysmgr_is_standby_capable failed with error (error [hex]) Explanation The call to sysmgr_is_standby_capable failed. This may be due to the application not having a startup file, and so being unknown to sysmgr. Recommended Action Collect system log information. Error Message %HA-CHKPT_MESSAGING-7-SYSMGR_GET_PROC_ROLE [chars]: call to sysmgr_get_proc_role failed with status [hex] ([chars]) Explanation A call to sysmgr_get_proc_role failed with the given status. Recommended Action Collect system log information.High Availability (HA) Messages CHKPT_PROXY Messages EM-235 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CHKPT_PROXY Messages Error Message %HA-CHKPT_PROXY-7-BAD_IPC_LENGTH IPC request type [dec] had bad length [dec] (expected [dec]) Explanation An IPC message with invalid length was received by the proxy process. Recommended Action No action is required. Error Message %HA-CHKPT_PROXY-7-BAD_IPC_REQUEST Bad IPC request type [dec] received with message length [dec] Explanation An invalid IPC request type was received by the proxy process. Recommended Action No action is required. Error Message %HA-CHKPT_PROXY-7-DEBUG [chars] Explanation Internal Debug Message Recommended Action No action is required. Error Message %HA-CHKPT_PROXY-7-GROUP_CREATE_ERROR [chars]: a call to group_create failed with error [dec] Explanation The proxy process uses group_create() to join the proxy control group. A call to group_create() failed with the specified error. Recommended Action No action is required. Error Message %HA-CHKPT_PROXY-7-IPC_ERROR [chars]: [chars] failed with error [dec] Explanation As part of IPC operation, a call to a function failed with the specified error. Recommended Action No action is required. High Availability (HA) Messages CHKPT_TDM Messages EM-236 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_PROXY-7-NO_MEMORY [chars]: could not allocate [dec] bytes of memory Explanation Memory allocation failed. This is likely to be a resource shortage rather than a coding error. Recommended Action No action is required. Error Message %HA-CHKPT_PROXY-7-PUTENV [chars]: a call to putenv([chars]) failed with error [dec] Explanation The proxy process uses putenv() to communicate with the checkpoint library. A call to putenv() failed with the specified error. Recommended Action No action is required. Error Message %HA-CHKPT_PROXY-7-STDBY_NOPROXY Proxy not spawned for LR-plane process ’[chars]’ due to admin boot hold Explanation Admin boot hold has ben set for this node (normally due to an install operation) so a chkpt_proxy has not been spawned for this process. Recommended Action No action is required. Error Message %HA-CHKPT_PROXY-7-SYSTEM_ERROR [chars]: [chars] failed with error [hex] Explanation A call to a system function failed with the specified error code. Recommended Action No action is required. CHKPT_TDM Messages Error Message %HA-CHKPT_TDM-4-OOS Checkpoint data on active and standby nodes is out-of-sync: Reason: [chars]: Application [chars]: table [dec]: native version [dec], storage version [dec], VS version [dec] Explanation A process failed to restore state from a table in the checkpoint store. Recommended Action No action is required. High Availability (HA) Messages CHKPT_TDM Messages EM-237 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_TDM-7-BAD_ALIGNMENT Index not aligned: [hex] Explanation A heap index was not word aligned. Recommended Action No action is required. Error Message %HA-CHKPT_TDM-7-COLD_RESTART Cold restart: Reason: [chars]: Application [chars]: table [dec]: native version [dec], storage version [dec], VS version [dec] Explanation A process failed to restore state from a table in the checkpoint store. Recommended Action No action is required. Error Message %HA-CHKPT_TDM-7-DUP_TABLE Duplicate table found: Application [chars], table [dec] Explanation During registration, two copies of a table were found in the checkpoint store at the same version. This indicates corruption in the checkpoint store. Recommended Action No action is required. Error Message %HA-CHKPT_TDM-7-NATIVE_VERSION Application passed an invalid native version during a checkpoint table versioning operation. Table: [unsigned int], New version: [dec], Heap version: [dec] Explanation While attempting to version a checkpoint table, an application using checkpoint attempted to pass a native version that was inconsistent with the native version recorded in the checkpoint heap. Recommended Action No action is required. Error Message %HA-CHKPT_TDM-7-NO_TRANSLATOR No translator found: [chars] : [chars] : [chars] Explanation A required translator was not loaded. Recommended Action No action is required. High Availability (HA) Messages CHKPT_TDM Messages EM-238 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-CHKPT_TDM-7-NOT_INDEXED unable to setup index structure for indexed table: [chars]: [hex]: [dec] Explanation Errors (most likely lack of memory) prevent checkpointing from creating an index structure associated with an indexed table. This condition does not affect the functionality at all, only the performance will suffer. Recommended Action The checkpointing software will periodically try again to set up the index structure. So, in general no action is required. Error Message %HA-CHKPT_TDM-7-OBJ_COUNT table object count not correct: [hex]: [dec] (! equals [dec]) Explanation A table’s object count is not what it’s supposed to be. This is an internal accounting error and does not cause any problems inside checkpointing, but it may cause applications which depend on this accounting info to mis-behave. Recommended Action No action is required. Error Message %HA-CHKPT_TDM-7-OBJ_LEN Bad object length: [chars] tblname: [hex]: object size: [dec] record length: [dec] Explanation An object save or get operation is being done with the wrong length buffer. This points to a logical bug in the client application. Recommended Action No action is required. Error Message %HA-CHKPT_TDM-7-REG_MISMATCH table attributes changed upon re-registration: name [unsigned int], version [dec], new attributes: [unsigned int],[unsigned int],[unsigned int], existing attributes: [unsigned int],[unsigned int],[unsigned int] Explanation An application is trying to register for its table. A table with the same name and version exists, but other attributes have changed, so the table is not allowed to be used. Recommended Action No action is required. Error Message %HA-CHKPT_TDM-7-TRANSLATION_FATAL Fatal translation error: [hex] Explanation An error occurred during data translation. The process will restart without checkpointed data. Recommended Action No action is required.High Availability (HA) Messages DCL_LIB Messages EM-239 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DCL_LIB Messages Error Message %HA-DCL_LIB-2-NULL_PTR [chars]@[dec]: Null Data Pointer Encountered Handle equals [hex] Counter equals [hex] Explanation An expected data pointer was not found. Recommended Action Collect system log information. No action is required. Error Message %HA-DCL_LIB-4-CERR_REGISTER Registration of error strings failed with error [hex] Explanation Error string registration failed. Recommended Action No action is required. Error Message %HA-DCL_LIB-4-NONFATAL_INTERNAL [chars]@[dec]: A Non-Fatal Internal Error was encountered. Explanation A Non-Fatal condition was encountered. This is not necessarily an error, but information gathered here may help with debugging other problems elsewhere in the system. Recommended Action Collect system log information. No action is required. Error Message %HA-DCL_LIB-4-UNEXPECTED [chars]@[dec]: An Unexpected condition was encountered - [chars] Explanation An unexpected condition was encountered. This is not necessarily an error, but information gathered here may help with debugging other problems elsewhere in the system. Recommended Action Collect system log information. No action is required. HA_EEM Messages Error Message %HA-HA_EEM-4-EEMSD_DIRECTORY_NOT_EXIST User policy directory [chars] could not be found on [chars] Explanation A policy directory could not be found. Cold start on this location may result in startup configuration failure. Recommended Action Create the directory on this location. High Availability (HA) Messages HA_EEM Messages EM-240 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-4-EEMSD_POLICY_APPLY Could not apply policy ’[chars]’: [chars] Explanation A policy could not be applied. This message signaled an unsuccessful apply of the policy. Recommended Action Remove the configuration for the policy (and commit), and then attempt to configure the registration of the same policy. Error Message %HA-HA_EEM-4-EEMSD_POLICY_CONFIG_INCONSISTENT Policy ’[chars]’: [chars] Explanation Some policy configuration is potentially inconsistent, and the user should follow the guidelines in the message to amend this. Recommended Action Examine the guidelines in the message, and the event manager configuration, to determine the potential problem. Note that this is just a warning message, not an error message, as the configuration is legal - it may be the case that the user has intentionally set this configuration. Error Message %HA-HA_EEM-4-EEMSD_POLICY_NOT_EXIST Policy file [chars] could not be found on [chars] Explanation A policy file could not be found. Cold start on this location may result in startup configuration failure. Recommended Action Copy the policy file to this location. Error Message %HA-HA_EEM-4-EEMSD_POLICY_TUPLE_UNPACK Failed to unpack_tuple to get username (Err: [dec]) for [chars] Explanation Failed to unpack sysdb tuple to get the username for the scripts. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. . Error Message %HA-HA_EEM-4-EEMSD_POLICY_UNREGREG_ERR Could not replace policy ’[chars]’: [chars] Explanation A registered policy changed by the last installation update was detected. Since the update used the ’start’ option, the old policy was automatically replaced by the new policy. This message signaled an unsuccessful replacement of the policy. Recommended Action Remove the configuration for the previous policy (and commit), and then attempt to configure the registration of the new policy. The error message returned at commit time should indicate the problem with the new policy. High Availability (HA) Messages HA_EEM Messages EM-241 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-6-EEMED_WD_CPU_NOTIF CPU consumption is [chars] at [unsigned int] percent Explanation The CPU state has changed and the new state is announced. Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMS_POLICY_EXEC Policy execution has been [chars] Explanation The Embedded Event Manager policy excution state has been changed to the state named in the message. Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMS_POLICY_TIMEOUT Policy ’[chars]’ has hit its maximum execution time of [dec].[dec] seconds, and so has been halted Explanation The policy has exceeded its maximum execution time, and so has been halted part way through execution. If this policy is expected to take a long time to run, it may need to have ’maxrun_sec’ added to the policy registration line (or its value increased if it is already specified). Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMS_RELOAD_SYSTEM Policy has requested a system reload; reloading in 5 seconds Explanation A Embedded Event Manager policy requested that the system be reloaded. Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMS_SYSLOG_SCAN_SIGNUP Failed to load Syslog FD DLL [chars]: [chars]. Syslog registration in Embedded Event Manager policies will not be able to function. Explanation The syslog_scan_signup function reported an error trying to load the specifed Syslog Embedded Event Detector DLL library. It will not be possible for Embedded Event Manager to be alerted of new syslog messages, and hence any scripts registered for syslog messages will not be triggered as expected. Recommended Action Restart the syslogd process and the eem_server process. If the message still appears then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-242 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-6-EEMSD_POLICY_CHANGED Registered policy ’[chars]’ changed by the last installation update Explanation A registered policy was changed by the last installation update. If the update used the ’start’ option, the old policy was automatically unregistered and the new policy registered. Otherwise, the old policy would remain registered and functional until the user unregisters it manually. Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMSD_POLICY_DELETED Registered policy ’[chars]’ deleted by the last installation update Explanation A registered policy was deleted by the last installation update. If the update used the ’start’ option, the policy was automatically unregistered. Otherwise, the policy would remain registered and functional until the user unregisters it manually. Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMSD_POLICY_REG_SUCC Policy ’[chars]’ registered successfully, by user [chars], with persist time [dec] and type [dec] Explanation A new policy has been registered with Embedded Event Manager. This message signaled a successful registration. Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMSD_POLICY_UNREG_SUCC Policy ’[chars]’ unregistered successfully Explanation A registered policy changed or deleted by the last installation update was detected. Since the update used the ’start’ option, the old policy was automatically unregistered. This message signaled a successful unregistration. Recommended Action No action is required. Error Message %HA-HA_EEM-6-EEMSD_POLICY_UNREGREG_SUCC Policy ’[chars]’ replaced successfully Explanation A registered policy changed by the last installation update was detected. Since the update used the ’start’ option, the old policy was automatically replaced by the new policy. This message signaled a successful replacement of the policy. Recommended Action No action is required. High Availability (HA) Messages HA_EEM Messages EM-243 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-DEBUG_INIT_EVENT Debug initialization for the fm/[chars] event failed: [chars] Explanation An error was returned when the Embedded Event Manager called the debug_init_event() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-DEBUG_REGISTER Debug registration for Embedded Event Manager failed: [chars] Explanation An error was returned when the Embedded Event Manager called the debug_register() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_CHKPT_INIT [chars] Explanation Internal error. The fault detector has failed to initialize with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_ADD [chars] Explanation Internal error. The fault detector has failed to add an object to the checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_INIT [chars] Explanation Internal error. The fault detector has failed to initialize a table with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-244 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_ITERATE [chars] Explanation Internal error. The fault detector has failed to iterate the checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_REMOVE [chars] Explanation Internal error. The fault detector has failed to remove an object from the checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_EA_ATTACH Could not register for asynchronous message events: [chars] Explanation The fault detector has failed to attach an event handler for asynchronous messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_EI_EVENT Could not initialize event structure: [chars] Explanation The fault detector has failed to initialize the sigevent structure to be used by the Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_EM_ATTACH Could not register for sychronous message events: [chars] Explanation The fault detector has failed to attach an event handler for synchronous messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-245 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-ED_NONE_EVM_CREATE Could not create event manager: [chars] Explanation The fault detector has failed to create an Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_EVM_EVENT_BLOCK An error occurred while waiting for an event: [chars] Explanation The event infrastructure will ignore this error and continue to wait for the next event. If this error is seen repeatedly, the process may not be able to function and will need to be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_MEM_ALLOC Not enough memory ([dec] bytes) Explanation Allocating memory failed due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %HA-HA_EEM-7-ED_NONE_MSG_REPLY Failed to send reply to event manager run: [chars] Explanation The fault detector has failed to send a reply to event manager run process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_MSGSEND_EVT [chars] Explanation The fault detector has failed to send a pulse to the fault manager to notify of an event publish. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-246 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-ED_NONE_MSGSEND_RETRY_ERR Maximum retry number exceeded Explanation The fault detector has exceeded its maximum number of retries to send a pulse to the fault manager to notify of an event publish. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_PUB_ENQUEUE [chars] Explanation Internal error. The fault detector has failed to add a publish data entry to the list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_PUB_RBLD [chars] Explanation Internal error. The fault detector has failed to rebuild the publish list from the checkpointed records. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_PUB_TM_ALLOC could not allocate memory for event publish timer block Explanation Internal error. The fault detector has failed to allocate memory for the event publish timer block. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_RM_ATTACH Could not attach resource manager funtions to event manager: [chars] Explanation The fault detector has failed to attach a Resource Manager to an Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-247 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-ED_NONE_TM_ADDL_CTX Could not set additional context pointer: [chars] Explanation The fault detector has failed to set a managed timer’s additional context pointer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_TM_LEAF_NEW Could not create a leaf timer Explanation The fault detector has failed to create a managed leaf timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_TM_PARENT_NEW Could not create a managed parent timer: [chars] Explanation The fault detector has failed to create a managed parent timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-ED_NONE_TM_TREE_NEW Could not create a managed timer tree Explanation The fault detector has failed to create a managed timer tree. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMC_APPL_CBH_PULSE Unable to locate application publish callback entry for pulse code [dec] Explanation The application publish callback handler was unable to validate the pulse code received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-248 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMC_APPL_CBH_SEND Unable to report that application publishing has been successfully carried out: [chars] Explanation The application publish callback handler was unable to send a report to the Embedded Event Manager Server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMC_CB_EVM_CREATE Unable to create the messaging infrastructure for this process: [chars] Explanation An error was reported trying to create the messaging infrastructure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMC_CB_INIT_EEMC Failed to initialize the Embedded Event Manager context control block: [chars] Explanation An error was reported trying to initialize the internal context control block. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMC_CB_MC_ATTACH Failed to attach to a messaging channel: [chars] Explanation An error was reported trying to attach to a messaging channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMC_CBS_THREAD_CREATE Unable to create a posix thread: [chars] Explanation Unable to create a posix thread to carry out Embedded Event Manager handling. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-249 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMC_CERR_REG Unable to register error code descriptions: [chars] Explanation The Embedded Event Manager errors could not be registered, and so the error codes will not be decoded in messages to the user. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMC_REG_CBH_PULSE Unable to locate reg callback entry for pulse code [dec] Explanation The registration callback handler was unable to validate the pulse code received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMC_REG_CBH_SEND Unable to report that callback handling has been successfully carried out: [chars] Explanation The registration callback handler was unable to send a report to the Embedded Event Manager Server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_CHKPT_INIT [chars] Explanation Internal error. The event detector has failed to initialize with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_CHKPT_TBL_INIT [chars] Explanation Internal error. The event detector has failed to initialize a table with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-250 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_CHKPT_TBL_ITERATE [chars] Explanation Internal error. The event detector has failed to iterate the checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_CONNECTION_FAIL Could not connect to [chars] : [chars] Explanation Could not connect to event detector on the remote node. Node may be invalid or not available or the process may not be available to accept the connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_DE_FETCH [chars] Explanation Internal error. The event detector has failed to fetch a data element from the statistics data engine. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_DE_INIT [chars] Explanation Internal error. The event detector has failed to initialize the statistics data engine. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_EA_ATTACH Could not register for asynchronous message events: [chars] Explanation The event detector has failed to attach an event handler for asynchronous messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-251 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_EI_EVENT Could not initialize event structure: [chars] Explanation The event detector has failed to initialize the sigevent structure to be used by the Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_EM_ATTACH Could not register for sychronous message events: [chars] Explanation The event detector has failed to attach an event handler for synchronous messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_EVM_CREATE Could not create event manager: [chars] Explanation The event detector has failed to create an Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_EVM_EVENT_BLOCK An error occurred while waiting for an event: [chars] Explanation The event infrastructure will ignore this error and continue to wait for the next event. If this error is seen repeatedly, the process may not be able to function and will need to be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_HIST_QERR Could not obtain a free history list entry Explanation Internal error. The event detector has failed to get a free history list entry. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-252 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_INV_COMPARE_OP Invalid comparison operator: [dec] Explanation Internal error. The value comparison operator is invalid or not supported. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_INV_STATS_TYPE Invalid statistics value type: [dec] Explanation Internal error. The statistics data type is invalid or not supported. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_INV_TM Invalid timer: type equals [dec], timer equals [pointer] Explanation Internal error. The timer value is invalid or not as expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_INV_TM_TYPE Invalid timer type: [dec] Explanation Internal error. The timer type is invalid or not supported. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_LOCAL_NODEID Could not get local nodeid: [chars] Explanation Could not get local node identifier. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-253 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_MEM_ALLOC Not enough memory ([dec] bytes) Explanation Allocating memory failed due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %HA-HA_EEM-7-EEMED_MET_ENQUEUE Could not enqueue metric data: [chars] Explanation Internal error. The system manager event detector has failed to add a metric data entry to the list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_MET_RBLD [chars] Explanation Internal error. The event detector has failed to rebuild the metric list from the checkpointed records. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_MISC_ERR [chars] ([chars]) Explanation An unexpected error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_MSGSEND_EVT [chars] Explanation The event detector has failed to send a pulse to the event manager to notify of an event publish. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-254 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_MSGSEND_RETRY_ERR Maximum retry number exceeded Explanation The event detector has exceeded its maximum number of retries to send a pulse to the event manager to notify of an event publish. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_OE_CREATE Could not create an occurrence entry Explanation Internal error. The event detector has failed to create an entry for the matched occurrence list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_OE_REMOVE Could not remove an occurrence entry Explanation Internal error. The event detector has failed to remove an entry from the matched occurrence list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_PLTF_NODENAME Could not get local node name Explanation The event detector has failed to get the local node name. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_PUB_ENQUEUE [chars] Explanation Internal error. The event detector has failed to add a publish data entry to the list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-255 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_PUB_RBLD [chars] Explanation Internal error. The event detector has failed to rebuild the publish list from the checkpointed records. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_RM_ATTACH Could not attach resource manager funtions to event manager: [chars] Explanation The event detector has failed to attach a Resource Manager to an Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_SM_PROC_EXIT [chars] Explanation The system manager failed to execute the default action of the terminated process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_STATS_VAL_GET_ERR [chars] Explanation Internal error. The event detector has failed retrieving a valid statistics value. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_SYSDB_BIND [chars] Explanation Failed to bind to SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-256 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_SYSDB_GET [chars] Explanation Failed to retrieve an item from SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_SYSDB_REG_NOTIFY [chars] Explanation Failed to register for notification of a set of items in SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_THREAD_CREATE Could not create a Posix thread Explanation The pthread_create function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_TM_ADDL_CTX Could not set additional context pointer: [chars] Explanation The event detector has failed to set a managed timer’s additional context pointer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_TM_CRTICK_INIT [chars] Explanation Internal error. The initialization of the cron-tick function has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-257 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMED_TM_LEAF_NEW Could not create a leaf timer Explanation The event detector has failed to create a managed leaf timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_TM_PARENT_NEW Could not create a managed parent timer: [chars] Explanation The event detector has failed to create a managed parent timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMED_TM_TREE_NEW Could not create a managed timer tree Explanation The event detector has failed to create a managed timer tree. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_CHKPT_INIT Could not register the application with the checkpointing server: [chars] Explanation Failed to register an application with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_CHKPT_NULL_PTR Got a null [chars] but non-null value was expected Explanation Failed to do further processing because we got a null data when a non-null value was expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-258 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_CHKPT_TBL_ADD Could not save a record into a checkpointing table: [chars] Explanation Failed to save a record into the given checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_CHKPT_TBL_INIT Failed to initialize [chars]: [chars] Explanation Could not initialize a table with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_CHKPT_TBL_RECOVER Could not recover the checkpointed [chars]: [chars] Explanation Failed to recover a checkpointed table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_CONN_EXIST The message connection we try to set up already exists Explanation An internal error. We tried to set up a message connection but it already exists. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_EVM_ASYNC_ATTACH Could not attach handler for Event Manager asynchronous event: [chars] Explanation An internal error was detected when attaching a handler for an Event Manager asynchronous event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-259 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_EVM_CREATE Could not create event manager: [chars] Explanation An internal error was detected when creating Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_EVM_EVENT_BLOCK Failed to block waiting for Event Manager events: [chars] Explanation An internal error was detected when block waiting for Event Manager events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_EVM_FILE_ATTACH Could not register a notification handler for a file descriptor: [chars] Explanation An internal error was detected when trying to register a notification handler for a file descriptor. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_EVM_INIT_EVENT Could not initialize Event Manager event: [chars] Explanation An internal error was detected when initializing an Event Manager event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-260 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_EVM_TM_ATTACH Could not set up a managed timer identifier: [chars] Explanation An internal error was detected when trying to allocate a managed timer identifier and assign to it an event handler. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_EVM_TM_LEAF_NEW Could not create a managed timer tree leaf: [chars] Explanation An internal error was detected when trying to create a managed timer tree leaf for the event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_FD_SIGEVENT Error occured when a event detector processed the pulse from the metric director: [chars] Explanation Internal error. Error occurred when a detector processed the pulse from the metric director. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_FILE_OPEN Failed to open file [chars] : [chars] Explanation Failed to open the given file due to some internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-261 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_GET_CHID Could not get message channel ID: [chars] Explanation An internal error was detected when getting ID for a message channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_GET_NODE_NAME Could not get node name of the local host: [chars] Explanation An internal error was detected when trying to get the node name of the local host. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_GUARD_WORD_VER [chars] guard word corrupted; [pointer] Explanation The guard word for the specified control block does not contain what is expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_LAST_PROC Invalid last process replied: node [hex], job id [dec] Explanation Internal error. The information of last process the metric director replied to ’show event manager metric process’ command is invalid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_LOCAL_NODEID Could not get local nodeid: [chars] Explanation Could not get local node identifier. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-262 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_LONG_PATHNAME Too long path name Explanation Internal error. A path name could not be formed because it exceeded the maximum length. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_LWM_ATTACH Could not attach a connection to a message channel: [chars] Explanation An internal error was detected when attaching a connection to a message channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_LWM_CONNECT Could not connect to the message channel [chars]: [chars] Explanation An internal error was detected when attaching a handler for an Event Manager asynchronous event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_LWM_SEND Could not send message: [chars] Explanation An internal error was detected when sending a message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_LWM_SEND_ASYNC Could not send a pulse to a connection: [chars] Explanation An internal error was detected when trying to send a pulse to a connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-263 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_MEM_ALLOC Not enough memory ([dec] bytes) Explanation Allocating memory failed due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %HA-HA_EEM-7-EEMMD_METRIC_POLL Error occurred when polling a event detector for metric data: [chars] Explanation Internal error. Error occurred when the metric director tried to poll a event detector for metric data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_METRICSVC_INIT Could not initialize metric RPC service: [chars] Explanation An internal error was detected when initializing RPC service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_PROC_EVENT_TYPE Unknown process event type [dec] Explanation An unknown Embedded Event process event type was detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_QSM_REG_NOTIF Could not register for QSM notification: [chars] Explanation An internal error was detected when registering for QSM notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-264 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_SVC_REG RPC service registration for Embedded Event Metric Director failed Explanation Embedded Event Metric Director failed to register with the RPC facility. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_SVCEVM_CREATE Could not initialize RPC server for event manager: [chars] Explanation Initializing RPC server stub for event manager failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_SYSCALL [chars] failed: [chars] Explanation A system call failed with the indicated error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_UNEXP_MSG_TYPE Message type is [dec] instead of the expected [chars] Explanation A received message was of an unexpected type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMMD_UNEXP_PROC Process metric entry with node [hex] and job id [dec] not found Explanation Internal error. The process metric entry with the given node name and job id cannot be found. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-265 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMMD_UNEXP_PULSECODE Unexpected pulse code [dec] Explanation A received pulse was of an unexpected code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_ASYNC_ATTACH Failed to attach to handle [chars]: [chars] Explanation The event_async_attach function reported an error trying to attach to the specified handle. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_ASYNC_ATTACH_FD Failed to attach to handle Embedded Event Detector [chars] pulse code: [chars] Explanation The event_async_attach function reported an error trying to attach to handle the Embedded Event Detector handler pulse code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_CALLBACK_MAX_ENTRIES Maximum number of callback publish entries exceeded for [chars]; some events have been discarded Explanation An attempt to publish an event requiring a callback failed because there is no more room in the callback publish queue for the specified process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-266 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_CHKPT_INIT Could not register the application with the checkpointing server: [chars] Explanation Failed to register an application with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_CHKPT_NULL_PTR Got a null [chars] when non-null value was expected Explanation Failed to do further processing because we got a null data when a non-null value was expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_CHKPT_TBL_ADD Could not add to the checkpointed [chars]: [chars] Explanation Failed to add a record to the checkpointed table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_CHKPT_TBL_INIT Failed to initialize [chars]: [chars] Explanation Could not initialize a table with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_CHKPT_TBL_RECOVER Could not recover for the checkpointed [chars]: [chars] Explanation Failed to recover a record from the checkpointed table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-267 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_CHKPT_TBL_REMOVE Could not remove from the checkpointed [chars]: [chars] Explanation Failed to remove a record from a checkpointed table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_CHKPT_TBL_SAVE Could not save to the checkpointed [chars]: [chars] Explanation Failed to save a record to a checkpointed table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_EVM_CREATE Failed to create an event manager: [chars] Explanation An error was reported trying to create this process’ messaging infrastructure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_EVM_EVENT_BLOCK An error occurred while waiting for an event: [chars] Explanation The event infrastructure will ignore this error and continue to wait for the next event. If this error is seen repeatedly, the process may not be able to function and will need to be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_EVM_FILE_ATTACH Unable to do an event_file_attach for [chars]: [chars] Explanation The event_file_attach function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-268 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_EVM_INIT_EVENT event_init_event for Embedded Event Detector [chars] failed: [chars] Explanation The event_init_event function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_FDC_ALLOCATE Failed to allocate Embedded Event Detector context control block: [chars] Explanation The get_fd function reported an error trying to allocate a Embedded Event Detector context control block. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_FDC_OPEN Failed to open Embedded Event Detector context control block Explanation The open_fd function reported an error trying to open a Embedded Event Detector context control block. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_GET_CHAN_CHAN Failed to obtain a messaging channel ID: [chars] Explanation An error was reported trying to obtain the channel ID. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-269 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_GET_NODE_NAME Failed to retrieve the name of the local node: [chars] Explanation An error was reported trying to obtain the node name. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_GET_NODE_STATE Failed to get the current nodes state: [chars] Explanation The call to get the nodes current state failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_GET_PRIO Failed to get process priority: [chars] Explanation The getprio function reported an error trying to obtain the default process priority. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_GUARD_WORD_VER [chars] guard word corrupted; [pointer] Explanation The guard word for the specified control block does not contain what is expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_INIT_EVENT_TIMER Failed to initialize a timer event: [chars] Explanation An error was reported trying to initialize the timer notification event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-270 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_INV_ARG_STRING Invalid argument string: [chars] Explanation An invalid argument string was passed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_INV_ENV_STRING Invalid environment string: [chars] Explanation An invalid environment string was passed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_KILL Unable to kill process [chars]: [chars] Explanation The kill function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_KILL_RUN Unable to kill run process [dec] for [chars]: [chars] Explanation The kill function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_LWM_ATTACH Failed to attach to eem message channel: [chars] Explanation The msg_chan_attach function reported an error trying to attach to the Embedded Event Manager server channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-271 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_LWM_ATTACH_SYNC Failed to attach to handle synchronous messages: [chars] Explanation The event_message_attach function reported an error trying to attach to handle synchronous messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_LWM_CONNECT Failed to connect to eem message channel [chars]: [chars] Explanation The msg_chan_connect function reported an error trying to connect to the specified Embedded Event Manager server channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_LWM_DISCONNECT Failed to disconnect from eem message channel [chars]: [chars] Explanation The msg_chan_disconnect function reported an error trying to disconnect from the specified Embedded Event Manager server channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_LWM_SEND Failed to send a message to [chars]: [chars] Explanation The msg_send function reported an error trying to send a message to the specified process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-272 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_LWM_SEND_ASYNC Could not send a pulse to a connection: [chars] Explanation An internal error was detected when trying to send a pulse to a connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_LWM_SEND_EVENT Failed to send an event to [chars]: [chars] Explanation The msg_send_event function reported an error trying to send an asynchronous message to the specified process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_MEM_ALLOC Unable to allocate [dec] bytes Explanation The malloc function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_MEM_REALLOC Unable to reallocate [dec] bytes Explanation The realloc function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_MISC_ERR [chars] ([chars]) Explanation An unexpected error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-273 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_NULL_SCRIPT_NAME The script name is NULL Explanation A null script name was invalidly passed as an argument. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_OPEN Unable to open [chars]: [chars] Explanation The open function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_OVL_GET_MODULE_PATH ovl_get_module_path failed when attempting to get the full path for a program: [chars] Explanation The ovl_get_module_path function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_OVL_NOTIFY_REG ovl_notification_register failed when registering to handle OVL notifications: [chars] Explanation The ovl_register_notification function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_OVL_SETUP_ENV ovl_setup_env failed when updating the environment variables during an OVL notification: [chars] Explanation The ovl_setup_env function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-274 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_POLICY_CHECKSUM Checksum error for policy [chars] - this policy will not be run Explanation The checksum computed for the specified policy does not match the original checksum computed when the policy was registered. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_POLICY_HASH The hash computation routine reported an error: [chars] Explanation The fm_hash_md5_fd() function reported the specified error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_QSM_REGISTER Failed to register for QSM notifications for the event detector [chars]: [chars] Explanation The qsm_register_notification function reported an error trying to register for QSM notifications for the named event detector. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_REG_NODE_STATE_CHANGE Failed to register for node state changes: [chars] Explanation The call to register for node state changes failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-275 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_SCRIPT_MAX_ENTRIES Maximum number of script publish entries exceeded; some events have been discarded Explanation An attempt to publish an event requiring a script failed because there is no more room in the script publish queue. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_SIGNAL_ATTACH Failed to attach to handle SIGCHLD: [chars] Explanation The event_signal_attach function reported an error trying to attach to handle the SIGCHLD signal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_SIGQUEUE Failed to queue a signal for pid [hex], signal [dec]: [chars] Explanation The sigqueue function reported an error trying to send a notification signal to the process specified by pid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_SPAWN Unable to spawn [chars]: [chars] Explanation The spawn function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-276 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMS_SYSLOG_SCAN_RESIGN Failed to unload Syslog FD DLL [chars]: [chars] Explanation The syslog_scan_resign function reported an error trying to unload the specified Syslog Embedded Event Detector DLL library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_TM_LEAF_NEW Unable to create timer leaf for [chars]: [chars] Explanation The mgd_timer_leaf_new function reported an error attempting to create a timer leaf for the timer named in the error message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_TM_PARENT_NEW Could not create a managed parent timer: [chars] Explanation The mgd_timer_parent_new function reported an error attempting to create the timer named in the error message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMS_TM_TREE_NEW Could not create a managed timer tree Explanation The mgd_timer_tree_new function reported an error attempting to create the root timer tree. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-277 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMSD_CHKPT_INIT Could not register the application with the checkpointing server: [chars] Explanation Failed to register an application with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_CHKPT_NULL_PTR Got a null [chars] but non-null value was expected Explanation Failed to do further processing because we got a null data when a non-null value was expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_CHKPT_TBL_ADD Could not save a record into a checkpointing table: [chars] Explanation Failed to save a record into the given checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_CHKPT_TBL_INIT Failed to initialize [chars]: [chars] Explanation Could not initialize a table with the checkpointing server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_CHKPT_TBL_RECOVER Could not recover the checkpointed [chars]: [chars] Explanation Failed to recover a checkpointed table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-278 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMSD_CHKPT_TBL_REMOVE Could not delete a record from a checkpointing table: [chars] Explanation Failed to delete a record from the given checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_CHKPT_TBL_RESET Could not reset a record in a checkpointing table: [chars] Explanation Failed to reset a record in the given checkpointing table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_COUNTER_SET Failed to set a counter: [chars] Explanation Failed to set a Embedded Event Manager counter. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_EVENT_CREATE Failed to create an event: [chars] Explanation Failed to create a Embedded Event Manager event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_EVENT_REG Failed to register an event: [chars] Explanation Failed to register a Embedded Event Manager event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-279 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMSD_EVENT_TYPE Unknown event type [dec] Explanation An unknown Embedded Event Manager event type was detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_EVM_CREATE Could not create event manager: [chars] Explanation An internal error was detected when creating Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_EVM_EVENT_BLOCK Failed to block waiting for Event Manager events: [chars] Explanation An internal error was detected when block waiting for Event Manager events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_FILE_OPEN Failed to open file ’[chars]’: [chars] Explanation Failed to open the given file due to some internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_FM_INIT Could not initialize Embedded Event Manager service ’[chars]’: [chars] Explanation An internal error was detected when initializing Embedded Event Manager service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-280 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMSD_GET_NODE_NAME Failed to get the local node name: [chars] Explanation Failed to get the local node name. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_GET_PRIO Failed to get process priority: [chars] Explanation Internal error. A call to get process scheduling priority failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_LAST_POLICY Invalid last policy name replied ’[chars]’ Explanation Internal error. The last policy name the script director replied to ’show event manager policy registered’ command is an invalid policy name. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_MEM_ALLOC Not enough memory ([dec] bytes) Explanation Allocating memory failed due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %HA-HA_EEM-7-EEMSD_OVL_NOTIF_REG Could not register for Version Manager notification: [chars] Explanation An internal error was detected when registering for Version Manager notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-281 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMSD_OVL_SETUP_ENV Could not update environment variables: [chars] Explanation Updating environment variables of the process according to system variables stored in sysdb failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_POLICY_MISSING The policy execution copy ’[chars]’ was not present at unregistration. Explanation The execution copy of the indication policy was not found at the time of unregistration. Most likely, the policy was removed manually, or the policy was not synced to the standby prior to failover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_POLICY_UNREG_ERR Could not unregister policy ’[chars]’: [chars] Explanation A registered policy changed or deleted by the last installation update was detected. Since the update used the ’start’ option, the old policy was automatically unregistered. This message signaled an unsuccessful unregistration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_REFRESHTIMER_INIT Failed to initialize a refresh timer ([chars]): [chars] Explanation Failed to initialize a Embedded Event Manager refresh timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_EEM Messages EM-282 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMSD_RESYNC_FAIL Could not re-add file [chars] to syncfs list: [chars] Explanation On process restart or failover the script file could not be added to the syncfs list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_SVC_REG RPC service registration for Embedded Event Manager Script Director failed Explanation Embedded Event Manager Script Director failed to register with the RPC facility. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_SVCEVM_CREATE Could not initialize RPC server for event manager: [chars] Explanation Initializing RPC server stub for event manager failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_SYNC_FAIL Could not add file [chars] to syncfs list: [chars] Explanation Failed to add a file to be backed up on the redundant node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_SYNCLIST_FAIL Failed to remove ’[chars]’ from the sync list: [chars]. Explanation An error was encountered while removing the indicated execution copy of a policy from the syncfs sync list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_SS Messages EM-283 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_EEM-7-EEMSD_SYSDB_VERIFY_REG Could not register for SysDB verification: [chars] Explanation An internal error was detected when trying to register verify function and/or apply function for SysDB tuple operations upon the given item within the given namespace. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_EEM-7-EEMSD_TIMER_ARM Failed to arm a timer: [chars] Explanation Failed to arm a Embedded Event Manager timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HA_SS Messages Error Message %HA-HA_SS-7-DEBUG MSG1[[chars]] ID[[dec]] MSG2[[chars]] Explanation Debug message Recommended Action No action is required. HA_WD_LIB Messages Error Message %HA-HA_WD_LIB-3-DEBUG_REGISTER_FAIL Call to debug_register() failed with error [dec] ([chars]) Explanation An internal error was detected when registering with the debug library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD_LIB Messages EM-284 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD_LIB-7-CLIENT_MONITOR Call to remonitor evm failed: [chars] Explanation The wdsysmon server returned an error to a client in response to a request to remonitor an event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-CLIENT_UNMONITOR Call to monitor evm failed: [chars] Explanation The wdsysmon server returned an error to a client in response to a request to stop monitoring an event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-INVALID_ARG [chars]: [chars] Explanation A wdsysmon library was called with an invalid argument. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-MISSING_CTX [chars]: [unsigned int] Explanation During a re-registration, an internal context structure was not found. This is probably a coding error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-NO_MEM [chars]: not enough memory: [chars] Explanation Allocating memory failed due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. High Availability (HA) Messages HA_WD_LIB Messages EM-285 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD_LIB-7-SVR_MEMINFO [chars]: Server failed to return memory information: [chars] Explanation An internal error was detected when trying to communicate with wdsysmon to retrieve a node’s memory information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-SVR_REG [chars]: failed to register with WDSysMon server: [chars] Explanation An internal error was detected when trying to register with WDSysMon server with an initialization message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-SVR_RSC_UNREG [chars]:[chars]: failed to unregister with wdsysmon resource notification server: [chars] Explanation An internal error was detected when trying to unregister with wdSysmon server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-SVR_UNREG [chars]: failed to unregister with WDSysMon server: [chars] Explanation An internal error was detected when trying to unregister with WDSysMon server with a close message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-286 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD_LIB-7-SYSCALL [chars]: [chars](): [chars] Explanation A system call failed in the wdsysmon library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD_LIB-7-THREAD_CTX_INIT [chars]:[chars]: failed to initialize WDSysMon resource notification thread context: [chars] Explanation An internal error was detected when trying to initialize the WDSysMon resource notification thread context Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HA_WD Messages Error Message %HA-HA_WD-1-ABORTING [chars], Aborting. Explanation The system is experiencing CPU Hog, If this condition persists for 30 seconds, the node will be reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-1-CPU_HOG_5 Process [chars] pid [dec] tid [dec] prio [dec] using [dec]% is hogging CPU and will be terminated Explanation This message is displayed Recommended Action The command ’show watchdog trace’ will display additional information about the potential CPU hog. If the hog is persistant, contact technical support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-287 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-1-CPU_HOG_ALERT Process [chars] pid [dec] tid [dec] prio [dec] using [dec]% is the top user of CPU. Explanation This message is displayed after the CPU hog detector trips. It shows the percentage of CPU used by the busiest thread in the top consumer of CPU. Recommended Action The command ’show watchdog trace’ will display additional information about the potential CPU hog. If the hog is persistant, contact technical support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-1-CURRENT_STATE Persistent Hog detected for more than [dec] seconds Explanation The system is experiencing CPU Hog, If this condition persists for 30 seconds, the node will be reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-1-DISK_ALERT A monitored device [chars] is above [dec]% utilization. Current utilization equals [dec]. Please remove unwanted user files and configuration rollback points. Explanation When some monitored disk’s usage is above 99%. Recommended Action The indicated disk device may be running out of space. Determine if there are unneeded files on the disk. Error Message %HA-HA_WD-2-DISK_CRIT A monitored device [chars] is above [dec]% utilization. Current utilization equals [dec]. Please remove unwanted user files and configuration rollback points. Explanation When some monitored disk’s usage is above 95%. Recommended Action The indicated disk device may be running out of space. Determine if there are unneeded files on the disk. High Availability (HA) Messages HA_WD Messages EM-288 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-3-DEBUG_REGISTER_FAIL Call to debug_register() failed with error [dec] ([chars]) Explanation An internal error was detected when registering with the debug library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-DEVCTL [chars]: line [dec]: devctl() on file [chars] failed with error [dec] ([chars]) Explanation Failed to open procfs file or directory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-EVM_ASYNC_ATTACH [chars]: could not attach handler for Event Manager asynchronous event: [chars] Explanation An internal error was detected when attaching a handler for an Event Manager asynchronous event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-EVM_CREATE [chars]: could not create event manager: [chars] Explanation An internal error was detected when creating Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-EVM_EVENT_BLOCK [chars]: failed to block waiting for Event Manager events: [chars] Explanation An internal error was detected when block waiting for Event Manager events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-289 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-3-EVM_INIT_EVENT [chars]: failed to initialize a sigevent structure: [chars] Explanation An internal error was detected when trying to initialize a sigevent structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-EVM_MSG_ATTACH [chars]: could not attach handler for Event Manager synchronous message: [chars] Explanation An internal error was detected when attaching a handler for an Event Manager synchronous message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-EVM_THREAD_INIT [chars]: unable to initialize event manager thread: [chars] Explanation An error occured when attempting to initialize the event manager thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-EVM_TM_ATTACH [chars]: could not set up a managed timer identifier: [chars] Explanation An internal error was detected when trying to allocate a managed timer identifier and assign to it an event handler. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-290 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-3-EVM_TM_DETACH [chars]: could not set up a managed timer identifier: [chars] Explanation An internal error was detected when trying to remove a managed timer registration from an event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-EVM_TM_LEAF_NEW [chars]: could not create a managed timer tree leaf: [chars] Explanation An internal error was detected when trying to create a managed timer tree leaf for the event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-FD_CRIT_LIM Process [chars], pid [dec] is using [dec] file descriptors out of a max of [dec]. Critical limit ([dec]%) crossed. Explanation A process is potentially leaking FDs. Critical limit has been crossed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-FD_INIT [chars]: failed to initialize fault detector: [chars] Explanation An internal error was detected when initializing the fault detector. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-291 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-3-FREE_MEM_ADDR Unable to get address of free memory variable from kernel. Explanation Wdsysmon was not able to get access to free memory information from kernel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-HELPER_INIT_FAIL Failed to init helper lib. [chars]: [chars] Explanation The system failed to initialize helper library. This is a fatal error for wdsysmon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-MSG_GET_CHAN_CHAN [chars]: could not get channel id from the channel handler: [chars] Explanation An internal error was detected when trying to get channel id from a channel handler. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-NOTIF_THREAD_INIT [chars]: unable to initialize process memory notification thread: [chars] Explanation An error occured when attempting to initialize the event manager thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-OPEN_PROCFS [chars]: could not open procfs file or directory [chars]: [chars] Explanation Failed to open procfs file or directory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-292 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-3-PLATFORM_NODENAME [chars]: could not get local node name: [chars] Explanation An internal error was detected when trying to get local node name through platform library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-PLATFORM_SLOT [chars]: could not get my slot number Explanation An internal error was detected when trying to get the slot number of local node through platform library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-POP [chars]: unmatched stack pop operation Explanation An unmatched stack pop operation was detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-PTHRD_CREATE [chars]: could not create a POSIX thread Explanation An internal error was detected when trying to create a POSIX thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-3-SERVICE_CREATE Failed to create thread for service [dec], name [chars]: [chars] Explanation The system failed to create the thread that provides the indicated service. This is a fatal error for wdsysmon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-293 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-3-WATCHER_THREAD_INIT [chars]: unable to initialize process cpu watcher thread: [chars] Explanation An error occured when attempting to initialize the cpu watcher thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-4-CFG_FAILED [chars]: wd_config_init failed, error: [chars] Explanation wd_config_init failed due to sysdb intialization problem. Recommended Action Collect all logs, especially those from wdsysmon. Also collect output from ’show watchdog trace’. Forward the messages to technical support. Error Message %HA-HA_WD-4-DISK_ALARM [chars] [chars] Explanation Set: When some monitored disk’s usage is above 80%. Cleared: When all monitored disks’ usage are below 80%. Recommended Action The indicated disk device may be running out of space. Determine if there are unneeded files on the disk. Error Message %HA-HA_WD-4-DISK_WARN A monitored device [chars] is above [dec]% utilization. Current utilization equals [dec]. Please remove unwanted user files and configuration rollback points. Explanation When some monitored disk’s usage is above 80%. Recommended Action The indicated disk device may be running out of space. Determine if there are unneeded files on the disk. Error Message %HA-HA_WD-4-DSC_REG_FAILED [chars]: Failed to register for DSC event with sysmgr, error: [chars] Explanation sysmgr_register_lr_event failed to register for DSC notification event Recommended Action Collect all logs, especially those from wdsysmon. Also collect output from ’show watchdog trace’. Forward the messages to technical support. High Availability (HA) Messages HA_WD Messages EM-294 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-4-FD_MAJ_LIM Process [chars], pid [dec] is using [dec] file descriptors out of a max of [dec]. Major limit ([dec]%) crossed. Explanation A process is potentially leaking FDs. Major limit has been crossed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-4-FD_MIN_LIM Process [chars], pid [dec] is using [dec] file descriptors out of a max of [dec]. Minor Limit ([dec]%) crossed. Explanation A process is potentially leaking FDs. Minor limit has been crossed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-4-FD_NORMAL_LIM Process [chars], pid [dec], is now using [dec] file descriptors. Status is Normal Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-4-MEM_POLL [chars]: Failed to poll for memory usage: [chars] Explanation An error was encountered during wdsysmon’s poll for system memory usage. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-4-MEMORY_ALARM Memory threshold crossed: [chars] with [unsigned int].[unsigned int]MB free Explanation Set: Free memory on this node is below the reported threshold. Clear: Free memory is above the MINOR theshold. In both cases, the amount of free memory in megabytes is reported. Recommended Action Investigate memory usage on this node. It may be necessary to unconfigure some applications or move them to a different node. In the case of memory leaks, technical support may need to be contacted. High Availability (HA) Messages HA_WD Messages EM-295 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-4-MEMORY_LIMIT_EXCEEDED Process [chars][[dec]] (pid [dec]) has exceeded its memory limit:[dec] kbytes of heap allowed, [dec] kbytes of heap used. (Info:[dec] kbytes of virtual shared memory used). Explanation The process with the indicated name and pid has allocated more memory than its memory limit allows. The process will be restarted. Recommended Action The system will collect data about the process before it is killed. Collect this data and forward it to technical support. Most likely, there is a memory leak in the process. Error Message %HA-HA_WD-4-MEMORY_STATE_CHANGE New memory state: [chars] Explanation The free memory state of this node has changed to the indicated state. Recommended Action If the free memory state is Severe or Critical, investigate memory usage on this node. It may be necessary to unconfigure some applications or move them to a different node. In the case of memory leaks, technical support may need to be contacted. Error Message %HA-HA_WD-4-TOP_MEMORY_USER_WARNING [dec]: Process Name: [chars][[dec]], pid: [dec][chars], Heap usage [dec] Kbytes, Virtual Shared memory usage: [dec] Kbytes. Explanation This process is one of the top memory users in the system. If the system reaches critical memory exhaustion, this process is subject to restart or termination. If the process is listed as ’Killed’, then the system is in the process of recovering the resources used by the process. Recommended Action Collect system log information. Contact technical support if the problem is not a misconfiguration. Error Message %HA-HA_WD-4-TOP_MEMORY_USERS_WARNING Top [dec] consumers of system memory ([dec] Kbytes free): Explanation This message is emitted when system memory usage crosses a threshold in the direction of increasing memory exhaustion. The top memory users will follow in the next messages. There may be a memory leak or misconfiguration. Recommended Action Collect the data from the following messages and attempt to determine what is driving memory usage. Forward the messages to technical support. High Availability (HA) Messages HA_WD Messages EM-296 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-4-TOP_SHMEM_USER_WARNING [dec]: File/Directory Name: [chars], Kbytes used: [dec]. Explanation This process is one of the top sharedmemory users in the system. If the system reaches critical memory exhaustion, this process is subject to restart or termination. If the process is listed as ’Killed’, then the system is in the process of recovering the resources used by the process. Recommended Action Collect system log information. Contact technical support if the problem is not a misconfiguration. Error Message %HA-HA_WD-4-TOP_SHMEM_USERS_WARNING Top [dec] consumers of shared memory ([dec] Kbytes free): Explanation This message is emitted when system memory usage crosses a threshold in the direction of increasing memory exhaustion. The top shared memory users will follow in the next messages. There may be a memory leak or misconfiguration. Recommended Action Collect the data from the following messages and attempt to determine what is driving memory usage. Forward the messages to technical support. Error Message %HA-HA_WD-5-NO_TIMEOUT All registered event managers on this node are sending heartbeats. Explanation All event managers are now sending keep alive messages as expected. Recommended Action The debugging information collected when an event manager stopped sending heartbeats should be examined and provided to technical support for analysis. Error Message %HA-HA_WD-5-TIMEOUT Event manager from process [chars][[dec]] created by thread [dec] at [chars] is not sending heartbeats. Explanation A timeout occurred waiting to hear from an event manager. This could happen as a result of a process being deadlocked on another event. Recommended Action Wdsysmon has detected that an event manager is no longer sending keepalive heartbeats. The message provides information about where the event manager was created. A debug script will run and collect information about the process and the state of the router. The output will be in a directory [/disk1:|/disk0:|/bootflash:|/tmp]/wdsysmon_debug/debug.* High Availability (HA) Messages HA_WD Messages EM-297 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-5-TIMEOUT_CANCELLED Event manager from process [chars][[dec]] created by thread [dec] at [chars] is not sending heartbeats. Explanation An event manager has resumed sending heartbeats. This happens when a condition that caused the hang is cleared. Recommended Action The debugging information collected when the event manager stopped sending heartbeats should be examined and provided to technical support for analysis. Error Message %HA-HA_WD-5-TIMEOUT_EXIT Process [chars] with event manager not sending heartbeats has exited. Explanation A process with an event manager that was not sending heartbeats has exited. Recommended Action The debugging information collected when the event manager stopped sending heartbeats should be examined and provided to technical support for analysis. Error Message %HA-HA_WD-6-CPU_HOG_1 CPU hog: cpu [dec]’s sched count is [dec]. Explanation Wdsysmon has detected a cpu starvation situation - potentially a high priority process spinning in a tight loop. The sched count is the number of times the wdsysmon ticker thread has been scheduled since the last time the wdsysmon watcher thread ran. Recommended Action Check the system status, including the saved log for evidence of a high priority cpu hog. Error Message %HA-HA_WD-6-CPU_HOG_2 CPU hog: cpu [dec]’s ticker last ran [dec].[dec] seconds ago. Explanation Wdsysmon has detected a cpu starvation situation - potentially a high priority process spinning in a tight loop. Recommended Action Check the system status, including the saved log for evidence of a high priority cpu hog. Error Message %HA-HA_WD-6-CPU_HOG_3 Rolling average of scheduling times: [dec].[dec]. Explanation Wdsysmon has detected a cpu starvation situation - potentially a high priority process spinning in a tight loop. A high value for the rolling average indicates that a periodic process is not being scheduled. Recommended Action Check the system status, including the saved log for evidence of a high priority cpu hog. High Availability (HA) Messages HA_WD Messages EM-298 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-6-CPU_HOG_4 Process [chars] pid [dec] tid [dec] prio [dec] using [dec]% is the top user of CPU. Explanation This message is displayed after the CPU hog detector trips. It shows the percentage of CPU used by the busiest thread in the top consumer of CPU. Recommended Action The command ’show watchdog trace’ will display additional information about the potential CPU hog. If the hog is persistant, contact technical support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-6-DISK_NORMAL Device [chars] usage [dec]. Explanation When all monitored disks’ usage are below 80%. Recommended Action The indicated disk device may be running out of space. Determine if there are unneeded files on the disk. Error Message %HA-HA_WD-6-DISK_UNMONITOR Alarmed disk [chars] is no longer monitored Explanation Wdsysmon has been told to stop monitoring the indicated device, even though the disk is above 90% utilization. Recommended Action If the disk is used for critical tasks, monitor the disk usage and take corrective action. Error Message %HA-HA_WD-6-GI_FILES_CREATED New dump files created in [chars] Explanation Information captured by various modules and stored in bootflash during a previous reset has been moved to hard disk. Recommended Action Examine the dump information for possible root-cause for a previous reset. Use the wd_test utility. Error Message %HA-HA_WD-6-IN_DEP_LIST Process [chars] pid [dec] is present in Dependency List and will not be killed. Explanation This message is emitted if the misbehaving process is one that wdsysmon depends on. It will not be terminated. Recommended Action The command ’show watchdog trace’ will display additional information about the process. Forward this information to technical support. High Availability (HA) Messages HA_WD Messages EM-299 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-6-KNOWN_HOG Top CPU user process [chars] pid [dec] is a known hog. Explanation This message is emitted if the top CPU user is known to use substantial CPU under some circumstances. Recommended Action The command ’show watchdog trace’ will display additional information about the potential CPU hog. If the hog is persistant, contact technical support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-6-MEMORY_RECOVERY_DISABLED Node physical memory 256MB Explanation This node is not configured with sufficient memory to enable memory recovery support. Recommended Action Re-configure this node with more physical memory Error Message %HA-HA_WD-6-MEMORY_RECOVERY_KILL_NON_SYSMGR Process [chars] (pid [dec]) not managed by sysmgr using [dec] kbytes of heap memory will be killed and not restarted.(Info:[dec] kbytes of virtual shared memory). Explanation The process with the indicated name and pid has been killed in an attempt to recover system memory. Since this process is not managed by sysmgr, it may not be restarted. The process can be manually restarted if desired, but may continue to consume large amounts of memory. Recommended Action The system is critically short of memory. Automatic recovery will attempt to stabilize the system, but there is either a memory leak or a misconfiguration. Both require operator intervention. Error Message %HA-HA_WD-6-MEMORY_RECOVERY_KILL_SYSMGR Process [chars][[dec]] (pid [dec]) (managed by sysmgr) using [dec] kbytes of heap memory will be killed and not restarted.(Info:[dec] kbytes of virtual shared memory). Explanation The sysmgr process with the indicated name and pid has been killed in an attempt to recover system memory. The process can be manually restarted if desired, but may continue to consume large amounts of memory. Recommended Action The system is critically short of memory. Automatic recovery will attempt to stabilize the system, but there is either a memory leak or a misconfiguration. Both require operator intervention. High Availability (HA) Messages HA_WD Messages EM-300 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-6-MEMORY_RECOVERY_RESTART Process [chars][[dec]] (pid [dec]) using [dec] kbytes of heap memory will be restarted. (Info:[dec] kbytes of virtual shared memory). Explanation The sysmgr process with the indicated name and pid has been restarted in an attempt to recover system memory. Recommended Action The system is critically short of memory. Automatic recovery will attempt to stabilize the system, but there is either a memory leak or a misconfiguration. Both require operator intervention. Error Message %HA-HA_WD-6-PROC_KILL_DISABLED [chars]: Process-terminate disabled. Pid [dec] will not be terminated Explanation wdsysmon process-termination is disabled. A process which meets the kill criteria (either because it’s in deadlock, or it’s a memory or CPU hog - indicated by the first parameter [%d]) will not be terminated. Recommended Action Collect all logs, especially those from wdsysmon. Also collect output from ’show watchdog trace’. Forward the messages to technical support. Error Message %HA-HA_WD-6-TOP_MEMORY_USER_INFO [dec]: Process Name: [chars][[dec]], pid: [dec][chars], Heap usage: [dec] kbytes, Virtual Shared memory usage: [dec] kbytes. Explanation This process is one of the top memory users in the system. If the system reaches critical memory exhaustion, this process is subject to restart or termination. If the process is listed as ’Killed’, then the system is in the process of recovering the resources used by the process. Recommended Action Collect system log information. Contact technical support if the problem is not a misconfiguration. Error Message %HA-HA_WD-6-TOP_MEMORY_USERS_INFO Top [dec] consumers of system memory ([dec] Kbytes free): Explanation This message is emitted when system memory usage crosses a threshold in the direction of increasing memory exhaustion. The top memory users will follow in the next messages. There may be a memory leak or misconfiguration. Recommended Action Collect the data from the following messages and attempt to determine what is driving memory usage. Forward the messages to technical support. High Availability (HA) Messages HA_WD Messages EM-301 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-6-TOP_SHMEM_USER_INFO [dec]: File/Directory Name: [chars], Kbytes used: [dec]. Explanation This process is one of the top sharedmemory users in the system. If the system reaches critical memory exhaustion, this process is subject to restart or termination. If the process is listed as ’Killed’, then the system is in the process of recovering the resources used by the process. Recommended Action Collect system log information. Contact technical support if the problem is not a misconfiguration. Error Message %HA-HA_WD-6-TOP_SHMEM_USERS_INFO Top [dec] consumers of shared memory ([dec] Kbytes free): Explanation This message is emitted when system memory usage crosses a threshold in the direction of increasing memory exhaustion. The top shared memory users will follow in the next messages. There may be a memory leak or misconfiguration. Recommended Action Collect the data from the following messages and attempt to determine what is driving memory usage. Forward the messages to technical support. Error Message %HA-HA_WD-7-CISCOSHMEM [chars]: [chars] Explanation Mapping to shared memory provided by cisco_wrapper failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-CLINFO_GET_DATUM [chars]: could not get an application datum associated with the channel: [chars] Explanation An internal error was detected when trying to retrieve an application datum associated with the given channel handler. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-302 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-7-CLINFO_M_PID [chars]: could not get process id from message information: [chars] Explanation An internal error was detected when trying to get process id from the information of a message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-CLINFO_SAVE_DATUM [chars]: could not save an application datum associated with the channel: [chars] Explanation An internal error was detected when trying to save an application datum associated with the given channel handler. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-CLINFO_UNHOLD [chars]: could not decrement the hold count of the client info data: [chars] Explanation An internal error was detected when trying to decrement the hold count of the client info data of a synchronous message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-CONTEXT_CREATE [chars]: Failed to create notification context: [chars] Explanation During registration for memory notification, an internal error prevented the creation of an internal context structure. The calling function and detected error are displayed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-303 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-7-GET_EVM_CTX_BY_TIMER [chars]: could not find the event manager context by timeout timer [pointer] Explanation An internal error was detected when trying to find the event manager context by the given timeout timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-MSG_CHAN_CONNECT [chars]: could not connect to the message channel [chars]: [chars] Explanation An internal error was detected when attaching a handler for an Event Manager asynchronous event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-MSG_CHAN_DISCONN [chars]: could not disconnect a message channel: [chars] Explanation An internal error was detected when trying to disconnect a message channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-MSG_SEND [chars]: could not send the message: [chars] Explanation An internal error was detected when trying to send a message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HA_WD Messages EM-304 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-7-MSG_SEND_EVENT [chars]: could not send the sigevent: [chars] Explanation An internal error was detected when trying to send a sigevent to the client that last sent a message on the connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-MSG_TYPE [chars]: unknown message type [dec] Explanation A message with an unknown type was received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-NO_MEM [chars]: not enough memory: [chars] Explanation Allocating memory failed due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %HA-HA_WD-7-SCHED_GET_PRIORITY_MAX [chars]: The sched_get_priority_max() function returned an error; [chars] Explanation The sched_get_priority_max() function returned an error which is indicated in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-SCHED_SETSCHEDULER [chars]: The sched_setscheduler() function returned an error; [chars] Explanation The sched_setscheduler() function returned an error which is indicated in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages HM Messages EM-305 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HA_WD-7-SYSCALL [chars]: [chars](): [chars] Explanation A system call failed. The calling function, the failed call, and error are displayed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HA_WD-7-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. HM Messages Error Message %HA-HM-3-FPING_ERROR [chars] Explanation HA Health Monitor Fabric ping failed Recommended Action Shelf Manager should receive a critical alarm from HA Health Monitor for this error. The node should be reset by Shelf Manager. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HM-3-FPING_MISMATCH [chars] Explanation HA Health Monitor Fabric ping failed. When a received ping response does not match the transmitted ping, this indicates some kind of cell corruption or cell loss in the fabric or edges of the fabric. Recommended Action If problem persist, it indicates the bad hw in the system. Please contact TAC for fault isolation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages IRM_CHKPT Messages EM-306 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-HM-4-ERROR_INIT [chars], reason: [chars] Explanation HA Health Monitor failed to initialize due to internal software errors Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process hm location ’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart hm location ’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-HM-4-FPING_INCOMPLETE HM fabric ping only completed [unsigned int] of [unsigned int] pings (ret equals [hex]) Explanation HA Health Monitor Fabric ping test sequence failed to complete. If there were any errors before it got disrupted, then these are reported separately. The test will be restarted again at next HM fping interval. If there are no other errors reported, this warning is rarely a cause for concern, unless it very frequently causes only a partial set of HM fabric pings to be completed. Recommended Action No action is required because HA Health Monitor will retry Fabric ping again Error Message %HA-HM-4-FPING_RETRY_ERROR Fabric ping test failed for attempt: [dec], Node will be reset after [dec] retries Explanation HA Health Monitor Fabric ping failed but will retry again Recommended Action No action is required because HA Health Monitor will retry Fabric ping again IRM_CHKPT Messages Error Message %HA-IRM_CHKPT-7-INIT_ERROR initialization error: [chars]: [dec] ([chars]) Explanation An error was encountered during intialization of the checkpoint library. The message should indicate the error condition. This is most likely due to a coding error. Recommended Action No action is required.High Availability (HA) Messages LRD_inv Messages EM-307 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LRD_inv Messages Error Message %HA-LRD_inv-3-BAG_REGISTRATION Unable to register LRd’s bag structures. ’[chars]’ Explanation LRd was unable to register bag structures. Recommended Action Contact support. Error Message %HA-LRD_inv-3-BAG_REGISTRATION Unable to register LRd’s bag structures. ’[chars]’ Explanation LRd was unable to register bag structures. Recommended Action Contact support. Error Message %HA-LRD_inv-3-BAG_REGISTRATION Unable to register LRd’s bag structures. ’[chars]’ Explanation LRd was unable to register bag structures. Recommended Action Contact support. Error Message %HA-LRD_inv-3-BAG_REGISTRATION Unable to register LRd’s bag structures. ’[chars]’ Explanation LRd was unable to register bag structures. Recommended Action Contact support. Error Message %HA-LRD_inv-3-MEM_ALLOC_FAIL Failed to allocated [dec] bytes of memory: [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Contact TAC. High Availability (HA) Messages LRD_inv Messages EM-308 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-3-MEM_ALLOC_FAIL Failed to allocated [dec] bytes of memory: [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Contact TAC. Error Message %HA-LRD_inv-3-MEM_ALLOC_FAIL Failed to allocated [dec] bytes of memory: [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Contact TAC. Error Message %HA-LRD_inv-3-MEM_ALLOC_FAIL Failed to allocated [dec] bytes of memory: [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Contact TAC. Error Message %HA-LRD_inv-3-MEM_ALLOC_FAIL Failed to allocated [dec] bytes of memory: [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Contact TAC. Error Message %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact support. Error Message %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact support. High Availability (HA) Messages LRD_inv Messages EM-309 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact support. Error Message %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact support. Error Message %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact TAC. Error Message %HA-LRD_inv-3-MSG_INVENTORY_FWD Error forwarding inventory: ’[chars]’ Explanation LRd was unable to read or write information needed to forward inventory in Admin space to the LR Plane. Recommended Action Contact support. Error Message %HA-LRD_inv-3-MSG_INVENTORY_FWD Error forwarding inventory: ’[chars]’ Explanation LRd was unable to read or write information needed to forward inventory in Admin space to the LR Plane. Recommended Action Contact support. Error Message %HA-LRD_inv-3-MSG_INVENTORY_FWD Error forwarding inventory: ’[chars]’ Explanation LRd was unable to read or write information needed to forward inventory in Admin space to the LR Plane. Recommended Action Contact support. High Availability (HA) Messages LRD_inv Messages EM-310 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-3-MSG_INVENTORY_FWD Error forwarding inventory: ’[chars]’ Explanation LRd was unable to read or write information needed to forward inventory in Admin space to the LR Plane. Recommended Action Contact support. Error Message %HA-LRD_inv-3-REDUNDANCY_STATE Unrecognized redundancy state [dec] Explanation LRd doesn’t recognize redundancy state. Recommended Action Contact TAC. Error Message %HA-LRD_inv-3-REDUNDANCY_STATE Unrecognized redundancy state [dec] Explanation LRd doesn’t recognize redundancy state. Recommended Action Contact support. Error Message %HA-LRD_inv-3-REDUNDANCY_STATE Unrecognized redundancy state [dec] Explanation LRd doesn’t recognize redundancy state. Recommended Action Contact support. Error Message %HA-LRD_inv-3-REDUNDANCY_STATE Unrecognized redundancy state [dec] Explanation LRd doesn’t recognize redundancy state. Recommended Action Contact support. Error Message %HA-LRD_inv-3-REDUNDANCY_STATE Unrecognized redundancy state [dec] Explanation LRd doesn’t recognize redundancy state. Recommended Action Contact support. High Availability (HA) Messages LRD_inv Messages EM-311 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-3-SYSDB_ITEM_ERROR sysdb_item_[chars]([chars]) returned ’[chars]’ Explanation SysDB returned an error to LRd. Recommended Action Contact support. Error Message %HA-LRD_inv-3-SYSDB_ITEM_ERROR sysdb_item_[chars]([chars]) returned ’[chars]’ Explanation SysDB returned an error to LRd. Recommended Action Contact support. Error Message %HA-LRD_inv-3-SYSDB_ITEM_ERROR sysdb_item_[chars]([chars]) returned ’[chars]’ Explanation SysDB returned an error to LRd. Recommended Action Contact support. Error Message %HA-LRD_inv-3-SYSDB_ITEM_ERROR sysdb_item_[chars]([chars]) returned ’[chars]’ Explanation SysDB returned an error to LRd. Recommended Action Contact support. Error Message %HA-LRD_inv-4-CANT_FIND_DSC LR Daemon library could not find the dSC. Explanation LRdlib could not find the designated Shelf Controller. Recommended Action Collect system log information. No action is required. Error Message %HA-LRD_inv-4-CANT_FIND_DSC LR Daemon library could not find the dSC. Explanation LRdlib could not find the dSC. Recommended Action Collect system log information. No action is required. High Availability (HA) Messages LRD_inv Messages EM-312 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-4-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %HA-LRD_inv-4-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %HA-LRD_inv-4-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %HA-LRD_inv-4-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %HA-LRD_inv-4-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. High Availability (HA) Messages LRD_inv Messages EM-313 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-6-NON_DRP_PRIMARY WARNING: A node with unknown type or a non RP/DRP node [chars] is used as primary for SDR Explanation This is an informational message output during SDR configuration commit time only if a non-RP or non-DRP node is being assigned as primary to the SDR. Please note that if the node is not in IOX-RUN state, it’s node type will not be determined. Recommended Action Verify the card type in the slot being configured as primary for the SDR. If not a DRP or RP card, please replace with valid card type. Error Message %HA-LRD_inv-6-NON_DRP_PRIMARY WARNING: A node with unknown type or a non RP/DRP node [chars] is used as primary for SDR Explanation This is an informational message output during SDR configuration commit time only if a non-RP or non-DRP node is being assigned as primary to the SDR. Please note that if the node is not in IOX-RUN state, it’s node type will not be determined. Recommended Action Verify the card type in the slot being configured as primary for the SDR. If not a DRP or RP card, please replace with valid card type. Error Message %HA-LRD_inv-6-NON_DRP_PRIMARY WARNING: A node with unknown type or a non RP/DRP node [chars] is used as primary for SDR Explanation This is an informational message output during SDR configuration commit time only if a non-RP or non-DRP node is being assigned as primary to the SDR. Please note that if the node is not in IOX-RUN state, it’s node type will not be determined. Recommended Action Verify the card type in the slot being configured as primary for the SDR. If not a DRP or RP card, please replace with valid card type. Error Message %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING LRd has reset the DRP ’[dec]’ to accomodate new pairing configuration. Explanation The DRP pairing configuration was changed. The card entering or leaving the pair needs to be reset in order to accomodate the new configuration. Recommended Action None. High Availability (HA) Messages LRD_inv Messages EM-314 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING LRd has reset the DRP ’[dec]’ to accomodate new pairing configuration. Explanation The DRP pairing configuration was changed. The card entering or leaving the pair needs to be reset in order to accomodate the new configuration. Recommended Action None. Error Message %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING LRd has reset the DRP ’[dec]’ to accomodate new pairing configuration. Explanation The DRP pairing configuration was changed. The card entering or leaving the pair needs to be reset in order to accomodate the new configuration. Recommended Action None. Error Message %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING LRd has reset the DRP ’[dec]’ to accomodate new pairing configuration. Explanation The DRP pairing configuration was changed. The card entering or leaving the pair needs to be reset in order to accomodate the new configuration. Recommended Action None. Error Message %HA-LRD_inv-6-RESET_CARD_LR_CHANGE LRd has reset the card in slot ’[dec]’ because it was assigned to a new LR. Explanation The DRP pairing configuration was changed. The card entering or leaving the pair needs to be reset in order to accomodate the new configuration. Recommended Action None. Error Message %HA-LRD_inv-6-UNPAIRED_DRP WARNING: A unpaired DRP node [chars] is being added as primary to SDR Explanation This is an informational message output during SDR configuration commit time only if an unpaired DRP node is being assigned to an SDR. Recommended Action *none* High Availability (HA) Messages LRD Messages EM-315 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD_inv-6-UNPAIRED_DRP WARNING: A unpaired DRP node [chars] is being added as primary to SDR Explanation This is an informational message output during SDR configuration commit time only if an unpaired DRP node is being assigned to an SDR. Recommended Action *none* Error Message %HA-LRD_inv-6-UNPAIRED_DRP WARNING: A unpaired DRP node [chars] is being added as primary to SDR Explanation This is an informational message output during SDR configuration commit time only if an unpaired DRP node is being assigned to an SDR. Recommended Action *none* LRD Messages Error Message %HA-LRD-2-EVENTATTACHFAIL event attach failure. Explanation The LR Daemon encountered an error when registering for synchronous or asynchronous events. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %HA-LRD-2-SYSMGR_GET_NODE_STATE sysmgr get node state failure: [chars]. Explanation sysmgr_get_node_state failed. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %HA-LRD-2-SYSMGR_REGISTER node role change registration with sysmgr failed: [chars]. Explanation sysmgr_register_node_state_change_evm failed. Recommended Action If any of these messages recur, call your technical support representative for assistance. High Availability (HA) Messages LRD Messages EM-316 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD-3-BAG_REGISTRATION Unable to register LRd’s bag structures. ’[chars]’ Explanation LRd was unable to register bag structures. Recommended Action Contact support. Error Message %HA-LRD-3-MEM_ALLOC_FAIL Failed to allocated [dec] bytes of memory: [chars] Explanation The requested operation could not be accomplished because of a low memory. Recommended Action Contact TAC. Error Message %HA-LRD-3-MSG_CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact support. Error Message %HA-LRD-3-MSG_INVENTORY_FWD Error forwarding inventory: ’[chars]’ Explanation LRd was unable to read or write information needed to forward inventory in Admin space to the LR Plane. Recommended Action Contact support. Error Message %HA-LRD-3-REDUNDANCY_STATE Unrecognized redundancy state [dec] Explanation LRd doesn’t recognize redundancy state. Recommended Action Contact support. Error Message %HA-LRD-3-SYSDB_ITEM_ERROR sysdb_item_[chars]([chars]) returned ’[chars]’ Explanation SysDB returned an error to LRd. Recommended Action Contact support. High Availability (HA) Messages LRD Messages EM-317 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-LRD-4-CANT_FIND_DSC LR Daemon library could not find the dSC. Explanation LRdlib could not find the dSC. Recommended Action Collect system log information. No action is required. Error Message %HA-LRD-4-HEADLESS_SDR_STATE Headless SDR condition detected, reloading local node. Explanation Headless SDR condition was detected. The local card is being reset. This is not necessarily an error condition! Recommended Action Make sure the dSDRSC is up. Error Message %HA-LRD-4-SDR_PLANE_READY_TIMEOUT Signalling SDR Plane Ready for SDR [chars] ([dec]) (mgmt nodes [dec] of [dec] are NOT READY yet) -[chars] Explanation SDR Plane ready is being signalled due to SDR plane ready timeout. Recommended Action Contact TAC. Error Message %HA-LRD-4-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %HA-LRD-4-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %HA-LRD-6-LATE_MGMT_NODE Management node [hex] in SDR [chars] ([dec]) is READY after SDR Plane Ready is signalled Explanation A management node in the specified SDR came up after SDR Plane ready for that SDR was signalled. Recommended Action Contact TAC.High Availability (HA) Messages REDCON_CLIENT Messages EM-318 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 REDCON_CLIENT Messages Error Message %HA-REDCON_CLIENT-3-ERROR [chars]: [chars]: [hex]: [chars] Explanation A redcon client API failed in the indicated function, for the specified reason. Recommended Action Collect the function name and traceback information and forward to your next level of technical support. No action is required. Error Message %HA-REDCON_CLIENT-7-MSG_SEND [chars]: Failed to send [chars] message to redcon: [hex]: [chars] Explanation An attempt to send a message to the redcon server failed with the specified reason. It may be the case that redcon had been restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. REDCON Messages Error Message %HA-REDCON-1-STANDBY_NOT_READY standby card is NOT ready Explanation Redcon has determined that the standby card is NOT ready because of the failure of one or more events the prevent it from being in-sync with the active card. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-1-STANDBY_READY standby card is ready Explanation Redcon has determined that the standby card is ready to take over as active card if it needs to. Recommended Action No action is required. High Availability (HA) Messages REDCON Messages EM-319 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-REDCON-3-DRIVER_INIT_FAILED initilization of the redundancy driver failed after [dec] attempts Explanation Redcon has attempted to call the platform-specific redundancy driver initialization function, but the call failed after several attempts. Recommended Action No action is required. Error Message %HA-REDCON-3-PCDS_INIT_FAILED Redcon unable to register with PCDS infrastructure. Explanation An unexpected error condition encountered. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-3-UNEXPECTED_ERROR Unexpected: [chars]: [chars]: [hex] Explanation An unexpected error condition encountered. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-FAILOVER_DISABLED Failover has been disabled by config Explanation Redcon has notified the card failover has been disabled by the configuration. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-FAILOVER_REQUESTED failover has been requested by operator, waiting to initiate Explanation Redcon on the active card has been told to failover by request Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-SRP_NR_CLIENT_UNREG client not registered to set SRP not ready : [chars] Explanation An unexpected error condition encountered. Recommended Action Collect system log information. No action is required. High Availability (HA) Messages REDCON Messages EM-320 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-REDCON-4-SRP_NR_REASON_UNREG client ([unsigned int],[chars]) is using unregistered reason string to set SRP not ready: [chars] Explanation An unexpected error condition encountered. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-STANDBY_NOT_READY_ALARM [chars] Explanation Set: When the standby remains in not ready state for a prolonged period. Cleared: When the standby is removed, reset or goes ready. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-STANDBY_NOT_READY_REASON JID [dec], node [chars], process [chars] set the standby not ready: [chars] Explanation The named process has set the standby in a not ready state with the supplied reason. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-STBY_ACTIVE_NOT_READY Notice to go active: Card not ready and will be reset Explanation Redcon attempted to go active without the card ready - reset card Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-STBY_CONN_RETRY Connection to [chars] failed - retrying... Explanation Redcon failed to establish a connection to redcon on the standby card. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-4-STBY_FORCE_GO_ACTIVE Notice to go active: Not ready but forced failover has been allowed Explanation Redcon has been forced to go active even though the card is not ready. Recommended Action Collect system log information. No action is required. High Availability (HA) Messages REDCON Messages EM-321 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-REDCON-6-GO_ACTIVE this card going active Explanation The card is going active. Recommended Action No action is required. Error Message %HA-REDCON-6-GO_STANDBY this card going standby Explanation The card is going standby. Recommended Action No action is required. Error Message %HA-REDCON-6-STANDBY_CONNECTION_DOWN connection to standby card is DOWN Explanation Redcon has determined that the connection to the standby card has gone down. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-6-STANDBY_CONNECTION_UP connection to standby card is UP Explanation Redcon has determined that the connection to the standby card has been succesfully completed. Recommended Action No action is required. Error Message %HA-REDCON-6-STBY_STANDBY_NOT_READY This card is standby and is NOT ready Explanation Redcon has determined that the standby card is NOT ready because of the failure of one or more events the prevent it from being in-sync with the active card. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-6-STBY_STANDBY_READY This card is standby and is ready Explanation Redcon has determined that the standby card is ready to take over as active card if it needs to. Recommended Action No action is required. High Availability (HA) Messages REDSTATS Messages EM-322 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-REDCON-7-FAILOVER_ENABLED Failover has been enabled by config Explanation Redcon has notified the card failover has been enabled by the configuration. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-7-MSG_SEND_FAILED msg_send [chars] failed [chars] [dec] Explanation Redcon attempted to call msg_send but it failed. Recommended Action Collect system log information. No action is required. Error Message %HA-REDCON-7-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. REDSTATS Messages Error Message %HA-REDSTATS-3-SERVICE_CREATE Failed to create thread for service [dec], name [chars]: [chars] Explanation The system failed to create the thread that provides the indicated service. This is a fatal error for redstatsd. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-REDSTATS-7-SYSCALL [chars]: [chars](): [chars] Explanation A system call failed. The calling function, the failed call, and error are displayed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. High Availability (HA) Messages WD_STAT_PUB Messages EM-323 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %HA-REDSTATS-7-UNEXPECTED Unexpected: [chars]: [hex] : [chars] Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. WD_STAT_PUB Messages Error Message %HA-WD_STAT_PUB-3-SHM_EDM_ERR [chars]: [chars], ([unsigned int]) Explanation A shared memory for statistics area might be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-WD_STAT_PUB-3-SHM_ERR [chars]: [chars], version: [unsigned int], magic: [hex] Explanation A shared memory for statistics area might be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-WD_STAT_PUB-3-SHMEM [chars]: Error. initializing shared memory. ([chars]) Explanation Failed to initialize the shared memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %HA-WD_STAT_PUB-7-SYSCALL [chars]: [chars](): [chars] Explanation A system call failed. Error reason will be displayed on the console. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.High Availability (HA) Messages WD_STAT_PUB Messages EM-324 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-325 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Installation Messages This section contains all installation related System Error Messages. BOOTVAR Messages Error Message %INSTALL-BOOTVAR-7-CANT_OPEN Unable to open boot variable file ’[chars]’, error: [chars] Explanation Either the NVRAM file system is in error, or the boot-variable infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be opened, so processing of the operation will halt. The boot variables may not be available to the system. Recommended Action Check NVRAM filesystem. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-BOOTVAR-7-CANT_WRITE Unable to write boot variable ’[chars] equals [chars]’, error: [chars] Explanation Either the NVRAM file system is in error, or the boot-variable infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be written to, so processing of the operation will halt. The boot variables may not be available to the system. Recommended Action Check NVRAM filesystem. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages BOOTVAR Messages EM-326 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-BOOTVAR-7-CERR_REGISTER_DLL Could not register DLL ’[chars]’ with error services: [chars] Explanation The error services failed to register the errors of the specified DLL. The system will continue to operate, but error or warning messages displayed to the customer may not be complete. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-BOOTVAR-7-INVALID_ARG Invalid parameter ([chars]) passed to boot-variable infrastructure Explanation An internal error has occurred in an application that has caused it to pass invalid data to the boot-variable infrastructure. The operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-BOOTVAR-7-NULL_PTR Unexpected NULL ptr passed to boot-variable infrastructure Explanation An internal error has occurred in an application that has caused it to pass invalid data to the boot-variable infrastructure. The operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-BOOTVAR-7-VAR_TOO_BIG Unable to write boot variable ’[chars] equals [chars]’. [dec] byte write buffer exhausted. Explanation Boot variable has exceeded the maximum size. Recommended Action Reduce size of boot variable. e.g., remove extra boot system commands, and try again. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Installation Messages FC Messages EM-327 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FC Messages Error Message %INSTALL-FC-3-FW_OPERATION_ERROR [chars] Explanation Errors from the fw server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-FC-6-FW_OPERATION_INFO [chars] Explanation Information about the firmware client operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-FC-6-FWFILE_COPY_INFO Destination path of the file: [chars], Bytes of file copied: [dec] bytes, Time for copying file: [dec] miliseconds, MD5 of the file on destination: [chars] File Tranfer rate: [dec] bytes/millisecond Explanation Information about the firmware file that is copied by the firmware client Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-FC-6-FWFILE_INFO Local access path of the file: [chars], Size of the file: [dec] Bytes, MD5 of the file: [chars], Access to the file: [chars], This file is being: [chars] Explanation Information about the firmware file that is impacted by the install Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Installation Messages INST_IO Messages EM-328 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 INST_IO Messages Error Message %INSTALL-INST_IO-3-INTERNALERR Internal error: [chars]: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INST_IO-7-DEVICE_FULL Device ’[chars]’ is full. Remove all non-critical files and reload the node. Explanation An attempt to open or write to a file on the specified device failed because the device had insufficient free space. The node may be in an inconsistent state due to a missing or truncated file; check for other messages from applications. Remove non-critical files, such as core files and user-created files, and reload the node to re-sync its files. If this is a management node such as an RP, consider using ’install remove’ to free up space by removing inactive packages. Recommended Action This indicates a low resource condition. Remove non-critical files, such as core files and user-created files, and reload the node to re-sync its files. If problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INSTDIR_INVENTORY Messages Error Message %INSTALL-INSTDIR_INVENTORY-7-LTRACE_INIT Could not register tracing, error: [chars] Explanation Failed to register ltrace context structure. Tracing will not be functioning properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-329 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTDIR_INVENTORY-7-NULL_PTR Unexpected null pointer passed to the Install infrastructure Explanation A client of the Install infrastructure passed a NULL pointer. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INSTHELPER Messages Error Message %INSTALL-INSTHELPER-3-DSDRSC_UNAVAILABLE_FOR_SW_DWNLD The dSDRSC was unavailable for downloading software from. Explanation The node requires software that is only available on the dSDRSC. It cannot continue booting until the dSDRSC becomes available. If this node is supposed to become the dSDRSC then it is missing software that it requires to operate. Recommended Action Wait for the dSDRSC to become available. If this node is supposed to become the dSDRSC then it is missing software that it requires to operate in which case the node should be moved into the Owner SDR and then recarved into a separate SDR. Error Message %INSTALL-INSTHELPER-3-EXIT_ERROR Insthelper encountered a fatal error condition, and is exiting: Error value equals [hex], Error string equals ([chars]) Explanation Insthelper encountered a fatal error condition, and cannot proceed. Check the error value and error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-3-FAILED_MDR_NODE Insthelper was unable to warm-reload the node, error: [chars]. Going ahead to cold-reload the node Explanation The installation required a warm-reload of the node, but the warm-reload failed. The install will be effected by a cold reload of the node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-330 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-3-FAILED_PKG_DOWNLOAD Insthelper failed to download package ’[chars]’, error: [chars]. Explanation Insthelper was unable to download the package. The node may come up as a dSDRSC successfully without this package (only possible if the package is not an active package) in which case this package will not be present on that SDR, and should be added if required. Recommended Action If the node does not come up then this node will not be usable and will be reloaded automatically to recover. If it does not recover, then the missing package should be added to the router using ’install add’ in admin mode so that it is available to be synced, or alternatively the missing package can be removed from the router using ’install remove’ in admin mode so that it is not required to be synced. If the node does come up as the dSDRSC then check the packages present on the SDR/router using ’show install package all brief’ and add any missing packages to the SDR/router as required. Error Message %INSTALL-INSTHELPER-3-INSTALL_DEVICE_UNAVAILABLE Insthelper detected that the required install device ([chars]) did not become available after waiting for [dec] seconds. Error: [chars] Explanation Insthelper on non-dSC management nodes requires the same install device as instdir’s install device on dSC. However, after waiting for some time, the required install device did not become ready. If it was a managed node, then its bootflash device is not available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-3-INSUFFICIENT_DISKSPACE The packaging infrastructure detected insufficient diskspace: [unsigned long long int] bytes available on [chars]. This node will be held from proceeding further. Please recover some space on this device. Alternatively, use the ’install boot-options format location [chars]’ command in admin mode and then reload this node. Explanation Disk does not have sufficient space for insthelper to continue on. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-3-MBI_COPY_FAIL MBI download failed, error: [chars] Explanation DRP MBI copying failed. This card will not be able to boot. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-331 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-3-NOMEMORY Could not complete operation due to lack of memory: could not allocate [unsigned int] bytes Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-INSTHELPER-3-RUNNING_ON_NON_PERSISTENT_DEVICE Managed node running software on a non persistent device. Software changes are directed to memory. Explanation A Managed node is running software from a non persistent device when it was instructed to use a persistent device at bring up time. Persistent device not available so software will be stored in memory. Expect longer boot times. The node will continue to operate on a best-effort basis but should be looked at soon. You may see out-of-memory errors and problems with package activations on the node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-3-USES_MEM_FOR_PERSISTENT_DEVICE Can’t find persistent device to store packages. Continuing with memory instead. Explanation Could not find the persistent device on a managed device when the instdir instructed to store packages on it. Proceeding to use memory instead of the expected persistent device. Expect longer boot times. The node will continue to operate on a best-effort basis but should be looked at soon. You may see out-of-memory errors and problems with package activations on the node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-3-WRONG_IMAGE This node has been booted with the wrong image type. Composite has already been used to boot dSC at [chars]. Please boot this node with an MBI image. Explanation insthelper detected that a wrong image has been booted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-332 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-4-DEVICE_FORMAT_FAIL Selected install device ’[chars]’ failed to be formatted. Attempting to remove only packages and MBIs from the device ... Explanation Selected device could not be formatted for one reason or another. Performing removal of packages and MBIs from the device to see if we can continue. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-6-DEVICE_FORMAT Insthelper is formatting device [chars] Explanation Either due to a format directive at turboboot time, or because the indicated device is not available, insthelper will now try to (re)format the device to make it available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-6-DISKSPACE_CHECK_PASS The packaging infrastructure detected sufficient diskspace has become available on device [chars]. Explanation The device now has enough diskspace for install code to proceed. Recommended Action No action needed. Error Message %INSTALL-INSTHELPER-6-FAILED_BOOT_DURING_INSTALL_PAUSE This node is pausing for [dec] seconds prior to rebooting itself following an attempt to boot during an installation Explanation On bootup the node attempted to contact the Install Director on the dSC. The Install Director was contacted and informed the node that it could not boot because an installation was in progress. The Install Director then became unavailable. Therefore, to ensure that this node boots from an up to date Install Director it will reboot itself after a sufficient pause to ensure that the node the previous Install Director was on has had time to reboot. This message will only be seen on an RP. Recommended Action The node will pause and then reboot to obtain the correct software. If the node ends in ROMMON (as the config-register was not set to auto-boot) then it is recommended to simply set the config-register to autoboot and reset to boot the correct software. unset BOOT sync confreg 0x2 reset Installation Messages INSTHELPER Messages EM-333 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-6-FAILED_BOOT_DURING_INSTALL_RESET This node is rebooting following an attempt to boot during an installation Explanation On bootup the node attempted to contact the Install Director on the dSC. The Install Director was contacted and informed the node that it could not boot because an installation was in progress. The Install Director then became unavailable. Therefore, to ensure that this node boots from an up to date Install Director it will reboot itself. This message will only be seen on an RP. Recommended Action The node will reboot to obtain the correct software. If the node ends in ROMMON (as the config-register was not set to auto-boot) then it is recommended to simply set the config-register to autoboot and reset to boot the correct software. unset BOOT sync confreg 0x2 reset Error Message %INSTALL-INSTHELPER-6-INCORRECT_LOADPATH Node ’[chars]’: software mismatch, resetting self... Explanation Status information after two or more nodes were brought in parallel during the initial boot of the system. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-6-INCORRECT_MBI This node was booted with an incorrect MBI ([chars]), rebooting self with correct boot image ([chars]). Explanation The dSC node was booted with an incorrect MBI. There are a few cases where this can occur: 1) User manually boots an MBI that is different from the MBI that RP should boot. 2) User manually sets BOOT ROMMON variable that is different from the MBI that RP should boot. 3) An install causing an MBI change without ’install commit’ will have the BOOT ROMMON variable set to MBI from uncommitted software set if the dSC is subsequently rebooted. Recommended Action The node will reboot to pick up the new mbi. If the node ends in ROMMON (as the config-register was not set to auto-boot) then it is recommended to simply set the config-register to autoboot and reset to boot the correct MBI. Error Message %INSTALL-INSTHELPER-6-MBI_BOOTING_HOLD_BOOT_IN_MBI This node is attempting to boot while it has to be held in MBI. The node will not be allowed to boot up further until the hold is lifted. Explanation Nodes can not boot up while the platform determines that they have to be held in MBI. Once the platform lifts the hold then the node will be allowed to complete its boot as normal. recommended_action: *NONE* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-334 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-6-MBI_BOOTING_MID_INSTALL This node is attempting to boot while an install is in progress. The node will not be allowed to boot up further until the install has completed. Explanation Nodes can not boot up mid-install as this will invalidate the runnning software set. Once the install has completed then the node will be allowed to complete its boot as normal. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-6-MBI_DOWNLOAD_COMPLETE download of new MBI from RP complete (autobake complete) Explanation Status information for completion of MBI download. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-6-RELOAD_NODE_INFO As part of install operation [unsigned int] this node ([chars]) will now [chars]reload. Explanation The installation required a reload of this node, and this is now going ahead. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-6-SELF_RESET MBI download complete, rebooting self with new boot image Explanation Status information after MBI download to local flash. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-CLEAN_INVALID_DEVICE Attempt to clean path on non-boot device [chars] (boot device [chars]) Explanation Install helper made an attempt to clean a path that wasn’t on the specified boot device. Recommended Action Collect insthelper traces from this reported nodes using ’show install trace insthelper’. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-335 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-7-COMPLETE_PACKAGE_CLEAN Successfully cleaned stale packages & meta-data Explanation Clean successfully completed. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-COMPLETE_SYNC Successfully sync’ed packages & meta-data. Explanation Sync successfully completed. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-DIGEST_BK_INTEGRITY Found integrity issue with digest backup file, digest table not restored, all the packages will be copied again.. Explanation The digest backup file is found being tempered with, insthelper will discard the file, and all the packages will be copied again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-EVENT_FAIL Failed to receive an event [[chars]] Explanation Either an operation requested of the Install infrastructure has not been received successfully (and hence hasn’t been processed), or an invalid message has been sent to the Install infrastructure. The Install infrastructure should continue to operate as expected for subsequent requests. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_ACTIVE_SYNC Failed to sync activated packages & meta-data. Explanation The Install Helper failed to sync the local cache of active directories from remote node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-336 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-7-FAIL_COPY Failed to copy from ’[chars]’ to ’[chars]’. Explanation The Install Helper failed to copy the directories from remote node to local node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_FILE_IO Failed to [chars] file ’[chars]’, error: [chars] Explanation The Install Helper failed to read/write a file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_LDPATH_UPDATE Failed to update loadpath ([chars]), error: [chars] Explanation The Install Helper failed to update the LOADPATH for the node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_LWM_DISCONNECT Failed to disconnect from install manager. Explanation The Install Helper failed disconnect from install manager server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_PACKAGE_CLEAN Install helper failed to clean stale packages & meta-data, error: [chars] Explanation Clean successfully completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-337 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-7-FAIL_STAT Failed to stat ’[chars]’, error: [chars] Explanation The Install Helper failed to stat a file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_SYNC Failed to sync packages & meta-data. Explanation The Install Helper failed to sync the local cache of install directories from remote node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_SYSMGR_NOTIFY Failed to notify sysmgr about change in LOADPATH. Explanation The Install Helper failed to notify sysmgr about change in LOADPATH. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAIL_THREAD_CREATE Failed to create a thread, error: [chars]. Explanation The Install Helper failed to create a thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FAILED_MEM_CACHE_INIT Failed to initialize the memory cache on this node (details: [chars]) Explanation The memory cache owner failed to initialize the memory cache. The install infrastructure will continue to work, but the booting time for nodes may be slow. Recommended Action No action is required. Installation Messages INSTHELPER Messages EM-338 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-7-FAILED_SDS_CONNECT Failed to connect to an SDS, trying Install Director directly. Explanation A node was unable to connect to a Software Download Server and will try to directly connect to the Install Director on the dSC as a result. This may be due to a failure in updating the LRd inventory following a change in the state of an SDS. The install operation should download software directly from the dSC and should not be impacted. However, if many nodes attempt to get software directly from instdir other processes may be impacted by high CPU usage. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-FAILED_SYSDB_CONNECT retrying to contact sysdb after [dec] seconds Explanation Insthelper was unable to connect to local sysdb, insthelper will retry Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-FILE_OPEN_FAIL Failed to open file ’[chars]’, error [chars] Explanation Failed to open the specified required file, so processing of the current request or operation will halt. The filesystem may be in error, or the Install infrastructure may be behaving incorrectly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-INIT Initialization failed [[chars]], error: [chars] Explanation An error occurred during initialization. The Install infrastructure will not be able to function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTHELPER Messages EM-339 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-INVALID_NODEID_RETURNED Reply from install director indicated that the passed in node [chars] was incorrect Explanation Install director detected that the passed in node was incorrect. Recommended Action Collect insthelper traces from this reported nodes using ’show install trace insthelper’. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-INVALID_NOTIF_INFO Error while processing notification: [chars], error: [chars]. Explanation The Install Helper failed to extract the notification information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTHELPER-7-LOCKING Failed to [chars], error: [chars] Explanation There was an internal locking problem within the Install Helper. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-MBI_DOWNLOAD downloading new MBI from RP (autobake in progress) Explanation Status information while starting MBI download. Recommended Action No action is required. Installation Messages INSTHELPER Messages EM-340 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-7-NULL_PTR Unexpected null pointer passed to Install infrastructure Explanation Unexpected parameter value passed to function. Recommended Action Contact support. Error Message %INSTALL-INSTHELPER-7-PKG_DOWNLOAD MBI running; starting software download Explanation Status information while starting package download. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-PKGFS_INIT_BOOT Can’t update pkgfs during initial boot. Continuing with current mapping Explanation Could not update the package file system’s list of active files. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-PREPARATION_COMPLETE Software stored to persistent device Explanation The persistent device now has its software copied. Node will now ask instdir if it can proceed to launch the software. During turboboot, node may never get permission, and just waits in MBI-RUNNING state until all nodes reload. Recommended Action No action needed. Error Message %INSTALL-INSTHELPER-7-START_PACKAGE_CLEAN Cleaning stale packages & meta-data Explanation Status information cleaning old package information prior to sync’ing a node. Recommended Action No action is required. Error Message %INSTALL-INSTHELPER-7-START_SYNC Sync’ing packages & meta-data from ’[chars]’ Explanation Status information while starting install file sync. Recommended Action No action is required. Installation Messages INSTMGR_CMD Messages EM-341 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTHELPER-7-SYSDB_BIND The Install infrastructure was unable to connect to the system database, error: [chars] Explanation This may be because the communications infrastructure is not yet up. If this problem persists, the operations of the Install infrastructure may not be able to proceed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INSTMGR_CMD Messages Error Message %INSTALL-INSTMGR_CMD-3-NOMEMORY Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-INSTMGR_CMD-7-NULL_PTR Unexpected NULL pointer passed to Install infrastructure Explanation Unexpected parameter value passed to function. Recommended Action Contact support. Error Message %INSTALL-INSTMGR_CMD-7-PLATFORM_TYPE_FAIL An install command was unable to get a platform type, error [chars]. Explanation An install command was unable to get a platform type. As a result, the command may not be able to continue with its operations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Installation Messages INSTMGR_LIB Messages EM-342 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 INSTMGR_LIB Messages Error Message %INSTALL-INSTMGR_LIB-2-FAILED_RELOAD_NODE Insthelper was unable to reload the node, error: [chars]. Software could be inconsistent Explanation The installation required a reload of the node, but the reload failed. This is a critical error, as the software installed will now be in an inconsistent state. No future installations will work correctly, and process restarts can not be guaranteed to be successful. Recommended Action Execute the command ’hw-module location location reload’ for the specified node. Error Message %INSTALL-INSTMGR_LIB-2-RELOAD_SAVE_CONFIG_FAILED Failed to save config prior to reload: [chars] Explanation Configuration will be lost during the reload of the installation if both of the following apply 1. Binary configurations are not compatible between the current software and the software that runs after the reload 2. Some parts of the running configuration have not been committed to configuration manager’s hidden ASCII config file. Recommended Action After the installation check that the router’s configuration is complete. Reconfigure if necessary. Error Message %INSTALL-INSTMGR_LIB-3-FAILED_STATE_FILE_UPDATE Failed to update state files on this node (error: [chars]). A full update will be retried in [unsigned int] seconds. Explanation While trying to synchronize the install state files to the local node, an error occurred. An attempt to re-sync all the state files will be automatically re-tried. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-343 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-3-FAILED_SYNC While initializing instdir on the dSC, failed to sync instdir with running nodes, error: [chars] Explanation While trying to synchronize the install state files of the dSC instdir, an error occurred. The synchronization with remote nodes is attempted once the dSC has been successfully assigned and is required to either: a) update the new dSC with newer files found on remote nodes, b) update remote nodes with state files on the dSC. Should an error occur during either of these, the synchronization should be re-attempted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-3-REPLY_MSG_SENDING Failed to send a reply message to a client, error: [chars] Explanation An error occurred while sending a reply LWM message to a client. It can be a data or an error number reply. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-6-MESSAGE_NOT_PROCESSED Install infrastructre has waited [unsigned int] seconds for Install Director to be able to process a message. Explanation A part of the install infrastructure has been waiting for the stated time for the install director to be able to process the image. This can happen if other processes are taking a long time to initialize. Recommended Action No action is required. Error Message %INSTALL-INSTMGR_LIB-7-CLIENT_ERROR A client of the Install infrastructure returned an error from its callback function, error: [chars] Explanation A client of the Install infrastructure unexpectedly returned an error during processing, and so the requested operation may not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-344 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-CONFIG_POSTINSTALL_NOTIFICATION Failed in the config postinstall notification Error:[chars]. Explanation Failed in postinstall notification to config manager at package activation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-CONFIG_PREINSTALL_NOTIFICATION Failed in the config preinstall notification Error:[chars]. Explanation Failed in preinstall notification to config manager at package activation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-DBADD Unable to add directory ’[chars]/[chars]’ (or its meta data) to install database, error: [chars] Explanation The database used by the Install infrastructure could not be updated. Further installations may not behave as expected, or be possible at all. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-DBCREATE The Install infrastructure was unable to create the install database at ’[chars]’, error: [chars] Explanation The database used by the Install infrastructure could not be initialised. Installations will not be possible. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-345 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-DBFORMAT An install database ([chars]) contained data of invalid format, error: [chars] Explanation An install database was unable to be accessed. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-DBNAME The Install infrastructure was unable to determine the name of an install database, error: [chars] Explanation The database used by the Install infrastructure could not be accessed. Installations will not be possible. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-DBOPEN An install database ’[chars]’ could not be opened, error: [chars] Explanation An install database was unable to be opened. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-DBOPERATION An operation on an install database failed: [chars]. Error: [chars] Explanation An install database was unable to be accessed. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-346 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-DBPATH A path of the install database, ’[chars]’, is invalid ([chars]), error: [chars] Explanation An error has been encountered in the install database. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-DBRECORD An install database ([chars]) record could not be accessed, error: [chars] Explanation An install database record was unable to be accessed. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-DBSUBDIRECTORY [chars], error: [chars] Explanation Unable to access an install subdirectory. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-ENS_CONSUMER_RESPONSE An ens consumer response failed with [chars] after [dec] attempts Explanation Insthelper failed to respond to instdir. Instdir will notice this and, after a timeout will attempt to re-retrieve the response from insthelper. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-347 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-ENS_UNKNOWN_PAYLOAD_MSG_TYPE Insthelper received an unknown payload message type ([dec]) Explanation Insthelper received an unknown message type from instdir. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-ERROR_REG Failed to register error messages in ’[chars]’ [[chars]]. Explanation The DLL containing the messages associated with the install manager error codes failed to be registered. The system will continue to work, but clients that receive install manager error codes will not be able to retrieve the textual description of the error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-FAIL_LWM_REPLY_TOO_BIG Received reply too large message for a message buffer that was big enough for reply message. (message buffer size equals [dec], instdir reply size equals [dec]) Explanation Install director gave an incorrect message reply size to a client Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-FAIL_LWM_SEND LWM client failed to send a message to instdir, error: [chars] Explanation An instdir LWM client failed to send a message to instdir. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-FAILED_OUTPUT_ERROR Failed to output user error message concerning install operation [dec] (details: [chars]) Explanation A user error occurred but failed to be output to the user. Recommended Action Repeat the operation. Consult the release-notes if applicable. Installation Messages INSTMGR_LIB Messages EM-348 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-FILE_CHECK An install-related file ’[chars]’ failed validity-checking ([chars]), error: [chars] Explanation A file used by the Install infrastructure failed validity checking. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-FILE_INFO The Install infrastructure was unable to determine the information about file ’[chars]’, error: [chars] Explanation The Install infrastructure was unable to access a file. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-FILE_OPEN_FAIL Failed to open file ’[chars]’, error [chars] Explanation Failed to open the specified required file, so processing of the current request or operation will halt. The filesystem may be in error, or the Install infrastructure may be behaving incorrectly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-FILE_READ The Install infrastructure was unable to read file ’[chars]’, error [chars] Explanation Failed to read the specified required file, so processing of the current request or operation will halt. The filesystem may be in error, or the Install infrastructure may be behaving incorrectly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-349 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-INFRA_BLOB The Install infrastructure was returned an error by the blobbify library when [chars], error: [chars] Explanation The Install infrastructure was unable to access some of the data that it requires, and so the requested operation may not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-INTERNALERR Internal error: [chars]: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-LIST The Install infrastructure encountered an error when accessing a list of internal structures. [chars], error: [chars] Explanation The Install infrastructure encountered an error when accessing a list of internal structures, and so the requested operation may not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-LOAD_PIE The Install infrastructure was unable to load pie ’[chars]’, error: [chars] Explanation The Install infrastructure was unable to load a pie file. It will not be able to be used. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-LTRACE_INIT Could not register tracing, error: [chars] Explanation Failed to register ltrace context structure. Tracing will not be functioning properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-350 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-MEMORY Failed to allocate [dec] bytes of memory Explanation There is not enough memory to continue with current operations. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-INSTMGR_LIB-7-NODE_CLASS_GET The Install infrastructure was unable to get the class of a node, error: [chars] Explanation The Install infrastructure was unable to get the class of a node, and so the requested operation may not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-PACKAGE The Install infrastructure was unable to use package in ’[chars]’ ([chars]), error: [chars] Explanation The Install infrastructure was unable to access and use a package. It will not be able to be utilised. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-PARAMETER_NULL One or more parameters were unexpectedly NULL! Explanation An NULL parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages INSTMGR_LIB Messages EM-351 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-PATH Path ’[chars]’: [chars], error: [chars] Explanation An install path was found to be in error. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-PATH_CLEANUP Path ’[chars]’: [chars], error: [chars] Explanation An install path could not be cleaned up or destroyed. This will have no effect for now, but may affect install paths later on. Recommended Action No action is required. Error Message %INSTALL-INSTMGR_LIB-7-PIE_FORMAT [chars], error: [chars] Explanation A pie file contains invalid data, and cannot be used. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-PIE_INFO_CONSTRUCT The Install infrastructure was unable to construct the information about a pie file, error: [chars] Explanation The Install infrastructure was unable to use all the contents of a pie file. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-PKG_LOAD The Install infrastructure encountered an error when attempting to load a package from loadpath ’[chars]’, error: [chars] Explanation The Install infrastructure encountered an error when loadng a package, and so the requested operation may not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR_LIB Messages EM-352 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-PLATFORM_TYPE_FAIL Failed to get platform type in function [chars]. As a result, process instmgr does not have platform type information. Some instmgr execution path may result in failure. Explanation Failed to get platform type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-RELOAD_MEMBOOTED_MANAGEMENT_NODE The requested reload installation is not allowed for a membooted management node Explanation A reload installation is not allowed to a membooted management node. Recommended Action Either diskboot, or don’t target installation to a management node when membooted. Error Message %INSTALL-INSTMGR_LIB-7-STACK [chars] Explanation An install operation has failed because of an internal error in the stack logic. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-SYSMGR An error occurred while the Install infrastructure was interacting with System Manager. [chars], error: [chars] Explanation An error occurred while the Install infrastructure was interacting with System Manager, and so the requested operation may not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR_LIB-7-TEST_ISSU_RUN_MDR_COMPLETE_SLEEP Sleeping for [dec] seconds before MDR Explanation Informs the user how many seconds the node is sleeping before MDRing during a ’test ISSU-run’ operation. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-353 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR_LIB-7-TEST_ISSU_RUN_RELOAD_SLEEP Sleeping for [dec] seconds before reload Explanation Informs the user how many seconds the node is sleeping before reloading during a ’test ISSU-run’ operation. Recommended Action No action is required. INSTMGR Messages Error Message %INSTALL-INSTMGR-2-AUTO_ABORT_TIMER_EXPIRED The auto-abort timer started in install operation [dec] has expired. Reloading [chars]. Explanation The auto-abort timer has expired, reloading the router/SDR. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-2-AUTO_ABORT_TIMER_EXPIRING The auto-abort-timer, started in install operation [dec][chars] expires in [dec] seconds. [chars] Explanation The auto-abort timer is about to expire. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-2-FAILED_RELOAD_NODE The primary install director failed to reload the node, error: [chars] Explanation The installation required a reload of the dSC node, but the reload failed. The software installed will now be in an inconsistent state. Recommended Action Execute the command ’hw-module location location reload’ for the specified node. Error Message %INSTALL-INSTMGR-2-INSTALL_CRITICAL_AUTO_ABORT Critical: Install operation [dec] will auto-abort in [dec] minutes. [chars] Explanation The install operation will abort in the given time unless the user starts either the accept phase or the complete phase using the supplied instructions. The critical version is shown if the abort timer has less than 30 minutes left on it. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-354 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-2-INSTALL_OP_SYS_ERR_GLOBAL_NODES_INCONSISTENT Error occurred during install operation [dec]: Please collect diagnostic information using ’[chars]’ (details: [chars]). The following nodes are in an inconsistent state: [chars]. Use ’show install log [dec] detail’ for more details. Explanation A system error occurred during an install operation. This may indicate a transitive problem within the system, a problem with the code or a user error not verified by the install system. The system does not know what software is running on the specified nodes and it may be the case that the software on the nodes cannot operate correctly within its own node or with other nodes in the system. Recommended Action Check system consistency using ’install verify’. If incorrect behavior is seen then restart processes impacted by the install on the inconsistent nodes (use ’show install log install ID detail’ for a list of impacted processes). If incorrect behavior continues to be seen then reload the inconsistent nodes. Collect diagnostic information about the failure using the specific command and pass it to your TAC representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-2-INSTALL_OP_SYS_ERR_SPECIFIC_NODES_INCONSISTENT [chars] is in an inconsistent state ([chars]) Explanation Further information supplied to be used in conjunction with the SYSTEM_ERROR_SPECIFIC_NODES_INCONSISTENT_HDR message. One of the nodes possibly now in an inconsistent state with itself and the rest of the system. Recommended Action Check system consistency using ’install verify’. If incorrect behavior is seen then restart processes impacted by the install on the inconsistent nodes (use ’show install log install ID detail’ for a list of impacted processes). If incorrect behavior continues to be seen then reload the inconsistent nodes. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-2-INSTALL_OP_SYS_ERR_SPECIFIC_NODES_INCONSISTENT_HDR Error occurred during install operation [dec]: Please collect diagnostic information using ’[chars]’. Use ’show install log [dec] detail’ for more details. Explanation A system error occurred during an install operation. This may indicate a transitive problem within the system, a problem with the code or a user error not verified by the install system. The system does not know what software is running on the specified nodes and it may be the case that the software on the nodes cannot operate correctly within its own node or with other nodes in the system. Recommended Action Check system consistency using ’install verify’. If incorrect behavior is seen then restart processes impacted by the install on the inconsistent nodes (use ’show install log install ID detail’ for a list of impacted processes). If incorrect behavior continues to be seen then reload the inconsistent nodes. Collect diagnostic information about the failure using the specific command and Installation Messages INSTMGR Messages EM-355 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 pass it to your TAC representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-2-INSTALL_SYS_ERR_FAILURE While trying to output information about a system error [chars]during an the install operation, the install subsystem was unable to obtain the data to output: Context: [chars], error: [chars] Explanation A system error occurred within the install system, possibly during an install operation, but the install code could not output information about the system error because an error occurred within the error output code. Recommended Action Check system consistency using the admin command ’install verify’. If incorrect behavior is seen then reload the inconsistent nodes using ’hw-module location location reload’. Collect diagnoistc information about the failure using the admin command ’show tech-support install file file’ and pass it to TAC representative. Error Message %INSTALL-INSTMGR-3-ABORT_INCOMPLETE_INSTALL An incomplete install (request id [dec]) was encountered and aborted. Explanation A previously requested install operation that was incomplete was attempted to be applied. However the operation was detected as being before any state had changed so was aborted. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-3-ABORT_INCOMPLETE_INSTALL_ADD An incomplete ’install add’ (request id [dec]) was encountered and aborted. Explanation A previously requested install add operation was found to be incomplete. The operation has been aborted and install infrastructure has removed any partially installed packages. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-3-AUTO_ABORT_TIMER_RUNNING_WARN The auto-abort-timer, started in install operation [dec][chars] expires in [dec] minutes. [chars] Explanation The auto-abort timer is running and soon to expire. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-356 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-3-BAD_OP_TYPE Invalid operation type ([dec]) passed to Install infrastructure Explanation The function does not support the given install operation. Recommended Action Contact support. Error Message %INSTALL-INSTMGR-3-BUILD_TABLE_FAIL Failed to build Package Dependency table from file ’[chars]’ Explanation Unexpected null string. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-CORRUPT_CHECKPOINT Checkpoint data for the Install process is corrupt. The data will be deleted and the install process restarted. Any install operation in progress will be stopped. Explanation Checkpoint data for the Install process is corrupt. The data will be deleted and the install process restarted. Any information about any install operation that is in progress has been lost. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-3-FAILED_ENS_INIT Install director was unable to initialise its event notification service. [chars] failed: [chars] Explanation The install director was not able to initialise its event notification service. The system will not be able to perform any installs without this initialisation succeeding. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-FAILED_ENS_REQUEST Install director was unable to send an event notification after [dec] attempts, error: [chars] Explanation The install director was not able to send an event notification. This will cause the system’s install to fail in some way. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR Messages EM-357 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-3-INIT Initialization failed [[chars]], process terminated, error: [chars] Explanation An error occurred during initialization, causing the process to terminate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-INSTALL_ERROR_BUT_NO_CLI_CONNECTION Install has encountered an error. User input is required in order to move forward. Use the command ’install operation [dec] attach’ in admin mode to answer the question. Explanation The incremental install operation has encountered an error. And no ’nopromppt’ is supplied in the activation command. The install would ask the user a question as how to proceed. Recommended Action Do ’(admin) install attach install_id’, then answer the question. Error Message %INSTALL-INSTMGR-3-INSTALL_OPERATION_SYSTEM_ERROR_GLOBAL_NODES Error occurred during install operation [dec]: Please collect diagnostic information using ’[chars]’ (details: [chars]). Use ’show install log [dec] detail’ for more details. Explanation A system error occurred during an install operation. This may indicate a transitive problem within the system, a problem with the code or a user error not verified by the install system. Recommended Action Check system consistency using ’install verify’. Reattempt the install operation. If the problem persists collect diagnostic information about the failure using the specific command and pass it to your TAC representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-INSTALL_OPERATION_SYSTEM_ERROR_SPECIFIC_NODES [chars] ([chars]) Explanation Further information supplied to be used in conjunction with the INSTALL_OPERATION_SYSTEM_ERROR_SPECIFIC_NODES_HDR message. Recommended Action Check system consistency using ’install verify’. Reattempt the install operation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR Messages EM-358 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-3-INSTALL_OPERATION_SYSTEM_ERROR_SPECIFIC_NODES_HDR Error occurred during install operation [dec]: Please collect diagnostic information using ’[chars]’. Use ’show install log [dec] detail’ for more details. Explanation A system error occurred during an install operation. This may indicate a transitive problem within the system, a problem with the code or a user error not verified by the install system. Recommended Action Check system consistency using ’install verify’. Reattempt the install operation. If the problem persists collect diagnostic information about the failure using the specific command and pass it to your TAC representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-INSTALL_OPERATION_USER_ERROR User error occurred during install operation [dec]. See ’show install log [dec] detail’ for more information. Explanation Information provided by the user or by binaries referenced by the user command were inaccurrate. Recommended Action Steps to correct the error are provided in ’show install log install ID detail’. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-INSTALL_SYSTEM_ERROR_GLOBAL_NODES Error occurred within the install system. Please collect diagnostic information using ’[chars]’ (details: [chars]). Explanation A system error occurred within the install system, not during an install operation. This may indicate a transitive problem within the system or a problem with the code. Recommended Action Check system consistency using ’install verify’. If the problem persists collect diagnostic information about the failure using the specific command and pass it to your TAC representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-INSTALL_SYSTEM_ERROR_SPECIFIC_NODES [chars] ([chars]) Explanation Further information supplied to be used in conjunction with the INSTALL_SYSTEM_ERROR_SPECIFIC_NODES_HDR message. Recommended Action Check system consistency using ’install verify’. If the problem persists collect diagnostic information about the failure using the specific command and pass it to your TAC representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR Messages EM-359 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-3-INSTALL_SYSTEM_ERROR_SPECIFIC_NODES_HDR Error occurred within the install system. Please collect diagnostic information using ’[chars]’. Explanation A system error occurred within the install system, not during an install operation. This may indicate a transitive problem within the system or a problem with the code. Recommended Action Check system consistency using ’install verify’. If the problem persists collect diagnostic information about the failure using the specific command and pass it to your TAC representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-NOMEMORY Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-INSTMGR-3-REPLY_MSG_SENDING Failed to send a reply message to a client, error: [chars] Explanation An error occurred while sending a reply LWM message to a client. It can be a data or an error number reply. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-SAM_CERTIFICATE_EXPIRED SAM certificate expired. Please check system date. Current system date: [chars] Explanation The SAM certificate expired. This error could also be because the system date is set to a very old data. Check the system data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR Messages EM-360 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-3-SYSDB Unable to access the system database, error: [chars] Explanation An error occurred when accessing the system database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-SYSDBREG Registration with SysDB failed [[chars]], error: [chars] Explanation An error occurred when registering with the system database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-TIMER_ABORT Failed to start timer for request id [dec] - The request has been aborted. Explanation A timer creation failed for the active request. In order to prevent the potential indefinite blocking of the Install Manager request processor, the request has been aborted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-3-UNABLE_TO_DETERMINE_PREREQUISITE_ORDERING Unable to determine the order of two packages with respect to their prerequisite information. Explanation While trying to determine the order of two packages (or two sets of packages), the packages in question were found to have conflicting prerequisites information. The packages will be ordered by build-time instead. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-ABORTING_FORCE_RELOAD_NODE Aborting LOAD phase of install operation [dec], force reload of node [chars] Explanation Reload the node while aborting LOAD phase of install issu operation. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-361 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-4-ACTIVE_SOFTWARE_COMMITTED_INFO The currently active software is [chars] Explanation The currently active software has not yet been ’committed’ to the system. This means that if the system reboots then the committed software will become active. Note that a failover will not cause the committed software to become active. Recommended Action Verify that the system is operating as expected. Use ’system verify’ to help validate the system. Use ’install verify’ to validate the install sub-system. If the system is operating as expected then execute the ’install commit’ command to commit the active software so that it is used if the system reboots. Error Message %INSTALL-INSTMGR-4-AUTO_ABORT_TIMER_RUNNING The auto-abort timer, started in install operation [dec][chars] expires in [dec] minutes. [chars] Explanation The auto-abort timer is running. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-AUTO_ABORT_TIMER_STARTED [chars] the auto-abort timer for install operation [dec][chars]. The auto-abort timer expires in [dec] minutes. [chars] Explanation The auto-abort timer has started/resumed. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-AUTO_ABORT_TIMER_STOPPED The auto-abort-timer, started in install operation [dec][chars] has been stopped. Explanation The auto-abort timer has been stopped. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-INSTALL_IS_TO_SUSPEND Install operation [dec] has been suspended. Use the command ’install resume’ in admin mode to resume the operation. Explanation The incremental install operation will be suspended indefinitely, at the pre-defined suspension point. User needs to issue ’install resume’ in admin mode in order to resume the operation. Recommended Action Do ’install resume’ in admin mode, whenever ready. Installation Messages INSTMGR Messages EM-362 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-4-INSTALL_ISSU_AUTO_ABORT_TIMER_NOT_FOUND Auto-abort timer was expected for ISSU operation [dec], but not found after RUN phase completion. Explanation Auto-abort timer was expected (per user options specified) but not running after RUN phase. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-INSTALL_OPERATION_WARNING A warning occurred during install operation [dec]. See ’show install log [dec] detail’ for more information. Explanation The behavior of the install operation may not have been entirely what the user expected. Recommended Action Details of the possibly unexpected behavior are provided in ’show install log install ID detail’. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-4-INSTALL_WARNING_AUTO_ABORT Warning: Install operation [dec] will auto-abort in [dec] minutes. [chars] Explanation The install operation will abort in the given time unless the user starts either the accept phase or the complete phase using the supplied instructions. The warning version is shown if the abort timer has 30 minutes or more left on it. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-ISSU_NODE_BOOT_NOT_ALLOWED Node [chars] is not allowed to boot during this phase of install operation [dec]. After the operation has completed, the node will be brought up with the active software. Explanation Node rebooted while ISSU install operation is in progress, it will not be allowed to come up until the operation completes. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-ISSU_UNEXPECTED_NODE_BOOT Node [chars] is unexpectedly booting during install operation [dec]. Explanation This node boot is not expected in the given phase of ISSU install, install should abort with an error. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-363 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-4-ROLLBACK_FILE_FAILURE The creation of a rollback point for install operation [unsigned int] failed (details: [chars]). The operation will continue, but this operation ID cannot be used as a rolback point. Explanation There was an error when trying to create the loadpath file for this rollback point. The operation will continue successfully (given no other errors), but this point cannot be used as a rollback point. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-4-STANDBY_NOT_READY Install director found a standby node [chars] not ready, all standby (D)RPs are required to be ready to proceed. Explanation Install director expected standby nodes to be ready, however, when verifying found at least one that is not ready. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_ACCEPT_PHASE_FINISHED Install operation [dec]: Accept Phase has finished. Explanation The accept phase of an ISSU operation has finished successfully. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_ACCEPT_PHASE_STARTED Install operation [dec]: Accept Phase has started. Explanation The accept phase of an ISSU operation has started - another message will be output when the phase finishes. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_COMPLETE_PHASE_FINISHED Install operation [dec]: Complete Phase has finished. Explanation The complete phase of an ISSU operation has finished successfully. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-364 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-6-INSTALL_COMPLETE_PHASE_STARTED Install operation [dec]: Complete Phase has started. Explanation The complete phase of an ISSU operation has started - another message will be output when the phase finishes. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_LOAD_PHASE_FINISHED Install operation [dec]: Load Phase has finished. Explanation The load phase of an ISSU operation has finished successfully. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_LOAD_PHASE_STARTED Install operation [dec]: Load Phase has started. Explanation The load phase of an ISSU operation has started - another message will be output when the phase finishes. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_OPERATION_ABORTED Install operation [dec] aborted Explanation An install operation was aborted by the system. This is usually due to the Install Director restarting or an RP failover during the initial phase of an install operation. Recommended Action Retry the operation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-6-INSTALL_OPERATION_ABORTING_ON_ERROR Aborting install operation [dec] by [chars] due to a system error. Explanation An error occurred in the ISSU install operation, and the operation will be aborted using the stated method to recover the system back to it’s running state. Recommended Action Retry the operation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR Messages EM-365 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-6-INSTALL_OPERATION_CANCELLED Install operation [dec] cancelled by user ’[chars]’ Explanation An install operation was cancelled via a user prompt. Use ’show install log install ID detail’ for more details. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-6-INSTALL_OPERATION_COMPLETED_SUCCESSFULLY Install operation [dec] completed successfully Explanation An install operation has completed successfully. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_OPERATION_FAILED Install operation [dec] failed Explanation An install operation failed. Use ’show install log install ID detail’ for more details. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-6-INSTALL_OPERATION_STARTED Install operation [dec] ’[chars]’ started by user ’[chars]’ Explanation An install operation has been started - another message will be displayed when it is finished. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_OPERATION_USER_ABORTED Install operation [dec] aborted by user ’[chars]’ Explanation An install operation was aborted by a user. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-366 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-6-INSTALL_RESUMED Install operation [dec] has been resumed. Explanation The install operation has been resumed after pausing for user input. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_RUN_PHASE_FINISHED Install operation [dec]: Run Phase has finished. Explanation The run phase of an ISSU operation has finished successfully. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-INSTALL_RUN_PHASE_STARTED Install operation [dec]: Run Phase has started. Explanation The run phase of an ISSU operation has started - another message will be output when the phase finishes. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-NODE_BOOT_OPTIONS Node [chars] is booting with boot option ’[chars]’. Explanation This message indicates the boot options of the specified node. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-NODE_BOOT_OPTIONS_CLEAR The boot options of node [chars] were cleared. Explanation The boot options of the specified node are cleared when the node preparation is complete. Recommended Action No action is required. Installation Messages INSTMGR Messages EM-367 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-6-PAUSED_AT_CONFIG_LOCK Install operation [unsigned int] is pausing before the config lock is applied. Apply any additional config before resuming the operation using ’[chars]install operation [unsigned int] complete’. Explanation When initiating the operation, the user specified that the install infrastructure should pause before locking the config for the first time. The operation will not continue until the user indicates that it is safe to do so using the supplied command. Recommended Action Either follow the command given, or attach to the operation synchronously for further details. Error Message %INSTALL-INSTMGR-6-WAIT_FOR_STANDBY Install director is waiting for the standby RP to be ready. Explanation Install director has reloaded the standby or has switched over. Now it is waiting for the standby RP to be ready. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-6-WAIT_FOR_TARGET_NODES Install director is waiting for Install helpers on the reloaded nodes to be ready. Explanation Install director has triggered the reload software change on the target nodes. Now it is waiting for the Install helpers on the reloaded nodes to come up and ready to receive messages. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-DSC_MIGRATED dSC and install director has migrated to a new head. Explanation An unexpected dSC migration has happened. The install manager detects this condition and also finds it may continue. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-FAILED_OUTPUT_ERROR Failed to output user error message concerning install operation [dec] (details: [chars]) Explanation A user error occurred but failed to be output to the user. Recommended Action Repeat the operation. Consult the release-notes if applicable. Installation Messages INSTMGR Messages EM-368 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-7-FAILED_OUTPUT_USEFUL_INFORMATION Failed to output useful information concerning install operation [dec] (details: [chars]) Explanation Useful information was available but failed to be output to the user. Recommended Action Repeat the operation. Consult the release-notes if applicable. Error Message %INSTALL-INSTMGR-7-FAILED_OUTPUT_WARNING Failed to output a warning concerning install operation [dec] (details: [chars]) Explanation A warning occurred but failed to be output to the user. Recommended Action Repeat the operation. Consult the release-notes if applicable. Error Message %INSTALL-INSTMGR-7-FAILED_PARTNER_NODE_STATE Failed to get state of node [chars] which is partner to [chars] while synchronizing reload Explanation While synchronizing a reload between a node and its partner, the state of the partner node could not be ascertained. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-FAILMSG Failed to [chars], error: [chars] Explanation Interpret the error string. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-7-FILE_OPEN_FAIL Failed to open file ’[chars]’, error: [chars] Explanation Failed to open the specified file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR Messages EM-369 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-7-INVALID_CLIENT_NODEID Install helper on node [chars] is masquerading as node [chars] Explanation Install helper on a particular node passed an incorrect nodeid to install director. The error will be returned to install helper. Recommended Action Collect insthelper traces from the reported nodes using ’show install trace insthelper’. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-7-LTRACE_INIT Could not register tracing, error: [chars] Explanation Failed to register ltrace context structure. Tracing will not be functioning properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-7-NO_LOG_STORED Failed to store log information for install operation: [dec] (details: [chars]) Explanation The install operation normally stores the result of the install operation for the ’show install log install ID detail’ command to use. However, this was not possible for the reason given. Recommended Action Use the syslogs for success/failure of the operation. Error Message %INSTALL-INSTMGR-7-NULL_PTR Unexpected null pointer passed to Install infrastructure Explanation Unexpected parameter value passed to function. Recommended Action Contact support. Installation Messages INSTMGR Messages EM-370 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-7-PATH Path ’[chars]’: [chars], error: [chars] Explanation An install path was found to be in error. The current install operation, or the Install infrastucture, will not be able to continue successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-7-RDS_SYNC_WAIT Install director is still waiting for the initial RDS sync to complete (waited [unsigned int] seconds so far) Explanation The install director is not able to continue its initialization until the initial RDS sync from the admin install director to the local install helper process has completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-7-RELOAD_NODE_INFO The primary install director will now restart this node using ’[chars]’ Explanation The installation required a reload of the pID’s node, and this is now going ahead. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-REQ_MSG_PROCESSING Failed to process a request message while [chars], error: [chars] Explanation An error occurred during processing of a LWM message from a client. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-INSTMGR-7-REQUEST_RETRIEVE Failed to retrieve request from request queue [[chars]]. Explanation The request processor thread failed to obtain a request from the request queue. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages INSTMGR Messages EM-371 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-7-RESUME_INCOMPLETE_INSTALL An incomplete install (request id [dec]) was encountered - attempting to resume the install Explanation An incomplete install was encountered - we will attempt to resume the install. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-SOFTWARE_CHANGE_RELOAD Software change transaction [unsigned int] will reload affected nodes Explanation The requested operation requires that nodes be reloaded for the software change to take affect. The install infrastructure will automatically reload nodes with files that are removed, added or modified by the software change. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-SWITCHOVER_DATA_LOST Critical switchover data is not present. The install operation is proceeding. Explanation After switching over, the data w.r.t the switchover are not available. This could be due to data loss or unplanned switchover. The install manager detects this condition and also finds it may continue. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-TEST_ISSU_RUN_SWITCHOVER_SLEEP Sleeping for [dec] seconds before switchover Explanation Informs the user how many seconds the dLRSC is sleeping before switching over during a ’test ISSU-run’ operation. Recommended Action No action is required. Error Message %INSTALL-INSTMGR-7-TIMEOUT_ALMOST_EXPIRED Warning: The timeout for processing the install message ’[chars]’ almost expired (available time: [unsigned int] secs, spare time: [unsigned int] secs) Explanation The timeout associated with an install message was close to expiring. This is a non-error condition. Recommended Action No action is required. Installation Messages IOR Messages EM-372 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-INSTMGR-7-TIMER Failed to start timer for request id [dec] - This entry will not be automatically removed. Explanation A timer creation failed, which means that the information for the request will not automatically be removed. Recommended Action The client must delete the request in order for it to be removed. Error Message %INSTALL-INSTMGR-7-UNKNOWN_ERROR_TYPE An unknown error type ([dec]) was received for install [chars] message Explanation An incorrect parameter was passed to the error reporting function. The errors for this install operation will not have been reported correctly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IOR Messages Error Message %INSTALL-IOR-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-IOR-7-LTRACE_INIT Could not register tracing, error: [chars] Explanation Failed to register ltrace context structure. Tracing will not be functioning properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-IOR-7-NOMEMORY Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Installation Messages LIBINST_DEBUG Messages EM-373 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-IOR-7-NULL_PTR Unexpected null pointer passed to Install infrastructure Explanation Unexpected parameter value passed to function. Recommended Action Contact support. LIBINST_DEBUG Messages Error Message %INSTALL-LIBINST_DEBUG-3-INIT Cannot initialize debugging, error: [chars] Explanation There is a problem with the system infrastructure - perhaps the communication infrastructure has not yet stabilised. The process which encountered this problem will automatically restart. If other processes exhibiting similar behaviour, this is a system-wide issue. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBINST_DEBUG-3-INTERNAL The Install infrastructure encountered an internal error Explanation The Install infrastructure has reached an unexpected state. Operations will continue, but the logging and debugging capabilities of the Install infrastructure may not function as expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBINST_DEBUG-3-MUTEX Failed to [chars] mutex, error [chars]. Explanation To be filled in later Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-374 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBINST_DEBUG-4-CERR_REGISTER_DLL Could not register dll ’[chars]’ with error services, error: [chars] Explanation The error services failed to register the errors of the specified DLL. The system will continue to operate, but error or warning messages displayed to the customer may not be complete. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBNOTIFY Messages Error Message %INSTALL-LIBNOTIFY-7-ARCH_NOT_SUPPORTED Function is not supported on this architecture. Explanation This function cannot be called on the current platform. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LIBNOTIFY-7-BAD_TOOLS_VERSION Tools version does not match data! Tools equals [unsigned int].[unsigned int], Data equals [unsigned int].[unsigned int]. Explanation The tooling version does not match the installed package. The operation will not be able to proceed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-BLOBBIFIER_ERROR Blobbifier rejected item #[dec]. Explanation An invalid parameter may have been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-375 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-CANNOT_GET_BLOB_SIZE_IN_A2STRUCT Cannot get blob size! Item #[unsigned int]. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-CANNOT_GET_BLOB_SIZE_IN_STRUCT Cannot get blob size! Item #[unsigned int]. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-CANNOT_GET_PROCNAME Cannot get name of calling process (pid equals [dec]) Explanation A process’ name cannot be determined, so the current request or operation will not be able to proceed successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-DEBLOBBIFIER_ERROR Deblobbifier rejected item #[dec]. Explanation An invalid parameter may have been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-376 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-EVENT_CONN_CREATE Cannot create event connection manager, error: [chars] Explanation The library failed to create a connection for registering for install notifications. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-EVENT_CONN_NOTIFY Cannot register for notifications on connection, error: [chars] Explanation The library failed to register for notifications on a connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-EVENT_CONN_OPEN Cannot open connection, error: [chars] Explanation The library failed to open a connection for registering for install notifications. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-FAILED_INIT_LTRACE Failed to initialise trace buffers, error: [chars] Explanation The install notification library was unable to initialise the trace buffer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LIBNOTIFY-7-INTERNAL Internal error Explanation The Install infrastructure has encountered an unexpected state, and will not be able to continue operating successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-377 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-INTERNAL_DATA_INCONSISTENCY Internal data consistency error Explanation The Install infrastructure has encountered an unexpected state, and will not be able to continue operating successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-ITEM_NOT_FOUND Unable to find item. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-LIST_IS_FULL Unable to add element to list. List is full (contains [unsigned int] elements). Explanation The Install infrastructure has encountered an unexpected state, and will be unable to process the current request or operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-LIST_ITEM_NOT_FOUND Unable to find item [hex] in list. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-MEMORY Unable to allocate [unsigned int] bytes of memory Explanation The system is running out of memory and was not able to allocate sufficient memory to carry out the requested operation Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Installation Messages LIBNOTIFY Messages EM-378 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-NOT_A_MANAGEMENT_NODE Operation is allowed only on a Management Node Explanation A function available only on management nodes was called on a non-management node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_BAD_EVENT Event parameter value is bad ([unsigned int]). Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_BAD_TRANSID Transaction ID parameter value is bad ([unsigned int]). Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_DYNAMIC_TYPE_CHECK_FAILURE Dynamic type checking revealed that a pointer parameter referenced an object of wrong type. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-379 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_INCOMPLETE String parameter is incomplete. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_MISSING_BLOBBIFIER Blobbifier for type not provided. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_MISSING_OR_NULL Parameter #[dec] of the parameter list is NULL or missing. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_NULL One or more parameters were unexpectedly NULL! Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-380 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_RANGE A parameter has been passed with a value outside the expected range. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_REFERENCES_NULL A non-NULL parameter unexpectedly referenced a NULL pointer. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-PARAMETER_WRONG_BLOB_TYPE An invalid parameter type ([unsigned int]) was encountered. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-RESOURCE_LOCKED Unable to acquire write lock on resource before timeout occurred Explanation This may be a resource issue, or the Install infrastructure may be behaving incorrectly. The current request or operation cannot be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-381 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-SYSDB_BIND The Install infrastructure was unable to connect to the system database, error: [chars] Explanation The communications infrastructure may not yet be up. If this error persists, the Install infrastructure may not be able to operate Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-SYSDB_COMMIT Cannot complete the transaction of items for an operation, error: [chars] Explanation The current operation could not complete the transaction of items which are needed to activate it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-SYSDB_DELETE Cannot delete data from the system database, error: [chars] Explanation This may not affect the current request or operation, but subsequent operations may be affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-SYSDB_GET Cannot retrieve data from the system database, error: [chars] Explanation The Install infrastructure was unable to obtain some information which it requires to complete the current request or operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-382 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-SYSDB_LIST Cannot retrieve data from the system database, error: [chars] Explanation The Install infrastructure was unable to obtain some information which it requires to complete the current request or operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-SYSDB_NOTIFICATION_UNREGISTER Cannot unregister with system database for notification, error: [chars] Explanation The notification services from the system database failed to shut down. This will not have any adverse effect on the running of the box. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-SYSDB_SET Cannot set item in system database, error: [chars] Explanation The Install infrastructure was unable to write some information which is required to complete the current request or operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-SYSDB_START Cannot begin the transaction of items for an operation, error: [chars] Explanation The current operation could not start the transaction of items which are needed to activate it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages LIBNOTIFY Messages EM-383 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LIBNOTIFY-7-SYSDB_UNBIND Cannot disconnect from the system database, error: [chars] Explanation The connection to the system database failed to shut down. This will not have any adverse effect on the running of the box. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-LIBNOTIFY-7-SYSMGR_TROUBLE SysMgr has failed to respond to a software change within [dec] seconds. Continuing to wait, node may require a reload ... Explanation SysMgr appears to have become unresponsive, potentially requiring operator intervention. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LIBNOTIFY-7-TIMEOUT_RESET_LIMIT Too many timeout resets. Reset request refused. Explanation The maximum number of time extensions to the current install command have already been granted, so the current request for an extension is denied. Recommended Action No action is required.’ Error Message %INSTALL-LIBNOTIFY-7-TYPE_MISMATCH_FOR_KEY Incorrect type found for key. Explanation An invalid parameter has been unexpectedly passed to the Install infrastructure. This is a coding error. The current request or operation will not be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Installation Messages LOADPATH_UPGRADE Messages EM-384 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LOADPATH_UPGRADE Messages Error Message %INSTALL-LOADPATH_UPGRADE-7-CANT_ACTIVATE_ON_NODE_TYPES Package ’[chars]’ only supports nodes of type [chars] and can’t be activated on nodes of type [chars] Explanation Instructions in package conflict with requested operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH_UPGRADE-7-NULL_PTR Unexpected NULL pointer passed to the Install infrastructure by a client Explanation Unexpected parameter value passed to function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH_UPGRADE-7-PACKAGE_SUPPORTS_NO_NODE_TYPES Package ’[chars]’ supports no node types Explanation Instructions in package list no node types for which the package can be activated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LOADPATH Messages Error Message %INSTALL-LOADPATH-3-CERR_REGISTER_DLL Could not register dll ’[chars]’ with error services: [chars] Explanation The error services failed to register the errors of the specified DLL. The system will continue to operate, but error or warning messages displayed to the customer may not be complete. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages LOADPATH Messages EM-385 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LOADPATH-3-LIB_INIT Could not initialize library, error: [chars] Explanation Failed to initialize the library. The system may not function properly. Recommended Action *SUPPORT* Error Message %INSTALL-LOADPATH-3-LTRACE_INIT Could not register tracing, error: [chars] Explanation Failed to register ltrace context structure. Tracing will not be functioning properly. Recommended Action *SUPPORT* Error Message %INSTALL-LOADPATH-7-CORRUPT_ARG Corrupt parameter passed to the Install infrastructure by a client Explanation Value of a parameter passed to function appears to be corrupt. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH-7-CORRUPT_LDPATH Error on line [dec] of ldpath file ’[chars]’: [chars]%s Explanation Either the installation is corrupt, or the Package infrastructure is behaving incorrectly. Processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH-7-EMPTY_LOADPATH_STR Can’t load paths from ’[chars]’: ldpath string is ’’ on line [unsigned int], buf: [chars] Explanation An intermittent error occurred for which the root cause is not yet known. The system will continue working correctly. However, the information from the error message will be very useful for tracking down and fixing the bug. Recommended Action *SUPPORT* Installation Messages LOADPATH Messages EM-386 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LOADPATH-7-FAILED_REMOVE_IGNORE_COMMIT_LDPATH_FILE Failed to remove the ignore commit ldpath file ’[chars]’ ([chars]) Explanation An attempt to remove the ignore commit ldpath file failed. This could be due to a file system error. The result of this failure is that committed install information will not be interpreted correctly. Recommended Action *SUPPORT* Error Message %INSTALL-LOADPATH-7-FILE_CLOSE_FAIL Failed to close file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the loadpath infrastructure is behaving incorrectly. A file involved in the current request or operation could not be closed. This will not affect the current operation, but subsequent operations may be affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH-7-FILE_OPEN_FAIL Failed to open file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the loadpath infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be opened, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH-7-FILE_READ_FAIL Failed to read from file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the loadpath infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be read, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages LOADPATH Messages EM-387 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-LOADPATH-7-FILE_RENAME_FAIL Failed to rename file from ’[chars]’ to ’[chars]’, error: [chars] Explanation Either the file system is in error, or the loadpath infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be moved, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH-7-FILE_SEEK_FAIL Failed to go to specific position in file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the loadpath infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be read, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH-7-NULL_PTR Unexpected NULL pointer passed to the Install infrastructure by a client Explanation An internal error has occurred in an application that has caused it to pass invalid data to the Package infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-LOADPATH-7-PACKAGE_OUTPUT_SORT Failed to sort packages correctly, error: [chars] Explanation The sorting algorithm used for sorting packages that are to be output using a ’show install active’ type command, failed to perform correctly. Although the packages will be output, they may not be in the standard order. Recommended Action *NONE*Installation Messages PKG_PLAT_MEM_CACHE Messages EM-388 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PKG_PLAT_MEM_CACHE Messages Error Message %INSTALL-PKG_PLAT_MEM_CACHE-7-NULL_PTR An invalid (NULL) parameter was passed to the packaging infrastructure Explanation An internal error has occurred in an application causing it to send invalid data to the packaging infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PKG_PLAT Messages Error Message %INSTALL-PKG_PLAT-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG_PLAT Messages EM-389 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG_PLAT-7-IO_FAIL The packaging infrastructure was unable to carry out an I/O operation to a file ([chars]), error: [chars] Explanation Failed to read or write to the specified file, which is required to proceed further. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-IO_FAIL The packaging infrastructure was unable to carry out an I/O operation to a file ([chars]), error: [chars] Explanation Failed to read or write to the specified file, which is required to proceed further. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-MY_NODE_TYPE The packaging infrastructure was unable to determine the type of the current node: [chars] Explanation Either the card type is invalid, or the infrastructure is behaving incorrectly. The current request or operation may not be carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. Error Message %INSTALL-PKG_PLAT-7-MY_NODE_TYPE The packaging infrastructure was unable to determine the type of the current node: [chars] Explanation Either the card type is invalid, or the infrastructure is behaving incorrectly. The current request or operation may not be carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. Error Message %INSTALL-PKG_PLAT-7-MY_NODE_TYPE The packaging infrastructure was unable to determine the type of the current node: [chars] Explanation Either the card type is invalid, or the infrastructure is behaving incorrectly. The current request or operation may not be carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. Installation Messages PKG_PLAT Messages EM-390 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG_PLAT-7-NO_MEM Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-PKG_PLAT-7-NO_MEM Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-PKG_PLAT-7-NO_MEM Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-PKG_PLAT-7-NO_MEM Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %INSTALL-PKG_PLAT-7-NULL_PTR An invalid (NULL) parameter was passed to the packaging infrastructure Explanation An internal error has occurred in an application causing it to send invalid data to the packaging infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG_PLAT Messages EM-391 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG_PLAT-7-NULL_PTR An invalid (NULL) parameter was passed to the packaging infrastructure Explanation An internal error has occurred in an application causing it to send invalid data to the packaging infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-NULL_PTR An invalid (NULL) parameter was passed to the packaging infrastructure Explanation An internal error has occurred in an application causing it to send invalid data to the packaging infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-NULL_PTR An invalid (NULL) parameter was passed to the packaging infrastructure Explanation An internal error has occurred in an application causing it to send invalid data to the packaging infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-OPEN_FAIL The packaging infrastructure was unable to open a file ([chars]), error: [chars]. Explanation Failed to open the specified file, which is required to proceed further. The request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG_PLAT Messages EM-392 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG_PLAT-7-OPEN_FAIL The packaging infrastructure was unable to open a file ([chars]), error: [chars]. Explanation Failed to open the specified file, which is required to proceed further. The request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-OPEN_FAIL The packaging infrastructure was unable to open a file ([chars]), error: [chars]. Explanation Failed to open the specified file, which is required to proceed further. The request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-OPEN_FAIL The packaging infrastructure was unable to open a file ([chars]), error: [chars]. Explanation Failed to open the specified file, which is required to proceed further. The request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE The packaging infrastructure was unable to determine the type of a card ([hex]) Explanation Either the card type is invalid, or the infrastructure is behaving incorrectly. The current request or operation may not be carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. Installation Messages PKG Messages EM-393 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE The packaging infrastructure was unable to determine the type of a card ([hex]) Explanation Either the card type is invalid, or the infrastructure is behaving incorrectly. The current request or operation may not be carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. Error Message %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE The packaging infrastructure was unable to determine the type of a card ([hex]) Explanation Either the card type is invalid, or the infrastructure is behaving incorrectly. The current request or operation may not be carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. Error Message %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE The packaging infrastructure was unable to determine the type of a card ([hex]) Explanation Either the card type is invalid, or the infrastructure is behaving incorrectly. The current request or operation may not be carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. PKG Messages Error Message %INSTALL-PKG-3-CORRUPT_INSTALL_FILE Install file ’[chars]’ is corrupted Explanation An install file is corrupt. This may affect the system in a number of ways including preventing nodes from booting and preventing install operations. Recommended Action First attempt to repair the file using ’install verify repair’, this is this least impactful operation. If that is unable to repair the file then if possible ’install remove’ the package associated with the file and then ’install add’ the pie containing the package. If the file is still corrupt then use a pre-prepared backup disk if available to revert to a previously known good set of software, or failover to standby nodes to start using their set of software files. Installation Messages PKG Messages EM-394 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-BAD_DEVICE_INDEX_ENTRY Package index file for ’[chars]’ lists non-existent package ’[chars]’. Going ahead to clean up package index file. Explanation ’The package index file was found to be incorrect. Instdir will attempt to’ ’ repair it.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-BAD_DIR_PREFIX Dir prefix ’[chars]’ contains unknown card type ’[chars]’ Explanation The Package infrastructure could not determine which cards a particular file belongs to. Either the PIE file is corrupt, or the Package infrastructure is behaving incorrectly. The current request or operation will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-BAD_INSTDB_FORMAT INSTDB file ’[chars]’ is in unsupported format [dec].[dec]. Explanation INSTDB file is in an obsolete format or is unknown. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-BAD_PIE_FORMAT PIE file ’[chars]’ is in unsupported format [dec].[dec]. Explanation The PIE file is in an obsolete format or is unknown. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-395 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-BAD_SORT_TYPE Unsupported sort type ([dec]) encountered Explanation An internal datastructure could not be sorted, so the resultant list will be unsorted. This will only have a cosmetic effect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_ADD_FILE_INTO_TABLE Can’t add file ’[chars]’ to table, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not creat a required new file node with given view and actual paths and insert it into the table, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_CD Can’t change cwd to ’[chars]’, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not change to a required directory, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_GET_FILES Can’t get files, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not get a required the list of files that this package contains, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-396 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-CANT_GET_INSTALL_PATH Can’t get actual install path [dec], error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not get a required installation path for file on nodes of given type, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_GET_NODE_TABLE Can’t get node table, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not create a required new node table, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_GET_RELATIVE_PATH Can’t get relative path [dec], error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not get a required view path for file. This is the view that pkgfs uses, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_GET_SIGNATURE Can’t get signature [dec], error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not get a required string representation of signature of this file, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-397 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-CANT_MKDIR Can’t make directory ’[chars]’, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not create a required directory, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_READ Unable to read PIE file ’[chars]’: [chars] Explanation PIE file appears to be damaged. Package read failed due to network connectivity issue. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_RMDIR Can’t remove directory ’[chars]’, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not remove a required directory, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CANT_SORT_NODE_TABLE Can’t sort node table, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not sort required all nodes, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-398 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-CANT_UNCOMPRESS Unable to uncompress [chars] from file ’[chars]’ Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be uncompressed, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CERR_REGISTER_DLL Could not register DLL ’[chars]’ with error services, error: [chars] Explanation The call to register the error messages of the Package infrastructure failed. Any errors returned from the Package infrastructure will not be decoded into user-friendly strings. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CLOSE_FILE Can’t close file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file involved in the current request or operation could not be closed. This will not affect the current operation, but subsequent operations may be affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-COPY_FILE Cannot copy file ’[chars]’ to ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file involved in the current request or operation could not be copied. This may impact install infrastructure functioning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-399 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-CORRUPT_ARG Corrupt parameter passed to Package infrastructure Explanation Value of a parameter passed to function appears to be corrupt. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CORRUPT_PIE PIE file ’[chars]’ is corrupt: [chars] Explanation PIE file appears to be damaged. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-CREATE_SYMLINK Cannot create symlink from ’[chars]’ to ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A symlink file involved in the current request or operation could not be created. This may impact install infrastructure functioning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-DELETE_FILE Can’t delete file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file involved in the current request or operation could not be deleted. This will not affect the current operation, but subsequent operations may be affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-400 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-FAILED_REPAIR_INDEX_FILE Package index file for ’[chars]’ lists non-existent package ’[chars]’. Instdir failed to repair the package index file. Error - [chars] Explanation ’An unexpected error occured in cleaning the package index file.’ Recommended Action Format device and re-install packages. Error Message %INSTALL-PKG-7-FILE_NOT_IN_LOADPATH Unable to locate [chars] file in loadpath ’[chars]’ Explanation Either the installation is corrupt, or the Package infrastructure is behaving incorrectly. An expected file was not found in the package directories, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-GET_APINAME_REPORT Failed while getting api_name report: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not get a required API name information, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-GET_FILE_INFO Failed while getting file information: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not get a required file information, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-401 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-GET_PROVIDERS_REPORT Failed while getting Providers report, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The Package infrastructure could not get a required providers report, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-INSTDB_BUILD_ERROR Creation of INSTDB files for piefile ’[chars]’ encountered problems Explanation INSTDB files may be in an inconsistent state due to error encountered while creating them. This issue may affect sanity of install infrastructure data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-INVALID_ARG Invalid parameter passed to Package infrastructure. Problem: [chars] Explanation An internal error has occurred in an application that has caused it to pass invalid data to the Package infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-402 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-LTRACE_INIT Could not register tracing, error: [chars] Explanation Failed to register ltrace context structure. Tracing will not be functioning properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-MBI_CONFIG_INCORRECTLY_CHANGED An MBI config file has been incorrectly changed ’[chars]’ Explanation Configuration definitions have changed for an MBI file and this has only done by changing the MBI config namespace file, not by moving the MBI config namespace file out of the MBI as is required by the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-MD5_GET_PACKAGE_SIGNATURE Failed to obtain package MD5 [chars] :[chars] Explanation Failed to retrieve the package MD5 from the specified package’s md5_manifest file, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-MD5_TO_STRING Failed to convert package MD5 [chars] :[chars] Explanation Failed to convert package MD5, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-403 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-MD5_VERIFY_FILES Failed to perform file validity check device equals [chars],package root equals [chars] :[chars] Explanation Failed to perform file validity check on each file to see if they are valid or not, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-MEMORY_FAILURE_MINOR A memory allocation failed in a non-critical path ([chars]). The operation will continue. Explanation ’A non-critical memory allocation failed. The operation can and will ’ ’proceed. There may be cosmetic errors such as incorrent error messages.’ Recommended Action No action is required. Error Message %INSTALL-PKG-7-MISSING_PIE_ATTRIBUTE PIE file ’[chars]’ is corrupt: Missing ’[chars]’ from info section ’[chars]’ Explanation PIE file appears to be damaged. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-NO_CWD Can’t get cwd, error: [chars] Explanation Either the file system is in error, or the infrastructure is behaving incorrectly. The current working directory could not be determined, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-404 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-NON_RELOAD_MDR_ISSU PIE file ’[chars]’ specifies ’ISSU’ install method but ’[chars]’ restart type Explanation The restart information in the PIE file is invalid. PIEs that use the ’ISSU’ install method must use a restart type of ’reload’ or ’MDR’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-NON_RELOAD_PARALLEL_LR PIE file ’[chars]’ specifies ’parallel-lr’ install method but ’[chars]’ restart type Explanation The restart information in the PIE file is invalid. PIEs that use the ’parallel-lr’ install method must use a restart type of ’reload’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-NOT_DIR ’[chars]’ is not a directory: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A directory was expected, but a non-directory was passed, so processing of the current operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-NOT_PIE_FILE File ’[chars]’ is not in PIE format. Explanation A PIE file is of the correct format, either because the wrong file has been specified, or the file is corrupt. The current request or operation will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-405 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-NOT_SINGLE_PIE_ATTRIBUTE PIE file ’[chars]’ is corrupt: Attribute ’[chars]’ from info section ’[chars]’ is not a singleton value. Count equals [unsigned long int] Explanation PIE file appears to be damaged. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-NULL_PTR Unexpected null pointer passed to Package infrastructure Explanation An internal error has occurred in an application that has caused it to pass invalid data to the Package infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-OPEN_FILE The Package infrastructure was unable to open file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be opened, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-PIE_LIST_MISMATCH PIE file ’[chars]’ is corrupt: Mismatch between sizes of lists for [chars] ([unsigned long int]) and [chars] ([unsigned long int]) in info section ’[chars]’. Explanation PIE file appears to be damaged. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-406 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-PREDICT_AVL_TREE Predict tool failed an AVL tree operation Explanation An unexpected error occured in the internal datastructures of the Package infrastructure. The current operation or request cannot be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-READ_FILE The Package infrastructure was unable to read from file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be read, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-RENAME_FILE Cannot rename file ’[chars]’ to ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file involved in the current request or operation could not be renamed. This may impact install infrastructure functioning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-RETIRED_PIE_FORMAT PIE file ’[chars]’ is in unsupported format [dec].[dec]. This format was retired [chars]. Explanation PIE file is in an obsolete format. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages PKG Messages EM-407 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-PKG-7-UNKNOWN_NODE_TYPE The Package infrastructure is unable to determine the type of a card Explanation Either the card type may be invalid or the infrastructure is behaving incorrectly. The current request or operation has not been carried out. Recommended Action Upgrade to latest OS release. Check for unsupported hardware. Error Message %INSTALL-PKG-7-UNLINK_FILE Cannot remove/unlink file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file involved in the current request or operation could not be unlinked. This may impact install infrastructure functioning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-WRITE_FILE The Package infrastructure was unable to write to file ’[chars]’, error: [chars] Explanation Either the file system is in error, or the Package infrastructure is behaving incorrectly. A file required for carrying out the current request or operation could not be read, so processing of the operation will halt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-PKG-7-WRONG_PIE_LOADER Only [dec].X PIE files are supported. Attempted to load PIE file ’[chars]’ in unsupported format [dec].[dec]. Explanation The PIE file was passed to the wrong loader function. The current request or operation will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Installation Messages SDS_LIB Messages EM-408 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SDS_LIB Messages Error Message %INSTALL-SDS_LIB-3-INIT Initialization failed [[chars]], error: [chars] Explanation An error occurred during initialization of the library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-SDS_LIB-7-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-SDS_LIB-7-MEMORY Failed to allocate [dec] bytes of memory Explanation There is not enough memory to continue with current operations. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. SDS Messages Error Message %INSTALL-SDS-3-INIT Initialization failed [[chars]], error: [chars] Explanation An error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages SM Messages EM-409 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-SDS-7-LWM A problem occurred while handling a message: [chars] Explanation An unexpected occurrence happened within the LWM handling code. The code is able to carry on as normal. Recommended Action No action is required. SM Messages Error Message %INSTALL-SM-3-CALLBACK Error returned when [chars]: [chars] Explanation This self-managing component reached an unexpected state, and was unable to proceed with the requested operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-SM-3-CANNOT_DO_DLL Error [chars] dll ’[chars]’. Explanation To be filled in later Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-SM-3-COMMUNICATION Communication error ([chars]). Explanation The communications infrastructure may not yet be initialised. If this problem persists, seek guidance. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Installation Messages TURBOBOOT Messages EM-410 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-SM-3-INTERNAL Internal error: [chars] Explanation This self-managing component reached an unexpected state, and was unable to proceed with the requested operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-SM-3-UNABLE_TO_PROCEED Unable to proceed ([chars]). Explanation This self-managing component encountered an expected error when attempting to carry out an action required for the currently requested operation, so has had to halt processing of the operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %INSTALL-SM-4-NONFATAL_ERROR [chars]. Explanation A non-fatal error has been encountered. The system will continue to operate, but this error should be brought to the attention of TAC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ TURBOBOOT Messages Error Message %INSTALL-TURBOBOOT-3-DISK_TOO_SMALL The install infrastructure detected that [chars] is too small to install IOS-XR software. Please replace the [dec] byte device with a larger capacity disk. Explanation Disk is too small for easybake to continue on. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages TURBOBOOT Messages EM-411 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-TURBOBOOT-3-INVALID_DEVICE The requested install device [chars] is either corrupt or missing. Turboboot cannot be performed. The turboboot settings will be cleared, and the node will reset. Please repair or insert the device and retry the boot sequence. Explanation The TURBOBOOT setting in ROMMON was enabled, but the requested device is unavailable. The EASYBAKE/TURBOBOOT variables are cleared. The node will be reset. Please repair the device and retry the boot sequence. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-TURBOBOOT-4-ROMMON_VARIABLE_NOT_SET TURBOBOOT rommon variable not set; system is membooting. Set TURBOBOOT rommon variable to ’on’ to diskboot the system. Explanation The TURBOBOOT rommon variable was not set to ’on’. The system has membooted. Set the TURBOBOOT variable to ’on’ to prepare the system for diskboot. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-TURBOBOOT-7-CANNOT_RESET_BOOTENV Boot environment variables cannot be reset. Explanation Boot environment variables cannot be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-TURBOBOOT-7-DISK_INACCESSIBLE The install infrastructure could not access device [chars]. The device may be missing or it may be corrupt. Explanation Install device could not be accessed and may be corrupt or missing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages VERSMGR_LIB Messages EM-412 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-TURBOBOOT-7-DUAL_DEVICE_INIT_SPEC Both device CLEAN and FORMAT option set in the turboboot setting [chars]. This setting is ignored and no device init is performed. Explanation The TURBOBOOT setting in ROMMON had both the device CLEAN and FORMAT options enabled. This setting is ignored and no device initialization would be performed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-TURBOBOOT-7-DUAL_DEVICE_SPEC More than one disk option has been set in turboboot options. Explanation The TURBOBOOT setting in ROMMON had more than one disk option set. This will cause turboboot to abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VERSMGR_LIB Messages Error Message %INSTALL-VERSMGR_LIB-7-FILESYSTEM [chars] ’[chars]’, error [chars] Explanation A Version Manager library was unable to carry out a filesystem operation. Installations may not produce the expected results. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-VERSMGR_LIB-7-MEMORY A Version Manager library was unable to allocate [unsigned int] bytes of memory. Explanation The system is running out of memory and was not able to allocate sufficient memory to carry out an install-related operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages VERSMGR_LIB Messages EM-413 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-VERSMGR_LIB-7-PARAMETER An invalid parameter was passed to a Version Manager library. Explanation A client of a Version Manager library passed it an invalid argument, and so the library may not be able to carry out its operations. Installations may not produce all the expected results. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-VERSMGR_LIB-7-SYSDB_BIND A Version Manager library was unable to bind to SysDB, error [chars]. Explanation A Version Manager library was unable to bind to SysDB (perhaps because the communications infrastucture is not yet up), so will not be able to function. Installations will be unlikely to produce the expected results. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-VERSMGR_LIB-7-SYSDB_GET A Version Manager library was unable to retrieve an item from SysDB, error [chars]. Explanation A Version Manager library was unable to retrieve some data from SysDB, so may not be able to function. Installations may not produce the expected results. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-VERSMGR_LIB-7-SYSDB_REGISTER A Version Manager library was unable to register with SysDB, error [chars]. Explanation A Version Manager library was unable to register with SysDB, so will not be able to function. Installations will be unlikely to produce the expected results. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages VS_CLIENT Messages EM-414 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-VERSMGR_LIB-7-SYSDB_SET A Version Manager library was unable to set an item in SysDB, error [chars]. Explanation A Version Manager library was unable to set an item in SysDB, so the system may now be in an inconsistent state. Installations will be unlikely to produce the expected results. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-VERSMGR_LIB-7-SYSDB_UNBIND A Version Manager library was unable to unbind from SysDB, error [chars]. Explanation A Version Manager library was unable to unbind from SysDB. Despite this, subsequent operation is unlikely to be affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VS_CLIENT Messages Error Message %INSTALL-VS_CLIENT-3-CACHE_LOOKUP VS Object cached lookup: Name: [chars], Object id: [hex], Version: [hex] Explanation Test code only - will never be seen by customers. Recommended Action -- Error Message %INSTALL-VS_CLIENT-3-CACHE_LOOKUP_NOT_PRESENT VS Object not present in cache: Name: [chars], Object id: [hex] Explanation Test code only - will never be seen by customers. Recommended Action -- Error Message %INSTALL-VS_CLIENT-3-FAILURE [chars]: [chars] Explanation Test code only - will never be seen by customers. Recommended Action -- Installation Messages VS_CLIENT Messages EM-415 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-VS_CLIENT-3-NOMEM Failed to allocate [unsigned int] bytes Explanation Test code only - will never be seen by customers. Recommended Action -- Error Message %INSTALL-VS_CLIENT-3-NOTIFICATION VS Notification received: Name: [chars], Object id: [hex], Version: [hex], Options: [hex] Explanation Test code only - will never be seen by customers. Recommended Action -- Error Message %INSTALL-VS_CLIENT-3-NOTIFICATION Failed to handle selected version notification: [chars] ([chars]) Explanation There was a problem with a notification of a change to the selected version for a communication protocol. Recommended Action Restart the affected process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-VS_CLIENT-3-NOTIFICATION_NOT_PRESENT VS Object deleted notification received: Name: [chars], Object id: [hex], Options: [hex] Explanation Test code only - will never be seen by customers. Recommended Action -- Error Message %INSTALL-VS_CLIENT-4-RESPONSE Failed to respond to selected version notification: [chars] Explanation There was a problem responding to a notification of a change to the selected version for a communication protocol. The selected version publisher will assume that the affected process handled the notification successfully. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Installation Messages VS_PUBLISHER Messages EM-416 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %INSTALL-VS_CLIENT-7-INIT_SUCCESSFUL VS Client successfully set up Explanation Test code only - will never be seen by customers. Recommended Action -- VS_PUBLISHER Messages Error Message %INSTALL-VS_PUBLISHER-3-HANDLER Failed to handle a client request or response: [chars] ([chars]) Explanation There was a problem with a request to get the selected version for a communication protocol, or with a response to a notification of a change to a selected version. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %INSTALL-VS_PUBLISHER-3-TIMEOUT Timeout processing version change for [unsigned int] communication[chars] (first affected communication: [hex]) Explanation There was a problem processing the notification of a change to the selected version for one or more communication protocols. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.EM-417 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Internet Protocol (IP) Messages This section contains all Internet Protocol related System Error Messages. ARP_GMP Messages Error Message %IP-ARP_GMP-4-WARN_EVENT Unrecoverable error in event loop. Error: [chars] Explanation An error occured while the ARP GMP was waiting for events. In this situation the process will terminates and restarts. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP_GMP-4-WARN_INIT Failure during intialization of [chars]. Error: [chars] Explanation The ARP GMP process failed to initialize correctly. In this situation it restarts, but it may not recover if there is a persistant error in the IOSXR system and the ARP GMP is later unable to reestablish its connections and initialize successfully. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages ARP Messages EM-418 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ARP Messages Error Message %IP-ARP-3-ERR_CACHE [chars] [chars] [chars] ([chars],[chars]) Explanation ARP has overwritten an interface entry with a static or alias entry. This indicates a conflict with the IP address configuration on the interface. Recommended Action Reconfigure the static ARP entry or the conflicting interface IP address. If this does not help then do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP-3-ERR_MEDIA [chars] [chars] Explanation ARP failed to load and initialize a dynamic library that it requires. Recommended Action Restart the ARP process. If this does not resolve the problem then do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP-3-ERR_NO_MEM Out of memory (failed attempt to reserve [unsigned int] bytes) Explanation ARP was not able to allocate the memory that it needed to complete the operation. ARP functionality on the affected node may be reduced until the problem is resolved. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-ARP-4-WARN_CLIENT_OVERWRITE Local Interface entry overwritten by client [chars] ([chars],[chars]) Explanation ARP has overwritten an interface entry with a client entry. This can sometimes indicate a conflict with the client configuration on the interface. Recommended Action Ensure that the configuration is correct for the client in question. The client has configured the same IP address as one of the interface IP addresses. Internet Protocol (IP) Messages ARP Messages EM-419 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-ARP-4-WARN_CLIENT_RESYNC Failed to resync with clients: [chars] retrying in [dec] seconds Explanation An error occurred while resyncing data with ARP clients. In this situation ARP will schedule a retry. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP-4-WARN_CONN Failed to connect to [chars]. Unable to retry: [chars] Explanation The connection from ARP to the specified service has failed and cannot be recovered. In this situation ARP restarts and this should resolve the problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP-4-WARN_INIT Failed to initialize [chars]: [chars] Explanation The ARP process failed to initialize correctly. In this situation ARP restarts, but ARP may not recover if there is a persistant error in the IOSXR system and ARP is later unable to reestablish its connections and initialize successfully. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP-4-WARN_REGISTER Failed to register [chars]: [chars] Explanation Registration for an IOSXR service failed during ARP’s operation. This may indicate a connection failure with the IOSXR service as indicated in the error message. In this situation, ARP restarts, and this should resolve the problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages ARP Messages EM-420 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-ARP-4-WARN_THREAD Failed to create process thread for [chars]: [chars] Explanation ARP has failed to create a thread for the specified process. In this situation ARP restarts and this should resolve the problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP-4-WARN_WAIT Error occurred while waiting for [chars]: [chars] Explanation An error occurred while waiting for the specified event. In this situation the process will terminate and ARP restarts. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-ARP-6-INFO_DUPADDR Duplicate IP address [chars] on CH[hex], sourced by [chars] Explanation A peer device is configured with the same interface IP address. Recommended Action Change the interface IP address of one of the two devices. Error Message %IP-ARP-6-INFO_DUPMAC Duplicate MAC address [chars] Explanation ARP request received with the same destination MAC address as incoming interface MAC address. Recommended Action Change the interface MAC address of one of the two devices. Error Message %IP-ARP-6-INFO_IF_MISMATCH Selected outgoing interface for [chars] differs from incoming interface Explanation An ARP packet was received from an unexpected interface. This can happen due to misconfiguration of the IP addresses on the participating devices or due to incorrect bridging configuration. Recommended Action No action is required. Internet Protocol (IP) Messages CE_TFTP Messages EM-421 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-ARP-6-INFO_MAC Failed to add multicast MAC address [chars] Explanation The specified MAC address is invalid as it is a multicast address - the most significant bit is set. Configuration has therefore been rejected. Recommended Action Configure the MAC address so that the most significant bit is not set. CE_TFTP Messages Error Message %IP-CE_TFTP-3-DATA_SEND_ERR Error while sending data over Control Ethernet Explanation Unable to send data over the control ethernet. Recommended Action If message appears only once, then no action is required. Packets will be retransmitted and system should recover automatically. If message appears continuously, then it could indicate a problem with the control-ethernet. Please restart eth_server process. Error Message %IP-CE_TFTP-3-DATA_SEND_ERR Error while sending data over Control Ethernet Explanation Unable to send data over the control ethernet. Recommended Action If message appears only once, then no action is required. Packets will be retransmitted and system should recover automatically. If message appears continuously, then it could indicate a problem with the control-ethernet. Please restart eth_server process. Error Message %IP-CE_TFTP-3-DATA_SEND_ERR Error while sending data over Control Ethernet Explanation Unable to send data over the control ethernet. Recommended Action If message appears only once, then no action is required. Packets will be retransmitted and system should recover automatically. If message appears continuously, then it could indicate a problem with the control-ethernet. Please restart eth_server process. Error Message %IP-CE_TFTP-3-FILE_ACCESS_ERR The file [chars] could not be accessed because [chars] Explanation The given file could not be accessed due to reasons specified. Recommended Action Check if the file being requested exists, and has the correct read-write permissions. Internet Protocol (IP) Messages CE_TFTP Messages EM-422 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-CE_TFTP-3-FILE_ACCESS_ERR The file [chars] could not be accessed because [chars] Explanation The given file could not be accessed due to reasons specified. Recommended Action Check if the file being requested exists, and has the correct read-write permissions. Error Message %IP-CE_TFTP-3-FILE_ACCESS_ERR The file [chars] could not be accessed because [chars] Explanation The given file could not be accessed due to reasons specified. Recommended Action Check if the file being requested exists, and has the correct read-write permissions. Error Message %IP-CE_TFTP-3-FILE_NOT_FOUND_ERR File [chars] not found Explanation The given file was not found at the specified path Recommended Action Check the path of file specified for download Error Message %IP-CE_TFTP-3-FILE_NOT_FOUND_ERR File [chars] not found Explanation The given file was not found at the specified path Recommended Action Check the path of file specified for download Error Message %IP-CE_TFTP-3-FILE_NOT_FOUND_ERR File [chars] not found Explanation The given file was not found at the specified path Recommended Action Check the path of file specified for download Error Message %IP-CE_TFTP-3-INVALID_FILENAME_ERR The filename is invalid because [chars] Explanation The given filename was invalid due to reasons specified. Recommended Action Check the filename given for download. Internet Protocol (IP) Messages CE_TFTP Messages EM-423 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-CE_TFTP-3-INVALID_FILENAME_ERR The filename is invalid because [chars] Explanation The given filename was invalid due to reasons specified. Recommended Action Check the filename given for download. Error Message %IP-CE_TFTP-3-INVALID_FILENAME_ERR The filename is invalid because [chars] Explanation The given filename was invalid due to reasons specified. Recommended Action Check the filename given for download. Error Message %IP-CE_TFTP-6-INVALID_PKT [[chars]]: [chars], dropping packet Explanation Received an invalid packet. Recommended Action None. Error Message %IP-CE_TFTP-6-INVALID_PKT [[chars]]: [chars], dropping packet Explanation Received an invalid packet. Recommended Action None. Error Message %IP-CE_TFTP-6-INVALID_PKT [[chars]]: [chars], dropping packet Explanation Received an invalid packet. Recommended Action None. Error Message %IP-CE_TFTP-6-INVALID_PROTOCOL_FIELD [[chars]]: [chars] equals [hex], dropping packet Explanation Received a packet with an invalid protocol field. No action required, this packet will be ignored (dropped). Recommended Action None. Internet Protocol (IP) Messages CE_TFTP Messages EM-424 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-CE_TFTP-6-INVALID_PROTOCOL_FIELD [[chars]]: [chars] equals [hex] from [chars], dropping packet Explanation Received a packet with an invalid protocol field. No action required, this packet will be ignored (dropped). Recommended Action None. Error Message %IP-CE_TFTP-6-INVALID_PROTOCOL_FIELD [[chars]]: [chars] equals [hex], dropping packet Explanation Received a packet with an invalid protocol field. No action required, this packet will be ignored (dropped). Recommended Action None. Error Message %IP-CE_TFTP-6-KERNEL_DUMP_MSG [chars] filename: [chars] Explanation A kernel dump started/finished from a remote node via TFTP. Recommended Action None. Error Message %IP-CE_TFTP-7-ERR [chars] Explanation The CE-TFTP server process exitted due to some reason Recommended Action None. Error Message %IP-CE_TFTP-7-ERR [chars] Explanation The CE-TFTP server process exitted due to some reason Recommended Action None. Internet Protocol (IP) Messages CE_TFTP Messages EM-425 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-CE_TFTP-7-ERR [chars] Explanation The CE-TFTP server process exitted due to some reason Recommended Action None. Error Message %IP-CE_TFTP-7-ERR_MEM_ALLOC Unable to allocate memory Explanation Failure in CE-TFTP server - memory allocation failure occured Recommended Action No action is required. Error Message %IP-CE_TFTP-7-ERR_MEM_ALLOC Unable to allocate memory Explanation Failure in CE-TFTP server - memory allocation failure occured Recommended Action No action is required. Error Message %IP-CE_TFTP-7-ERR_MEM_ALLOC Unable to allocate memory Explanation Failure in CE-TFTP server - memory allocation failure occured Recommended Action No action is required. Error Message %IP-CE_TFTP-7-ERR_SYSDB_BIND Failed to bind to sysdb namespace at [chars] Explanation The CE-TFTP server process was unable to initialize the config space Recommended Action No action is required. Error Message %IP-CE_TFTP-7-ERR_SYSDB_BIND Failed to bind to sysdb namespace at [chars] Explanation The CE-TFTP server process was unable to initialize the config space Recommended Action No action is required. Internet Protocol (IP) Messages DAPS Messages EM-426 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-CE_TFTP-7-ERR_SYSDB_BIND Failed to bind to sysdb namespace at [chars] Explanation The CE-TFTP server process was unable to initialize the config space Recommended Action No action is required. Error Message %IP-CE_TFTP-7-ERR_SYSDB_REG_VERIFY Failed to register verifier on path [chars] Explanation The CE-TFTP server process was unable to register for verification of tuples under the config space Recommended Action No action is required. Error Message %IP-CE_TFTP-7-ERR_SYSDB_REG_VERIFY Failed to register verifier on path [chars] Explanation The CE-TFTP server process was unable to register for verification of tuples under the config space Recommended Action No action is required. Error Message %IP-CE_TFTP-7-ERR_SYSDB_REG_VERIFY Failed to register verifier on path [chars] Explanation The CE-TFTP server process was unable to register for verification of tuples under the config space Recommended Action No action is required. DAPS Messages Error Message %IP-DAPS-3-INIT Initialization failed: [chars] Explanation An error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages DAPS Messages EM-427 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-DAPS-3-SYSDBINIT Error initializing the system database: [chars] Explanation An error occurred when initializing the system database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DAPS-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DAPS-5-POOL_UTIL_HIGH Utilization exceeded high threshold for pool [chars] Explanation Utilization exceeded high threshold for specified pool. Recommended Action Add more address ranges for the specified pool. Error Message %IP-DAPS-5-POOL_UTIL_LOW Utilization dropped below low threshold for pool [chars] Explanation Utilization dropped below low threshold for specified pool. Recommended Action No action is required. Error Message %IP-DAPS-5-UTIL_HIGH Utilization exceeded high threshold across all pools Explanation Utilization exceeded high threshold across all pools. Recommended Action Add more pool ranges for allocation. Error Message %IP-DAPS-5-UTIL_LOW Utilization dropped below low threshold across all pools Explanation Utilization dropped below low threshold across all pools. Recommended Action No action is required.Internet Protocol (IP) Messages DHCPD Messages EM-428 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DHCPD Messages Error Message %IP-DHCPD-3-INIT Initialization failed: [chars] Explanation An error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPD-3-NOPACKET Cannot setup or duplicate a DHCPD server socket packet Explanation Most likely a resource problem within the system. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-DHCPD-3-SYSDBINIT Error initializing the system database: [chars] Explanation An error occurred when initializing the system database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPD-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This may have resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages DHCPV6 Messages EM-429 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DHCPV6 Messages Error Message %IP-DHCPV6-3-DBNOTLOADED Binding database not loaded Explanation Fail to load the DHCPv6 binding database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPV6-3-DBOPEN Opening [chars]: [chars] Explanation Fail to open a DHCPv6 binding database file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPV6-3-DBREAD Reading file: [chars] Explanation Fail to read a DHCPv6 binding database file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPV6-3-DBWRITE Writing file: [chars] Explanation Fail to write a DHCPv6 binding database file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPV6-3-INIT Initialization failed: [chars] Explanation An error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages DHCPV6 Messages EM-430 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-DHCPV6-3-MCASTJOIN Failed to join [chars] on [chars] ([chars]) Explanation Failed to join a multicast group on the interface. Recommended Action Restart the dhcpv6d process Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-DHCPV6-3-MUTEXLOCK Error mutex lock: [chars] Explanation A mutex lock/unlock problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPV6-3-NOPACKET Cannot setup or duplicate a DHCPv6 server socket packet Explanation Most likely a resource problem within the system. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-DHCPV6-3-SYSDBINIT Error initializing the system database: [chars] Explanation An error occurred when initializing the system database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DHCPV6-5-RELAYOUTIF Specify an outgoing interface for the relay destination or use the mhost command Explanation Need to specify an outgoing interface if the relay destination address is multicast. Use the interface option in the relay command or the mhost command. Recommended Action No action is required.Internet Protocol (IP) Messages DOMAIN_SERVICES Messages EM-431 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DOMAIN_SERVICES Messages Error Message %IP-DOMAIN_SERVICES-3-ATTACH_HANDLER Failed to attach an [chars] handler: [chars] Explanation The domain_services process failed to attach an event handler to receive event messages sent to it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-BIND_SYSDB Failed to connect to SysDB: [chars] Explanation The domain_services process failed to bind to SysDB server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-CREATE_CHANNEL Failed to create a channel for [chars] Explanation The domain_services process failed to create a channel so that other processes can send event messages to it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-CREATE_CHUNK Failed to allocate chunk memory for [chars] Explanation The domain_services process failed to create chunk memory for its domain name, domain address and domain alias data structures. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages DOMAIN_SERVICES Messages EM-432 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-DOMAIN_SERVICES-3-CREATE_EVENT_CONN Failed to create a event connection structure: [chars] Explanation The domain_services process failed to create and initialize an event connection structure. If the connection ever goes away, event connection manager will automatically tries to re-connect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-CREATE_TIMER [chars]: [chars] Explanation The domain_services process failed to create and initialize its various managed timers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-EDM_SERVER [chars]: [chars] Explanation Error in the domain edm server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-END_PROC Unexpected process termination: [chars] Explanation The domain_services process was terminated unexpectedly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-GET_COID Failed to get SysDB connection id: [chars] Explanation The domain_services process failed to obtain the connection id for an SysDB event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages DOMAIN_SERVICES Messages EM-433 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-DOMAIN_SERVICES-3-OPEN_EVENT_CONN Failed to open a event connection to [chars]: [chars] Explanation The domain_services process failed to open a event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-REGISTER_DEBUG Failed to register for debugging events: [chars] Explanation The domain_services process failed to register for notification of changes to the domain_services debug flag(s). Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-REGISTER_EVM Failed to register handlers for SysDB events: [chars] Explanation The domain_services process failed to register its verification and apply handlers for SysDB events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-3-REGISTER_RPC Failed to register for RPC service Explanation The domain_services process failed to register its RPC server with the RPC portmapper. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages HFR_IPv4 Messages EM-434 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-DOMAIN_SERVICES-3-SYSMGR_PROC_READY Domain services failed to notify the completion of init: [chars] Explanation domain services failed to notify the compltetion of initialization Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-DOMAIN_SERVICES-7-REGISTER_CERRNO Failed to register process’s specific error codes: [chars] Explanation The domain_services process failed to register its specific cerrno codes and messages. Recommended Action Debug message only. No action is required. HFR_IPv4 Messages Error Message %IP-HFR_IPv4-2-BGP_PA_CONFIG_IFH BGP PA configuration for ifh [hex], if:CH[hex] failed due to [chars] Explanation FIB is not committing BGP PA configurations due to internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-HFR_IPv4-2-BGP_PA_CONFIG_IFH BGP PA configuration for ifh [hex], if:CH[hex] failed due to [chars] Explanation FIB is not committing BGP PA configurations due to internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages HFR_IPv4 Messages EM-435 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-HFR_IPv4-2-MSTATS_ALLOC_ERR Failed to alloc stats counter err [dec]: table [dec] Explanation Unable to allocated needed stats counters, accounting features may not be working properly. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-2-MSTATS_ALLOC_ERR Failed to alloc stats counter err [dec]: table [dec] Explanation Unable to allocated needed stats counters, accounting features may not be working properly. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-2-SYSTEM_FAIL [chars] [chars] (errno equals [dec]) Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-2-SYSTEM_FAIL [chars] [chars] (errno equals [dec]) Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-2-TRANS_ERR Failed to register transition handler Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Internet Protocol (IP) Messages HFR_IPv4 Messages EM-436 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-HFR_IPv4-2-TRANS_ERR Failed to register transition handler Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-4-LTRACE Failed to initialize tracing - [chars]: [chars] (errno [hex]) Explanation There was a system call failure during initialization of the ltrace logging system. Ltrace logs may not be available. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-4-LTRACE Failed to initialize tracing - [chars]: [chars] (errno [hex]) Explanation There was a system call failure during initialization of the ltrace logging system. Ltrace logs may not be available. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-4-TRANS_WARNING Failed to respond to transition request: [chars] (errno [hex]) Explanation There was a critical system call failure. System may not have handled certain transitions properly. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-4-TRANS_WARNING Failed to respond to transition request: [chars] (errno [hex]) Explanation There was a critical system call failure. System may not have handled certain transitions properly. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Internet Protocol (IP) Messages IEP Messages EM-437 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-HFR_IPv4-6-INFO [chars] [chars] (errno [hex]) Explanation There was an internal failure that may impact non-essential system function Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-HFR_IPv4-6-INFO [chars] [chars] (errno [hex]) Explanation There was an internal failure that may impact non-essential system function Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. IEP Messages Error Message %IP-IEP-3-DAEMON_ERR_EVM_CREATE Failed to create Event Manager Explanation An error occurred while creating the process event manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IEP-3-DAEMON_ERR_EVM_EVENT_BLOCK Error while waiting on next event Explanation An error occurred while using the process event manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IEP-3-DAEMON_ERR_SYSDB_BIND Failed to bind to SysDB: error [hex] (’[chars]’) Explanation An error occurred while using SysDB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IEP Messages EM-438 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IEP-3-DAEMON_ERR_SYSDB_BSCAN Failed to scan configuration: error [hex] (’[chars]’) Explanation An error occurred while using SysDB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IEP-3-DAEMON_ERR_SYSDB_REG_VERIFY Failed to register for config verification: error [hex] (’[chars]’) Explanation An error occurred while using SysDB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IEP-3-DAEMON_ERR_SYSDB_UNBIND Failed to unbind from SysDB: error [hex] (’[chars]’) Explanation An error occurred while using SysDB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IEP-3-DAEMON_ERR_SYSMGR_PROC_READY Failed to signal process ready: error [hex] (’[chars]’) Explanation An error occurred while signalling that initialization was complete. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IEP-3-ERR_SYSDB_BIND Failed to bind to SysDB: error [hex] (’[chars]’) Explanation An error occurred while using SysDB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IP_APS Messages EM-439 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IEP-3-ERR_SYSDB_UNBIND Failed to unbind from SysDB: error [hex] (’[chars]’) Explanation An error occurred while using SysDB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IEP-7-ERR_INTERNAL Call to [chars] from function [chars] returned error: [chars] Explanation An internal system error occured. Recommended Action Debug message only. No action is required. IP_APS Messages Error Message %IP-IP_APS-3-ADDR_THRESHOLD_MAX The Addresses in the Pool have crossed the upper limit of [dec] Explanation The numbers of address in the Pool exceeds the maximum allowed. No More Addresses can be added to the Pool. Recommended Action Confirm if the number of addresses configured are really needed and this is not any misconfig. If more addresses are needed than the allowed max number, Please contact the TAC. Error Message %IP-IP_APS-3-RANGE_THRESHOLD_MAX [dec] Ranges for [dec] Address. Number of Ranges per Address must be brought down Explanation The number of ranges configured for the addresses in pools is too large. Having more addresses in a single range and thereby having smaller number of ranges is optimal for memory. There cannot be less than 50 Addresses per Range after 100 thousand Ranges. Recommended Action Consider combining multiple ranges into one. Error Message %IP-IP_APS-6-ADDR_THRESHOLD_XCED The Addresses configured in the Pool are now [dec], please confirm if there isn’t a mis confiugration Explanation The Address configured are too many. The message is to confirm if this is intentional. Recommended Action Check the configuration to confirm the configuration is intentional. Remove any misconfiguration. Internet Protocol (IP) Messages IP_ARM_PLIB Messages EM-440 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IP_APS-6-RANGE_THRESHOLD_XCED [dec] Ranges for [dec] Address. Consider coalescing Addresses Explanation The number of ranges configured for the addresses in pools is too large. Having more addresses in a single range and thereby having smaller number of ranges is optimal for memory. An informational message will be generated if At 1 Thousand Ranges there are 10 Addr per range At 10 Thousand Ranges there are 50 Addr per range At 50 Thousand Ranges there are 100 Addr per range At 70 Thousand Ranges there are 150 Addr per range Recommended Action Consider combining multiple ranges into one. IP_ARM_PLIB Messages Error Message %IP-IP_ARM_PLIB-3-EVENT_SET_RETRY_FAILED Event set retry failed, error : [chars] Explanation A call to set the retry timeout for producers to bind with iparm failed. This will call default timeout values to be used. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IP_ARM_TEST Messages Error Message %IP-IP_ARM_TEST-6-RCVD_UPDATE [chars] Explanation Update received Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages IP_ARM Messages EM-441 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IP_ARM Messages Error Message %IP-IP_ARM-3-BAD_VISIBLE_COUNT Interface ’[chars]’ has more visible addresses than the stored visible count ’[dec]’ Explanation This is an internal error. It indicates that the addresses visible to the clients are more than expected. This can result in IP ARM not sending an address update to its clients. Recommended Action Get the output of show tech-support, show arm [ipv4/ipv6] trace, running coredump of the process. Unconfiguring, reconfiguring the interface may help in recovering the from error. Error Message %IP-IP_ARM-3-CFLCT_FORCED_DOWN The [chars] address [chars]/[dec] on [chars] conflicts with other [chars] addresses and has been forced down Explanation The specified IP address conflicts with other IP addresses on the network portion of their IP addresses and has been forced down to prevent multiple operational conflicting IP addresses. This is an inconsistent configuration. Recommended Action Reconfigure the IP addresses that share the common network portion specified. Error Message %IP-IP_ARM-3-CFLCT_NOT_FOUND Conflict data structure not found for ([chars]) Explanation An IP info structure with conflict flag set is not found in the conflict database. This is an error condition indicating IP ARM database has erroneous information. This can cause some unexpected behavior relating to the ip address not found in the database. Recommended Action Collect the output of show tech-support, show arm [ipv4/ipv6] trace and the steps that lead to this behavior. Error Message %IP-IP_ARM-3-MHOST_DEFAULT_PIM An error occured with the default interface provided by PIM: [chars] Explanation When multicast routing is turned on PIM will choose a default interface, based on whether the default has been configured and it’s enabled state. An error was encountered in making PIM provided interface as mhost default interface. Recommended Action Change the mhost ipv4 default-interface configuration to some other physical or virtual interface. Collect the output of show tech-support, show arm ipv4 trace Internet Protocol (IP) Messages IP_ARM Messages EM-442 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IP_ARM-3-UNNUM_CFLCT The [chars] unnumbered interface [chars] references the unnumbered interface [chars] and has therefore been forced down Explanation The IP unnumbered specified in the message references another unnumbered interface. This is not consistent configuration. Recommended Action Reconfigure one of the IP unnumbered interfaces so that the unnumbered interface does not reference another unnumbered interface. Error Message %IP-IP_ARM-6-CFGED_MHOST_DEFAULT_MGMT The configured mhost default interface([chars]) is a management interface, so, can’t be used as the active Explanation Management interfaces(on the RPs) are not allowed to be the mhost default interface as multicast routing is disabled on the management interface. Recommended Action Change the mhost ipv4 default-interface configuration to some other physical or virtual interface. Error Message %IP-IP_ARM-6-CFLCT_NO_LONGER The [chars] address [chars]/[dec] on [chars] is no longer forced down due to [chars] address conflicts Explanation The IP address specified in the message previously conflicted with other configured IP addresses on some portion of the network portion of their IP addresses. The IP address no longer conflicts. Recommended Action None. This is an informational message indicating a return to a correct consistent configuration. Error Message %IP-IP_ARM-6-RTRID_CFG_DEPRECATED [chars] Explanation The rouer id configuration CLI has been deprecated. This command has taken on effect. Recommended Action None. This is an informational message to tell user that router id configure CLI has been deprecated. Error Message %IP-IP_ARM-6-RTRID_GLOBAL_UNAVAILABLE The global router id has become unavailable Explanation The global router id has become unavailable. Recommended Action Ensure that a global router id has been configured and that the configured interface has a primary IPv4 address and is UP (a loopback interface is strongly recommended), or that the configured IPv4 address exists on an interface that is UP. Internet Protocol (IP) Messages IP_ARM Messages EM-443 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IP_ARM-6-UNNUM_CFLCT_NO_LONGER The [chars] unnumbered interface [chars] no longer references another unnumbered interface Explanation The IP unnumbered specified in the message references previously referenced another unnumbered interface. This is no longer the case. Recommended Action None. This is an informational message indicating a return to a correct consistent configuration. Error Message %IP-IP_ARM-7-ERR_SYSDB_BIND Encountered failure [chars] in binding to [chars] for [chars] Explanation IP ARM process encountered failure in binding to SysDB. It will recover itself by restarting. Typically this error is caused if sysdb is unavailable for an extended period. Recommended Action If the problem persists get the output of show processes, show sysdb trace, show sysdb trace clientlib job jid of ip[v4/v6]_arm, show arm [ipv4/ipv6] trace from the location the error message comes from. Error Message %IP-IP_ARM-7-INIT_FAILED Initialization failed, module: [chars], operation: [chars], error: [chars] Explanation Initialization of the IPv4 ARM or IPv6 ARM process failed. This can happen when the process is (re)starting and any basic infrastructure service required by the process is not available. The process recovers by restarting itself. If the error message doesn’t persist, it can be ignored. If the error message persists, depending on whether IPv4 ARM or IPv6 ARM failed to initialize, some basic ipv4 or ipv6 functionality may not be available. Recommended Action Collect the output of show tech-support, show processes, show arm [ipv4/ipv6] trace Error Message %IP-IP_ARM-7-LTRACE_INIT_ERR Failed to initialize ltrace: [chars]: Explanation IP ARM failed to initialize module to allow tracing of important events. This may happen during process (re)start. The process will exit and try to recover from the error. Recommended Action If the msg is not seen multiple times, it can be assumed that the process has recovered. If the process cannot recover from this error, it may not be able to run. Then it is a fatal error. Collect the output of show tech-support, show arm [ipv4/ipv6] trace.Internet Protocol (IP) Messages IP_ICMP Messages EM-444 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IP_ICMP Messages Error Message %IP-IP_ICMP-7-ERR_EVM_CREATE Failure [chars] in creating event manager Explanation The IP ICMP library could not create the event manager to handle the events to be received by the process. This can happen when the process is (re)starting. If the error message doesn’t persist, it can be ignored. If the error message persists, some basic icmp functionality may not be available. Recommended Action Collect the output of show tech-support, show processes, show ipv4 ma trace from the location the error message comes from. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IP_ICMP-7-ERR_SYSDB_BIND Encountered failure [chars] in binding to [chars] for [chars] Explanation IP ICMP Lib encountered failure in binding to SysDB. Typically this error is caused if sysdb is unavailable for an extended period. Recommended Action If the problem persists get the output of show processes, show sysdb trace, show sysdb trace clientlib job jid of ipv4_io or ipv6_io. Error Message %IP-IP_ICMP-7-ERR_SYSDB_REG_NOTIFY Encountered failure [chars] in registering notifiee at [chars] for [chars] Explanation IPv4 Management Agent encountered failure in registering notifiee with SysDB. It will recover itself by restarting. Typically this error is caused if sysdb is unavailable for an extended period. Recommended Action If the problem persists get the output of show processes, show sysdb trace, show sysdb trace clientlib job jid of ipv4_ma, show ipv4 ma trace location , debug sysdb notification job jid of ipv4_ma from the location the error message comes from. Error Message %IP-IP_ICMP-7-ERR_SYSDB_REG_VERIFY Encountered failure [chars] in registering verifier at [chars] for [chars] Explanation IP ICMP library encountered failure in registering verifier with SysDB. Typically this error is caused if sysdb is unavailable for an extended period. Recommended Action If the problem persists get the output of show processes, show sysdb trace, show sysdb trace clientlib job jid of ipv4_io or ipv6_io. Internet Protocol (IP) Messages IP_LIB_NETIO Messages EM-445 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IP_ICMP-7-LIB_INIT_FAILED ip icmp dll initialisation failed. [chars]: [chars] Explanation There was a software error during process startup. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise check whether the error code contained in the message indicates that there was a failure to allocate the necessary memory and take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If resource allocation was not the problem and it hasn’t been fixed by a subsequent restart then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IP_LIB_NETIO Messages Error Message %IP-IP_LIB_NETIO-3-STATS_SHM [chars] Explanation IP Netio library encountered failure while operating on the shm stats information. Recommended Action If the problem persists get the output of ’show process blocked’ and ’show process netio’ IP_NTP Messages Error Message %IP-IP_NTP-3-CALENDAR_UPDATE_FAILED NTP calendar update failed Explanation An error occurred during calendar clock update. This causes the calendar clock cannot be adjusted accordingly to NTP server or peer Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IP_NTP Messages EM-446 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IP_NTP-3-CLOCK_UPDATE_FAILED Unable to update NTP clock - [chars] ([dec]) Explanation An error occurred when updating system clock with the clock adjust process of clock hardware. This causes the internal clock on active RP cannot be adjusted accordingly to NTP server or peer. The string tells that which process has failed. The integer specifies the error for internal usage. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IP_NTP-3-DRIFT_UPDATE_FAILED NTP drift update - [chars] - failed with error [dec] Explanation An error occurred during clock drift checkpoint handling. The string tells the points of process that error has occurred. The integer specifies the error for internal usage. Recommended Action Reduce the memory usage. If the problem still occurs, contact TACS/SUPPORTS and pass the memory usage, ltrace, and configuration of NTP to them such as - show memory - show ntp trace ... - show running-config Error Message %IP-IP_NTP-3-EXCEED_MAXFREQ [chars] Explanation Frequency Error exceeded NTP tolerable limit (500 PPM). Recommended Action Try to reset the drift value by ntp reset drift. If this message recurs after resetting the drift value, see show ntp associations, correct information for all the peers, contact your Cisco Technical support, and provide the representative with the gathered information. Error Message %IP-IP_NTP-5-ALL_CONN_LOST All NTP peer connections failed. Explanation The ntp server lost all connections with the clock sources. Recommended Action No action is required. Error Message %IP-IP_NTP-5-HP_CONN_LOST High priority NTP peer connection lost - Stratum [dec]-[dec]. Explanation The ntp server lost the connection with a high-priority clock source. The Stratum tells the change of server stratum. Recommended Action No action is required. Internet Protocol (IP) Messages IPV4_EDM Messages EM-447 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IP_NTP-5-HP_CONN_RECOVERED High priority NTP peer connection recovered - Stratum [dec]-[dec]. Explanation The ntp server recovered the connection with a high-priority clock source. The Stratum tells the change of server stratum. Recommended Action No action is required. Error Message %IP-IP_NTP-5-LP_CONN_RECOVERED At least a low priority NTP peer connection was recovered - Stratum [dec]-[dec]. Explanation The ntp server recovered a connection with one of the configured clock source. The Stratum tells the change of server stratum. Recommended Action No action is required. Error Message %IP-IP_NTP-5-SYNC_LOSS Synchronization lost : [chars] : [chars] Explanation NTP lost synchronization due to one of the following reasons: 1. Server authentication failed 2. Access denied by remote server 3. Peer unreachable or clock selection failed 4. The association was removed 5. The clock was stepped and needs to be resynced 6. The ephemeral client association was timeout 7. ntp clear command Recommended Action If SYNC_LOSS because ’The clock was stepped and needs to be resynced’ keeps occuring constantly during time, try to exec ntp reset drift. Error Message %IP-IP_NTP-5-UNUSUAL_OFFSET Detect an unusual offset time value. Explanation The offset between the active clock source and the system clock exceeds 1000 seconds. Recommended Action No action is required. IPV4_EDM Messages Error Message %IP-IPV4_EDM-3-DECODE_FAILED Failed to decode [chars] data Explanation IPV4 could not decode data supplied by the indicated external data manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV4_EDM Messages EM-448 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV4_EDM-3-ENCODE_FAILED Failed to encode [chars] data in external data manager Explanation A process has requested information from ipv4_io through SysDB, probably as a result of executing a show command. The data requested could not be encoded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_EDM-3-SYSDB_BIND_FAILED Failed to connect to SysDB in [chars] ([chars]) Explanation Failed to connect to SysDB while starting the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_EDM-6-BAGREG_FAILED IPV4_IO failed to register the [chars] external data manager data blocks Explanation The ipv4_io process failed while attempting to register the indicated external data manager data blocks with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_EDM-7-ERR_BAG_REG Encountered failure [chars] in [chars] Explanation IPV4 Management Agent encountered failure in registering bag format used to encode information sent via SysDB. It will recover itself by restarting. Recommended Action If the problem persists get the output of show processes, show sysdb trace edm, show sysdb trace clientlib job jid of ipv4_ma. If multiple instances of ipv4_ma are seen running or trying to run Error Message %IP-IPV4_EDM-7-ERR_SYSDB_BAG_ENCODE Failure [chars] in encoding bag for [chars] Explanation IPv4 Management Agent encountered failure in encoding the bag that is supposed to carry encoded information to be passed on clients of IPv4 MA. Typically the client is a managebility agent like exec spawned by show CLI. As a result of this error the client may not receive the intended information from IPv4 MA. If it is a managebility request that triggered this, the request may be Internet Protocol (IP) Messages IPV4_IO Messages EM-449 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 retried. Typically this error is caused if there is mismatch between the bag format and the information to be encoded. At other times the error might be due to process’ memory corruption or low memory. Recommended Action Collect the output of show tech-support, show ipv4 ma trace location when this message is seen. Identify if possible which manageability requests triggers this message. Most likely it would be one of the show ipv4 CLIs. Error Message %IP-IPV4_EDM-7-ERR_SYSDB_REG_EDM [chars] Failed with [chars] Explanation IPv4 Management Agent encountered failure in registering as a server for managebility requests. It will recover itself by restarting. Typically this error is caused if sysdb is unavailable for an extended period or if there is another process that instance that is registered as the server for the same information. Recommended Action If the problem persists get the output of show processes, show sysdb trace edm, show sysdb trace clientlib job jid of ipv4_ma. If multiple instances of ipv4_ma are seen running or trying to run (this can be due to a bug in some other area of the system), make sure that only one instance is allowed by killing the other one. IPV4_IO Messages Error Message %IP-IPV4_IO-3-NOMEM IPv4 operation ’[chars]’ failed due to lack of memory Explanation The IPv4 IO process could not allocate memory needed to complete the specified operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. When the memory shortage is resolved retry the operation. Error Message %IP-IPV4_IO-3-OPTION_UPDATE_FAIL Cannot update option registry in ipv4_io: [chars] Explanation The ipv4_io process encountered a software error while creating an entry in the option registry requested by an application Recommended Action IPV4 IO could not update option registry information consistently across all of its instances. This could result in unexpected behavior with respect to some option packets. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV4_IO Messages EM-450 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV4_IO-3-PA_BIND Port arbitrator error. [chars]: [chars] Explanation The ipv4_io process encountered a software error while connecting to the port arbitrator. Recommended Action IPv4 IO could not register with the PA for handling a particular ICMP type locally. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_IO-3-PA_NULL_HANDLE Error: Port Arbtitrator allocated a NULL handle Explanation The ipv4_io process was given a NULL handle by the port arbitrator. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-IPV4_IO-3-PLATFORM_UPDATE Platform update failed: [chars] - [chars](CH[hex]) Explanation An error occurred while trying to update the platform code with information about the interface whose handle is contained in the message. Recommended Action The update will be replayed to the platform code and may succeed on a subsequent attempt. If not then the system will be left in an inconsistant state and this interface may not function normally. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_IO-3-PLATFORM_UPDATE_BULK Platform update failed for [dec] interface: [chars] - [chars] Explanation An error occurred while trying to update the platform code with information about a batch of interfaces. This update will be replayed. Recommended Action The update will be replayed to the platform code and may succeed on a subsequent attempt. If not then the system will be left in an inconsistant state and the affected interfaces may not function normally. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV4_IO Messages EM-451 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV4_IO-3-UNHANDLED_ERROR Error. [chars]: [chars] Explanation The ipv4_io process has encountered a software error during normal operation from which it cannot recover. Recommended Action The process will attempt to rectify this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise check whether the error code contained in the message indicates that there was a failure to allocate the necessary memory and take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If resource allocation was not the problem and it hasn’t been fixed by a subsequent restart then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_IO-4-UNKNOWN_MESSAGE Unknown [chars] received by ipv4_io ([dec]) Explanation The IPV4_IO process has received an unknown event message. Recommended Action This message indicates that the ipv4_io process has received a message type that it wasn’t expecting. This message has been ignored and no further action needs to be taken. The message may have been sent to this process by mistake or if any installs have taken place there may be a version mismatch between the server and a client. On its own this message does not indicate a problem. If other problems are seen then include this error in the report. Error Message %IP-IPV4_IO-7-INIT_FAILED Process initialisation failed. [chars]: [chars] Explanation There was a software error during process startup. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise check whether the error code contained in the message indicates that there was a failure to allocate the necessary memory and take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If resource allocation was not the problem and it hasn’t been fixed by a subsequent restart then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages IPV4_MA Messages EM-452 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPV4_MA Messages Error Message %IP-IPV4_MA-3-ADD_GROUP_FAILED IP add multicast group membership failed for group [chars] on interface CH[hex] Explanation IPv4 was unable to add membership to the group. Commonly, this is done for 224.0.0.1 by ipv4-ma with no associated socket when an interface is enabled, or for all groups (multicast promiscuous mode) whem multicast routing is enabled. Failure might result in issues in multicast host functionality or multicast fwding functionality. Recommended Action shut/unshut of the interface will trigger leave/join respectively. This can be done to retry the group join. Collect the output of show tech-support, show ipv4 ma trace, show ipv4 trace, debug ipv4 ma mhost from the location the error message comes from. Note any previous errors related to multicast membership. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_MA-3-ERR_AVLBL_MTU Proposed IP MTU [dec] of [hex] is smaller than minimum allowed (68). IPv4 may not work correctly on this interface Explanation Minimum IPv4 MTU must be 68 bytes. Available link MTU is below the minimum IPv4 link MTU (68). IPv4 may not work correctly on this interface.’ Recommended Action Adjust the lower layer mtu such that atleast 68 bytes is available to IPv4. If the lower layer mtu is big enough collect the output of show tech-support, show ipv4 ma trace, show im trace, show im chains, show ipv4 interface for the interface for which the above error is seen. Try unconfiguring/reconfiguring the interface if the lower layer mtu is big enough and still the error is seen. Error Message %IP-IPV4_MA-3-ERR_IFH_MISMATCHED ifhandles mismatched, IM ifh equals [hex], MA ifh equals [hex] Explanation A mismatch in interface handles has been been detected. This is an indication that IM is potentially out-of-synched with MA. This problem occurs when interfaces are deleted while Interface Manager (IM) is not available. Recommended Action The problem is normally recovered by the IPV4-MA component. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV4_MA Messages EM-453 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV4_MA-3-REMOVE_GROUP_FAILED IP remove multicast group membership failed for group [chars] on interface CH[hex] Explanation IPv4 was unable to remove membership to the group. Commonly, this is done for 224.0.0.1 by ipv4-ma with no associated socket when an interface is disabled, or for all groups (multicast promiscuous mode) whem multicast routing is disabled. It might be ok to ignore the failure. Recommended Action shut/unshut of the interface will trigger leave/join respectively. Do as appropriate to recover. Collect the output of show tech-support, show ipv4 ma trace, show ipv4 trace, debug ipv4 ma mhost from the location the error message comes from. Note any previous errors related to multicast membership. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_MA-4-ERR_INTERFACE_EXIST interface add: Interface already exists for [chars] with ifh ([hex]) - by [chars], restarting to recover Explanation IPv4 MA already has the interface being newly added in its internal store. This potentially indicates that IPv4 MA missed the delete from SysDB and Interface Manager for this interface & hence is out of sync. Recommended Action IPv4 MA restarts in an attempt to recover from this situation, config should get applied on this new interface successfully. No further action should be necessary. If errors are observed, trying to unconfigure and reconfigure the interface in problem would help. If that does not and IPv4 MA related errors are still observed please gather the necessary information as mentioned in required info Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_MA-4-LOG_MTU The link payload ([dec]) is less than the IPv4 link mtu ([dec]) Explanation The link payload is lesser than the IPv4 link MTU. Hence the operational MTU is set to the link payload and not the configures MTU value Recommended Action Choose IPv4 MTU value lesser than the LINK payload value Internet Protocol (IP) Messages IPV4_MA Messages EM-454 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV4_MA-7-ERR_CREATE_REGISTER Failed to register create notification for interface [chars] ([chars]: [chars]) Explanation IPv4 MA registers to be notified of Forwarder interface creation if its not already available when IPv4 MA starts. The process tries to recover by reconnecting to IM. If the error persists, the forwarder will not be available for IPv4 packets. Recommended Action Collect the output of show tech-support, show ipv4 ma trace, debug ipv4 ma error, debug im errors, debug im api calls job , debug im api errors job from the location the error message comes from. Error Message %IP-IPV4_MA-7-ERR_EVM_ASYNC_ATTACH Failure [chars] in attaching handler for async pulse [hex] Explanation The IPv4 MA process could not register the handler for the indicated event. This can happen when the process is (re)starting. The process recovers by restarting itself. If the error message doesn’t persist, it can be ignored. If the error message persists, some basic ipv4 functionality may not be available. Recommended Action Collect the output of show tech-support, show processes, show ipv4 ma trace, debug event-manager attach job from the location the error message comes from. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_MA-7-ERR_EVM_ATTACH Failure [chars] in attaching handler for sync msgid [hex] Explanation The IPv4 MA process could not register the handler for the indicated event. This can happen when the process is (re)starting. The process recovers by restarting itself. If the error message doesn’t persist, it can be ignored. If the error message persists, some basic ipv4 functionality may not be available. Recommended Action Collect the output of show tech-support, show processes, show ipv4 ma trace, debug event-manager attach job from the location the error message comes from. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV4_MA Messages EM-455 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV4_MA-7-ERR_EVM_CREATE Failure [chars] in creating event manager Explanation The IPv4 MA process could not create the event manager to handle the events to be received by the process. This can happen when the process is (re)starting. The process recovers by restarting itself. If the error message doesn’t persist, it can be ignored. If the error message persists, some basic ipv4 functionality may not be available. Recommended Action Collect the output of show tech-support, show processes, show ipv4 ma trace from the location the error message comes from. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_MA-7-ERR_FINT_NAME Failed to get interface name of local fint ([chars]) Explanation Failed to add ipv4 to fint which represents the fabric interface. This is retried by reconnecting to IM. If this error is seen only once, it may not have significant impact. If this error is persistent, it may mean that it is not possible to send/receive packets vai the fabric. Recommended Action Collect the output of show ipv4 ma trace, debug ipv4 ma error from the location the error message comes from. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_MA-7-ERR_SYSDB_BIND Encountered failure [chars] in binding to [chars] for [chars] Explanation IPv4 Management Agent encountered failure in binding to SysDB. It will recover itself by restarting. Typically this error is caused if sysdb is unavailable for an extended period. Recommended Action If the problem persists get the output of show processes, show sysdb trace, show sysdb trace clientlib job jid of ipv4_ma, show ipv4 ma trace location from the location the error message comes from. Error Message %IP-IPV4_MA-7-ERR_SYSDB_REG_NOTIFY Encountered failure [chars] in registering notifiee at [chars] for [chars] Explanation IPv4 Management Agent encountered failure in registering notifiee with SysDB. It will recover itself by restarting. Typically this error is caused if sysdb is unavailable for an extended period. Recommended Action If the problem persists get the output of show processes, show sysdb trace, show sysdb trace clientlib job jid of ipv4_ma, show ipv4 ma trace location , debug sysdb notification job jid of ipv4_ma from the location the error message comes from. Internet Protocol (IP) Messages IPV4_MA Messages EM-456 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV4_MA-7-ERR_SYSDB_REG_VERIFY Encountered failure [chars] in registering verifier at [chars] for [chars] Explanation IPv4 Management Agent encountered failure in registering verifier with SysDB. It will recover itself by restarting. Typically this error is caused if sysdb is unavailable for an extended period. Recommended Action If the problem persists get the output of show processes, show sysdb trace, show sysdb trace clientlib job jid of ipv4_ma, show ipv4 ma trace location , debug sysdb verification job jid of ipv4_ma from the location the error message comes from. Error Message %IP-IPV4_MA-7-INIT_FAILED Cannot initialize [chars]: [chars] ([hex]) Explanation Initialization of the IPv4 MA process failed. This can happen when the process is (re)starting and any basic infrastructure service required by the process is not available. The process recovers by restarting itself. If the error message doesn’t persist, it can be ignored. If the error message persists, some basic ipv4 functionality may not be available. Recommended Action Collect the output of show tech-support, show processes, show ipv4 ma trace from the location the error message comes from. Error Message %IP-IPV4_MA-7-REPLICATE_DPC_INVALID_COOKIE Got invalid cookie for replicating interface CH[hex], cookie - [hex], batch cookie [hex] Explanation IPv4 MA got an unexpected cookie for the specified interface. This failure indicates that the IPv4 data path feature may not programmed correctly. IPv4 MA tries to recover from this error by a timer based retry. If the message is not seen continuosly for a particular interface and if functionality looks ok, the recovery might have been successful. Recommended Action Collect the output of show tech-support, show ipv4 ma trace, debug imp dpc, debug ipv4 events, debug im api job from the location the error message comes from. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV4_MA-7-UNKNOWN_MESSAGE Unknown IPC [chars] [dec] received Explanation The IPV4_MA process has received an unknown IPC. It will ignore the msg if it is in the form of an asynchronous pulse. If the msg is in the form of a synchronous message, it returns an error to the sender which in turn is expected to take appropriate action. This can happen if IPv4 MA receives an IPC for which it doesn’t have a handler registered due to either it unregistering the handler without updating the sender or due to the sender sending an incorrect IPC. It may be safe to ignore this message if there is no visible loss of functionality. Recommended Action Collect the output of show tech-support, show processes, show ipv4 ma trace, show lwm from the location the error message comes from. If this message is seen repeatedly, capture the output of debug event-manager dispatch job . This debug captures almost all the IPCs Internet Protocol (IP) Messages IPV4_NTP Messages EM-457 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 received by ipv4 ma and hence it may slow down the process and take up the related resources. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV4_NTP Messages Error Message %IP-IPV4_NTP-7-EXIT_MESSAGE NTP process detected error : [chars], restarting to recover. Explanation NTP process exits and restarts when it detects a failure. If the error does not persist it can be ignored. Recommended Action None required if NTP process restarts and recovers. Error Message %IP-IPV4_NTP-7-EXIT_MESSAGES NTP process detected error :[chars] because of [chars], restarting to recover Explanation NTP process exits and restarts when it detects a failure. If the error does not persist it can be ignored. Recommended Action None required if NTP process restarts and recovers. IPV4_NTPC Messages Error Message %IP-IPV4_NTPC-7-EXIT_MESSAGE NTPC process has detected an error :[chars], restarting to recover. Explanation NTP process exits and restarts when it detects a failure. If the error does not persist it can be ignored. Recommended Action show process ntpdc Error Message %IP-IPV4_NTPC-7-EXIT_MESSAGES NTPC process has detected an error :[chars] because of [chars], restarting to recover. Explanation NTP process exits and restarts when it detects a failure. If the error does not persist it can be ignored. Recommended Action show process ntpdcInternet Protocol (IP) Messages IPV6_MA Messages EM-458 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPV6_MA Messages Error Message %IP-IPV6_MA-2-PROT_DOWN IPv6 protocol on interface [chars] going down, Reason - [chars] Explanation The IPv6 Protocol on the mentioned interface is going down due to the reason specified in the message. This would cause all routing and forwarding on this interface to be disabled for ipv6 address family until the condition is rectified either via config or help from support. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ADD_GROUP_FAILED IP add multicast group membership failed for group [chars] on [chars] Explanation Unable to add membership to the group. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_ADDRSVR_INIT Failed to initialize as Address Svr. Error -- [chars] Explanation Failed to initialize as local IP Address Server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_CONFIG_INIT IPV6 MA failed to initialize the configuration sub-system Explanation The IPV6 MA process failed to initialize its config handling mechanism and interaction with sysdb. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6_MA Messages EM-459 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_MA-3-ERR_DB_INIT IPV6 MA failed to initialize the interface database Explanation The IPV6 MA process failed to initialize its interface database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_DEBUG_INIT IPV6 MA debug initialization failed Explanation The IPV6 MA process failed to initialize debug support Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_INIT Failed to initialize [chars], Error -- [chars]([dec]) Explanation Failed to initialize as producer of the Local Address Service Database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_LAS_P_INIT Failed to initialize as LAS producer. Error -- [chars] Explanation Failed to initialize as producer of the Local Address Service Database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_LL_CFG [chars]: ([chars]) Explanation This might result in failure generating linklocal address on certain LC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6_MA Messages EM-460 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_MA-3-ERR_LTRACE_INIT_FAIL [chars] [chars] [chars] Explanation There was a failure during an ltrace_init api call which resulted in the failure as indicated in the message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_MTU [chars] [dec]: CH[hex] Explanation Minimum IPv6 MTU must be 1280. Available ipv6 mtu is not within the valid range. Recommended Action Adjust the lower layer mtu such that atleast 1280 bytes is available to ipv6. Error Message %IP-IPV6_MA-3-ERR_REMOVE_ENCAP Failed to remove [chars] encapsulation from [chars] ([chars]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_SETUP_HANDLERS IPV6 MA failed to initialize event callback handlers Explanation The IPV6 MA process failed to initialize various callback handlers for various synchronous and asynchronous events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-ERR_TIMER_ADDL_CTXT [chars] ([chars]) Explanation The IPV6 MA process failed to add context to timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6_MA Messages EM-461 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_MA-3-ERR_TIMER_INIT IPV6 MA Timer initialization failed - [chars] Explanation The IPV6 MA process failed to initialize its timers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-EVENT_CONN_ERR IPV6 MA Event Conn Error - [chars] ([chars]) Explanation The IPV6 MA process failed to initialize its event conn mgr infra. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-EVENTMGR_CREATE_FAILED IPV6_MA Event Manager create failed Explanation The IPV6_MA process failed to create the event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-REMOVE_GROUP_FAILED IP remove multicast group membership failed for group [chars] on [chars] Explanation Unable to add membership to the group. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-3-SYSDB_BIND_FAILED Failed to connect to SysDB in [chars] ([chars]) Explanation Failed to connect to SysDB while starting the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6_ND Messages EM-462 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_MA-4-ERR_INTERFACE_EXIST interface add: Interface already exists for [chars] with ifh ([hex]) - by [chars], restarting to recover Explanation IPv6 MA already has the interface being newly added in its internal store. This potentially indicates that IPv6 MA missed the delete from SysDB and Interface Manager for this interface & hence is out of sync. Recommended Action IPv6 MA restarts in an attempt to recover from this situation, config should get applied on this new interface successfully. No further action should be necessary. If errors are observed, trying to unconfigure and reconfigure the interface in problem would help. If that does not and IPv6 MA related errors are still observed please gather the necessary information as mentioned in required info Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_MA-4-LOG_MTU The link payload ([dec]) is less than the IPv6 link mtu ([dec]) Explanation The link MTU is lesser than the IPv6 link MTU. Hence the operational MTU is set to the link MTU and not the configures MTU value Recommended Action Choose IPv6 MTU value lesser than the LINK MTU value Error Message %IP-IPV6_MA-6-ERR_IM IM API Failure ([chars]) : [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV6_ND Messages Error Message %IP-IPV6_ND-3-ADDRESS_DUPLICATE Duplicate address [chars] has been detected Explanation Address duplication has been detected. This error is caused by a a mis-configuration. More than one system, connected to the same media, are configured with the same ip address. Once an address is found to be duplicated, it is set in DUPLICATE state and is not available for use by upper layers. If the duplicated address is a Link Local address, then the ipv6 interface is also taken to DOWN state. Recommended Action Unconfigured the duplicated address and reconfigure with a correct one. If the address is a Link Local address, perform a ’shut’ and then ’no shut’ on the interface. Internet Protocol (IP) Messages IPV6_ND Messages EM-463 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_ND-3-ERR_AIB_ADJ Unable to [chars] adjacency [chars] AIB. Explanation A problem occurred while attempting to add/delete an adjacency into/from AIB. This error happens when the AIB process is temporarily unavailable. The problem is normally recovered once the AIB process becomes operational. Recommended Action ’show adjacency ipv6 [location node-id]’ and ’show ipv6 neighbor [location node-id] commands. Entries in AIB should match with ND’s. If the etries don’t match then the router may not function correctly or efficiently. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_ND-3-ERR_AIB_CONN Unable to [chars] a connection to AIB [chars] ([dec]) Explanation The attempt to communicate with AIB failed. This is normally a transient error, it occurs when the AIB process is temporarily unavailable. The error will be recovered once the AIB process becomes operational. If the error persists, it is an indication that the AIB process is not operational or being blocked by other process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_ND-3-ERR_EVENT_MGR_CREATE [chars] unable to create the event manager. Explanation IPv6 ND has failed to create the event manager. It will try to recover from the error by exiting. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_ND-3-ERR_EXTERNAL_FAIL [chars] [chars] (err equals [chars]) Explanation An error in the system trace facility has occurred. This condition might have been caused by lack of system resources. The error will disable IPV6 Neighbor Discovery’s tracing function, but no other IPv6 ND fuctionalities will be impacted. Recommended Action Use ’show memory summary [location node-id]’ command to determine the state of the system memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Internet Protocol (IP) Messages IPV6_ND Messages EM-464 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_ND-3-ERR_IFH_CONN Unable to [chars] connection handle to IFH [chars] ([dec]) Explanation The attempt to communicate with IFH server failed. This is normally a transient error, it occurs when IFH server process is temporarily not available. If the error persists, it is an indication that the ifh server process is not operational. Recommended Action Use ’show proc pfi_ifh_server [location node-id]’ to find out the state of the IFH server process. Also, use ’show proc blocked [loc node-id’ to determine if the pfi_ifh_server process is being blocked. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_ND-3-ERR_IM_BIND Failed to bind to IM ([chars]): [chars] ([dec]) Explanation The attempt to communicate with IM failed. This is normally a transient error, it occurs when Interface Manager is temporarily not available. If the error persists, it is an indication that the interface manager process is not operational or it is being blocked by some other process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_ND-3-ERR_IM_MEDIA_NOT_SUPPORTED [chars] [chars] Explanation IPv6 Neighbor Discovery (ND) does not operate on this interface type. This error occurs when ND process receives a punted data packet from the L2 for MAC address resolution on a point-to-point interface. This problem could happen due to some transient errors in the layer-2 switching software. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_ND-3-ERR_SYSDB Failed to [chars]: [chars] ([dec]) Explanation An attempt to communicate with sysdb failed. This error is normally transient and could be recovered. If the error condition could not be recovered, IPv6 ND will not function properly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages IPV6_SW Messages EM-465 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPV6_SW Messages Error Message %IP-IPV6_SW-3-CLEAR_MAPPING_FAILED clear mapping ipv6 ([dec]) from media [chars] failed: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_SW-3-ERR_ATTACH_FSV couldn’t attach FSV, err: [chars] Explanation The IPv6 NetIO component was unable to attach the required FSV before passing the packet to the IPv6 partner process. The Packet was dropped. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_SW-3-ERR_MEDIA_REGISTER [chars] : Failed for ipv6 proto to [chars] ([chars]) Explanation netio media register or callback error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_SW-3-ERR_NETIO_MUTEX_LOCK Cannot lock packet mutex in function [chars], err: [chars] Explanation The IPv6 NetIO component was unable to lock packet mutex while doing a control action. The control action failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6_SW Messages EM-466 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_SW-3-ERR_NO_INTERFACE IPv6 received a packet bound to a nonexistent interface, err: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_SW-3-ERR_PAK_REDIRECT couldn’t duplicate packet (no redirect generated), err: [chars] Explanation A packet has been sent to us when the sender should have been able to directly reach the destination. We were therefore also trying to generate an ICMP redirect message, but were unable to do so. The original packet would have been forwarded normally. Recommended Action This generally indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-IPV6_SW-3-ERR_PROTO_INIT Protocol Initialization failed, error -- [chars] ([dec]) Explanation IPv6 Protocol failed to intialize the netio datapath. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_SW-3-ERR_READ_PUNT_REASON_FAILED couldn’t read punt reason, err: [chars] Explanation The IPv6 NetIO component was unable to read the Packet Punt Reason supplied by the Hardware forwarding component. The Packet was dropped. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6 Messages EM-467 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6_SW-3-NEED_SLOW_ROUTINE IPv6 can’t access pak [pointer] header in [chars] - need slow routine Explanation The IPv6 base header in the packet could not be directly accessed in the named routine, and hence the packet was dropped. This is due to the packet not being within the first particle or the header not being completly contained within one particle. If the slow switching routines (using pak_netio_ API calls) had been compiled in then the packet could have been switched. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_SW-3-SET_MAPPING_FAILED set mapping ipv6 ([dec]) to media [chars] failed: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6_SW-4-ERR_DEBUG_INIT A error occurred during debug initialization, err: [chars] Explanation The IPv6 NetIO component encountered an error during debug initialisation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV6 Messages Error Message %IP-IPV6-3-DEBUG_INIT_FAILED IPv6 IO Debug Initialisation Failed Explanation IPv6 IO failed to initialise debugging Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6 Messages EM-468 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6-3-EDM_DECODE_FAILED Failed to decode [chars] data Explanation IPV6 could not decode data supplied by the indicated external data manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-EDM_ENCODE_FAILED Failed to encode [chars] data in external data manager Explanation A process has requested information from ipv6_io through SysDB, probably as a result of executing a show command. The data requested could not be encoded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-EDM_OPEN_FAILED Failed to open external data manager in [chars] Explanation While processing the indicated show command, the ipv6_io process could not connect to the SysDB server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-EDM_REGISTER_FAILED IPV6_IO failed to register its external data manager - [chars] Explanation The ipv6_io process failed when attempting to register its external data manager with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-ERR_ADD_ENCAP Failed to add [chars] encapsulation to [chars] ([chars]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6 Messages EM-469 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6-3-ERR_LTRACE_INIT_FAIL [chars] [chars] [chars] Explanation There was a failure during an ltrace_init api call which resulted in the failure as indicated in the message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-ERR_NULL_HANDLE_ALLOC Error: Port Arbtitrator allocated a NULL handle Explanation Handle allocated by port arbitrator is invalid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-ERR_PA_BIND Couldn’t bind with Port Arbitrator for local interest, error equals [chars] Explanation A call made to pa_client_bind has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-ERR_PA_BIND_RETVAL Error in binding [chars] for local interest with Port Arbitrator Explanation A certain ICMP6 type couldn’t be registered with PA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-EVENTCONN_CREATE_FAILED IPv6 IO failed to create evm conn for [chars]: ([dec]) [chars] Explanation The IPv6 IO process failed to create a connection to a server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6 Messages EM-470 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6-3-INIT_FAILED [chars] ([chars]) Explanation IPv6 IO failed to initialise some services. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-INVALID_INPUT Invalid IPv6 packet on input: [chars] (got [dec], should be [dec]), s: [chars] d: [chars] Explanation IPV6 received an invalid format IP packet. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-PACKET_ERROR_DISCARD [chars], (source: [chars], destination: [chars]) Explanation IPV6_IO discarded a packet due to the indicated error. Recommended Action Based on the error indicated, investigate the source of the and links for packet corruption or other errors. Error Message %IP-IPV6-3-PACKETMGR_CONNECT_FAILED IPv6 IO Packet Manager connection Failed: ([dec]) [chars] Explanation The IPv6 IO process failed to connect to the packet manager Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-PAK_FSV_WRITE_FAILED Could not write packet specific feature vectors in [chars] ([chars], [unsigned int]) Explanation IPv6_IO could not write the packet specific features. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages IPV6 Messages EM-471 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6-3-PAK_SEND_TO_TRANSPORT_FAILED IPv6_IO could not transfer packet to the transport layer ([unsigned int], [chars]) Explanation IPv6_IO attempted to write a packet to the transport layer and failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-STATS_SHM_INIT_FAILED Failed to initialize shm for ipv6 traffic stats Explanation While trying to create a shared memory object for ipv6 traffic statistics, encountered an error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-SYSDB_BIND_FAILED Failed to connect to SysDB in [chars] ([chars]) Explanation Failed to connect to SysDB while starting the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-SYSDB_CONNECT_FAILED Default connection to SysDB failed ([chars], [chars]) Explanation Could not connect to SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-IPV6-3-SYSDB_CREATEITEM_FAILED Failed trying to create the SysDB item [chars] ([chars]) Explanation Failed to create an item in SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages L2SNOOP Messages EM-472 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-IPV6-6-ERR_IM IM API Failure ([chars]) : [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. L2SNOOP Messages Error Message %IP-L2SNOOP-3-DEBUG_INIT [chars]%s Explanation An software error occured when the L2SNOOP process try to do debug related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-L2SNOOP-3-INIT_ERR [chars]%s Explanation An software error occurred while starting up of L2SNOOP process. If this occurred during process startup, then the process may be restarted. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages L2SNOOP Messages EM-473 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-L2SNOOP-3-INIT_RETRY [chars] ([dec]) Explanation An software error occured when the L2SNOOP process attempts to retry one of its initialization tasks with a network layer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-L2SNOOP-3-NO_MEM [chars] ([chars]): [chars] Explanation An software error occured when the L2SNOOP process try to request more memory. The requested operation by l2snoop could not be accomplished because of a low memory condition. Recommended Action In the problem recurs, reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-L2SNOOP-3-RED_INIT [chars] - [chars] Explanation An software error occured when the L2SNOOP process try to do redundancy related init with System Manager for the node state changes. Recommended Action The process will attempt to recover from this situation by restarting or retrying. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-L2SNOOP-3-REG_NETWORK Failed to register L2SNOOP protocol with the network layer ([chars]): [chars] Explanation An software error occured when the L2SNOOP process try to register itself with the network process and net io process for datapath. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages L2SNOOP Messages EM-474 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-L2SNOOP-3-SOCKET_INIT [chars] ([chars]): [chars] Explanation An software error occured when the L2SNOOP process do socket related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-L2SNOOP-3-SOFTWARE_INSTALL [chars]: [chars] Explanation An software error occured when the L2SNOOP process attempts to register with Install Manager for notification of software package installation and deinstallation on the system. Recommended Action The process will attempt to recover from this situation by restarting or retrying. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-L2SNOOP-3-TIMER_INIT [chars]: [chars] Explanation An software error occured when the L2SNOOP process sets up and initializes the various L2SNOOP timers. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-L2SNOOP-3-VRF_INIT [chars]: [chars] Explanation An software error occured when the L2SNOOP process attempts to set up connection with the RSI agent during the startup of l2snoop process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory Internet Protocol (IP) Messages LIBIPPIMDLL Messages EM-475 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-L2SNOOP-7-SYSDB_INIT [chars] - [chars] Explanation An software error occured when the L2SNOOP process try to do initialization related with sysdb process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBIPPIMDLL Messages Error Message %IP-LIBIPPIMDLL-3-ENS_NRS_ERROR Failure ([chars]) reason - ([chars]) Explanation An error occurred during ENS or NRS operation Recommended Action This indicates a problem with ENS or NRS. Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPPIMDLL-3-PIM_LIB_DEBUG ([chars]) ([dec]) Explanation An error occurred during sysdb operation Recommended Action This indicates a problem with sysdb. Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is seen only once/twice while some sysdb processes crashed or were restarted, this might be related to that and could be considered transitory. Internet Protocol (IP) Messages LIBIPV4 Messages EM-476 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-LIBIPPIMDLL-3-PIM_LIB_SYSDB Failure ([chars]) reason - ([chars]) Explanation An error occurred during sysdb operation Recommended Action This indicates a problem with sysdb. Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is seen only once/twice while some sysdb processes crashed or were restarted, this might be related to that and could be considered transitory. LIBIPV4 Messages Error Message %IP-LIBIPV4-3-ERR_CONV_ITEM Convergence item failure ([chars]) reason - ([chars]) Explanation An error occurred processing a BGP convergence item operation. Recommended Action This indicates a problem with publishing BGP convergence via sysdb. If the errors are seen continuously and you see problems with BGP covergence, do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is seen only once/twice while some sysdb processes crashed or were restarted, this might be related to that and could be considered transitory. Error Message %IP-LIBIPV4-7-ERR_DATALIST Helper address datalist operation failed, [chars], [chars] Explanation The sysdb process fails to find the address of a specified active interface or of all active interfaces. Recommended Action This indicates a problem with getting the helper address. If the errors are seen continuously and you see problems with the helper address, do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is seen only once/twice while some sysdb processes crashed or were restarted, this might be related to that. If you don’t see any issue with the helper address thereafter, it is a transitory problem. Internet Protocol (IP) Messages LIBIPV4PROTO Messages EM-477 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-LIBIPV4-7-ERR_HSSD_REG ICMP error generation failure: Failed to register with pakman for hssd use. Explanation For generation of ICMP error packets, the ICMP generation library needs to register for an internal packet resource called HSSD. Since, it couldn’t register for that, an ICMP error couldn’t be generated. Recommended Action This can happen while ’packet’ process is restarting and a couple of instances of the message can be ignored in that case. If there is no restart and problems are being seen with the router not being able to send ICMP errors, do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBIPV4PROTO Messages Error Message %IP-LIBIPV4PROTO-6-PAKHDR Failed to read IP header in packet (hl equals [dec], read equals [dec]) Explanation There was a problem reading the full IP header for a packet being sent. The packet would be dropped. Recommended Action Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV4PROTO-6-PAKHDR_ERROR Failed to read IP header - [chars]: [chars] Explanation There was a problem with reading the IP header in the packet, so, can’t process it. Recommended Action Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV4PROTO-7-GET_PAK_HDR_COUNT [chars]: [chars] Explanation There was a problem while getting total packet header count for this node. Recommended Action This could happen if there is a problem with packet shared memory on the node. The transport would restart in this situation, if it restarts once or twice and then recovers, then it could be a transient problem and no action is required. If the transport keeps restarting, do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages LIBIPV6PROTO Messages EM-478 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-LIBIPV4PROTO-7-PLIB_INIT [chars]: [chars] Explanation There was a problem initializing the IPv4 protocol library within a transport process. The message indicates what part of the initialization failed. Recommended Action Transport processes might restart due to this initialization failure. If this error message is seen just once when multiple processes restart, then it can be considered transient and ignored. If the message is seen multiple times and the transport has restarted too many times, do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBIPV6PROTO Messages Error Message %IP-LIBIPV6PROTO-3-ERR_CONNECT_IO_STATS Failed to open IO stats shared mem, [chars] Explanation The transport fails to open the ipv6-io stats shared memory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV6PROTO-3-ERR_CONNECT_RIB Failed to connect to the rib process Explanation The transport fails to connect to the rib process. The error occurs when the RIB process is temporarily unavailable. It is a transient error and will be recoverred once the RIB process becomes available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV6PROTO-3-ERR_FSV_REG FSV registration failed for [chars], [chars] Explanation This is a transient error and it happens when the packet mamager process is temporarily unavailable. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages LIBIPV6PROTO Messages EM-479 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-LIBIPV6PROTO-3-ERR_FSV_WRITE FSV resource busy, [chars] Explanation The packet FSV resources are busy and a packet FSV could not be written. It is a transient error and it could happen in a heavy loaded system. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV6PROTO-3-ERR_GET_MTU Failed to get the MTU, [chars] Explanation The transport fails to get the MTU from the network protocol process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV6PROTO-3-ERR_LAS_INIT Failed IPv6 Local Address Server (LAS) initialization, [chars] Explanation This is a transient error and it happens when the underlying communication layer, Group Service Process (GSP), is temporarily unavailable. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV6PROTO-3-ERR_NETIO_CONN_INIT Failed to connect to netio, [chars] Explanation The transport fails to open the connection to netio. This error is normally transient and it occurs when the netio process is temporarity unavailable. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-LIBIPV6PROTO-3-ERR_NETWORK_GONE Network protocol process is not up Explanation The transport detects that the network protocol process is not running. The problem is usually transient and is recovered once the network process becomes available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages MPA_CONSUMER Messages EM-480 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-LIBIPV6PROTO-3-ERR_NO_MEM Failed to allocate [dec] bytes of memory, [chars] Explanation One of the memory allocation routines such as malloc() fails. Recommended Action Use ’show memory summary [location node-id]’ command to determine the state of the system memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-LIBIPV6PROTO-3-IPSEC_HANDLE [chars]: [chars] Explanation An error is encountered in handling a IP Security packet Recommended Action The returned error provides the type of the error. Based of the error type, the source of the error could be identified. Error Message %IP-LIBIPV6PROTO-7-ERR_SEND_PACKET Failed to send a packet to the network layer, [chars] Explanation The transport fails to send a message with packet to the network layer. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPA_CONSUMER Messages Error Message %IP-MPA_CONSUMER-3-ERR_MEM_ALLOC Failed to allocate memory Explanation The Multicast Port Arbitrator consumer library failed to allocate memory. Recommended Action The system is running low on memory, if there is lots of config/routes, try reducing it. Do the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If there isn’t too much config, then do the following action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages MPA Messages EM-481 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MPA Messages Error Message %IP-MPA-3-DOWNLOAD_FAIL Unable to download multicast joins to a restarted csmr on node [chars] : [chars] Explanation The Multicast Port Arbitrator was unable to download one or more multicast joins to a restarting instance of its consumer on the specified node. Recommended Action Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-MPA-3-ERR_MEM_ALLOC Failed to allocate memory Explanation The Multicast Port Arbitrator failed to allocate memory. Recommended Action The system is running low on memory, if there is lots of config/routes, try reducing it. Do the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If there isn’t too much config, then do the following action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-MPA-3-GROUP_SEND_NODE [chars]: failed to send group message to node [hex]: [chars] Explanation An internal error was detected when trying to send a GSP message to the given node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-MPA-3-MGII_MUTEX mutex failed: [chars]: [chars] Explanation Failure of thread operations on the mutex protecting the multicast group memberships. Recommended Action Do the following action.Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages MPA Messages EM-482 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-MPA-3-RADIX_FAIL Radix operation [chars] failed for node [chars]([hex]) Explanation An internal error occured while updating an internal node database. Recommended Action Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-MPA-3-RTINSERT_FAIL Failed to insert an entry in MPA multicast database radix tree Explanation A radix tree internal error occured while inserting in MPA multicast database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-MPA-7-DELETE_FAIL Unable to delete client node ([chars]) from AVL tree Explanation An AVL tree internal erorr occurred while deleting a client node. Recommended Action Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-MPA-7-INIT_FAILED Cannot initialize [chars]: [chars] Explanation The indicated initialization of the MPA failed and the process restarted. Recommended Action If the indicated error is about low memory, do the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Else, do the following action.Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages PFILTER_MA Messages EM-483 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PFILTER_MA Messages Error Message %IP-PFILTER_MA-7-INIT Failed to initialize [chars], because of [chars] Explanation Initialization failed. Both the initialization type and the error code are displayed. The sysmgr process will restart the ipv4_aclmgr if this condition happens. Recommended Action None PLATFORM_IPV4 Messages Error Message %IP-PLATFORM_IPV4-1-DLERR [chars] : [chars] Explanation Error finding well-known function in dll. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. PRRT Messages Error Message %IP-PRRT-3-ERR_CHUNK_CREATE Fatal Error: couldn’t allocate chunk mem for packet queue Explanation couldn’t allocate chunk mem for packet queue Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-PRRT-3-ERR_CONN Fatal Error: Couldn’t create [chars] for [chars] interaction Explanation A certain call to an event_conn_*() function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages PRRT Messages EM-484 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-PRRT-3-ERR_EVM Fatal Error: [chars] for [chars], error equals [dec] Explanation event api failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-PRRT-3-ERR_INIT [chars] Explanation An Init called failed, exiting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-PRRT-3-ERR_PTHREAD_CREATE [chars], ([dec], [chars]) Explanation pthread create failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-PRRT-3-ERR_TIMER Fatal Error: [chars] for [chars], error equals [dec] Explanation timert api failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-PRRT-6-ERR_NETIO_CONNECT Failed to initialize handler for netio connection [chars] ([chars]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages RAW Messages EM-485 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RAW Messages Error Message %IP-RAW-3-DEBUG_INIT [chars]%s Explanation An software error occured when the RAW process try to do debug related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RAW-3-INIT_ERR [chars]%s Explanation An software error occurred while starting up of RAW process. If this occurred during process startup, then the process may be restarted. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RAW-3-INIT_RETRY [chars] ([dec]) Explanation An software error occured when the RAW process attempts to retry one of its initialization tasks with a network layer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages RAW Messages EM-486 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-RAW-3-NO_MEM [chars] ([chars]): [chars] Explanation An software error occured when the RAW process try to request more memory. The requested operation by raw could not be accomplished because of a low memory condition. Recommended Action In the problem recurs, reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-RAW-3-RED_INIT [chars] - [chars] Explanation An software error occured when the RAW process try to do redundancy related init with System Manager for the node state changes. Recommended Action The process will attempt to recover from this situation by restarting or retrying. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RAW-3-REG_NETWORK Failed to register RAW protocol with the network layer ([chars]): [chars] Explanation An software error occured when the RAW process try to register itself with the network process and net io process for datapath. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RAW-3-SOCKET_INIT [chars] ([chars]): [chars] Explanation An software error occured when the RAW process do socket related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Internet Protocol (IP) Messages RAW Messages EM-487 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-RAW-3-SOFTWARE_INSTALL [chars]: [chars] Explanation An software error occured when the RAW process attempts to register with Install Manager for notification of software package installation and deinstallation on the system. Recommended Action The process will attempt to recover from this situation by restarting or retrying. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RAW-3-TIMER_INIT [chars]: [chars] Explanation An software error occured when the RAW process sets up and initializes the various RAW timers. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-RAW-3-VRF_INIT [chars]: [chars] Explanation An software error occured when the RAW process attempts to set up connection with the RSI agent during the startup of raw process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages rlogin Messages EM-488 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-RAW-7-SYSDB_INIT [chars] - [chars] Explanation An software error occured when the RAW process try to do initialization related with sysdb process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. rlogin Messages Error Message %IP-rlogin-3-CHILD_PID [chars]: [chars] Explanation rlogin client application’s child process has invalid pid Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-rlogin-3-CHILD_STOPPED [chars]: the child stopped with signal number [dec] Explanation rlogin client application’s child process was stopped abnormally Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-rlogin-3-CHILD_TERMINATED [chars]: the child terminated with signal number [dec] Explanation rlogin client application’s child process terminated abnormally. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Internet Protocol (IP) Messages rlogin Messages EM-489 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-rlogin-3-ERR_BEST_ROUTE No route to destination host exists Explanation Socket operation failed. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-rlogin-3-ERR_CREATE_EVENTMGR Couldn’t create evmgr Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-rlogin-3-ERR_FLUSH tcflush failed Explanation tcflush() call failed. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-rlogin-3-ERR_FORK Can’t fork child process Explanation Internal error in forking child process. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-rlogin-3-ERR_SOCKET socket: [chars] Explanation Socket operation failed. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Internet Protocol (IP) Messages RLOGIND Messages EM-490 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-rlogin-3-WAIT [chars]: [chars] Explanation rlogin client’s call to wait() system call failed Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-rlogin-6-ERR_GENRAL [chars] Explanation The rlogin encountered some problem in genric nature or plain information. Recommended Action ’No action is required.’ RLOGIND Messages Error Message %IP-RLOGIND-3-ERR_CREATE_EVENTMGR Couldn’t create evmgr in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-RLOGIND-3-ERR_DEBUG_INIT Failed to init debug in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-RLOGIND-3-ERR_FATAL Rlogind: fatal error [chars] Explanation Fatal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Internet Protocol (IP) Messages RLOGIND Messages EM-491 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-RLOGIND-3-ERR_MALLOC Cannot allocate memory in function [chars]() Explanation Internal error. System is out of memory - malloc failed. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-RLOGIND-3-ERR_OPEN Failed to open a device file for a session ([dec]) Explanation An unexpected error occurred when RloginD tried to open a VTY character special file. Recommended Action No action is required. Error Message %IP-RLOGIND-3-ERR_SPAWN Can’t spawn login Explanation Internal error in spawning login child process. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-RLOGIND-3-ERR_SYSDB Unexpected SysDB error encountered: [hex], ’[chars]’ Explanation The Telnet Server has encountered an error using the SysDB Library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RLOGIND-3-ERR_TTY_DETAILS Failed to retrieve the details of a TTY Device ([hex], ’[chars]’) Explanation An unexpected error occurred when RloginD tried to retrieve the details of a VTY from a utility library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages RSHD Messages EM-492 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-RLOGIND-3-ERR_USAGE usage : rlogind [-alnd] Explanation Usage error. Recommended Action ’No action is required.’ Error Message %IP-RLOGIND-3-ERR_VTY_CONNECT Failed to obtain a VTY for a session: ’[chars]’ Explanation An error occurred when RloginD requested a VTY for a session. This might occur if the requested rlogin session cannot be satisfied by any of the unused VTYs in the configured vty pool(s), e.g. if all VTYs are in use, if transport-input is not allowed for rlogin, or if the configured ACL does not match. Recommended Action Check that the configured VTY pool(s) can satisfy this rlogin request based on which VTYs are currently in use. This can be checked with ’show users’, and looking at the VTY pool configuration. If the configuration appears to be consistent then try to rlogin with debug rlogin detail on; this might indicate where the problem lies. Error Message %IP-RLOGIND-4-ERR_SOCKET Socket operation failed: [chars] Explanation Internal warnings related to socket operations. Recommended Action ’No action is required.’ Error Message %IP-RLOGIND-6-INFO_GENERAL Rlogind: [chars] Explanation The rlogind encountered some problem in genric nature or plain information. Recommended Action ’No action is required.’ RSHD Messages Error Message %IP-RSHD-2-ILLEGAL_PORT Illegal port: [chars] Explanation The connection between rsh client and server must from/to a privileged port (512-1023) Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages RSHD Messages EM-493 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-RSHD-3-ERR_AUTH Kerberos rsh denied to [chars].[chars]@[chars] Explanation Kerberos authentication failed. Recommended Action No action is required. Error Message %IP-RSHD-3-ERR_CREATE_EVENTMGR Failed to create event manager: [chars] Explanation Attempt to create an event manager fails for some reason Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RSHD-3-ERR_MALLOC Failed to allocate [dec] bytes of memory: [chars] Explanation The server has failed to acquire the required amount of memory Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-RSHD-3-ERR_REGISTER_DEBUG Failed to register for debugging events: [chars] Explanation Attempt to register with the event magager for debugging events fails Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RSHD-3-ERR_SOCKET Socket operation failed: [chars]: [chars] Explanation Internal warnings related to socket operations Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-RSHD-3-ERR_USAGE [chars] Explanation Usage error. Recommended Action No action is required.Internet Protocol (IP) Messages SCTP Messages EM-494 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SCTP Messages Error Message %IP-SCTP-3-INIT_ERR [chars]%s, restarting to recover Explanation An error occurred while starting up SCTP process. SCTP process will restart in an attempt to recover Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SMIAP Messages Error Message %IP-SMIAP-2-INIT_FAILED Cannot initialize [chars]: ([chars]) Explanation IPV4 SMIAP initialization failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SMIAP-3-CHKPT_FAIL the check point function [chars] rc: [chars] Explanation A call to checkpoint function failed for the virtual ip address of that vrf Recommended Action Contact support. Error Message %IP-SMIAP-4-ADDR_CFLCT IP address [chars] configured on management interface [chars] same as virtual IP address [chars] Explanation IP address on the management interface specified is conflicting with the virtual IP address. Recommended Action Either change the virtual IP address to some other IP address on the management interface’s network or change the conflicting IP address on the specified management interface. Internet Protocol (IP) Messages SMIAP Messages EM-495 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-SMIAP-4-IM_ATTR_FIND_IF_FAILED Interface ’[chars]’ is supposed to be a management interface, but, can’t find information about it Explanation Management interface information needs to be known in SMIAP so that it can make the virtual IP address functional. Recommended Action If the message is for a management interface which doesn’t exist anymore, e.g., due to a failover, this error can be simply ignored. If it is for an interface which is active, contact technical support. Error Message %IP-SMIAP-4-INVALID_NETWORK IP address [chars]/[dec] on the management interface [chars] does not belong to same network as virtual IP address [chars]/[dec] Explanation IP address on the management interface on the active/standby RP should be in the same network as the virtual IP address. Recommended Action Change the IP address on the management interface or the virtual IP address so that they are in the same network and are not the same. Error Message %IP-SMIAP-4-SYSMGR_FAILURE Failed to signal sysmgr about - [chars], error [chars] Explanation SMIAP failed to signal sysmgr about its process state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SMIAP-4-VIRTUAL_IP_CFLCT Virtual IP address [chars] same as [chars] configured on management interface [chars] Explanation IP address on the management interface specified is conflicting with the virtual IP address. Recommended Action Either change the virtual IP address to some other IP address on the management interface’s network or change the conflicting IP address on the specified management interface.Internet Protocol (IP) Messages SOCKET Messages EM-496 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SOCKET Messages Error Message %IP-SOCKET-3-INVALID_CLOSE Invalid close operation on a replicated socket (so: 0x[pointer], [chars]) Explanation A standby NSR application tried to close a replicated socket. Only the active NSR application can close such a socket. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-4-DOUBLE_CLOSE Close was called on the socket 0x[pointer] ([chars], owned by proc [dec]) more than once Explanation The socket library expect close to be called only once by os. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-4-DOUBLE_CLOSE Close was called on the socket 0x[pointer] ([chars], owned by proc [dec]) more than once Explanation The socket library expect close to be called only once by os. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-7-DEBUG_INIT_EVENT Failed to initialize debug event: [chars] Explanation The socket library (used by transports) failed to initialize a debug event. Recommended Action The transport process will try to recover from this by retrying/ restarting. If the messages are not seen again, the problem was transitory and has been recovered. There is no need to take any action. If the messages come continuously, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages SOCKET Messages EM-497 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-SOCKET-7-DEBUG_INIT_EVENT Failed to initialize debug event: [chars] Explanation The socket library (used by transports) failed to initialize a debug event. Recommended Action The transport process will try to recover from this by retrying/ restarting. If the messages are not seen again, the problem was transitory and has been recovered. There is no need to take any action. If the messages come continuously, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-7-DEBUG_REGISTER Failed to register with debug library: [chars] Explanation Failed to register with the debug library to have the library automatically handle changes to any of the SOCKET debug flags. Recommended Action The transport process will try to recover from this by retrying/ restarting. If the messages are not seen again, the problem was transitory and has been recovered. There is no need to take any action. If the messages come continuously, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-7-DEBUG_REGISTER Failed to register with debug library: [chars] Explanation Failed to register with the debug library to have the library automatically handle changes to any of the SOCKET debug flags. Recommended Action The transport process will try to recover from this by retrying/ restarting. If the messages are not seen again, the problem was transitory and has been recovered. There is no need to take any action. If the messages come continuously, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-7-ERR_EVM_CREATE Failed to create event manager: [chars] Explanation The socket library failed to create event manager. Recommended Action If the error message indicates low memory, do the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. For any other errors, do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages STANDBY Messages EM-498 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-SOCKET-7-ERR_EVM_CREATE Failed to create event manager: [chars] Explanation The socket library failed to create event manager. Recommended Action If the error message indicates low memory, do the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. For any other errors, do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-7-NOFDREF NOFDREF flag on socket 0x[pointer] ([chars], owned by proc [dec]) is already set where we expect it is not set Explanation The socket library expect the NOFDREF flag to be not set and find it is already set. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-SOCKET-7-NOFDREF NOFDREF flag on socket 0x[pointer] ([chars], owned by proc [dec]) is already set where we expect it is not set Explanation The socket library expect the NOFDREF flag to be not set and find it is already set. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. STANDBY Messages Error Message %IP-STANDBY-3-ERR_EDM_NOTIFY [chars]: Failed to generate [chars]: [chars] Explanation HSRP has failed to notify the system that the specified event has occurred. Recommended Action Restart the HSRP process. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages STANDBY Messages EM-499 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-STANDBY-3-ERR_IFINDEX Failed to retrieve interface index for interface [chars] Explanation An unexpected error has occurred in the interface index lookup which may result in an inconsistency in HSRP’s database. Recommended Action If the indicated interface is being tracked then remove and reapply the tracking configuration. If this doesn’t resolve the problem then restart the HSRP process (process name ’hsrp’). Error Message %IP-STANDBY-3-ERR_IM Failed to get [chars] type from Interface Manager: [chars] Explanation HSRP has failed to retrieve required information about the interface from the Interface Manager. Recommended Action Check to see if there are any other errors on the system which may indicate a general service-related problem and restart those services. If the problem is isolated then restart HSRP. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-STANDBY-3-ERR_INDEX Failed to obtain snmp index for [chars]: [chars] Explanation The HSRP process failed to obtain the snmp index for this interface. There may be a problem with the connection to certain IOSXR services. Recommended Action Retry the configuration on this interface. If this still fails then do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-STANDBY-3-ERR_JOIN Failed to [chars] interface [chars] on Multicast group: [chars] Explanation The HSRP process failed to start/stop receiving HSRP packets on an interface correctly. This is an internal error. Recommended Action Retry the configuration on the interface. If this still fails then do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages STANDBY Messages EM-500 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-STANDBY-3-ERR_MAC Failed to add unicast MAC address on interface [chars]: [chars] Explanation HSRP has failed to assign a MAC address to the interface. Recommended Action Retry the configuration on the interface. If this still fails then do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-STANDBY-3-ERR_NO_MEM Out of memory (failed attempt to reserve [unsigned int] bytes) Explanation HSRP was not able to allocate the memory that it needed to complete the operation. HSRP functionality may be reduced until the problem is resolved. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-STANDBY-3-ERR_REGISTER Registration for [chars] failed: [chars] Explanation Registration for an IOSXR service failed during HSRP’s operation. This may indicate a connection failure with the IOSXR service as indicated in the error message. Recommended Action Restart the HSRP process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-STANDBY-4-WARN_DEBUG Outputting debug information failed: [chars] Explanation The HSRP process failed to output a debug message. This may not impact functionality but it does impair the debuggabilty of the VRRP process. And may indicate that there is a failure with the IOSXR debug infrastructure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages STANDBY Messages EM-501 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-STANDBY-4-WARN_INIT HSRP Initialization failed: [chars]: [chars] Explanation The HSRP process failed to initialize correctly. In this situation HSRP restarts, but HSRP may not recover if there is a persistant error in the IOSXR system and HSRP is later unable to reestablish its connections and initialize successfully. Recommended Action If HSRP does not restart and automatically recover, do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-STANDBY-6-INFO_HOLDTIME Holdtime ([dec]) is less than or equal to twice the hellotime ([dec]) Explanation The holdtime has been set to a value which is less than (or equal to) twice the hello time. This is not recommended as any lost packet may result in an unnecessary state change. Recommended Action Change the holdtime to be greater than twice the hellotime. Error Message %IP-STANDBY-6-INFO_REDIRECTS_DISABLED ICMP redirects may still be enabled on this interface Explanation Disabling HSRP filtered ICMP redirects when ICMP redirects are enabled may cause hosts to use real IP addresses as their default routes, and first hop redundancy may be lost. Recommended Action Ensure that ICMP redirects are disabled on this interface. Error Message %IP-STANDBY-6-INFO_REDIRECTS_SECONDARY ICMP redirects may be ignored by hosts if HSRP secondary addresses are used Explanation If a host uses HSRP secondary addresses, HSRP filtered ICMP redirects may be ignored by the host (depending on the host implementation). Recommended Action Try to avoid using HSRP secondary addresses when HSRP filtered ICMP redirects are enabled. Error Message %IP-STANDBY-6-INFO_STATECHANGE SB[dec]: [chars]: state [chars]011 - [chars] Explanation The HSRP router has changed state for the specified group and interface. Recommended Action No action is required.Internet Protocol (IP) Messages TCP_NSR Messages EM-502 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 TCP_NSR Messages Error Message %IP-TCP_NSR-3-FAILURE [chars]:[dec] - [chars]:[dec]:: NSR terminated because of [chars] Explanation TCP stack detected NSR functionality impairment and has brought NSR down. Recommended Action Understand why NSR failed and take the necessary steps such as collecting core file, traces etc. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TCP_NSR-3-FO_INITIATED TCP in active role has failed. Initiating fail-over to keep NSR up. Explanation TCP’s NSR module is initiating a fail-over to maintain NSR because TCP in active role has failed (either crashed or shut down) and fail-over is currently configured as the recovery action. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TCP_NSR-3-INIT_ERR [chars]%s Explanation An software error occurred while initializing the TCP SSO functionality. If this occurred during process startup, then the process may be restarted. Recommended Action The process may attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages TCP Messages EM-503 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TCP_NSR-3-OUT_OF_SYNC One or more NSR control messages could not be delivered to partner TCP. Explanation One or more control messages could not be delivered, after several retries, to the partner TCP stack. This can leave the TCP stacks in a state that prevents NSR from being restored. However, periodic self-audit should correct the mismatch in state and should result in NSR being restored. Recommended Action This may be due to a very basic problem with the communications infrastructure between the TCP stacks running on different nodes. Please collect the following information and restart the standby TCP process. Error Message %IP-TCP_NSR-6-KEEPALIVE_MISS Bring NSR down for sessions protected on node [chars] Explanation NSR is brought down for sessions protected on partner node because of missing keepalives Recommended Action Understand why standby is not healthy and take the necessary steps such as collecting core file, traces etc. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. TCP Messages Error Message %IP-TCP-3-BADAUTH Invalid [chars] digest from [chars]:[dec] to [chars]:[dec] Explanation The peer is sending an authentication digest that doesn’t match what is configured locally. Recommended Action Check the configuration on both ends and make sure that the password or authentication information is identical. Error Message %IP-TCP-3-DEBUG_INIT [chars]%s Explanation An software error occured when the TCP process try to do debug related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages TCP Messages EM-504 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TCP-3-EAOPT_KEYMAX Send key-id [dec] for keychain ’[chars]’ (peer [chars]) greater than Enhanced Authentication max(63) Explanation TCP Enhanced Authentication header has 6 bits for the keyid, hence, the send key can’t be more than 63. Recommended Action Change the keychain configuration to not have a key-id greater than 63. No need to re-configure it under BGP or to clear BGP neighbors. Error Message %IP-TCP-3-EAOPT_RECV_UNSUPPORTED_MAC Received unsupported MAC algorithm([dec]) in the Enhanced Authentication option from peer [chars] Explanation Received a TCP packet with the Enhanced Authentication option header with a MAC(Message Authentication Code) algorithm value not supported, from the specified peer. Recommended Action Check the configuration of the peer specified and reconfigure it so that its keychain only has cryptographic algorithms supported by IOS-XR. Error Message %IP-TCP-3-EAOPT_SEND_INVALID_KEY Invalid or no-active send-key for key-chain ’[chars]’ for the Enhanced Authentication option to send to peer [chars], error - [chars] Explanation Either there is no active send-key for the specified keychain or the active send-key has some problem. Hence can’t send data to the peer. Recommended Action Check the keychain to see if it has any active keys. Sometimes, this error might come if there is no overlap between the send-keys. In that case, if keychain shows that there is an active key, then this error can be ignored. Else, change the configuration to have an active send-key. If there is an active key and you still see the error, that indicates that there is some configuration problem with the active send-key. Correct that and if that doesn’t work, contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %IP-TCP-3-EAOPT_SEND_NOKEY No active send-key for key-chain ’[chars]’ for the Enhanced Authentication option to send to peer [chars], error - [chars] Explanation There is no active send-key for the specified keychain and hence can’t send data to the peer. Recommended Action Check the keychain to see if it has any active keys. Sometimes, this error might come if there is no overlap between the send-keys. In that case, if keychain shows that there is an active key, then this error can be ignored. Else, change the configuration to have an active send-key. Internet Protocol (IP) Messages TCP Messages EM-505 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TCP-3-EAOPT_SEND_UNSUPPORTED_MAC Unsupported MAC algorithm([dec]) for keychain ’[chars]’ (send-key [dec]) for peer [chars] Explanation The send-key from the specified keychain has a MAC(Message Authentication Code) algorithm which is not supported by the TCP Enhanced Authentication (EA) draft and/or the IOS-XR implementation. Recommended Action Check the MAC algorithms supported with TCP Enhanced Authentication by IOS-XR and modify the MAC algorithm accordingly. Error Message %IP-TCP-3-IM_INIT [chars]: [chars] Explanation An software error occured when the TCP process try to do initialization with ifmgr Recommended Action The process will attempt to recover from this situation by restarting or retrying. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TCP-3-INIT_ERR [chars]%s Explanation An software error occurred while starting up of TCP process. If this occurred during process startup, then the process may be restarted. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages TCP Messages EM-506 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TCP-3-INIT_RETRY [chars] ([dec]) Explanation An software error occured when the TCP process attempts to retry one of its initialization tasks with a network layer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TCP-3-MISSING_AUTH Authentication info not programmed for the peer [chars]. Explanation The local application did not program the authentication information (MD5 or key chain) for the peer with which it is trying to connect. It is likely that the application programmed the information for a different peer on the socket opened for connection to the specified peer. Recommended Action Identify the application that owns the affected socket and try to examine its traces and debugs. If the problem persists, collect the output of show commands, traces and running coredumps of the application as well as TCP. Error Message %IP-TCP-3-NO_MEM [chars] ([chars]): [chars] Explanation An software error occured when the TCP process try to request more memory. The requested operation by tcp could not be accomplished because of a low memory condition. Recommended Action In the problem recurs, reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-TCP-3-RED_INIT [chars] - [chars] Explanation An software error occured when the TCP process try to do redundancy related init with System Manager for the node state changes. Recommended Action The process will attempt to recover from this situation by restarting or retrying. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages TCP Messages EM-507 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TCP-3-REG_NETWORK Failed to register TCP protocol with the network layer ([chars]): [chars] Explanation An software error occured when the TCP process try to register itself with the network process and net io process for datapath. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TCP-3-SOCKET_INIT [chars] ([chars]): [chars] Explanation An software error occured when the TCP process do socket related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-TCP-3-TIMER_INIT [chars]: [chars] Explanation An software error occured when the TCP process sets up and initializes the various TCP timers. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-TCP-3-VRF_INIT [chars]: [chars] Explanation An software error occured when the TCP process attempts to set up connection with the RSI agent during the startup of tcp process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages telnet Messages EM-508 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TCP-7-SYSDB_INIT [chars] - [chars] Explanation An software error occured when the TCP process try to do initialization related with sysdb process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. telnet Messages Error Message %IP-telnet-3-ERR_SYSDB Unexpected SysDB error encountered: [hex], ’[chars]’ Explanation The Telnet client has encountered an error using the SysDB Library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-telnet-3-IMC_BIND Error imc_control_server_bind: [chars]([dec]:[chars]). Cannot continue. Explanation An error occured while trying to bind to IM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-telnet-3-INVALID_ADDR_FAMILY Invalid adress family: [dec] Explanation ’The api has returned invalid address family’ Recommended Action *SH_TECH* Internet Protocol (IP) Messages telnet Messages EM-509 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-telnet-3-INVALID_PORT Error converting the port number to numerical representation: [chars] Explanation ’The port specified on the command line can not be converted’ Recommended Action *SH_TECH* Error Message %IP-telnet-3-RIB_BIND_FAILURE Unable to bind to the RIB Explanation An error occurred while attempting to bind to the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-telnet-3-RIB_SRC_ADDRESS_ERROR Error retrieving source address from RIB: [chars]. Cannot continue. Explanation An error occured while trying to retrieve the IP address of the source interface from the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-telnet-3-SYSDB_GET [chars]: [chars] Explanation ’Unable to get/read an item from sysDB ’ Recommended Action *SH_TECH* Error Message %IP-telnet-3-SYSTEM_ERROR Error in [chars]. errno [dec]: [chars] Explanation ’There was an error during invocation of a system call’ Recommended Action *SH_TECH* Internet Protocol (IP) Messages telnet Messages EM-510 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-telnet-3-TCP_NETWORK_COMMS Error communicating with the network: [chars] Exiting. Explanation An error occurred whilst trying to set an option on the TCP socket used for this connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The router can continue to be used. Error Message %IP-telnet-3-TTY_DETAILS [chars]: [chars] Explanation ’The call to tty_details_from_device_file() failed ’ Recommended Action *SH_TECH* Error Message %IP-telnet-3-TTY_NMSPC_PATH [chars]: [chars] Explanation ’Unable to get the sysDB path of an item from TTY nmspc library’ Recommended Action *SH_TECH* Error Message %IP-telnet-4-DSCP_EXTRACT Couldn’t extract dscp setting([chars]([dec]:[chars])). Explanation An error occurred whilst trying to extract dscp configured value. Client will use default dscp value instead. Recommended Action No action is required. Error Message %IP-telnet-4-DSCP_SET Couldn’t set dscp setting([chars]([dec]:[chars])). Explanation An error occured while trying to set dscp value to socket. Telnet will start without spefified dscp value. Recommended Action No action is required. Error Message %IP-telnet-4-SETSOCKOPT_BADF Setsockpt operation failed ’[chars]’. Operation ([dec]:[dec]:[dec]:[dec]). Please retry. Explanation An error occurred whilst trying to setsockopt on the socket. Session will be closed. Recommended Action No action is required. Internet Protocol (IP) Messages telnet Messages EM-511 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-telnet-6-ARM_ADDRESS Error: [chars] Explanation ’The call to ip_addr_c_get_v4/v6_best() failed’ Recommended Action *SH_TECH* Error Message %IP-telnet-6-BIND Couldn’t bind [chars]([chars]). Explanation An error occurred whilst trying to bind the local address. Recommended Action No action is required. Error Message %IP-telnet-6-CONNECT Couldn’t connect to remote host [chars]([chars]). Explanation An error occurred whilst trying to connecting to the remote host. Recommended Action No action is required. Error Message %IP-telnet-6-INTF_DOWN Specified source interface is down Explanation ’The source interface is down, therefore it can not be used.’ Recommended Action *SH_TECH* Error Message %IP-telnet-6-INTF_HANDLE Couldn’t get interface handle for [chars], [chars] Explanation ’Interface lookup failed for source-interface’ Recommended Action *SH_TECH* Error Message %IP-telnet-6-INVALID_ADDRESS Source interface has an invalid address Explanation ’The call to ip_addr_c_get_v4/v6_best() returned an invalid address’ Recommended Action *SH_TECH* Internet Protocol (IP) Messages telnet Messages EM-512 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-telnet-6-INVALID_INTF The specified source interface is invalid Explanation ’The specified source interface can not be used. Will use default interface’ Recommended Action *SH_TECH* Error Message %IP-telnet-6-IP_ARM Error: [chars] Explanation ’The call to ip_addr_c_init() failed’ Recommended Action *SH_TECH* Error Message %IP-telnet-6-SETSOCKOPT Setsockpt operation failed ’[chars]’. Operation ([dec]:[dec]:[dec]). Please retry. Explanation An error occurred whilst trying to setsockopt on the socket. Session will continue. Recommended Action No action is required. Error Message %IP-telnet-6-SETSOCKOPT_EDOM Setsockpt operation failed ’[chars]’. Operation ([dec]:[dec]:[dec]). Please retry. Explanation An error occurred whilst trying to setsockopt on the socket. Session will continue. Recommended Action No action is required. Error Message %IP-telnet-6-SETSOCKOPT_FAULT Setsockpt operation failed ’[chars]’. Operation ([dec]:[dec]:[dec][[pointer]]). Please retry. Explanation An error occurred whilst trying to setsockopt on the socket. Session will continue. Recommended Action No action is required. Error Message %IP-telnet-6-SETSOCKOPT_INVAL Setsockpt operation failed ’[chars]’. Operation ([dec]:[dec]:[dec]). Please retry. Explanation An error occurred whilst trying to setsockopt on the socket. Session will continue. Recommended Action No action is required. Internet Protocol (IP) Messages TELNETD Messages EM-513 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-telnet-6-SETSOCKOPT_NOPROTOOPT Setsockpt operation failed ’[chars]’. Operation ([dec]:[dec]:[dec]). Please retry. Explanation An error occurred whilst trying to setsockopt on the socket. Session will continue. Recommended Action No action is required. Error Message %IP-telnet-6-SOCKET Couldn’t open socket for [chars] vrfid:[dec] ([chars]). Explanation An error occurred whilst trying to open tcp socket. Recommended Action No action is required. Error Message %IP-telnet-6-TCP_NODELAY Failed to set TCP_NODELAY on this session([dec]). Telnet session might get slower performance. Explanation Nagle’s algorithm was not disabled; there is a small chance the telnet session will appear jerky. Telnet will otherwise function normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The router can continue to be used. Error Message %IP-telnet-6-TCP_SO_OOBINLINE Failed to set SO_OOBINLINE on this session([dec]). Explanation Telnet client failed to set SO_OOBINLINE flag on the tcp socket. We can’t continue telnet session, so exit process. Retry would help opening session. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The router can continue to be used. TELNETD Messages Error Message %IP-TELNETD-2-SYSTEM_FAIL [chars]: [chars] errno equals [dec] [chars] Explanation There was a critical system call failure resulting in a failure to provide some system service. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Internet Protocol (IP) Messages TELNETD Messages EM-514 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TELNETD-3-ADDRESS_ERROR The source or destination address [chars] is invalid Explanation The telnetd server was passed a bad adress. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-CON_TIMEOUT The telnet connection from [chars] has been Timed out Explanation A telnet session from the specified peer has been timed out because no response was received from the remote end for the terminal-type query. Recommended Action Please check the IP address of the peer. If it is not a trusted or known address, it could be a DoS attack. Please take steps to install appropriate ACLs or use MPP to avert the DoS attacks. Error Message %IP-TELNETD-3-ERR_ADDRESS_FAMILY The address family [dec] is invalid Explanation The telnetd server was passed a bad adress family. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-ERR_BAD_PORT Bad port number Explanation The telnetd server was passed a bad port number. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-ERR_CONNECT Failed to obtain a VTY for a session: ’[chars]’ Explanation An error occurred when TelnetD requested a VTY for a session. This might occur if the requested telnet session cannot be satisfied by any of the unused VTYs in the configured vty pool(s), e.g. if all VTYs are in use, if transport-input is not allowed for telnet, or if the configured ACL does not match. Recommended Action Check that the configured VTY pool(s) can satisfy this telnet request based on which VTYs are currently in use. This can be checked with ’show users’, and looking at the VTY pool configuration. If the configuration appears to be consistent then try to telnet with debug telnet detailed on; this might indicate where the problem lies. Internet Protocol (IP) Messages TELNETD Messages EM-515 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TELNETD-3-ERR_CREATE_EVENTMGR Couldn’t create evmgr in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-TELNETD-3-ERR_DEBUG_INIT Failed to init debug in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-TELNETD-3-ERR_EXITING Function cleanup() has been called due to an error Explanation The Telnet Server has encountered an unexpected error while using the system library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-ERR_KERNEL [chars]: The call to [chars] failed. Error: [hex], ’[chars]’ Explanation The Telnet Server has encountered an unexpected error while using the system library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-ERR_MALLOC Failed to allocate [dec] bytes of memory Explanation The server has failed to acquire the required amount of memory Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Internet Protocol (IP) Messages TELNETD Messages EM-516 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TELNETD-3-ERR_OPEN Failed to open a device file for a session ([dec]) Explanation An unexpected error occurred when TelnetD tried to open a VTY character special file. Recommended Action No action is required. Error Message %IP-TELNETD-3-ERR_PANIC telnetd: panic state equals [dec] Explanation Panic error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %IP-TELNETD-3-ERR_SYSDB Unexpected SysDB error encountered: [hex], ’[chars]’ Explanation The Telnet Server has encountered an error using the SysDB Library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-ERR_TTY_DETAILS Failed to retrieve the details of a TTY Device ([hex], ’[chars]’) Explanation An unexpected error occurred when TelnetD tried to retrieve the details of a VTY from a utility library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-ERR_USAGE usage : telnetd -debug portNo -no_tty_server Explanation Usage error. Recommended Action ’No action is required.’ Internet Protocol (IP) Messages TELNETD Messages EM-517 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TELNETD-3-SYSTEM_ERROR Error: [chars] Explanation The invocation of a system call returned error condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-TELNETD-3-TCP_NETWORK_COMMS Error communicating with the network: [chars] Exiting. Explanation An error occurred whilst trying to set an option on the TCP socket used for this connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The router can continue to be used. Error Message %IP-TELNETD-4-CONFIGURATION_CHECK [chars]: Warning - configuration inconsistencies Explanation The configuration inconsistencies is detected for the indicated configuration. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %IP-TELNETD-4-DSCP_EXTRACT Couldn’t extract dscp setting([chars]([dec]:[chars])). Explanation An error occurred whilst trying to extract dscp configured value. Server will use default dscp value instead. Recommended Action No action is required. Error Message %IP-TELNETD-4-TCP_KEEPALIVE Failed to set the TCP keepalive timeout during socket initialisation: [chars]; default will apply Explanation The TCP keepalive timeout was not set during initialisation. The default value of 2 hours will apply. Telnet will otherwise function normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The router can continue to be used. Internet Protocol (IP) Messages telnetdscp Messages EM-518 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-TELNETD-4-TCP_NAGLE Failed to disable Nagle’s algorithm during TCP socket initialisation: [chars]; Explanation Nagle’s algorithm was not disabled; there is a small chance the telnet session will appear jerky. Telnet will otherwise function normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The router can continue to be used. telnetdscp Messages Error Message %IP-telnetdscp-4-DSCP_EXTRACT Couldn’t extract dscp setting([chars]([dec]:[chars])). Explanation An error occurred whilst trying to extract dscp configured value. Server will use default dscp value instead. Recommended Action No action is required. Error Message %IP-telnetdscp-4-DSCP_SET Couldn’t set dscp value([dec])([chars]([dec]:[chars])). Explanation An error occured while trying to set dscp value to socket. Process will use default dscp value instead. Recommended Action No action is required. telnetmgmt Messages Error Message %IP-telnetmgmt-4-DSCP_VERIFY Couldn’t verify dscp setting([chars][[chars]]([dec]:[chars])([dec]:[dec])). Explanation An error occurred whilst trying to verify dscp configuration. Recommended Action No action is required.Internet Protocol (IP) Messages TFTP_FS Messages EM-519 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 TFTP_FS Messages Error Message %IP-TFTP_FS-3-ETIMEOUT_THRESHOLD [chars] Explanation This message indicates that write to tftp was not completed successfully. Recommended Action tftp_fs process retries for default number of times before timing out and aborting the write to tftp when it is not able to reach the tftp server. Please check the following options to recover from this situation 1 Connectivity to the remote tftp server. If ip connectivity isnot present tftp_fs wont be able to write 2 The number of retries in tftp_fs is configurable. The user can attempt to increase the number of retries and retry the command 3 If the above two options dont help, please please save the file to the disk on the router, compress it and then transfer the file to tftp server. If none of the options help Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. TTS Messages Error Message %IP-TTS-3-ERR [chars] Explanation A software error occurred while exeucting a TTS command. Recommended Action The arguments supplied to tts commands are most probably wrong. Check the arguments. Or the sequence of operations could be wrong. Error Message %IP-TTS-3-INIT_ERR [chars] Explanation A software error occurred while starting up the TTS process. TTS will not be restarted by sysmgr. Recommended Action The arguments supplied to tts are most probably wrong. Check the arguments. Error Message %IP-TTS-6-INFO [chars] Explanation An informational message about an event that occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages UDP Messages EM-520 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 UDP Messages Error Message %IP-UDP-3-DEBUG_INIT [chars]%s Explanation An software error occured when the UDP process try to do debug related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-UDP-3-INIT_ERR [chars]%s Explanation An software error occurred while starting up of UDP process. If this occurred during process startup, then the process may be restarted. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-UDP-3-INIT_RETRY [chars] ([dec]) Explanation An software error occured when the UDP process attempts to retry one of its initialization tasks with a network layer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages UDP Messages EM-521 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-UDP-3-NO_MEM [chars] ([chars]): [chars] Explanation An software error occured when the UDP process try to request more memory. The requested operation by udp could not be accomplished because of a low memory condition. Recommended Action In the problem recurs, reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-UDP-3-RED_INIT [chars] - [chars] Explanation An software error occured when the UDP process try to do redundancy related init with System Manager for the node state changes. Recommended Action The process will attempt to recover from this situation by restarting or retrying. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-UDP-3-REG_NETWORK Failed to register UDP protocol with the network layer ([chars]): [chars] Explanation An software error occured when the UDP process try to register itself with the network process and net io process for datapath. Recommended Action Copy the error message exactly as it appears on the console or in the system log, contact your Cisco technical support representative, and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-UDP-3-SOCKET_INIT [chars] ([chars]): [chars] Explanation An software error occured when the UDP process do socket related initialization. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Internet Protocol (IP) Messages UDP Messages EM-522 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-UDP-3-TIMER_INIT [chars]: [chars] Explanation An software error occured when the UDP process sets up and initializes the various UDP timers. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-UDP-3-VRF_INIT [chars]: [chars] Explanation An software error occured when the UDP process attempts to set up connection with the RSI agent during the startup of udp process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-UDP-7-SYSDB_INIT [chars] - [chars] Explanation An software error occured when the UDP process try to do initialization related with sysdb process. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise if the message’s error code indicates that the failure was due to lack of memory, then take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the problem was not caused by memory allocation and it hasn’t been corrected by subsequence restarts then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Internet Protocol (IP) Messages VRRP Messages EM-523 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 VRRP Messages Error Message %IP-VRRP-3-ERR_INDEX Failed to obtain snmp index for [chars]: [chars] Explanation The VRRP process failed to obtain the snmp index for this interface. There may be a problem with the connection to certain IOSXR services. Recommended Action Retry the configuration on this interface. If this still fails then do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-VRRP-3-ERR_NO_MEM Out of [chars] memory (failed attempt to reserve [unsigned int] bytes) Explanation The VRRP process was not able to allocate the memory that it needed to complete the operation. VRRP functionality may be reduced until the problem is resolved. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %IP-VRRP-4-WARN_DEBUG Outputting debug information failed: [chars] Explanation The VRRP process failed to output a debug message. This may not impact functionality but it does impair the debuggabilty of the VRRP process. And may indicate that there is a failure with the IOSXR debug infrastructure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-VRRP-4-WARN_INIT VRRP Initialization failed: [chars]: [chars] Explanation The VRRP process failed to initialize correctly. In this situation VRRP restarts, but VRRP may not recover if there is a persistant error in the IOSXR system and VRRP is later unable to reestablish its connections and initialize successfully. Recommended Action If VRRP does not restart and automatically recover, do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Internet Protocol (IP) Messages VRRP Messages EM-524 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %IP-VRRP-4-WARN_REGISTER Registration for [chars] failed: [chars] Explanation Registration for an IOSXR service failed during VRRP’s operation. This may indicate a connection failure with the IOSXR service as indicated in the error message. Recommended Action Restart the VRRP process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %IP-VRRP-6-INFO_STATECHANGE [chars] vrid [dec]: state [chars]011 - [chars] Explanation The VRRP router has changed state. Recommended Action No action is required.EM-525 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Layer 1 Messages This section contains the Layer 1 related System Error Messages. PLIM_OC3 Messages Error Message %L1-PLIM_OC3-2-ERR_HW_RESTART Physical layer interface module hardware restart for error recovery failed: [chars]: [chars] Explanation The PLIM driver failed in soft error recovery. When a soft error is detected with any ASIC on the datapath, the Fault Manager will start the soft error recovery on the whole datapath. If the PLIM soft error recovery failed, the PLIM hardware state may not be in the correct state, and the traffic may be affected. %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The Fault Manager will reset the linecard if the error recovery failed, search through the event logs, if there is no any message indicating that the Fault Manager resets the linecard, try to do a manually reset with CLI: ’hw-module location 0/x/cpu0 reload’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L1-PLIM_OC3-3-ERR_INIT Physical layer interface module driver initialization failed: ([chars]/[chars]). Explanation The physical layer interface module (PLIM) driver on the linecard failed to initialize. The PLIM driver creates the SONET controller and POS interface, handling the all the SONET event, applying SONET/POS configuration to the layer-1 device hardware. If the PLIM driver fails to initialize, no traffic will pass, therefore no higher level protocol will work. %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process e48_plim_oc3 location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart e48_plim_oc3 location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 1 Messages PMENGINE Messages EM-526 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L1-PLIM_OC3-3-ERR_TIMER Unknown timer type detected, the timer is stopped. Explanation The wrong timer type is detected while handling the timer event, the timer will be stopped. The POS interface counter will not work if the timer is stopped, but the traffic will not be affected. Recommended Action Execute ’show int pos 0/x/0/x’ while the traffic is running on the interface to confirm if the counter is still working, if not, restart PLIM driver with CLI: ’process restart e48_plim_oc3 location 0/x/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L1-PLIM_OC3-4-ERR_DEBUG Debug initialization failed with [chars]. Explanation Debug message initialzation failed. Recommended Action This error has no effect on any feature except that debug information cannot be turned on by CLI ’debug plim location 0/x/CPU0’. Restarting the process with CLI: ’process restart e48_plim_oc3 location 0/x/CPU0’ may resolve the problem. PMENGINE Messages Error Message %L1-PMENGINE-4-TCA Port [chars] reports [chars] [chars]([chars]) PM TCA with current value [unsigned long long int], threshold [unsigned long long int] in current [chars] interval window Explanation The specified PM TCA has been declared. Recommended Action Recommended action is to repair the source of the alarm. TREX_LIB Messages Error Message %L1-TREX_LIB-3-MSG_SEND_FAILED msg: [dec], retried: [dec] time(s), failed to send, errno: [chars] Explanation This error message indicates a s/w problem. The details of the problem and traceback are appended to the error msg. Contact support with this information. Recommended Action *SUPPORT* Layer 1 Messages TREX Messages EM-527 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L1-TREX_LIB-7-DEBUG [chars] Explanation A harmless s/w problem occurred. The details of the problem and traceback are appended to the error message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. TREX Messages Error Message %L1-TREX-2-HW_FATAL_ERROR fatal error encountered by h/w - [chars], [chars] Explanation An unrecoverable fatal error was detected by the service linecard h/w, which resulted in linecard reload. The exact cause is appended to the error message. Contact support with this information. Recommended Action *SUPPORT* Error Message %L1-TREX-2-SW_FATAL_ERROR fatal s/w error encountered - [chars], [chars] Explanation An unrecoverable fatal s/w error was encountered, which resulted in process restart. The exact cause is appended to the error msg. Contact support with this information. Recommended Action *SUPPORT* Error Message %L1-TREX-3-BOARD_PLL_ERROR board PLL error : IOFPGA register PLL_STATUS - [hex][[hex]] Explanation There is unexpected h/w state Recommended Action If the problem persists reload the linecard. If that doesn’t help, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 1 Messages UT2 Messages EM-528 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L1-TREX-3-HW_NONFATAL_ERROR nonfatal error encountered by h/w - [chars], [chars] Explanation A nonfatal error was detected by the service linecard h/w. The exact cause is appended to the error message. Contact support with this text. Recommended Action If the error message appears rapidly, or if it persists, reload linecard. If that doesn’t help, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L1-TREX-3-PLL_ERROR [chars] i/f PLL is unlock : register PLS - [hex] Explanation There is unexpected h/w state Recommended Action If the problem persists reload the linecard. If that doesn’t help, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L1-TREX-5-NOTICE [chars] Explanation Unexpected event occurred in the service linecard with no effect on functionality Recommended Action *NONE* Error Message %L1-TREX-6-INFO [chars] Explanation Service linecard’s driver informational message Recommended Action *NONE* UT2 Messages Error Message %L1-UT2-7-ERR_MSG ERR: [chars]: cerrno [dec] Explanation ut2 driver might run into an error that is not a FATAL. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 1 Messages XENA Messages EM-529 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 XENA Messages Error Message %L1-XENA-2-HW_FATAL_ERROR fatal error encountered by h/w - [chars] Explanation An unrecoverable fatal error was detected by service card h/w, which resulted in linecard reload. The exact cause is appended to the error msg. Contact support with this information. Recommended Action *SUPPORT* Error Message %L1-XENA-2-SW_FATAL_ERROR fatal s/w error encountered - [chars], [chars] Explanation An unrecoverable fatal s/w error was encountered, which resulted in process restart. The exact cause is appended to the error msg. Contact support with this information. Recommended Action *SUPPORT* Error Message %L1-XENA-3-ERR_SPA_UNSUPPORTED Inserted node [chars] is not supported by Cisco 12000 Series - Multi-Service Blade Controller. Results are unpredictable. Please remove the unsupported hardware. Explanation Daughter board identified by above nodeid is not supported by Cisco 12000 Series - Multi-Service Blade Controller. The Daughter board should be removed immediately because results are unpredictable. Recommended Action Physically remove the Daughter board from the service card. Error Message %L1-XENA-5-NOTICE [chars] Explanation Unexpected event occurred in service linecard with no effect on functionality Recommended Action *NONE*Layer 1 Messages XENA Messages EM-530 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-531 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Layer 2 Messages This section contains all Layer 2 related System Error Messages, including Ethernet drivers, Packet-over-Sonet (PoS), SONET, PLIMS, and so forth. 10GE_PLIM Messages Error Message %L2-10GE_PLIM-2-RX_LOSS Interface [chars], Detected RX Loss of Signal Explanation The PLIM received an Rx LOS or LF on the given interface which will result in a link flap. Recommended Action No action is required. Error Message %L2-10GE_PLIM-2-RX_LOSS Interface [chars], Detected RX Loss of Signal Explanation The PLIM received an Rx LOS or LF on the given interface which will result in a link flap. Recommended Action No action is required. Error Message %L2-10GE_PLIM-2-RX_RF Interface [chars], Detected Remote Fault Explanation The PLIM received a remote fault on the given interface which will result in a link flap. Recommended Action No action is required. Layer 2 Messages 10GE_PLIM Messages EM-532 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-10GE_PLIM-2-RX_RF Interface [chars], Detected Remote Fault Explanation The PLIM received a remote fault on the given interface which will result in a link flap. Recommended Action No action is required. Error Message %L2-10GE_PLIM-2-RX_UNKNOWN Interface [chars], Detected PLA Fault Explanation The PLIM PLA ASIC had an unkown fault on the given interface which will result in a link flap. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-10GE_PLIM-2-RX_UNKNOWN Interface [chars], Detected PLA Fault Explanation The PLIM PLA ASIC had an unkown fault on the given interface which will result in a link flap. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-10GE_PLIM-2-STARTUP PLIM Process Error: [chars] Explanation The PLIM process failed to spawn correctly. Recommended Action No action is required. Error Message %L2-10GE_PLIM-2-UNSUP This PLIM is no longer supported Explanation This PLIM is a prototype and is not longer supported Recommended Action No action is required. Layer 2 Messages 10GE_PLIM Messages EM-533 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-10GE_PLIM-2-XGXS_RX_SYNC An XGXS RX lane failed to syncronize for port [dec]. Explanation The XGXS Rx Lanes failed to syncronize after a Xenpak OIR or Link Flap. Recommended Action Try to shut/no shut the port. If the MAC does not get enabled, then A physical OIR of the Xenpak device will be needed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-10GE_PLIM-2-XGXS_RX_SYNC An XGXS RX lane failed to syncronize for port [dec]. Explanation The XGXS Rx Lanes failed to syncronize after Rx Xenpak OIR or Link Flap. Recommended Action Try to shut/no shut the port. If the MAC does not get enabled, then A physical OIR of the Xenpak device will be needed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-10GE_PLIM-2-XGXS_TX_SYNC An XGXS TX lane failed to syncronize for port [dec]. Explanation The XGXS Tx Lanes failed to syncronize after a Xenpak OIR or Link Flap. Recommended Action Try to shut/no shut the port. If the MAC does not get enabled, then A physical OIR of the Xenpak device will be needed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-10GE_PLIM-3-OIM_ERR An Optic Interface Module error occurred at port [dec], reason : [chars] Explanation A fatal error occurred in 10GE PLIM driver OIM rule validation. Recommended Action 1. Remove the Xenpak and check if it is Cisco qualified Xenpak. 2. If it is Cisco qualified Xenpak, check DWDM Xenpak placement rule. Error Message %L2-10GE_PLIM-3-OIM_ERR An Optic Interface Module error occurred at port [dec], reason : [chars] Explanation A fatal error occurred in 10GE PLIM driver OIM rule validation. Recommended Action 1. Remove the Xenpak and check if it is Cisco qualified Xenpak. 2. If it is Cisco qualified Xenpak, check DWDM Xenpak placement rule. Layer 2 Messages 10GE_PLIM Messages EM-534 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-10GE_PLIM-4-INVALID_MAC Failed to get MAC address for Slot [dec], Port [dec], Interface assigned random MAC address. Explanation PLIM driver was unable to get a MAC address for the interface. Recommended Action Check if the process ’shelfmgr’ is up and running on the RP. Try to reload the LC to see if that helps. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-10GE_PLIM-4-INVALID_MAC Failed to get MAC address for [chars], Interface assigned random MAC address. Explanation PLIM driver was unable to get a MAC address for the interface. Recommended Action Check if the process ’shelfmgr’ is up and running on the RP. Try to reload the LC to see if that helps. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-10GE_PLIM-6-ERR_UPGRADE [chars] Explanation This is a Informational message in the plim_8p_10ge driver to indicate an operation. Recommended Action No action is required. Error Message %L2-10GE_PLIM-6-ERR_UPGRADE [chars] Explanation This is a Informational message in the plim_8p_10ge driver to indicate an operation. Recommended Action No action is required. Error Message %L2-10GE_PLIM-6-OIM_OIR Optic Interface Module [chars] for port [dec] Explanation The Optic Interface Module (OIM) for the specified port has either been inserted or removed. Recommended Action No action is required. Layer 2 Messages ACCT_SVR Messages EM-535 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-10GE_PLIM-6-OIM_OIR Optic Interface Module [chars] for port [dec] Explanation The Optic Interface Module (OIM) for the specified port has either been inserted or removed. Recommended Action No action is required. ACCT_SVR Messages Error Message %L2-ACCT_SVR-3-ERR_INIT init error: [chars] - restarting process to recover. Explanation The process acct_svr encountered a software error while initializing. The process is exiting and will be restarted. System will not be affected. Recommended Action No action is required. Error Message %L2-ACCT_SVR-3-ERR_INTERNAL software internal error: [chars] - restarting process to recover. Explanation The process acct_svr encountered an internal error. The process is exiting and will be restarted. System will not be affected. Recommended Action No action is required. Error Message %L2-ACCT_SVR-4-HFA_CLK_DELTA_FAIL HFA get clock delta has failed consecutively [dec] out of [dec] total times. Explanation The process acct_svr has failed to get the HFA clock delta for the given consecutive times. The flow report uses the forwarding asic clock which may be slightly off from the system clock. To correct the timestamp, the HFA clock delta is retrieve and on failure, the previously recorded delta is used. This log is printed out after so many consecutive failures to retrieve the clock delta, which may lead to skewed timestamps in the flow report. Recommended Action No action is required. Layer 2 Messages ALPHA_TCAM Messages EM-536 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ACCT_SVR-7-ISR_FIFO_USAGE_FLAG ISR FIFO ring buffer usage is [chars] threshold ([dec]). direction: [dec] num_items equals [dec] Explanation The process acct_svr detected the condition of ISR FIFO ring buffer usage above or below the threshold. If the usage is above the threshold, the process acct_svr will bring the ISR FIFO ring buffer usage back to below the threshold after a while. Traffic will not be affected by this condition. Recommended Action No action is required. ALPHA_TCAM Messages Error Message %L2-ALPHA_TCAM-3-ERROR_MSG [chars], rc equals [hex], [chars] Explanation This is a error message in the HFA Alpha driver to indicate tcam carving error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ALPHA Messages Error Message %L2-ALPHA-3-ERR_ACCESS Memory access error: [chars]: Err equals [chars] Explanation A memory access error occurred in programable switching engine (PSE) driver which involves exiting the process. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ALPHA Messages EM-537 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ALPHA-3-ERROR_MSG [chars] [chars]: [hex] [hex] Explanation This is a error message in the HFA Alpha driver to indicate either anomolies which are not service impacting. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ALPHA-6-VERSION_WARNING [chars] [chars] error [hex] Explanation This is an informational message in the programable switching Engine driver to indicate an operation. %s - is the warning message. %s - is the decoded warning reason. %x - is the decoded error code. Recommended Action No action is required. Error Message %L2-ALPHA-7-INFO_MSG [chars] [chars] Explanation This is an informational message in the programable switching Engine driver to indicate an operation. %s - indicates the direction of the PSE. %s - is the decoded informational reason. Recommended Action No action is required. Error Message %L2-ALPHA-7-PAIR_REG [chars] [chars] PAIR registers: pcr [hex] plu_pirl [hex] pirm1 [hex] pirm2 [hex] pirh [hex] ip_dst [hex] ip_src [hex] mpls_label [hex] mpls_info [hex] ip_header [hex] l4_port [hex] start_adr [hex] msq_info [hex] ltr [hex] tlu_force [hex] pre_cam_prof [hex] lbl1_lo [hex] lbl1_hi [hex] tlbl2_lo [hex] lbl2_hi [hex] leaf1_word1 [hex] leaf1_word2 [hex] leaf1_word3 [hex] leaf1_word4 [hex] leaf2_word1 [hex] leaf2_word2 [hex] leaf2_word3 [hex] tleaf2_word4 [hex] tcam_cont [hex] Explanation An error occurred in programable switching engine (PSE) driver which indicates anomalies. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ASIC_ERRORS Messages EM-538 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ALPHA-7-PHB_DUMP [hex]: [hex] [hex] [hex] [hex] Explanation This is a error message in the programable switching engine to indicate either anomolies which are not service impacting. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ASIC_ERRORS Messages Error Message %L2-ASIC_ERRORS-7-ERR_ECM_CREATE ASIC Error library has failed to create an Event Connection Manager. Reason: [chars]. Explanation The ASIC Error library encountered an error during the creation of the Error Connection Manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_ECM_CREATE ASIC Error library has failed to create an Event Connection Manager. Reason: [chars]. Explanation The ASIC Error library encountered an error during the creation of the Error Connection Manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_ECM_CREATE ASIC Error library has failed to create an Event Connection Manager. Reason: [chars]. Explanation The ASIC Error library encountered an error during the creation of the Error Connection Manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Layer 2 Messages ASIC_ERRORS Messages EM-539 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ASIC_ERRORS-7-ERR_ECM_CREATE ASIC Error library has failed to create an Event Connection Manager. Reason: [chars]. Explanation The ASIC Error library encountered an error during the creation of the Error Connection Manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_ECM_REG ASIC Error library has failed to register a connection notification handler with the Event Connection Manager. Reason: [chars]. Explanation ASIC Error library encountered an error while setting up a SYSDB notofication handler with the event connection manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_ECM_REG ASIC Error library has failed to register a connection notification handler with the Event Connection Manager. Reason: [chars]. Explanation ASIC Error library encountered an error while setting up a SYSDB notofication handler with the event connection manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_ECM_REG ASIC Error library has failed to register a connection notification handler with the Event Connection Manager. Reason: [chars]. Explanation ASIC Error library encountered an error while setting up a SYSDB notofication handler with the event connection manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Layer 2 Messages ASIC_ERRORS Messages EM-540 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ASIC_ERRORS-7-ERR_ECM_REG ASIC Error library has failed to register a connection notification handler with the Event Connection Manager. Reason: [chars]. Explanation ASIC Error library encountered an error while setting up a SYSDB notofication handler with the event connection manager. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB ASIC Error library failed to [chars]. Reason: [chars]. Explanation ASIC Error library encountered an error during the specified SYSDB operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB ASIC Error library failed to [chars]. Reason: [chars]. Explanation ASIC Error library encountered an error during the specified SYSDB operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB ASIC Error library failed to [chars]. Reason: [chars]. Explanation ASIC Error library encountered an error during the specified SYSDB operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB ASIC Error library failed to [chars]. Reason: [chars]. Explanation ASIC Error library encountered an error during the specified SYSDB operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Layer 2 Messages ASIC_ERRORS Messages EM-541 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE ASIC Error library: Encountered SYSDB Bag encode error [chars] during [chars] operation. Explanation ASIC error library encountered a SYSDB encode error while performing the indicated operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE ASIC Error library: Encountered SYSDB Bag encode error [chars] during [chars] operation. Explanation ASIC error library encountered a SYSDB encode error while performing the indicated operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE ASIC Error library: Encountered SYSDB Bag encode error [chars] during [chars] operation. Explanation ASIC error library encountered a SYSDB encode error while performing the indicated operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE ASIC Error library: Encountered SYSDB Bag encode error [chars] during [chars] operation. Explanation ASIC error library encountered a SYSDB encode error while performing the indicated operation. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG ASIC Error library has failed to register an EDM. Reason: [chars]. Explanation The ASIC Error library was unable to become an external data manager despite having a connection to the SYSDB. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Layer 2 Messages ASIC_SCAN_SERVER Messages EM-542 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG ASIC Error library has failed to register an EDM. Reason: [chars]. Explanation The ASIC Error library was unable to become an external data manager despite having a connection to the SYSDB. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG ASIC Error library has failed to register an EDM. Reason: [chars]. Explanation The ASIC Error library was unable to become an external data manager despite having a connection to the SYSDB. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* Error Message %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG ASIC Error library has failed to register an EDM. Reason: [chars]. Explanation The ASIC Error library was unable to become an external data manager despite having a connection to the SYSDB. Recommended Action An error would be reported to the client application which should handle this condition appropriately. *None* ASIC_SCAN_SERVER Messages Error Message %L2-ASIC_SCAN_SERVER-2-NODE_BRINGDOWN [chars] Explanation This is a message in the Asic Scan Server to indicate that it has triggerred a critical alarm and will result in node bringdown. The reason for the failure and the status of the scan operation is reported. Recommended Action Run the board diagnostics. Layer 2 Messages ASIC_SCAN_SERVER Messages EM-543 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ASIC_SCAN_SERVER-2-NODE_BRINGDOWN [chars] Explanation This is a message in the Asic Scan Server to indicate that it has triggerred a critical alarm and will result in node bringdown. The reason for the failure and the status of the scan operation is reported. Recommended Action Run the board diagnostics. Error Message %L2-ASIC_SCAN_SERVER-7-ERR_EVM_CREATE ASIC Scan Server failed to create the event manager: Reason equals [chars]. Explanation ASIC scan server has failed to create the event manager. This would result in the automatic restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ASIC_SCAN_SERVER-7-ERR_EVM_CREATE ASIC Scan Server failed to create the event manager: Reason equals [chars]. Explanation ASIC scan server has failed to create the event manager. This would result in the automatic restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ASIC_SCAN_SERVER-7-ERR_INIT ASIC Scan Server encountered error [[chars]]: Reason equals [chars]. Explanation ASIC scan server has failed the initialization sequence due to the specified reason. This would result in the automatic restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ATM_ILMI Messages EM-544 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ASIC_SCAN_SERVER-7-ERR_INIT ASIC Scan Server encountered error [[chars]]: Reason equals [chars]. Explanation ASIC scan server has failed the initialization sequence due to the specified reason. This would result in the automatic restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ASIC_SCAN_SERVER-7-ERR_IO ASIC Scan Server failed to [chars]: Reason equals [chars]. Explanation ASIC scan server has failed the specified io operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ASIC_SCAN_SERVER-7-ERR_IO ASIC Scan Server failed to [chars]: Reason equals [chars]. Explanation ASIC scan server has failed the specified io operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ATM_ILMI Messages Error Message %L2-ATM_ILMI-2-IM_ERR [chars] : [chars] Explanation Error in IM operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ATM_INARP Messages EM-545 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ATM_ILMI-2-INTERNAL_ERR [chars] : [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_ILMI-2-SYSDB_ERR [chars] Explanation Error in sysdb operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. ATM_INARP Messages Error Message %L2-ATM_INARP-2-INTERNAL_ERR [chars] : [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_INARP-2-NOMEM Operation failed due to memory shortage, function: [chars] Explanation Memory on the box is critically low. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Layer 2 Messages ATM_NETIO Messages EM-546 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ATM_NETIO Messages Error Message %L2-ATM_NETIO-3-CARD_DLL Failed to open card specific dll [chars] Explanation Card specific dll may not be present Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_NETIO-3-INSERT_DICT Insertion to ATM Netio Dictionary fails Explanation The env variable setting may not be set up for load path variable Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_NETIO-3-INVALID_DLL DLL not found for the specified card : [chars] Explanation Check the installation Dlls missing from package Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_NETIO-3-LOAD_PATH Failed to get load path env variable for dll [chars] Explanation The env variable setting may not be set up for load path variable Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_NETIO-3-MEMORY Failed to malloc [unsigned int] bytes Explanation The DLL has failed to acquire the required amount of memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages ATM_OAM Messages EM-547 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ATM_NETIO-3-PARSE_FAILURE Failed to parse atm_netio.rules at line: [chars] Explanation The file atm_netio.rules has been modified and parsing fails Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_NETIO-3-PARSER_NULL_PATH Path to load the atm_netio.rules is NULL Explanation The path to atm_netio.rules file cannot be located. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_NETIO-6-DEBUG_REG Debug registration failed: [chars] Explanation Debug message registration failed Recommended Action No action is required. ATM_OAM Messages Error Message %L2-ATM_OAM-2-IM_ERR [chars] : [chars] Explanation Error in IM operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_OAM-2-INTERNAL_ERR [chars] : [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ATM_RM Messages EM-548 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ATM_OAM-2-SYSDB_ERR [chars] Explanation Error in sysdb operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. ATM_RM Messages Error Message %L2-ATM_RM-1-SYSDB_ERR [chars] : [chars] Explanation Error in sysdb operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-ATM_RM-2-INTERNAL_ERR [chars] : [chars] Explanation A critical function failed that expected to succeed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_RM-2-NOMEM Failed to allocate [dec] bytes due to memory shortage Explanation Memory on the router is critically low. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-ATM_RM-4-BANDWIDTH_ERR [chars] : Bandwidth available [unsigned int] : Failed to reserve [unsigned int] Explanation Insufficient bandwidth available. possible cause: Too many vc’s inheriting QoS from class parameters Recommended Action check vc class configuration on interface If there are vcs you want specific QoS values for under the main interface, try configuring QoS on these vcs before applying class to the interface in order to stop unwanted inheritance. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages ATM_SAAR Messages EM-549 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ATM_SAAR Messages Error Message %L2-ATM_SAAR-2-INIT Failed to initialise ATM SAAR: [chars] ([chars]) Explanation There was an error initialising the ATM SAAR component. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_SAAR-6-DEBUG_REG Debug registration failed: [chars] Explanation Debug message registration failed Recommended Action No action is required. ATM_SOCKET Messages Error Message %L2-ATM_SOCKET-2-INTERNAL_ERR [chars] : [chars] Explanation A critical function failed that expected to succeed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_SOCKET-2-NOMEM Allocation of [dec] bytes failed due to memory shortage Explanation Memory on the router is critically low. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages ATM_SOP Messages EM-550 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ATM_SOCKET-3-RESMGR_ATTACH Failed to setup atm socket as a resource manager: [chars] Explanation The atm_io process failed to advertise itself to the system as a resource manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ATM_SOP Messages Error Message %L2-ATM_SOP-3-INTR ATM SOP Intr: [chars]: [dec]: [chars]: [dec] [chars] Explanation The SOP FPGA has been interrupted due a hardware error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_SOP-7-DEBUG ATM SOP DEBUG: [chars]: [hex]: [hex]: [hex] Explanation ATM SOP debug message Recommended Action No action is required. ATM_VCM Messages Error Message %L2-ATM_VCM-2-IM_ERR [chars] : [chars] Explanation Error in IM operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages atmdrv Messages EM-551 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ATM_VCM-2-INTERNAL_ERR [chars] : [chars] : [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATM_VCM-2-SYSDB_ERR [chars] Explanation Error in sysdb operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. atmdrv Messages Error Message %L2-atmdrv-2-ERR [chars], [dec] error, reason:[chars] Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-2-ERR [chars], [dec] error, reason:[chars] Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-2-ERR_ENCAP [chars] - [dec]: [chars] rc equals [hex] connid equals [dec] key equals [hex] Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages atmdrv Messages EM-552 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-atmdrv-2-ERR_ENCAP [chars] - [dec]: [chars] rc equals [hex] connid equals [dec] key equals [hex] Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-2-ERR_STS [chars] - [dec]: [chars] (rc equals [hex]) Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-2-ERR_STS [chars] - [dec]: [chars] (rc equals [hex]) Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-2-ERR_VC [chars] - [dec]: [chars] (connid equals [dec]) Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-2-ERR_VC [chars] - [dec]: [chars] (connid equals [dec]) Explanation atmdrv generic error Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages atmdrv Messages EM-553 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-atmdrv-3-cpk_err [chars]. Port [dec]: number of occurance equals [unsigned int] intr_status equals [hex] Explanation atmdrv cpk24 interrupt handling related errors, or alerts Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-3-cpk_err [chars]. Port [dec]: number of occurance equals [unsigned int] intr_status equals [hex] Explanation atmdrv cpk24 interrupt handling related errors, or alerts Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-4-warning [chars], [dec] warning, reason:[chars] Explanation atmdrv warning message Recommended Action Copy the error message exactly as it appears on the console or in the system log, and mail this message to your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-4-warning [chars], [dec] warning, reason:[chars] Explanation atmdrv warning message Recommended Action Copy the error message exactly as it appears on the console or in the system log, and mail this message to your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-atmdrv-7-db_dump reason:[chars] port:[dec], vpi/vci:[dec]/[dec], connid:[dec], channels(r/s):[hex]/[hex], shape:[dec], encap:[dec] Explanation atmdrv debug message Recommended Action NoneLayer 2 Messages ATMGCMGR Messages EM-554 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ATMGCMGR Messages Error Message %L2-ATMGCMGR-2-DBG_INIT Failed to initialize [chars], because of [chars]. Explanation A failure occurred during the initialization of the debug events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ATMGCMGR-2-INIT Failed to initialize [chars], because of [chars]. Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BFD Messages Error Message %L2-BFD-4-ASYNC_DETECT_TIMER_FAULTY_EXPIRY BFD Async Detect timer expired for neighbor [chars] interface [chars] even when async pkt received within timer duration, timer_duration equals [unsigned int] ms, [unsigned int] ms elapsed since last async pkt received Explanation BFD Async Detect timer expired even when async pkt received within timer duration, timer_duration Recommended Action No action is required. Error Message %L2-BFD-4-RATE_LIMIT_WARNING_HIGH_WATERMARK BFD PPS allocation exceeds 90 percent of maximum. Explanation BFD has allocated 90 percent of its packet per second allowance on this LC. Recommended Action No action is required. Layer 2 Messages BFD Messages EM-555 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BFD-4-RATE_LIMIT_WARNING_LOW_WATERMARK BFD PPS allocation now less 85 percent of maximum. Explanation BFD has released some of the previously allocated packet per second usage and is now at less than 85 percent of its allowance on this LC. Recommended Action No action is required. Error Message %L2-BFD-6-SESSION_NO_RESOURCES No resources for session to neighbor [chars] on interface [chars], interval equals [unsigned int] ms[chars] Explanation The BFD session can not be created or modified due to lack of resources. Recommended Action Remove other BFD sessions to free resources for this session Error Message %L2-BFD-6-SESSION_NO_RESOURCES_CLR Lack of resources condition has cleared for session to neighbor [chars] on interface [chars] Explanation Resources are now available for this session. Recommended Action No action is required. Error Message %L2-BFD-6-SESSION_REMOVED BFD session to neighbor [chars] on interface [chars] has been removed Explanation The BFD session has been removed. This is due to the application(s) removing the BFD session. This can happen as a result of BFD being unconfigured under the application(s) or as a result of the application(s) adjacency being removed. Recommended Action No action is required. Error Message %L2-BFD-6-SESSION_STATE_DOWN BFD session to neighbor [chars] on interface [chars] has gone down. Reason: [chars] Explanation The BFD session has gone down. This may be as a result of the forwarding path being down. Recommended Action Determine if the forwarding path to the neighbor has gone down. Layer 2 Messages BM_PD Messages EM-556 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BFD-6-SESSION_STATE_UP BFD session to neighbor [chars] on interface [chars] is up Explanation The BFD session is now up. Recommended Action No action is required. Error Message %L2-BFD-6-SESSION_VERSION_CHANGE BFD session to neighbor [chars] on interface [chars] is administratively down due to version change from version [unsigned int] to version [unsigned int] Explanation The BFD session has been brought administratively down to change protocol version. Recommended Action No action is required. BM_PD Messages Error Message %L2-BM_PD-3-DLL_CERRNO Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_CERRNO Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM_PD Messages EM-557 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM_PD-3-DLL_CERRNO Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_CERRNO Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_CERRNO Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_CERRNO Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM_PD Messages EM-558 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM_PD-3-DLL_CERRNO Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform dependent adjacency programming DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform dependent adjacency programming DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform dependent adjacency programming DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM_PD Messages EM-559 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM_PD-3-DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform dependent adjacency programming DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform dependent adjacency programming DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform dependent adjacency programming DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform dependent adjacency programming DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM_PD Messages EM-560 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM_PD-3-DLL_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the adjacency management DLL. This will cause the DLL to be unloaded, and adjacency programming will not happen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the adjacency management DLL. This will cause the DLL to be unloaded, and adjacency programming will not happen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the adjacency management DLL. This will cause the DLL to be unloaded, and adjacency programming will not happen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the adjacency management DLL. This will cause the DLL to be unloaded, and adjacency programming will not happen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM_PD Messages EM-561 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM_PD-3-DLL_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the adjacency management DLL. This will cause the DLL to be unloaded, and adjacency programming will not happen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the adjacency management DLL. This will cause the DLL to be unloaded, and adjacency programming will not happen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-3-DLL_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the adjacency management DLL. This will cause the DLL to be unloaded, and adjacency programming will not happen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-4-ERR_ADJ_CMPL_DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform independent adjacency completion DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM_PD Messages EM-562 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM_PD-4-ERR_ADJ_DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform independent adjacency completion DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-4-ERR_ADJ_DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform independent adjacency completion DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-4-ERR_ADJ_DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the bundlemgr adjacency process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-4-ERR_ADJ_DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform independent adjacency completion DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM Messages EM-563 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM_PD-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM_PD-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BM Messages Error Message %L2-BM-3-ERR_IIR_MEMBERSHIP Link [chars] in [chars] reported by IIR in bundle [chars]. Explanation When synchronising with IIR during restart the link was reported to be in a different bundle from the checkpoint records of the process. This should never happen and is not recoverable. The information from IIR was discarded and the process is now out of step with IIR, possibly leading to further problems. Recommended Action Delete the checkpoint data for the Bundle Manager process that reported the error (run rm /tmp/chkpt_bundlemgr_distrib*) and restart the process. Layer 2 Messages BM Messages EM-564 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_ACTIVATE Failure during activation of [chars]. Error: [chars] Explanation A failure occurred during the activation of the process. Activation occurs when the card transitions to ACTIVE state. This error resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_ADJ_DLL_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the platform independent adjacency completion DLL. This will result in the hosting process being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_ADMINSTATE Unable to [chars] administrative state for [chars] on [chars]. Error: [chars] Explanation The operation attempted failed. For a set this may mean that the link is UP when the bundle is SHUTDOWN. This can be resolved by ’no shut’ and then ’shut’ of the bundle. For a clear this may mean that the link remains DOWN when it has been removed from the bundle. This can be resolved by re-adding and then removing the link from the bundle again. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_COMMS_LINK_UNKNOWN Received link update response for unknown interface (ifhandle [hex]). Ignoring response Explanation An update has been exchanged between the Bundle Manager processes, and a response has been received for an unknown interface. If the interface has been recently unconfigured as a bundle member this could explain the error, otherwise it shows some unknown error condition. Recommended Action If the specified interface handle is expected to be a bundle member still then restarting all bundle processes should get things back into step. If the error references a recently unconfigured bundle member, then the message is probably harmless. Layer 2 Messages BM Messages EM-565 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_EVM_EVENT_BLOCK Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process has exited and restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_GROUP_CREATE Unable to create GSP group. Error: [chars] Explanation Creation of the group used to communicate between Bundle Manager processes failed. This resulted in the restart of the process. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show gsp groups command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show gsp groups output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_IDENTICAL Attempting to order [chars] and [chars] that have identical port information Explanation The comparison between an entry in the bundle member list and a new entry to be inserted showed that both had identical port data. Because of this the new link could not be inserted into the list and the operation leading to this failed. Recommended Action Remove and re-add the configuration for the links named in the message. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_IIR_BDL_DATA Invalid [chars] specified by IIR for CH[hex]: [unsigned int] Explanation The data specified in the IIR notification is not one of the recognised values for that type. The information is invalid and the result is that adjacencies for this bundle cannot be programmed in hardware. Recommended Action Delete and recreate the bundle. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM Messages EM-566 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_IIR_BDL_HANDLE Invalid (NULL) interface handle supplied for a bundle by IIR Explanation The interface handle specified in the IIR notification was NULL. The information is invalid and will be ignored. Recommended Action If this event can be associated with changes to a particular bundle then delete and recreate the bundle. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_IIR_MBR_DATA Invalid [chars] specified by IIR for CH[hex] member CH[hex]: [unsigned int] Explanation The data specified in the IIR notification is not one of the recognised values for the type. The information is invalid and will be ignored. Recommended Action Delete and recreate the bundle. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_IIR_MBR_HANDLE Invalid (NULL) interface handle supplied by IIR for a member of CH[hex] Explanation The interface handle specified in the IIR notification was NULL. The information is invalid and will be ignored. Recommended Action Delete and recreate the bundle. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_IIR_OP Unable to report IIR op failure for b_ifh [hex], m_ifh [hex] (op [chars], state [chars]). Error: [chars] Explanation An error occurred processing the IIR event and the bundle EA process was unable to report this error back to IIR. This may lead to some inconsistency with the bundle membership in the data plane not matching what is intended according to the control plane. Recommended Action The failure to report the error back to IIR suggests a problem in the connection to IIR. This may have been a transient problem, but restarting ifmgr and/or the bundlemgr_ea process on the location of the error might be necessary. The error that should have been reported also needs to be dealt with. This error may have come from some lower layer platform component, possibly a resource allocation error. If the error code provides some information as to the failure then take action appropriate to the error. If the error code is not specific then take action according to whether the event was a link activation or a link deactivation/deletion. For activation problems Layer 2 Messages BM Messages EM-567 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 unconfigure and reconfigure the member link - if this fails try restarting the bundlemgr_ea process after unconfiguring the member link. For deactivation/deletion failures try restarting the improxy process to trigger a complete resync by the bundlemgr EA. Error Message %L2-BM-4-ERR_IIR_SUB_HANDLE Invalid (NULL) interface handle supplied by IIR for a sub-interface of CH[hex] Explanation The interface handle specified in the IIR notification was NULL. The information is invalid and will be ignored. Recommended Action Delete and recreate the bundle. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_INIT_ENS Failure to initialise ENS - retry scheduled. Error: [chars] Explanation A failure occurred during the initialization of ENS library in the process. This probably indicates an underlying more severe problem. A retry will be attempted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_LINK_ATTACHED Link [chars] is attached to [chars] that is thought to have no attached members. Explanation This process believes that there are no aggregatable links, but this link is marked as attached. This error is most likely caused by failing to attach or detach a link correctly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM Messages EM-568 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_MEM_ALLOC Unable to allocate [unsigned int] bytes of memory. Explanation Memory allocation failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-BM-4-ERR_MIB_CLEANUP Failure during cleanup of [chars] in the dot3ad MIB DLL. Error: [chars] Explanation A failure occurred during the cleanup of the DLL. This may result in the DLL not being completely cleaned up, possibly causing errors in a subsequent re-initialization of the DLL. Recommended Action Restart the snmp process reporting the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_MIB_INIT Failure during intialization of [chars] in the dot3ad MIB DLL. Error: [chars] Explanation A failure occurred during the initialization of the DLL. This resulted in the DLL not being loaded into the SNMP agent, and thus the MIB services will not be available. Recommended Action Restart the snmp process reporting the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_MOVING_LINK Unable to modify bundle id on link [chars] to [unsigned int]: [chars]. Process exiting to recover Explanation An error has occurred while attempting to change the bundle id configured on the indicated interface. The process is restarting to recover from this error. Recommended Action It is expected that restarting the process will fix this problem. This is done automatically so no action should be required. If the error indicates a memory issue, try increasing the memory available on this card. Layer 2 Messages BM Messages EM-569 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_MTU_IMPOSE Imposition of configured MTU failed for [chars], will continue to use previous value: [unsigned int] Explanation The MTU imposition was rejected by IM or another client. The bundle will continue to operate with the previously configured MTU. Recommended Action Check that the configured MTU is within approrpriate ranges for the interface type and network layer protocols on the interface. Remove the configuration and reapply. Error Message %L2-BM-4-ERR_NETIO_INIT Failure [chars] in the bundle NetIO DLL during [chars]. Error: [chars] Explanation A failure occurred during the initialization of the bundle NetIO DLL. If this occured during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded, and an error returned to the user. One possible reason for the error is a low memory condition, particularly if the failure was in allocating trace buffers. Recommended Action If the error message indicates the failure is low memory condition, reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Otherwise, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_NODE_SET The replication node set for bundle [chars] was inconsistent following addition or update of link [chars] (new MID [hex], [hex], [hex], old MID [hex], [hex], [hex]) - Process has recovered but other processes may be inconsistent Explanation Following a link update, the replication info for the indicated bundle had become inconsistent. This indicates that the process was not notified of a node removal event - the bundlemgr_distrib process has fixed this inconsistency, though other processes may remain inconsistent. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_PAKMAN Unable to handle pakman corruption error: [chars]. Process exiting Explanation A packet manager corruption has been reported and the Bundle Manager process has failed to cleanup to recover from the problem. The process will exit and be automatically restarted to recover from this situation. Recommended Action It is expected that restarting the process will fix this problem. This is done automatically so no action should be required. If the problem recurs, then there is a problem in packet manager. A drastic solution would be to reload the linecard. Layer 2 Messages BM Messages EM-570 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_RECREATE_BUNDLE Unable to recreate bundle CH[hex]. Error: [chars] Explanation When recovering the checkpointed data for a bundle, an error occurred and the data is lost. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show interface bundle name command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show interface bundle name output, call your Cisco technical support representative and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log. Issue the show bundle bundle name command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show bundle bundle name output, call your Cisco technical support representative and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log. Issue the show adjacency bundle name detail hardware location loc of error command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show adjacency bundle name detail hardware location loc of error output, call your Cisco technical support representative and provide the representative with the gathered information. If the bundle appears correctly in the output of all three commands then no further action is required, otherwise unconfigure and reconfigure the bundle. Error Message %L2-BM-4-ERR_RECREATE_LINK Unable to recreate link [chars] in [chars]. Error: [chars] Explanation When recovering the checkpointed data for a link, an error occurred and the data is lost. Recommended Action Identify the bundle in which the link was a member. Copy the error message exactly as it appears on the console or in the system log. Issue the show interface bundle name command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show interface bundle name output, call your Cisco technical support representative and provide the representative with the gathered information. Copy the error message exactly as it appears on the console or in the system log. Issue the show bundle bundle name command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show bundle bundle name output, call your Cisco technical support representative and provide the representative with the gathered information. If the member appears correctly in the output of both commands then no further action is required, otherwise unconfigure and reconfigure the member. Layer 2 Messages BM Messages EM-571 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_REPAIR_BUNDLE Unable to repair bundle CH[hex] checkpoint structures. Error: [chars] Explanation When repairing the checkpoint structures for the bundle database an error occurred for named bundle and the bundle was not checkpointed. The next time an attempt is made to checkpoint the bundle it will fail and the checkpoint table will be reconstructed again, perhaps more successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_REPAIR_DATABASE Unable to repair [chars] database. Failure during checkpoint [chars]. Error: [chars] Explanation When repairing the checkpoint structures for the named database an error occurred in the database checkpoint registration. As a result the process was intentionally restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_REPAIR_LINK Unable to repair checkpoint structures for link [chars] in [chars]. Error: [chars] Explanation When repairing the checkpoint structures for the link database an error occurred for named link and the link was not checkpointed. The next time an attempt is made to checkpoint the link it will fail and the checkpoint table will be reconstructed again, perhaps more successfully. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_REPLICATE Replication failed for [chars], when adding member [chars]. Error: [chars] Explanation When attempting to replicate the bundle to the member interface location, the replication operation failed. This probably happened because some hardware resource on the LC where the member is located was exhausted. The record of the member will be removed from the bundle process on the RP but will still be referenced by the bundle process on the LC. Recommended Action Determine whether the hardware resources for the LC have been oversubscribed, e.g. more VLANs on the LC and on the bundle that the LC can support. If this is the case, reduce the number of allocated VLANs. Then remove the member configuration and reapply. Layer 2 Messages BM Messages EM-572 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_RESTORE_LINK Unable to restore link [chars] in [chars]. [chars]. Error: [chars] Explanation When restoring the link an error occurred and to maintain consistency the data was removed. It is likely, given the error, that the link had been OIR removed. Recommended Action Verify that the link has not been OIR removed. If it has not, remove the bundle membership configuration and reapply it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_RESYNC_EXCEED_IIR Exceeded the IIR resync limit for [chars]. Process exiting. Explanation The maximum number of attempts to resync with IIR have been exceeded for this bundle. The safest course of action is to restart the process and this has been done. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_RESYNC_SCHED_IIR Unable to schedule an IIR resync for [chars]. Process exiting. Explanation An attempt to schedule a resync with IIR has failed for this bundle. The safest course of action is to restart the process and this has been done. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_RETRY_EXCEED Exceeded maximum number of retries for [chars] Explanation After attempting to resend or query information a number of times, the retry limit has been exceeded and no more attempts will be made. The effect of the message will therefore be lost. The impact will depend on the message which was lost. If the message refers to a global error then the process will exit and be restarted. Recommended Action If the message referred to a global error then check that the process has restarted successfully. If the message referred to a bundle or bundle member then check that the object is still configured and still exists. Make a minor change to the settings of the object experiencing the problem. This will trigger another attempt to send an update. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages BM Messages EM-573 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_RETRY_EXCEED_GSP Retry limit for GSP initialization exceeded: [chars] Explanation After attempting to create the GSP group used for communications with the Bundle Manager process on another node a number of times, the retry limit has been exceeded. The cause of the failure is very likely to be some external communication failure - so check for evidence of this. The process will exit and be restarted automatically so no futher action is needed for Bundle Manager to retry. Recommended Action Check that other processes are not reporting similar communication errors, as this is likely to be a general communication problem. The Bundle Manager process has exited and will be restarted, so no action is needed, though unless the communication problem is resolved the process will still not be able to startup. Error Message %L2-BM-4-ERR_RETRY_EXCEED_IMP Exceeded the retry limit for IMP events. Explanation The maximum number of attempts to retry an IMP message has been exceeded. An error has occurred in the clean up of a bundle, so there may be residual data for the bundle in the linecard components which could cause subsequent problems. Restart the process that reported the error to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_RETRY_EXCEED_SYSTEM_MAC Retry limit for system MAC address query exceeded: [chars] Explanation After attempting to query the system MAC address from SDRd a number of times, the retry limit has been exceeded. The cause of the failure is likely to be an issue with SDRd or Shelfmgr - so check for evidence of this. The process will exit and be restarted automatically so no futher action is needed for Bundle Manager to retry. Recommended Action The Bundle Manager process has exited and will be restarted, so no action is needed. Check that the board (EEPROM etc.) is correctly programmed since this is the source of the MAC address information and therefore one possible cause of the problem. Layer 2 Messages BM Messages EM-574 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_RETRY_SCHED Unable to send update for [chars] and unable to schedule retry: [chars] Explanation A timeout occurred sending an update to a Bundle Manager process on another node. Due to a problem with the retry mechanism, a resend of the message could not be scheduled. The effect of the message will therefore be lost. The impact will depend on the message which was lost. Recommended Action Make a minor change to the settings of the object experiencing the problem. This will trigger another attempt to send an update. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action Check on the status of the sysmgr process on the node from which the error was reported. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-ERR_SYSTEM_MAC_RESET Existing system MAC address not found in allocation. System MAC address for bundles is being reset Explanation After a resync has occurred between Bundle Manager and the MAC allocation process, the MAC address assigned for use as the system MAC has not been found in the addresses allocated to bundle manager. Bundle manager will choose a new MAC address for use for this purpose. A flap will be seen on bundle links running LACP. Recommended Action The Bundle Manager process will select a new address automatically, so no further action is needed to resolve this error. Error Message %L2-BM-4-ERR_TX_HEAP_LOOKUP Failed to create non-existent entry for interface CH[hex] while attempting to [chars]: [chars] Explanation An attempt to create a new database entry for a port failed. In addition to indicating that the line card is running low on system resources, this suggests that the shared-memory database is out-of-sync with the main database. Once some system resources have been released, the bundlemgr_local process should be restarted to retry the timer creation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages BM Messages EM-575 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-4-ERR_TX_TIMER Failed to [chars] periodic timer for interface CH[hex]: [chars] Explanation An attempt to create or start a timer for periodic sending failed. Regular LACPDUs will NOT be sent out. This suggests that the line card is running low on system resources. Once some system resources have been released, the bundlemgr_local process should be restarted to retry the timer creation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-BM-4-ERR_UNREPLICATE Unreplication failed for [chars], when removing member [chars]. Error: [chars] Explanation When attempting to unreplicate the bundle from the member interface location, the unreplication operation failed. Some hardware resources may continue to be used for the bundle on the location of the member that was removed. It is also possible that there could be a problem replicating the bundle to that location again if a new member is added. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-4-LRD_RESYNC Bundle member [chars] is being referenced from a non-existent node [hex] Explanation When resyncing with LRd, bundlemgr has unexpectedly found that a bundle member is on a card that no longer exists. The member will be cleaned up. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-BM-5-CHURN Interface [chars] in [chars] [chars] on actor system Explanation Churn has either been detected (due to the failure of a link to synchronize soon enough) or the churn state has now cleared. Recommended Action If churn has been declared, check that the configuration for the link allows it to aggregate, and fix as appropriate. Things to check for are links which are incompatible with each other, or misconfigurations between the two ends of the link which is reporting churn. Layer 2 Messages BM Messages EM-576 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-BM-5-ERR_TX_ENQUEUE Unable to queue LACP packet for ingress processing on interface CH[hex] (reason: [chars]). Processing will resume with next received LACP packet. Explanation An attempt to queue a received packet for processing failed. An occasional message of this type indicates that bundlemgr_local has temporarily been blocked from processing the queue leading to this harmless condition. Recommended Action If this message appears more than once, the bundlemgr_local process should be restarted to try to recover the situation. An occasional message of this type will be harmless. Error Message %L2-BM-6-DISTRIBUTING [chars] [chars] in Distributing state as part of [chars]%s Explanation This is an informational message reporting that a link has entered or left Distributing state as part of a bundle interface. The link configuration may have just been changed or there may be an operational reason for the event such as a state change or LACP protocol update. Recommended Action Nothing, this is not an error. Error Message %L2-BM-6-MEMBER_COMPATIBILITY Interface [chars] in [chars] is [chars]. ([chars] the incompatibility: [chars]) Explanation A configuration change has meant that a link is now incompatible (or compatible) with the other members of the bundle. The reason for the incompatibility at the time of raising the alarm is supplied in the message. Recommended Action No action is required; however, any link that is incompatible will not be used in the bundle. In order to make the link compatible, check the activity and bandwidth configurations of all the links within the bundle. Error Message %L2-BM-6-MIN_MAX [chars] is down because the minimum active link threshold ([unsigned int]) is greater than the maximum permitted links ([unsigned int]) Explanation This is an informational message reporting that a bundle is operationally down because the configuration for minimum active links and maximum active links conflicts. The number of active links required for the bundle to come up is greater than the number of links permitted to be active in the bundle, and there are at least enough links held in standby state for the bundle to come up if the maximum active link criteria were removed. Recommended Action If this situation is not intended then either reduce the minimum active link threshold or increase the maximum links permitted in the bundle.Layer 2 Messages C_SHIM_PARTNER Messages EM-577 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 C_SHIM_PARTNER Messages Error Message %L2-C_SHIM_PARTNER-3-AIB_INIT_FAILED Failed during AIB initialization, err: [chars] Explanation The C-shim Partner initialization failed while trying to connect to AIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-C_SHIM_PARTNER-3-CAP_ADD_ERR Fatal Error: Adding batched channelized interface caps failed. Reason: [chars] Explanation ’There is an error when adding batched channelized interface caps.’ Recommended Action Please try to reload that particular SPA or restart the SPA process associated with that SPA. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-C_SHIM_PARTNER-3-CAP_CNTL_ERR Fatal Error: Failed to modify channelized interface caps. Reason: [chars] Explanation ’There is an error when modifying channelized interface caps.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-C_SHIM_PARTNER-3-CAP_LKP_ERR Fatal Error: Channelized caps definition file is missing. Reason: [chars] Explanation ’The Channelized Caps definition file is missing. There may have a packaging issue or someone just accidently removed that file.’ Recommended Action Please reload the corresponding Jacket Card. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages C_SHIM_PARTNER Messages EM-578 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-C_SHIM_PARTNER-3-ECM_INIT_FAILED Failed during create ECM initialization, Err: [chars] Explanation ’There is a software error when creating ECM connection.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-C_SHIM_PARTNER-3-SET_CALLBACK_ERR Fatal Error: Setting call-back to IM failed. Reason: [chars] Explanation ’There is a software error when trying to set call-back to IM.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-C_SHIM_PARTNER-3-SVR_UBIND_ERR Fatal Error: Failed to unbind to IM. Reason: [chars] Explanation ’There is a software error when trying to unbind to IM.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-C_SHIM_PARTNER-4-SVR_BIND_ERR Warning: Failed to bind to IM. Reason: [chars] Explanation ’There is a software error when trying to bind to IM.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-C_SHIM_PARTNER-7-IFH_ERR Warning: Wrong if-handle [hex] [chars] Explanation ’Receive a message with wrong interface handle. This may be ignored.’ Recommended Action Ignore Layer 2 Messages C12000_FR Messages EM-579 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-C_SHIM_PARTNER-7-IM_CALLBACK_ERR Warning: [chars] failed. Reason: [chars] Explanation ’There is a software error when handling messages from IM.’ Recommended Action Ignore C12000_FR Messages Error Message %L2-C12000_FR-3-SUBIF_COUNT FR Subinterface counter is not initialised Explanation Initialisation of subinterface counter in the shared memory failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CCL Messages Error Message %L2-CCL-3-INIT_ERROR Initialization failed: ([chars]%s) Explanation The classification control list (ccl) DLL failed to initialize. This DLL does a generalization of an Access Control List to include matching on MQC match criteria like QOS group, MPLS EXP, etc. If the ccl DLL fails to initialize, the access control list cannot be programmed into the hardware. %s - indicates the reason for the initialization failure. %s - is the decoded error reason. Recommended Action The failure should be handled by the process that is loading the DLL. The calling process should retry the initialization. Collect all debug information if the DLL is continually failing: ’debug ccl ace error location 0/x/cpu0’ ’debug ccl api detail location 0/x/cpu0’ CDP Messages Error Message %L2-CDP-3-ERR_CONN Connection error on [chars]([pointer]): [chars] Explanation An error occurred on one of the event connections managed by CDP which CDP could not recover automatically. Recommended Action Try restarting CDP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CDP Messages EM-580 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDP-3-ERR_IM_ATTR_REGISTRATION Unable to register for duplex change notifications: [chars] Explanation CDP registration for duplex change notifications failed. This means that duplex information will be missing from outgoing CDP packets Recommended Action Try restarting CDP (’proc restart cdp location location’). If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-3-ERR_IM_CAPS_ADD Failed to add the CDP capsulation to interface [chars]: [chars] Explanation CDP could not install the CDP capsulation on the specified interface and hence it is not possible for CDP to send or receive any packets on this interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-3-ERR_IM_CAPS_REMOVE Failed to remove the CDP capsulation on interface [chars]: [chars] Explanation CDP could not uninstall the CDP capsulation on the specified interface and hence CDP may be in an inconsistent state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-3-ERR_IM_MTU_REGISTER Failed to register for MTU size changes on interface [chars]: [chars] Explanation CDP failed to register with the interface manager for MTU size changes on this particular interface. This may cause problems sending CDP packets. Recommended Action Perform ’cdp disable’, ’cdp enable’ on the interface to try to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CDP Messages EM-581 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDP-3-ERR_IM_STATE_REGISTER Failed to register for state changes on interface [chars]: [chars] Explanation CDP failed to register with the interface manager for state changes on this particular interface. This means CDP will be unable to track the state of the interface. CDP functionality may be impaired. Recommended Action Perform ’cdp disable’, ’cdp enable’ on the interface to try to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-3-ERR_INTF_INIT Initialisation of CDP on interface [chars] failed: [chars]. Explanation CDP is unable to run on the specified interface. It is likely that this is due to a lack of available resources. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Configuring ’cdp disable’, ’cdp enable’ on the interface, or restarting CDP on the affected node may recover the situation. Error Message %L2-CDP-3-ERR_INTF_STATS No CDP protocol statistics can be collected on [chars]: [chars] Explanation It was not possible to register for stats collection on the specified interface. The entry in the ’show interface name accounting’ command is likely to be inaccurate for CDP packets. Recommended Action Try restarting CDP and the Statistics server process on this node. proc restart cdp location node proc restart statsd_server location node If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-3-ERR_IPV4_ADDRESS_SCAN [chars]: Failed to scan the IPv4 addresses for this interface: [chars]. This means that IPv4 information will be missing from outgoing CDP packets Explanation A scan of the IPv4 addresses on this interface has failed. This means that IPv4 address information for this interface will not be included in outgoing CDP packets. The neighboring device will not see the IPv4 address information for this interface. Recommended Action Restarting CDP as the address consumer, or the ipv4_ma as the address provider on this node may rectify the problem. proc restart cdp location location of failure or proc restart ipv4_ma location location of failure Layer 2 Messages CDP Messages EM-582 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDP-3-ERR_IPV4_REGISTRATION Unable to register for IPv4 address notifications: [chars]. This means that IPv4 information will be missing from outgoing CDP packets. Explanation CDP registration with the IP address library has failed. This means that IPv4 address information for interfaces local to this node will not be included in outgoing CDP packets. The neighboring devices will not see the IPv4 address information for this router’s interfaces. Recommended Action Restarting CDP as the address consumer, or the ipv4_ma as the address provider on this node may rectify the problem. proc restart cdp location location of failure or proc restart ipv4_ma location location of failure Error Message %L2-CDP-3-ERR_IPV6_ADDRESS_SCAN [chars]: Failed to scan the IPv6 addresses for this interface: [chars]. This means that IPv6 information will be missing from outgoing CDP packets Explanation A scan of the IPv6 addresses on this interface has failed. This means that IPv6 address information for this interface will not be included in outgoing CDP packets. The neighboring device will not see the IPv6 address information for this interface. Recommended Action Restarting CDP as the address consumer, or the ipv6_ma as the address provider on this node may rectify the problem. proc restart cdp location location of failure or proc restart ipv6_ma location location of failure Error Message %L2-CDP-3-ERR_IPV6_REGISTRATION Unable to register for IPv6 address notifications: [chars]. This means that IPv6 information will be missing from outgoing CDP packets. Explanation CDP registration with the IP address library has failed. This means that IPv6 address information for interfaces local to this node will not be included in outgoing CDP packets. The neighboring devices will not see the IPv6 address information for this router’s interfaces. Recommended Action Restarting CDP as the address consumer, or the ipv6_ma as the address provider on this node may rectify the problem. proc restart cdp location location of failure or proc restart ipv6_ma location location of failure Error Message %L2-CDP-3-ERR_STATS No per-interface CDP protocol statistics can be collected: [chars] Explanation It was not possible for CDP to register for per-interface CDP protocol stats collection. The entries in the ’show interface accounting’ command are likely to be inaccurate for CDP packets. Recommended Action Try restarting CDP and the Statistics server process on this node. proc restart cdp location node proc restart statsd_server location node If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CDP Messages EM-583 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDP-3-STALE_TLV On [chars] the [chars] TLV is not up to date: [chars] Explanation CDP received a notification to update a TLV that it sends but failed to do so due to the error given. The information stored by CDP is now out of date. Recommended Action Perform ’cdp disable’, ’cdp enable’ on the interface. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-4-DUPLEX_MISMATCH Duplex mismatch discovered on [chars] ([chars]), with [chars] [chars] ([chars]). Explanation CDP discovered mismatching duplex configuration on neighboring interfaces. Recommended Action Configure the interfaces with the same duplex (full or half). Error Message %L2-CDP-4-ERR_MULTICAST_ADDR_SET Error setting up the CDP multicast address on [chars] (media [chars]): [chars] Explanation The driver returned an error while setting up the CDP multicast address. It is possible that CDP packets will be dropped and not reach the CDP process. Recommended Action If CDP packet loss is seen then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-4-ERR_TABLE_RESIZE Not enough memory to clear and resize the CDP table Explanation CDP ran out of memory when trying to resize the CDP hash table. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. CDP will try and continue to use the previous CDP table. Error Message %L2-CDP-4-NEIGHBOR_LIMIT The CDP cache on this node is full. It contains [dec] neighbor entries Explanation The limit for neighbors in the CDP cache has been reached. No more neighbors will be added to the neighbor cache until some existing entries have been removed. The number of entries is limited to defend against DoS attacks. Recommended Action Check the existing CDP neighbors for bogus entries, CDP may be the victim of an attempted DoS attack. The ’clear cdp table’ command can be used if CDP neighbor entries need removing. Layer 2 Messages CDP Messages EM-584 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDP-4-NO_KNOWN_MEDIA CDP did not find any recognized media to run over Explanation CDP failed to initialize the media module because it could not find any media that it recognizes. This may be a normal situation if CDP does not support the interface types on this node. In other circumstances CDP should recover automatically by restarting. Recommended Action If there are no interfaces on this node with a media type that CDP is expected to run on then this could be a normal condition. If it is expected that CDP should run on the type of interfaces on this node then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-4-NO_KNOWN_MEDIA_DRIVERS CDP did not find any recognized media drivers Explanation CDP failed to initialize the media module because it could not find any media drivers that it recognizes. This may be a normal situation if CDP does not support the interface types on this node. In other circumstances CDP should recover automatically by restarting. Recommended Action There are no media drivers for the interfaces on this node. If CDP does not support the interface types on this node then this could be a normal situation Otherwise Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-4-WARN_INIT Initialization warning, module: [chars], operation: [chars]: [chars] Explanation A failure occurred during the initialization of CDP. CDP will restart and this should resolve the problem. Recommended Action CDP will try to recover automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDP-4-WARN_TERM Termination warning, module: [chars], operation: [chars]: [chars] Explanation A failure occurred during CDP’s termination. In this situation CDP should recover automatically. Recommended Action CDP should recover automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CDPCP Messages EM-585 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDP-6-DELETED_NEIGHBOR CDP Neighbour [chars] on interface [chars] has been deleted, remote interface [chars] Explanation An entry has been removed from the CDP neighbors table. Notification of deleted CDP neighbors requested through ’cdp log adjacency changes’. Recommended Action No action is required. Error Message %L2-CDP-6-NEW_NEIGHBOR New CDP neighbor [chars] detected on interface [chars], remote interface [chars] Explanation A new entry has been added to the CDP neighbors table. Notification of new CDP neighbors requested through ’cdp log adjacency changes’. Recommended Action No action is required. CDPCP Messages Error Message %L2-CDPCP-3-DEBUG_ASSOC Conditional debug association failed; [chars] Explanation An error has occurred upon attempting to associate conditional debugging with PPP debug commands. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-DEBUG_COND_REGISTER Conditional debug registration failed; [chars] Explanation An error has occurred upon attempting to register for conditional debugs. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CDPCP Messages EM-586 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDPCP-3-DEBUG_REGISTER Debug registration failed; [chars] Explanation An error has occurred upon attempting to connect to the debug server. This may cause debug messages to not appear. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_CONN Connection [chars] failed for [chars]; [chars] Explanation An failure in the reconnection software in the function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_EVENT Failed to [chars] [chars] event; [chars] Explanation An event handler has returned an error condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_EVENT_MGR_CREATE CDPCP Failed to initialize event manager; [chars] Explanation Initialization of the event manager failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_IM_STATE Failed to get basecaps state for [chars]; [chars] Explanation CDPCP was unable to determine the state of the basecaps and has assumed it to be down. CDPCP will remain closed until the interface is brought down and up again. Recommended Action Shut the interface and then bring it up again. Layer 2 Messages CDPCP Messages EM-587 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDPCP-3-ERR_MBOX_ADD [chars] [chars] failed to add [chars]; [chars] Explanation An attribute has failed to be added to the message which was being constructed which has caused the message to be discarded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_MBOX_CREATE [chars] failed to create [chars]; [chars] Explanation An attempt to allocate a message failed. This may be due to lack of resources. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_MBOX_INIT Failed to init [chars] message for [chars]; [chars] Explanation The initialization of a message failed, this results in a failure to communicate with the Link Control Protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_MBOX_SEND [chars] failed to send [chars]; [chars] Explanation A message failed in a send attempt to a particular mailbox. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_MQ_OPEN Failed to open message queue [chars]; [chars] Explanation CDPCP has failed to open a mailbox channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CDPCP Messages EM-588 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDPCP-3-ERR_NETIO_RXQ Failed to support [chars] [chars]; [chars] Explanation CDPCP has attempted to update the data component with the current status of the control protocol. The attempt has failed which will has the effect of leaving the data component with the previous set of information. This may result in an inability to negotiate CDPCP. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_SYSDB SysDB [chars] failed; [chars] Explanation CDPCP cannot perform some SysDB operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_SYSDB_NOTIFICATION Failed to [chars]register for SysDB notification of [chars]; [chars] Explanation CDPCP cannot (un)register for SysDB notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-ERR_TIMER [chars] [chars] timer [chars] Explanation The manipulation of a timer had an abnormal side effect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-3-LTRACE_INIT CDPCP Failed to initialize the ltrace buffer; [chars] Explanation The buffer used for tracing could not be allocated. The process will be restarted. Recommended Action The most likely cause of a problem is not enough memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages CDPCP Messages EM-589 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDPCP-4-ERR_EVENT_WAIT Error waiting for event; [chars] Explanation The event loop has received a message of a type it does not recognize. All events should be received by handlers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-4-ERR_INTERFACE_NULL [chars]: Interface NULL Explanation A function was called with a NULL interface pointer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-4-ERR_MEMORY Insufficient memory for [chars] Explanation CDPCP failed to allocate memory for a structure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-4-ERR_MQ_RECEIVE Error receiving from message queue; [chars] Explanation CDPCP has failed to receive a message from its mailbox. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-4-ERR_NO_INTERFACE Interface [chars] not found Explanation A SysDB name lookup failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CDPCP Messages EM-590 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CDPCP-4-ERR_NO_INTERFACE_STRUCT Structure for interface [chars] not created; [chars] Explanation CDPCP failed to create an interface structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-6-ERR_IM_CONNECT Failed to [chars]bind [chars] IM; [chars] Explanation CDPCP has failed to either bind to or unbind from the interface manager server. Recommended Action No action is required. Error Message %L2-CDPCP-6-ERR_IM_ENCAPS Failed to [chars] [chars] encapsulation; [chars] Explanation CDPCP has failed an encapsulation operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CDPCP-6-ERR_IM_EVENT Failed to [chars] event; [chars] Explanation CDPCP has failed to either initialize or specify an event with the interface manager server. Recommended Action No action is required. Error Message %L2-CDPCP-6-ERR_IM_PROTO Failed to [chars] [chars] protocol; [chars] Explanation CDPCP has failed a protocol operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages CEMA Messages EM-591 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CEMA Messages Error Message %L2-CEMA-3-FATAL_ERR CEMA Fatal Error: [chars] Explanation An internal fatal error was detected in CEMA module operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CEMA-3-MISMATCH_ERR CEMA Mismatch Error: [chars] Explanation A process on the line card that manages a SPA was restarted. As a part of restart, a mismatch was detected between user specified configuration and the actual configuration of SPA hardware. Recommended Action The mismatch can be service affecting in certain cases. Please check if the entity specified in the error log and all it’s children are functioning correctly. Contact Cisco TAC for further assistance. Error Message %L2-CEMA-4-GEN_ERR CEMA Internal Error: [chars] Explanation An internal error was detected in CEMA module operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CFM Messages Error Message %L2-CFM-3-BD_ERROR Failed to communicate with the Bridge Domain Infrastructure: [chars] Explanation The Bridge Domain Infrastructure reported an error which could not be handled. The operation will not be retried - the internal state of CFM may not match the global system state. Recommended Action If any problems are observed, then try restarting the process that encountered the error using the ’process restart’ command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CFM Messages EM-592 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-3-CCI_TIMER Failed to start CCM generation timer in domain [chars], service [chars] with timeout [unsigned int]ms, jitter [unsigned int]ms: [chars] Explanation An error occurred while starting or restarting the CCM generation timer. No further CCM messages will be sent for MEPs in this domain/service. Recommended Action Unconfigure CCM generation for this service, commit the configuration, then reconfigure it. If the problem persists, it may be possible to recover by restarting the ’cfmd’ process on the node where the problem occurs. Error Message %L2-CFM-3-CCM_GEN_ERROR Failed to re-enable the generation of CCM messages for a number of local MEPs as a result of an interface state change or changes in configured CoS bits for the MEPs: [chars] Explanation A failure occurred when attempting to regenerate stored CCM messages in the Maintenance Point database as a result of an EFP state change, or MEP CoS bits changes in config. This may result in outgoing CCM messages containing incorrect interface state information or CoS bits. If the error persists, CFM may not operate correctly. Recommended Action If the error persists, it may be cleared by restarting the cfmd process on the node where the error is occurring. Error Message %L2-CFM-3-CFG_DELETED_INTF_OP Received new configuration for an interface that is not expected to exist. Configuration operation: [chars]. Interface CH[hex] Explanation A notification from another part of the system indicates that some operation should be performed on an interface that does not exist in Interface Manager. The CFM Daemon’s internal state will be updated in accordance with the requested operation, but no Maintenance Points will be created on the affected interface. This indicates an inconsistency between the Interface Manager and other infrastructure components. Recommended Action Removing and re-applying the configuration responsible for the failed operation may help to resynchronize system state. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-CFG_UPDATE_LOST Failed to update CFM configuration. [chars] Explanation CFM encountered an error while trying to update its internal state, and retrying the operation has not resolved the problem. This situation could indicate that system resources are low, or a problem with another part of the system. It is likely that the operational state of CFM will become out-of-sync with Configuration. Recommended Action Restarting the CFM Daemon on the node where the problem has occurred may help to resynchronize the system state. This error may occur as a result of memory exhaustion; attempt to resolve any memory issues before attempting to solve this problem. After system resource Layer 2 Messages CFM Messages EM-593 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 isses have been resolved, issue ’process restart cfmd location node’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-CGM_APPLY_FAILED Failed to apply new CFM Configuration. It is likely that the protocol will not operate as intended: [chars] Explanation The CFM Global Manager was unable to enact a set of valid configuration changes. Future configuration changes may be adversely affected. The problem could be caused by a system resource issue. Recommended Action Attempt to resolve any memory issues before attempting to solve this problem. After system resource isses have been resolved, issue ’process restart cgm’ on the affected node. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-DB_DELETE_FAILED Failed to delete [chars] object (ID [chars]) from the [chars] database, because the object wasn’t found Explanation A user requested that an object be removed from a database in which it was not present. The process should recover from this event, but it may indicate an internal inconsistency which could cause other problems. Recommended Action *SUPPORT* Error Message %L2-CFM-3-DB_INCONSISTENT An error condition that indicates an internal inconsistency in a database was encountered: [chars] Explanation An internal inconsistency was identified while performing some operation on the database. The process will attempt to recover a consistent state, and should be able to continue operating. It is possible that some parts of CFM may become out of sync. Recommended Action If additional problems are observed then restarting the process may help to restore the system to a consistent state. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CFM Messages EM-594 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-3-DB_LOCK_ERROR Failed to perform [chars] operation on [chars] lock in database: [chars] Explanation An error was encountered while trying to perform an operation on a lock. The thread will continue without retrying the operation. In most cases, no further adverse behaviour should be observed. Recommended Action *SUPPORT* Error Message %L2-CFM-3-ELO_LB_STATE Failed to retrieve the 802.3 Ethernet Link OAM loopback state of some physical interfaces. [chars] Explanation CFM encountered an error while trying to retrieve the 802.3 Ethernet Link OAM loopback state of some physical interfaces, in order to report the state correctly in outgoing CCMs. This situation could indicate a problem in the Ethernet Link OAM daemon (elod) process, or that system resources are low, or a problem with another part of the system. It is likely that the interworking state reported in outgoing CCM messages will be incorrect. Recommended Action Restarting the CFM Daemon or Ethernet Link OAM Daemon may help to resynchronize the loopback state. This error may occur as a result of memory exhaustion; attempt to resolve any memory issues before attempting to solve this problem. After system resource isses have been resolved, issue ’process restart cfmd’ and ’process restart elod’ on the node with the affect interfaces. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-ENGINE_TIMER Failed to process engine timer: [chars] Explanation An error occurred while processing the engine thread timer wheel. This may cause CCMs not to be sent, or remote MEPs not to time out after the configured loss time. Recommended Action The process may recover after 60s. If the problem persists, it may be possible to recover by restarting the ’cfmd’ process on the node where the problem occurred. Error Message %L2-CFM-3-FAULT_NOTIFICATION Failed to generate a fault notification for a local MEP - domain: [chars], service: [chars], MEP ID: [unsigned int], interface: CH[hex]: [chars] Explanation An error was encountered when trying to generate a fault notification for a local MEP, as a result of a defect detected from a remote MEP. This will mean that the corresponding SNMP trap will not be raised. If the error persists, CFM may not operate correctly. Recommended Action If the error persists, it may be cleared by restarting the cfmd process on the node where the error is occurring. Layer 2 Messages CFM Messages EM-595 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-3-HW_ERROR Failed to update the hardware with new CFM configuration. [chars] Explanation CFM encountered an error while trying to update the hardware packet handling after a configuration update, and retrying the operation has not resolved the problem. This situation could indicate that system resources are low, or a problem with another part of the system. It is possible that CFM will not receive packets that it should be processing, or packet processing may operate more slowly than expected. Recommended Action Restarting cfmd or cfm_ea processes on the affected node may help to update the packet handling correctly. This error may occur as a result of memory exhaustion; attempt to resolve any memory issues before attempting to solve this problem. After system resource isses have been resolved, issue ’process restart cfmd’ on the affected node. If that has no effect, issue ’process restart cfm_ea’ on the node with the affected interfaces. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-IM_STATE_ERROR Failed to reply to Interface Manager with states for [unsigned int] interfaces: [chars] Explanation CFM encountered an error while trying send a state message to Interface Manager, and the error could not be recovered from by retrying. Interface Manager is likely to continue to wait for a response, and then shut down the affected interfaces. Recommended Action The state operation is not essential to the operation of CFM, so if no ill effects are observed then no action is needed. If the Interface Manager shuts the interfaces down unexpectedly, then try issuing ’no shutdown’ for each affected interface, to refresh the state. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-INV_DEBUG_FLTR Failed to enable the requested debugging. Invalid debug filter string: [chars] Explanation The CFM debug library was notified about the creation of a debug item in SysDB which had an unexpected number of filter parameters. The corresponding debugging flag has not been enabled in CFM, which may lead to some debug not being printed as expected. Recommended Action If any problems are observed, then try removing the debug filter using the ’no debug ethernet cfm’ command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CFM Messages EM-596 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-3-LWM_ERROR Failed to send a [chars] LWM message from [chars] to [chars] thread in the CFM Daemon - message type: [chars]: [chars] Explanation The LWM subsystem indicated an error when trying to send a message between threads in the CFM Daemon, which could not be handled. The operation will not be retried - the internal state of CFM may not match the global system state. Recommended Action If any problems are observed, then try restarting the CFM Daemon using the ’process restart’ command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-MA_RESYNC Unable to [chars] resynchronization of Maintenance Point state with the CFM EA after a process restarted: [chars] Explanation The CFM Daemon encountered an error while trying to resynchronize with the CFM EA after a process (either the CFM Daemon, EA, or Interface Manager) restarted. The EA may have an incorrect view of the set of Maintenance Points configured, so CFM packets may not be handled correctly. Recommended Action The CFM Daemon was unable to retry internally, but restarting the CFM Daemon may help to resynchronize the system state. Wait until any system resource problems have been resolved, and then issue ’process restart cfmd’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-MEPS_DELETE_CCM_GEN Attempt to delete [unsigned int] MEPs while some MEPs are having CCM generation enabled/disabled. Explanation The CFM MA tried to delete a number of MEPs in the Protocol Manager while the Protocol Manager had scheduled a number of MEPs to have CCM generation enabled or disabled in the engine. The CCM generation batches have been cleared, which may cause an inconsistency between CFM’s internal state and the requested configuration. Recommended Action If any problems are observed, then try restarting the CFM Daemon using the ’process restart’ command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CFM Messages EM-597 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-3-MP_DB_ALLOC Failed to create Maintenance Point [chars] in the database. Error [chars] Explanation The CFM MA was unable to create a new Maintenance Point in the database. This indicates that either system resources are low, or that there is an internal problem with CFM. The set of Maintenance Points created by CFM will not match the requested configuration. Recommended Action Wait until any situation which is putting stress on system resources is resolved, and then try to delete and re-apply the configuration for the affected Maintenance Points. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-PAK_ERROR Failed while processing packet in [chars]: [chars] Explanation An error occurred unexpectedly while calling the packet management infrastructure to handle a CFM packet during packet send. Recommended Action The ’cfmd’ process will restart after this error is seen. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-RETRY_EXCEEDED Reached the maximum number of retry attempts for [chars]. Failed updates for [unsigned int] interfaces will not be applied Explanation The CFM MA attempted the maximum number of retrys for a failed operation. The operation will not be retried again. The MA will attempt to recover, but it is possible that the Maintenance Points created will not match those specified in configuration. The problem could be caused by a system resource issue. Recommended Action Attempt to resolve any memory issues before attempting to solve this problem. After system resource isses have been resolved, issue ’process restart cfmd’ on the affected node. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CFM Messages EM-598 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-3-STATE_UPDATE_DROPPED Failed to update [unsigned int] interface states in CCMs. Explanation There were insufficient system resources to provide the CFM Protocol Manager with interface state updates. The state update notifications will not be delivered, and the interface states in Continuity Check Messages will be incorrect for the affected interfaces. Other CFM functionality is unaffected. Recommended Action Wait until any situation which is putting stress on system resources is resolved, and then issue the ’process restart cfmd’ command to resynchronize the Interface states within CFM. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-3-WL_QUEUE_FAILED Failed to schedule Maintenance Point [chars] processing for [chars]. [chars] Explanation The CFM MA failed to schedule an operation required to modify Maintenance Point configuration for an interface. This is likely to be a system resource issue. Recommended Action Attempt to resolve any memory issues before attempting to solve this problem. After system resource isses have been resolved, issue ’process restart cfmd’ on the affected node. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-4-CCM_PARSE_FAILED Failed to parse CCM received by MEP in domain [chars], service [chars], local MEP ID [unsigned int] on interface CH[hex], CCM received from [chars]: [chars] Explanation An error occurred while parsing a received CCM message - the error string gives more details. This error is not caused by malformed or invalid packets. If the error persists, CFM may not operate correctly. Recommended Action If the error persists, it may be cleared by restarting the cfmd process on the node where the error is occurring. Layer 2 Messages CFM Messages EM-599 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-4-CFG_INCONSISTENT Configuration change requested is inconsistent with the current state: [chars] Explanation CFM recieved a configuration update that can not be processed because it is not consistent with the current internal state. The requested update will be rejected. Recommended Action Restarting the process may help to resynchronize the system state. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-4-ENCAP_CHANGE [chars]: [chars] on Interface CH[hex] - CFM [chars] on this interface Explanation Set: Packets cannot be sent by CFM from the interface mentioned in the message, for one of the following reasons: - The interface has no encapsulation configured. - The interface has a complex encapsulation configured, which is not supported in conjunction with CFM. Complex encapsulations include: - Matching on source or destination MAC addresses - Matching on payload ethertype - Matching on VLAN tags using the ’any’ keyword. In these cases, it cannot be determined how to format the ethernet header for sending CFM packets, and hence CFM is not supported in these scenarios. - The CoS bits configured for the MEP conflict with the CoS bits configured in the interface encapsulation. Clear: the error condition no longer holds; the interface has a supported encapsulation and CFM packets can be sent. Recommended Action If the problem relates to the encapsulation, then either configure the encapsulation on the interface, without using the above types of ’complex’ matching criteria, or deconfigure any CFM MEPs on the interface. If the problem is a conflict in the CoS bits, then either reconfigure either the MEP or the encapsulation, so that the CoS bits specified for the MEP fall within the CoS bits specified in the encapsulation, if any. Error Message %L2-CFM-4-EXIT_FAILED Failed to notify SysMgr that [chars] is exiting: [chars] Explanation The specified process failed to notify the system manager that it was exiting. In very rare cases, this could result in the process not being restarted when it ought to be. Recommended Action If the process in not running and it ought to be (ie, there is CFM configuration remaining), then remove all CFM configuration, commit this change, then re-apply the configuration. Layer 2 Messages CFM Messages EM-600 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-4-INIT_FAILED Failed to initialize [chars]: [chars]%s Explanation An error was encountered while the specified process was initializing. The error message contains details about the source of the error. Recommended Action The process will exit and will be restarted. If the problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-4-LOSS_TIMER_FAILED Failed to restart loss timer for MEP in domain [chars], service [chars], local MEP ID [unsigned int] on interface CH[hex], remote MAC [chars], remote MEP ID [unsigned int]: [chars] Explanation An error occured while restarting the loss timer for the remote MEP specified in the error message. This could cause the remote MEP to incorrectly be declared down some time later. Recommended Action If the error persists and remote MEPs continually flap as a result, the problem may be corrected by restarting the cfmd process on the node where the problem is being reported. Error Message %L2-CFM-4-LOST_EVENT [chars] lost event: [chars] Explanation The specified process failed to receive an event that was sent to it. Recommended Action If any problems are seen, they may be rectified by restarting the process using the ’process restart’ command. Error Message %L2-CFM-4-MIB_CHKPT_BATCH_ERROR Failed to manage the checkpointed state: [chars]. [chars] Explanation CFM encountered an error while trying to maintain its checkpoint database. The checkpoint database is used to manage persistent MIB index values for accessing Domains and Services over SNMP. If an error was encountered then CFM has been unable to guarantee that MIB index values will be correctly maintained across process restarts, and existing database objects may have their MIB indices re-assigned. Recommended Action CFM should continue to operate normally, except for possible re-ordering of MIB index values for any configured Domains and Services. CFM will have tried to correct any errors it encountered in the checkpoint database. If additional problems with CFM configuration are observed, then restarting the CGM Global Manager may help to resolve the problem. The CFM Global Manager can be restarted by issuing ’process restart cgm’ on the affected node. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CFM Messages EM-601 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-4-MIB_CHKPT_ITEM_ERROR Failed to manage the checkpointed state for a single item: [chars]. [chars] Explanation CFM encountered an error while trying to maintain its checkpoint database, for a single item in the database. The checkpoint database is used to manage persistent MIB index values for accessing Domains and Services over SNMP. If an error was encountered then CFM has been unable to guarantee that MIB index values will be correctly maintained across process restarts, and existing database objects may have their MIB indices re-assigned. Recommended Action CFM should continue to operate normally, except for possible re-ordering of MIB index values for the affected items. CFM will have tried to correct any errors it encountered in the checkpoint database. If additional problems with CFM configuration are observed, then restarting the CGM Global Manager may help to resolve the problem. The CFM Global Manager can be restarted by issuing ’process restart cgm’ on the affected node. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-CFM-4-NOTIFY_LOSS_FAILED Failed to relay information about loss of connectivity for MEP in domain [chars], service [chars], local MEP ID [unsigned int], remote MEP ID [unsigned int], remote MAC [chars]: [chars] Explanation The CFM packet handling module has detected that a remote MEP has gone down (ie that no CCM has been received for the loss time), but has failed to notify the management module. As a result, the proper handling for this event (eg generating log messages and SNMP traps) will not take place. Recommended Action If the error persists, the problem may be corrected by restarting the cfmd process on the node where the problem is being reported. Error Message %L2-CFM-4-PACKET_DECODE_FAILED Failed to decode [unsigned int] ethernet packets, first error: [chars] Explanation An error occurred while attempting to decode a batch of ethernet frames which had been received. The source of the error is the Ethernet Packet Infrastructure. The received packets will be dropped as a result of this error. This could cause remote MEPs to time out, or ping/traceroute operations to fail. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages CFM Messages EM-602 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-6-CC_ERROR Remote MEP error change: [chars] - domain [chars], service [chars], local MEP ID [unsigned int], local interface CH[hex], remote MEP ID [unsigned int], remote MAC address [chars], errors [chars] Explanation A change in the errors reported by a CCM message from a remote MEP was detected. This message appears because the service which the local MEP belongs to has continuity-check error change logging configured. Recommended Action None. Error Message %L2-CFM-6-MEP_CHANGE Remote MEP change: [chars] - domain [chars], service [chars], local MEP ID [unsigned int], local interface CH[hex], remote MEP ID [unsigned int], remote MAC address [chars], errors [chars] Explanation A CCM message was received from a new remote MEP, or a previously-known remote MEP timed out (i.e. its configured loss threshold was exceeded). This message appears because the service which the local MEP belongs to has continuity-check state change logging configured. Recommended Action None. Error Message %L2-CFM-6-SHMWIN_RESET Resetting CFM shared memory data: [chars] Explanation The CFM shared memory window is being reset. All shared memory data will be lost. This means that all per-interface, per-MEP and per-remote-MEP counters are reset to zero. Recommended Action None. Error Message %L2-CFM-6-TOO_MANY_TLVS More than the supported number of TLVs were found while processing [chars] (total length [unsigned int]) Explanation While processing a received CFM PDU, more than the supported number (32) of TLVs were found. This is very unlikely to occur in normal operation, and may therefore indicate a denial-of-service attack. Recommended Action Use CFM debugging (’debug ethernet cfm packets’) to determine from where the problematic packets are originating. If the packets are from a trusted source and are expected, modify the configuration on that host to reduce the number of organisation-specific or otherwise unknown TLVs contained in the packet (ie TLVs not defined in the CFM standard, IEEE 802.1ag). Layer 2 Messages CFMMIB Messages EM-603 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CFM-6-XC_ERROR Cross-check error change for local MEP in domain [chars], service [chars] with MEP ID [unsigned int] on interface CH[hex] for configured cross-check MEP ID [unsigned int][chars]: [chars] Explanation A change in the cross-check status of a remote MEP was detected. This may indicate an expected remote MEP configured by cross-check is missing, or a CCM message has been received unexpectedly from a remote MEP which was not configured for cross-check, or that one of the above errors has been cleared. This message appears because the service which the remote MEP belongs to has cross-check error change logging configured. Recommended Action None. Error Message %L2-CFM-7-PD_NOT_SUP Operation attempted which is not supported by platform, but the platform is advertising the relevant capability: [chars] Explanation An operation was attempted which is not yet supported by the platform-dependent code, but which the platform is advertising as a supported capability. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CFMMIB Messages Error Message %L2-CFMMIB-3-NO_DEBUG Unable to register for DOT1AG MIB debug. No further debugging will occur: [chars] Explanation In the initialisation of the DOT1AG MIB DLL an error occurred whilst attempting to register for debugging. Consequently there will be no debug output from the DOT1AG MIB DLL. Recommended Action Continue working with the DOT1AG MIB DLL without any debugging taking place or restart the DLL such that during initialisation there is another attempt register for debugging. Error Message %L2-CFMMIB-3-NO_TRAP Unable to register for SNMP traps. Traps will not be sent regardless of trap events occurring: [chars] Explanation In the initialisation of the DOT1AG MIB DLL an error occurred whilst trying to register a callback function for the enabling of SNMP traps. Alternatively whilst trying to enable traps there was a failure in binding to SysDB for trap notifications. Recommended Action Continue working with the DOT1AG MIB DLL without any the ability to send traps when events occur or restart the DLL such that there is another attempt to register for traps.Layer 2 Messages CHDLC_EA Messages EM-604 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CHDLC_EA Messages Error Message %L2-CHDLC_EA-4-ERR_EVM_EVENT_BLOCK Error receiving an event: [chars]. The cHDLC EA process will restart Explanation An error occured in the event loop. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-CHDLC_EA-4-ERR_INIT Failure during initialization of the [chars]. Error [chars]. The cHDLC EA process will restart Explanation A failure occured during the initialization of the process. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-CHDLC_EA-6-ERR_IMP_MULTIPLE_NTFCNS CH[hex]: Multiple [chars] notifications received in a single batch from improxy Explanation A batch from IMProxy contained multiple notifications for a single interface. This should not occur but the situation has been recovered successfully by the cHDLC EA. No problems should be seen as a result. Recommended Action *NONE* CHDLC_MA Messages Error Message %L2-CHDLC_MA-3-ERR_IIR_BDL_OP The cHDLC MA failed to process a bundle IIR [chars] message on CH[hex], error: [chars] Explanation The chdlc_ma process failed to process a bundle IIR notification message. Further it is not able to propagate the message back to the virtual interface owner, and hence it is possible that the basecaps is out of step with the bundle configuration. Recommended Action *SUPPORT* Layer 2 Messages CHDLC_MA Messages EM-605 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CHDLC_MA-3-ERR_INTF_UP_DOWN An error has occured resulting in the interface state being UP, and the line state being DOWN on interface CH[hex]. Because keepalives are disabled the line will never come up. The situation may be resolved by shutting and no shutting the interface, or enabling keepalives. Explanation If keepalives are disabled and certain errors occur then the interface and line state can end up being out of step. Without keepalives enabled, SLARP has no way to recover by discovering the correct line state, so user intervention is required for a chance of recovery. Recommended Action shut and then no shut the problematic interface, or enable keepalives on the interface. Error Message %L2-CHDLC_MA-3-ERR_SYSMGR_SOCK_FEAT_START Startup of the cHDLC Socket feature has unexpectedly failed: [chars] Explanation The cHDLC socket feature unexpectedly failed to be started by sysmgr. This may mean that processes which use cHDLC sockets to send and receive packets will be unable to do so, and may not be working correctly. Symptoms would include loss of SLARP keepalive packets causing the line state to go down, loss of CDP packets and loss of LACP packets on cHDLC encapsulated interfaces. Recommended Action The problem can be fixed by manually starting the cHDLC Socket server process on the affected node using the command ’process start chdlc_socket location location’. The command ’show process chdlc_socket location location’ will indicate the state of the process. Once the socket server process is running, no further action is required. Error Message %L2-CHDLC_MA-4-ERR_EVM_EVENT_BLOCK Error receiving an event: [chars]. The cHDLC MA process will restart Explanation An error occured in the event loop.The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-CHDLC_MA-4-ERR_INIT Failure during initialization of the [chars]. Error [chars]. The process will restart Explanation A failure occured during the initialization of the process. The cHDLC MA process will restart which should recover the situation. Recommended Action *RECUR* Layer 2 Messages CHDLC_SOCK Messages EM-606 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-CHDLC_MA-6-ERR_IM_MULTIPLE_NTFCNS CH[hex]: Multiple [chars] notifications received in a single batch from Interface Manager Explanation A batch from Interface Manager contained multiple notifications for a single interface. This should not occur but the situation has been recovered successfully by the cHDLC MA. No problems should be seen as a result. Recommended Action *NONE* CHDLC_SOCK Messages Error Message %L2-CHDLC_SOCK-4-ERR_EVM_EVENT_BLOCK Error receiving an event: [chars]. The cHDLC socket server process will restart Explanation An error occured in the event loop. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-CHDLC_SOCK-4-ERR_INIT Failure during intialisation of the chdlc_socket process - specifically [chars]. Error: [chars]. The process will restart Explanation A failure occurred during the initialisation of the cHDLC socket process. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-CHDLC_SOCK-4-ERR_PAKMAN_CORRUPTION Unable to handle pakman corruption error: [chars]. chdlc_socket process restarting Explanation A packet manager corruption has been reported and the cHDLC Socket process has failed to cleanup to recover from the problem. The process will exit and be automatically restarted to recover from this situation. Recommended Action It is expected that restarting the process will fix this problem. This is done automatically so no action should be required. If the problem recurs, then there is a problem in packet manager. A drastic solution would be to reload the linecard.Layer 2 Messages CHDLCDLL Messages EM-607 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CHDLCDLL Messages Error Message %L2-CHDLCDLL-3-ERR_DEBUG_REGISTER Could not register for debug events : [chars] Explanation There was an error registering the cHDLC Netio debug with the debug library. No debug will be available for the cHDLC Netio DLLs. Recommended Action *SUPPORT* Error Message %L2-CHDLCDLL-3-ERR_PKT_ENCAP Encapsulation of HDLC packet failed. Packet type-code [hex] Explanation The encapsulation of an HDLC packet failed for the network protocol with the ethernet type code specified. The packet has been dropped. Recommended Action *SUPPORT* Error Message %L2-CHDLCDLL-3-ERR_TRACE_REGISTER Could not register with tracing infrastructure: [chars] Explanation An attempt to register with the tracing infrastructure failed. This will mean that tracing for the cHDLC Netio DLLs will not be available. Recommended Action *SUPPORT* CHIPs Messages Error Message %L2-CHIPs-2-error [chars] Explanation A high severity error has occurred in PLIM FPGA. This might result in the PLIM being reset. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages COMMS Messages EM-608 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 COMMS Messages Error Message %L2-COMMS-3-MSG_DROPPED Unexpected error has lead to an incoming message being dropped: [chars] Explanation An incoming control message could not be fully processed due to an unexpected error. Recommended Action Restarting the process in question should result in a full resync of all data. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-COMMS-3-MY_ID_MISMATCH Checkpoint data for this connection (id %hu) has invalid id (%hu) Explanation The Checkpoint table contained unexpected data. This is unexpected, and could indicate memory corruption of some sort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-COMMS-3-MY_SAVE_FAILED Failed to save Checkpoint sequence information for connection [chars] Explanation The client failed to save its own sequence data to Checkpoint. If the process restarts before the save is successfully retried, remote clients may get out of sync, and data loss could occur. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-COMMS-3-SAVE_FAILED Failed to save Checkpoint entry [hex]/[hex] on connection [chars] Explanation The client failed to save data to Checkpoint. If the process restarts before the save can be retried, then data loss could occur. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages d1qnetio Messages EM-609 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-COMMS-4-DUPLICATE_ENTRY Duplicate Checkpoint entry for ID %hu on node [hex] Explanation The Checkpoint table contained a duplicate entry. This is unexpected, and likely indicates a software fault. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. d1qnetio Messages Error Message %L2-d1qnetio-3-CHAIN_BUILDER_FAILED The chain build function failed because ’[chars]’ (error: [chars]) Explanation The software forwarding support for IEEE802.1Q VLANs was unable to set up an interface. Software forwarding VLAN functionality on the affected node may be impaired. Recommended Action It may help to restart the VLAN EA process on the affected node, with process restart vlan_ea location [location]. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-d1qnetio-3-IDB_NOT_FOUND The Netio IDB associated with handle [hex] could not be found Explanation The software forwarding support for IEEE802.1Q VLANs was unable to process a message sent to a particular interface because the interface does not exist in NetIO. Software forwarding VLAN functionality on the affected interface may be impaired. The interface can be determined from its handle with show im chains ifhandle [handle]. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-d1qnetio-3-REGISTRY_CREATION_FAILED Unable to create the protocol registries during capsulation initialization Explanation The 802.1Q NetIO component could not necessary data structures during its initialization. Software forwarding VLAN functionality on the affected is likely not to work. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages d1qnetio Messages EM-610 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-d1qnetio-3-SUBBLOCK_REG_FAILED 802.1Q Netio failed to register the dot1q_ether subblock (error: [chars]) Explanation The software forwarding support for IEEE802.1Q VLANs was unable to initialise on the specified node. Software forwarding VLAN functionality on the affected is likely not to work. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-d1qnetio-3-TRACE_INIT_ERROR A error occurred during trace initialization, err: [chars] Explanation The 802.1Q NetIO component encoutered an error during trace buffer initialization. This is likely to cause VLAN interface setup to fail. Recommended Action If this error occurred as a result of applying configuration, try removing and reapplying the configuration. If this does not work, it may be necessary to reload the affected linecard. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-d1qnetio-4-CHAIN_UNBUILDER_FAILED The chain unbuild function failed because ’[chars]’ (error: [chars]) Explanation The software forwarding support for IEEE802.1Q VLANs was unable to clean up an interface. Forwarding should not be affected. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-d1qnetio-4-DEBUG_INIT_ERROR An error occurred during debug initialization (error: [chars]) Explanation The 802.1Q NetIO component encoutered an error during debug initialization. This is likely to cause VLAN interface setup to fail. Recommended Action If this error occurred as a result of applying configuration, try removing and reapplying the configuration. If this does not work, it may be necessary to reload the affected linecard. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages DI Messages EM-611 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-d1qnetio-4-DEVCTL_NOT_SUP Unsupported NetIO devctl code ([dec]) received Explanation The 802.1Q NetIO component received an unexpected message. The message has been ignored. This may indicate that there is a version mismatch among the VLAN components. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-d1qnetio-4-TERM_FAILED 802.1Q NetIO termination failed because ’[chars]’ (error: [chars]) Explanation The software forwarding support for IEEE802.1Q VLANs was unable to clean up. Forwarding should not be affected. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. DI Messages Error Message %L2-DI-3-CHANNELCREATE unable to create channel [chars] (Error code [int]) Explanation Process failed to create communication channel and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-CHKPT unable to create checkpoint service. Explanation Process failed to create checkpoint service and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-COMMAND Three command line parameters required: depository_id promid (0/1/2/3) Explanation Process received wrong third command line parameter and hence terminating. Recommended Action ’No action is required.’ Layer 2 Messages DI Messages EM-612 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DI-3-COMMAND3 Third command line parameter is [unsigned long int].It must be 0/1/2/3. Explanation Process received wrong third command line parameter and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-CONNECTION Unable to connect to channel [chars] (Error code [int]) Explanation Process failed to connect to communication channel and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-DESTINSANE Data structure destination organizer [chars] is inconsistent for destination [unsigned long int]. Explanation Process detected inconsistent data structures and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-DESTORG unable to create destination organizer. Explanation Process failed to create destination organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-DIDORG unable to create DID organizer. Explanation Process failed to create DID organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-DLLABSENT Driver DLL [chars] is absent on the platform. Explanation A specific driver DLL is required to run certain hardware detected. Recommended Action ’No action is required.’ Layer 2 Messages DI Messages EM-613 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DI-3-DLLORG unable to create DLL organizer. Explanation Process failed to create DLL organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-DLLSYMMISSING Driver DLL [chars] has missing symbol [chars]. Explanation A specific driver DLL is not correct. Recommended Action ’No action is required.’ Error Message %L2-DI-3-ENTRY One of the drivers unable to init. Explanation Process unable to init one of the drivers and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-ERRORG unable to create error organizer. Explanation Process failed to create error organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-EVE Failed to init event manager event. Explanation Process failed to create event manager event and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-EVELOOP IM notify event manager loop exited (Error no equals [unsigned long int]). Explanation Process terminated event manager loop and hence terminating. Recommended Action ’No action is required.’ Layer 2 Messages DI Messages EM-614 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DI-3-EVEMGR Failed to create event manager. Explanation Process failed to create event manager and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-INCONSISTINSTHASH Data structure Instance Hash is inconsistent for instance id [unsigned long int]. Explanation Process detected inconsistent data structures and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-INCONSISTRSRCHASH Data structure Resource Hash is inconsistent for resource id [unsigned long int]. Explanation Process detected inconsistent data structures and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-INSTHASH unable to create instance hash. Explanation Process failed to create instance hash and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-INSTSTORE unable to create instance persistence store. Explanation Process failed to create instance persistence store and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-INTORG unable to create interrupt organizer. Explanation Process failed to create interrupt organizer and hence terminating. Recommended Action ’No action is required.’ Layer 2 Messages DI Messages EM-615 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DI-3-MAINLINE Unable to create mainline ipc server. Explanation Process unable to create mainline ipc server and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-MUTEXINIT Mutex initialization error [chars] (Error code [int]) Explanation Process failed to initialize a mutex and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-MUTEXLOCKFAIL [chars] operation failed in [chars]; reason [chars] Explanation DI failed to lock the packet mutex. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-DI-3-NETIOEST NetIO failed to connect to driver_infra_partner and exiting.. Explanation The initial set up between two driver processes failed. NetIO exiting. Recommended Action ’No action is required.’ Error Message %L2-DI-3-OUTMEM malloc ([unsigned long int] bytes) from::[chars] failed. Explanation Process failed to allocate run-time memory and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-PEERSTORE unable to create peer persistence store. Explanation Process failed to create peer persistence store and hence terminating. Recommended Action ’No action is required.’ Layer 2 Messages DI Messages EM-616 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DI-3-REGOMISSING No installed software to match Hardware in slot [unsigned long int] (PROMID [unsigned long int]). Explanation Report missing driver registration. Recommended Action ’No action is required.’ Error Message %L2-DI-3-REGOMISSING1 No installed software to match Hardware in I/O slot in route-processor [unsigned long int] (PROMID [unsigned long int]). Explanation Report missing driver registration. Recommended Action ’No action is required.’ Error Message %L2-DI-3-REGOORG unable to create registration organizer. Explanation Process failed to create registration organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-RESIDORG unable to create RESID organizer. Explanation Process failed to create RESID organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-RESOURCEHASH unable to create resource hash. Explanation Process failed to create resource hash and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-SHMWIN failed to reserve the shmwin VM region. Explanation Process failed to reserve the shmwin VM region and hence exiting. Recommended Action ’No action is required.’ Layer 2 Messages DIV2_DM Messages EM-617 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DI-3-STARTCHKPT unable to start checkpoint service. Explanation Process failed to start checkpoint service and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-STARTDESTORG unable to start destination organizer. Explanation Process failed to start destination organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-SYNHORG unable to create synchronizer organizer. Explanation Process failed to create synchronizer organizer and hence terminating. Recommended Action ’No action is required.’ Error Message %L2-DI-3-THREADCREATE Unable to create thread [chars] (Error code [int]) Explanation Process failed to create thread and hence terminating. Recommended Action ’No action is required.’ DIV2_DM Messages Error Message %L2-DIV2_DM-3-INFO driver manager: service degrading error, reason equals [chars] Explanation Driver manager encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages DRIVERS_UTIL Messages EM-618 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DIV2_DM-3-INIT Driver manager: init. error encountered, reason equals [chars] Explanation Driver manager encountered an error and is not able recover frm it. A reason text will be supplied. Call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-DIV2_DM-3-NO_MEM Driver manager: memory allocation error for [dec] bytes Explanation Driver manager encountered a fatal memory allocation error Recommended Action Reduce other system activity (e.g. by killing non-essential processes) to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. DRIVERS_UTIL Messages Error Message %L2-DRIVERS_UTIL-3-TUPLE_READ_ERROR [chars]: Tuple read failed with error [hex] [chars] Explanation An error occured when trying to read the tuple from sysdb. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. DWDM Messages Error Message %L2-DWDM-3-FATAL dwdm: fatal error encountered, reason equals [chars] Explanation dwdm encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages E3EGRESSQ Messages EM-619 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-DWDM-3-FATAL_2 dwdm: fatal error encountered, reason equals [chars], errno equals [dec] Explanation dwdm code encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-DWDM-3-INFO dwdm: service degrading error, reason equals [chars] Explanation The dwdm encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-DWDM-3-NOT_YET_IMPLEMENTED dwdm: this function [chars] is not yet implemented Explanation dwdm, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. E3EGRESSQ Messages Error Message %L2-E3EGRESSQ-3-ERR_MEM_ALLOC Failed to allocate [dec] bytes from [chars] ([chars]) Explanation The process failed to allocate memory. Most likely, all system memory has been allocated already. Recommended Action Verify that the card has at least the minimum supported memory configuration. Use the ’show memory’ and ’show processes memory location’ commands to identify what processes use the memory. If memory usage for a process seems abnormal, restarting the process using the command ’process restart’ could be a workaround. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages E3EGRESSQ Messages EM-620 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-E3EGRESSQ-3-ERR_THREAD_MUTEX_LOCK Failed to lock mutex Explanation The process failed to obtain a software mutex lock. Software mutex are used to protect certain operations from being executed simultaneously by concurrent processes. This indicates a software error which could lead to data corruption and loss of traffic. Recommended Action Reload the linecard. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3EGRESSQ-3-ERR_THREAD_MUTEX_UNLOCK Failed to unlock mutex Explanation The process failed to obtain a software mutex unlock. Software mutex are used to protect certain operations from being executed simultaneously by concurrent processes. This indicates a software error which could lead to data corruption and loss of traffic. Recommended Action Reload the linecard. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3EGRESSQ-3-MEM_MAP [chars] (size [hex] addr [hex]) - [chars] Explanation The process could not map the egress asic SDRAM into its memory space. Recommended Action Reload the linecard. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3EGRESSQ-3-RECONFIG [chars]: error [hex] Explanation The egress queueing asic was reset, but could not be reconfigured. This may result in partial or complete loss of functionality of the asic. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages E3EGRESSQ Messages EM-621 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-E3EGRESSQ-4-ERR_MEM_ALLOC_SHMWIN Failed to open shared memory window [chars] ([chars]) Explanation The process failed to open the specified shared memory window. This problem can be caused by a lack of system memory. Recommended Action Verify that the card has at least the minimum supported memory configuration. Use the ’show memory’ and ’show processes memory location’ commands to identify what processes use the memory. If memory usage for a process seems abnormal, restarting the process using the command ’process restart’ could be a workaround. Error Message %L2-E3EGRESSQ-4-ERR_MEM_FREE Failed to free [chars] ([chars]) Explanation The process failed to free memory. This is likely a symptom of software corruption. The system may be in an unstable condition. The software failed to free memory, and this can eventually lead to an out-of-memory condition. Recommended Action Reload the linecard. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3EGRESSQ-4-ERR_MEM_MQS_COUNTER_THR_EXCEEDED MQS counter utilization [dec] exceeds the high threshold of [dec] Explanation The multicast counter utilization has exceeded the high threshold. This may impact the delay and/or jitter of multciast traffic egressing out of this line card. The maximum counters available are 2048. Recommended Action Reduce the multicast traffic rate sent to this line card. Error Message %L2-E3EGRESSQ-4-ERR_MUTEX_INIT Failed to [chars] ([chars]) Explanation The process failed to initialize a software mutex. Software mutex are used to protect certain operations from being executed simultaneously by concurrent processes. This indicates a software error which could lead to eventual data corruption and loss of traffic. Recommended Action Reload the linecard. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages E3EGRESSQ Messages EM-622 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-E3EGRESSQ-4-ERR_MUTEX_REVIVE Failed to register for mutex revival ([chars]) Explanation The process failed to register for mutex revival. In the event of a software error where another process would crash while holding a shared mutex, this process would not self-recover. This warning does not cause any degradation in the router operation. The warning simply means that a particular error recovery mechanism will not be effective. Recommended Action Reload the linecard. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3EGRESSQ-4-ERR_PLATFORM_INFO Failed to obtain platform info for [chars] ([chars]) Explanation The process failed to obtain information on the specified shared memory window. This will prevent proper initialization and operation multicast feature. This indicates a software error condition. Recommended Action Reload the linecard. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3EGRESSQ-4-INTERRUPT [chars]: reg [hex] Explanation The E3EGRESSQ asic experienced an interrupt, and will be reset. After reset, normal operation should resume. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3EGRESSQ-6-ERR_MEM_MQS_COUNTER_THR_NORMAL MQS counter utilization [dec] within the low threshold of [dec] Explanation The multicast counter utilization has eased off to below the low threshold. Recommended Action No action required.Layer 2 Messages E3INGRESSQ Messages EM-623 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 E3INGRESSQ Messages Error Message %L2-E3INGRESSQ-3-RECONFIG [chars]: error [hex] Explanation The ingress queueing asic was reset, but could not be reconfigured. This may result in partial or complete loss of functionality of the asic. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E3INGRESSQ-4-INTERRUPT [chars]: reg [hex] Explanation The E3INGRESSQ asic experienced an interrupt, and will be reset. After reset, normal operation should resume. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. E5EGRESSQ Messages Error Message %L2-E5EGRESSQ-3-RECONFIG [chars]: error [hex] Explanation The egress queueing asic was reset, but could not be reconfigured. This may result in partial or complete loss of functionality of the asic. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E5EGRESSQ-4-ERR_MEM_MQS_COUNTER_THR_EXCEEDED MQS counter utilization [dec] exceeds the high threshold of [dec] Explanation The multicast counter utilization has exceeded the high threshold. This may impact the delay and/or jitter of multciast traffic egressing out of this line card. The maximum counters available are 16384. Recommended Action Reduce the multicast traffic rate sent to this line card. Layer 2 Messages E5INGRESSQ Messages EM-624 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-E5EGRESSQ-4-ERROR [chars]: error [hex] Explanation The e5 egress queue driver encountered an internal error. The router may/may not continue to function normally. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E5EGRESSQ-4-INTERRUPT [chars]: reg [hex] Explanation The E5EGRESSQ asic experienced an interrupt, and will be reset. After reset, normal operation should resume. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-E5EGRESSQ-6-ERR_MEM_MQS_COUNTER_THR_NORMAL MQS counter utilization [dec] within the low threshold of [dec] Explanation The multicast counter utilization has eased off to below the low threshold. Recommended Action No action required. E5INGRESSQ Messages Error Message %L2-E5INGRESSQ-3-RECONFIG [chars]: error [hex] Explanation The ingress queueing asic was reset, but could not be reconfigured. This may result in partial or complete loss of functionality of the asic. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EGRESSQ_HW_DLL Messages EM-625 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-E5INGRESSQ-4-INTERRUPT [chars]: reg [hex] Explanation The E5INGRESSQ asic experienced an interrupt, and will be reset. After reset, normal operation should resume. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EGRESSQ_HW_DLL Messages Error Message %L2-EGRESSQ_HW_DLL-3-ENQ_PKT_LOGIC_ERROR Sharq ENQ packet logic error occurred, shq_enq_reg_debug_mux [hex] Explanation Egress Queue Manager encountered a ENQ packet logic error. Possible cause for this error condition is a faulty hardware. Recommended Action No action is required. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-3-ERR_MEM_ALLOC Failed to allocate memory for [chars] Explanation System failed to allocate memory. It’s likely that the system is running low on memory. Following are some reasons: 1) Failed to allocate memory for Egressq client add. 2) Failed to allocate memory for Egressq mapping table. 3) Failed to allocate memory for Queue leaky bucket limit table Memory. 4) Failed to allocate memory for Queue leaky bucket limit table memory. 5) Failed to allocate memory for Group leaky bucket limit table memory. 6) Failed to allocate memory for Group leaky bucket limit table memory. 7) Failed to allocate memory for Port leaky bucket limit table memory. 8) Failed to allocate memory for PLIM Asic back pressure table memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-EGRESSQ_HW_DLL-3-FAIL_TO_GET_BP_MAP_FROM_PLIM_AISC Failed to get backpressure map from Plim ASIC [dec]. reason [chars] Explanation Sharq driver invoke Plim ASIC dll to retrieve the per port backpressure map but failed. Recommended Action Please check Plim ASIC and related driver process status, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EGRESSQ_HW_DLL Messages EM-626 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EGRESSQ_HW_DLL-3-FCRAM_BIST_FAILURE FCRAM BIST failed, channel: [dec], count: [dec], error_addr: [hex] Explanation Egress Queue Manager encountered a FCRAM BIST failure error. Possible cause for this error condition is a faulty hardware. Recommended Action No action is required. Process will be automatically restarted. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-3-FORWARD_PACKET_TO_UNALLOCATED_QUEUE Forward packets sent to unallocated egress queue [dec]. (queue size [dec] bytes) Explanation Egressq driver detected that packets were sent to an Egressq queue which is unallocated. These packets will not be serviced and will remain in the queue until this queue is allocated and becomes active, or asic reset or linecard reload. Recommended Action If this message appears more than once in response to the specific action taken or if the message indicates a large number of bytes (more than 10MB) in an unallocated queue(s), Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-3-HW_ERROR [chars] Explanation Egress Queue Manager encountered a HW error. This is a severe error and ASIC will be reset by the driver. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-3-NON_ZERO_Q0_COUNTER EgressQ detected packets sent to Illegal queue (counter value [hex]) Explanation Egressq driver detected that packets are sent to Q0, which is invalid queue. Recommended Action If this message appears more than once in short period, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EGRESSQ_HW_DLL Messages EM-627 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EGRESSQ_HW_DLL-3-QUEUE_STUCK EgressQ Stuck condition detected (PLIM link [dec], Port [dec], Group [dec], Queue [dec]) Explanation Egressq driver detects the queue stuck condition (CSCsj48554). There is no packet output from one or more of the PLIM links and the queue length for related queue(s) is building up. Recommended Action By default, driver will perform the asic soft reset after detecting queue stuck condition. If this message appears more than once in short period, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-3-SBE_THRESHOLD_EXCEED Single Bit Error rate exceeded configured high threshold value: [chars] Explanation Egressq SBE rate has exceeded the configured high threshold value. This is a self healing error condition. Recommended Action No action is required. It is a self healing error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-3-UNALLOCATED_QUEUE_NOT_EMPTY Packets sent to unallocated egress queue [dec]. (queue size [dec] bytes) Explanation Egressq driver detected that packets were sent to an Egressq queue which is unallocated. These packets will not be serviced and will remain in the queue until this queue is allocated and becomes active. This situation should normally not happen, but may possibly happen during transient conditions when egress queue information is being updated (for e.g. on SPA OIR). During this brief time period, one or few packets may be sent to an incorrect queue. Recommended Action If this message appears more than once in response to the specific action taken or if the message indicates a large number of bytes (more than 10MB) in an unallocated queue(s), Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-7-ERR_EVM_FAIL EVM error : [chars] reason : [chars] Explanation An internal error was detected when trying to create EVM connection. It can fail during following scenarios: 1) EDM registration/connect/notify. 2) BAG’s rule registration failed. Recommended Action No action is required. The process retries automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EGRESSQ Messages EM-628 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EGRESSQ_HW_DLL-7-ERR_INTERNAL Internal error : [chars] reason : [chars] Explanation An internal error was detected. There are several scenarios which can cause this error condition. Error message describes the cause. Some of these error conditions are serious and result in driver process restart, e.g. ASIC Init/remap, enable/disable failure. Following are some of the reasons for this internal error: 1) Obsolete API usage, it can be caused due to uncompatible component installed in the system. 2) Interface creation failed due to egressq port creation failure. 3) Can’t map Interface handle to egressq port, it could be because of: a) Invalid interface handle passed. b) Internal interface to port mapping table is corrupted. 4) Egressq ASIC reinitialization failed, this is an irrecoverable situation, and Egressq driver will be restarted. 5) Egressq Group/Queue creation/ deletion failed. 6) ASIC enable /disable failed. Recommended Action No action is required. The process will automatically retry. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ_HW_DLL-7-ERR_LWM_FAIL LWM message send failed: [chars] reason: [chars] Explanation An internal error was detected when trying to send a LWM message. There are several scenarios which can cause this error condition. Error message describes the exact cause. Recommended Action No action is required. The process retries automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EGRESSQ Messages Error Message %L2-EGRESSQ-3-ERR_MEM_ALLOC Failed to allocate memory for [chars] Explanation System failed to allocate memory. It’s likely that the system is running low on memory. Following are some reasons: 1) Failed to allocate memory for Egressq client add. 2) Failed to allocate memory for Egressq mapping table. 3) Failed to allocate memory for Queue leaky bucket limit table Memory. 4) Failed to allocate memory for Queue leaky bucket limit table memory. 5) Failed to allocate memory for Group leaky bucket limit table memory. 6) Failed to allocate memory for Group leaky bucket limit table memory. 7) Failed to allocate memory for Port leaky bucket limit table memory. 8) Failed to allocate memory for PLIM Asic back pressure table memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages EGRESSQ Messages EM-629 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EGRESSQ-3-ERR_MEM_ALLOC Failed to allocate memory for [chars] Explanation System failed to allocate memory. It’s likely that the system is running low on memory. Following are some reasons: 1) Failed to allocate memory for Egressq client add. 2) Failed to allocate memory for Egressq mapping table. 3) Failed to allocate memory for Queue leaky bucket limit table Memory. 4) Failed to allocate memory for Queue leaky bucket limit table memory. 5) Failed to allocate memory for Group leaky bucket limit table memory. 6) Failed to allocate memory for Group leaky bucket limit table memory. 7) Failed to allocate memory for Port leaky bucket limit table memory. 8) Failed to allocate memory for PLIM Asic back pressure table memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-EGRESSQ-3-FCRAM_BIST_FAILURE FCRAM BIST failed, channel: [dec], count: [dec], error_addr: [hex] Explanation Egress Queue Manager encountered a FCRAM BIST failure error. Possible cause for this error condition is a faulty hardware. Recommended Action No action is required. Process will be automatically restarted. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-3-HW_ERROR [chars] Explanation Egress Queue Manager encountered a HW error. This is a severe error and ASIC will be reset by the driver. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-3-SBE_THRESHOLD_EXCEED Single Bit Error rate exceeded configured high threshold value: [chars] Explanation Egressq SBE rate has exceeded the configured high threshold value. This is a self healing error condition. Recommended Action No action is required. It is a self healing error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EGRESSQ Messages EM-630 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EGRESSQ-3-UNALLOCATED_QUEUE_NOT_EMPTY Packets sent to unallocated egress queue [dec]. (queue size [dec] bytes) Explanation Egressq driver detected that packets were sent to an Egressq queue which is unallocated. These packets will not be serviced and will remain in the queue until this queue is allocated and becomes active. This situation should normally not happen, but may possibly happen during transient conditions when egress queue information is being updated (for e.g. on SPA OIR). During this brief time period, one or few packets may be sent to an incorrect queue. Recommended Action If this message appears more than once in response to the specific action taken or if the message indicates a large number of bytes (more than 10MB) in an unallocated queue(s), Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-7-ERR_CLIENT_REG Client registration failed: [chars] reason: [chars] Explanation An internal error was detected while clients are registering to Egressq process. Recommended Action No action is required. Clients will automatically retry to connect to Egressq. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-7-ERR_CLIENT_REG Client registration failed: [chars] reason: [chars] Explanation An internal error was detected while clients are registering to Egressq process. Recommended Action No action is required. Clients will automatically retry to connect to Egressq. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-7-ERR_EVM_FAIL EVM error : [chars] reason : [chars] Explanation An internal error was detected when trying to create EVM connection. It can fail during following scenarios: 1) EDM registration/connect/notify. 2) BAG’s rule registration failed. Recommended Action No action is required. The process retries automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EGRESSQ Messages EM-631 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EGRESSQ-7-ERR_EVM_FAIL EVM error : [chars] reason : [chars] Explanation An internal error was detected when trying to create EVM connection. It can fail during following scenarios: 1) EDM registration/connect/notify. 2) BAG’s rule registration failed. Recommended Action No action is required. The process retries automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-7-ERR_INTERNAL Internal error : [chars] reason : [chars] Explanation An internal error was detected. There are several scenarios which can cause this error condition. Error message describes the cause. Some of these error conditions are serious and result in driver process restart, e.g. ASIC Init/remap, enable/disable failure. Following are some of the reasons for this internal error: 1) Obsolete API usage, it can be caused due to uncompatible component installed in the system. 2) Interface creation failed due to egressq port creation failure. 3) Can’t map Interface handle to egressq port, it could be because of: a) Invalid interface handle passed. b) Internal interface to port mapping table is corrupted. 4) Egressq ASIC reinitialization failed, this is an irrecoverable situation, and Egressq driver will be restarted. 5) Egressq Group/Queue creation/ deletion failed. 6) ASIC enable /disable failed. Recommended Action No action is required. The process will automatically retry. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-7-ERR_INTERNAL Internal error : [chars] reason : [chars] Explanation An internal error was detected. There are several scenarios which can cause this error condition. Error message describes the cause. Some of these error conditions are serious and result in driver process restart, e.g. ASIC Init/remap, enable/disable failure. Following are some of the reasons for this internal error: 1) Obsolete API usage, it can be caused due to uncompatible component installed in the system. 2) Interface creation failed due to egressq port creation failure. 3) Can’t map Interface handle to egressq port, it could be because of: a) Invalid interface handle passed. b) Internal interface to port mapping table is corrupted. 4) Egressq ASIC reinitialization failed, this is an irrecoverable situation, and Egressq driver will be restarted. 5) Egressq Group/Queue creation/ deletion failed. 6) ASIC enable /disable failed. Recommended Action No action is required. The process will automatically retry. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO_COMMON Messages EM-632 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EGRESSQ-7-ERR_LWM_FAIL LWM message send failed: [chars] reason: [chars] Explanation An internal error was detected when trying to send a LWM message. There are several scenarios which can cause this error condition. Error message describes the exact cause. Recommended Action No action is required. The process retries automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EGRESSQ-7-ERR_LWM_FAIL LWM message send failed: [chars] reason: [chars] Explanation An internal error was detected when trying to send a LWM message. There are several scenarios which can cause this error condition. Error message describes the exact cause. Recommended Action No action is required. The process retries automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ELO_COMMON Messages Error Message %L2-ELO_COMMON-3-SYSMGR_FAIL Unable to signal that process is exiting: [chars] Explanation The process has failed to inform System Manager that it is shutting down. The process will exit anyway, but it is possible that any configuration entered will not cause SysMgr to restart the process. In this case, a timeout will occur when committing configuration, and the config will fail to apply. Recommended Action If configuration fails to apply, recommitting it should correct the issue. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO_COMMON-4-EVM_CLEANUP_FAILED Failed to cleanup Event Manager: [chars] Explanation Whilst exiting, an error was encountered cleaning up the Event Manager. This process will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-633 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO_COMMON-4-PROC_READY_FAILED Unable to signal process ready: [chars] Explanation The process failed to inform System Manager that it is ready, and will be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO_COMMON-4-VERIFY_CLEANUP_FAILED Failed to cleanup common verification module: [chars] Explanation Whilst exiting, an error was encountered cleaning up a common module. The process will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO_COMMON-4-VERIFY_INIT_FAILED Failed to initialize common verification module: [chars] Explanation The process has failed to initialize a module, and will be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ELO Messages Error Message %L2-ELO-3-BAD_CONFIG Invalid configuration values applied: [chars] Explanation Invalid configuration has been incorrectly applied. This can potentially indicate a recent change in acceptable configuration values, or an internal fault. Recommended Action Check that all configuration is within the acceptable ranges for the current version of the software and the installed hardware. If the error persists, and all values are within range, copy and save this message, and call your technical support representative for assistance. Layer 2 Messages ELO Messages EM-634 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-3-COULD_NOT_GET_NODEID Ethernet Link OAM Daemon failed to determine the node it is running on: [chars] Explanation The Ethernet Link OAM Daemon failed to determine the ID of the node on which it is running. It will exit, and should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-COULD_NOT_REMOVE_CAPS Failed to remove PFI caps from interface ’CH[hex]’: [chars] Explanation The Ethernet Link OAM Daemon failed to clean up a caps entry in PFI for the named interface. This error is not fatal in itself, although it may prevent OAM from being re-enabled on the given interface until the problem is resolved. Recommended Action Read the error message, and attempt to resolve any issue that may have caused it. Restarting the Ethernet Link OAM Daemon will then allow it to resynchronise with PFI and cleanup the dangling caps. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-DAEMON_INIT_FAILED Ethernet Link OAM Daemon failed to initialize: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize correctly, and will now exit. It should be restarted by SysMgr. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-DEBUG_INIT_FAILED Ethernet Link OAM failed to initialize debug library: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize its debug, and will now exit. It should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-635 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-3-EDM_INIT_FAILED Ethernet Link OAM Daemon failed to initialize EDM module: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize its Data Manager module, and will now exit. It should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-ERRDIS_FAILED CH[hex]: failed to Error-Disable the port: [chars] Explanation The port should have been Error Disabled, but an unexpected error has prevented it from being shut down. The port is still up, and will not be disabled. Recommended Action Shutdown the port manually if it is still desirable to bring it down. Otherwise, no action is required. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-EXITING Ethernet Link OAM Daemon failed to process events: [chars] Explanation The Ethernet Link OAM Daemon failed to process an event, and will now exit. It should be restarted by SysMgr, allowing it to resynchronise its internal state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-IDB_INIT_FAILED Ethernet Link OAM failed to initialize interface database: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize its interface database, and will now exit. It should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-636 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-3-IW_INIT_FAILED Ethernet Link OAM Daemon failed to initialize inter-working module: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize its inter-working module and will now exit. It should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-LOOPBACK_SET_FAILED [chars]: Failed to change Loopback state in the platform: [chars] Explanation An attempt to change the Loopback state of an interface failed. This will either be in response to a local command to change the remote peer’s Loopback state, or a command on the remote peer to put this interface in slave loopback mode. Recommended Action Retry the Loopback operation. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-PFI_CLEANUP_FAILED_NOMEM Failed to allocate sufficient memory to clean up OAM data from interfaces within PFI Explanation Insuffient memory is available to perform a clean up operation. PFI data structures have not been correctly cleaned up. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Once this is done, restart the Ethernet Link OAM daemon in order to force a resynchronisation, which will clean up the dangling data structures. Error Message %L2-ELO-3-PFI_INIT_FAILED Ethernet Link OAM Daemon failed to initialize PFI module: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize its PFI module, and will now exit. It should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-637 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-3-PLATFORM_INIT_FAILED Ethernet Link OAM Daemon failed to initialize platform library: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize its platform library, and will now exit. It should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-3-PROTO_INIT_FAILED Ethernet Link OAM Daemon failed to initialize Protocol module: [chars] Explanation The Ethernet Link OAM Daemon failed to initialize its Protocol module, and will now exit. It should be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-CHKPT_SAVE_FAILED CH[hex]: failed to save checkpoint entry: [chars] Explanation The Ethernet Link OAM Daemon failed to save the checkpoint entry for the given interface. Although this error is not immediately fatal, information will be lost if the process restarts before successfully saving its checkpoint data. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-DEBUG_CLEANUP_FAILED Ethernet Link OAM Daemon failed to cleanup debug module: [chars] Explanation The Ethernet Link OAM Daemon failed to cleanup its debugging module. It will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-638 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-4-EDM_CLEANUP_FAILED Ethernet Link OAM Daemon failed to cleanup EDM module: [chars] Explanation The Ethernet Link OAM Daemon failed to cleanup its Data Manager module. It will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-IDB_CLEANUP_FAILED Ethernet Link OAM Daemon failed to cleanup interface database: [chars] Explanation The Ethernet Link OAM Daemon failed to cleanup its interface database. It will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-INVALID_PLATFORM_EVENT_IFH Platform event triggered on interface ’CH[hex]’ for which OAM is not configured Explanation The platform has triggered an event for an interface that has not been configured for Ethernet Link OAM. This indicates a bug in the software. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-INVALID_PLATFORM_EVENT_TYPE An unknown event of type ’[hex]’ has been triggered by the platform Explanation The platform has triggered an event that is not recognized. This is most likely due to a bug in the platform layers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-639 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-4-IW_CLEANUP_FAILED Ethernet Link OAM Daemon failed to cleanup inter-working module: [chars] Explanation The Ethernet Link OAM Daemon failed to cleanup its inter-working module. It will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-LOOPBACK_FAILED Etherenet Link OAM Daemon has failed to initiate loopback mode with a remote peer Explanation The Ethernet Link OAM Damon has failed to initiate loopback mode. Loopback mode is unavailable until the issue is resolved. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-NOT_IN_LOOPBACK [chars]: Unable to exit Slave Loopback mode as requested, because we’re not currently in loopback mode Explanation A requset has been made by the remote peer to stop Slave loopback mode. However, we are not currently in Slave loopback mode. This indicates that the remote peer is out of sync with our current state. Recommended Action Start slave Loopback mode before attempting to stop it. Error Message %L2-ELO-4-PFI_ERROR CH[hex]: [chars] notification received from PFI, but interface does not have OAM configured Explanation Unexpected updates have been received by the Ethernet Link OAM Daemon regarding interfaces on which OAM is not configured. This indicates that a resync is required between the OAM process and PFI. Recommended Action Restart the Ethernet Link OAM Daemon on the affected node. This will force a resync of the state with PFI. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-640 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-4-PFI_MODULE_CLEANUP_FAILED Ethernet Link OAM Daemon failed to cleanup PFI module: [chars] Explanation The Ethernet Link OAM Daemon failed to cleanup its PFI module. It will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-PLATFORM_CLEANUP_FAILED Ethernet Link OAM Daemon failed to cleanup platform module: [chars] Explanation The Ethernet Link OAM Daemon failed to cleanup its platform module. It will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-PROTO_CLEANUP_FAILED Ethernet Link OAM Daemon failed to cleanup Protocol module: [chars] Explanation The Ethernet Link OAM Daemon failed to cleanup its protocol module. It will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-4-SEND_FAILED [chars]: Failed to send a [chars] message: [chars] Explanation Failed to send a message out of the given interface. The message has been lost, and will not be delievered to the remote peer. Recommended Action Resynchonrisation mechanisms should ensure subsequent messages are correctly sent. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ELO Messages EM-641 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-4-SEND_HEARTBEAT [chars]: failed to send heartbeat Information OAMPDU: [chars] Explanation The Ethernet Link OAM Daemon was unable to send a heartbeat Information OAMPDU on the specified interface. If this happens repeatedly, then the OAM session will time out. Recommended Action The problem should correct itself, and the next heartbeat message should send successfully. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-6-CPU_STARVED Ethernet Link OAM Daemon has been starved of CPU for [unsigned long long int] ms Explanation The Ethernet Link OAM Daemon has been starved of CPU time. As a result, it will not have been able to send out periodic heartbeats regularly, causing OAM sessions to potentially drop. The problem is likely due to unusually high load on the system. Recommended Action Identify any potential high CPU users, and reduce their impact. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELO-6-INTF_CAPABILITIES_CONFLICT [chars]: Configuration conflict Explanation Discovery mode cannot complete due to a conflict in the required configuration of the remote peer. Recommended Action Ensure that the configuration requirements on this interface match the configuration of the remote OAM peer. Error Message %L2-ELO-6-INTF_DISCOVERY_TIMEOUT [chars]: OAM discovery failed to complete in the specified time Explanation Discovery mode has been ongoing for the configured timeout, but no suitable response has been received from the remote peer. Recommended Action Ensure the remote OAM peer is correctly configured and that the link is up. Error Message %L2-ELO-6-INTF_REMOTE_CRITICAL_EVENT [chars]: Remote critical event detected Explanation The remote peer has indicated a critical event. Recommended Action No specific IOS-XR action needs to be performed. Layer 2 Messages ELO Messages EM-642 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-6-INTF_REMOTE_DYING_GASP [chars]: Remote dying gasp detected, with reason: [chars] Explanation The remote peer has indicated a dying gasp. This means that the remote peer is coming down. Recommended Action Restart the remote peer. Error Message %L2-ELO-6-INTF_REMOTE_LINK_FAULT [chars]: Remote link fault detected Explanation The remote peer has indicated that a link fault has occurred. This indicates a uni-directional link. Recommended Action Check the wiring between the two interfaces. Error Message %L2-ELO-6-INTF_REMOTE_LOOPBACK [chars]: OAM [chars] loopback has been [chars] on the interface Explanation The OAM session has either entered or exited local or remote loopback. If loopback has been entered then traffic flow will be disrupted until it is exited at which point normal functionality will resume. Recommended Action None. This is an informational message. Error Message %L2-ELO-6-INTF_SESSION_DOWN [chars]: OAM session has gone down Explanation The OAM session has ended. Either it has been deconfigured, or no response has been received from the OAM peer in the configured time interval. Recommended Action Check that the remote peer is correctly configured still. If it is, then a large number of packets may be being dropped on the link. Error Message %L2-ELO-6-INTF_SESSION_UP [chars]: OAM session has come up Explanation The OAM session has been fully established, and regular heartbeat messages are being sent and received. Recommended Action None. This is an informational message. Layer 2 Messages ELO Messages EM-643 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-6-INTF_THRESHOLD_BREACHED [chars]: Threshold breached Explanation A threshold has been breached in the local hardware. This is an indication of a deteriorating link. Recommended Action No specific IOS-XR action needs to be performed. Error Message %L2-ELO-6-LOOPBACK_CANCEL [chars]: Cancelling loopback mode as our MAC is lower than the remote MAC Explanation An attempt has been made to start loopback mode from both peers simultaneously. As per the IEEE 802.3 OAM specification, this OAM client has cancelled the request as the local MAC address is lower than the remote MAC address. Recommended Action Retry the Loopback operation from this peer once the remote loopback session on the remote peer has been terminated. Error Message %L2-ELO-6-MISCONFIGURED_INTERFACE The profile configuration from profile ’[chars]’ cannot be applied as the platform does not support all the configured values: [chars] Explanation A profile can be configured that has configuration parameters outside the acceptable range for all interfaces on the router. If that profile is later attached to an interface for which all its values are not supported, this message is generated. The interface will use the default values for any parameter that is out of range. Recommended Action Nothing need be done if the default values are acceptable for the invalid parameters. Otherwise, modify the profile to contain only values that are in range for the interfaces to which it is attached, or use an alternate profile for this interface. Error Message %L2-ELO-6-MISWIRED [chars]: Mis-wiring detected Explanation The Mis-Wiring Detection feature of Ethernet Link OAM has detected a mis-wiring situation. Mis-wiring occurs when the TX wire of an interface is not connected to the same remote interface as the RX wire. Recommended Action Check the wiring of the specified interface. By setting the mis-wiring action to ’log’, and using the packet debugging facility of Ethernet Link OAM (’debug ethernet oam packets’), the MAC addresses of the source of packets can be used to identify where the links are. Layer 2 Messages ELO Messages EM-644 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-6-NO_PROFILE Profile ’[chars]’ is not configured, but has been attached to an interface Explanation A profile has been attached to an interface. However, that profile has not yet been configured. Until the named profile is created, the interface will use the default profile configuration. Recommended Action Create the specified profile, or remove the configuration associating the profile with the interface. Error Message %L2-ELO-6-REMOTE_MASTER_LEFT_LOOPBACK [chars]: Local client in Slave Loopback, and remote Master has abruptly left Loopback mode. Exiting Slave loopback locally Explanation While running the link in OAM Loopback mode, with the local peer as the Slave, the Master peer abruptly ended Loopback mode without first informing this peer to end it. This may indicate a problem with the remote peer. Recommended Action No corrective action is required. This peer has exited Loopback mode also, and the link is now back to normal operational status. Error Message %L2-ELO-6-REMOTE_SLAVE_LEFT_LOOPBACK [chars]: Remote client has abruptly left Slave loopback mode. Exiting loopback state Explanation While running the link in OAM Loopback mode, with the local peer as the Master, the Slave peer abruptly ended Loopback mode without being told to do so by this peer. This may indicate a problem with the remote peer. Recommended Action No corrective action is required. This peer has exited Loopback mode also, and the link is now back to normal operational status. Error Message %L2-ELO-6-UNEXPECTED_LOOPBACK_STATE [chars]: An unexpected multiplexer and parser state have been received from the remote peer. Explanation While running the link in OAM Loopback mode the local peer received an unexpected multiplexer and parser state combination from the remote peer. This may indicate a problem with the remote peer. Recommended Action No corrective action is required. This peer has exited Loopback mode also, and the link is now back to normal operational status. Layer 2 Messages ELOGM Messages EM-645 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELO-6-UNEXPECTED_STATE A variable response from the remote peer contained invalid state. Explanation Whilst parsing a variable response packet an invalid state was found. This could be an indication of a faulty implementation on remote peer. Recommended Action No specific IOS-XR action needs to be performed. ELOGM Messages Error Message %L2-ELOGM-4-DEBUG_CLEANUP_FAILED Ethernet Link OAM Global Manager failed to cleanup debug: [chars] Explanation Whilst exiting, the Global Manager failed to cleanup the debug module. The process will exit anyway, and no further errors should be seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELOGM-4-DEBUG_INIT_FAILED Ethernet Link OAM Global Manager failed to initialize debug: [chars] Explanation During initialization, the Global Manager failed to initialize the debug module and will now exit. It should be restarted by System Manager and resynchronize it’s internal state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ELOGM-4-EXITING Ethernet Link OAM Global Manager failed to process events: [chars] Explanation The process failed to process incoming events, and will exit. It should be restarted by System Manager and resynchronize its internal state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EMA Messages EM-646 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ELOGM-4-INIT_FAILED Ethernet Link OAM Global Manager failed to initialize: [chars] Explanation During initialization, an unexpected error was encountered. The process will exit and be restarted by System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EMA Messages Error Message %L2-EMA-4-ERR_ACTIVATE Failure during activation of [chars]. Error: [chars] Explanation A failure occurred during the activation of the process. Activation occurs when the card transitions to ACTIVE state. This error resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EMA-4-ERR_EVM_EVENT_BLOCK Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process has exited and restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EMA-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages EPI Messages EM-647 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EMA-4-ERR_SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action Check on the status of the sysmgr process on the node from which the error was reported. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EPI Messages Error Message %L2-EPI-3-ATTR_NOTIFY_FAILED Failed to notify a client of a change to interface attributes - out of memory Explanation The EPI library was unable to notify a client of a change to some interface attributes because it was unable to allocate memory. This may result in the client of the EPI library attempting to send invalid packets. Recommended Action This message will be seen as a result of a configuration change if the system is low on memory. Attempt to free up some memory and reapply the configuration change that caused this message to be displayed. If the problem persists, try restarting the process using this library. If this does not help, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EPI-3-INIT_FAILED Failed to initialize, [chars] failed [unsigned int]: [chars] Explanation An error was encountered while the EPI library was initializing. The error message contains details about the source of the error. Recommended Action The process will exit and will be restarted. If the problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ETH_OUTPUT Messages EM-648 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-EPI-3-PAK_FREE_FAILED Failed to free packet buffer: [chars] Explanation An error was encountered while the EPI library was attempting to free a packet buffer. The error message contains details about the source of the error. Recommended Action This message should be harmless, but it is possible that there is an inconsistency that may lead to a memory leak. If the problem persists, try restarting the process. If this does not help, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-EPI-3-PKT_OVERFLOW The maximum number of packets being stored for interface: CH[hex] has been exceeded Explanation The EPI library has been asked to create a packet for an interface which already has the maximum number of supported packets in storage. EPI has created the packet, but may have difficulty updating packets on this interface in future. Recommended Action This message is likely to indicate an internal error in the process that means it is not freeing its old packet information correctly. If the process is not restarted then a future configuration change for the interface in question may not be reflected in the generated packets. Try restarting the process and, if the problem persists, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ETH_OUTPUT Messages Error Message %L2-ETH_OUTPUT-3-ERR_NO_MEM Out of memory (failed attempt to reserve [unsigned int] bytes) Explanation The Ethernet Output process was not able to allocate the memory that it needed to complete the operation. Ethernet Output process client functionality on the affected node may be reduced until the problem is resolved. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Layer 2 Messages ETHER_NETIO Messages EM-649 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ETHER_NETIO Messages Error Message %L2-ETHER_NETIO-4-DEBUG_REG Debug registration failed: [chars] Explanation It was not possible for the Ethernet slow path support to initialize its debugging support. Some of the output from debug ether-netio output may be incomplete. Recommended Action No action is required. ether_spa_intr Messages Error Message %L2-ether_spa_intr-1-MAX_BURST_EVENT A Maximum burst of [chars] has occurred for [dec]/[dec]/[dec] [chars] Explanation A maximum burst of interrupts have occurred on the interface/ SPA. The interrupt in question has been permanently disabled. Manual intervention required to re-enable the interrupt. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ether_spa_intr-6-BURST_EVENT Burst of [chars] occurred for [dec]/[dec]/[dec]. No Manual intervention required Explanation A burst of interrupts have occurred and the interrupt manager has throttled the interrupt. It will be re-enabled automatically after the pause timer expires and no further intervention is required. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages ether_spa_mac_error Messages EM-650 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ether_spa_mac_error Messages Error Message %L2-ether_spa_mac_error-1-RECOVERY_FAILED A Maximum MAC Error recovery retries has occurred for [dec]/[dec]/[dec]. PORT DISABLED after exceeding maximum retries. LINK force DOWN. Manual intervention required to bring port back into operation. Issue shutdown and no-shutdown on the interface to bring port into operation. Explanation A MAC Frame Corruption occurred on the interface, concern port is in error condition after maximum recovery retries. The concern port has been permanently disabled. Manual intervention required to re-enable the port. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ether_spa_plugin Messages Error Message %L2-ether_spa_plugin-6-ERRORRECOVER A Hardware or Software error occurred. Reason : [chars] Automatic Error recovery initiated. No further intervention required. Explanation An error occurred in one of the devices, recovery would be attempted. If recovery succeeds no further messages would be logged and no intervention would be required. Recommended Action No action is required. Error Message %L2-ether_spa_plugin-6-LINK_EVENT Interface TenGige [dec]/[dec]/[dec], [chars] Explanation This will log the reason for the link to go down Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ether_spa_plugin-6-OPTICS_OIR An Optics is [chars] for bay [dec] and port [dec] Explanation The Optic Interface Module (OIM) for the specified port either has been inserted or removed. Recommended Action No action is required. Layer 2 Messages ETHER Messages EM-651 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ether_spa_plugin-6-UNSUPPORTED_OPTICS [chars] port [dec] security check failed . Disable Explanation An Unsupported Optic Interface Module (OIM) for the specified port has been inserted . Recommended Action No action is required. ETHER Messages Error Message %L2-ETHER-1-CONFIGERROR Ethernet: Invalid configuration, [chars] is not supported by this interface Explanation Invalid configuration Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-1-IMERROR Ethernet: [chars]() line [dec]: interface manager call [chars] failed: [chars] Explanation The call to im failed for some reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-2-DEVCTLFAILED Ethernet: [chars]: devctl failed with code [hex] Explanation A devctl call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-2-OUTOFMEMORY Ethernet: [chars]() line [dec]: out of memory, unable to create [chars] Explanation Card has no more memory available. Recommended Action Verify that the card is not out of memory. Contact your Cisco technical support representative if the problem persists. Layer 2 Messages ETHER Messages EM-652 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ETHER-2-SYSDBREGISTERFAILED Ethernet: Sysdb registration failed ([chars]) Explanation The driver failed to initialize communication with sysdb. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-3-BADASYNCEVENT Ethernet: Unknown asynchronous event [dec] in [chars] Explanation An invalid asynchronous event was received by the driver. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-3-BDL_IIR_OP_FAILED The basecaps failed to process a bundle IIR [chars] message on [chars], error: [chars] Explanation The ethernet driver failed to process a bundle IIR notification message. Further it is not able to propagate the message back to the virtual interface owner, and hence it is possible that the Ether basecaps is out of step with the bundle configuration. Recommended Action Restart the ether_caps_partner process in an attempt to recover, or if this fails, detach and re-attach the physical member interface that the error was reported on by unconfiguring and reconfiguring the bundle member id. Error Message %L2-ETHER-3-DILBFAILED Ethernet: [chars]() line [dec]: failed to [chars]. Explanation A dilb call failed, preventing communication between threads/processes. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-3-DPCFAILED Ethernet: [chars]() line [dec]: DPC call to [chars] failed. Explanation A direct procedure call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ETHER Messages EM-653 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ETHER-3-EDMERROR Ethernet: [chars]() line [dec]: Bad sysdb call for tuple [chars]: [chars] Explanation An edm sysdb call was improperly formed. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-3-INITFAILED Ethernet: [chars]() line [dec]: init failed in function [chars]: [chars] Explanation Basic initialization failed due to problem in a called function. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-3-INVALIDARGSIZE Ethernet: Incompatible structure definition for [chars] in [chars] Explanation A structure passed is the wrong size due most likely to compilation problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-3-INVALIDTIMER Ethernet: [chars](): Invalid timer type [dec] Explanation An invalid timer type was found in an expired timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-3-RESTARTFAILED Ethernet: [chars]() line [dec]: [chars]: [dec] Explanation Restarting the driver failed for some reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log. If the problem persists, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ETHER Messages EM-654 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ETHER-3-TIMERINITFAILED Ethernet: Failure initializing asynchronous timers: [chars]() - [chars] Explanation A failure occured while creating or initializing the timers for the driver. Recommended Action Make sure there is enough memory available. Contact your representative if the problem persists. Error Message %L2-ETHER-3-UNSUPPORTEDSTATS Ethernet: Unsupported stats request [dec] in [chars] Explanation A driver has requested an unsupported stats type. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-4-ERR_EVM_EVENT_BLOCK Failure during receipt of message. Error: [chars] Explanation A failure occurred handling a message arriving at one of the Ethernet capsulation processes. Under normal circumstances the process restarts with no impact to functionality. If this error message is seen repeatedly then Ethernet services may be affected on all Ether type interfaces on the given node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHER-4-INIT Failure during intialisation of [chars] in a Ether basecaps process. Error: [chars] Explanation A failure occurred during the initialisation of one of the Ethernet capsulation processes. Under normal circumstances the process restarts with no impact to functionality. If this error message is seen repeatedly then Ethernet services may be affected on all Ether type interfaces on the given node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages ETHERNET Messages EM-655 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ETHERNET Messages Error Message %L2-ETHERNET-3-INTERFACE_INITIAL Failed to initialize interface [chars], due to error: [chars] Explanation It was not possible to initialize the physical interface due to a driver error or a system error. The interface’s config may not have been restored and the interface will not be usable. Recommended Action Restart the driver process that reported the error. If the error is reported again then reloading the linecard may allow it to recover, but it will impact all traffic on that node. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHERNET-3-MIB_ERROR Unable to fetch requested Etherlike MIB data for interface [hex]: [chars] Explanation An error occured while trying to collect MIB data requested by the SNMP infrastructure. The data for which an error was encountered will not be presented in SNMP ’get’ request results. Recommended Action Such errors are not expected, and probably indicate an out-of-resource condition, or an inconsistency in the system state. Wait for any likely transient root problems to subside, and attempt to repeat the operation. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHERNET-3-MTU_IMPOSE_FAILED Failed to set MTU of [unsigned int] on [chars] Explanation The specified MTU could not be applied on this interface. Recommended Action Choose a more appropriate MTU to configure on the interface considering the MTU requirements of any L3 protocols that are configured on the interface. Error Message %L2-ETHERNET-3-STATE_FSM Port state FSM operation failed [chars] on [chars], due to error: [chars] Explanation An operational error occured when handling a port state event in the port state machine, and the internal state may be left in an inconsistent state without user intervention. Recommended Action ’shutdown’ and ’no shutdown’ the affected interface, this should allow the state machine to recover its operational state. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages ETHERNET Messages EM-656 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ETHERNET-3-TX_DISABLE Interface [chars], link [chars]forced down due to remote signalling Explanation L2VPN Mgr has signalled at the remote AC has changed state. Due to this the local interface has been enabled/disabled in the TX direction if supported, or enabled/disabled in both directions otherwise. Recommended Action If the remote AC has changed state then this message is expected. If the remote AC hasn’t changed state and this condition isn’t expected then this may indicate a problem, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHERNET-4-BDL_IIR_OP_FAILED The driver failed to process a bundle IIR [chars] message on [chars], error: [chars] Explanation The ethernet driver failed to process a bundle IIR notification message. Further it is not able to propagate the message back to the virtual interface owner, and hence it is possible that the driver is out of step with the bundle configuration. Recommended Action Recovery will be attempted automatically. If this error message is seen repeatedly, restart the driver process that is generating the message and it will automatically recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHERNET-4-INITIALIZATION Initialization of the G-Ether library failed, due to error: [chars] Explanation A error occurred during the initialization of the common Ethernet driver library. Recommended Action The driver process is restarted automatically, hence no user intervention should be required. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHERNET-4-INTERFACE_CREATE Interface creation failed due to error: [chars] Explanation It was not possible to create some or all physical ethernet interfaces due to a driver error or a system error. Recommended Action The driver process will attempt to recover automatically, hence no user intervention should be required. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FB_PLIM Messages EM-657 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-ETHERNET-6-MAC_ACC_NOT_PROGRAMMED Interface [chars]%s[chars]%s, [chars] addresses for MAC accounting Explanation Some MAC addresses have not been programmed for MAC accounting in the hardware. This means that MAC accounting statistics will not be collected for these MAC addresses. This is most likely due to a lack of hardware resources due to a large number of MAC addresses being programmed for MAC accounting. Recommended Action This condition will only affect statistics collection for some MAC addresses on this interface. If the number of MAC accounting addresses programmed, which can be checked using ’show mac-accounting’, seems small and this issue is still hit this may indicate a system error, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-ETHERNET-6-MTU_NEAR_HW_LIMIT The configured MTU of [unsigned int] on [chars] is close to the H/W limit, and hence large [chars] frames may be dropped as oversized frames Explanation The configured MTU is close the maximum frame size allowed on the interface. Hence large 802.1Q or QinQ frames bigger than the maximum frame size supported on the interface may be dropped. Recommended Action If 802.1Q or QinQ support is required on the interface, then it is recommended that either the configured interface MTU is reduced by 4 or 8 bytes, or the sub-interface MTU is reduced by 4 or 8 bytes to ensure that all frames are within the H/W limits. FB_PLIM Messages Error Message %L2-FB_PLIM-3-ERROR [chars]: [hex], [chars] Explanation An error occurred in 1p OC12-ch-ds1 PLIM process. This may cause features to not work properly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FB_PLIM Messages EM-658 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FB_PLIM-3-ERROR_NO_RC [chars] Explanation An error occurred in 1p OC12-ch-ds1 PLIM process, which might involve exiting the process. Some features may not work if this error is seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FB_PLIM-3-INIT_ERROR [chars]: [hex], [chars] Explanation An error occurred initialization of 1p OC12-ch-ds1 PLIM process, which will involve exiting the process and recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FB_PLIM-3-ML_ERROR [chars] Explanation An error occurred in the 1p OC12-ch-ds1 Multilink platform dependent component. This may cause the multilink feature to not function properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FB_PLIM-3-ML_PULSE_ERROR [chars] Explanation An error occurred in the 1p OC12-ch-ds1 PLIM multilink pulse message processing. This may cause the multilink feature to not function properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FB_SHIM_ENCAP Messages EM-659 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FB_PLIM-4-WARNING [chars]: [hex], [chars] Explanation This is a warning message in the 1p OC12-ch-ds1 PLIM process to indicate anomolies which are not fatal. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FB_SHIM_ENCAP Messages Error Message %L2-FB_SHIM_ENCAP-3-EINVAL [chars]: [hex], [dec] Explanation An invalid input condition detected. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FB_SHIM_ENCAP-3-NO_SHIM [chars]: [hex] Explanation The SHIM information not found for the interface given. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FB_SHIM_ENCAP-3-UNEXPECTED [chars]: [dec] Explanation Unexpected encap type Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages FE_PLIM Messages EM-660 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FE_PLIM Messages Error Message %L2-FE_PLIM-4-INVALID_MAC Failed to get MAC address for [chars], Interface assigned random MAC address. Explanation PLIM driver was unable to get a MAC address for the interface. Recommended Action Check if the process ’shelfmgr’ is up and running on the RP. Try to reload the LC to see if that helps. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FIB_IPV4 Messages Error Message %L2-FIB_IPV4-3-ADJ_ERROR [chars] ifh: [hex], [chars] Explanation Platform IPv4 FIB, adjacency error Recommended Action Please collect the console log and following traces: show cef trace loc show cef platform trace [common|ipv4] all loc show adjacency hardware trace loc show bundle trace all loc show im trace loc Most of the time, these are harmless transient messages, caused by the delay in FIB and AIB processes learning about new interface. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ADJ_ERROR [chars] ifh: [hex], [chars] Explanation Platform IPv4 FIB, adjacency error Recommended Action Please collect the console log and following traces: show cef trace loc show cef platform trace [common|ipv4] all loc show adjacency hardware trace loc show bundle trace all loc show im trace loc Most of the time, these are harmless transient messages, caused by the delay in FIB and AIB processes learning about new interface. If the errors persist, report to your technical support representative. Layer 2 Messages FIB_IPV4 Messages EM-661 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FIB_IPV4-3-ADJ_ERROR [chars] ifh: [hex], [chars] Explanation Platform IPv4 FIB, adjacency error Recommended Action Please collect the console log and following traces: show cef trace loc show cef platform trace [common|ipv4] all loc show adjacency hardware trace loc show bundle trace all loc show im trace loc Most of the time, these are harmless transient messages, caused by the delay in FIB and AIB processes learning about new interface. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERR_INFO [chars] [dec] Explanation Platform IPv4 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERR_INFO [chars] [dec] Explanation Platform IPv4 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERR_INFO [chars] [dec] Explanation Platform IPv4 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERR_STR [chars], [chars] ([unsigned int]) Explanation Platform IPv4 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Layer 2 Messages FIB_IPV4 Messages EM-662 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FIB_IPV4-3-ERR_STR [chars], [chars] ([unsigned int]) Explanation Platform IPv4 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERR_STR [chars], [chars] ([unsigned int]) Explanation Platform IPv4 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERROR [chars] Explanation Platform IPv4 FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERROR [chars] Explanation Platform IPv4 FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Error Message %L2-FIB_IPV4-3-ERROR [chars] Explanation Platform IPv4 FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv4] all loc ). Also notice if the error message is transient or persistent. If the errors persist, report to your technical support representative. Layer 2 Messages FIB_IPV6 Messages EM-663 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FIB_IPV4-3-GEN_ERR FIB IPV4 internal error: [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FIB_IPV4-5-RECURSIVE_LOOP FIB IPv4 Recursive loop: [chars] Explanation Recursive loop was detected. The route update will be dropped Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FIB_IPV6 Messages Error Message %L2-FIB_IPV6-3-ERR_INFO [chars] [dec] Explanation Platform IPv6 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv6] all loc ). Also notice if the error message is transient or persistent. If errros persist, report to your technical support representative. Error Message %L2-FIB_IPV6-3-ERR_INFO [chars] [dec] Explanation Platform IPv6 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv6] all loc ). Also notice if the error message is transient or persistent. If errros persist, report to your technical support representative. Error Message %L2-FIB_IPV6-3-ERR_INFO [chars] [dec] Explanation Platform IPv6 FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv6] all loc ). Also notice if the error message is transient or persistent. If errros persist, report to your technical support representative. Layer 2 Messages FIB_IPV6 Messages EM-664 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FIB_IPV6-3-ERR_INFO_VERBOSE [chars] [chars] [chars] [dec] Explanation Platform IPv6 FIB, error information Recommended Action *SUPPORT* Error Message %L2-FIB_IPV6-3-ERR_INFO_VERBOSE [chars] [chars] [chars] [dec] Explanation Platform IPv6 FIB, error information Recommended Action *SUPPORT* Error Message %L2-FIB_IPV6-3-ERR_INFO_VERBOSE [chars] [chars] [chars] [dec] Explanation Platform IPv6 FIB, error information Recommended Action *SUPPORT* Error Message %L2-FIB_IPV6-3-ERROR [chars] Explanation Platform IPv6 FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv6] all loc ). Also notice if the error message is transient or persistent. If errors persist, report to your technical support representative. Error Message %L2-FIB_IPV6-3-ERROR [chars] Explanation Platform IPv6 FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv6] all loc ). Also notice if the error message is transient or persistent. If errors persist, report to your technical support representative. Error Message %L2-FIB_IPV6-3-ERROR [chars] Explanation Platform IPv6 FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace [common|ipv6] all loc ). Also notice if the error message is transient or persistent. If errors persist, report to your technical support representative. Layer 2 Messages FR_EDM Messages EM-665 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FIB_IPV6-3-GEN_ERR FIB IPV6 internal error: [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FIB_IPV6-5-RECURSIVE_LOOP FIB IPv6 Recursive loop: [chars] Explanation Recursive loop was detected. The route update will be dropped Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FR_EDM Messages Error Message %L2-FR_EDM-2-INIT [chars] : [chars] Explanation Init error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_EDM-3-NO_STATS unable to get stats for vc [hex], [dec] Explanation The statistics manager returned null data for vc Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_EDM-3-NOMEM unable to allocate [dec] bytes of memory Explanation The system is low on memory and not enough was available to complete the request Recommended Action Check the box for processes with excessive memory If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages FR_INARP Messages EM-666 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FR_INARP Messages Error Message %L2-FR_INARP-2-CONNECT_IM failure on IM connection: [chars] Explanation This error indicates a problem with InARP/IM interaction. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-2-INIT failed to initialize: [chars] Explanation During process start up an unrecoverable error occurred. The component will exit and should be restarted by the System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-3-IF_VC_CLASS unable to apply class [chars] to interface [chars]: [chars] Explanation A vc-class was configured on an interface but couldn’t be applied for the given reason Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-3-INVALID_FD received an event on unknown fd [dec] Explanation An event was received with an unknown fd Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_INARP Messages EM-667 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_INARP-3-NOMEM unable to allocate [dec] bytes of memory Explanation The system is low on memory and not enough was available to complete the request Recommended Action Check the box for processes with excessive memory If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-3-PVC_VC_CLASS unable to apply class [chars] to interface [chars].[dec]: [chars] Explanation A vc-class was configured on an interface but couldn’t be applied Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-3-SOCKET_SEND could not send on socket: [chars] Explanation Socket returned an error, not EAGAIN or EINTR Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-3-UNKNOWN_EVENT received an unknown event [hex] Explanation An unknown event was received Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-3-UNKNOWN_IDB received information about an unrecognised interface Explanation A set of IDBs are kept with information on each InARP interface. Somehow this information has become inconsistent with the system. Recommended Action Restart the main process (containing the InARP DLL) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_LMI Messages EM-668 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_INARP-4-UNKNOWN_INTFTYPE received an event for an unknown interface type: [dec] Explanation The system sent a messages which wasn’t expected. It will be ignored. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_INARP-4-UNKNOWN_MSG received an unknown message: [dec] Explanation An unknown InARP message was received - it will be ignored Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FR_LMI Messages Error Message %L2-FR_LMI-2-INIT LMI failed to initialize: [chars] Explanation During process start up an unrecoverable error occurred. The component will exit and should be restarted by the System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-CODEP_ERROR Configured values of [chars] and [chars] conflict during application. Changing [chars] to [dec] to maintain consistency Explanation LMI parameters N392 and N393 are co-dependent - they must obey the rule N392 equals N393. Somehow SysDB is attempting to apply config which conflicts unreconcilably. The parameter being configured is adjusted to be equal to the other. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_LMI Messages EM-669 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_LMI-3-ENCAP Unable to process Frame Relay encapsulation request Explanation An error occurred processing a request to set Frame Relay encapsulation on an interface. LMI will not be able to control the interface. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-FSM_T391_EXPIRY FSM in STOPPED state while timer is running: Interface [chars] Explanation This indicates that FSM has gone into an error condition. We should not have a valid timer expiry event if the FSM for this particular interface was in STOPPED state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-IDB_INIT IDB initialization failure for [chars] - [chars] Explanation Interface creation within fr_lmi process failed for the named interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-IDB_SEARCH The interface specified by a handle is not one that LMI recognizes as running Frame Relay Explanation A call to rt_search failed to return an idb object. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-IM_ERR [chars] Explanation Error in IM operation. Ex: Connection to IM not getting established, or some IM API errored out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_LMI Messages EM-670 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_LMI-3-INVALID_VC An error occured while inserting the vc_idb into the tree, a invalid vc_idb(ifh [hex], dlci [dec]) exists Explanation Dangling VC found. Possible reasons: VC deletion failed in previous attempt or LMI did not get a deletion nfn from IM Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-KEEPALIVES An error occurred informing the VC Manager that LMI is [chars] responsible for the line state of an interface: [chars] Explanation An error occurred in the VCM call to set the keepalive state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-LINE_STATE An error occurred informing the VC Manager of the line state: [chars] Explanation The VC Manager returned an error after receving a request to set the line state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-MALLOC Memory allocation failed: [chars] Explanation A call to malloc failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-RECVFROM An error occurred receiving a packet: [chars] Explanation The socket call recvfrom returned an error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_LMI Messages EM-671 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_LMI-3-SENDTO An error occurred sending a packet: [chars] Explanation The socket call sendto returned an error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-SET_DLCI_STATUS An error occurred sending the updated VC states to the VC Manager: [chars] Explanation The VC Manager returned an error after receving a request to update VC states. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-VC_CREATE Unable to create LMI DLCI [dec]: [chars] Explanation LMI was unable to create a VC it needed to function properly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-3-VCM_VC_STATES LMI was unable to send all VC states to the VC Manager Explanation An error occurred sending the VC states to the VC Manager. This could have occurred searching LMI’s internal database or in the call to the VCM. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_LMI-6-CODEP_CHANGE Changing defaulted value of [chars] to [dec] due to configured value of [chars] Explanation LMI parameters N392 and N393 are co-dependent - they must obey the rule N392 equals N393. Sometimes when one is changed the other must be changed as well to keep the protocol functioning properly. Recommended Action None. This is not an error, just a notification.Layer 2 Messages FR_NETIO Messages EM-672 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FR_NETIO Messages Error Message %L2-FR_NETIO-3-MEMORY Failed to allocate [unsigned int] bytes Explanation The DLL has failed to acquire the required amount of memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-FR_NETIO-6-DEBUG_REG Debug registration failed: [chars] Explanation Debug message registration failed Recommended Action No action is required. FR_SFRAR Messages Error Message %L2-FR_SFRAR-2-INIT SFRAR failed to initialize: [chars] Explanation During process start up an unrecoverable error occurred. The component will exit and should be restarted by the System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SFRAR-3-SYSMGR SFRAR process ready call failed: [chars] Explanation The call to inform the System Manager that SFRAR is running failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages FR_SOCKET Messages EM-673 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FR_SOCKET Messages Error Message %L2-FR_SOCKET-2-INIT Socket failed to initialize: [chars] Explanation During process start up an unrecoverable error occurred. The component will exit and should be restarted by the System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SOCKET-3-CONN Failed to setup fr socket EVM connection: [chars] Explanation The fr_socket process failed to connect to the event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SOCKET-3-DPC_FAIL Failed to register [chars] protocol in netio Explanation The fr_socket process failed to send dpc message to Netio Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SOCKET-3-NETIO_OUTPUT_FAIL Failed to send packet out to Netio: [chars] Explanation The fr_socket process failed to send packet out to Netio. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SOCKET-3-NOMEM unable to allocate [dec] bytes of memory Explanation The system is low on memory and not enough was available to complete the request Recommended Action Check the box for processes with excessive memory If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_SOCKET Messages EM-674 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_SOCKET-3-PACKET_CONN Failure in packet manager connection: [chars] Explanation The fr_socket process failed to connect to packet manager Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SOCKET-3-RESMGR_ATTACH Failed to setup fr socket as a resource manager: [chars] Explanation The fr_socket process failed to advertise itself to the system as a resource manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SOCKET-3-SEND_ASYNC Failed to send async pulse [dec]: [chars] Explanation The fr_socket process failed to send async pulse to FR socket EVM Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_SOCKET-3-SYSMGR SysMgr process ready call failed: [chars] Explanation The call to inform the System Manager that the FR socket is running failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages FR_UV Messages EM-675 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FR_UV Messages Error Message %L2-FR_UV-3-ERR_ABORT_ENCAP_FAIL [dec] encap aborts failed: The system may now be in an inconsistant state. Explanation The FR Uberverifier has detected a misconfiguration. It was not able to cleanup its internal DB while handling encap abort creates. Recommended Action The misconfiguration can be corrected by restarting fr_uv process on the specific location on which this error message is seen. If the problem persists, do the following: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_UV-3-ERR_MISCONFIG Misconfiguration: Item [chars] on interface [chars] is incompatible with other configuration. The system may now be in an inconsistant state. Explanation The FR Uberverifier has detected a misconfiguration. It was not detected in the verification phase, so the Uberverifier cannot correct this. Recommended Action The misconfiguration can be corrected by deleting all configuration from the specified interface and its subinterfaces, and then reapplying the configuration. If the problem persists, do the following: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_UV-3-EVENT Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process must exit. Recommended Action Identify the location of the card where there error was reported. Copy the error message exactly as it appears on the console or in the system log. Issue the show memory location location summary command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show memory location location summary output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_VCM_EA Messages EM-676 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_UV-3-INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_UV-3-SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FR_VCM_EA Messages Error Message %L2-FR_VCM_EA-2-INIT FR VCM EA failed to initialize: [chars] Explanation During process start up an unrecoverable error occurred. The component will exit and should be restarted by the System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM_EA-2-INTERNAL_ERR [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_VCM_EA Messages EM-677 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_VCM_EA-3-AIB_INIT_FAILED Failed during AIB initialization, err: [chars] Explanation The FR VCM EA process initialization failed whilst trying to connect to AIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM_EA-3-BATCH_INTERFACE_ERROR Error during messaging: [chars] Explanation The FR VCM EA process has detected an error during messaging. Possible memory corruption or out of resource. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM_EA-3-DATABASE_KEY_MISSING Internal database access error Explanation The FR VCM EA process code/data is inconsistent. Possible coding error or data corruption. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM_EA-3-DLCI_MATCH_FAILED Failed DLCI match, err: [chars] Explanation The FR VCM EA has a wrong value of the DLCI and is not the same as what the MA sends. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM_EA-3-NO_STATS Failed to initialize FR VCM subinterface stats collection, err: [chars] Explanation The FR VCM EA subinterface stats collection initialization failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages FR_VCM Messages EM-678 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FR_VCM Messages Error Message %L2-FR_VCM-2-CONFIG_INIT Configuration registration failed: [chars] Explanation Unable to register for configuration changes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-2-CONNS Connection initialization failed: [chars] Explanation Unable to initialize connections to one or more servers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-CONNECT_TO_L2VPN Connect to L2VPN server failed: [chars] Explanation FR VCM process on linecard tried to connect to L2VPN server on RP. Connect registration failed. FR L2 sub-interfaces will not be operational on this linecard. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-ENCAPS_TYPE Unable to specify [chars] encaps type for interface [chars]: [chars] Explanation The configuration in the NetIO DLL could not be updated, the system may continue with the existing encapsulation type Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_VCM Messages EM-679 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_VCM-3-IDB FR [chars] IDB [chars] failed: [chars] Explanation Unexpected error on Interface Descriptor Block Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-IM_OP FR [chars] on [chars] failed: [chars] Explanation The operation on the named item is not completing successfully when it is expected to, and hence the FR support may be disabled Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-INTF_NOTFOUND FR interface [chars] not found Explanation An action has been performed on a FR interface, but FR doesn’t have any information about the interface. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-MAIN_IF FR error on main interface [chars]: [chars] Explanation Unexpected error on the main interface Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-NOMEM unable to allocate [dec] bytes of memory Explanation The system is low on memory and not enough was available to complete the request Recommended Action Check the box for processes with excessive memory If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FR_VCM Messages EM-680 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_VCM-3-PTP_VC FR PVC create (dlci [dec]) on PTP subinterface failed - only one PVC is allowed Explanation Point-to-point (PTP) subinterfaces only allow one PVC and an attempt to create a second PVC is being rejected Recommended Action Remove the old PVC before creating the replacement, or use a multipoint subinterface instead Error Message %L2-FR_VCM-3-SUB_IF FR error on sub-interface [chars]: [chars] Explanation Unexpected error on the sub-interface Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-SYSDB_OP FR SysDB [chars] on [chars] failed: [chars] Explanation Unexpected failure performing a SysDB operation. Recommended Action Check SysDB is still running, and if not restart it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-FR_VCM-3-VC_EXISTS FR VC with DLCI [dec] already exists Explanation The DLCI is unique per ’main’ interface and this dlci is already used Recommended Action None. Error Message %L2-FR_VCM-3-VC_NOTFOUND FR VC with DLCI [dec] not found Explanation An operation was performed which expected a VC with the specified DLCI to exist, but it doesn’t Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages FRMIB Messages EM-681 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FR_VCM-6-DEBUG_REG Debug registration failed: [chars] Explanation Debug message registration failed Recommended Action No action is required. FRMIB Messages Error Message %L2-FRMIB-3-SYSDB FR MIB: [chars]: [chars]: [chars] Explanation This message indicates the FR MIB library fails to perform a SYSDB operation. *DDTS* Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FWD_EDGE_COMMON Messages Error Message %L2-FWD_EDGE_COMMON-3-EDGE_ADJ_ERR adj engine layer internal error [chars] : [chars] Explanation A runtime failure occurred in adjacency engine layer resulting in a failure to provide some system service as indicated in the message text. This is most likely an internal error. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-FWD_EDGE_COMMON-3-EDGE_ADJ_NULL Adjacency HW pointer is NULL for path [dec] fwd_type [dec] Explanation A runtime failure occurred in fib ip engine layer resulting in a failure to provide some system service as indicated in the message text. This is most likely an internal error. path %d - indicates the path index fwd_type %d - the forward type Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Layer 2 Messages G709 Messages EM-682 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-FWD_EDGE_COMMON-3-EDGE_IP_ERR fib ip engine layer internal error [chars] : [chars] Explanation A runtime failure occurred in fib ip engine layer resulting in a failure to provide some system service as indicated in the message text. This is most likely an internal error. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. G709 Messages Error Message %L2-G709-4-ALARM [chars] [chars] Explanation The specified G709 Alarm has been declared or released. Recommended Action Recommended action is to repair the source of the alarm. GATM Messages Error Message %L2-GATM-2-ERR [chars] - [dec]: [chars] Explanation Error in gatm operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-GATM-2-ERR_HEX [chars] - [dec]: [chars] ([hex]) Explanation Error in gatm operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-GATM-2-ERR_IFH_STS [chars] - [dec]: [chars] ifh equals [hex] rc equals [hex] Explanation Error in gatm operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages GDO Messages EM-683 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GATM-2-ERR_INT [chars] - [dec]: [chars] ([dec]) Explanation Error in gatm operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-GATM-2-ERR_STR [chars] - [dec]: [chars] ([chars]) Explanation Error in gatm operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-GATM-2-ERR_STS [chars] - [dec]: [chars] (rc equals [hex]) Explanation Error in gatm operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. GDO Messages Error Message %L2-GDO-5-L2PORT_FAULT_NOTIFY [chars] Explanation ATM SPA GDO L-AIS insertion/removal notification messages Recommended Action *NONE* Error Message %L2-GDO-7-DEBUG [chars] Explanation ATM SPA GDO L-AIS insertion/removal debug messages Recommended Action *NONE*Layer 2 Messages GE_ASIC_PRP3 Messages EM-684 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GE_ASIC_PRP3 Messages Error Message %L2-GE_ASIC_PRP3-3-INIT_ERR GigE hardware initialization failed. Reason equals [chars], Error Decode equals [chars] Explanation The GE hardware managment subsystem encountered an error during initialization. This process monitors and controls hardware components required for the RP management ethernet port. A failure in this subsystem will disable the the RP’s onboard ethernet. %s - indicates the reason for the failure %s - indicates the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ge_mgmt’ to verify that the process is up and running. If it is not, try doing ’process restart ge_mgmt’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GE_ASIC_PRP3-3-PKT_ERR GigE hardware packet error. Reason equals [chars] Explanation The GE hardware managment subsystem encountered an error during receiving of packets. This process monitors and controls hardware components required for the RP management ethernet port. A failure in this subsystem will disable the the RP’s onboard ethernet. %s - indicates the reason for the failure Recommended Action Execute ’show process ge_mgmt’ to verify that the process is up and running. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. GE_ASIC Messages Error Message %L2-GE_ASIC-3-INIT_ERR GigE hardware initialization failed. Reason equals [chars], Error Decode equals [chars] Explanation The GE hardware managment subsystem encountered an error during initialization. This process monitors and controls hardware components required for the RP management ethernet port. A failure in this subsystem will disable the the RP’s onboard ethernet. %s - indicates the reason for the failure %s - indicates the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ge_mgmt’ to verify that the process is up and running. If it is not, try doing ’process restart Layer 2 Messages GE Messages EM-685 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ge_mgmt’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. GE Messages Error Message %L2-GE-3-INIT_ERR PRP Gigabit Ethernet execution agent initialization failed. [chars]/[chars] Explanation The PRP Gigabit ethernet execution agent failed to initialize. The PRP gigabit ethernet execution agent provides the support for packet forwarding over the GE port present on the Performance Route Processor. A failure of this execution agent likely means that packets being sent to or from the PRP’s GE ports are going to be lost. %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ge_mgmt location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart ge_mgmt location 0/x/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. GSR_aib Messages Error Message %L2-GSR_aib-3-RES_ERROR Error: [chars]: Err equals [chars] Explanation A error occurred in GSR aib Driver resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-GSR_aib-6-INFO_MSG Info: [chars] Explanation This is a Informational message in the GSR aib driver to indicate an operation. Recommended Action No action is required.Layer 2 Messages GSR_edge_fwd_lib Messages EM-686 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GSR_edge_fwd_lib Messages Error Message %L2-GSR_edge_fwd_lib-3-RES_ERROR [chars]: Err equals [chars] Explanation An error occurred in Edge fowarding lib resulting in a failure to provide some system service as indicated in the message text. %s - indicates the reason for the failure. %s - is the decoded error reason. This error indicates there is problem in LC Forwarding resources Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. GSR Messages Error Message %L2-GSR-3-ERR_MEM_ALLOC Memory allocation failed for internal data storage Explanation Memory was not available for an internal data structure. The requested operation could not be accomplished because of a low memory condition. The LC will not boot up successfully and will not be able to participate in data forwarding. Recommended Action Reload the LC using ’hw-module’ command. If the problem recurs, reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Also ensure the LC is populated with the minimum amount of memory required for proper operation. Error Message %L2-GSR-3-ERR_SF_RESET [chars] : Hardware initialization of Fabric interface ASIC failed. Node will be reloaded for recovery after collecting diag information Explanation During boot-up or fabric configuration change or error handling, there was a problem in the initialization of fabric interface ASIC. Problem causes the node to be reloaded and will be restored by itself. Recommended Action Call your Cisco technical support representative and provide the gathered information. Node will be reloaded and restored in short time. Layer 2 Messages GSR Messages EM-687 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-3-ERR_THREAD_CREATE Internal OS call to create additional threads failed, [chars] Explanation An internal OS library returned an error. The system will usually recover from this error automatically. If the frequency of this alert increases noticeably it could indicate a OS kernel problem on the card. The LC will not boot up successfully and will not be able to participate in data forwarding. This condition can impact various processes on the LC. The LC is in unstable condition. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Error Message %L2-GSR-3-ERR_THREAD_CREATE Internal OS call to create additional threads failed, [chars] Explanation An internal OS library returned an error. The system will usually recover from this error automatically. If the frequency of this alert increases noticeably it could indicate a OS kernel problem on the card. The LC will not boot up successfully and will not be able to participate in data forwarding. This condition can impact various processes on the LC. The LC is in unstable condition. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_CHKPT Call to checkpoint library failed, status equals [chars] Explanation An internal support library returned an error. The driver was not able to save data for restart ability. A restart of the FIAD process may not be NSF compliant. Any software upgrade requiring FIAD to be restarted will result in traffic loss. The system will usually recover from this error automatically. If the frequency of this alert increases noticeably it could indicate a OS kernel problem on the card. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages GSR Messages EM-688 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-3-FIA_CHKPT_DATA_EXISTS The driver is coming up in normal mode, but checkpoint information already exists. Explanation When a driver comes up in NORMAL_MODE, checkpointing data should not already exist. This indicates a mismatch in the driver state. The checkpointed data may be corrupted on the LC. Restart ability of processes may be affected. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_CHKPT_RECOVERY_NODATA The driver is coming up in restart mode, but the checkpoint info does not exist. Explanation When a driver comes up in RECOVERY_MODE, checkpointing data should have already been saved to the checkpointing record by the previous life of the driver. This can impact the drivers ability to restart without affecting traffic. Recommended Action The system may not recover from this error automatically. A reload of the linecard should be initiated in order to recover. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_DEVCTL_ERR Unsupported devctl case [dec] Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_DLOPEN Failed to load [chars] Explanation The library (dll) named could not be found or there was an error while loading. Indicates a software installation problem. The LC will not boot up successfully and will not be able to participate in data forwarding. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages GSR Messages EM-689 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-3-FIA_INT_ATTACH Internal OS call to process interrupts failed Explanation An internal OS library returned an error. Some error conditions on the LC may not be reported correctly. The system will usually recover from this error automatically. If the frequency of this alert increases noticeably it could indicate a OS kernel problem on the card. Recommended Action The system will normally recover from this error without intervention. This error indiactes a more fundamental issue on the LC. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_MEM_CHIP_ERR ([chars]): no memory for chip data. Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_MEM_ERROR ([chars]): FIA failed to initialize memory. Exiting Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_MMAP_ERROR ([chars]): FIA memory mapping failed. Exiting Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_NOT_RESET FIA was not reset before programming Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages GSR Messages EM-690 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-3-FIA_STARTUP_DATA ([chars]), Illegal size of input for FIA startup data structure Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_SYNC_ERROR ([chars]): FIA failed to sync, los_status [hex], los_error [hex], fia_config [hex] Explanation This error usually indicates an internal hardware problem on the card. Recommended Action If there are other error reports about the switch fabric (CSC/SFC) then wait several minutes for corrective action. Otherwise, run diagnostics for slot reporting error. Use ’diag slot verbose’ command. (This command may not work for the slot containing the primary route processor.) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_UNHALT Could not unhalt [chars] Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_UNSUPPORTED_CDB Unsupported cdb version Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GSR-3-FIA_UNSUPPORTED_OPAQUE_DATA Unsupported opaque data version Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages GSR Messages EM-691 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-3-FS_ERR1 [chars] : [hex] Explanation EE192 SerDes retimer driver error. An internal OS library returned an error. The system will usually recover from this error automatically. If the frequency of this alert increases noticeably it could indicate a OS kernel problem on the card. The LC will not boot up successfully and will not be able to participate in data forwarding. This condition can impact various processes on the LC. The LC is in unstable condition. Recommended Action The system will normally recover from this error without intervention. This error indiactes a more fundamental issue on the LC. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Error Message %L2-GSR-3-SPABRG_ERR_HW [chars] : [chars] : [hex] Explanation EE192 Spabrg driver error Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %L2-GSR-3-SPABRG_ERR2_HW [chars] : [chars] : [hex] [hex] Explanation EE192 Spabrg driver error Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %L2-GSR-3-SPABRG_ERR3_HW [chars] : [chars] : [hex] [hex] [hex] Explanation EE192 Spabrg driver error Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information.’ Layer 2 Messages GSR Messages EM-692 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-3-SPABRG_ERR4_HW [chars] : [hex] [hex] Explanation EE192 Spabrg driver error Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %L2-GSR-3-SPABRG_ERR5_HW [chars] : [chars] : [hex] [hex] Explanation EE192 Spabrg driver single-bit error Recommended Action No action is required. Error Message %L2-GSR-3-SPABRG_ERR6_HW [chars] : [chars] : [hex] [hex] [hex] Explanation EE192 Spabrg driver single-bit error Recommended Action No action is required. Error Message %L2-GSR-3-SPABRG_ERR7_HW [chars] : [hex] [hex] Explanation EE192 Spabrg driver error Recommended Action No action is required. Error Message %L2-GSR-4-ERR_SYSDB_SET system database item set failed [chars] Explanation Error in communication channel with the system database. There was a problem accessing the named item. This could be a temporary problem caused by an outage in the connection to the server. The connection will be restored, but the operation itself was aborted. Recommended Action Call your Cisco technical support representative and provide the gathered information. Copy the output of the following commands exactly as they appear. show processes fiad location X/X/X Layer 2 Messages GSR Messages EM-693 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-4-FIA_EDM system database access failed [chars] Explanation Error in communication channel with clients. There was a problem accessing the system database item. This could be a temporary problem caused by an outage in the connection to the server. The connection will be restored, but the operation itself was aborted. Recommended Action Call your Cisco technical support representative and provide the gathered information. Copy the output of the following commands exactly as they appear. show processes fiad location X/X/X Error Message %L2-GSR-6-FIA_INFO_MSG [chars] Explanation This is a Informational message in the FIA Driver to indicate an operation. Recommended Action No action is required. Error Message %L2-GSR-6-FIA_PCDS_FAILURE [chars] failed, slot equals [dec], error info equals [chars] Explanation This is a message indicating FIA PCDS failure. Recommended Action No action is required. Error Message %L2-GSR-6-PCDS_STATS_TIMESTAMP_FAILURE pcds_get_timestamp failed for fishstick stats Explanation This is a message indicating failed to get timestamp for fishstick stats. Recommended Action No action is required. Error Message %L2-GSR-6-SPABRG_CRIT_INFO [chars] : [chars] : [hex] Explanation EE192 Spabrg driver critical info Recommended Action NONE : Informational message only Layer 2 Messages GT64115 Messages EM-694 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GSR-6-SPABRG_INFO1_HW [chars] : [chars] : [hex] Explanation EE192 Spabrg driver informational message Recommended Action NONE : Informational message only Error Message %L2-GSR-6-SPABRG_INFO2_HW [chars] : [chars] : [hex], [hex] Explanation EE192 Spabrg driver informational message Recommended Action NONE : Informational message only Error Message %L2-GSR-6-SPABRG_INFO3_HW [chars] : [chars] : [hex], [hex], [hex] Explanation EE192 Spabrg driver informational message Recommended Action NONE : Informational message only Error Message %L2-GSR-7-FIA_FCTL [chars] failed, slot equals [dec], error info equals [chars] Explanation An interprocess call returned an error. Possibly a timeout. The central switch fabric software may not recognize the LC that exhibits this error. Maintenance bus may not be operating as desired. Recommended Action Look for other fctl messages. Wait for corrective action. The system will normally recover from this error without intervention. If the frequency with which this error is occurring increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the output of the following commands exactly as they appear. show processes fctl show processes fiad location X/X/X show diag X/X/X show diag chassis-info GT64115 Messages Error Message %L2-GT64115-2-PCI_CONFIG Fatal error: [chars]: [dec] Explanation A fatal error occurred during GT64115 PCI Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages gulf Messages EM-695 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-GT64115-2-PCI_INIT Fatal error: [chars] Explanation A fatal error occurred during GT64115 PCI Driver initialization Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-GT64115-3-PCI_BRIDGE_INTR PCI Bridge Intr: [chars] [dec] [dec] Explanation This is an error message resulted from an interrupt from the PCI device. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. gulf Messages Error Message %L2-gulf-3-FATAL_ERROR Fatal error: [chars]: [chars]: [dec] Explanation A fatal error occurred in gulf Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-gulf-4-WARNING warning: [chars]: [chars]: [dec] Explanation A warning condition is detected in gulf Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-gulf-6-INFO_MSG Info: [chars]: [chars]: [dec] Explanation This is a Informational message in the gulf driver to indicate an operation. Recommended Action No action is required. Layer 2 Messages HALE_QOS Messages EM-696 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-gulf-7-DEBUG_MSG Debug: [chars]: [chars]: [dec] Explanation This is a debug message in the gulf driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HALE_QOS Messages Error Message %L2-HALE_QOS-3-ERR_COMMIT Route ([chars],[chars]) Explanation This message indicates a failure in committing route (S, G). This means QoS feature will not be applied for the specified route; Traffic through this route would go to the default queue. The causes for this error could be lack of memory, a hardware resource limitation, or an internal error. %s,%s - indicates the (S, G) Recommended Action If memory is the issue, reduce other system activity to ease memory demands. If conditions warrant and minimum memory requirements not met, upgrade to a larger memory configuration. Retry the QoS configuration. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HALE_TCAM Messages Error Message %L2-HALE_TCAM-3-ERROR [chars]: [chars] Explanation A SW exception occurred in TCAM extension Library Recommended Action If TCAM memory is the issue, reduce other system activity to ease memory demands. If conditions warrant and minimum memory requirements not met, upgrade to a larger memory configuration.Layer 2 Messages HFA_COMMON Messages EM-697 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 HFA_COMMON Messages Error Message %L2-HFA_COMMON-3-FATAL_ERR Fatal error: [chars]: Err equals [chars] Explanation A fatal error occurred in HFA common Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-HFA_COMMON-4-ANOMALY [chars] Explanation A SW exception of unexpected condition or an out of resources (memory, HW profiles, etc) situation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-HFA_COMMON-6-INFO_MSG [chars] [chars] Explanation This is a Informational message in the HFA common Driver to indicate an operation. Recommended Action No action is required. Error Message %L2-HFA_COMMON-6-INFO_WARNING [chars] err [hex] Explanation This is a Informational message in the HFA common Driver to indicate an operation. Recommended Action No action is required. HFA_LIB Messages Error Message %L2-HFA_LIB-3-ANOMALY [chars] Explanation Software exception. Quite probably a SW bug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages HFA_LIB Messages EM-698 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-HFA_LIB-3-BLWM_CLIENT_CONF_FAILED hfa: blwm client configuration failed, error: [hex] [chars] Explanation Unable to configure BLWM client functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-HFA_LIB-3-BLWM_CLIENT_REBIND_FAILED hfa: blwm client rebind failed, error: [hex] [chars] Explanation Unable to rebind with BLWM client functionality after a connection reconnect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-HFA_LIB-3-BLWM_MSG_SEND_FAILED hfa: blwm msg send/flush: retried: [dec] time(s), failed to send, error: [hex] [chars] Explanation Unable to send/flush a BLWM message to the HFA server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-HFA_LIB-3-BLWM_RECVD_REPLY_FAIL hfa: Received a failure reply code for a batched request, reply code: [dec] Explanation This is the message printed by the default handler installed by HFA to process the replies received for batched requests. The default handler’s behavior is to just print this message. The application should install its own handler to handle the replies to batched requests. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages if_discovery Messages EM-699 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-HFA_LIB-3-MSG_SEND_FAILED hfa: msg: [dec], retried: [dec] time(s), failed to send, errno: [chars] Explanation Unable to send a message to the HFA server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-HFA_LIB-4-BLWM_REPLAY_REQUEST hfa: Replaying a batched request of type [dec] that might have been partially processed before. Explanation Due to a server restart, a batched request might have been partially processed. The default handler installed by HFA simply replays the request. Applications that can not afford to replay a request should install their own handler. Recommended Action No action is required. Error Message %L2-HFA_LIB-4-ERR_LOCK [chars] error on [chars], rc equals [dec] Explanation An error occurred when un/locking HFA HW Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-HFA_LIB-6-INFO_WARNING [chars]: [dec] Explanation This is a Informational message in the HFA client LIB to indicate an operation. Recommended Action No action is required. if_discovery Messages Error Message %L2-if_discovery-3-FATAL_ERROR Fatal error: [chars]: [chars]: [dec] Explanation A fatal error occurred in plim pos 4p oc12 Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IOB Messages EM-700 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-if_discovery-6-INFO_MSG Info: [chars]: [chars] Explanation This is a Informational message in the plim pos 4p oc12 driver to indicate an operation. Recommended Action No action is required. Error Message %L2-if_discovery-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the plim pos 4p oc12 driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IOB Messages Error Message %L2-IOB-3-INTR IOB Intr: [chars] Explanation The IOB FPGA has been interrupted due to an access fault Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IOB-5-UNKNOWN_INTR IOB Intr: [chars]: [dec]: [dec] Explanation This is a message in the IOB FPGA driver to indicate that it has detected an unknown interrupt. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages IPCP Messages EM-701 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPCP Messages Error Message %L2-IPCP-1-ERR_ADJ_DELETE Failed to remove [chars] from adjacency; [chars] Explanation An error was encountered while connecting to the AIB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-1-ERR_ADJ_UPDATE Failed to add [chars] into adjacency; [chars] Explanation An error was encountered while connecting to the AIB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-1-ERR_RIB_ROUTE_ADD Failed to add route into RIB; [chars] Explanation An error was encountered while connecting to the RIB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-DEBUG_ASSOC Conditional debug association failed; [chars] Explanation An error has occurred upon attempting to associate conditional debugging with PPP debug commands. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPCP Messages EM-702 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPCP-3-DEBUG_COND_REGISTER Conditional debug registration failed; [chars] Explanation An error has occurred upon attempting to register for conditional debugs. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-DEBUG_REGISTER Debug registration failed; [chars] Explanation An error has occurred upon attempting to connect to the debug server. This may cause debug messages to not appear. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_CONN Connection [chars] failed for [chars]; [chars] Explanation An failure in the reconnection software in the function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_EVENT Failed to [chars] [chars] event; [chars] Explanation An event handler has returned an error condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_EVENT_MGR_CREATE IPCP Failed to initialize event manager; [chars] Explanation Initialization of the event manager failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPCP Messages EM-703 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPCP-3-ERR_IM_STATE Failed to get basecaps state for [chars]; [chars] Explanation IPCP was unable to determine the state of the basecaps and has assumed it to be down. IPCP will remain closed until the interface is brought down and up again. Recommended Action Shut the interface and then bring it up again. Error Message %L2-IPCP-3-ERR_IPARM Error [chars] IP-ARM; [chars] Explanation IPCP could not perform the operation with IP-ARM that was desired. Recommended Action Restart the IPCP and IP-ARM processes. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_MBOX_ADD [chars] [chars] failed to add [chars]; [chars] Explanation An attribute has failed to be added to the message which was being constructed which has caused the message to be discarded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_MBOX_CREATE [chars] failed to create [chars]; [chars] Explanation An attempt to allocate a message failed. This may be due to lack of resources. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_MBOX_INIT Failed to init [chars] message for [chars]; [chars] Explanation The initialization of a message failed, this results in a failure to communicate with the Link Control Protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPCP Messages EM-704 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPCP-3-ERR_MBOX_SEND [chars] failed to send [chars]; [chars] Explanation A message failed in a send attempt to a particular mailbox. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_MQ_CREATE Failed to create message queue to AAA; [chars] Explanation IPCP has failed to open its mailbox channel to AAA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_MQ_OPEN Failed to open message queue [chars]; [chars] Explanation IPCP has failed to open a mailbox channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_NETIO_RXQ Failed to support [chars] [chars]; [chars] Explanation IPCP has attempted to update the data component with the current status of the control protocol. The attempt has failed which will has the effect of leaving the data component with the previous set of information. This may result in an inability to negotiate IPCP. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_SYSDB SysDB [chars] failed; [chars] Explanation IPCP cannot perform some SysDB operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPCP Messages EM-705 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPCP-3-ERR_SYSDB_NOTIFICATION Failed to [chars]register for SysDB notification of [chars]; [chars] Explanation IPCP cannot (un)register for SysDB notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_SYSDB_VERIFICATION Failed to [chars]register for SysDB verification of [chars]; [chars] Explanation IPCP cannot (un)register for SysDB verification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-ERR_TIMER [chars] [chars] timer [chars] Explanation The manipulation of a timer had an abnormal side effect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-3-LTRACE_INIT IPCP Failed to initialize the ltrace buffer; [chars] Explanation The buffer used for tracing could not be allocated. The process will be restarted. Recommended Action The most likely cause of a problem is not enough memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-IPCP-4-ERR_CHKPT Failed checkpoint [chars] Explanation An error has occurred upon attempting to connect to the checkpointing server. This may cause inconsistent state to be present within IPCP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPCP Messages EM-706 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPCP-4-ERR_CHKPT_ITERATE Failed iterating checkpoint store: [chars] Explanation An error has occurred while iterating the checkpoint data store after a process restart. The process will exit and hope for a clear run next time. If failure persists its checkpoint store will be deleted and it will do a cold restart which should resolve the problem. Recommended Action If multiple restarts does not work then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-4-ERR_EVENT_WAIT Error waiting for event; [chars] Explanation The event loop has received a message of a type it does not recognize. All events should be received by handlers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-4-ERR_IM_ENCAPS Error checking base encapsulation for [chars]; [chars] Explanation IPCP was unable to check the base encapsulation of an interface with IM. This may result in IPCP not running on the interface if PPP encapsulation was present. Recommended Action If the interface that the error is reported for does not have PPP encapsulation then there is no problem. If the interface does have PPP encapsulation then first remove and re-add the IP address or IP unnumbered configuration. If this doesn’t get IPCP working then remove and re-add the PPP encapsulation. If IPCP still does not work then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-4-ERR_INTERFACE_NULL [chars]: Interface NULL Explanation A function was called with a NULL interface pointer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPCP Messages EM-707 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPCP-4-ERR_MEMORY Insufficient memory for [chars] Explanation IPCP failed to allocate memory for a structure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-4-ERR_MQ_RECEIVE Error receiving from message queue; [chars] Explanation IPCP has failed to receive a message from its mailbox. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-4-ERR_NO_INTERFACE Interface [chars] not found Explanation A SysDB name lookup failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-4-ERR_NO_INTERFACE_STRUCT Structure for interface [chars] not created; [chars] Explanation IPCP failed to create an interface structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPCP-6-ERR_IM_CONNECT Failed to [chars]bind [chars] IM; [chars] Explanation IPCP has failed to either bind to or unbind from the interface manager server. Recommended Action No action is required. Layer 2 Messages IPV6_EA Messages EM-708 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPCP-6-ERR_IM_EVENT Failed to [chars] event; [chars] Explanation IPCP has failed to either initialize or specify an event with the interface manager server. Recommended Action No action is required. Error Message %L2-IPCP-6-ERR_IM_PROTO Failed to [chars] [chars] protocol; [chars] Explanation IPCP has failed a protocol operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV6_EA Messages Error Message %L2-IPV6_EA-3-INIT Failed to initialize [chars], because of [chars] Explanation Initialization process such as getting an evm failed. Recommended Action sysmgr will retry to start the hfrlc_ipv6_ea. If not recovered, it’s a fatal condition. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Error Message %L2-IPV6_EA-3-INIT Failed to initialize [chars], because of [chars] Explanation Initialization process such as getting an evm failed. Recommended Action sysmgr will retry to start the ipv6_ea. If not recovered, it’s a fatal condition. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Error Message %L2-IPV6_EA-3-INIT Failed to initialize [chars], because of [chars] Explanation Initialization process such as getting an evm failed. Recommended Action sysmgr will retry to start the hfrlc_ipv6_ea. If not recovered, it’s a fatal condition. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Layer 2 Messages IPV6CP Messages EM-709 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6_EA-3-NOMEM IPv6 EA failed to program ’[chars]’ due to low memory Explanation The IPv6 EA process could not allocate memory needed to program some IPv6 feature. Recommended Action Check memory status. Error Message %L2-IPV6_EA-3-PLAT_UPD_FAILED Platform update failed: [chars] - [chars](CH[hex]) Explanation Platform update failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6_EA-3-PLAT_UPD_FAILED_GL Platform update failed for [dec] interface: [chars] - [chars] Explanation Platform update failed for all interfaces in a batch. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6_EA-4-ERROR [chars]: [chars] Explanation There was an error with processing an event in the EA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV6CP Messages Error Message %L2-IPV6CP-1-ERR_ADJ_DELETE Failed to remove [chars] from adjacency; [chars] Explanation An error was encountered while connecting to the AIB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPV6CP Messages EM-710 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6CP-1-ERR_ADJ_UPDATE Failed to add [chars] into adjacency; [chars] Explanation An error was encountered while connecting to the AIB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-DEBUG_ASSOC Conditional debug association failed; [chars] Explanation An error has occurred upon attempting to associate conditional debugging with PPP debug commands. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-DEBUG_COND_REGISTER Conditional debug registration failed; [chars] Explanation An error has occurred upon attempting to register for conditional debugs. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-DEBUG_REGISTER Debug registration failed; [chars] Explanation An error has occurred upon attempting to connect to the debug server. This may cause debug messages to not appear. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_CONN Connection [chars] failed for [chars]; [chars] Explanation An failure in the reconnection software in the function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPV6CP Messages EM-711 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6CP-3-ERR_EVENT Failed to [chars] [chars] event; [chars] Explanation An event handler has returned an error condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_EVENT_MGR_CREATE IPV6CP Failed to initialize event manager; [chars] Explanation Initialization of the event manager failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_IM_STATE Failed to get basecaps state for [chars]; [chars] Explanation IPV6CP was unable to determine the state of the basecaps and has assumed it to be down. IPV6CP will remain closed until the interface is brought down and up again. Recommended Action Shut the interface and then bring it up again. Error Message %L2-IPV6CP-3-ERR_MBOX_ADD [chars] [chars] failed to add [chars]; [chars] Explanation An attribute has failed to be added to the message which was being constructed which has caused the message to be discarded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_MBOX_CREATE [chars] failed to create [chars]; [chars] Explanation An attempt to allocate a message failed. This may be due to lack of resources. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPV6CP Messages EM-712 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6CP-3-ERR_MBOX_INIT Failed to init [chars] message for [chars]; [chars] Explanation The initialization of a message failed, this results in a failure to communicate with the Link Control Protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_MBOX_SEND [chars] failed to send [chars]; [chars] Explanation A message failed in a send attempt to a particular mailbox. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_MQ_OPEN Failed to open message queue [chars]; [chars] Explanation IPV6CP has failed to open a mailbox channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_NETIO_RXQ Failed to support [chars] [chars]; [chars] Explanation IPV6CP has attempted to update the data component with the current status of the control protocol. The attempt has failed which will has the effect of leaving the data component with the previous set of information. This may result in an inability to negotiate IPV6CP. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_SYSDB SysDB [chars] failed; [chars] Explanation IPV6CP cannot perform some SysDB operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPV6CP Messages EM-713 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6CP-3-ERR_SYSDB_NOTIFICATION Failed to [chars]register for SysDB notification of [chars]; [chars] Explanation IPV6CP cannot (un)register for SysDB notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_SYSDB_VERIFICATION Failed to [chars]register for SysDB verification of [chars]; [chars] Explanation IPV6CP cannot (un)register for SysDB verification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-ERR_TIMER [chars] [chars] timer [chars] Explanation The manipulation of a timer had an abnormal side effect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-3-LTRACE_INIT IPV6CP Failed to initialize the ltrace buffer; [chars] Explanation The buffer used for tracing could not be allocated. The process will be restarted. Recommended Action The most likely cause of a problem is not enough memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-IPV6CP-4-ERR_CHKPT Failed checkpoint [chars] Explanation An error has occurred upon attempting to connect to the checkpointing server. This may cause inconsistent state to be present within IPV6CP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPV6CP Messages EM-714 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6CP-4-ERR_CHKPT_ITERATE Failed iterating checkpoint store: [chars] Explanation An error has occurred while iterating the checkpoint data store after a process restart. The process will exit and hope for a clear run next time. If failure persists its checkpoint store will be deleted and it will do a cold restart which should resolve the problem. Recommended Action If multiple restarts does not work then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-4-ERR_EVENT_WAIT Error waiting for event; [chars] Explanation The event loop has received a message of a type it does not recognize. All events should be received by handlers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-4-ERR_INTERFACE_NULL [chars]: Interface NULL Explanation A function was called with a NULL interface pointer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-4-ERR_MEMORY Insufficient memory for [chars] Explanation IPV6CP failed to allocate memory for a structure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-4-ERR_MQ_RECEIVE Error receiving from message queue; [chars] Explanation IPV6CP has failed to receive a message from its mailbox. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages IPV6CP Messages EM-715 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6CP-4-ERR_NO_INTERFACE Interface [chars] not found Explanation A SysDB name lookup failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-4-ERR_NO_INTERFACE_STRUCT Structure for interface [chars] not created; [chars] Explanation IPV6CP failed to create an interface structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-6-ERR_IM_CONNECT Failed to [chars]bind [chars] IM; [chars] Explanation IPV6CP has failed to either bind to or unbind from the interface manager server. Recommended Action No action is required. Error Message %L2-IPV6CP-6-ERR_IM_ENCAPS Failed to [chars] [chars] encapsulation; [chars] Explanation IPV6CP has failed an encapsulation operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IPV6CP-6-ERR_IM_EVENT Failed to [chars] event; [chars] Explanation IPV6CP has failed to either initialize or specify an event with the interface manager server. Recommended Action No action is required. Layer 2 Messages IXP2800_FWD Messages EM-716 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IPV6CP-6-ERR_IM_PROTO Failed to [chars] [chars] protocol; [chars] Explanation IPV6CP has failed a protocol operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IXP2800_FWD Messages Error Message %L2-IXP2800_FWD-3-IPCP_FAILURE Function [chars] failure errno [chars] Explanation IPCP communication failure. Recommended Action None Error Message %L2-IXP2800_FWD-3-NONFATAL_ERROR Nonfatal error: [chars] error code [dec] Explanation This is a error message of the IXP2800 forwarding driver to indicate either anomalies which are not fatal. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action None Error Message %L2-IXP2800_FWD-7-LOG_FILE_ERROR Test DLL failed to open log file [chars] ([chars]) Explanation The NPU test DLL failed to open the log file Recommended Action None Error Message %L2-IXP2800_FWD-7-UNEXPECTED_FUNC_INVOC Function [chars] invoked Explanation An unexpected function invocation occured Recommended Action NoneLayer 2 Messages IXP2800_HW Messages EM-717 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IXP2800_HW Messages Error Message %L2-IXP2800_HW-2-NOMEM ixp2800 HW driver Could not allocate memory Explanation ’ixp2800 HW driver has failed to aquire the required amount of memory.’ Recommended Action *REDUCE* Error Message %L2-IXP2800_HW-3-FATAL_ERROR [chars]()[[dec]]: [chars]: [chars] ([dec]) Explanation A fatal error occurred in IXP2800_HW Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IXP2800_HW-4-WARNING [chars]()[[dec]]: [chars]: [chars] ([dec]) Explanation A warning condition occurred in IXP2800_HW Driver which involves exiting the process. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-IXP2800_HW-6-INFO [chars] Explanation SERVICE card ixp2800_hw driver informational message Recommended Action NONE : Informational message only Error Message %L2-IXP2800_HW-7-LOG_FILE_ERROR ixp2800 HW driver DLL failed to open log file [chars] ([chars]) Explanation The NPU HW driver DLL failed to open the log file Recommended Action NoneLayer 2 Messages IXP2800_SERVICE Messages EM-718 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IXP2800_SERVICE Messages Error Message %L2-IXP2800_SERVICE-2-NOMEM ixp2800 service Could not allocate memory Explanation ’ixp2800 service has failed to aquire the required amount of memory.’ Recommended Action *REDUCE* Error Message %L2-IXP2800_SERVICE-3-FATAL_ERROR [chars]()[[dec]]: [chars]: [chars] ([dec]) Explanation A fatal error occurred in IXP2800_SERVICE Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IXP2800_SERVICE-3-HOST_SPU_ERROR [chars] Fatal error - [chars] Explanation A fatal error occurred in SPU common Driver Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IXP2800_SERVICE-3-IPCP_FAILURE Function [chars] failure errno [chars] Explanation IPCP communication failure. Recommended Action None Error Message %L2-IXP2800_SERVICE-4-WARNING [chars]()[[dec]]: [chars]: [chars] ([dec]) Explanation A warning condition occurred in IXP2800_SERVICE Driver which involves exiting the process. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages IXP2800_VFW Messages EM-719 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IXP2800_SERVICE-6-INFO [chars] Explanation SERVICE card ixp2800_service driver informational message Recommended Action NONE : Informational message only Error Message %L2-IXP2800_SERVICE-7-LOG_FILE_ERROR ixp2800 service DLL failed to open log file [chars] ([chars]) Explanation The NPU service DLL failed to open the log file Recommended Action None IXP2800_VFW Messages Error Message %L2-IXP2800_VFW-2-NOMEM ixp2800 service Could not allocate memory Explanation ’ixp2800 vFW service has failed to aquire the required amount of memory.’ Recommended Action *REDUCE* Error Message %L2-IXP2800_VFW-3-FATAL_ERROR [chars]()[[dec]]: [chars]: [chars] ([dec]) Explanation A fatal error occurred in IXP2800_SERVICE Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-IXP2800_VFW-3-IPCP_FAILURE Function [chars] failure errno [chars] Explanation IPCP communication failure. Recommended Action None Layer 2 Messages JACKET Messages EM-720 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-IXP2800_VFW-3-NONFATAL_ERROR Nonfatal error: [chars] error code [dec] Explanation This is a error message of the IXP2800 service driver to indicate either anomalies which are not fatal. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action None Error Message %L2-IXP2800_VFW-4-WARNING [chars]()[[dec]]: [chars]: [chars] ([dec]) Explanation A warning condition occurred in IXP2800_SERVICE Driver which involves exiting the process. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-IXP2800_VFW-6-INFO [chars] Explanation SERVICE card ixp2800_service driver informational message Recommended Action NONE : Informational message only Error Message %L2-IXP2800_VFW-7-LOG_FILE_ERROR ixp2800 service DLL failed to open log file [chars] ([chars]) Explanation The NPU service DLL failed to open the log file Recommended Action None JACKET Messages Error Message %L2-JACKET-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation A critical error occurred in jacket driver which involves exiting the process. The jacket driver will restart and unless the same error occurs on the next attempt the driver will function normally. If the error is persistent, it indicates the system error or HW error which needs further investigation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages JACKET Messages EM-721 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-JACKET-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation A critical error occurred in jacket driver which involves exiting the process. The jacket driver will restart and unless the same error occurs on the next attempt the driver will function normally. If the error is persistent, it indicates the system error or HW error which needs further investigation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-JACKET-3-PIO_CRITICAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A critical error occurred while accessing the hardware in jacket driver which involves exiting the process. The driver will restart and attempt normal functionality. If the error is transient, the jacket driver and the SPAs will continue normal operation. If the error is persistent, the jacket card hardware needs to be checked out for access failures. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-JACKET-3-PIO_CRITICAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A critical error occurred while accessing the hardware in jacket driver which involves exiting the process. The driver will restart and attempt normal functionality. If the error is transient, the jacket driver and the SPAs will continue normal operation. If the error is persistent, the jacket card hardware needs to be checked out for access failures. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-JACKET-3-RULES_CRITICAL_ERROR SPA subslot [dec]: FAILED: [chars] for [chars] Explanation A critical error occurred in jacket driver rules validation for a SPA which results in the SPA not being enabled. This does not affect the other slots on the jacket card. Please check the SW support for the SPA slot for which this message is seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages JACKET Messages EM-722 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-JACKET-3-RULES_CRITICAL_ERROR SPA subslot [dec]: FAILED: [chars] for [chars] Explanation A critical error occurred in jacket driver rules validation for a SPA which results in the SPA not being enabled. This does not affect the other slots on the jacket card. Please check the SW support for the SPA slot for which this message is seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-JACKET-3-SPA_DISABLE [dec] requests to disable SPA [dec] due to spa bus error Explanation This is an error message indicating a Hardware access error for a SPA and disable the SPA to avoid LC reload Recommended Action No action is required. Error Message %L2-JACKET-3-SPA_DISABLE [dec] requests to disable SPA [dec] due to spa bus error Explanation This is an error message indicating a Hardware access error for a SPA and disable the SPA to avoid LC reload Recommended Action No action is required. Error Message %L2-JACKET-3-SPA_PIO_ERROR SPA subslot [dec]: had [chars] error when accessing address [hex] with fault code [dec] Explanation This is an error message indicating a Hardware access error for a SPA. If this is a recurrent message, it usually is due to faulty hardware, loose connection at the SPA connector on the jacket card. Try reseating the SPA and see if the issue is resolved. If not, please check with TAC. Recommended Action No action is required. Error Message %L2-JACKET-3-SPA_PIO_ERROR SPA subslot [dec]: had [chars] error when accessing address [hex] with fault code [dec] Explanation This is an error message indicating a Hardware access error for a SPA. If this is a recurrent message, it usually is due to faulty hardware, loose connection at the SPA connector on the jacket card. Try reseating the SPA and see if the issue is resolved. If not, please check with TAC. Recommended Action No action is required. Layer 2 Messages JACKET Messages EM-723 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-JACKET-3-SPA_SELF_DESTRUCT [chars] has requested to disable SPA [dec] due to spa bus error Explanation This is an error message indicating a Hardware access error for a SPA. If this is a recurrent message, it usually is due to faulty hardware, loose connection at the SPA connector on the jacket card. Try reseating the SPA and see if the issue is resolved. If not, please check with TAC. Recommended Action No action is required. Error Message %L2-JACKET-3-SPA_SELF_DESTRUCT [chars] has requested to disable SPA [dec] due to spa bus error Explanation This is an error message indicating a Hardware access error for a SPA. If this is a recurrent message, it usually is due to faulty hardware, loose connection at the SPA connector on the jacket card. Try reseating the SPA and see if the issue is resolved. If not, please check with TAC. Recommended Action No action is required. Error Message %L2-JACKET-6-EVENT_INFO SPA subslot [dec]: [chars] for [chars], driver [chars] Explanation This is an informational message in the jacket driver to indicate an operation. Recommended Action No action is required. Error Message %L2-JACKET-6-EVENT_INFO SPA subslot [dec]: [chars] for [chars], driver [chars] Explanation This is an informational message in the jacket driver to indicate an operation. Recommended Action No action is required. Error Message %L2-JACKET-6-INFO [chars]: [chars] Explanation This is an informational message in the jacket driver to indicate an operation. Recommended Action No action is required. Error Message %L2-JACKET-6-INFO [chars]: [chars] Explanation This is an informational message in the jacket driver to indicate an operation. Recommended Action No action is required. Layer 2 Messages JDAM Messages EM-724 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-JACKET-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the jacket driver to indicate anomolies which are not critical. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-JACKET-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the jacket driver to indicate anomolies which are not critical. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. JDAM Messages Error Message %L2-JDAM-3-FATAL_ERROR Fatal error: [chars]: [chars]: [dec] Explanation A fatal error occurred in JDAM Driver which involves exiting the PLIM process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-JDAM-6-INFO_MSG [chars] [chars] [dec] Explanation This is a Informational message in the JDAM driver to indicate an operation. Recommended Action No action is required. Layer 2 Messages L2C Messages EM-725 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-JDAM-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the JDAM driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. L2C Messages Error Message %L2-L2C-3-ERR_MISCONFIG Misconfiguration: Item [chars] on interface [chars] is incompatible with other configuration. The system may now be in an inconsistent state. Explanation The L2VPN Uberverifier has detected a misconfiguration. It was not detected in the verification phase, so the Uberverifier cannot correct this. Recommended Action The misconfiguration can be corrected by deleting all configuration from the specified interface and its subinterfaces, and then reapplying the configuration. If the problem persists, do the following: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2C-4-WARN_EVENT Event loop error: [chars] Explanation The L2VPN Uberverifier has encountered a problem in its event loop and cannot continue. In this situation it should restart. Recommended Action The L2VPN Uberverifier should recover on restart. If the problem persists, do the following: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages L2FIB_DEBUG Messages EM-726 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2C-4-WARN_INIT Failed to initialize [chars]: [chars] Explanation The L2VPN Uberverifier process failed to initialize correctly. In this situation it restarts, but may not recover if there is a persistant error in the IOS-XR system and the L2VPN Uberverifier is later unable to reestablish its connections and initialize successfully. Recommended Action The Uberverifier is not essential for system operation. However, if it is not running as intended, it may be possible for a misconfiguration to be allowed. If this persists, do the following: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. L2FIB_DEBUG Messages Error Message %L2-L2FIB_DEBUG-3-ERR [chars]: [chars] Explanation Some error occurred in operations related to Shared Memory area. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. L2FIB_LIB Messages Error Message %L2-L2FIB_LIB-2-OOR L2FIB has run out of [chars] resource memory. No more updates will be handled by the L2FIB. Please delete ACs to resume normal operation on this node Explanation The l2fib_mgr process on the node has detected an out of resource condition for the indicated resource. Normal operation cannot resume until routes are deleted. Recommended Action Run show l2vpn forwarding resource command and check which resource(s) are running low on memory. Significant ACs will have to be deleted on the affected node to resume normal l2fib operation. Layer 2 Messages L2FIB_LIB Messages EM-727 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2FIB_LIB-3-ERR [chars] Explanation Some error occurred in operations related to L2FIB API area. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB_LIB-3-SHM_ERR [chars] failed: [chars] Explanation Some error occurred in operations related to Shared Memory area. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB_LIB-4-RSRC_LOW L2FIB running low on [chars] resource memory. L2FIB will now begin resource constrained forwarding. Only route deletes will be handled in this state, which may result in mismatch between L2VPN mgr/AIB/L2FIB and L2FIB. Traffic loss on certain ACs can be expected. The L2FIB will automatically resume normal operation, once the resource utilization returns to normal level Explanation The l2fib_mgr process has detected that average utilization for specified resource has risen above a predefined high watermark value, and has entered resource contrained forwarding mode. In this mode, the l2fib will only handle route deletes which may potentially freeup some memory. Due to this operational mode, the L2VPN mgr/AIB/L2FIB and L2FIB will be out of sync. Once ACs are deleted and resource utilization level drops to acceptable levels again, l2fib will come out of this operational mode and resume normal operation. Recommended Action Run show l2vpn forwarding resource command and check which resource(s) are running low on memory. Any action that reduces number of ACs will eventually result in the l2fib returning to normal operation after few seconds.Layer 2 Messages L2FIB_SHM Messages EM-728 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 L2FIB_SHM Messages Error Message %L2-L2FIB_SHM-2-INIT L2FIB initialization failed: [chars] Explanation Initialization of L2FIB failed. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB_SHM-3-ERR [chars] failed: [chars] Explanation Some error occurred in operations related to Shared Memory area. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. L2FIB Messages Error Message %L2-L2FIB-2-INIT L2FIB initialization failure: [chars] [chars] Explanation L2FIB initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB-2-INVALID_MSG L2FIB thread [chars] received an invalid message: [chars] [unsigned int] Explanation L2FIB thread got an invalid message so it is exiting Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages L2FIB Messages EM-729 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2FIB-2-SHM_INIT L2FIB shared memory initialization failed: [chars] Explanation Initialization of L2FIB failed. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB-3-SHM_ERR [chars] failed: [chars] Explanation Some error occurred in operations related to Shared Memory area. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB-3-WAVL_ERR [chars] failed (tree equals [chars]) Explanation Some error occurred in WAVL operations The text of the message displays the failed operation and the related wavl tree. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB-6-GEN_INFO_CERR [chars]: [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2FIB-6-GEN_INFO_ERR [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages L2TP Messages EM-730 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2FIB-6-XC_MOD XC/BP delete-and-create: [chars] Explanation The L2VPN provision message is handled by deleting old XC/BP, and creating a new one. Recommended Action None. L2TP Messages Error Message %L2-L2TP-2-INIT L2TP initialization failure: [chars] [chars] Explanation L2TP initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2TP-3-GEN_ERR L2TP internal error: [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2TP-3-IPC_ERR L2TP IPC transport error: [chars] [chars] Explanation An IPC transport software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages L2VPN_DEBUG Messages EM-731 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 L2VPN_DEBUG Messages Error Message %L2-L2VPN_DEBUG-3-ERR [chars]: [chars] Explanation Debug and ltrace library initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. L2VPN_PW Messages Error Message %L2-L2VPN_PW-3-SANITY_ERROR Pseudowire Sanity check failed Explanation This is a fatal software error. It is probably a bug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2VPN_PW-3-UPDOWN Pseudowire with address [chars], id [unsigned long int], state is [chars] Explanation The L2VPN Pseudowire went up or down Recommended Action If the state change was unexpected, confirm the configuration settings for the cross-connect. L2VPN Messages Error Message %L2-L2VPN-2-CRIT_MEM_SHUT [chars] process shutting down due to ’Critical’ memory state. Explanation The system has notified a process that it is critically short of memory and the process is shutting down. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages L2VPN Messages EM-732 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2VPN-3-BAG_REG_ERR bag(s) registration failed: [chars] Explanation Some error occured while trying to register edm bags. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2VPN-3-EVENT_ERR [chars] failed: [chars] Explanation Some error occured in event/event manager/event connection operations. The text of the message displays the failed operation with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2VPN-3-GEN_ERR [chars] failed: [chars] Explanation Some requested operation failed. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2VPN-3-INTERNAL_ERROR L2VPN sanity check failed for Pseudowire ID [chars] pw-id [unsigned long int]: [chars]. Limit is [dec] Explanation An internal error has been encountered and the Pseudowire cannot be established. Recommended Action Please provide the exact error message seen on the console, collect a core dump of the running l2vpn_mgr process, and the show tech-support l2vpn output for further analysis of the error condition and potential recovery Layer 2 Messages L2VPN Messages EM-733 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2VPN-3-SYSDB_BIND_ERR sysdb_bind failed for ’[chars]’: [chars] Explanation Some error occured in sysdb bind operation bind. The text of the message displays the failed operation for the bindpoint with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2VPN-3-SYSDB_ERR [chars] failed: [chars] Explanation Some error occured in sysdb operation. The text of the message displays the failed operation with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-L2VPN-4-BRIDGE_MTU_MISMATCH [chars] mtu of [dec] does not match bridge mtu of [dec] Explanation The interface MTU does not match the bridge payload MTU. Recommended Action Configure the bridge to match the interface MTU. Error Message %L2-L2VPN-4-ENCAP_REMOVED_PW Pseudowire encapsulation is deleted, pseudowire attached with pw-class ’[chars]’ will become unresolved Explanation Encapsulation in the pw-class is deleted, all pseudowires attached with this pw-class will be unresolved as encapsulation type become not specified. Recommended Action Config the psedowire encapsulation in the pw-class and re-attach the pw-class to the pseudowires. Error Message %L2-L2VPN-4-MAC_LIMIT_AC_SHUT Number of MAC addresses in AC ’[chars]’ has reached the configured MAC limit maximum and hence it has been shutdown Explanation Number of MAC addresses in the attachment circuit has reached the configured maximum. Since ’shut’ action has been configured for MAC limit event on the port, it has been shut down. Recommended Action Manual intervention is required to bring the port up again. Please use ’clear l2vpn bridge-domain’ command to bring the port up. Layer 2 Messages L2VPN Messages EM-734 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2VPN-4-MAC_LIMIT_BD_SHUT Number of MAC addresses in bridge-domain ’[chars]’ has reached the configured MAC limit maximum and hence it has been shutdown Explanation Number of MAC addresses in the bridge-domain has reached the configured maximum. Since ’shut’ action has been configured for MAC limit event on the bridge-domain, it has been shut down. All the ports under the bridge too are automatically shutdown. Recommended Action Manual intervention is required to bring the port up again. Please use ’clear l2vpn bridge-domain’ command to bring the bridge-domain up. Error Message %L2-L2VPN-4-MAC_LIMIT_PW_SHUT Number of MAC addresses in PW ’[chars], [unsigned long int]’ has reached the configured MAC limit maximum and hence it has been shutdown Explanation Number of MAC addresses in the pseudowire has reached the configured maximum. Since ’shut’ action has been configured for MAC limit event on the port, it has been shut down. Recommended Action Manual intervention is required to bring the port up again. Please use ’clear l2vpn bridge-domain’ command to bring the port up. Error Message %L2-L2VPN-4-PROVISIONING_WARNING L2VPN sanity check failed for Attachment Circuit on node [chars]: [chars]. Limit is [dec] Explanation An internal error has been encountered and the Attachment Circuit cannot be established. Recommended Action Verify that the number of Attachment Circuits (AC) on the router does not exceed the L2VPN scaling capability for that line card. It may get resolved by removing the configuration for the ACs that are in UR or DN state including the ones identified in this message. Then re-configure the required ACs without exceeding the node limit. Error Message %L2-L2VPN-5-NO_LICENSE L2VPN AC manager could not get a license for node [chars], [chars] Explanation License is required for L2VPN feature to work, but AC manager could not get a license for the node from License manager. Recommended Action Install license for the feature. Error Message %L2-L2VPN-6-BRIDGE_MTU_MISMATCH_CLEAR [chars] mtu of [dec] now matches bridge mtu Explanation The interface MTU now matches the bridge payload MTU. Recommended Action No particular action is required. Layer 2 Messages L2VPN Messages EM-735 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2VPN-6-ENCAP_REMOVED_PW_CLEAR Unresolved pseudowire encapsulation has been resolved for pw-class ’[chars]’ Explanation Encapsulation in the pw-class is set, all pseudowires attached to this pw-class should be out of the unresolved state. Recommended Action No particular action is required. Error Message %L2-L2VPN-6-MAC_LIMIT_AC_CLEAR Number of MAC addresses in AC ’[chars]’ has gone below 75 percent of the configured MAC limit maximum, [chars] Explanation Number of MAC addresses in the attachment circuit has gone below 75% of the configured maximum. If MAC learning or/and unicast flooding was disabled on the port due to MAC limit action, then it would get re-enabled automatically. Recommended Action No particular action is required. Error Message %L2-L2VPN-6-MAC_LIMIT_AC_SET Number of MAC addresses in AC ’[chars]’ has reached the configured MAC limit maximum, [chars] Explanation Number of MAC addresses in the attachment circuit has reached the configured maximum. If MAC limit action to disable MAC learning and unicast flooding has been configured on the port, then that particular action might have been taken automatically. Recommended Action No particular action is required. Error Message %L2-L2VPN-6-MAC_LIMIT_BD_CLEAR Number of MAC addresses in bridge-domain ’[chars]’ has gone below 75 percent of the configured MAC limit maximum, [chars] Explanation Number of MAC addresses in the attachment circuit has gone below 75% of the configured maximum. If MAC learning or/and unicast flooding was disabled on the bridge-domain due to MAC limit action, then it would get re-enabled automatically. Recommended Action No particular action is required. Error Message %L2-L2VPN-6-MAC_LIMIT_BD_SET Number of MAC addresses in bridge-domain ’[chars]’ has reached the configured MAC limit maximum, [chars] Explanation Number of MAC addresses in the bridge-domain has reached the configured maximum. If MAC limit action to disable MAC learning and unicast flooding has been configured on the port, then that particular action might have been taken automatically. Recommended Action No particular action is required. Layer 2 Messages LACP_LITE Messages EM-736 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-L2VPN-6-MAC_LIMIT_PW_CLEAR Number of MAC addresses in PW ’[chars], [unsigned long int]’ has gone below 75 percent of the configured MAC limit maximum, [chars] Explanation Number of MAC addresses in the pseudowire has gone below 75% of the configured maximum. If MAC learning or/and unicast flooding was disabled on the port due to MAC limit action, then it would get re-enabled automatically. Recommended Action No particular action is required. Error Message %L2-L2VPN-6-MAC_LIMIT_PW_SET Number of MAC addresses in PW ’[chars], [unsigned long int]’ has reached the configured MAC limit maximum, [chars] Explanation Number of MAC addresses in the pseudowire has reached the configured maximum. If MAC limit action to disable MAC learning and unicast flooding has been configured on the port, then that particular action might have been taken automatically. Recommended Action No particular action is required. LACP_LITE Messages Error Message %L2-LACP_LITE-3-ERR_LL_DLL_ASYNC_SEND_FAIL Send async pulse to lacp lite process fails; Error [chars] Explanation Attempt to send pulse to LACP lite process fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LACP_LITE-3-ERR_LL_DLL_CHAN_CONNECT_FAIL Cannot connect to lacp lite process; Error [chars] Explanation Attempt to connect to LACP lite process channel fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages LACP_LITE Messages EM-737 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LACP_LITE-3-ERR_SHMEM_MMAP_FAIL Cannot mmap file [chars]; Error [chars] Explanation Attempt to mmap the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LACP_LITE-3-ERR_SHMEM_OPEN_FAIL Cannot open shmem file [chars]; Error [chars] Explanation Attempt to open the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LACP_LITE-3-ERR_SHMEM_TRNC_FAIL Cannot truncate file [chars] to [dec] bytes; Error [chars] Explanation Attempt to truncate the shared memory file fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LACP_LITE-3-ERR_SHMEM_UNAVAILABLE LACP lite SHMEM can accommodate only [dec] records (request for [dec] records) Explanation BM-Local has requested transfer of more interface records than shared memory can accommodate Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages LC Messages EM-738 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LACP_LITE-3-ERR_UNSUPPORTED_FLAG LACP lite API is called with unsupportd flag (request for [dec]) Explanation BM-Local has called LACP lite API with unsupported flag Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. LC Messages Error Message %L2-LC-0-TESTEMERG [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger. Error Message %L2-LC-1-TESTALERT [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger. Error Message %L2-LC-2-TESTCRIT [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger. Error Message %L2-LC-3-BMA_CHKPT Call to [chars] failed, chkpt_status equals [hex] Explanation The library call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages LC Messages EM-739 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-BMA_CHKPT_NOINIT Error initializing checkpointing table. Explanation The driver was not able to initialize a table to store checkpointed data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LC-3-BMA_CHKPT_NORESTORE The driver was not able to restore ’[chars]’ from checkpointed data. Explanation No checkpointing record was found in the table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LC-3-BMA_CHKPT_NOSAVE The driver was not able to save ’[chars]’ in checkpointed data. Explanation BMA buffer carve information could not be saved in the checkpoint record. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LC-3-BMA_CHKPT_RECOVERY_NODATA The driver is coming up in RECOVERY_MODE, but the checkpoint info does not exist. Explanation When a driver comes up in RECOVERY_MODE, checkpointing data should have already been saved to the checkpointing record by the previous life of the driver. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LC-3-BMA_DI_INVALID_MODE DI started the driver in an invalid mode: [hex] Explanation The Driver Infrastructure (DI) started the driver in an invalid or unsupported mode. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages LC Messages EM-740 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-BMA48ERR [chars] BMA error: stat_reg [hex] adr [hex] data [hex] qm [hex] plim [hex] l3 [hex] ms [hex] sdram [hex] Explanation There is an error in the BMA (reg. information). Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMA48ERRS [chars] BMA48 [chars] error [hex] Explanation There is an error in the BMA48. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMA48FIM [chars] BMA48 [chars] error fim_cf_status [hex]; fim_df0: adr [hex] data [hex]; fim_df1: adr [hex] data [hex]; fim_df2: adr [hex] data [hex]; fim_df3: adr [hex] data [hex] Explanation There is an error in the BMA. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMABUFF [chars] BMA has [unsigned int] buffers in queue [unsigned int] when maximum of [unsigned int] are allowed Explanation Number of buffers in one of the BMA queues has overflowed. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMACMDFTCH Problem in BMA command fetching, status equals [dec] [chars] BMA Explanation The BMA encountered problems while trying to fetch the given command. If appears more than once we may have a HW problem. The GRP should recognize a lost of communication with the LC and reload it. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Layer 2 Messages LC Messages EM-741 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-BMACMDLOST [chars] BMA has lost a command Explanation The given BMA has lost a command. If appears more than once we may have a HW problem. The GRP should recognize a lost of communication with the LC and reload it. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-BMACMDRPLY Problem in BMA reply to command type [dec] [chars] BMA sequence no equals [dec] Explanation There was a problem in the reply to the given BMA command. If appears more than once we may have a HW problem. The GRP should recognize a lost of communication with the LC and reload it. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMAERR [chars] error: msstat [hex] dma0 [hex] dma1 [hex] dma2 [hex] qm [hex] plim [hex] fia [hex] l3 [hex] ms [hex] sdram [hex] Explanation There is an error in the BMA (reg. information). Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMAERRS [chars] [chars] error [hex] Explanation There is an error in the BMA. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMAERRSS [chars] [chars] error [hex] [chars] [hex] Explanation There is an error in the BMA. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Layer 2 Messages LC Messages EM-742 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-BMAMEM [chars] SDRAM data error [hex] in address [hex] Explanation Packet memory parity error. Each bit (0-15) set in data error word represents a parity error in one byte of the errored location in memory. Bits 16 and 17 of data error word, if either is set, indicate the error happened during CPU access to the packet memory, otherwise it is during normal operation. Address represents the offset of the memory location being accessed from the beginning of packet memory on the side mentioned (to or from fabric.) This error indicates a possibly temporary problem in either the packet memory device or the BMA. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-LC-3-BMASDRAM_BADCAS_LATENCY [chars] DIMMs do not support CAS latency needed. got [hex] Explanation SDRAM DIMM modules installed in BMA SDRAM DIMM sockets do not support CAS latency needed. CAS latency is specified in the DIMM EEPROM as a number. When converted to a binary number, each bit corresponds to one CAS latency. Bit 2 must be set to 1, indicating that a CAS latency of 3 is supported. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMASDRAM_BADSIZE [chars] DIMMs are of unsupported size. Read this: rows [dec], cols [dec], DIMM banks [dec], SDRAM Device banks [dec] Explanation SDRAM DIMM modules installed in BMA SDRAM DIMM sockets are of unsupported size. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMASDRAM_BADWIDTH [chars] DIMMs have unsupported data width, expected [dec], got [dec] Explanation SDRAM DIMM modules installed in BMA SDRAM DIMM sockets have unsupported data width. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Layer 2 Messages LC Messages EM-743 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-BMASDRAM_NOTMATCH [chars] SDRAM DIMMs do not match Explanation SDRAM DIMM modules installed in to Fabric or from Fabric BMA DIMM0 and DIMM1 sockets do not match. While the DIMMs on one side (to Fabric) could be different from the DIMMs on the other side (from Fabric), the two DIMMs on the same side have to be identical. Also, all four DIMMs need to be mounted and making proper contact. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMAUCODE_GET [chars] BMA: feature [chars], line card type [chars], could not get [chars] BMA microcode Explanation For the BMA microcode download command, failed to get the given BMA microcode bundled in the image. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMAUCODE_LCTYPE [chars] BMA: feature [chars], specified linecard type(s) ([hex]) ! equals current ([hex]) Explanation For the BMA microcode download command, there was a mismatch between what was specified in the BMA microcode file and the current type of line card Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-BMAUCODE_NULL Null downloaded BMA microcode Explanation For the BMA microcode download command, failed to get the given BMA microcode bundled in the image because it is null. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-CARVE_BUFHDRS [chars] BMA: out of SDRAM buffer headers Explanation Ran out of available SDRAM buffer headers while attempting to carve buffers. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Layer 2 Messages LC Messages EM-744 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-CARVE_BUFSIZE [chars] BMA: illegal specified/real SDRAM buffer size(s) equals ([unsigned long int],[unsigned long int]). Range equals ([dec],[dec]) Explanation The calculated SDRAM buffer size (in bytes and including header and data portions), is not within the given range. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-CARVE_EXBUFS [chars] BMA: [unsigned int] SDRAM buffers max ([unsigned int]) Explanation The maximum number of SDRAM buffer headers is limited to a maximum number which has been exceeded. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-CARVE_EXFREEQS [chars] BMA: [unsigned int] free queues max ([unsigned int]) Explanation Number of free queues allowed for SDRAM buffer carving has been exceeded. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-CARVE_EXPCT [chars] BMA: [unsigned int] sum SDRAM buffer percentages 100 Explanation The sum of percentages per SDRAM buffer size has exceeded 100. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-CARVE_EXSDRAM [chars] BMA: used SDRAM ([unsigned long long int] bytes) available for carve ([unsigned long int] bytes) Explanation The calculated sum of SDRAM to be carved is larger than the available SDRAM for carving. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Layer 2 Messages LC Messages EM-745 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-CARVE_NOFREEQS [chars] BMA: no more free queues Explanation There are no more available free queues which can be used for SDRAM buffer carve. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-CARVE_PARMS [chars] BMA: equals 1 SDRAM bufmem parameters equals equals 0 Explanation This is an internal parameter error with one or more SDRAM buffer memory parameters: maximum buffer header count or SDRAM sizes (total, not available for carve, and available for carve Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-CARVE_QELEM [chars] BMA: [unsigned int] Queue Manager SRAM elements max ([unsigned int]) Explanation Ran out of Queue Manager elements, which are used for SDRAM buffer carving. This could be a cause of SDRAM buffer carve failure. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-CARVE_QMREAD BMA address [hex]: Queue Manager SRAM [hex], read error(s) Explanation This happened during Queue Manager SRAM initialization. Reading one or more zeroed Queue Manager SRAM locations gave a non-zero result. Possible errors are in head, tail, length, length threshold, buffer address, next queue element, or scratch RAM locations. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-DOWNREV BMA is an old version. Explanation The system software detected an old version of the BMA. Recommended Action Call your technical support for an upgraded verion. Layer 2 Messages LC Messages EM-746 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-IICDEV_NOTACKADDR IIC Device [dec] failed to ack address Explanation BMA SDRAM DIMM failed to acknowledge address. This is an SDRAM IIC bus protocol error. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-IICDEV_NOTACKREAD IIC Device [dec] failed to ack read command Explanation BMA SDRAM DIMM failed to acknowledge read command. This is an SDRAM IIC bus protocol error. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-IICDEV_NOTRESPOND IIC Device [dec] does not respond, perhaps absent Explanation BMA SDRAM DIMM does not respond, perhaps absent. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-INIT_CARD_TYPE Unknown card type ([hex]) Explanation A card was either manufactured improperly, has failed, or is newer than the software Recommended Action Replace the card or upgrade the software Error Message %L2-LC-3-INIT_MEM Memory failure, addr [hex], read [hex]%08x, not [hex]%08x Explanation Initialization of the memory address failed. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-INIT_READ Error reading memory at [hex] Explanation Failed to read the given memory location. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Layer 2 Messages LC Messages EM-747 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-INIT_RESET Failed to take line card out of reset Explanation Initialization of the line card IO registers failed. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-INIT_ZERO No bytes to write to location [hex] Explanation No bytes were written to the given location. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-INVQ Invalid local output queue: [hex] [hex] [hex] [hex] [hex] [hex] Explanation The above packet was routed to an invalid queue. The data shown s the packet header. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-L3FEERR L3FE error: rxbma [hex] addr [hex] txbma [hex] addr [hex] dram [hex] addr [hex] io [hex] addr [hex] Explanation There was an error in the line card’s L3FE ASIC (reg. information). Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-L3FEERRS L3FE [chars] error [hex] address [hex] Explanation There was an error in the line card’s L3FE ASIC. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Layer 2 Messages LC Messages EM-748 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-LC_CODE_DLD_ALLOC Failed buffer allocation for code download Explanation Could not allocate a data buffer to contain contents of the given linecard downloaded file. There may be insufficient DRAM. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-LC_CODE_DLD_CHKSUM code download IPC data checksum error Explanation For the GLC code download command, failed the checksum verification. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-LC_CODE_PROG no downloaded code to program Explanation For the GLC code program command, no downloaded code to program. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-LOOKUP_ERROR Hardware assist lookup error [hex] in memory encountered Explanation Memory corruption detected. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-MACSTR Adj/midb ([chars]) has incorrect high word ([hex]) in its mac string Explanation The line card CEF/MDS received an adjacency/midb with the incorrect mac rewrite string. Packets forwarded to that adjacency/midb will be dropped. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Layer 2 Messages LC Messages EM-749 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-3-OUTINFO Adj/midb([chars]): incorrect output_info equals [hex] maclen equals [dec] Explanation The line card CEF/MDS received an adjacency/midb with the incorrect output_info field. Packets forwarded to that adjacency/midb will be dropped. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-3-PARITYERRTTM48 Parity error in memory encountered Explanation One bit memory corruption detected. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-SELECTOR [dec]: unknown BMA selector value Explanation An unknown BMA selector value was encountered. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative Error Message %L2-LC-3-TESTERR [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger. Error Message %L2-LC-4-CARVE_JVMASK [chars] BMA: suspect return value [dec] on quiesce-for-carve Explanation The BMA quiesce-for-carve algorithm retrieved a bad jump vector mask return value. This could indicate an error in the quiesce. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Layer 2 Messages LC Messages EM-750 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-LC-4-CARVE_TIME [chars] BMA: quiesce-for-carve exceeded timeout ([dec] ms) in [chars] loop, [dec] times Explanation The BMA quiesce-for-carve algorithm waits an allotted time for line card queues to flush. One or more waits exceeded this allotted time. These queues are specific to the line card’s ASICs. This error message might not actually indicate an error - the allotted time might not be sufficient and should be increased. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %L2-LC-4-TESTWARNING [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger. Error Message %L2-LC-5-TESTNOTICE [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger. Error Message %L2-LC-6-TESTINFO [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger. Error Message %L2-LC-7-TESTDEBUG [chars] Explanation Test message for software test. Recommended Action Stop typing LC test logger.Layer 2 Messages MARVEL Messages EM-751 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MARVEL Messages Error Message %L2-MARVEL-3-CHAN_CREATE Failed to create channel : [chars] Explanation Failed to create marvel-test (driver) channel using event_manager_create. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MARVEL-3-DEBUG_INIT Debug initialization failed Explanation Initialization of the debug event failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MARVEL-3-DEBUG_REG Debug registration failed : [chars] Explanation debug_register() call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MARVEL-3-EVENT_MGR_FAIL [chars] : [chars] Explanation Generic failure of any event manager API. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MARVEL-3-MMAP Failed to map device address : [chars] Explanation mmap() system call failed to map the device physical address. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MARVEL Messages EM-752 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MARVEL-3-MSG_REPLY Failed to send reply message : [chars] Explanation This error is reported when msg_reply() (LWM call) fails. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MARVEL-3-NOMEM Failed to allocate memory Explanation This error is reported when malloc()/calloc() type system call fails. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MARVEL-3-OPEN Failed to open file [chars] : [chars] Explanation This error is generated when the open() system call fails. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MARVEL-6-RX_ASYNC_MSG Invalid asynchronous message received. Explanation This error is generated when an invalid asynchronous message is received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages METRO_STATS_API Messages EM-753 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 METRO_STATS_API Messages Error Message %L2-METRO_STATS_API-7-DEBUG_MSG Debug Msg : [chars]: [chars] Explanation This is a debug message in the Hardware Stats Manager Library to indicate anomalies. In most cases these messages will stop once the temporary condition is resolved. Examples of when this error occurs are: 1. The client connection handle received is NULL 2. The arguments to the bind message are incorrect 3. Unable to bind to the hardware IPC driver 4. Error while trying to initialize debug event. 5. Not enough memory to bind to the client Recommended Action No action is required. These are Debug messages. An error was returned by Stats Manager APIs to applications. Applications receiving this error will report the error. Error Message %L2-METRO_STATS_API-7-DEBUG_MSG Debug Msg : [chars]: [chars] Explanation This is a debug message in the Hardware Stats Manager Library to indicate anomalies. In most cases these messages will stop once the temporary condition is resolved. Examples of when this error occurs are: 1. The client connection handle received is NULL 2. The arguments to the bind message are incorrect 3. Unable to bind to the hardware IPC driver 4. Error while trying to initialize debug event. 5. Not enough memory to bind to the client Recommended Action No action is required. These are Debug messages. An error was returned by Stats Manager APIs to applications. Applications receiving this error will report the error. Error Message %L2-METRO_STATS_API-7-ERR_DLL_INIT DLL INIT : [chars]: [chars] Explanation This error indicates that there was an error while initializing the stats dll. Recommended Action No action is required. The process is restarted automatically. Error Message %L2-METRO_STATS_API-7-ERR_DLL_INIT DLL INIT : [chars]: [chars] Explanation This error indicates that there was an error while initializing the stats dll. Recommended Action No action is required. The process is restarted automatically. Layer 2 Messages METRO_STATS Messages EM-754 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-METRO_STATS_API-7-ERR_THREAD Locking issues: [chars]: [chars] Explanation This error indicates that the Hardware Stats Manager Library is unable to initialize/destroy locking for client’s attributes and tables. Recommended Action An error was returned by Stats Manager APIs to applications. Applications receiving this error will report it. Take recommended actions specified in the application’s error message. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-METRO_STATS_API-7-ERR_THREAD Locking issues: [chars]: [chars] Explanation This error indicates that the Hardware Stats Manager Library is unable to initialize/destroy locking for client’s attributes and tables. Recommended Action An error was returned by Stats Manager APIs to applications. Applications receiving this error will report it. Take recommended actions specified in the application’s error message. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-METRO_STATS_API-7-RESERVE_LMT_MSG Stats Counters Exhausted Msg : [chars] [dec] [chars] [dec] [chars] [chars] Explanation This is a debug message in the Hardware Stats Manager Library to indicate the stats reserve limit is reached. In most cases these messages will stop once the temporary condition is resolved. Examples of when this error occurs are: 1. The client tries more counters than that are free for that type Recommended Action No action is required. These are Debug messages. An error was returned by Stats Manager APIs to applications. Applications receiving this error will report the error. METRO_STATS Messages Error Message %L2-METRO_STATS-7-ERR_INIT [chars]: [chars] Explanation These errors are encountered at mstats process initialization time. The types of errors are: 1 Unable to determine hardware version. 2 Unable to create event manager. This will prevent stats process from receiving events. 3 Unable to create timer. 4 Unable to initialize client database. This will result in clients not being able to register with stats server to collect stats. 5 Unable to allocate Ingress/Egress stats. This will result in Stats manager not being able to maintain/update any hardware stats. 6 Unable to register with debug. This will prevent stats process from logging debug Layer 2 Messages METRO_STATS Messages EM-755 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 messages. 7 Unable to initialize or register with checkpoint service. This will prevent stats manager from restoring the information required at restart. 8 Unable to connect with SYSDB. This includes failure to connect, bind, register with SYSDB. 9 Unable to Initialize hardware packet service. Recommended Action No action is required. Process will be restarted. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-METRO_STATS-7-ERR_INIT [chars]: [chars] Explanation These errors are encountered at mstats process initialization time. The types of errors are: 1 Unable to determine hardware version. 2 Unable to create event manager. This will prevent stats process from receiving events. 3 Unable to create timer. 4 Unable to initialize client database. This will result in clients not being able to register with stats server to collect stats. 5 Unable to allocate Ingress/Egress stats. This will result in Stats manager not being able to maintain/update any hardware stats. 6 Unable to register with debug. This will prevent stats process from logging debug messages. 7 Unable to initialize or register with checkpoint service. This will prevent stats manager from restoring the information required at restart. 8 Unable to connect with SYSDB. This includes failure to connect, bind, register with SYSDB. 9 Unable to Initialize hardware packet service. Recommended Action No action is required. Process will be restarted. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-METRO_STATS-7-ERR_MEM Memory error: [chars]: [chars] Explanation An error occurred in Hardware Stats Manager during shared memory operations. This may be because the system is running low on memory. The types of errors are: 1 Cannot open/reset/close shared memory window 2 Cannot allocate/free shared memory. This will cause Stats Server to not be able to have a shadow copy of stats for all clients. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-METRO_STATS-7-ERR_MEM Memory error: [chars]: [chars] Explanation An error occurred in Hardware Stats Manager during shared memory operations. This may be because the system is running low on memory. The types of errors are: 1 Cannot open/reset/close shared memory window 2 Cannot allocate/free shared memory. This will cause Stats Server to not be able to have a shadow copy of stats for all clients. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Layer 2 Messages METRO_UIDB Messages EM-756 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 METRO_UIDB Messages Error Message %L2-METRO_UIDB-7-ERR_INIT [chars] failed due to [chars] Explanation Initialization of uidb_svr process has failed due to one of the following reasons: 1) Failed to create server context. 2) Failed to get schedular parameters. 3) Failed to initialize event manager. This would prevent process from receiving events. 4) Failed to register with debug. This would prevent process from logging debug messages. 5) Failed to bind UIDB server with MIPC server. This is needed to program features in hardware. 6) Failed to connect to PLIM asic processes. This is needed to program features in hardware. 7) Failed to initialize checkpoint. This is needed to checkpoint UIDB data to restore on process restart. 8) Failed to allocate, initialize and checkpoint shadow memory. This is needed to store and restore UIDB internal data. 9) Failed to get metro asic version. 10) Failed to attach event handlers needed to handle LWM messages. This is needed to enable/disable various features in hardware. 11) Various Sysdb or EDM failures 12) event_block failed. This indicates process has encountered unexpected error while waiting for events. Recommended Action No action is required. Process will be restarted. If not recovered, it’s a fatal condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-METRO_UIDB-7-ERR_INIT [chars] failed due to [chars] Explanation Initialization of uidb_svr process has failed due to one of the following reasons: 1) Failed to create server context. 2) Failed to get schedular parameters. 3) Failed to initialize event manager. This would prevent process from receiving events. 4) Failed to register with debug. This would prevent process from logging debug messages. 5) Failed to bind UIDB server with MIPC server. This is needed to program features in hardware. 6) Failed to connect to PLIM asic processes. This is needed to program features in hardware. 7) Failed to initialize checkpoint. This is needed to checkpoint UIDB data to restore on process restart. 8) Failed to allocate, initialize and checkpoint shadow memory. This is needed to store and restore UIDB internal data. 9) Failed to get metro asic version. 10) Failed to attach event handlers needed to handle LWM messages. This is needed to enable/disable various features in hardware. 11) Various Sysdb or EDM failures 12) event_block failed. This indicates process has encountered unexpected error while waiting for events. Recommended Action No action is required. Process will be restarted. If not recovered, it’s a fatal condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Layer 2 Messages MFR_EA_LTRACE_DLL Messages EM-757 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MFR_EA_LTRACE_DLL Messages Error Message %L2-MFR_EA_LTRACE_DLL-3-OPER_FAIL ltrace dll : [chars] Explanation MFR EA ltrace dll operation failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MFR_EA_LTRACE Messages Error Message %L2-MFR_EA_LTRACE-3-ERROR_INIT_FAIL ltrace initialization operation failed for error traces: [chars] Explanation The MFR EA ltrace lib failed to initialize the error ltrace Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA_LTRACE-3-EVENT_INIT_FAIL ltrace initialization operation failed for events: [chars] Explanation The MFR EA ltrace lib failed to initialize the events ltrace Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA_LTRACE-3-INTERNAL_INIT_FAIL ltrace initialization operation failed for internal traces: [chars] Explanation The MFR EA ltrace lib failed to initialize the internal ltrace Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages MFR_EA Messages EM-758 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MFR_EA Messages Error Message %L2-MFR_EA-2-DPC_CALL_FAILED MFR EA failed handling a DPC [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-2-INTERNAL_ERR [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-AIB_INIT_FAILED Failed during AIB initialization, err: [chars] Explanation The MFR EA process initialization failed whilst trying to connect to AIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-INTERFACE_OPERATION_FAILED Interface [chars] operation failed for index [dec] Explanation The MFR EA process failed whilst trying to change interface state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-MALLOC Memory allocation failed: [chars] Explanation A call to malloc failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MFR_EA Messages EM-759 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MFR_EA-3-MEMBER_AIB_REMOVE_FAILED Failed during AIB remove, err: [chars] Explanation The MFR EA process failed whilst trying to remove entry from AIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-MEMBER_AIB_SET_FAILED Failed during AIB set , err: [chars] Explanation The MFR EA process failed whilst trying to insert entry to AIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-MEMBER_CAPS_ADD_FAILED Failed during caps set, err: [chars] Explanation The MFR EA process failed whilst trying to set caps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-MEMBER_CAPS_REMOVE_FAILED Failed during caps remove, err: [chars] Explanation The MFR EA process failed whilst trying to remove caps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-MEMBER_ENCAP_REMOVE_FAILED Failed during encaps remove, err: [chars] Explanation The MFR EA process failed whilst trying to remove encaps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MFR_EA Messages EM-760 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MFR_EA-3-MEMBER_ENCAP_SET_FAILED Failed during encaps set, err: [chars] Explanation The MFR EA process failed whilst trying to set encaps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-MEMBER_INFO_COLLECT_FAILED Failed to collect member link inforamtion, err: [chars] Explanation The MFR EA process failed whilst trying to collect member link info. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-NO_STATS Failed to initialize MFR interface stats collection, err: [chars] Explanation The MFR EA interface stats collection initialization failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_EA-3-STATE_CHANGE_FAILED Failed during interface state change, err: [chars] Explanation The MFR EA process failed whilst trying to change interface state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages MFR_MA Messages EM-761 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MFR_MA Messages Error Message %L2-MFR_MA-2-FAIL MFR MA failed to [chars]. Thread id is [dec]. [chars] Explanation During process start up an unrecoverable error occurred. The component will exit and should be restarted by the System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-3-DPC_ERROR [chars] [hex] [chars] Explanation An error occurred during an operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-3-ENCAP Unable to process mfr encapsulation request Explanation An error occurred processing a request to set mfr encapsulation on an interface. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-3-ERR_MEMBER_ADD Cannot add [chars] to bundle with nodeid [hex] and group [dec] Explanation Could not find the bundle interface with the nodeid and group. Hence cannot add the member interface to bundle. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MFR_MA Messages EM-762 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MFR_MA-3-ERR_MUTEX_LOCK Mutex lock failed. [chars] Explanation Locking the mutex governing the access to MFR MA IDB database failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-3-ERR_PULSE Received unexpected Async Event [hex] for ifhandle [hex] Explanation IPC thread received an async event pulse for which there is no handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-3-ERROR [chars] [chars] Explanation An error occurred during an operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-3-MALLOC Memory allocation failed: [chars] Explanation A call to malloc failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-3-RECVFROM An error occurred receiving a packet: [chars] Explanation The socket call recvfrom returned an error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MFR_MA Messages EM-763 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MFR_MA-3-THREAD_ERROR [chars] . Thread id is [dec]. [chars] Explanation An error occurred during an operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-4-ERR_CHKPT Unexpected error encountered whilst [chars]: [chars] Explanation MFR MA encountered an error using the Checkpoint Service. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-MFR_MA-4-ERR_CHKPT_CORRUPT Corrupt [chars] checkpoint record found: [chars] Explanation Whilst restoring one of its checkpoint tables MFR MA found a corrupt checkpoint entry. The entry will be ignored and so the relevant interface’s MFR session will be renegotiated after the restart and as a result there may be a short period where traffic is lost. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-MFR_MA-4-ERR_CHKPT_DUPLICATE Duplicate [chars] checkpoint record found for [chars] Explanation Whilst restoring one of its checkpoint tables MFR MA found multiple entries for the same interface. MFR MA will use the first checkpoint entry it finds for each interface and ignore any subsequent duplicates. This is caused by a programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Layer 2 Messages MFR_MA Messages EM-764 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MFR_MA-4-ERR_EVC_ERROR Error resetting ’[chars]’ connection: [chars] Explanation After detecting an error with the connection to the specified service, MFR MA failed to reset that connection. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MFR_MA-4-ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-MFR_MA-4-ERR_MGD_TIMER Unexpected error encountered whilst [chars]: [chars] Explanation MFR MA encountered an unexpected error using the Managed Timer library. This is most likely due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the MFR MA process. *RECUR*. Error Message %L2-MFR_MA-4-ERR_THREAD_CREATE Failed to create ’[chars]’ thread: [chars] Explanation MFR MA encountered an unexpected error creating a new thread. The process will restart to attempt to recover. This is possibly due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-MFR_MA-6-SENDTO Packet send attempt timed out: [chars] Explanation The socket call to send a control packet timed out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages MICKEY Messages EM-765 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MICKEY Messages Error Message %L2-MICKEY-2-INTR Mickey Intr: [chars]: [dec]: [dec] Explanation A high severity error has interrupted the Mickey FPGA. This might result in the PLIM being reset. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MICKEY-3-SERDES_CTRL Mickey Serdes Ctrl: [chars]: [dec]: [dec]: [dec] Explanation This message indicates that the software tried to configure an unsupported loopback type. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MICKEY-5-UNKNOWN_INTR Mickey Intr: [chars]: [dec]: [dec] Explanation This message indicates the Mickey FPGA has detected an unknown interrupt. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MLCTRLR Messages Error Message %L2-MLCTRLR-2-NOMEM [chars]([dec]): not enough memory for [chars] Explanation The process is out of memory. Recommended Action Check process list for source of memory loss. Check if h/w memory requirements are met. Layer 2 Messages MLCTRLR Messages EM-766 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MLCTRLR-3-ERROR [chars]([dec]): [chars] failed ([chars]) - [chars] Explanation A general failure occured while executing the function in question. The message contains info about the location and cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of MLCTRLR. Error Message %L2-MLCTRLR-4-ALARM [chars]: [chars] [chars] Explanation The specified MLCTRLR Alarm has been declared or released. Recommended Action Recommended action is to repair the source of the alarm. Error Message %L2-MLCTRLR-4-FEAC [chars] [chars] Explanation New Far End Alarm Code received. Recommended Action None. Error Message %L2-MLCTRLR-4-LOOPSTATUS [chars] [chars] Explanation A configurable controller loopback status. Recommended Action None. Error Message %L2-MLCTRLR-4-UPDOWN [chars]: [chars] [chars] Explanation The specified MLCTRLR is operationally down due to alarm. Check alarm status using show controller Mlt command on the cli. Recommended Action Recommended action is to repair the source of the alarm. Error Message %L2-MLCTRLR-4-WARNING [chars]([dec]): [chars] - [chars] Explanation A non-fatal error occured while executing the function in question. The message contains info about the location and cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of MLCTRLR.Layer 2 Messages MMSMLIB Messages EM-767 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MMSMLIB Messages Error Message %L2-MMSMLIB-4-EXIT_ON_ERR [chars]. Reason: [chars] Explanation An error occurred in the PSE ASIC client library after which the client code cannot continue. This error is encountered when a client module (e.g. cli command) has difficulty retrieving information from the PSE driver. The root cause may be located in either hardware or software. Recommended Action *RECUR* MOTHRA Messages Error Message %L2-MOTHRA-3-FATAL_ERROR Fatal error: [chars]: [chars]: [hex] Explanation A fatal error occurred in mothra Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MOTHRA-3-FATAL_ERROR Fatal error: [chars]: [chars]: [hex] Explanation A fatal error occurred in mothra Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MOTHRA-3-PIO_FATAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A fatal error occurred in Santa Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MOTHRA Messages EM-768 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MOTHRA-3-PIO_FATAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A fatal error occurred in Santa Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MOTHRA-6-INFO_MSG Info: [chars]: [chars] Explanation This is a Informational message in the mothra driver to indicate an operation. Recommended Action No action is required. Error Message %L2-MOTHRA-6-INFO_MSG Info: [chars]: [chars] Explanation This is a Informational message in the mothra driver to indicate an operation. Recommended Action No action is required. Error Message %L2-MOTHRA-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the mothra driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MOTHRA-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the mothra driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages MOUSE Messages EM-769 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MOUSE Messages Error Message %L2-MOUSE-2-INTR Mouse Intr: [chars]: [dec]: [dec] Explanation A high severity error has interrupted the Mouse FPGA. This might result in the PLIM being reset. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MOUSE-5-UNKNOWN_INTR Mouse Intr: [chars]: [dec]: [dec] Explanation This message indicates the Mouse FPGA has detected an unknown interrupt. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPLSCP Messages Error Message %L2-MPLSCP-1-ERR_ADJ_DELETE Failed to remove [chars] from adjacency; [chars] Explanation An error was encountered while connecting to the AIB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-1-ERR_ADJ_UPDATE Failed to add [chars] into adjacency; [chars] Explanation An error was encountered while connecting to the AIB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MPLSCP Messages EM-770 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MPLSCP-3-DEBUG_ASSOC Conditional debug association failed; [chars] Explanation An error has occurred upon attempting to associate conditional debugging with PPP debug commands. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-DEBUG_COND_REGISTER Conditional debug registration failed; [chars] Explanation An error has occurred upon attempting to register for conditional debugs. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-DEBUG_REGISTER Debug registration failed; [chars] Explanation An error has occurred upon attempting to connect to the debug server. This may cause debug messages to not appear. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_CONN Connection [chars] failed for [chars]; [chars] Explanation An failure in the reconnection software in the function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_EVENT Failed to [chars] [chars] event; [chars] Explanation An event handler has returned an error condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MPLSCP Messages EM-771 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MPLSCP-3-ERR_EVENT_MGR_CREATE MPLSCP Failed to initialize event manager; [chars] Explanation Initialization of the event manager failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_IM_STATE Failed to get basecaps state for [chars]; [chars] Explanation MPLSCP was unable to determine the state of the basecaps and has assumed it to be down. MPLSCP will remain closed until the interface is brought down and up again. Recommended Action Shut the interface and then bring it up again. Error Message %L2-MPLSCP-3-ERR_MBOX_ADD [chars] [chars] failed to add [chars]; [chars] Explanation An attribute has failed to be added to the message which was being constructed which has caused the message to be discarded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_MBOX_CREATE [chars] failed to create [chars]; [chars] Explanation An attempt to allocate a message failed. This may be due to lack of resources. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_MBOX_INIT Failed to init [chars] message for [chars]; [chars] Explanation The initialization of a message failed, this results in a failure to communicate with the Link Control Protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MPLSCP Messages EM-772 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MPLSCP-3-ERR_MBOX_SEND [chars] failed to send [chars]; [chars] Explanation A message failed in a send attempt to a particular mailbox. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_MQ_OPEN Failed to open message queue [chars]; [chars] Explanation MPLSCP has failed to open a mailbox channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_NETIO_RXQ Failed to support [chars] [chars]; [chars] Explanation MPLSCP has attempted to update the data component with the current status of the control protocol. The attempt has failed which will has the effect of leaving the data component with the previous set of information. This may result in an inability to negotiate MPLSCP. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_SYSDB SysDB [chars] failed; [chars] Explanation MPLSCP cannot perform some SysDB operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-ERR_SYSDB_NOTIFICATION Failed to [chars]register for SysDB notification of [chars]; [chars] Explanation MPLSCP cannot (un)register for SysDB notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MPLSCP Messages EM-773 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MPLSCP-3-ERR_TIMER [chars] [chars] timer [chars] Explanation The manipulation of a timer had an abnormal side effect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-3-LTRACE_INIT MPLSCP Failed to initialize the ltrace buffer; [chars] Explanation The buffer used for tracing could not be allocated. The process will be restarted. Recommended Action The most likely cause of a problem is not enough memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-MPLSCP-4-ERR_EVENT_WAIT Error waiting for event; [chars] Explanation The event loop has received a message of a type it does not recognize. All events should be received by handlers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-4-ERR_INTERFACE_NULL [chars]: Interface NULL Explanation A function was called with a NULL interface pointer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-4-ERR_MEMORY Insufficient memory for [chars] Explanation MPSLCP failed to allocate memory for a structure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MPLSCP Messages EM-774 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MPLSCP-4-ERR_MQ_RECEIVE Error receiving from message queue; [chars] Explanation MPLSCP has failed to receive a message from its mailbox. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-4-ERR_NO_INTERFACE Interface [chars] not found Explanation A SysDB name lookup failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-4-ERR_NO_INTERFACE_STRUCT Structure for interface [chars] not created; [chars] Explanation MPLSCP failed to create an interface structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MPLSCP-6-ERR_IM_CONNECT Failed to [chars]bind [chars] IM; [chars] Explanation MPLSCP has failed to either bind to or unbind from the interface manager server. Recommended Action No action is required. Error Message %L2-MPLSCP-6-ERR_IM_ENCAPS Failed to [chars] [chars] encapsulation; [chars] Explanation MPLSCP has failed an encapsulation operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages MULTILINK_UV Messages EM-775 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MPLSCP-6-ERR_IM_EVENT Failed to [chars] event; [chars] Explanation MPLSCP has failed to either initialize or specify an event with the interface manager server. Recommended Action No action is required. Error Message %L2-MPLSCP-6-ERR_IM_PROTO Failed to [chars] [chars] protocol; [chars] Explanation MPLSCP has failed a protocol operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MULTILINK_UV Messages Error Message %L2-MULTILINK_UV-3-ERR_MISCONFIG Misconfiguration: Item [chars] on interface [chars] is incompatible with other configuration. The system may now be in an inconsistant state. Explanation The Multilink Uberverifier has detected a misconfiguration. It was not detected in the verification phase, so the Uberverifier cannot correct this. Recommended Action The misconfiguration can be corrected by deleting all configuration from the specified interface and its subinterfaces, and then reapplying the configuration. If the problem persists, do the following: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MULTILINK_UV-3-EVENT Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process must exit. Recommended Action Identify the location of the card where there error was reported. Copy the error message exactly as it appears on the console or in the system log. Issue the show memory location location summary command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show memory location location summary output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages Multilink Messages EM-776 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-MULTILINK_UV-3-INIT Failure during initialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-MULTILINK_UV-3-SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Multilink Messages Error Message %L2-Multilink-3-INCORRECT_BW_UPDATE Bundle [chars] with bandwidth [dec]. Link ifh [hex] with bandwidth [dec] Explanation When the indicated member link was deactivated, bundle bandwidth could not be updated correctly as decrementing the link’s bandwidth would have made the bundle bandwidth to go below zero. Bundle bandwidth is now made zero. Recommended Action Check the bundle and member interface status. Verify that the bundle bandwidth is correct now. If not, shut all the members of the bundle and then no shut all the members to bring back the bundle bandwidth to correct value. Error Message %L2-Multilink-3-MTU_IMPOSE_FAILED Failed to set MTU of [unsigned int] on [chars] Explanation The specified MTU could not be applied on this interface. Recommended Action No action is required. Layer 2 Messages ND Messages EM-777 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-Multilink-4-ALARM [chars]: [chars] [chars] Explanation The specified Multilink Alarm has been declared or released. Recommended Action Recommended action is to repair the source of the alarm. ND Messages Error Message %L2-ND-3-INIT Process initialisation failed. [chars]: [chars] ([hex]) Explanation There was a software error during process startup. Recommended Action The process will restart and try to recover. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise, check whether the error code contained in the message indicates that there was a failure to allocate the necessary memory and take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If resource allocation was not the problem and it hasn’t been fixed by a subsequent restart, then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the process does not restart automatically, restart it manually. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OAMMIB Messages Error Message %L2-OAMMIB-3-NO_DEBUG Unable to register for OAM MIB debug. No further debugging will occur: [chars] Explanation In the initialisation of the OAM MIB DLL an error occurred whilst attempting to register for debugging. Consequently there will be no debug output from the OAM MIB DLL. Recommended Action Continue working with the OAM MIB DLL without any debugging taking place or restart the DLL such that during initialisation there is another attempt register for debugging. Layer 2 Messages OC768_FRAMER_ASIC Messages EM-778 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OAMMIB-3-NO_TRAP Unable to register for SNMP traps. Traps will not be sent regardless of trap events occurring: [chars] Explanation In the initialisation of the OAM MIB DLL an error occurred whilst trying to register a callback function for the enabling of SNMP traps. Alternatively whilst trying to enable traps there was a failure in binding to SysDB for trap notifications. Recommended Action Continue working with the OAM MIB DLL without any the ability to send traps when events occur or restart the DLL such that there is another attempt to register for traps. OC768_FRAMER_ASIC Messages Error Message %L2-OC768_FRAMER_ASIC-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation OC768 Framer ASIC Driver encountered a critical error which causes the process to exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OC768_FRAMER_ASIC-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation OC768 Framer ASIC Driver encountered a critical error which causes the process to exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OC768_FRAMER_ASIC-6-INFO [chars]: [chars] Explanation This is a informational message from OC768 Framer ASIC driver to indicate an operation. Recommended Action No action is required. Layer 2 Messages OPTICS Messages EM-779 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OC768_FRAMER_ASIC-6-INFO [chars]: [chars] Explanation This is a informational message from OC768 Framer ASIC driver to indicate an operation. Recommended Action No action is required. Error Message %L2-OC768_FRAMER_ASIC-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in OC768 Framer ASIC driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OC768_FRAMER_ASIC-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in OC768 Framer ASIC driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OPTICS Messages Error Message %L2-OPTICS-3-CRITICAL_ERROR Optical init failure: [chars]: [chars]: [hex] Explanation A critical error occurred in OPTICS Driver which involves exiting the process. Recommended Action Power cycle the plim. Error Message %L2-OPTICS-3-CRITICAL_ERROR Optical init failure: [chars]: [chars]: [hex] Explanation A critical error occurred in OPTICS Driver which involves exiting the process. Recommended Action Power cycle the plim. Layer 2 Messages OPTICS Messages EM-780 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OPTICS-6-INFO Info: [chars]: [chars] Explanation This is an informational message in the OPTICS driver to indicate an operation. Recommended Action No action is required. Error Message %L2-OPTICS-6-INFO Info: [chars]: [chars] Explanation This is an informational message in the OPTICS driver to indicate an operation. Recommended Action No action is required. Error Message %L2-OPTICS-7-DEBUG_MSG Debug: [chars]: [chars] value [dec] Explanation This is a debug message in the optics driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OPTICS-7-DEBUG_MSG Debug: [chars]: [chars] value [dec] Explanation This is a debug message in the optics driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages OSICP Messages EM-781 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OSICP Messages Error Message %L2-OSICP-3-DEBUG_ASSOC Conditional debug association failed; [chars] Explanation An error has occurred upon attempting to associate conditional debugging with PPP debug commands. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-DEBUG_COND_REGISTER Conditional debug registration failed; [chars] Explanation An error has occurred upon attempting to register for conditional debugs. PPP debug messages will not be filtered by debug conditions such as ’debug condition interface’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-DEBUG_REGISTER Debug registration failed; [chars] Explanation An error has occurred upon attempting to connect to the debug server. This may cause debug messages to not appear. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_CONN Connection [chars] failed for [chars]; [chars] Explanation An failure in the reconnection software in the function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages OSICP Messages EM-782 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OSICP-3-ERR_EVENT Failed to [chars] [chars] event; [chars] Explanation An event handler has returned an error condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_EVENT_MGR_CREATE OSICP Failed to initialize event manager; [chars] Explanation Initialization of the event manager failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_IM_STATE Failed to get basecaps state for [chars]; [chars] Explanation OSICP was unable to determine the state of the basecaps and has assumed it to be down. OSICP will remain closed until the interface is brought down and up again. Recommended Action Shut the interface and then bring it up again. Error Message %L2-OSICP-3-ERR_MBOX_ADD [chars] [chars] failed to add [chars]; [chars] Explanation An attribute has failed to be added to the message which was being constructed which has caused the message to be discarded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_MBOX_CREATE [chars] failed to create [chars]; [chars] Explanation An attempt to allocate a message failed. This may be due to lack of resources. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages OSICP Messages EM-783 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OSICP-3-ERR_MBOX_INIT Failed to init [chars] message for [chars]; [chars] Explanation The initialization of a message failed, this results in a failure to communicate with the Link Control Protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_MBOX_SEND [chars] failed to send [chars]; [chars] Explanation A message failed in a send attempt to a particular mailbox. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_MQ_OPEN Failed to open message queue [chars]; [chars] Explanation OSICP has failed to open a mailbox channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_NETIO_RXQ Failed to support [chars] [chars]; [chars] Explanation OSICP has attempted to update the data component with the current status of the control protocol. The attempt has failed which will has the effect of leaving the data component with the previous set of information. This may result in an inability to negotiate OSICP. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_SYSDB SysDB [chars] failed; [chars] Explanation OSICP cannot perform some SysDB operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages OSICP Messages EM-784 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OSICP-3-ERR_SYSDB_NOTIFICATION Failed to [chars]register for SysDB notification of [chars]; [chars] Explanation OSICP cannot (un)register for SysDB notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-ERR_TIMER [chars] [chars] timer [chars] Explanation The manipulation of a timer had an abnormal side effect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-3-LTRACE_INIT OSICP Failed to initialize the ltrace buffer; [chars] Explanation The buffer used for tracing could not be allocated. The process will be restarted. Recommended Action The most likely cause of a problem is not enough memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-OSICP-4-ERR_EVENT_WAIT Error waiting for event; [chars] Explanation The event loop has received a message of a type it does not recognize. All events should be received by handlers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-4-ERR_INTERFACE_NULL [chars]: Interface NULL Explanation A function was called with a NULL interface pointer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages OSICP Messages EM-785 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OSICP-4-ERR_MEMORY Insufficient memory for [chars] Explanation OSICP failed to allocate memory for a structure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-4-ERR_MQ_RECEIVE Error receiving from message queue; [chars] Explanation OSICP has failed to receive a message from its mailbox. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-4-ERR_NO_INTERFACE Interface [chars] not found Explanation A SysDB name lookup failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-4-ERR_NO_INTERFACE_STRUCT Structure for interface [chars] not created; [chars] Explanation OSICP failed to create an interface structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-6-ERR_IM_CONNECT Failed to [chars]bind [chars] IM; [chars] Explanation OSICP has failed to either bind to or unbind from the interface manager server. Recommended Action No action is required. Layer 2 Messages PFILTER_EA Messages EM-786 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-OSICP-6-ERR_IM_ENCAPS Failed to [chars] [chars] encapsulation; [chars] Explanation OSICP has failed an encapsulation operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-OSICP-6-ERR_IM_EVENT Failed to [chars] event; [chars] Explanation OSICP has failed to either initialize or specify an event with the interface manager server. Recommended Action No action is required. Error Message %L2-OSICP-6-ERR_IM_PROTO Failed to [chars] [chars] protocol; [chars] Explanation OSICP has failed a protocol operation with the interface manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PFILTER_EA Messages Error Message %L2-PFILTER_EA-3-ERR_IM_CAPS [chars] acl failed on interface CH[hex]. [chars] Explanation 1) An ACL could not be applied to hardware because of one of the following reasons: a) TCAM max limit has been reached. b) RLB resources are not available. c) IPv6 address compression table is full. This error can happen when a new bundle member is added and the ACL can not be programmed successfully. 2) An ACL could not be removed from hardware. Recommended Action 1) When this error occurs the running-config will not be in sync with line card configuration. It is recommended that the bundle member on which the error occured be removed from the bundle. The ACL configuration may also be reduced until it can be successfully programmed on the new bundle member. 2) If the ACL could not be removed from hardware a line card reload is recommended. Layer 2 Messages PFILTER_EA Messages EM-787 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PFILTER_EA-3-ERR_IM_CAPS [chars] acl failed on interface CH[hex]. [chars] Explanation 1) An ACL could not be applied to hardware because of one of the following reasons: a) TCAM max limit has been reached. b) RLB resources are not available. c) IPv6 address compression table is full. This error can happen when a new bundle member is added and the ACL can not be programmed successfully. 2) An ACL could not be removed from hardware. Recommended Action 1) When this error occurs the running-config will not be in sync with line card configuration. It is recommended that the bundle member on which the error occured be removed from the bundle. The ACL configuration may also be reduced until it can be successfully programmed on the new bundle member. 2) If the ACL could not be removed from hardware a line card reload is recommended. Error Message %L2-PFILTER_EA-3-INIT_ERROR Process initialization failed: ([chars]%s) Explanation The pfilter_ea process failed to initialize. This pfilter_ea process programs the ’packet filter’ security access control list in the hardware. If the pfilter_ea process fails to initialize, the access control list cannot be programmed into the hardware. %s - indicates the reason for the initialization failure. %s - is the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process pfilter_ea location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart pfilter_ea location 0/x/cpu0’. Collect all debug information if the process is continually restarting ’debug pfilter-ea all’ (during the process restart). If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PFILTER_EA-7-EVENT_ERROR Event Failure: ([chars]) Explanation The pfilter_ea process received a bad event. This pfilter_ea process programs the ’packet filter’ security access control list in the hardware. %s - is the decoded error reason. Recommended Action Monitor the event messages. The pfilter_ea process will handle the failure gracefully but if they continually appear on the console, try doing ’process restart pfilter_ea location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PFILTER_EA-7-INIT [chars] failed due to [chars] Explanation Initialization of packet filter process has failed due to one of the following reasons: 1) Failed to initialize event manager. This would prevent process from receiving events. 2) Failed to register with debug. This would prevent process from logging debug messages. 3) Failure to connect with SYSDB. 4) Failed initialize internal permit/deny entries for IPv4/IPv6. These entries are Layer 2 Messages PFILTER_EA Messages EM-788 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 needed for programming/removal of hardware entries for IPv4/IPv6 security ACLs. 5) Failed to initialize connection with interface manager proxy service. 6) Failed to initialize RLB (range logic block) checkpoint. This is needed for checkpointing range logic block information for restore on process restart. 7) Failed to initialize Feature EA DLL API needed for programming of hardware resources. 8) Failed to initialize callback function from Feature EA DLL for compiling IPv4/IPv6 TCAM entries needed for security ACL programming in hardeare. 9) Failed to initialize callback function from Feature EA DLL to handle reprogramming of RLB and IPv6 source prefix compression table request from TCAM manager. 10) Failed to initialize feature checkpoint info. This is needed for checkpointing IPv4 and IPv6 security ACLs programmed in hardware. 11) Failed to initialize callback functions from ACL configuration manager to perform hardware resource checks and ACE resequencing. 12) event_block failed. This indicates process has encountered unexpected error while waiting for events. 13) Failed to initialize callback functions for receiving incremental updates for IPv4/IPv6 security ACL configuration. Recommended Action No action is required. Process will be restarted. If not recovered, it’s a fatal condition. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Error Message %L2-PFILTER_EA-7-INIT [chars] failed due to [chars] Explanation Initialization of packet filter process has failed due to one of the following reasons: 1) Failed to initialize event manager. This would prevent process from receiving events. 2) Failed to register with debug. This would prevent process from logging debug messages. 3) Failure to connect with SYSDB. 4) Failed initialize internal permit/deny entries for IPv4/IPv6. These entries are needed for programming/removal of hardware entries for IPv4/IPv6 security ACLs. 5) Failed to initialize connection with interface manager proxy service. 6) Failed to initialize RLB (range logic block) checkpoint. This is needed for checkpointing range logic block information for restore on process restart. 7) Failed to initialize Feature EA DLL API needed for programming of hardware resources. 8) Failed to initialize callback function from Feature EA DLL for compiling IPv4/IPv6 TCAM entries needed for security ACL programming in hardeare. 9) Failed to initialize callback function from Feature EA DLL to handle reprogramming of RLB and IPv6 source prefix compression table request from TCAM manager. 10) Failed to initialize feature checkpoint info. This is needed for checkpointing IPv4 and IPv6 security ACLs programmed in hardware. 11) Failed to initialize callback functions from ACL configuration manager to perform hardware resource checks and ACE resequencing. 12) event_block failed. This indicates process has encountered unexpected error while waiting for events. 13) Failed to initialize callback functions for receiving incremental updates for IPv4/IPv6 security ACL configuration. Recommended Action No action is required. Process will be restarted. If not recovered, it’s a fatal condition. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE*Layer 2 Messages PLAOC768_API Messages EM-789 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLAOC768_API Messages Error Message %L2-PLAOC768_API-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation PLAOC768 system checkout Library encountered a critical error which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768_API-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation PLAOC768 system checkout Library encountered a critical error which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768_API-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message from the PLAOC768 system checkout Library to indicate either anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temporary situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768_API-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message from the PLAOC768 system checkout Library to indicate either anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temporary situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PLAOC768 Messages EM-790 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLAOC768 Messages Error Message %L2-PLAOC768-3-ASIC_ERROR [chars] : block [dec] error [dec], [chars] Explanation An ASIC error occurred in PLAOC768 ASIC which is reported here. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768-3-ASIC_ERROR [chars] : block [dec] error [dec], [chars] Explanation An ASIC error occurred in PLAOC768 ASIC which is reported here. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768-3-CRITICAL_ERROR [chars]: [chars]: [dec] Explanation PLAOC768 Driver encountered an critical error condition which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768-3-CRITICAL_ERROR [chars]: [chars]: [dec] Explanation PLAOC768 Driver encountered an critical error condition which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLAOC768 Messages EM-791 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLAOC768-3-PIO_CRITICAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A critical error occurred in PLAOC768 Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768-3-PIO_CRITICAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A critical error occurred in PLAOC768 Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLAOC768-6-INFO [chars]: [chars] Explanation This is a informational message in the PLAOC768 driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PLAOC768-6-INFO [chars]: [chars] Explanation This is a informational message in the PLAOC768 driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PLAOC768-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message from the PLAOC768 driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLAT_L2FIB_VPLS Messages EM-792 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLAOC768-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message from the PLAOC768 driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLAT_L2FIB_VPLS Messages Error Message %L2-PLAT_L2FIB_VPLS-7-DEBUG_ERROR PLATFORM-L2FIB-VPLS: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB VPLS component. Recommended Action None, platform software will correct itself if this happens. Error Message %L2-PLAT_L2FIB_VPLS-7-INIT_ERROR PLATFORM-L2FIB-VPLS: Error - [chars] Explanation Failed to initialize the VPLS module in the platform L2FIB VPLS component. Recommended Action None, platform software will correct itself if this happens. Error Message %L2-PLAT_L2FIB_VPLS-7-LTRACE_ERROR PLATFORM-L2FIB-VPLS: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB VPLS component. Recommended Action None, platform software will correct itself if this happens. Error Message %L2-PLAT_L2FIB_VPLS-7-PFI_ERROR PLATFORM-L2FIB-VPLS: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the PFI-IFH module in the platform L2FIB VPLS component. Recommended Action None, platform software will correct itself if this happens.Layer 2 Messages PLATFORM_ATM_OAM Messages EM-793 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLATFORM_ATM_OAM Messages Error Message %L2-PLATFORM_ATM_OAM-3-PACKET_RX ATM OAM PKT RX error:[chars] Explanation There was a software error while processing received OAM cell Recommended Action No action required if the message is displayed just a few times and stops after that. If the message repeats continously, collect the System Messages displayed on the console and provide them to cisco support. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. plim_4p_oc12 Messages Error Message %L2-plim_4p_oc12-3-ALLOC_FAILED Process failed to allocate memory [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized due to unavailable memory and will be restarted. It may affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller,... Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-CREATE_THREAD_ERROR Process init failed [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller,... %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_4p_oc12 Messages EM-794 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_4p_oc12-3-DEBUG_INIT_ERROR Debugging subsystem initialization failed Explanation Physical Layer Interface Module(PLIM) driver failed to initialize it’s debug subsystem. As result plim debug commands will not work on the PLIM module in question. The rest of functionality of the PLIM driver remains unaffected by the failure. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. Recommended Action Restart the process using ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’. Process restart may affect traffic on all 4 oc12 interfaces located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-ERR_EVM_CREATE Interface module driver initialization failed Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. As result of such failure no trafiic may pass on all 4 oc12 ports located on the 4 port linecard. The interfaces associated with failed PLIM will not come up. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered to recover. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If it’s not operational attempt to restart the process using command ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-ERR_EVM_EVENT_BLOCK process received invalid event [chars] Explanation Physical Layer Interface Module(PLIM) driver experience an errorr while awaiting for event arrival. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. As result of the error the PLIM process will be restarted. Traffic may be interrupted on all affected interfaces. %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered to recover. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If it’s not operational attempt ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0 If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_4p_oc12 Messages EM-795 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_4p_oc12-3-ERR_PORT_INIT PLIM port init failed [dec] stage-[chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize port. As result of the failure affected interfaces will not come up. %d - failed port number %s - specific stage of port initialization that failed PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer and Packet Over Sonet(POS) controller. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-FWD_REGISTER_ERROR Process initialization error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized and will be restarted. It will affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller,... %s - error code Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-PORT_AVAILABLE_FAILED Port failed to become available [chars] [dec] Explanation Physical Layer Interface Module(PLIM) driver failed to make port available for forwarding. The interface in question will not forward packets. %s - error code %d - port number Recommended Action Restart the process using ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’. Process restart may affect traffic on all 4 oc12 interfaces located on the line card. Reload the line card using ’hw-module location 0/slot/cpu0 reload’ if the process restart failed to solve the problem.. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_4p_oc12 Messages EM-796 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_4p_oc12-3-RESET_FAILED PLIM reset failed [chars] Explanation The Physical Layer Interface Module(PLIM) driver failed to reset PLIM hardware. %s - error code PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. Recommended Action If the error occurred during user command execution retry the command and if the error persist consider restarting plim process ( ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’. PLIM process restart may affect traffic on all 4 oc12 ports. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-STATS_COLLECT_REGISTER_FAILED Statistics collector registration error [chars] [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to register PLIM interface statistics collector. No interface statistics such as sonet counters and packet counters will be available on the specified interface. %s - contains interface name %s - contains error code Recommended Action Restart the process using ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’. Process restart may affect traffic on all 4 oc12 interfaces located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-STATSD_COLL_INIT_ERROR Process initialization error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized and will be restarted. It will affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller,... %s - error code Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_4p_oc12 Messages EM-797 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_4p_oc12-3-TIMER_INIT_FAILED Process init failed [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller,... %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_4p_oc12 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_4p_oc12 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-3-TX_CLK_GET_INVALID_PORT_CTX Failed to retrieve tx clock source Explanation Physical Layer Interface Module(PLIM) driver was unable to determine transmit clock source for the sonet port. The error may appear during show or configuration of the sonet port. Recommended Action If the error occurred during user command execution retry the command and if the error persist contact technical support. Error Message %L2-plim_4p_oc12-3-TX_CLK_SET_INVALID_PORT_CTX Failed to configure tx clock source for sonet port Explanation Physical Layer Interface Module(PLIM) driver failed to make configure transmit clock source for the sonet port. The sonet port hardware configuration is invalid and may result in traffic being dropped or high error count on the port. This error may appear during attempt to configure clock source for the sonet port. Recommended Action Retry the sonet port configuration. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_4p_oc12-4-INVALID_TIMER Invalid timer [dec] Explanation Physical Layer Interface Module(PLIM) driver received unknown timer event. %d - timer type Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PLIM_4P_OC192 Messages EM-798 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLIM_4P_OC192 Messages Error Message %L2-PLIM_4P_OC192-3-DEVICE_INTR_CLEAR No Framer/RAC devices are generating excessive interrupts Explanation The previously reported excessive interrupts condition has been cleared. Interrupt rate limiting has been disabled. Recommended Action none Error Message %L2-PLIM_4P_OC192-3-DEVICE_INTR_CLEAR No Framer/RAC devices are generating excessive interrupts Explanation The previously reported excessive interrupts condition has been cleared. Interrupt rate limiting has been disabled. Recommended Action none Error Message %L2-PLIM_4P_OC192-3-DEVICE_INTR_DISABLE Excessive interrupts from the [chars] device of port [hex] Explanation The specified device is generating excessive interrupts. This message indicates that we are rate limiting the interrupt coming from this device. This indicates a potential HW issue, traffic forwarding (protection switching) may be impacted. Recommended Action Check the fiber or the peer connection. If the problem persist after checking fiber and peer router, please contact support. Error Message %L2-PLIM_4P_OC192-3-DEVICE_INTR_DISABLE Excessive interrupts from the [chars] device of port [hex] Explanation The specified device is generating excessive interrupts. This message indicates that we are rate limiting the interrupt coming from this device. This indicates a potential HW issue, traffic forwarding (protection switching) may be impacted. Recommended Action Check the fiber or the peer connection. If the problem persist after checking fiber and peer router, please contact support. Layer 2 Messages PLIM_ASIC_API Messages EM-799 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM_4P_OC192-3-ERR [chars] Explanation fail to init debug service event manager fails to provide its service Recommended Action sysmgr will respawn plim_4p_oc192 ’show logging’ to look for the errors from event manager Error Message %L2-PLIM_4P_OC192-3-ERR [chars] Explanation fail to init debug service event manager fails to provide its service Recommended Action sysmgr will respawn plim_4p_oc192 ’show logging’ to look for the errors from event manager Error Message %L2-PLIM_4P_OC192-3-MEM_ERR [chars] Explanation fail to allocate memory. Recommended Action sysmgr would restart the process. show process memory to find out whehter there is potential memory leak show memory to confirm system memory goes low Error Message %L2-PLIM_4P_OC192-3-MEM_ERR [chars] Explanation fail to allocate memory. Recommended Action sysmgr would restart the process. show process memory to find out whehter there is potential memory leak show memory to confirm system memory goes low PLIM_ASIC_API Messages Error Message %L2-PLIM_ASIC_API-7-ERR [chars] Reason:[chars] Explanation BAMBI API generated errors. Recommended Action No action is required. Layer 2 Messages PLIM_ASIC Messages EM-800 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM_ASIC_API-7-ERR [chars] Explanation BAMBI API generated errors. Recommended Action No action is required. PLIM_ASIC Messages Error Message %L2-PLIM_ASIC-2-EIO_TRAIN PLASPA: [chars] Explanation EIO training errors. The EIO link to the PLASPA failed to train. This will result in traffic loss through this PLIM. Recommended Action Check seating of both the PLIM and the MSC and then reload the MSC. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_ASIC-3-ERR [chars] Explanation Plim asic driver errors. Typically these errors indicate failure in system services or bad programming of the hardware. Recommended Action Check whether process ’plaspa_server’ is up and running. Check if the linecard reported any other errors and/or traffic loss was observed. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_ASIC-3-HW_ERR plaspa instance [dec] [chars], [chars] Explanation Plim Asic errors. Typically these indicate errors detected by the ASIC. Too many of these errors might indicate problem with the board, and can trigger a reload of the LC. Recommended Action Check whether process ’bambi_server’ is up and running. Check if the linecard reported any other errors and/or traffic loss was observed. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLIM_CLKSEL Messages EM-801 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM_ASIC-3-HW_ERR plaspa instance [dec] [chars], [chars] Explanation Plim Asic errors. Typically these indicate errors detected by the ASIC. Too many of these errors might indicate problem with the board, and can trigger a reload of the LC. Recommended Action Check whether process ’plaspa_server’ is up and running. Check if the linecard reported any other errors and/or traffic loss was observed. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_ASIC-3-LTRACE_INIT Ltrace init for file [chars] failed [chars] Explanation -- Recommended Action Typcially these indicate that ltrace is out of service. check at other processes using ltrace and see whether the problem happens to them. Error Message %L2-PLIM_ASIC-3-LTRACE_INIT Ltrace init for file [chars] failed [chars] Explanation -- Recommended Action Typcially these indicate that ltrace is out of service. check at other processes using ltrace and see whether the problem happens to them. Error Message %L2-PLIM_ASIC-7-ERR [chars] Explanation Plim asic driver errors. Typically these errors indicate failure in system services or bad programming of the hardware. Recommended Action No action is required. PLIM_CLKSEL Messages Error Message %L2-PLIM_CLKSEL-3-ERR_INIT PLIM process is restarted because of a failure in Clock Selection Library initialization: ([chars]/[chars]). Explanation The initilaization of the Clock Selection Library failed. The Clock Selection Library is used by the physical layer interface module (PLIM) driver on the linecard. The PLIM driver creates the SONET controller and POS interface, handling the all the SONET event, applying SONET/POS Layer 2 Messages PLIM_FPGA Messages EM-802 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 configuration to the layer-1 device hardware. If the PLIM driver fails to initialize, no traffic will pass, therefore no higher level protocol will work. %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn the PLIM process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process process name location 0/x/cpu0’ to verify that the process is up and running, where process name equals ’pl_e48_pos_4p_oc12’ for OC12 linecard; ’pl_e48_pos_1p_oc48’ for OC48 linecard; If it is still non-operational, try to do a manually process restart with CLI: ’process restart process name location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_CLKSEL-4-ERR_DEBUG Debug initialization failed with [chars]. Explanation Debug message initialzation failed. Recommended Action This error has no effect on any feature except that debug information cannot be turned on by CLI ’debug plim-clksel location 0/x/CPU0’. Restarting the process with the CLI below, process restart will not affect traffic. ’process restart process name location 0/x/CPU0’ may resolve the problem. PLIM_FPGA Messages Error Message %L2-PLIM_FPGA-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation PLIM FPGA ASIC Driver encountered a critical error as described in the error message. This error causes PLIM OC768 process to exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_FPGA-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation PLIM FPGA ASIC Driver encountered a critical error as described in the error message. This error causes PLIM OC768 process to exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLIM_FPGA Messages EM-803 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM_FPGA-3-PIO_CRITICAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A critical error occurred in PLIM FPGA Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_FPGA-3-PIO_CRITICAL_ERROR Asic PIO failure : [chars], instance [dec]: rc [dec] cerr [chars] errno [dec] data1 [hex] data2 [hex] Explanation A critical error occurred in PLIM FPGA Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_FPGA-6-INFO [chars]: [chars] Explanation This is a informational message from PLIM FPGA driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PLIM_FPGA-6-INFO [chars]: [chars] Explanation This is a informational message from PLIM FPGA driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PLIM_FPGA-7-DEBUG_MSG Debug: [chars]: [chars] value [dec] Explanation This is a debug message in PLIM FPGA driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLIM_IOX_4P_GE Messages EM-804 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM_FPGA-7-DEBUG_MSG Debug: [chars]: [chars] value [dec] Explanation This is a debug message in PLIM FPGA driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLIM_IOX_4P_GE Messages Error Message %L2-PLIM_IOX_4P_GE-3-INIT_ERR Initialization error: [chars]: [chars] Explanation The 4 port Gigabit Ethernet (GE) driver failed to initialize properly. This driver provides the system access to the hardware. A failure during initialization of this process may render the interfaces provided by the hardware unusable. %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process plim_iox_4p_ge location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart plim_iox_4p_ge location 0/x/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_IOX_4P_GE-6-INFO_MSG [chars] [dec] Explanation This is an Informational message in the plim_iox_4p_ge driver to indicate operation that may be of interest to the user. Recommended Action No action is required. Error Message %L2-PLIM_IOX_4P_GE-6-RXLOS_INT SFP Rx LOS Interrupt: port: [dec], count equals [dec] Explanation This is an informational message in the gigE driver driver to indicate a Loss of Signal (LOS) has occurred on the indicated port. Recommended Action 1. Ensure the equipment at the far end of the link is functioning and configurations are correct. 2. Ensure the cable are installed correctly Rx plugged into far-end Tx & Tx plugged into far-end Rx 3. Check SFP and cable compatability. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PLIM_LIB Messages EM-805 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLIM_LIB Messages Error Message %L2-PLIM_LIB-2-ERR_FM_REPLY Physical layer interface module library failed to reply to the Fault Manager for error recovery: [chars] Explanation The PLIM driver soft error recovery failed because the PLIM library function failed with replying to the Fault Manager request. If the PLIM soft error recovery failed, the PLIM hardware state may not be in the correct state, and the traffic may be affected. %s - is the decoded error reason Recommended Action The Fault Manager will reset the linecard if the error recovery failed, search through the event logs, if there is no any message indicating that the Fault Manager has reset the linecard, try to do a manually reset with CLI: ’hw-module location 0/x/cpu0 reload’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_LIB-2-ERR_FM_REQUEST The Fault Manager cannot send message to physical layer interface module driver to start soft error recovery: [chars]/[chars] Explanation When a soft error is detected with any ASIC on the datapath, the Fault Manager will start the soft error recovery on the datapath. If the Fault Manager cannot send request to the PLIM driver, the soft error recovery will not be completed, therefore the traffic will not go through the datapath. %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The Fault Manager will reset the linecard if sending message failed, search through the event logs, if there is no any message indicating that the Fault Manager has reset the linecard, try to do a manually reset with CLI: ’hw-module location 0/x/cpu0 reload’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_LIB-3-ERR_INIT Physical layer interface module library initialization failed: ([chars]/[chars]). Explanation The physical layer interface module (PLIM) library on the linecard failed to initialize. The PLIM library is used by PLIM driver which creates the SONET controller, POS interface, handling the all the SONET event and applying SONET/POS configuration to the layer1 devices. If the PLIM driver failed to initialize, no traffic will pass, therefore no higher level protocol will work. %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn the PLIM process, up to a fixed number of times when this error is encountered, to recover. Execute the following command to verify that the process is up and running. ’show process process name location 0/x/cpu0’ where process name equals ’e48_plim_oc3’ for OC3 linecard; ’pl_e48_pos_4p_oc12’ for OC12 linecard; ’pl_e48_pos_1p_oc48’ for OC48 linecard; If it is still non-operational, try to do a manually process restart with CLI: ’process restart process name Layer 2 Messages PLIM_LIB Messages EM-806 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_LIB-3-ERROR error: [chars]: [chars]: [hex] Explanation A fatal error occurred in the plim library driver which involves exiting the process. Recommended Action collect the info from ’show diag’, ’show hfr’, ’show inv’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_LIB-3-ERROR error: [chars]: [chars]: [hex] Explanation A fatal error occurred in the plim library driver which involves exiting the process. Recommended Action collect the info from ’show diag’, ’show hfr’, ’show inv’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_LIB-4-ERR_MSG_RCV Physical layer interface module library failed in receiving the message: [chars] Explanation The PLIM library detects a failure condition when receiving the message. The message is used only for error recovery, the process should not receive the message in normal case. This error means a error condition is detected while the process is waiting for a message, it can be ignored if the error does not persist. Otherwise, if the error persists, it is recommended to restart the process, restarting process will not affect the traffic. Recommended Action If the error persists, execute the following command to restart the process. ’process restart process name location 0/x/cpu0’ where process name equals ’e48_plim_oc3’ for OC3 linecard; ’pl_e48_pos_4p_oc12’ for OC12 linecard; ’pl_e48_pos_1p_oc48’ for OC48 linecard; If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_LIB-7-DEBUG [chars]: [chars] errno [dec] Explanation This is a debug message in the PLIM library driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action ’show logging’ to confirm sysdb errors Layer 2 Messages plim_oc48 Messages EM-807 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM_LIB-7-DEBUG [chars]: [chars] errno [dec] Explanation This is a debug message in the PLIM library driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action ’show logging’ to confirm sysdb errors plim_oc48 Messages Error Message %L2-plim_oc48-3-ALLOC_FAILED Process failed to allocate memory [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized due to unavailable memory and will be restarted. It may affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-ALLOC_FAILED Process failed to allocate memory [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized due to unavailable memory and will be restarted. It may affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-808 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-CREATE_THREAD_ERROR Process init failed [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-CREATE_THREAD_ERROR Process init failed [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-DEBUG_INIT_ERROR Debugging subsystem initialization failed Explanation Physical Layer Interface Module(PLIM) driver failed to initialize it’s debug subsystem. As result plim debug commands will not work on the PLIM module in question. The rest of functionality of the PLIM driver remains unaffected by the failure. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. Recommended Action Restart the process using ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. Process restart may affect traffic on the oc48 interface located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-809 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-DEBUG_INIT_ERROR Debugging subsystem initialization failed Explanation Physical Layer Interface Module(PLIM) driver failed to initialize it’s debug subsystem. As result plim debug commands will not work on the PLIM module in question. The rest of functionality of the PLIM driver remains unaffected by the failure. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. Recommended Action Restart the process using ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. Process restart may affect traffic on the oc48 interface located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-E3_BW_CHNG_REJ DSU bandwidth change for E3 controller is not supported Explanation This is a known hardware limitation. The bandwidth will be defaulted to 34010 kbps. Recommended Action None. Error Message %L2-plim_oc48-3-ERR_EVM_CREATE Interface module driver initialization failed Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. As result of such failure no trafiic may pass on the oc48 port located on the linecard. The interfaces associated with failed PLIM will not come up. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered to recover. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If it’s not operational attempt to restart the process using command ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-ERR_EVM_CREATE Interface module driver initialization failed Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. As result of such failure no trafiic may pass on the oc48 port located on the linecard. The interfaces associated with failed PLIM will not come up. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered to recover. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If it’s not operational attempt to restart the process using command ’process restart pl_e48_pos_1p_oc48 Layer 2 Messages plim_oc48 Messages EM-810 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 location 0/slot/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-ERR_EVM_EVENT_BLOCK process received invalid event [chars] Explanation Physical Layer Interface Module(PLIM) driver experience an errorr while awaiting for event arrival. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. As result of the error the PLIM process will be restarted. Traffic may be interrupted on all affected interfaces. %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered to recover. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If it’s not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0 If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-ERR_EVM_EVENT_BLOCK process received invalid event [chars] Explanation Physical Layer Interface Module(PLIM) driver experience an errorr while awaiting for event arrival. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. As result of the error the PLIM process will be restarted. Traffic may be interrupted on all affected interfaces. %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered to recover. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If it’s not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0 If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-ERR_MBUS_OP Optical parameter measurement error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to measure laser bias or optical receive power. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. PLIM driver performs periodic measurements of the laser bias and received signal optical power. The results of such measurements are represented in the ’show controller pos 0/slot/0/0’ command under the ’optical power monitoring’ section. %s - error code Recommended Action If the error persist reset the linecard using ’hw-module location 0/slot/CPU0 reload’ command. The line card restart may affect traffic passing on the oc48 interface. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-811 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-ERR_MBUS_OP Optical parameter measurement error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to measure laser bias or optical receive power. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. PLIM driver performs periodic measurements of the laser bias and received signal optical power. The results of such measurements are represented in the ’show controller pos 0/slot/0/0’ command under the ’optical power monitoring’ section. %s - error code Recommended Action If the error persist reset the linecard using ’hw-module location 0/slot/CPU0 reload’ command. The line card restart may affect traffic passing on the oc48 interface. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-ERR_PORT_INIT PLIM port init failed [dec] stage-[chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize port. As result of the failure affected interfaces will not come up. %d - failed port number %s - specific stage of port initialization that failed PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer and Packet Over Sonet(POS) controller. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-ERR_PORT_INIT PLIM port init failed [dec] stage-[chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize port. As result of the failure affected interfaces will not come up. %d - failed port number %s - specific stage of port initialization that failed PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer and Packet Over Sonet(POS) controller. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-812 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-FWD_REGISTER_ERROR Process initialization error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized and will be restarted. It will affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. %s - error code Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-FWD_REGISTER_ERROR Process initialization error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized and will be restarted. It will affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. %s - error code Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-PORT_AVAILABLE_FAILED Port failed to become available [chars] [dec] Explanation Physical Layer Interface Module(PLIM) driver failed to make port available for forwarding. The interface in question will not forward packets. %s - error code %d - port number Recommended Action Restart the process using ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. Process restart may affect traffic on the oc48 interface located on the line card. Reload the line card using ’hw-module location 0/slot/cpu0 reload’ if the process restart failed to solve the problem. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-813 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-PORT_AVAILABLE_FAILED Port failed to become available [chars] [dec] Explanation Physical Layer Interface Module(PLIM) driver failed to make port available for forwarding. The interface in question will not forward packets. %s - error code %d - port number Recommended Action Restart the process using ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. Process restart may affect traffic on the oc48 interface located on the line card. Reload the line card using ’hw-module location 0/slot/cpu0 reload’ if the process restart failed to solve the problem. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-RESET_FAILED PLIM reset failed [chars] Explanation The Physical Layer Interface Module(PLIM) driver failed to reset PLIM hardware. %s - error code PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. Recommended Action If the error occurred during user command execution retry the command and if the error persist consider restarting plim process ( ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. PLIM process restart may affect traffic on the oc48 port located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-RESET_FAILED PLIM reset failed [chars] Explanation The Physical Layer Interface Module(PLIM) driver failed to reset PLIM hardware. %s - error code PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller. Recommended Action If the error occurred during user command execution retry the command and if the error persist consider restarting plim process ( ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. PLIM process restart may affect traffic on the oc48 port located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-814 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-STATS_COLLECT_REGISTER_FAILED Statistics collector registration error [chars] [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to register PLIM interface statistics collector. No interface statistics such as sonet counters and packet counters will be available on the specified interface. %s - contains interface name %s - contains error code Recommended Action Restart the process using ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. Process restart may affect traffic on the oc48 interface located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-STATS_COLLECT_REGISTER_FAILED Statistics collector registration error [chars] [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to register PLIM interface statistics collector. No interface statistics such as sonet counters and packet counters will be available on the specified interface. %s - contains interface name %s - contains error code Recommended Action Restart the process using ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’. Process restart may affect traffic on the oc48 interface located on the line card. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-STATSD_COLL_INIT_ERROR Process initialization error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized and will be restarted. It will affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver %s - error code Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-815 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-STATSD_COLL_INIT_ERROR Process initialization error [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialized and will be restarted. It will affect traffic passing through the ports located on the PLIM. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver %s - error code Recommended Action The System Manager process (sysmgr) will automatically restart this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-TIMER_INIT_FAILED Process init failed [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-TIMER_INIT_FAILED Process init failed [chars] Explanation Physical Layer Interface Module(PLIM) driver failed to initialize. PLIM driver is responsible for initializing/configuring PLIM hardware such as sonet framer, Packet Over Sonet(POS) controller, optical transceiver. %s - error code Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered. Execute ’show process pl_e48_pos_1p_oc48 location 0/slot/cpu0’ to verify that the process is up and running. If the process is not operational attempt ’process restart pl_e48_pos_1p_oc48 location 0/slot/cpu0’ where slot - is slot number in question. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages plim_oc48 Messages EM-816 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-3-TX_CLK_GET_INVALID_PORT_CTX Failed to retrieve tx clock source Explanation Physical Layer Interface Module(PLIM) driver was unable to determine transmit clock source for the sonet port. The error may appear during show or configuration of the sonet port. Recommended Action If the error occurred during user command execution retry the command and if the error persist contact technical support. Error Message %L2-plim_oc48-3-TX_CLK_GET_INVALID_PORT_CTX Failed to retrieve tx clock source Explanation Physical Layer Interface Module(PLIM) driver was unable to determine transmit clock source for the sonet port. The error may appear during show or configuration of the sonet port. Recommended Action If the error occurred during user command execution retry the command and if the error persist contact technical support. Error Message %L2-plim_oc48-3-TX_CLK_SET_INVALID_PORT_CTX Failed to configure tx clock source for sonet port Explanation Physical Layer Interface Module(PLIM) driver failed to make configure transmit clock source for the sonet port. The sonet port hardware configuration is invalid and may result in traffic being dropped or high error count on the port. This error may appear during attempt to configure clock source for the sonet port. Recommended Action Retry the sonet port configuration. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-3-TX_CLK_SET_INVALID_PORT_CTX Failed to configure tx clock source for sonet port Explanation Physical Layer Interface Module(PLIM) driver failed to make configure transmit clock source for the sonet port. The sonet port hardware configuration is invalid and may result in traffic being dropped or high error count on the port. This error may appear during attempt to configure clock source for the sonet port. Recommended Action Retry the sonet port configuration. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLIM_OC768 Messages EM-817 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-plim_oc48-4-INVALID_TIMER Invalid timer [dec] Explanation Physical Layer Interface Module(PLIM) driver received unknown timer event. %d - timer type Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-plim_oc48-4-INVALID_TIMER Invalid timer [dec] Explanation Physical Layer Interface Module(PLIM) driver received unknown timer event. %d - timer type Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLIM_OC768 Messages Error Message %L2-PLIM_OC768-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation PLIM OC768 driver encountered a critical error as described in the error message. This error causes PLIM OC768 process to exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_OC768-3-CRITICAL_ERROR [chars]: [chars]: [hex] Explanation PLIM OC768 driver encountered a critical error as described in the error message. This error causes PLIM OC768 process to exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLIM_OC768 Messages EM-818 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM_OC768-6-INFO [chars]: [chars] Explanation This is an informational message from PLIM OC768 driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PLIM_OC768-6-INFO [chars]: [chars] Explanation This is an informational message from PLIM OC768 driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PLIM_OC768-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the plim_oc768 driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM_OC768-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the plim_oc768 driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PLIM Messages EM-819 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLIM Messages Error Message %L2-PLIM-2-EIO_TRAIN PLA: [chars], [chars] Explanation EIO training errors. The PLA EIO failed to train... this will result in traffic loss and the MSC will fail to send traffic thru the PLIM. Recommended Action Currently, the only recovery is for an MSC reload. Once the Fault-Mgr is available, the ASIC will be reset in order to retrain the EIO. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM-3-CHK_ERR PLA: [chars], [chars] Explanation Checkpoint Initialization Failure. The pla_server process failed to initialize its checkpointing data. The process cannot continue and needs to be restarted. Recommended Action None, the process should recover. If it does not, the system will most likely be in an unrecoverable state and will take appropriate action. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM-3-ERR [chars] Explanation fail to init debug events; sysdb fails to provide services; event mgr fails to provides its services; Recommended Action pla_server would be restarted by sysmgr. check out whether there is any problems with sysdb check out whether there is any problems with the event mgr there should be error msgs from sysdb or event msg. ’show logging’ could confirm this sh plim pla trace info sh plim pla trace error Error Message %L2-PLIM-3-HW_ERR asic error: [chars] Explanation Plim Asic errors. Typically these indicate errors detected by the ASIC. Too many of these errors might indicate problem with the board, and can trigger a reload of the LC. Recommended Action Check whether process ’pla_server’ is up and running. Check if the linecard reported any other errors and/or traffic loss was observed. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PLIM Messages EM-820 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM-3-HW_ERR asic error: [chars] Explanation Plim Asic errors. Typically these indicate errors detected by the ASIC. Too many of these errors might indicate problem with the board, and can trigger a reload of the LC. Recommended Action Check whether process ’pla_server’ is up and running. Check if the linecard reported any other errors and/or traffic loss was observed. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PLIM-3-INCONSISTENT_CONFIG [chars] Explanation As part of trying to configure dot1q vlan with vlan id same as that of outer vlan of QinQ configuration or vice versa on another sub-interface, then error has to be reported to remove the inconsistent config. Recommended Action Upon seeing this message, delete the subinterface that has just been created. Otherwise the system will be in inconsistent state. Error Message %L2-PLIM-3-MEM_ERR [chars] Explanation fail to allocate memory. Recommended Action show process memory to find out whehter there is potential memory leak show memory to confirm system memory goes low Error Message %L2-PLIM-3-MEM_ERR [chars] Explanation fail to allocate memory. Recommended Action show process memory to find out whehter there is potential memory leak show memory to confirm system memory goes low sh plim pla trace info sh plim pla trace error Error Message %L2-PLIM-3-SQUID_ERR [chars] Explanation squid fails to find the device Recommended Action 1. reseat the plim. 2. if the problem is still there after reseating, run diag on the plim Layer 2 Messages pm5315 Messages EM-821 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PLIM-3-SQUID_ERR [chars] Explanation squid fails to find the device Recommended Action 1. reseat the plim. 2. if the problem is still there after reseating, run diag on the plim Error Message %L2-PLIM-7-ERR [chars] Explanation fail to init debug events; sysdb fails to provide services; event mgr fails to provides its services; Recommended Action pla_server would be restarted by sysmgr. check out whether there is any problems with sysdb check out whether there is any problems with the event mgr there should be error msgs from sysdb or event msg. ’show logging’ could confirm this Error Message %L2-PLIM-7-LTRACE_ERR [chars] : [chars] Explanation failed to inititialize ltrace events; Recommended Action check out whether there is any problems with ltrace subsytem pm5315 Messages Error Message %L2-pm5315-3-FATAL_ERROR Fatal error: [chars]: [chars]: [dec] Explanation A fatal error occurred in karachi Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-pm5315-6-INFO_MSG Info: [chars]: [chars] Explanation This is a Informational message in the karachi driver to indicate an operation. Recommended Action No action is required. Layer 2 Messages pm5316 Messages EM-822 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-pm5315-7-DEBUG_MSG Debug: [chars]: [chars] errno [dec] Explanation This is a debug message in the karachi driver to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. pm5316 Messages Error Message %L2-pm5316-3-FATAL_ERROR [chars](): fatal error: [chars]: [chars]: [dec] Explanation A fatal error occurred in plim Driver which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-pm5316-4-WARNING [chars](): warning: [chars]: [chars]: [dec] Explanation A warning condition occurred in plim Driver which involves exiting the process. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. PM622 Messages Error Message %L2-PM622-2-error [chars] Explanation A high severity error has occurred in PLIM FPGA. This might result in the PLIM being reset. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PMSAR Messages EM-823 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PMSAR Messages Error Message %L2-PMSAR-2-CFG_ERR : [chars]: [dec] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-CHAN_STATS_ERR [chars]() [dec], chan:[dec],[dec],[dec]; cid:[dec], sar:[dec] reason:[chars] status:[dec], ack:[hex], [hex], [hex], [hex] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-CLOSE_VC_COSQ_ERR [chars]() [dec], close cosq failure. rsar:[dec], ssar:[dec], queue:[dec], cosq_id:[dec] reason:[chars]; status:[dec] ack:[hex], [hex], [hex], [hex] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-CLOSE_VC_ERR [chars]() [dec], close vc failure. rsar:[dec], ssar:[dec], vpi:[dec], vci:[dec] reason:[chars]; status:[dec] ack:[hex], [hex], [hex], [hex] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PMSAR Messages EM-824 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PMSAR-2-CMD_ACK_ERR [chars]() [dec], SAR:[dec] poll incomplete cmd ack, [chars] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-CMD_ERR [chars] Explanation A critical PM622 TSP command failed that expected to succeed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-CMD_POLL_TIMEOUT [chars]() [dec], SAR:[dec] cmd poll timed out, [chars] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-CMD_POST_ERR [chars]() [dec], SAR:[dec] post cmd failure. status:[dec], [chars] [dec] ack:[hex], [hex], [hex], [hex] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-INITERR Fatal error: [chars]: [hex] Explanation SAR device cx27470 initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PMSAR Messages EM-825 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PMSAR-2-MMAPERR [chars](),[dec]: [chars] [hex] Explanation SAR device cx27470 mmap access violation failure Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-MUTEX_TIMEOUT [chars]() [dec], Get SAR:[dec], thread_id:[dec] mutex timed out, [chars] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-OPEN_VC_ERR [chars]() [dec], open vc failure. rsar:[dec], ssar:[dec], vpi:[dec], vci:[dec] reason:[chars]; status:[dec], ack:[hex], [hex], [hex], [hex] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-OPEN_VP_ERR [chars]() [dec], open vp failure. sar:[dec] vpi:[dec], reason:[chars]; ack:[hex], [hex], [hex], [hex] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-2-PORT_STATS_ERR [chars]() [dec], port stats failure. sar:[dec] reason:[chars]; status:[dec], ack:[hex], [hex], [hex], [hex] Explanation A fatal error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PMSAR Messages EM-826 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PMSAR-2-RESOURCE_ERR [chars] [dec], [chars] with errno:[dec] Explanation A critical IOX resource request failed that expected to succeed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-3-ESYS_ERR [chars] [dec]: reason [chars] errno:[dec] Explanation CX27470 esys generic fatal error message. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-3-ESYS_LOAD_ELF [chars] [dec]: file [chars] [chars] [chars] Explanation CX27470 esys load elf input file symbol not found. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-3-EVENT_INDICATE [chars]() [dec], reason:[chars]; sar:[dec], log_entry_index:[dec], type:[dec], status:[dec] Explanation An event raised PM SAR Driver, check the event type Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-3-UNKNOWN_EVENT [chars]() [dec], reason:[chars]; sar:[dec], log_entry_index:[dec] Explanation An unknown event raised PM SAR Driver Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages POS Messages EM-827 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PMSAR-4-WARNING [chars] Explanation PM622 TSP CX27470 warning condition Recommended Action Debug message only. No action is required. Error Message %L2-PMSAR-6-event_dump [chars]() [dec], sar:[dec], event type:[dec], status:[dec]; hex dump:[hex], [hex], [hex], [hex] Explanation A warning or error occurred during PM SAR Driver cofiguration Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PMSAR-6-INFO [chars] [hex] Explanation PM622 TSP CX27470 information Recommended Action No action is required. Error Message %L2-PMSAR-7-DEBUG [chars] Explanation PM622 TSP CX27470 debug information Recommended Action Debug message only. No action is required. POS Messages Error Message %L2-POS-3-MTU_IMPOSE_FAILED Failed to set MTU of [unsigned int] on [chars] Explanation The specified MTU could not be applied on this interface. Recommended Action No action is required.Layer 2 Messages PPP_EA Messages EM-828 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PPP_EA Messages Error Message %L2-PPP_EA-3-INIT_ERROR Process Initialization Failed: ([chars]%s) Explanation The PPP execution agent process failed to initialize. PPP execution agent programs the Physical Layer Interface Module (PLIM) for handling PPP encapsulation on a POS link and also add capsulation for slowpath packet processing. The reason of the failure could be that the interface manager could not set the interface and returned an error, or could be due to unavailability of memory resources. This can happen when the linecard is coming up, or when the encapsulation is changed to PPP. The effect is that the interface will not come up using PPP encapsulation. %s - indicates the reason for the failure. %s - is the error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ppp_ea location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart ppp_ea location 0/x/cpu0’ Also try reapplying the configuration. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_EA-4-ERR_BATCH_ALLOC Failed to allocate batch for ’[chars]’ Explanation The process failed to allocate memory to handle the event described in the message. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. The ppp_ea process should be restarted to recover using the command ’process restart ppp_ea location R/S/I’. Error Message %L2-PPP_EA-4-ERR_EVM_EVENT_BLOCK Error encountered in the event loop: [chars]. The PPP EA process will restart Explanation An error occured in the event loop. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-PPP_EA-4-ERR_INIT Failure during initialization of the [chars]. Error [chars]. The PPP EA process will restart Explanation A failure occured during the initialization of the process. The process will restart which should recover the situation. Recommended Action *RECUR* Layer 2 Messages PPP_EA Messages EM-829 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_EA-4-ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. The ppp_ea process should be restarted to recover using the command ’process restart ppp_ea location R/S/I’. Error Message %L2-PPP_EA-4-ERR_RWMGR Unexpected error whilst [chars]: [chars] Explanation PPP EA encountered an error communicating with Rewrite Manager. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem with the Rewrite Manager Server process, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP EA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_EA-4-ERR_RWMGR_IF CH[hex]: Unexpected error whilst [chars]: [chars] Explanation PPP EA encountered an error communicating with Rewrite Manager. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem with the Rewrite Manager Server process, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP EA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_EA-6-ERR_IM_MULTIPLE_NTFCNS CH[hex]: Multiple [chars] notifications received in a single batch from IM Explanation A batch from IM contained multiple notifications for a single interface. This should not occur but the situation has been recovered successfully by the PPP EA. No problems should be seen as a result. Recommended Action *NONE*Layer 2 Messages PPP_FSM Messages EM-830 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PPP_FSM Messages Error Message %L2-PPP_FSM-3-ERR_SOCKET [chars]: Socket [chars] failed; [chars] Explanation There is a communication problem with the PPP socket. Recommended Action Restart the ppp_socket process on the node where the error is reported. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PPP_GBL_CFG Messages Error Message %L2-PPP_GBL_CFG-4-ERR_INIT Failure during intialization of [chars]. Error: [chars] Explanation The PPP GBL CFG process failed to initialize correctly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PPP_LCP Messages Error Message %L2-PPP_LCP-3-AAA_SESSION_CLEANUP_FAILED CH[hex]: Cleanup of a subscriber session has failed: [chars] Explanation A call to AAA to remove subscriber session state has failed. The error may cause the LCP session on the subscriber interface to be left permanently in what should be a transient unnegotiated state. Recommended Action To remove the stale sessions, run clear subscriber for this interface. Layer 2 Messages PPP_LCP Messages EM-831 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_LCP-3-MTU_UNUSABLE [chars] has an interface MTU of [unsigned int] which is smaller than the PPP packet header size ([unsigned int]) and so PPP cannot run on the interface Explanation PPP has been informed that the lower-layer MTU has been set to a value smaller than the PPP header size, which makes it impossible for PPP to operate. Recommended Action Reconfigure the interface’s MTU to a larger value. In order to ensure correct operation with peers, values which provide a layer 2 payload capacity (after allowing for 4 bytes of PPP header) of 1500 bytes or greater are required. Error Message %L2-PPP_LCP-4-ERR_AAA_IEDGE_SESSION Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the AAA iEDGE service. The error message describes what operation has failed and why it failed. The most likely reason for this is that the AAA iEDGE server is unavailable. It may also be caused by low memory resource or a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. In many cases, PPP MA will recover by itself. If it does not then restarting the process should help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_LCP-4-L2_NOT_SUPPORTED L2 mode is not supported on CH[hex] Explanation L2transport has been configured on an interface that does not support it. The interface will not enter L2 mode, and will remain in whichever mode it was in before. This will occur if the interface capabilities do not support L2 mode, or if L2 mode is configured on a multilink bundle member. Recommended Action Reconfigure the interface so that l2transport is not enabled. Error Message %L2-PPP_LCP-4-MISSING_AUTHENTICATION_LIST AAA authentication list [chars] is not defined for PPP Explanation One or more PPP interfaces have been configured to authenticate the peer using the authentication list identified in the error message, but this authentication list has not been configured in AAA itself. As a result PPP will be unable to authenticate the peer and the line protocol on the relevant interface or interfaces will not come up. Recommended Action Configure ’aaa authentication ppp listname ...’ Layer 2 Messages PPP_LCP Messages EM-832 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_LCP-4-MTU_WARNING [chars] has a PPP MTU of [unsigned int] which is smaller than the minimum value ([unsigned int]) required for correct operation Explanation RFC 1661 requires that the media that PPP is running over is always able to receive PPP packets of sizes up to 1500 bytes (where this value excludes the 4 bytes of PPP header). This is to ensure that the peer can always send control protocol packets up to this size if they ever need to renegotiate. IOS-XR routers set their MRU to the same value as the MTU, and this message has been issued because the configured MTU is too small to meet the above condition. Recommended Action Reconfigure the interface’s MTU to a larger value. In order to ensure correct operation with peers, values which provide a layer 2 payload capacity (after allowing for 4 bytes of PPP header) of 1500 bytes or greater are required. Note that as most Control Protocol packets are much smaller than 1500 bytes, it is unlikely that MTU values which are smaller than 1500 bytes will actually cause problems, but this cannot be guaranteed. Error Message %L2-PPP_LCP-4-UNEXPECTED_AAA_RESPONSE CH[hex]: A response with unexpected properties has been received from AAA: [chars] Explanation AAA has sent a response which is unexpected or malformed in the way explained in the message. The error may cause the interface to be left in what should be a transient state permanently. Recommended Action Check the output of ’show ppp interface’ for the interface with the problem. If the interface has been left permanently in an unauthenticated state, then it can be manually cleared using the ’clear subscriber’ command. Note that if the interface has come up successfully then the unexpected AAA response will probably not have caused problems. Error Message %L2-PPP_LCP-4-UNRECOGNIZED_PROTO Unrecognized IfMgr protocol [chars] on CH[hex] (caps equals [chars]) Explanation Interface Manager notified LCP about a protocol that it doesn’t recognize, either by sending a request to LCP to adopt this node or by informing LCP that it exists. This is a programming error as LCP needs to recognized all of the protocols which run above it in order to be able to run the relevant CP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_LCP-5-MTU_NEGOTIATED The PPP MTU for [chars] has been negotiated to be [unsigned int]. This is less than the configured PPP MTU of [unsigned int] Explanation The PPP MTU is reduced when the PPP MRU of the peer is less than the PPP MTU derived from the locally configured interface MTU. The reduced value will be used until LCP is renegotated (such as when the interface goes down and comes back up, or a new MTU is configured), or if the PPP encapsulation is removed from the interface. The MTU then returns to the Layer 2 Messages PPP_lite Messages EM-833 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 configured value and another message will indicate if a value less than the configured value is negotiated again. The reduced MTU is a normal part of PPP operation and is not indicative of any problems. Recommended Action No action is required. Error Message %L2-PPP_LCP-6-LOCAL_MTU_TOO_SMALL CH[hex]: Unable to complete LCP negotiations. Interface MTU on CH[hex] needs to be reconfigured taking into account the L2 headers to give an L3 MTU of at least [unsigned int] Explanation The peer has sent a NAK in response to the local MRRU value. The value it is suggesting for the MRRU is larger than the local bundle admin MTU, so it cannot be accepted. However, suggesting a smaller value will almost certainly lead to repeated NAKs (since the peer should be suggesting its minimum possible MRRU value), so the LCP session will be closed for a short time and then negotiations will be retried. Recommended Action Reconfigure the interface’s MTU to a larger value, taking into account the Layer 2 headers. Once these headers have been subtracted, the Layer 3 MTU needs to be at least the value suggested in the message. PPP_lite Messages Error Message %L2-PPP_lite-3-ERR_PL_DLL_ASYNC_SEND_FAIL Send async pulse to ppp lite process fails; Error [chars] Explanation Attempt to send pulse to PPP lite process fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_lite-3-ERR_PL_DLL_CHAN_CONNECT_FAIL Cannot connect to ppp lite process; Error [chars] Explanation Attempt to connect to PPP lite process channel fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_lite Messages EM-834 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_lite-3-ERR_SHMEM_MMAP_FAIL Cannot mmap file [chars]; Error [chars] Explanation Attempt to mmap the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_lite-3-ERR_SHMEM_OPEN_FAIL Cannot open shmem file [chars]; Error [chars] Explanation Attempt to open the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_lite-3-ERR_SHMEM_TRNC_FAIL Cannot truncate file [chars] to [dec] bytes; Error [chars] Explanation Attempt to truncate the shared memory file fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_lite-3-ERR_SHMEM_UNAVAILABLE PPP lite SHMEM can accommodate only [dec] records (request for [dec] records) Explanation PPP MA has requested transfer of more interface records than shared memory can accommodate Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PPP_MA Messages EM-835 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PPP_MA Messages Error Message %L2-PPP_MA-4-ERR_AAA Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the AAA service. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary problem communicating with the AAA server, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_AAA_ATTR Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the AAA attribute service. The error message describes what operation has failed and why it failed. The most likely reason for this is low memory resource or a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. In many cases, PPP MA will recover by itself. If it does not then restarting the process should help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_AAA_ATTR_IF CH[hex]: Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the AAA attribute service for the interface specified. The error message describes what operation has failed and why it failed. The most likely reason for this is low memory resource or a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. In many cases, PPP MA will recover by itself. If it does not then restarting the process should help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Layer 2 Messages PPP_MA Messages EM-836 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_AAA_SESSION Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the AAA iEDGE service. The error message describes what operation has failed and why it failed. The most likely reason for this is that the AAA iEDGE server is unavailable. It may also be caused by low memory resource or a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. In many cases, PPP MA will recover by itself. If it does not then restarting the process should help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_AAA_SESSION_IF CH[hex]: Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the AAA iEDGE service for the interface specified. The error message describes what operation has failed and why it failed. The most likely reason for this is that the AAA iEDGE server is unavailable. It may also be caused by low memory resource or a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. In many cases, PPP MA will recover by itself. If it does not then restarting the process should help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_AIB Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error communicating with the AIB server. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem with the AIB server, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Layer 2 Messages PPP_MA Messages EM-837 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_ATTR Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error communicating with the infrastructure. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_BACKEND Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the Backend service related to use of either SysDB or SubDB. The error message describes what operation has failed and why it failed. The most likely reason for this is low memory resources or a programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_BAG Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the Bag Client library. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. The error will affect PPP MA’s ability to provide operational management data, but won’t otherwise affect PPP MA’s operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPP_MA-4-ERR_CHKPT Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the Checkpoint Service. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Layer 2 Messages PPP_MA Messages EM-838 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_CHKPT_CORRUPT Corrupt [chars] checkpoint record found: [chars] Explanation Whilst restoring one of its checkpoint tables PPP MA found a corrupt checkpoint entry. The entry will be ignored and so the relevant interface’s PPP session will be renegotiated after the restart and as a result there may be a short period where traffic is lost. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_CHKPT_DUPLICATE Duplicate [chars] checkpoint record found for [chars] Explanation Whilst restoring one of its checkpoint tables PPP MA found multiple entries for the same interface. PPP MA will use the first checkpoint entry it finds for each interface and ignore any subsequent duplicates. This is caused by a programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_CLOCK Unexpected error encountered whilst retrieving the value of the [chars] clock: [chars] Explanation PPP MA encountered an error whilst retrieving the value of the realtime clock. The error message includes details of the reason for the error. This is a fatal error and the PPP MA process will abort and be restarted to recover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_DAPS Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the DAPS address pool service. The error message describes what operation has failed and why it failed. The most likely reason for this is a connection problem with the DAPS service, but the error could also be caused by low memory resources or programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_MA Messages EM-839 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_DAPS_IF CH[hex]: Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the DAPS address pool service. The error message describes what operation has failed and why it failed. The most likely reason for this is a connection problem with the DAPS service, but the error could also be caused by low memory resources or programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_DEBUG Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the debug service. The error message describes what operation has failed and why it failed. The error could be caused by low memory resource or programming error. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPP_MA-4-ERR_EVC_CLOSE Error closing ’[chars]’ connection: [chars] Explanation PPP MA failed to close a connection to an essential service. This is an internal error and it requires a restart of the process for recovery. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_EVC_CREATE Error creating ’[chars]’ connection: [chars] Explanation PPP MA failed to create a connection to an essential service during initialization. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_MA Messages EM-840 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_EVC_ERROR Error resetting ’[chars]’ connection: [chars] Explanation After detecting an error with the connection to the specified service, PPP MA failed to reset that connection. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_EVC_EVM_HANDLER Error registering for data events on ’[chars]’ connection: [chars] Explanation During initialization, PPP MA failed to register for input or output notifications for the specified service. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_EVC_GET_FD Error retrieving the Connection ID from the ’[chars]’ connection: [chars] Explanation PPP MA failed to retrieve the file descriptor associated with the specified service. This is an internal error. Recommended Action Consider restarting the PPP MA process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_EVC_NOTIFY Error registering for critical events on ’[chars]’ connection: [chars] Explanation During initialization, PPP MA failed to register for essential notifications regarding the state of the connection for the specified service. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_MA Messages EM-841 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_EVC_OPEN Error opening ’[chars]’ connection: [chars] Explanation PPP MA failed to open a connection to an essential service during initialization. This is an internal error. It requires a restart of the process for recovery. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_EVM_ATTACH Failed to register a handler for ’[chars]’ messages: [chars] Explanation PPP MA failed to register a handler for the specified class of event. This is an initialization error and implies that PPP MA will not be able to operate correctly. The PPP MA process will abort and be restarted in an attempt to recover. The cause may be a resource starvation problem but is most likely to be an internal programming error. The error message should give more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the PPP MA process. *RECUR* Error Message %L2-PPP_MA-4-ERR_EVM_CREATE Error creating the PPP MA Event Manager: [chars] Explanation PPP MA failed to create its Event Manager which is a critical resource for the operation of the process. This error may be caused by low memory resources. The process will abort and be restarted in an attempt to recover. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *SUPPORT* Error Message %L2-PPP_MA-4-ERR_EVM_SEND Failed to send ’[chars]’: [chars] Explanation PPP MA failed to send the specified message. The cause may be a resource starvation problem but is most likely to be an internal programming error. The error message should give more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the affected PPP MA process. *RECUR* Layer 2 Messages PPP_MA Messages EM-842 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_EVQ_CREATE Error creating event queue for ’[chars]’: [chars] Explanation This is an unexpected error. The PPP MA process will attempt to recover by restarting. The cause may be a resource starvation problem. The error message should provide more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %L2-PPP_MA-4-ERR_EVQ_DEQUEUE Error dequeuing event for ’[chars]’: [chars] Explanation This is an unexpected error. The PPP MA process will attempt to recover by restarting. The cause may be a resource starvation problem. The error message should provide more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %L2-PPP_MA-4-ERR_EVQ_ENQUEUE Error queuing event for ’[chars]’: [chars] Explanation This is an unexpected error. The PPP MA process will attempt to recover by restarting. The cause may be a resource starvation problem. The error message should provide more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %L2-PPP_MA-4-ERR_IMC Unexpected IfMgr error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error communicating with Interface Manager. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem with the Interface Manager Control Server, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_IP_ARM Failed to [chars] [chars]: [chars] Explanation IPCP encountered an error using the IP-ARM API. The error message describes what operation failed. This may be a resource starvation problem or an internal programming error. Recommended Action Restart the local ipv4_ma process and/or the ppp_ma process. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Layer 2 Messages PPP_MA Messages EM-843 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_IPCP_OPTS_INCONSISTENT CH[hex]: IPCP has negotiated inconsistent options: [chars] Explanation PPP MA has negotiated inconsistent IPCP options. The message details which options are inconsistent. IPCP will be brought up, but the inconsistencies could cause problems. The most likely reason for this is a misconfiguration, either locally or on the peer. Recommended Action Consider changing the relevant configuration either locally or on the peer. Error Message %L2-PPP_MA-4-ERR_IPCP_SCAN_IF CH[hex]: Failed to scan for configuration, continuing: [chars] Explanation PPP MA encountered an error when scanning for IPCP configuration. The error message describes what operation has failed and why it failed. The most likely reason for this is a connection problem with the SubDB service, but the error could also be caused by low memory resources or programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_IPHC Unexpected IPHC error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error communicating with IPHC MA. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem with the IPHC MA, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_IPHC_CONFIG CH[hex]: Invalid IPHC config received: [chars] Explanation PPP MA received invalid or unsupported IPHC config for this interface. The error message describes which piece of config is invalid. The most likely reason for this is incorrect IPHC user configuration. Recommended Action Check that the IPHC user configuration is valid and supported. Layer 2 Messages PPP_MA Messages EM-844 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_L2VPN Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error communicating with the L2VPN server. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem with the L2VPN server, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_LAS Failed to [chars] [chars]: [chars] Explanation IPV6CP encountered an error using the LAS API. The error message describes what operation failed. This may be a resource starvation problem or an internal programming error. Recommended Action Restart the local ipv6_ma process and/or the ppp_ma process. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPP_MA-4-ERR_LTRACE Unexpected error encountered whilst [chars] the [chars] buffer: [chars] Explanation PPP MA encountered an error using the Lightweight Tracing service. The error message describes what operation has failed and why it failed. This is a fatal error and the PPP MA process cannot continue. It will abort and subsequently be restarted by SysMgr in an attempt to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages PPP_MA Messages EM-845 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_MGD_TIMER Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an unexpected error using the Managed Timer library. This is most likely to be due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the PPP MA process. *RECUR*. Error Message %L2-PPP_MA-4-ERR_PAK Error handling pakman corruption problem: [chars]. Process exiting. Explanation The connection to packet manager was errored and the attempt to recover failed. Restarting the process should resolve the problem. Recommended Action Restart the ppp_ma process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_PLAT_PROPS Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error communicating with the Platform Properties DLL. The error message describes what operation has failed and why it failed. This will either have occurred because the Platform DLL failed to be properly initialized, or because of some error occurring in the platform dependent code. Recommended Action In many cases, PPP MA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_MA-4-ERR_RIB Unexpected error encountered whilst [chars]: Explanation PPP MA encountered an error using the RIB client library. The error message describes what operation has failed and why it failed. The most likely reason for this is a connection problem with the RIB, but the error could also be caused by low memory resources or programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_MA Messages EM-846 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_SUBDB Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the SubDB service. The error message describes what operation has failed and why it failed. The most likely reason for this is a connection problem with the SubDB server, but the error could also be caused by low memory resources or programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_SUBDB_IF CH[hex]: Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the SubDB service. The error message describes what operation has failed and why it failed. The most likely reason for this is a connection problem with the SubDB server, but the error could also be caused by low memory resources or programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_SYSDB Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error using the SysDB service. The error message describes what operation has failed and why it failed. The most likely reason for this is a connection problem with the SysDB server, but the error could also be caused by low memory resources or programming error. Recommended Action Consider restarting the PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_SYSMGR Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error whilst communicating with SysMgr. The error message describes what operation has failed and why it failed. This is a fatal error and the PPP MA process will abort and be restarted to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_MA Messages EM-847 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_SYSMGR_MDR Unexpected error encountered whilst [chars]: [chars] Explanation PPP MA encountered an error whilst communicating with SysMgr. The error message describes what operation has failed and why it failed. Sysmgr will take action to recover if appropriate. It is possible that this error has occured after MDR. If so then the recovery may require a cold reload of the card Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-4-ERR_THREAD Unexpected pthread error encountered for ’[chars]’ thread whilst [chars]: [chars] Explanation PPP MA encountered an unexpected error performing a pthread operation. The process will restart to attempt to recover. This is possibly due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPP_MA-4-ERR_THREAD_COND Unexpected condition error encountered whilst [chars]: [chars] Explanation PPP MA encountered an unexpected error performing a condition operation. The process may restart to attempt to recover. This is possibly due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPP_MA-4-ERR_THREAD_CREATE Failed to create ’[chars]’ thread: [chars] Explanation PPP MA encountered an unexpected error creating a new thread. The process will restart to attempt to recover. This is possibly due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Layer 2 Messages PPP_MA Messages EM-848 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-4-ERR_THREAD_MUTEX Unexpected mutex error encountered whilst [chars]: [chars] Explanation PPP MA encountered an unexpected error performing a mutex operation. The process may restart to attempt to recover. This is possibly due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPP_MA-4-ERR_WAVL_INIT Error initializing the WAVL tree used to store PPP MA IDBs: [chars]. Explanation PPP MA encountered an unexpected error which prevents it from functioning. This error may be caused by low memory resources. The process will abort and be restarted in an attempt to recover. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR* Error Message %L2-PPP_MA-6-ERR_EVC_DESTROY Error destroying ’[chars]’ connection: [chars] Explanation During process termination PPP MA failed to destroy a connection to a service provided by another process. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_MA-6-ERR_EVM_EVENT_BLOCK Error blocking waiting for an event to process: [chars] Explanation This is an unexpected error. The PPP MA process may recover by itself, or it may need to be restarted to recover. Recommended Action Restart the affected PPP MA process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_NETIO Messages EM-849 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_MA-6-ERR_EVQ_DESTROY Error destroying event queue for ’[chars]’: [chars] Explanation During process termination PPP MA failed to destroy an event queue. The process will terminate regardless so there should be no lasting problems. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PPP_NETIO Messages Error Message %L2-PPP_NETIO-3-ERR_INTF_INIT Failure initializing the PPP NetIO datapath for CH[hex]: [chars]%s Explanation The PPP NetIO DLL failed to initialize the datapath for processing PPP packets on a particular interface because of an unexpected error. The message includes the exact cause of the failure. As a result, the capsulation will be unloaded from the interface and the interface will not be able to send or receive any PPP packets. One possible reason for the error is a low memory condition, particularly if the failure was in creating the interface descriptor. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration., and then remove and reconfigure the PPP encapsulation on the interface. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_NETIO-4-ERR_INIT Failure [chars] in the PPP NetIO DLL: [chars] Explanation A failure occurred during an initialization operation in the PPP NetIO DLL. If this occured during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded, and an error returned to the user. One possible reason for the error is a low memory condition, particularly if the failure was in allocating trace buffers. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages PPP_SOCK Messages EM-850 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_NETIO-4-PAK_DROP Dropping [chars] packet on [chars] ([chars]) Explanation The PPP NetIO DLL has been forced to drop a packet because of an unexpected error. The error message describes the reason for the drop. Recommended Action The system may recover by itself. If it doesn’t then the error message will recur. In this case consider restarting the NetIO process on the affected linecard. If the error messages continue after restarting NetIO then Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPP_NETIO-5-SUBBLOCK_VERSION Incompatible subblock version during upgrade. Data has version [unsigned int], but the version supported is [unsigned int] Explanation When the PPP NetIO DLL was upgraded the existing data version was incompatible with the new software. NetIO will be restarted to recover the appropriate state. Recommended Action This is not a problem, the message is just to explain why NetIO has restarted. PPP_SOCK Messages Error Message %L2-PPP_SOCK-3-ERR_MEM_ALLOC Unable to allocate [unsigned int] bytes Explanation Not enough memory was available for the operation to complete. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-PPP_SOCK-3-ERR_SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPP_SOCK Messages EM-851 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPP_SOCK-4-ERR_EVM_EVENT_BLOCK Error in event loop: [chars] Explanation An error occured in the event loop. The process will restart which should recover the situation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_SOCK-4-ERR_LTRACE_INIT Failed to initialize the ltrace buffer. Error: [chars] Explanation The buffer used for tracing could not be allocated. The process will be restarted. Recommended Action The most likely cause of a problem is not enough memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-PPP_SOCK-4-ERR_PAKMAN Could not clean up and restart pakman connection. Error: [chars]. Control packet I/O will fail so restarting the socket process. Explanation An unknown error occurred after a pakman disconnect event. Restarting the socket process should have resolved the problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPP_SOCK-4-INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PPPOE_EA Messages EM-852 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PPPOE_EA Messages Error Message %L2-PPPOE_EA-4-ERR_EVC_ERROR Error resetting IMP connection: [chars] Explanation After detecting an error with the IMP connection, PPPoE EA failed to reset that connection. This is an internal error. It requires a restart of the process for recovery. Recommended Action *SUPPORT* Error Message %L2-PPPOE_EA-4-ERR_EVM_EVENT_BLOCK Error encountered in the event loop: [chars]. The PPPoE EA process will restart Explanation An error occured in the event loop. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-PPPOE_EA-4-ERR_INIT Failure during initialization of the [chars]. Error [chars]. The PPPoE EA process will restart Explanation A failure occured during the initialization of the process. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-PPPOE_EA-4-ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. Recommended Action *REDUCE* Error Message %L2-PPPOE_EA-4-ERR_PLATFORM_INIT Failure during initialization of the platform DLL. Error [chars]. PPPoE EA needs to be restarted to recover from this error. Explanation The PPPoE EA Platform DLL failed to initialise. This means that PPPoE will be unable to program the hardware. This error requires a restart of the process for recovery. Recommended Action *RECUR* Layer 2 Messages PPPOE_GBL_CFG Messages EM-853 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPPOE_EA-4-ERR_RWMGR Unexpected error whilst [chars]: [chars] Explanation PPPoE EA encountered an error communicating with Rewrite Manager. The error message describes what operation has failed and why it failed. The most likely reason for this is a temporary connection problem with the Rewrite Manager Server process, but the error could also be caused by low memory resource or programming error. Recommended Action In many cases, PPPoE EA will recover by itself. If it does not then restarting the process may help. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPPOE_EA-6-ERR_IMP_MULTIPLE_NTFCNS CH[hex]: Multiple [chars] notifications received in a single batch from improxy Explanation A batch from IMProxy contained multiple notifications for a single interface. This should not occur but the situation has been recovered successfully by the PPPoE EA. No problems should be seen as a result. Recommended Action *NONE* PPPOE_GBL_CFG Messages Error Message %L2-PPPOE_GBL_CFG-4-ERR_DBG_TRACE Failed to initialize the PPPoE GBL debug and trace: [chars] Explanation PPPoE MA encountered an error initializing its Debug and Trace The error message describes what operation has failed and why it failed. This is a fatal error and the PPPoE GBL process cannot continue. It will abort and subsequently be restarted by SysMgr in an attempt to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPPOE_GBL_CFG-4-ERR_EVM_CREATE Error creating the PPPoE GBL Event Manager: [chars] Explanation PPPoE GBL failed to create its Event Manager which is a critical resource for the operation of the process. This error may be caused by low memory resources. The process will abort and be restarted in an attempt to recover. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *SUPPORT*Layer 2 Messages PPPOE_MA Messages EM-854 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PPPOE_MA Messages Error Message %L2-PPPOE_MA-2-ERR_INVALID_CB Invalid [chars] callback: [chars] Explanation PPPoE MA received an invalid callback from another process. The error message describes why it is invalid. This is most likely to be a programming error, either in PPPoE or in one of the processes it interacts with. Recommended Action PPPoE MA should recover by itself. Error Message %L2-PPPOE_MA-2-ERR_UNEXPECTED_CB Unexpected [chars] callback, when session in [chars] state Explanation PPPoE MA received an asynchronous callback from another process when the session was in an incorrect state. The error message describes which callback was received. This is most likely to be a programming error, either in PPPoE or in one of the processes it interacts with. Recommended Action PPPoE MA should recover by itself. Error Message %L2-PPPOE_MA-2-ERR_UNEXPECTED_CLEANUP Unexpected [chars], when session in [chars] state Explanation PPPoE MA is trying to cleanup a session when it is in an unexpected state. The error message describes which state it was in, and what was triggering the cleanup. This is most likely to be a programming error, either in PPPoE or in one of the processes it interacts with. Recommended Action PPPoE MA should recover by itself. Error Message %L2-PPPOE_MA-4-ERR_AAA_ATTR Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using AAA attribute APIs. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Layer 2 Messages PPPOE_MA Messages EM-855 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPPOE_MA-4-ERR_AAA_SESSION Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using AAA session APIs. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_ATTR Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using vAccess Attribute APIs. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_CHKPT Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using the Checkpoint Service. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_CHKPT_CORRUPT Corrupt [chars] checkpoint record found: [chars] Explanation Whilst restoring one of its checkpoint tables PPPoE MA found a corrupt checkpoint entry. The entry will be ignored and so the relevant PPPoE session will be lost. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Layer 2 Messages PPPOE_MA Messages EM-856 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPPOE_MA-4-ERR_CHKPT_DUPLICATE Duplicate [chars] checkpoint record found for CH[hex] Explanation Whilst restoring one of its checkpoint tables PPPoE MA found multiple entries for the same interface. PPPoE MA will use the first checkpoint entry it finds for each interface and ignore any subsequent duplicates. This is caused by a programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %L2-PPPOE_MA-4-ERR_DBG_TRACE Failed to initialize the PPPoE MA debug and trace: [chars] Explanation PPPoE MA encountered an error initializing its Debug and Trace The error message describes what operation has failed and why it failed. This is a fatal error and the PPPoE MA process cannot continue. It will abort and subsequently be restarted by SysMgr in an attempt to recover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PPPOE_MA-4-ERR_DEBUG Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using the debug service. The error message describes what operation has failed and why it failed. The error could be caused by low memory resource or programming error. Recommended Action In many cases, PPPoE MA will recover by itself. If it does not then restarting the process may help. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_EVC_ERROR Error resetting IMC connection: [chars] Explanation After detecting an error with the connection to the specified service, PPPoE MA failed to reset that connection. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PPPOE_MA Messages EM-857 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPPOE_MA-4-ERR_EVM_ATTACH Failed to register a handler for ’[chars]’ messages: [chars] Explanation PPPoE MA failed to register a handler for the specified class of event. This is an initialization error and implies that PPPoE MA will not be able to operate correctly. The PPPoE MA process will abort and be restarted in an attempt to recover. The cause may be a resource starvation problem but is most likely to be an internal programming error. The error message should give more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the PPPoE MA process. *RECUR* Error Message %L2-PPPOE_MA-4-ERR_EVM_CREATE Error creating the PPPoE MA Event Manager: [chars] Explanation PPPoE MA failed to create its Event Manager which is a critical resource for the operation of the process. This error may be caused by low memory resources. The process will abort and be restarted in an attempt to recover. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *SUPPORT* Error Message %L2-PPPOE_MA-4-ERR_EVM_EVENT_BLOCK Error encountered in the event loop: [chars]. The PPPoE MA process will restart Explanation An error occured in the event loop. The process will restart which should recover the situation. Recommended Action *RECUR* Error Message %L2-PPPOE_MA-4-ERR_EVM_SEND Failed to send ’[chars]’: [chars] Explanation PPPoE MA failed to send the specified message. The cause may be a resource starvation problem but is most likely to be an internal programming error. The error message should give more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the affected PPPoE MA process. *RECUR* Layer 2 Messages PPPOE_MA Messages EM-858 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPPOE_MA-4-ERR_IMC Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using vAccess IMC APIs. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_INSERT_GLOBAL Interface CH[hex] already in global session tree Explanation PPPoE MA tried to insert an interface into the global session tree which was already there. The error is probably caused by a programming error. Recommended Action PPPoE MA should recover by itself. Error Message %L2-PPPOE_MA-4-ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %L2-PPPOE_MA-4-ERR_MGD_TIMER Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an unexpected error using the Managed Timer library. This is most likely to be due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the PPPoE MA process. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_REGCOMP Failed to compile regular expression ’[chars]’ for [chars] Explanation The process failed to compile the given regular expression. Recommended Action -- Layer 2 Messages PPPOE_MA Messages EM-859 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PPPOE_MA-4-ERR_SUBDB Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using SubDB The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_SYSDB Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using vAccess SysDB APIs. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-PPPOE_MA-4-ERR_TUPLE Failed to unpack tuple for ’[chars]’ Explanation The process failed to unpack a tuple. Recommended Action -- Error Message %L2-PPPOE_MA-4-ERR_VACCESS Unexpected error encountered whilst [chars]: [chars] Explanation PPPoE MA encountered an error using vAccess APIs. The error message describes what operation has failed and why it failed. The most likely reason for this a low memory condition but the error could also be caused by a programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*.Layer 2 Messages PRECAM Messages EM-860 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PRECAM Messages Error Message %L2-PRECAM-2-HW_RESOURCE_FAILURE Failed to allocate hardware resources for feature [chars] on ifh [hex], subtype [dec], stage [chars], instance [chars], loc [dec], error: [dec] ([chars]) Explanation A runtime error occurred while trying to allocate hardware resources for configuring a feature. The reason for the failure is also displayed. Recommended Action Please call Cisco Support with the error information and provide running configuration, configuration steps performed before the message was observed, linecard version and output of commands under: ’show controller pse [ingress|egress] precam ... ’ Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PSE Messages Error Message %L2-PSE-2-CRIT_EXIT Exit on error: [chars]: Caused by [chars] Explanation An critical error occurred in PSE Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-2-CRIT_EXIT Exit on error: [chars]: Caused by [chars] Explanation An critical error occurred in PSE Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-2-MIPC_STUCK [chars] direction. Data: ([chars]) Explanation Inter-processor communcation to the Metro is stuck. Recommended Action *None* Layer 2 Messages PSE Messages EM-861 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PSE-2-NODE_BRINGDOWN [chars] device: Caused by [chars] Explanation The PSE driver was unable to perform a critical function and must trigger a node bringdown to effect recovery. Recommended Action No action is required. Error Message %L2-PSE-2-NODE_BRINGDOWN [chars] device: Caused by [chars] Explanation The PSE driver was unable to perform a critical function and must trigger a node bringdown to effect recovery. Recommended Action No action is required. Error Message %L2-PSE-3-INTERNAL_ERR Error: [chars]: Err equals [dec] Explanation A driver internal error occurred which involves exiting the process. %s - indicates the reason for the failure. %d - is the error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-3-INVALID_COUNT Error: [chars]: Err equals [dec] Explanation This is a error message in the PSE Driver to indicate either anomolies which are notservice impacting. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temperory situation is resolved. %s - indicates the reason for the failure. %d - is the error reason. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-4-COLD_RESET_FAILED [chars] device: Caused by [chars] Explanation This is an error message in the PSE Driver to indicate that it failed to perform cold reset of specified pse instance due to the specified reason. Recommended Action No action is required. Layer 2 Messages PSE Messages EM-862 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PSE-4-COLD_RESET_FAILED [chars] device: Caused by [chars] Explanation This is an error message in the PSE Driver to indicate that it failed to perform cold reset of specified pse instance due to the specified reason. Recommended Action No action is required. Error Message %L2-PSE-4-ERRRATE_EXCEED_FAST [chars] device: High rate of ASIC errors of type: [chars] Explanation This is an error message in the PSE Driver to indicate that a high rate of specified errors is being detected. Recommended Action No action is required. Error Message %L2-PSE-4-ERRRATE_EXCEED_FAST [chars] device: High rate of ASIC errors of type: [chars] Explanation This is an error message in the PSE Driver to indicate that a high rate of specified errors is being detected. Recommended Action No action is required. Error Message %L2-PSE-4-ERRRATE_EXCEED_GLACIAL [chars] device: High rate of ASIC errors of type: [chars] Explanation This is an error message in the PSE Driver to indicate that a high rate of specified errors is being detected. Recommended Action No action is required. Error Message %L2-PSE-4-ERRRATE_EXCEED_GLACIAL [chars] device: High rate of ASIC errors of type: [chars] Explanation This is an error message in the PSE Driver to indicate that a high rate of specified errors is being detected. Recommended Action No action is required. Layer 2 Messages PSE Messages EM-863 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PSE-4-PROTO_HW_VERSION [chars] PSE ASIC prototype hardware detected. This version ([unsigned int]) is not supported. Explanation This message indicates that the version of the PSE ASIC is a prototype, and it is not supported by the s/w release. Recommended Action No action is required. Error Message %L2-PSE-4-PROTO_HW_VERSION [chars] PSE ASIC prototype hardware detected. This version ([unsigned int]) will be unsupported in future releases. Explanation This message indicates that the version of the PSE ASIC is a prototype, and will be unsupported in future s/w releases. Recommended Action No action is required. Error Message %L2-PSE-4-WARM_RESET_FAILED [chars] device: Caused by [chars] Explanation This is an error message in the PSE Driver to indicate that it failed to perform warm reset of specified pse instance due to the specified reason. Recommended Action No action is required. Error Message %L2-PSE-4-WARM_RESET_FAILED [chars] device: Caused by [chars] Explanation This is an error message in the PSE Driver to indicate that it failed to perform warm reset of specified pse instance due to the specified reason. Recommended Action No action is required. Error Message %L2-PSE-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the pse_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages PSE Messages EM-864 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PSE-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the pse_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-6-INFO_MSG [chars] Explanation This is a informational message in the PSE Driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PSE-6-INFO_MSG [chars] Explanation This is a informational message in the PSE Driver to indicate an operation. Recommended Action No action is required. Error Message %L2-PSE-6-INFO_MSG Info: [chars] Explanation This is a Informational message in the PSE Driver to indicate an operation. %s - indicates the informational message. Recommended Action No action is required. Error Message %L2-PSE-6-MP_INFO [chars] [chars] Explanation This is an informational message in the PSE Driver to indicate an event on maintenance processor. Recommended Action No action is required. Error Message %L2-PSE-7-DEBUG_MSG [chars] Explanation This is a debug message in the PSE Driver to indicate an operation or condition. Recommended Action No action is required. Layer 2 Messages PSE Messages EM-865 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-PSE-7-DEBUG_MSG [chars] Explanation This is a debug message in the PSE Driver to indicate an operation or condition. Recommended Action No action is required. Error Message %L2-PSE-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in PSE Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in PSE Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-7-MP_CORE MP Core File saved in [chars]. Explanation An error occurred in PSE MP Microcode Driver which required exiting (and, hence, restarting) the process. This message records the location of the MP Core File. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-PSE-7-MP_CORE MP Core File saved in [chars]. Explanation An error occurred in PSE MP Microcode Driver which required exiting (and, hence, restarting) the process. This message records the location of the MP Core File. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages PSELIB Messages EM-866 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PSELIB Messages Error Message %L2-PSELIB-4-EXIT_ON_ERR [chars]. Reason: [chars] Explanation An error occurred in the PSE ASIC client library after which the client code cannot continue. This error is encountered when a client module (e.g. cli command) has difficulty retrieving information from the PSE driver. The root cause may be located in either hardware or software. Recommended Action *RECUR* Error Message %L2-PSELIB-4-EXIT_ON_ERR [chars]. Reason: [chars] Explanation An error occurred in the PSE ASIC client library after which the client code cannot continue. This error is encountered when a client module (e.g. cli command) has difficulty retrieving information from the PSE driver. The root cause may be located in either hardware or software. Recommended Action *RECUR* QM_E5 Messages Error Message %L2-QM_E5-3-SANITY_RELOAD [chars] : Card will be reset Explanation There is buffer depletion of FreeQs. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. This error message is just a warning message for Buffer Depletion. The card will be reloaded after the time specified in the message, if the problem persists. The dumped Queues and Queue Elements need to be evaluated to find the root-cause of the problem Error Message %L2-QM_E5-3-SANITY_WARNING QM Buffer Depletion: [chars] Explanation There is buffer depletion of FreeQs. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. This error message is just a warning message. The dumped Queues and Queue Elements need to be evaluated to find the root-cause of the problem Layer 2 Messages QM_E5 Messages EM-867 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-QM_E5-4-INTERRUPT [chars]: [chars] : reg value [hex] Explanation The queueing asic experienced an interrupt, and will be reset. After reset, normal operation should resume. Recommended Action Log the error. If the error persists after reset, contact support. Error Message %L2-QM_E5-4-INTERRUPT2 [chars]: [chars] : reg1 [hex]: reg2 [hex] Explanation The queueing asic experienced an interrupt, and will be reset. After reset, normal operation should resume. Recommended Action Log the error. If the error persists after reset, contact support. Error Message %L2-QM_E5-7-INTERRUPT3 [chars]: [chars]: error_reg: [hex] error_info: [hex] Explanation The queueing asic experienced an interrupt, and is non-fatal. In some cases its corrected by software and remaining cases its occurences logged. Recommended Action Log the error. Error Message %L2-QM_E5-7-INTERRUPT4 [chars]: [chars]: error_reg: [hex] Explanation The queueing asic experienced an interrupt, and is non-fatal. In some cases its corrected by software and remaining cases its occurences logged. Recommended Action Log the error. Error Message %L2-QM_E5-7-INTERRUPT5 [chars]: [chars]: error: [hex] error_reg: [hex] Explanation The queueing asic experienced an interrupt, and is non-fatal. In some cases its corrected by software and remaining cases its occurences logged. Recommended Action Log the error. Error Message %L2-QM_E5-7-INTERRUPT6 [chars]: [chars]: error: [hex] error_reg: [hex] error_info: 0x[unsigned int]llx Explanation The queueing asic experienced an interrupt, and is non-fatal. In some cases its corrected by software and remaining cases its occurences logged. Recommended Action Log the error.Layer 2 Messages QM Messages EM-868 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 QM Messages Error Message %L2-QM-3-SANITY_RELOAD [chars] : Card will be reset Explanation There is buffer depletion of FreeQs. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. This error message is just a warning message for Buffer Depletion. The card will be reloaded after the time specified in the message, if the problem persists. The dumped Queues and Queue Elements need to be evaluated to find the root-cause of the problem Error Message %L2-QM-3-SANITY_WARNING QM Buffer Depletion: [chars] Explanation There is buffer depletion of FreeQs. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. This error message is just a warning message. The dumped Queues and Queue Elements need to be evaluated to find the root-cause of the problem Error Message %L2-QM-4-INTERRUPT [chars]: [chars] : reg value [hex] Explanation The queueing asic experienced an interrupt, and will be reset. After reset, normal operation should resume. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. QUEUEING Messages Error Message %L2-QUEUEING-3-FATAL_ERR [chars]: Err equals [dec] Explanation A fatal error occurred in QUEUEING ASIC Driver which involves exiting the process. The process will be respawned, but if it continues to fail the linecard will be reset, as the linecard cannot operate without this process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages RSMLIB Messages EM-869 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RSMLIB Messages Error Message %L2-RSMLIB-4-EXIT_ON_ERR [chars]. Reason: [chars] Explanation An error occurred in the PSE ASIC client library after which the client code cannot continue. This error is encountered when a client module (e.g. cli command) has difficulty retrieving information from the PSE driver. The root cause may be located in either hardware or software. Recommended Action *RECUR* Serial Messages Error Message %L2-Serial-3-MTU_IMPOSE_FAILED Failed to set MTU of [unsigned int] on [chars] Explanation The specified MTU could not be applied on this interface. Recommended Action No action is required. Error Message %L2-Serial-3-NULL_HW_FUNC Detected NULL hw func ptr in Serial interface instance: [chars] Explanation Failed to program the hardware. Recommended Action No action is required. Error Message %L2-Serial-4-ALARM [chars]: [chars] [chars] Explanation The specified Serial Alarm has been declared or released. Recommended Action Recommended action is to repair the source of the alarm.Layer 2 Messages SLARP_EA Messages EM-870 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SLARP_EA Messages Error Message %L2-SLARP_EA-2-EVENT_BLOCK Failure during receipt of message. Error: [chars] Explanation A failure occurred handling a message arriving at the SLARP capsulation EA process Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP_EA-2-INIT Failure during intialisation of SLARP Caps EA. Error: [chars] Explanation A failure occurred during the initialisation of the SLARP capsulation EA process Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP_EA-3-ADJ_UPDATE_FAIL [hex]: unable to update adjacency : [chars] Explanation Adjacency information was not able to be updated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SLARP_LITE Messages Error Message %L2-SLARP_LITE-3-ERR_CSL_DLL_ASYNC_SEND_FAIL Send async pulse to slarp lite process fails; Error [chars] Explanation Attempt to send pulse to SLARP lite process fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SLARP_LITE Messages EM-871 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SLARP_LITE-3-ERR_CSL_DLL_CHAN_CONNECT_FAIL Cannot connect to slarp lite process; Error [chars] Explanation Attempt to connect to slarp lite process channel fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP_LITE-3-ERR_SHMEM_MMAP_FAIL Cannot mmap file [chars]; Error [chars] Explanation Attempt to mmap the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP_LITE-3-ERR_SHMEM_OPEN_FAIL Cannot open shmem file [chars]; Error [chars] Explanation Attempt to open the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP_LITE-3-ERR_SHMEM_TRNC_FAIL Cannot truncate file [chars] to [dec] bytes; Error [chars] Explanation Attempt to truncate the shared memory file fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SLARP Messages EM-872 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SLARP_LITE-3-ERR_SHMEM_UNAVAILABLE SLARP lite SHMEM can accommodate only [dec] records (request for [dec] records) Explanation cHDLC MA has requested transfer of more interface records than shared memory can accommodate Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. SLARP Messages Error Message %L2-SLARP-1-CAPS_ADD [chars]: Could not add slarp capsulation : [chars] Explanation Could not add the slarp capsulation in IM Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-CAPS_REMOVE [chars]: Could not remove slarp capsulation : [chars] Explanation Could not remove the capsulation in question. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-CLOCK_READ_ERROR Unable to read the clock: [chars] Explanation Unable to read the clock. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SLARP Messages EM-873 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SLARP-1-CONN_ALLOC Failed to allocate event connection with [chars]. Explanation An attempt to allocate a connection resource failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-CONN_NOTIFY Failed to attach event connection handler for [chars]. Explanation An attempt to attach a handler for an event connection failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-DEBUG_REGISTER Could not register for debug events : [chars] Explanation An attempt ot register with the debug infrastructure failed. The failure cannot be handled, so the process will have exited and will be automatically restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-EVENT_CONN Unable to initialize slarp timers Explanation Can not initialize the even channel used by slarp timers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-EVENTBLOCK event_block returned early : [chars] Explanation An unexpected or erroneous return while waiting for events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SLARP Messages EM-874 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SLARP-1-IM_STATEQUERY Failed to query IM interface state: [chars] Explanation An attempt to query the interface state from IM failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-INVTIMER invalid timer [dec] Explanation An error occurred attempting to transmit a SLARP packet. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-NO_INITIAL_CONFIG Failed to get the initial configuration: [chars] Explanation The initial configuration of the box was unable to be determined. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-NOIDB [chars]: Event which we do not have record of Explanation An internal software error occurred. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-NORESOURCE [chars] failed to allocate resource in [chars] Explanation An attempt to allocate a resource failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SLARP Messages EM-875 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SLARP-1-TIMER_ALLOC [chars]: Could not allocate a timer for SLARP : [chars] Explanation Could not allocate a timer. SLARP will not run on this interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-TRACE_REGISTER Failed to register with tracing infrastructure: [chars] Explanation An attempt to register with the tracing infrastrucure failed. The failure cannot be handled, so the process will have exited and will be automatically restarted. The root cause of the problem is likely to be with the tracing infrastructure, rather than with this process in particular. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-1-TREE_INSERT [chars]: Could not insert interface into storage. Explanation We could not store information about this interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-5-OLDSEQ [chars]: Outdated sequence number [dec], current [dec] Explanation A keepalive packet was received out of sequence with previous keepalives. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SLARP-5-PKTLENGTH Invalid packet length [dec] recv on [chars], should be [dec] Explanation An invalid SLARP packet was received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages SLOGIC Messages EM-876 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SLOGIC Messages Error Message %L2-SLOGIC-4-ANOMALY [chars] Explanation A SW exception occurred in SLOGIC Library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SONET_APS Messages Error Message %L2-SONET_APS-4-WARNING [chars] - [chars] Explanation A non-fatal error occured while executing the function in question. The message contains info about the cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of SONET APS. Error Message %L2-SONET_APS-4-WP_INFO Connection to [chars]%s [chars] Explanation State change in the APS group internal communication system detected. Expected during transitory conditions at config changes, OIR, etc. The message contains info about the WP communication components affected. Recommended Action Verify continued correct operation of SONET APS. Error Message %L2-SONET_APS-6-CONFLICT [chars] ([chars]) - [chars] Explanation A conflict failure occured The message contains info about the cause of the failure and possibly anticipated actions/effects. Recommended Action Fix the confguration error for proper operation of SONET APS. Error Message %L2-SONET_APS-6-CONTACT [chars] [chars] [dec] [chars] [dec] [chars] Explanation Debug messages for APS. Recommended Action No Action requirements. Layer 2 Messages SONET_APS Messages EM-877 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SONET_APS-6-REQUEST_PREEMPTED APS group [dec] [chars] [dec]: preempted Explanation The user external request is preempted. Recommended Action Not Action requirements. Error Message %L2-SONET_APS-6-SWITCH_INFO Group [dec] Channel [dec] [chars] switch of [chars] to [chars] [chars] Explanation Debug messages for APS. Recommended Action No Action requirements. Error Message %L2-SONET_APS-6-UPDOWN [chars] [chars] [dec] [chars] [dec] [chars] Explanation Debug messages for APS. Recommended Action No Action requirements. Error Message %L2-SONET_APS-7-ERROR [chars] failed ([chars]) - [chars] Explanation A general failure occured while executing the function in question. The message contains info about the cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of SONET APS. Error Message %L2-SONET_APS-7-NOMEM Not enough memory for [chars] Explanation The process is out of memory. Recommended Action Check process list for source of memory loss. Check if h/w memory requirements are met.Layer 2 Messages SONET_LOCAL Messages EM-878 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SONET_LOCAL Messages Error Message %L2-SONET_LOCAL-3-ERROR [chars]([dec]): [chars] failed ([chars]) - [chars] Explanation A general failure occured while executing the function in question. The message contains info about the location and cause of the failure and possibly anticipated actions/effects. Recommended Action This error indicates a problem in the code and cannot be easily recovered from. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SONET_LOCAL-4-ALARM [chars]: [chars] [chars] Explanation The specified SONET Alarm has been declared or released. Recommended Action Recommended action is to repair the source of the alarm. Error Message %L2-SONET_LOCAL-5-AIS_PWFAULT [chars] [chars] Explanation L-AIS insertion/removal notification messages. Recommended Action No action is required. Error Message %L2-SONET_LOCAL-6-CLEAR_COUNTERS Clear counters on [chars] Explanation Counters on a sonet controller has been cleared by the user. This message is for information only. Recommended Action None.Layer 2 Messages SPA_192 Messages EM-879 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SPA_192 Messages Error Message %L2-SPA_192-3-ERR_SPA_UNSUPPORTED Inserted node [chars] is not supported by Cisco 12000 Series SPA Interface Processor-601 line card. Please remove to prevent damages to the hardwares. Explanation A SPA identified by nodeid %s above is not supported by Cisco 12000 Series SPA Interface Processor-601 line card. The SPA should be remove immediately to prevent damages to the hardwares. Recommended Action Physcially remove the SPA module from the line card. Error Message %L2-SPA_192-3-ERR_SPA_UNSUPPORTED Inserted node [chars] is not supported by Cisco 12000 Series SPA Interface Processor-600 line card. Please remove to prevent damages to the hardwares. Explanation A SPA identified by nodeid %s above is not supported by Cisco 12000 Series SPA Interface Processor-600 line card. The SPA should be remove immediately to prevent damages to the hardwares. Recommended Action Physcially remove the SPA module from the line card. Error Message %L2-SPA_192-3-JACKET_ERROR [chars] Explanation SPA 192 Jacket error Recommended Action When errors occur in jacket, it is very likely the jacket process will restart itself. Error Message %L2-SPA_192-3-JACKET_V2_ERROR [chars] Explanation SPA 192 Jacket V2 error Recommended Action When errors occur in jacket, it is very likely the jacket process will restart itself. Error Message %L2-SPA_192-3-SPARULE_INT_ERROR [chars] Explanation SPA 192 Jacket V2 SPA rule internal error Recommended Action This would indicate an internal error in SPA rule module affecting our ability to insert/remove new SPA. This may require jacket process restart. Layer 2 Messages SPA_ATM_V2 Messages EM-880 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_192-6-SPARULE_ERROR [chars] Explanation SPA 192 Jacket V2 SPA rule error Recommended Action This would indicate an error during insertion/removal of SPA. If error occures during OIR than it is likely that problem could be due to invalid combination or SPA type used as indicated by additional text. Error Message %L2-SPA_192-6-UPGRADE_FPGA [chars] Explanation Upgrade SPA FPGA message Recommended Action none Error Message %L2-SPA_192-6-UPGRADE_FPGA [chars] Explanation Upgrade SPA FPGA message Recommended Action none SPA_ATM_V2 Messages Error Message %L2-SPA_ATM_V2-3-DRIVER_ERR [chars] [chars] Explanation ATM SPA OC3/OC12 driver error messages Recommended Action *NONE* Error Message %L2-SPA_ATM_V2-6-INFO [chars] [chars] Explanation ATM SPA OC3/OC12 informational message Recommended Action *NONE* Error Message %L2-SPA_ATM_V2-7-DEBUG [chars] [chars] Explanation ATM SPA OC3/OC12 debug message Recommended Action *NONE*Layer 2 Messages SPA_C_SHIM Messages EM-881 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SPA_C_SHIM Messages Error Message %L2-SPA_C_SHIM-3-GET_SHIM_INFO_FAIL Could not get shim info for ifh [hex] Explanation Could not get shim info for given interface handle Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_C_SHIM-3-NULL_SHIM_INFO Null shim info structure for ifh [hex] Explanation Null shim info encountered for given interface handle Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_C_SHIM-3-QUERY_FAIL c-shim query failed for ifh [hex] Explanation Unexpected c-shim query failure for given interface handle Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SPA_CHOC_DSX Messages Error Message %L2-SPA_CHOC_DSX-3-HDLC_ERR_CHNL_QUE_OV_STAT SPA [dec]/[dec]: [dec] [chars] events on HDLC Controller were encountered. Explanation The SPA driver detected an error event on the HDLC Controller Recommended Action The SPA driver has encountered an error event on the SPA card. If the condition persists, copy the error message exactly as it appears. Next research and attempt to resolve the issue using the SPA hardware troubleshooting documentation as well as the tools and utilities provided at http://www.cisco.com/public/support/tac/tools.shtml. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl or contact your Cisco technical Layer 2 Messages SPA_ETHER Messages EM-882 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 support representative. Be sure to provide the the information you have gathered and a ’show tech-support’ to your support representative, or attach it to your case in non-zipped, plain text format (.txt). Error Message %L2-SPA_CHOC_DSX-3-NULL_PD_FIELD Null platform specific field for link [hex], ifname [chars] Explanation The platform specific name in the link record is not set. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SPA_ETHER Messages Error Message %L2-SPA_ETHER-1-LTRACE_INIT_ERR [chars] Explanation Jacket process spawns the SPA process and waits for the initialization to complete. But initialization fails putting SPA into FAILED state. As a part of the above, we find the mesage Ltrace init failed message. Recommended Action If the issue occurs, Check the SPA state. If it is not OK, then collect the following traces 1) show plim jacket all location 2) show hw-module traces infra detailed location 3) show plim ether trace info/error location 4) console logs Error Message %L2-SPA_ETHER-2-LTRACE_RETRY_ERR [chars] Explanation Jacket process spawns the SPA process and waits for the initialization to complete. But initialization fails putting SPA into FAILED state. As part of retry mechansim, the above message is seen. Recommended Action If the issue occurs, Check the SPA state. If it is not OK, then collect the following traces 1) show plim jacket all location 2) show hw-module traces infra detailed location 3) show plim ether trace info/error location 4) console logs Error Message %L2-SPA_ETHER-2-SPA_CTX_ERR [chars] Explanation The spa_ether_ctx context data cannot be set. Recommended Action collect the trace log via ’show plim ether trace error location ’ ’show plim ether trace info location ’ ’show tech-support ethernet ’ ’show plim jacket trace all location ’ and collect console logs and send them to the Engineering team. Layer 2 Messages SPA_ETHER Messages EM-883 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_ETHER-2-SPA_JKT_ERR [chars] [chars] Explanation The Jacket driver failed to parse spa driver argument. Recommended Action -- Error Message %L2-SPA_ETHER-2-SPA_MAC_ERR [chars] Explanation The internal SPA MAC got out of sync. SW needs to reset the device in order to clear the issue Recommended Action If reseting the MAC device fixes the issue, nothing needs to be done. If the reset does not work, the SPA will need to be SW OIR’d. This can be easily checked by doing ’top’ on the LC with the issue. If the CPU is very high, the reset did not work. Error Message %L2-SPA_ETHER-2-SPA_MAC_ERR [chars] Explanation The internal SPA MAC got out of sync. SW needs to reset the device in order to clear the issue Recommended Action If reseting the MAC device fixes the issue, nothing needs to be done. If the reset does not work, the SPA will need to be SW OIR’d. This can be easily checked by doing ’top’ on the LC with the issue. If the CPU is very high, the reset did not work. Error Message %L2-SPA_ETHER-3-INCONSISTENT_CONFIG [chars] Explanation As part of trying to configure dot1q vlan with vlan id same as that of outer vlan of QinQ configuration on other sub-interface, then error has to be reported to remove the inconsistent config. Recommended Action Upon seeing this message, delete the subinterface that has just been created. Otherwise the system will be in inconsistent state. Error Message %L2-SPA_ETHER-3-PORT_DEL_TIMEOUT [chars] [dec] Explanation Port deletion failed to complete within the timeout period. Recommended Action Upon seeing this message collect the trace log via ’show plim ether trace error location ’ ’show plim ether trace info location ’ ’show tech-support ethernet ’ and send them to the Engineering team. Layer 2 Messages SPA_ETHER Messages EM-884 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_ETHER-4-INVALID_MAC Failed to get MAC address for port [dec], Interface assigned random MAC address. Explanation PLIM driver was unable to get a MAC address for the interface. Recommended Action Check if the process ’shelfmgr’ is up and running on the RP. Try to reload the LC to see if that helps. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_ETHER-4-INVALID_MAC Failed to get MAC address for port [dec], Interface assigned random MAC address. Explanation PLIM driver was unable to get a MAC address for the interface. Recommended Action Check if the process ’shelfmgr’ is up and running on the RP. Try to reload the LC to see if that helps. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_ETHER-4-PORT_DEL_WARNING [chars] [dec] [chars] Explanation Port deletion is taking longer time as there is large config to be deleted and so SPA driver prints out message every 2 min regarding the same. Recommended Action This is a warning message. Upon seeing this message, collect the following trace log via CLI ’show plim ether info location ’ ’show plim ether error location ’ ’show tech-support ethernet location ’ ’show im trace location ’ ’show cfgmgr trace location ’ ’show vlan trace location all’ Send them to the engineering team. Error Message %L2-SPA_ETHER-4-WAIT_CONFIG [chars] Explanation During brinup of Wanphy SPA, the config has to be restored before init. With this we can decide whether to get SPA in LAN or WAN mode. This message indicates that config restore of wanphy is getting delayed Recommended Action No explicit action is required, if it gets delayed, SPA state machine would timeout and reload the SPA. Layer 2 Messages SPA_FPD Messages EM-885 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_ETHER-6-PORT_DEL_INFO [chars] [dec] [chars] Explanation Port deletion happened after the threshold time. Recommended Action This is an informational message.Upon seeing this message collect the trace log via ’show plim ether trace error location ’ ’show plim ether trace info location ’ ’show tech-support ethernet ’ and send them to the Engineering team. SPA_FPD Messages Error Message %L2-SPA_FPD-3-FATAL_ERROR [chars] Explanation An internal system software error has occurred. This type of errors are in general SW bugs that are caused by providing wrong information to SPA FPD API. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_FPD-3-GET_IMG_ERROR [chars][[dec]]: [chars] Explanation An image for an FPD could not be obatined so that it could be updated. The cause of the failure is indicated in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_FPD-3-GET_VERSION_ERROR [chars][[dec]]: Failed to get FPD version information. Explanation The version of the FPD could not be obtained from the specified SPA. The FPD information will not be available for the specified SPA. System processing will continue normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SPA_FPD Messages EM-886 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_FPD-3-SW_ERROR [chars][[dec]]: [chars] Explanation An internal software error has occurred on the specified SPA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_FPD-3-UPDATE_FAILED [chars][[dec]]: Failed to update FPD ’[chars]’ image Explanation The update operation for the specified FPD image has failed. Recommended Action Retry the operation to update the image. If the retry operation fails, copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %L2-SPA_FPD-3-WRONG_OIR_STATE [chars][[dec]]: Cannot perform FPD image update on ’[chars]’ OIR state, it should be in ’[chars]’ OIR state Explanation The FPD image update operation could not be performed because the specified SPA is not in the correct state. The correct OIR state for the SPA is specified in the message text. Recommended Action Do not perform the update operation while the SPA is in the middle of a reload operation or while it is being initialized. Wait until the specified SPA is in the correct OIR state and retry the operation. Error Message %L2-SPA_FPD-5-OFFLINE_NOTICE [chars][[dec]]: Changing operational status to offline for update of FPD image Explanation An attempt has been made to temporarily change the operaional status of the SPA from online to offline before the image for the FPD could be updated on the target SPA. For some SPA types, this operation is required. Recommended Action Ensure that you have redirected the traffic of the target SPA before performing this action, since the target SPA will require a power cycle operation after the image update for the FPD on the target SPA has been performed. Layer 2 Messages SPA_OC3_OC12 Messages EM-887 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_FPD-5-RELOAD_NOTICE [chars][[dec]]: Reloading the SPA for the updated FPD image(s) to take effect Explanation Indicates the reloading operation of the SPA after the completion of the FPD image update opearation. Recommended Action No action is required. Error Message %L2-SPA_FPD-6-UPDATE_PASSED [chars][[dec]]: Successfully updated FPD ’[chars]’ image Explanation The FPD image was updated successfully. Recommended Action No action is required. Error Message %L2-SPA_FPD-6-UPDATE_START [chars][[dec]]: Starting update of FPD ’[chars]’ image Explanation The FPD update update operation has started for the specified image. Recommended Action No action is required. SPA_OC3_OC12 Messages Error Message %L2-SPA_OC3_OC12-3-DRIVER_ERR [chars] [chars] Explanation SPA OC3/OC12 driver error messages Recommended Action *NONE* Error Message %L2-SPA_OC3_OC12-3-DRIVER_ERR [chars] [chars] Explanation SPA OC3/OC12 driver error messages Recommended Action *NONE* Layer 2 Messages SPA_OC3_OC12 Messages EM-888 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_OC3_OC12-3-ERR_IF [chars] Explanation The SPA driver on the linecard failed to call SONET controll or POS interface related system function. The issue may affect the creation of SONET controller or POS interface while the SPA is booting, reloading or SFP OIR with different optics rate. %s - error message indicating location and the reason of the error Recommended Action - Try to do the SFP OIR for a few more times; - If the issue persists, reload the SPA with the command: hw-module subslot 0/x/x reload then check if all the POS interface are created, if not, reload LC. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_OC3_OC12-3-ERR_PLUGIN [chars] Explanation The operation on SPA object failed. The SPA driver controls all the hardware on the SPA. If the operation on SPA fails, the SPA may not be able to boot or work properly, and the traffic may be affected. %s - error message indicating location and the reason of the error Recommended Action The SPA infra will automatically restart the SPA driver up to a fixed number of times if the failure happens during SPA is booting. If the failure doesn’t happen with SPA booting, manually SPA reload may be needed. Execute ’show platform’ to verify the SPA is in READY state, if not, try to reload the SPA with command: hw-module subslot 0/x/x reload or if the system has no response to the command above, force to reload the SPA with follwoing sequence under config mode: hw-module subslot 0/x/x shutdown commit no hw-module subslot 0/x/x shutdown commit If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_OC3_OC12-3-ERR_RESTART [chars] Explanation There is an error detected during SPA process restart. During the process restart, the software will do: checking the hardware config compatibility; re-creating SONET controller and POS interface; restoring configurations. Any failure in above will cause restart failed. The traffic may or may not be affected after restart failed, but the further operation on SPA, e.g. changing configuration, may not be carried out properly. %s - error message indicating location and the reason of the error Recommended Action The system will try to restart the process again for a few times, If the issue persists, reload the SPA with the command: hw-module subslot 0/x/x reload If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SPA_OC3_OC12 Messages EM-889 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_OC3_OC12-3-ERR_SFP [chars] Explanation There is an error detected during SFP initialization. SFP is the pluggable optics on the SPA, SFP initialization may happen when linecard boots up, SFP OIR and SPA process restart. SFP error is for any possible error during the initialization. The optics will not work if SFP OIR operation failed, therefore no traffic will be affected. %s - error message indicating location and the reason of the error Recommended Action - Check the SFP, make sure it is CISCO certified; - Try to do the SFP OIR for a few more times; - If the issue persists, reload the SPA with the command: hw-module subslot 0/x/x reload then test SFP OIR after SPA comes up. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_OC3_OC12-6-INFO [chars] [chars] Explanation SPA OC3/OC12 informational message Recommended Action *NONE* Error Message %L2-SPA_OC3_OC12-6-INFO [chars] Explanation information message %s - message Recommended Action none Error Message %L2-SPA_OC3_OC12-6-INFO [chars] [chars] Explanation SPA OC3/OC12 informational message Recommended Action *NONE* Error Message %L2-SPA_OC3_OC12-6-OPTICS_OIR [chars] Explanation Optics module has inserted %s - message related to the SFP insertion event Recommended Action none Layer 2 Messages SPA_OC48 Messages EM-890 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_OC3_OC12-7-DEBUG [chars] [chars] Explanation SPA OC3/OC12 debug message Recommended Action *NONE* Error Message %L2-SPA_OC3_OC12-7-DEBUG [chars] [chars] Explanation SPA OC3/OC12 debug message Recommended Action *NONE* SPA_OC48 Messages Error Message %L2-SPA_OC48-3-DRIVER_ERR [chars] [chars] Explanation SPA OC48 driver error messages Recommended Action *NONE* Error Message %L2-SPA_OC48-3-DRIVER_ERR [chars] [chars] Explanation SPA OC48 driver error messages Recommended Action *NONE* Error Message %L2-SPA_OC48-3-ERR_INIT SPA driver initialization failed in bay [dec]: ([chars]/[chars]). Explanation The SPA driver on the linecard failed to initialize. The SPA driver controls all the hardware on the SPA. If the SPA driver fails to initialize, no traffic will pass, no SPA related infrastructure will work. %d - SPA bay number %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action The SPA infra will automatically restart the SPA driver, up to a fixed number of times when this error is encountered, to recover. Execute ’show platform’ to verify the SPA is in READY state, if not, try to reload the SPA with command: hw-module subslot 0/x/x reload or if the system has no response to the command above, force to reload the SPA with follwoing sequence under config mode: hw-module subslot 0/x/x shutdown commit no hw-module subslot 0/x/x shutdown commit If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SPA_OC48 Messages EM-891 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_OC48-3-ERR_SFP_OIR SFP OIR error in bay [dec]: ([chars]/[chars]). Explanation There is an error detected during SFP OIR. SFP is the pluggable optics on the SPA, SFP OIR can cause some operation in sw, e.g. create/delete optics object, SFP authentication. ’SFP OIR error’ is for any possible error during the operation. The optics will not work if SFP OIR operation failed, therefore no traffic can pass. %d - SPA bay number %s - indicates the reason for the failure %s - is the decoded error reason Recommended Action - Check the SFP, make sure it is CISCO certified; - Try to do the SFP OIR for a few more times; - If the issue persists, reload the SPA with the command: hw-module subslot 0/x/x reload then test SFP OIR after SPA comes up. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_OC48-6-INFO [chars] [chars] Explanation SPA OC48 informational message Recommended Action *NONE* Error Message %L2-SPA_OC48-6-INFO [chars] [chars] Explanation SPA OC48 informational message Recommended Action *NONE* Error Message %L2-SPA_OC48-6-OPTICS_INSERTION Optics module inserted into SPA in bay [dec], port [dec] Explanation Optics module has inserted %d - bay number %d - port number Recommended Action none Error Message %L2-SPA_OC48-6-OPTICS_REMOVAL Optics module removed from SPA in bay [dec], port [dec] Explanation Optics module has removed %d - bay number %d - port number Recommended Action none Layer 2 Messages SPA_PLIM_SB Messages EM-892 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_OC48-7-DEBUG [chars] [chars] Explanation SPA OC48 debug message Recommended Action *NONE* Error Message %L2-SPA_OC48-7-DEBUG [chars] [chars] Explanation SPA OC48 debug message Recommended Action *NONE* SPA_PLIM_SB Messages Error Message %L2-SPA_PLIM_SB-3-FPD_GETVER_FAIL [chars][[dec]]: Failed to get FPD image version for [chars] Explanation The FPD image version could not be retrieved from the SPA for the pogrammable device that is specified in the message text. This condition can occur if the system attempts to retrieve the version information while the SPA is not in the correct operational state. Recommended Action Try to reload the affected SPA or physically remove and then insert the SPA to correct the problem. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_PLIM_SB-3-FPD_IMG_DNLD_ERROR [chars][[dec]]: [chars] image download error ([chars]) Explanation The FPD image download operation for the indicated device has failed. The cause of the error is also indicated in the message. Recommended Action Retry the image update operation and if it fails again, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SPA_PLIM_SB Messages EM-893 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_PLIM_SB-3-FPD_IMG_UPD_ERROR [chars][[dec]]: [chars] image update error ([chars]) Explanation The FPD image update operation for the indicated device has failed. The cause of the error is also indicated in the message. Recommended Action Retry the image update operation and if it fails again, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_PLIM_SB-3-MSG_REPLY_FAIL [chars][[dec]]: Failed to reply a message ([chars]) Explanation A message to the specified SPA did not receive a reply. The reason for the failure is specified in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_PLIM_SB-3-MSG_SEND_FAIL [chars][[dec]]: Failed to send message ([chars]) after retries: [[dec]] Explanation A message to the specified SPA could not be sent. The reason for the failure is specified in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_PLIM_SB-3-OPEN_CH_FAIL [chars][[dec]]: Open channel for [chars] failed ([chars]) Explanation A communication channel could not be opened with the specified SPA. The reason for the failure is specified in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SPA_T3E3 Messages EM-894 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA_PLIM_SB-3-SPA_FW_ERR [chars][[dec]] ([chars]) Explanation The error message in parentheses is generated by SPA firmware for reason as mentioned in the error message. This error, and the message is logged by the plim holding the SPA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA_PLIM_SB-3-SW_ERROR [chars][[dec]]: [chars] Explanation An internal software error has occurred for the specified SPA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SPA_T3E3 Messages Error Message %L2-SPA_T3E3-6-SPA_RELOAD_INFO [chars] [dec] [chars] [chars] [chars] [chars] Explanation When the cardtype of T3E3 SPA is changed to T3 from E3 or vice versa, it undergoes a reload. A SPA reload is mandatory to have the newly configured cardtype in effect. Recommended Action This is an informational message indicating the T3E3 SPA will undergo a reload. SPA Messages Error Message %L2-SPA-3-BUS_FAILURE SPA ERR_L interrupt is asserted on subslot [unsigned int] Explanation SPA ERR_L interrupt is asserted by SPA when SPA bus protocol violation happens. This error happens mostly when there is an issue with hardware itself. The SPA reset is not going to recover the problem, hence SPA put into FAILED state. Recommended Action Replace SPA hardware or contact TAC to diagnoise the problem. Layer 2 Messages SPA Messages EM-895 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA-3-IPSEC_SPA_CRASH No Heartbeat from IPSec SPA. Reloading the SPA Explanation IPsec SPA crashed, has to be reloaded. Recommended Action None. Error Message %L2-SPA-3-PLIM_HEARTBEAT_ERR [chars]: bay [dec] heartbeat missed, expected seq# [unsigned int] received seq# [unsigned int], Time since last message [dec]s Explanation The IPC communication between local CPU and host in the specified slot indicated in the message is not functional. If the problem persists the SPA will be reloaded to recover from the failure. Recommended Action If the problem persists, try to reseat the SPA. If reseating does not help, copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Error Message %L2-SPA-3-POWER_FAILURE SPA_OK and PWR_OK signal is deasserted on subslot [unsigned int] Explanation SPA_OK and PWR_OK signal is asserted after the SPA is powered on by LC. These signals are deasserted when there is power failure on SPA and this failure indicates that it is SPA hardware issue. The SPA is put into FAILED state. Recommended Action Contact TAC to diagnoise the problem. Error Message %L2-SPA-3-SYSDB_ERROR [chars] Explanation SPA Infrastructure SysDb error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SPA Messages EM-896 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA-4-CERR_REGISTRATION_FAILURE Registration of error strings failed with error [hex] Explanation Error string reistration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SPA-5-APPS_IMAGE_DOWNLOADING Downloading SPA Application Image ([chars])... Explanation Downloading SPA Application image as indicated in the message Recommended Action none. Error Message %L2-SPA-5-APPS_IMAGE_ERROR Download SPA Application Image failed. Explanation Failed to download the SPA Application image. Recommended Action none. Error Message %L2-SPA-5-APPS_IMAGE_SIZE_ERR SPA Application image exceeds RAM size: Image size ([dec]) Shared mem size ([dec]) Explanation The size of the SPA Application image is too big. Recommended Action none. Error Message %L2-SPA-5-DOWNLOAD_METHOD_ERR SPA Download method [dec] not supported Explanation The specified download method is not supported Recommended Action none. Error Message %L2-SPA-5-FILE_SIZE_ERR SPA File exceeds Rdisk size: File size ([dec]) Rdisk size ([dec]) Explanation The size of the SPA File is too big. Recommended Action none. Layer 2 Messages SPA Messages EM-897 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA-5-OIR_ERROR [chars] Explanation SPA related error as indicated in the msg Recommended Action none. Error Message %L2-SPA-5-OIR_INSERTED SPA discovered in bay [dec] Explanation For displaying SPA OIR. Recommended Action none. Error Message %L2-SPA-5-OIR_REMOVED SPA removed from bay [dec] Explanation For displaying SPA OIR. Recommended Action none. Error Message %L2-SPA-5-OS_IMAGE_DOWNLOADING Downloading SPA OS Image ([chars])... Explanation Downloading SPA OS image as indicated in the message Recommended Action none. Error Message %L2-SPA-5-OS_IMAGE_ERROR Download SPA OS Image failed Explanation Failed to download the SPA OS image. Recommended Action none. Error Message %L2-SPA-5-OS_IMAGE_SIZE_ERR SPA OS image exceeds RAM size: Image size ([dec]) Shared mem size ([dec]) Explanation The size of the SPA OS image is too big. Recommended Action none. Layer 2 Messages SPA Messages EM-898 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA-5-PLIM_EVENT_INIT_ERR SPA Init Event Server failed Explanation Creating SPA event handling server failed. Recommended Action none. Error Message %L2-SPA-5-PLIM_KA_INIT_ERR SPA Init SPA Keepavlie Handler failed Explanation Creating SPA keepalive server failed. Recommended Action none. Error Message %L2-SPA-5-PLIM_RELOADING Reloading [chars] in subslot [unsigned int] after heartbeat failure ... Explanation Reloading SPA because of heartbeat failure. Recommended Action none. Error Message %L2-SPA-5-STATE_CHANGE SPA in bay [dec] type [chars] [chars] Explanation For displaying state of a SPA Recommended Action none. Error Message %L2-SPA-6-OPTICS_INSERTION Optics module inserted into SPA in bay [dec] Explanation Optics module has been inserted. %d - indicates the bay number Recommended Action None. This is an informational message only. Error Message %L2-SPA-6-OPTICS_REMOVAL Optics module removed from SPA in bay [dec] Explanation Optics module has been removed. %d - indicates the bay number Recommended Action None. This is an informational message only. Layer 2 Messages SPAMSG Messages EM-899 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPA-6-PM_ERR Failed to create pm_service in bay: [dec] Explanation This is an error condition which should not occur in normal conditions. %d - indicates the bay number Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you cannot determine the nature of the error from the error message text, call your Cisco technical support representative and provide the representative with the gathered information. SPAMSG Messages Error Message %L2-SPAMSG-3-ERR [chars] Explanation SPA related error msg Recommended Action none. Error Message %L2-SPAMSG-6-INFO [chars] Explanation SPA related info Recommended Action none. SPIO_PD Messages Error Message %L2-SPIO_PD-3-ERROR_MSG [chars] Explanation Failure during SPIO platform initialization. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages SPU_LIB Messages EM-900 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SPU_LIB Messages Error Message %L2-SPU_LIB-3-MSG_SEND_FAILED spu: msg: [dec], retried: [dec] time(s), failed to send, errno: [chars] Explanation Unable to send a message to the SPU server. Recommended Action *SUPPORT* Error Message %L2-SPU_LIB-6-INFO_WARNING [chars] Explanation This is an informational message in the SPU client LIB. Recommended Action *NONE* SPU_VFW_LIB Messages Error Message %L2-SPU_VFW_LIB-3-MSG_SEND_FAILED spu-vfw: msg: [dec], retried: [dec] time(s), failed to send, errno: [chars] Explanation Unable to send a message to the SPU-VFW server. Recommended Action *SUPPORT* Error Message %L2-SPU_VFW_LIB-6-INFO_WARNING [chars] Explanation This is an informational message in the SPU-VFW client LIB. Recommended Action *NONE* SPU_VFW Messages Error Message %L2-SPU_VFW-3-FATAL_ERR Fatal error: [chars]: Err equals [dec] Explanation A fatal error occurred in SPU_VFW Driver. Recommended Action *SUPPORT* Layer 2 Messages SPU Messages EM-901 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPU_VFW-3-NONFATAL_ERR Nonfatal error: [chars]: Err equals [dec] Explanation A non fatal error occurred in SPU_VFW Driver. Recommended Action *SUPPORT* Error Message %L2-SPU_VFW-6-INFO_MSG [chars] Explanation This is a Informational message in the SPU_VFW Driver. Recommended Action *NONE* SPU Messages Error Message %L2-SPU-3-COREDUMP_END_NOTIF SPU fatal error occurred ... [chars] core dump is created and [chars] stored on CP Explanation A fatal error occurred in SPU h/w. Core dump process ended’ . Recommended Action *SUPPORT* Error Message %L2-SPU-3-COREDUMP_FP_NOTIF SPU fatal error occurred ... Fast path ME are stopped . Core dump will [chars] be stored on CP Explanation A fatal error occurred in SPU h/w. Fast path ME’s are going to be stopped. No future connection between service blade and RP will be possible.Default action is to reload board, but if coredump is not stored on CP’s CF, reload may be prevented by appropriate CLI and core dump , which is always exists on XScale RAM disk may be accessed from IXP console. Recommended Action *SUPPORT* Error Message %L2-SPU-3-COREDUMP_START_NOTIF SPU fatal error occurred ... Started [chars] core dump process Explanation A fatal error occurred in SPU h/w. Core dump process started . Recommended Action *SUPPORT* Layer 2 Messages SPU Messages EM-902 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SPU-3-FATAL_ERR Fatal error: [chars]: Err equals [dec] Explanation A fatal error occurred in SPU Driver. Recommended Action *SUPPORT* Error Message %L2-SPU-3-NONFATAL_ERR Nonfatal error: [chars]: Err equals [dec] Explanation A non fatal error occurred in SPU Driver. Recommended Action *SUPPORT* Error Message %L2-SPU-3-SER_NOTIF Soft error occurred... [chars] : status 1 : [hex], status 2 : [hex] Explanation A fatal error occurred in SPU h/w. Recommended Action *SUPPORT* Error Message %L2-SPU-6-INFO_MSG [chars] Explanation This is a Informational message in the SPU Driver. Recommended Action *NONE* Error Message %L2-SPU-6-MINOR_SBE_NOTIF Corrected soft error ... [chars] : status 1 : [hex], status 2 : [hex] Explanation Single bit DRAM error was succesfully corrected on SPU h/w. Recommended Action *SUPPORT*Layer 2 Messages SRP Messages EM-903 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SRP Messages Error Message %L2-SRP-2-FATAL [chars] failed: [chars] Explanation Some requested operation failed during initialization. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SRP-2-FATAL [chars] failed: [chars] Explanation Some requested operation failed during initialization. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SRP-2-MUTEX [chars] failed: [chars] Explanation Thread synchronization failure has occurred. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-SRP-2-MUTEX [chars] failed: [chars] Explanation Thread synchronization failure has occurred. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages SRP Messages EM-904 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-SRP-3-ERR_DUP_MAC_ADDR [chars]: Duplicate mac addresses in topology Explanation Another node on the ring is using the same MAC address as this node. This can effect traffic forwarding. Recommended Action Correct the configuration of each node, where necessary, to ensure that each node uses a unique MAC address. Use the ’show srp topology’ CLI to identify any nodes using the same MAC address. Error Message %L2-SRP-3-ERR_MEDIA_SINGLE_RING [chars] SRR usage changed ([chars]) Explanation SRR ring usage is changed using Inner, Outer or Both rings. There are/were multiple faults (or user requests) on the ring causing potential loss of traffic/bandwidth. Recommended Action Clear the cause of each fault/wrap on the ring. Use the ’show srp topology’ CLI to identify which nodes are wrapped. Error Message %L2-SRP-3-ERR_MEDIA_WRAP [chars] [chars] on side [char] ([chars]) Explanation The specified side of the interface has wrapped or unwrapped for the given reason. There is/was a fault (or user request) on the ring causing potential loss of traffic/bandwidth. Recommended Action Clear the cause of the fault/wrap. Use the ’show srp ips’ and ’show srp failures’ CLI to determine the root cause of the fault (if still present). Error Message %L2-SRP-3-ERR_SRR_VER_MISMATCH [chars] SRR version mismatch detected. Explanation SRR has detected incompatible versions with other nodes on the ring and cannot inter-operate. Recommended Action Update the software image on all nodes of the ring to the same SRR version. Error Message %L2-SRP-6-INFO_SINGLE_NODE_TOPO [chars]: Single node in topology Explanation The topology discovery resulted in a single node being found. This is most likely a transient condition during initial ring bring-up. Recommended Action Verify that the condition is not transient by using ’show srp topology’ CLI. Verify the interface is not physically looped back, meaning side A is connected to side B. Verify that the other nodes are not in PassThru mode (ADMIN DOWN). Verify that neither of the adjacent nodes have the same BIA address by using ’show interface srp’ CLI. If a duplicate BIA address is found: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages STP_IO Messages EM-905 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 STP_IO Messages Error Message %L2-STP_IO-3-BPDU_DROPPED Received a BPDU but failed to decode it. Stage: [chars]. Explanation A BPDU packet has been received which STP has failed to decode. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP_IO-3-DETACH_FAILED Failed to detach from one or more interface on this node: [chars] Explanation On unconfiguring one or more ports from STP, STP was unable to detach from one or more of the interfaces. This may indicate that the interface was not previously attached to STP. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP_IO-3-TIMER_FAILED Restarting after failing to process one or more expired timers: [chars] Explanation An error has occurred processing one or more timer events driving the MSTP engine. The process has restarted to correct this issue. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP_IO-4-CFG_FAILED Failed to process [chars] of [chars] config: [chars] Explanation The STP IO process has failed to process the indicated configuration event. This event will not have taken effect. Recommended Action If a transitory error is indicated then removing and reapplying the configuration may result in the config being successfully applied. Otherwise, restarting the process may allow the config to be successfully applied. Layer 2 Messages STP_IO Messages EM-906 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-STP_IO-4-ERR_PACKET_INVALID_MSTI Received an internal packet on port CH[hex] referencing unknown MSTI [unsigned int] Explanation A packet has been received referencing an unknown MSTI, despite the packet being viewed as internal. This probably indicates an inconsistency on the other end. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP_IO-4-ERROR_DISABLING_PORT Error while disabling port CH[hex]. Reason for disabling is ’[chars]’: [chars]. Explanation The STP IO process failed an attempt to error-disable a port (in response to, for example, a BPDU being received on a port with BPDU-guard configured). Recommended Action STP has attempted to error-disable the port in order to avoid a potential loop in the network. This port should be disabled until the problem is resolved. Error Message %L2-STP_IO-4-INITIALISATION_FAILURE Failed to initialise [chars]: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action The process will automatically exit and will be restarted. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP_IO-4-OOM The STP IO process is restarting due to an Out of Memory condition. All state should be resynchronised after restart. Explanation The STP IO process failed to allocate sufficient memory for one of its operations. In order to recover from this situation, the process is restarting and will resync state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages STP_IO Messages EM-907 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-STP_IO-4-PROBLEM_EXITING An error occured while determining whether the IO process should exit, or in exiting: [chars] Explanation A failure occurred when either checking whether a shutdown of the STP IO process was required, or in informing the System Manager that it was about to exit. In rare cases, this could result in a failure by the System Manager to restart the process when it ought to do so. Recommended Action If the process ought to be running and is not, then attempt to restart it using the ’process restart’ command. If this fails, deconfigure the process and re-enter the configuration. Error Message %L2-STP_IO-4-RECONNECT_FAILED Restarting after failing to reset connection to Interface Manager: [chars] Explanation STP has encountered an error while attempting to resynchronize its data with Interface Manager. The process will restart automatically to correct the problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP_IO-4-UNEXPECTED_BPDU_RECEIVED A BPDU was received on portfast port: CH[hex] Explanation A BPDU was received on a port that was configured for Portfast. This port will now revert to a ’non-edge’ port. Recommended Action Check network configuration. Should this port really be configured for portfast? Has a new network device been added to the network? Error Message %L2-STP_IO-4-UNEXPECTED_SYSDB_MESSAGE Received an unexpected message from SysDB, type [unsigned int], path ’[chars]’ Explanation STP IO has received a message from SysDB of a form it does not recognise. The message will be ignored. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages STP_LIB Messages EM-908 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 STP_LIB Messages Error Message %L2-STP_LIB-3-PROTECT_STATE Failure during STP Protected state update. One or more ports may not be placed in the correct STP state: [chars] Explanation A failure occurred whilst notifying infrastructure that one or more ports are under STP control. If this occurs, these ports may not take the correct STP state, in the worst case leading to bridging loops forming in the network. Recommended Action If new port configuration has been added, shut the newly configured ports down. Remove all MSTP configuration and reapply. STP Messages Error Message %L2-STP-3-PORT_STATE_UPDATES_BLOCKED Port state updates may have failed, and further updates will be blocked, for [unsigned int] port instances, including instance [unsigned int] on port [chars] Explanation Updates to the port states have errored for the indicated instances. Any further state updates on these ports cannot be sent until the error is cleared, potentially blocking important updates. It is also possible that the current state has not been correctly implemented. Recommended Action Restarting the stp_controller process should resolve any network disruption due to the issue, but support should be contacted so the issue can be investigated. Error Message %L2-STP-4-ERR_CHKPT_SAVE CH[hex]: Failed to save Checkpoint data: [chars] Explanation An error occurred while checkpointing data for the indicated interface. Operational data may have been lost resulting in an STP process restarts being more impactful. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages STP Messages EM-909 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-STP-4-ERR_PORT_ID_RECLAIM Port ID [unsigned int] is recorded as used by interface [chars], but is also marked as used by another interface Explanation When recovering the existing data from checkpoint following a restart of the MSTP controller process, the indicated port ID has been found to be in use on two or more ports, including that named. The indicated port will not be used by MSTP until the problem is cleared. Recommended Action Removing and re-adding the indicated port from STP configuration should result in the error being cleared. Error Message %L2-STP-4-INITIALISATION_FAILURE Failed to initialise [chars]: [chars] Explanation A failure occurred during the initialization of the process. This resulted in the restart of the process. Recommended Action The process will automatically exit and will be restarted. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP-4-INVALID_L2VPN_STATE Invalid state received in L2VPN ACK: [unsigned int] Explanation When acknowledging a state update, the L2VPN infrastructure sent an invalid value. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP-4-LOOP_INCONSISTENT STP moved port [chars] to Loop Inconsistent state Explanation STP Loopguard feature moves a non-designated port to Loop inconsistent state when it stops receiving bpdu’s on this port. Recommended Action The problem might be due to software or hardware issues. Wait for a few minutes to see if problem clears or the port gets UDLD err-disabled. If not, file ddts with relevant info and continue. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages STP Messages EM-910 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-STP-4-PORTFAST_CHANGES_PENDING Portfast state changes will only be enacted when ports are shutdown Explanation The MSTP specification dictates that Portfast state changes should only be made whilst a port is disabled. In order to enact the new portfast configuration, ports should be shutdown. Recommended Action Shut and unshut any interfaces on which portfast configuration has been updated. Error Message %L2-STP-4-PROBLEM_EXITING Failed to notify SysMgr of intention to exit: [chars] Explanation A failure occurred during shutdown of the STP process, and it was unable to notify the System Manager that it was about to exit. In rare cases, this could result in a failure by the System Manager to restart the process when it ought to do so. Recommended Action If the process ought to be running and is not, then attempt to restart it using the ’process restart’ command. If this fails, deconfigure the process and re-enter the configuration. Error Message %L2-STP-4-RECONNECT_FAILED Restarting after failing to reset connection to Interface Manager: [chars] Explanation STP has encountered an error while attempting to resynchronize its data with Interface Manager. The process will restart automatically to correct the problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP-4-TIMER_FAILED Restarting after failing to process one or more expired timers: [chars] Explanation An error has occurred processing one or more timer events driving the MSTP engine. The process has restarted to correct this issue. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STP-6-LOOP_CONSISTENT STP moved port [chars] to Loop consistent state Explanation STP Loop inconsistency has been removed due to normal reception of bpdu’s. Recommended Action No action is required.Layer 2 Messages STREE Messages EM-911 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 STREE Messages Error Message %L2-STREE-4-CONNECT_FAIL STP Server not available Explanation stp_process is most likely in a bad state or basic system services have failed. stp_process error messages are generally indicative of health of control-ethernet which is critical for system operation. Misbehavior of stp_process can cause instability in the system. Recommended Action Sysmgr process will restart the stp_process if it encounters this error. Check if the ’stp_process’ is up and running if this error is encountered. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STREE-4-CREATE_FAIL STP Create Failed : [chars] Explanation stp_process ran into errors while creating the spanning tree instance for control ethernet. stp_process error messages are indicative of health of control-ethernet which is critical for system operation. Misbehavior of stp_process can cause instability in the system. Recommended Action Sysmgr process will restart the stp_process if it encounters this error. Check if the ’stp_process’ is up and running if this error is encountered. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STREE-4-MSGSEND_FAIL Message Send Failed : [chars] Explanation stp_process is most likely in a bad state or basic system services have failed. stp_process error messages are generally indicative of health of control-ethernet which is critical for system operation. Misbehavior of stp_process can cause instability in the system. Recommended Action Sysmgr process will restart the stp_process if it encounters this error. Check if the ’stp_process’ is up and running if this error is encountered. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages T1E1 Messages EM-912 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-STREE-4-PORT_CREATE_FAIL Stp port creation fail : [chars] Explanation Spanning tree port creation failed on the node. stp_process error messages are indicative of health of control-ethernet which is critical for system operation. Misbehavior of stp_process can cause instability in the system. Recommended Action Spanning tree port creation will be retried automatically. Check if the ’stp_process’ is up and running if this error is encountered. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STREE-4-SET_MACADDR_FAIL STP Set Mac Addr Failed : [chars] Explanation MAC address assigned to the spanning tree was either invalid or was not able to be set for the spanning tree instance. stp_process error messages are indicative of health of control-ethernet which is critical for system operation. Misbehavior of stp_process can cause instability in the system. Recommended Action Sysmgr process will restart the stp_process if it encounters this error. Check if the ’stp_process’ is up and running if this error is encountered. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-STREE-4-START_FAIL Failed to start STP instance : [chars] Explanation Spanning tree could not be started on the control ethernet for the node. stp_process error messages are indicative of health of control-ethernet which is critical for system operation. Misbehavior of stp_process can cause instability in the system. Recommended Action Sysmgr process will restart the stp_process if it encounters this error. Check if the ’stp_process’ is up and running if this error is encountered. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. T1E1 Messages Error Message %L2-T1E1-2-NOMEM [chars]([dec]): not enough memory for [chars] Explanation The process is out of memory. Recommended Action Check process list for source of memory loss. Check if h/w memory requirements are met. Layer 2 Messages T1E1 Messages EM-913 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-T1E1-3-ERROR [chars]([dec]): [chars] failed ([chars]) - [chars] Explanation A general failure occured while executing the function in question. The message contains info about the location and cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of T1E1. Error Message %L2-T1E1-4-ALARM [chars]: [chars] [chars] Explanation The specified T1E1 Alarm has been declared or released. Recommended Action Recommended action is to repair the source of the alarm. Error Message %L2-T1E1-4-LOOPSTATUS [chars] [chars] Explanation A configurable controller loopback status. Recommended Action None. Error Message %L2-T1E1-4-UPDOWN [chars]: [chars] [chars] Explanation The specified T1E1 is operationally down due to alarm. Check alarm status using show controller t1 command on the cli. Recommended Action Recommended action is to repair the source of the alarm. Error Message %L2-T1E1-4-WARNING [chars]([dec]): [chars] - [chars] Explanation A non-fatal error occured while executing the function in question. The message contains info about the location and cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of T1E1.Layer 2 Messages T3E3 Messages EM-914 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 T3E3 Messages Error Message %L2-T3E3-2-NOMEM [chars]([dec]): not enough memory for [chars] Explanation The process is out of memory. Recommended Action Check process list for source of memory loss. Check if h/w memory requirements are met. Error Message %L2-T3E3-3-ERROR [chars]([dec]): [chars] failed ([chars]) - [chars] Explanation A general failure occured while executing the function in question. The message contains info about the location and cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of T3E3. Error Message %L2-T3E3-4-ALARM [chars]: [chars] [chars] Explanation The specified T3E3 Alarm has been declared or released. Recommended Action Recommended action is to repair the source of the alarm. Error Message %L2-T3E3-4-FEAC [chars] [chars] Explanation New Far End Alarm Code received. Recommended Action None. Error Message %L2-T3E3-4-LOOPSTATUS [chars] [chars] Explanation A configurable controller loopback status. Recommended Action None. Error Message %L2-T3E3-4-PM [chars]([dec]): [chars] Explanation Performance Monitoring Related Warnings/Errors. Recommended Action None. Layer 2 Messages TCAM_RM_CARVE_VERIFY Messages EM-915 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-T3E3-4-UPDOWN [chars]: [chars] [chars] Explanation The specified T3E3 is operationally down due to alarm. Check alarm status using show controller t3 command on the cli. Recommended Action Recommended action is to repair the source of the alarm. Error Message %L2-T3E3-4-WARNING [chars]([dec]): [chars] - [chars] Explanation A non-fatal error occured while executing the function in question. The message contains info about the location and cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of T3E3. TCAM_RM_CARVE_VERIFY Messages Error Message %L2-TCAM_RM_CARVE_VERIFY-3-FATAL_ERR Fatal error: [chars]: Err equals [dec] Explanation A fatal error occurred in TCAM RM Carve Verify which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. TCAM_RM Messages Error Message %L2-TCAM_RM-3-BLWM_CLIENT_CONF_FAILED tcam_rm: blwm client configuration failed, error: [hex] [chars] Explanation Unable to configure BLWM client functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages TCAM_RM Messages EM-916 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-TCAM_RM-3-BLWM_CLIENT_REBIND_FAILED tcam_rm: blwm client rebind failed, error: [hex] [chars] Explanation Unable to rebind with BLWM client functionality after a connection reconnect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-BLWM_FAILED_MSG_DUMP TCAM RM: [chars] [dec] REGN TYPE [chars] REG-ID [dec] vmrid [hex] vmrid_p 0x[pointer], rc [chars][[dec]] Explanation Dump of the value, mask, result, stage, region-id of MSG sent to the TCAM_RM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-BLWM_FAILED_MSG_MASK_DUMP TCAM_RM MASK: [hex]%02x[hex]%02x[hex]%02x[hex]%02x[hex] Explanation Dump of the mask MSG sent to the TCAM_RM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-BLWM_FAILED_MSG_RESULT_DUMP TCAM_RM RESULT: [hex]%02x[hex]%02x[hex]%02x[hex]%02x [hex]%02x[hex]%02x[hex]%02x[hex]%02x Explanation Dump of the result MSG sent to the TCAM_RM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages TCAM_RM Messages EM-917 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-TCAM_RM-3-BLWM_FAILED_MSG_VALUE_DUMP TCAM_RM VALUE: [hex]%02x[hex]%02x[hex]%02x[hex]%02x[hex] Explanation Dump of the value MSG sent to the TCAM_RM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-BLWM_MSG_SEND_FAILED tcam_rm: blwm msg send/flush: retried: [dec] time(s), failed to send, error: [hex] [chars] Explanation Unable to send/flush a BLWM message to the TCAM_RM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-BLWM_RECVD_REPLY_FAIL tcam_rm: Received a failure reply code for a batched request type [dec], failed reason: [chars] Explanation This is the message printed by the default handler installed by TCAM_RM to process the replies received for batched requests. The default handler’s behavior is to just print this message. The application should install its own handler to handle the replies to batched requests. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-FATAL_ERR Fatal error: [chars]: Err equals [dec] Explanation A fatal error occurred in TCAM RM which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages TCAM_RM Messages EM-918 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-TCAM_RM-3-MSG_SEND_FAILED tcam_rm: msg: [dec], retried: [dec] time(s), failed to send, errno: [chars] Explanation Unable to send a message to the TCAM RM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-NONFATAL_ERR Nonfatal error: [chars]: Err equals [dec] Explanation This is a error message in the TCAM RM to indicate anomalies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temporary situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-RETURN_ERROR tcam_rm: TCAM returned [dec] ([chars]) because [chars] Explanation This is the message printed by the default handler installed by TCAM_RM to process the no memory reply received for batched requests. The default handler’s behavior is to just print this message. The application should install its own handler to handle the replies to batched requests. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-3-TCAM_RM_RECVD_REPLY_NOMEM tcam_rm: TCAM could not satisfy allocation request, the node may not function as expected. Explanation This is the message printed by the default handler installed by TCAM_RM to process the no memory reply received for batched requests. The default handler’s behavior is to just print this message. The application should install its own handler to handle the replies to batched requests. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages TCAM_RM Messages EM-919 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-TCAM_RM-4-BLWM_REPLAY_REQUEST tcam_rm: Replaying a batched request of type [dec] that might have been partially processed before. Explanation Due to a server restart, a batched request might have been partially processed. The default handler installed by TCAM_RM simply replays the request. Applications that can not afford to replay a request should install their own handler. Recommended Action No action is required. Error Message %L2-TCAM_RM-4-CACHE_ERR_COUNT tcam_rm: Client Cache Insert warning: Error Count:[dec] Cache Msg type:[dec] Request VMR id: [hex] Cache VMR id: [hex] VMR id pointer: 0x[pointer] Explanation If the error count is incrementing there is a discrepancy in the vmr_id pointer in the shared memory. These entries which are being merged do not have the same vmr_id and this can cause a potenital memory leak. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-4-CACHE_UNSUPPORTED_OP_SEQUENCE tcam_rm: prep request warning: prev msg code :[dec] curr msg code :[dec] Explanation If this error message is seen, the client of tcam_rm is attempting to send updates in an unsupported sequence. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-TCAM_RM-4-REPLY_HDLR_ERR_COUNT tcam_rm: Batch Reply Handler warning: Error Count:[dec] Cache Msg type:[dec] Req VMR id: [hex] Expected VMR id: [hex] Resp VMR id: [hex] Req VMR id pointer: 0x[pointer] Explanation If the error count is incrementing there is a discrepancy in the vmr_id pointer in the shared memory. These entries which are being merged do not have the same vmr_id and this can cause a potenital memory leak. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages UDLD Messages EM-920 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-TCAM_RM-5-PARITY_ERR Parity error corrected: ASIC Side equals [chars], TCAM Type equals [chars] TCAM Dev equals [dec], TCAM Offset equals [hex] Explanation This is an informational message from the TCAM RM to indicate that it received TCAM parity error Interrupt notification message and corrected the corrupted tcam cell offset through its shadow image. Recommended Action Monitor system for additional parity errors. If parity error recurs on this device, contact support. Error Message %L2-TCAM_RM-6-INFO_MSG Info: [chars] Explanation This is an informational message in the TCAM RM. Recommended Action No action is required. UDLD Messages Error Message %L2-UDLD-4-DISABLE_PORT UDLD protocol detected Uni-directional link on [chars], Port Disabled Explanation UDLD protocol detects if a link is uni-directional and disables the port. Uni-directional links can cause problems in ethernet networks and should be fixed. Recommended Action Check the link on which the error happenned. Try replacing/reconnecting the GBIC/SFP/cable at either end of the link. Re-enable the port on the RP and see if the port comes up. If the problem still exists the port will be disabled again with this message. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages UIDB_RM Messages EM-921 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 UIDB_RM Messages Error Message %L2-UIDB_RM-3-INIT_ERR Process initialization failed: ([chars]%s) Explanation The uidb-mgr-main process failed to initialize. A uidb is defined as a ’Micro Information Data-Base’ used by the hardware ASIC’s in the forwarding path. The uidb-mgr-main process is responsible for allocating/de-allocating the hardware uidb’s as configured by sw. If the uidb manager fails to initialize, no interfaces can be created or deleted on the linecard. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process uidb_mgr_main location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart uidb_mgr_main location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VCM_CLIENT Messages Error Message %L2-VCM_CLIENT-1-COMM_ERR [chars] : [chars] Explanation Error in communication. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. VCM_EA Messages Error Message %L2-VCM_EA-2-INTERNAL_ERR [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages VCM Messages EM-922 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-VCM_EA-2-INTERNAL_ERR_2 [chars]: [chars] Explanation Internal error with error message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VCM Messages Error Message %L2-VCM-2-IM_ATTR_ERR IM Attribute Error : [chars] : [dec] Explanation Error in IM Attribute operation Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-VCM-2-IM_ERR [chars] : [chars] Explanation Error in IM operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-VCM-2-INTERNAL_ERR [chars] : [chars] : [chars] Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages vlan_netio Messages EM-923 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 vlan_netio Messages Error Message %L2-vlan_netio-4-DEBUG_INIT_ERROR An error occurred during debug initialization (error: [chars]) Explanation The VLAN NetIO component encoutered an error during debug initialization. This is likely to cause VLAN interface setup to fail. Recommended Action If this error occurred as a result of applying configuration, try removing and reapplying the configuration. If this does not work, it may be necessary to reload the affected linecard. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. vlea Messages Error Message %L2-vlea-3-NATIVE_VLAN_NOTIF Failed to generate a notification for the Native VLAN (error: [chars]) Explanation The VLAN EA process encountered a problem while trying to send a Native VLAN change notification. Native VLAN support for interfaces on the affected node may not function correctly. Recommended Action Restart the VLAN EA process on the affected node with process restart vlan_ea location (node). If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlea-3-NO_STATS VLAN EA failed to register with the statistics server (error: [chars]) Explanation The VLAN EA process encountered an error while registering with the statistics server process. No VLAN sub-interface statistics will be gathered on the given linecard. Recommended Action This error message indicates a problem with in the statistics server process on the RP, or with the communications between the linecard and the RP. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages vlea Messages EM-924 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-vlea-4-EVENT_BLOCK An error was received while waiting for an event (error: [chars]) Explanation The VLAN EA process encountered an error while listening for events. The process will automatically restart and retry. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlea-4-IMP_CANT_REPLY Unable to reply to IMP (error: [chars]) Explanation The VLAN EA process encountered an error processing a message from the IMP process, and is unable send a reply. This may be due to a low memory condition in which case the error code will indicate this. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %L2-vlea-4-IMP_REG_FAILED Failed to register for notifications with IMP, err: [chars] Explanation During initialization, the VLAN EA process attempted to register with the IMP process for a required service, but encountered an error. The VLAN EA process will automatically retry. Until it succeeds, VLAN functionality may not work on the affected node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlea-4-INIT_FAILED VLAN EA initialization failed: [chars] (error: [chars]) Explanation The VLAN EA process failed to initialize. The process will automatically restart and retry. Until it succeeds, VLAN functionality may not work on the affected node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages vlma Messages EM-925 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-vlea-6-NO_MEM Out of memory (failed attempt to reserve [unsigned int] bytes) Explanation The VLAN EA process was not able to allocate the memory that it needed to complete the operation. VLAN functionality on the affected node may be reduced until the problem is resolved. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. vlma Messages Error Message %L2-vlma-3-BULK_IM_HANDLER_FAILED The handling of a bulk [chars] notification failed on [chars] for [dec] out of a batch of [dec] interfaces Explanation The VLAN MA process encountered an error while processing a batch of messages from Interface Manager about VLAN subinterfaces. The operation of VLAN subinterfaces on the specified node may be affected. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-3-BULK_IM_HANDLER_FAILED_ALL The handling of a bulk [chars] notification failed on [chars] for a batch of [dec] interfaces (all with error: [chars]) Explanation The VLAN MA process encountered an error while processing a batch of messages from Interface Manager about VLAN subinterfaces. The operation of VLAN subinterfaces on the specified node may be affected. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages vlma Messages EM-926 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-vlma-3-BULK_L2VPN_FAILED The handling of a bulk [chars] notification failed on [chars] for [dec] out of a batch of [dec] ACs Explanation The VLAN MA process encountered an error while processing a batch of L2VPN messages. L2VPN functionality on the affected node may be impaired. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-3-BULK_L2VPN_FAILED_ALL The handling of a bulk [chars] notification failed on [chars] for a batch of [dec] ACs (all with error: [chars]) Explanation The bulk operation to process the L2VPN notification for a batch of sub-interfaces failed. Recommended Action The VLAN MA process encountered an error while processing a batch of L2VPN messages. L2VPN functionality on the affected node may be impaired. Error Message %L2-vlma-3-BULK_L2VPN_FAILED_BATCH The handling of a bulk [chars] notification failed on [chars] for a batch of [dec] ACs (error: [chars]) Explanation The VLAN MA process encountered an error while processing a batch of L2VPN messages. L2VPN functionality on the affected node may be impaired. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-3-IM_ATTR_MSG_FAILED Failed to generate an IM attribute notification on [chars] (error: [chars]) Explanation The VLAN MA process encountered an error while sending information about subinterfaces to other processes in the system. The operation of VLAN subinterfaces on the affected node may be impaired. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages vlma Messages EM-927 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-vlma-3-IM_CONNECT_FAILED Failed to connect to IM, err: [chars] Explanation The VLAN MA process failed to connect to the IM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-3-IM_RESTART_RESYNC_FAILED Could not syncronize interface data for ([chars]) with IM (error: [chars]) Explanation The VLAN MA process was not able to fully resynchronize its internal database with that of IM. This may cause some loss of VLAN functionality on the VLAN trunk interface on which the error occurred, and its subinterfaces. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-3-L2VPN_DISCONNECT_FAILED The handling of a L2VPN Mgr disconnect notification failed for [unsigned int] trunk interface(s). The first failure was on [chars] (with error: [chars]) Explanation When the VLAN MA notices that it has lost its connection to the L2PVN Manager process, it needs to update its database to reflect this. This error message indicates that this the update failed. The only expected scenario that could cause the error is a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %L2-vlma-3-MAIN_INTF_INIT_FAILED Failed to perform initialization of trunk interface [chars], due to the following error: [chars] Explanation The VLAN MA process encountered a problem while setting up the specified trunk interface for VLAN operation. No sub-interfaces of the specified trunk interface can be created. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages vlma Messages EM-928 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-vlma-4-ASYNC_HANDLER Couldn’t install the default handler for async msgs, err: [chars] Explanation The VLAN MA process couldn’t install the default event handler for async msgs. Recommended Action No action is required. Error Message %L2-vlma-4-ATTR_NOTIF_LOST The IM attribute notification ’[chars]’ could not be processed (error: [chars]) Explanation The VLAN MA process encountered an error while processing an attribute change (e.g. a MAC address change) related to an interface. The operation of VLAN subinterfaces on the specified node may be affected. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-4-BULK_IM_HANDLER_FAILED_BATCH The handling of a bulk [chars] notification failed on [chars] for a batch of [dec] interfaces, err: [chars] Explanation The VLAN MA process encountered an error while processing a batch of messages from Interface Manager about VLAN subinterfaces. The operation of VLAN subinterfaces on the specified node may be affected. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-4-EVENT_BLOCK An error was received while waiting for an event on the [chars] (error: [chars]) Explanation The VLAN MA process encountered an error while listening for events. The process will automatically restart and retry. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages vlma Messages EM-929 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-vlma-4-IM_HANDLER_FAILED The handling of a [chars] notification failed on [chars] due to error: [chars] Explanation The VLAN MA process encountered an error while processing a message from Interface Manager. The operation of VLAN subinterfaces on the specified node may be affected. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-4-INIT_FAILED VLAN MA initialization failed: [chars] (error: [chars]) Explanation The VLAN MA process failed to initialize. Previous messages may give the reason. The process will automatically restart and retry. Until it succeeds, VLAN functionality may not work on the affected node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-4-RECOVERY_FAILED Failed to recover from resynchronization with another component for [chars], due to the error: [chars] Explanation The VLAN MA failed to resynchronize its configuration with another component in the system after an earlier failure, or process restart. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-vlma-6-NO_MEM Out of memory (failed attempt to reserve [unsigned int] bytes) Explanation The VLAN MA process was not able to allocate the memory that it needed to complete the operation. VLAN functionality on the affected node may be reduced until the problem is resolved. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Layer 2 Messages VPA_1P_OC192 Messages EM-930 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-vlma-6-UNKNOWN_NODE_VLAN_LIMIT Failed to determine the maximum number of VLAN sub-interface that are allowed to be configured on the given node (error: [chars]) Explanation A failure occurred while trying to determine the maximum number of VLAN sub-interfaces that can be supported on the given node. The system may allow configuration of more VLAN sub-interfaces that can be supported, or may not allow the full number supported to be configured. Recommended Action After gathering the information specified, it may help to restart the VLAN MA process on the affected node, with proc restart vlan_ma location [location]. If this restart completes without the message appearing again, the problem has been resolved. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VPA_1P_OC192 Messages Error Message %L2-VPA_1P_OC192-3-MEM_ERR [chars] Explanation fail to allocate memory Recommended Action show process memory to find out whehter there is potential memory leak show memory to confirm system memory goes low Error Message %L2-VPA_1P_OC192-3-MEM_ERR [chars] Explanation fail to allocate memory Recommended Action show process memory to find out whehter there is potential memory leak show memory to confirm system memory goes low Error Message %L2-VPA_1P_OC192-6-OPTICS_INSERTION Optics module inserted into SPA in bay [dec] Explanation Optics module has inserted Recommended Action none Error Message %L2-VPA_1P_OC192-6-OPTICS_INSERTION Optics module inserted into SPA in bay [dec] Explanation Optics module has inserted Recommended Action none Layer 2 Messages VPA_1P_OC192 Messages EM-931 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-VPA_1P_OC192-6-OPTICS_REMOVAL Optics module removed from SPA in bay [dec] Explanation Optics module has removed Recommended Action none Error Message %L2-VPA_1P_OC192-6-OPTICS_REMOVAL Optics module removed from SPA in bay [dec] Explanation Optics module has removed Recommended Action none Error Message %L2-VPA_1P_OC192-6-PORT_DEL_INFO [chars] [dec] [chars] Explanation Port deletion happened after the threshold time. Recommended Action This is an informational message. Upon seeingt this message collect log via ’show tech-support pos’ and send it to the Engineering team. Error Message %L2-VPA_1P_OC192-7-ERR [chars] Explanation fails to init debug event manager fails to provide its service Recommended Action ’show logging’ to confirm there is any error from event mgr Error Message %L2-VPA_1P_OC192-7-ERR [chars] Explanation fails to init debug event manager fails to provide its service Recommended Action ’show logging’ to confirm there is any error from event mgr Error Message %L2-VPA_1P_OC192-7-INFO [chars]: [chars] Explanation OC192VPA driver general info. Recommended Action show asic-error plim asic .. loc Layer 2 Messages VPA_8P_GE Messages EM-932 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-VPA_1P_OC192-7-INFO [chars]: bay equals [dec] : [chars] Explanation OC192VPA driver general info. Recommended Action show asic-error plim asic .. loc VPA_8P_GE Messages Error Message %L2-VPA_8P_GE-1-LTRACE_INIT_ERR [chars] Explanation Jacket process spawns the SPA process and waits for the initialization to complete. But initialization fails putting SPA into FAILED state. As a part of the above, we find the mesage Ltrace init failed message. Recommended Action If the issue occurs, Check the SPA state. If it is not OK, then collect the following traces 1) show plim jacket all location 2) show hw-module traces infra detailed location 3) show plim ether trace info/error location 4) console logs Error Message %L2-VPA_8P_GE-2-LTRACE_RETRY_ERR [chars] Explanation Jacket process spawns the SPA process and waits for the initialization to complete. But initialization fails putting SPA into FAILED state. As part of retry mechansim, the above message is seen. Recommended Action If the issue occurs, Check the SPA state. If it is not OK, then collect the following traces 1) show plim jacket all location 2) show hw-module traces infra detailed location 3) show plim ether trace info/error location 4) console logs Error Message %L2-VPA_8P_GE-2-SPA_CTX_ERR [chars] Explanation The spa_ether_ctx context data cannot be set. Recommended Action collect the trace log via ’show plim ether trace error location ’ ’show plim ether trace info location ’ ’show tech-support ethernet ’ ’show plim jacket trace all location ’ and collect console logs and send them to the Engineering team. Error Message %L2-VPA_8P_GE-2-SPA_JKT_ERR [chars] [chars] Explanation The Jacket failed to parse spa driver arguments. Recommended Action -- Layer 2 Messages VPA_8P_GE Messages EM-933 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-VPA_8P_GE-2-SPA_MAC_ERR [chars] Explanation The internal SPA MAC got out of sync. SW needs to reset the device in order to clear the issue Recommended Action If reseting the MAC device fixes the issue, nothing needs to be done. If the reset does not work, the SPA will need to be SW OIR’d. This can be easily checked by doing ’top’ on the LC with the issue. If the CPU is very high, the reset did not work. Error Message %L2-VPA_8P_GE-2-SPA_MAC_ERR [chars] Explanation The internal SPA MAC got out of sync. SW needs to reset the device in order to clear the issue Recommended Action If reseting the MAC device fixes the issue, nothing needs to be done. If the reset does not work, the SPA will need to be SW OIR’d. This can be easily checked by doing ’top’ on the LC with the issue. If the CPU is very high, the reset did not work. Error Message %L2-VPA_8P_GE-3-PORT_DEL_TIMEOUT [chars] [dec] Explanation Port deletion failed to complete within the timeout period. Recommended Action Upon seeing this message collect the trace log via ’show plim ether trace error location ’ ’show plim ether trace info location ’ ’show tech-support ethernet ’ and send them to the Engineering team. Error Message %L2-VPA_8P_GE-4-INVALID_MAC Failed to get MAC address for port [dec], Interface assigned random MAC address. Explanation PLIM driver was unable to get a MAC address for the interface. Recommended Action Check if the process ’shelfmgr’ is up and running on the RP. Try to reload the LC to see if that helps. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages VPA_RULES Messages EM-934 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-VPA_8P_GE-4-INVALID_MAC Failed to get MAC address for port [dec], Interface assigned random MAC address. Explanation PLIM driver was unable to get a MAC address for the interface. Recommended Action Check if the process ’shelfmgr’ is up and running on the RP. Try to reload the LC to see if that helps. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-VPA_8P_GE-6-PORT_DEL_INFO [chars] [dec] [chars] Explanation Port deletion happened after the threshold time. Recommended Action This is an informational message.Upon seeing this message collect the trace log via ’show plim ether trace error location ’ ’show plim ether trace info location ’ ’show tech-support ethernet ’ and send them to the Engineering team. VPA_RULES Messages Error Message %L2-VPA_RULES-4-DEBUG_INIT_ERR [chars] [dec] [chars] Explanation Internal error. SPA rules library debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-VPA_RULES-4-DEBUG_INIT_ERR [chars] [dec] [chars] Explanation Internal error. SPA rules library debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages WAHOO Messages EM-935 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 WAHOO Messages Error Message %L2-WAHOO-3-ERR_ACCESS Memory access Error: [chars]: Err equals [dec] Explanation A memory access error occurred in programable switching engine (PSE) driver which involves exiting the process. %s - indicates the reason for the failure. %d - is the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAHOO-6-INFO_MSG [chars] [chars] [chars]: [hex] Explanation This is an informational message in the programable switching Engine driver to indicate an operation. %s - indicates the PSE (RX/TX) information is about. %s - indicates the pipeline (0-3) information is about. %s - indicates the information message. %x - indicates the register value. Recommended Action No action is required. Error Message %L2-WAHOO-6-INTERRUPT_INFO [chars] Explanation This is an informational message in the programable switching Engine driver to indicate an operation. %s - indicates the PSE (RX/TX) information is about. %s - indicates the information message. Recommended Action No action is required. Error Message %L2-WAHOO-7-ERR_PIPE_STUCK Pipe stuck error: [chars]: Err equals [dec] Explanation An error occurred in programable switching engine (PSE) driver which indicates anomalies. Some of the messages may indicate a failure to allocate resources needed by applications. %s - indicates the reason for the failure. %d - is the decoded error reason. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages WAHOO Messages EM-936 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-WAHOO-7-PAIR_PCR_REG [chars] [chars] PAIR’s PCR register status for pipe [dec]: [hex] Explanation An error occurred in programable switching engine (PSE) driver which indicates anomalies. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAHOO-7-PAIR_REG [chars] [chars] PAIR registers for pipe [dec]:pcr [hex] plu_pirl [hex] pirm1 [hex] pirm2 [hex] pirh [hex] mpls_label [hex] mpls_info [hex] ip_header [hex] l4_port [hex] start_adr [hex] msq_info [hex] ltr [hex] tlu_force [hex] pre_cam_prof [hex] lbl1_lo [hex] lbl1_hi [hex] lbl2_lo [hex] lbl2_hi [hex] leaf1_word1 [hex] leaf1_word2 [hex] leaf1_word3 [hex] leaf1_word4 [hex] leaf2_word1 [hex] leaf2_word2 [hex] leaf2_word3 [hex] leaf2_word4 [hex] tcam_cont [hex] ipv4/v6_dst_1 [hex] ipv4/v6_dst_2 [hex] ipv4/v6_dst_3 [hex] ipv4/v6_dst_4 [hex] ipv4/v6_src_1 [hex] ipv4/v6_src_2 [hex] ipv4/v6_src_3 [hex] ipv4/v6_src_4 [hex] mcast_info [hex] ipv6_info [hex] msq_data [hex] Explanation An error occurred in programable switching engine (PSE) driver which indicates anomalies. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAHOO-7-PAIR_REG_LIST [chars] [chars] PAIR registers for pipe [dec]:pcr [hex] plu_pirl [hex] pirm1 [hex] pirm2 [hex] pirh [hex] mpls_label [hex] mpls_info [hex] ip_header [hex] l4_port [hex] start_adr [hex] msq_info [hex] ltr [hex] tlu_force [hex] pre_cam_prof [hex] lbl1_lo [hex] lbl1_hi [hex] lbl2_lo [hex] lbl2_hi [hex] leaf1_word1 [hex] leaf1_word2 [hex] leaf1_word3 [hex] leaf1_word4 [hex] leaf2_word1 [hex] leaf2_word2 [hex] leaf2_word3 [hex] leaf2_word4 [hex] cam_cont [hex] Explanation An error occurred in programable switching engine (PSE) driver which indicates anomalies. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages WAN_INARP Messages EM-937 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-WAHOO-7-PHB_DUMP [hex]: [hex] [hex] [hex] [hex] Explanation This is a error message in the programable switching Engine to indicate either anomolies which are not service impacting. Some of the messages may indicate a failure to allocate resources needed by applications. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. WAN_INARP Messages Error Message %L2-WAN_INARP-2-INIT failed to initialize: [chars] Explanation During process start up an unrecoverable error occurred. The component will exit and should be restarted by the System Manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_INARP-3-CONFIG config error, [chars][[dec]]: [chars] Explanation A configuration update has caused a problem inside the InARP code - InARP should continue but may have ignored the latest config change Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_INARP-3-NOMEM possibly unable to allocate [dec] bytes of memory Explanation The system is low on memory and not enough was available to complete the request Recommended Action Check the box for processes with excessive memory If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages WAN_INARP Messages EM-938 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-WAN_INARP-3-UNKNOWN_EVENT recieved an unknown event: [dec] Explanation The system must be sending messages we didn’t register for. They will be ignored. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_INARP-3-UNKNOWN_FSMSTATE The fsm state ([dec]) is invalid Explanation The FSM has got into an invalid state Recommended Action Restart the SFRAR/SAAR processes (contain the InARP DLL) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_INARP-3-UNKNOWN_IDB recieved information about an unrecognised interface Explanation A set of IDBs are kept with information on each interface. Somehow this information has become inconsistent with the system. Recommended Action Restart the main process (containing the InARP DLL) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_INARP-3-UNKNOWN_IDBTYPE The type ([dec]) of this IDB is invalid Explanation Information about InARP interfaces has become corrupted. Recommended Action Restart the main processes (containing the InARP DLL) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_INARP-3-UNKNOWN_IFSTATE The if state ([dec]) is not handled Explanation There is no action assigned to the if state change, and so nothing has been done when it was received. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages WAN_LIB_IFDB Messages EM-939 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-WAN_INARP-3-VCCLASS_IDB The IDB is not in synch with the vc-class information Explanation A set of IDBs are kept with information on each FR interface. A set of VC-CLASSes are also kept and associated with the IDBs. Somehow this information has become inconsistent. Recommended Action Restart the main process (containing the InARP DLL) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_INARP-4-UNKNOWN_INTF failed lookup of interface: [chars] Explanation The system must be sending messages we didn’t register for. They will be ignored. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. WAN_LIB_IFDB Messages Error Message %L2-WAN_LIB_IFDB-3-NOMEM unable to allocate [dec] bytes of memory Explanation The system is low on memory and not enough was available to complete the request Recommended Action Check the box for processes with excessive memory If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_LIB_IFDB-3-UNKNOWN_IDBTYPE unknown idb type: [dec] Explanation The IDB type of this IDB is not recognised. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages WAN_LIB_VCC Messages EM-940 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 WAN_LIB_VCC Messages Error Message %L2-WAN_LIB_VCC-3-NOMEM unable to allocate [dec] bytes of memory Explanation The system is low on memory and not enough was available to complete the request Recommended Action Check the box for processes with excessive memory If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-WAN_LIB_VCC-3-UNKNOWN_IDBTYPE unknown idb type: [dec] Explanation The IDB type of this IDB is not recognised. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. XCONNECT Messages Error Message %L2-XCONNECT-3-ERROR [chars] failed: [chars] Explanation Some requested operation failed. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L2-XCONNECT-3-init [chars] Explanation Some initialization function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Layer 2 Messages XCONNECT Messages EM-941 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L2-XCONNECT-6-GENERIC [chars] Explanation Some generic errors. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Layer 2 Messages XCONNECT Messages EM-942 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-943 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Layer 3 Messages This section contains all Layer 3 related System Error Messages. IPV6_ND_LITE Messages Error Message %L3-IPV6_ND_LITE-3-ERR_ASYNC_SEND_FAIL Send async pulse to ipv6 nd lite process fails; Error [chars] Explanation Attempt to send pulse to IPV6 ND lite process fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L3-IPV6_ND_LITE-3-ERR_CHAN_CONNECT_FAIL Cannot connect to ipv6 nd lite process; Error [chars] Explanation Attempt to connect to ipv6 nd lite process channel fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 3 Messages IPV6_ND_LITE Messages EM-944 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L3-IPV6_ND_LITE-3-ERR_SELF_GENERATE IPV6 ND Lite self generated fun: [chars]: line: [dec] Explanation Attempt to munmap the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_CACHED_DATA_FAIL Invalid cached shmem addr [hex]; fd [dec] Explanation Attempt to get cached shared memory info fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_GIP_UNAVAILABLE IPV6 ND lite SHMEM can accommodate only [dec] global IP records (request for [dec] records [dec] ) Explanation IPV6 ND has requested transfer of more global IP records than shared memory can accommodate Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_MMAP_FAIL Cannot mmap file [chars]; Error [chars] Explanation Attempt to mmap the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 3 Messages IPV6_ND_LITE Messages EM-945 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_MUNMAP_FAIL Cannot munmap file [chars]; Error [chars] Explanation Attempt to munmap the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_OPEN_FAIL Cannot open shmem file [chars]; Error [chars] Explanation Attempt to open the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_TRNC_FAIL Cannot truncate file [chars] to [dec] bytes; Error [chars] Explanation Attempt to truncate the shared memory file fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_UNAVAILABLE IPV6 ND lite SHMEM can accommodate only [dec] records (request for [dec] records [dec] ) Explanation IPV6 ND has requested transfer of more interface records than shared memory can accommodate Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Layer 3 Messages IPV6_ND_LITE Messages EM-946 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %L3-IPV6_ND_LITE-3-ERR_SHMEM_UNLINK_FAIL Cannot unlink file [chars]; Error [chars] Explanation Attempt to unlink the shared memory fails Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information.EM-947 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 License Messages This section contains the License related System Error Messages. GSR_LCLM_SHOW Messages Error Message %LICENSE-GSR_LCLM_SHOW-3-ERROR gsr_lclm_show: [chars] , [chars] Explanation GSR_LCLM_SHOW encountered an error Recommended Action Please enable ’debug sysdb access ...’ and capture the output. LCLICMGR Messages Error Message %LICENSE-LCLICMGR-2-NO_LICENSE Not able to acquire a throughput license for node [chars] Explanation The Linecard Licensing Manager was not able to acquire a throughput license. Traffic flow through this router may be impacted since the a line card is not operating at the expected throughput rate. Recommended Action Check throughput license availability using the ’show license pools’ command in admin mode. Dump the contents of the Line Card Licensing Manager trace buffer using the ’show lclm trace location loc’ command to determine which operation has generated this warning. License Messages LCLICMGR Messages EM-948 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LCLICMGR-3-ERROR gsr_lclm: [chars] , [chars] Explanation The GSR Line Card Licensing Manager has encountered an error Recommended Action Please enable ’debug lc-license error’ and capture the output. Dump the contents of the Line Card Licensing Manager trace buffer using the ’show lclm trace location loc’ command. Error Message %LICENSE-LCLICMGR-3-RATE_MODE_SECURITY_AUTH The system is unable to authenticate the line card rate mode in node: [chars] Explanation The system has aborted the rate mode verification due to an operation error. This message indicates that an error has occurred during the authentication process itself, the process is incomplete. Therefore, we do not know if the line card is a genuine Cisco product or not. This could indicate a problem with the linecard hardware and warrants further investigation. Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you require assistance, open a case with the Technical Assistance Center via the Internet ’ TAC_CASE_OPEN ’, or contact your Cisco technical support representative and provide the representative with the gathered information. Gather information about the linecard using the ’show diag 0/X/CPU0 details’ and ’show inventory location 0/X/CPU0’ commands. Error Message %LICENSE-LCLICMGR-3-RATE_MODE_SECURITY_FAIL WARNING!!! The module in node [chars] in this router may not be a genuine Cisco product. Cisco warranties and support programs only apply to genuine Cisco products. If Cisco determines that your insertion of non-Cisco memory, WIC cards, AIM cards, Network Modules, SPA cards, GBICs or other modules into a Cisco product is the cause of a support issue, Cisco may deny support under your warranty or under a Cisco support program such as SmartNet. Explanation This line card has failed to pass the board authentication. The warning message is generated frequently but the operation of the linecard is not disabled in any way. Recommended Action Copy the error message exactly as it appears on the console or in the system log. If you require assistance, open a case with the Technical Assistance Center via the Internet ’ TAC_CASE_OPEN ’, or contact your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LCLICMGR-5-RATE_CHANGE The throughput rate for node [chars] has [chars] to [chars] Explanation The throughput rate of the specified node has changed. Traffic flow through this router will be impacted since the line card is now operating at a new throughput rate. Recommended Action This is an informational message and no action is required unless this is an unexpected event. Use the ’show lclm trace location loc’ command to see what triggered the change in throughput rate.License Messages LICCMD Messages EM-949 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LICCMD Messages Error Message %LICENSE-LICCMD-4-LACK_OF_ARG Licensing command argments lack ([chars]) [[dec]] Explanation The parameters that liccmd recive args from parser is lack. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICCMD-4-TRACE_INIT_FAILED Licensing command library could not initialize tracing ([chars]) [[dec]] Explanation The license command library could not initialize internal tracing used for technical support. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LICLIB Messages Error Message %LICENSE-LICLIB-3-DB_DIR_ERROR Error creating license management directory: [chars] Explanation The license manager encountered an error condition while attempting to create a directory for storing license information. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. License Messages LICMGR Messages EM-950 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICLIB-3-NO_APP_MEDIA Could not determine device to use for license database. Reverting to temporary storage. License data will not persist across reloads. Explanation The disk utilities library did not return a device name to license manager where the persistent license data files can be stored. License information will be stored in a temporary location, and will be lost if the router reloads. Implicit licenses will be available. Permanent or evaluation licenses should not be installed in this state, as they will be lost if the router reloads and will need to be regenerated before they can be installed again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICLIB-4-TRACE_INIT_FAILED Licensing client library could not initialize tracing ([chars]) [[dec]] Explanation The license client library could not initialize internal tracing used for technical support. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICLIB-6-DB_DIR_CREATE License management directory created Explanation The license manager created a directory to store license information. Normally this will occur after the disk holding the license information has been formatted or replaced, or on first boot of a new system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LICMGR Messages Error Message %LICENSE-LICMGR-3-AUTHENTICATION_ERR License manager could not authenticate: Error [chars] while [chars] Explanation The license manager encountered a problem in the indicated license file Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. License Messages LICMGR Messages EM-951 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-3-CHASSIS_MISMATCH License database and this chassis do not match. If licenses were installed, restore from a backup or contact Cisco TAC. Explanation The message displays the result of comparing the license database to the current state of the chassis. If the chassis and license database do not match, the license database will be cleared and implicit evaluation licenses will be available for 90 days. This alarm may occur if the route processor card has been moved from one chassis to another. Recommended Action If a backup of the license database is available it can be restored with the ’license restore’ command. Otherwise contact Cisco TAC to obtain a new set of licenses for this system. Error Message %LICENSE-LICMGR-3-DB_CORRUPT License database has been corrupted and will be cleared Explanation This message occurs when the license manager detects corruption in the license database that cannot be repaired. The license database will be cleared and implicit evaluation licenses will be available for 90 days. Recommended Action If a backup of the license database is available it can be restored with the ’license restore’ command. Error Message %LICENSE-LICMGR-3-DB_DIR_ERROR Error creating license management directory: [chars] Explanation The license manager encountered an error condition while attempting to create a directory for storing license information. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-3-DB_SAVE_ERROR Error saving license database: [chars] Explanation The license manager encountered an error condition while saving the license database. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. License Messages LICMGR Messages EM-952 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-3-EVENT_FAIL License manager event processing error: [chars] Explanation The license manager encountered an error condition while processing an event. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-3-EXIT_ERROR License manager encounted a fatal error condition and is exiting: [chars] ([hex]) Explanation The license manager encountered a fatal error condition, and cannot proceed. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-3-INIT License manager could not initialize: Error [chars] while [chars] Explanation The license manager encountered a fatal error condition while initializing. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-3-NO_OPERATION_ID Could not read operation ID: [chars] Explanation The license manager encountered an error while attempting to read the license operation ID. Without a valid license operation ID the license manager will not be able to support licenses locked to the affected chassis. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. License Messages LICMGR Messages EM-953 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-3-NO_SERIAL_NUM Could not read chassis serial number: [chars] Explanation The license manager encountered an error while attempting to read the chassis serial number. Without a valid chassis serial number the license manager will not be able to support licenses locked to the affected chassis. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-3-SYSDB Unable to access the system database, error: [chars] Explanation An error occurred when accessing the system database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-3-SYSDBREG Registration with SysDB failed [[chars]], error: [chars] Explanation An error occurred when registering with the system database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-4-AUDIT_PROBLEM Problem found during audit [chars] -- [chars] Explanation The license manager encountered a problem during an internal audit. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-4-DATASTORE_PROBLEM Problem with datastore [chars] -- [chars] Explanation The license manager encountered a problem attempting to adjust licenses in the given datastore. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. License Messages LICMGR Messages EM-954 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-4-IMPLICIT_EXPIRED The ninety day implicit license period has expired. Explanation The period after initial boot during which licensed features can be used without licenses has ended. Licensed features without licenses will cease to operate and cannot be configured. The message will appear even if there are no licensed features configured without licenses at the time. Recommended Action In order to use licensed features, obtain a license and install it using the ’license add’ command in admin mode. Error Message %LICENSE-LICMGR-4-IMPLICIT_LICENSE_USED An implicit license has been used for the [chars] feature. Explanation A feature which has no license has been enabled because the system is still in the implicit license period, during which licensed features may be used without licenses. When the implicit license period ends the feature will be deactivated unless a license has been installed. Recommended Action In order to use licensed features, obtain a license and install it using the ’license add’ command in admin mode. Error Message %LICENSE-LICMGR-4-IMPLICIT_WILL_EXPIRE The implicit license period will end in [chars]. Contact Cisco if you wish to purchase permanent licenses. Explanation The period after initial boot during which licensed features can be used without licenses will end in the indicated time. Licensed features without licenses will cease to operate and cannot be configured after that time. The message will appear every day during the implicit license period, even if there are no licensed features configured without licenses. Recommended Action In order to use licensed features, contact Cisco to purchase permanent licenses then install them using the ’license add’ command in admin mode. Error Message %LICENSE-LICMGR-4-LICENSE_EXPIRED Evaluation license for feature [chars] has expired Explanation The specified feature’s evaluation license has expired. The feature will no longer be usable. The message appears even if the feature is not currently configured. Recommended Action In order to continue using the feature, obtain a license and install it using the ’license add’ command in admin mode. License Messages LICMGR Messages EM-955 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-4-LICENSE_FILE_PROBLEM Problem with licenses from license file [chars]: [chars] Explanation The license manager encountered an error attempting to install or remove the licenses in the given license file. Check the error string to determine what has happened. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-4-LICENSE_POOL_REMOVED Removed license pool for nonexistant SDR [chars] Explanation The license database contained a license pool definition for an SDR that does not exist. The licenses assigned to this pool were automatically moved back into the Owner pool. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-4-LICENSE_RMA_EXPIRED Licenses for feature [chars] with chassis serial number [chars] has expired Explanation Licenses for the specified feature which were installed using the given chassis serial number have been removed due to the chassis having been disconnected from the system. This message appears even if the removed licenses were not active. Recommended Action If removed licenses were active, obtain new licenses for one of the currently available chassis serial numbers. Available serial numbers can be checked with the ’show license udi’ command. Error Message %LICENSE-LICMGR-4-LICENSE_RMA_WILL_EXPIRE Licenses for feature [chars] with serial number [chars] will expire in [chars] Explanation Licenses for the specified feature which were installed using the given chassis serial number will be removed in the time indicated unless the chassis is reconnected from the system. This message appears even if the removed licenses are not active. Recommended Action Confirm that sufficient licenses remain on the system signed with the chassis serial number of available chassis. If necessary, obtain new licenses for the feature and install them with the ’license add’ command. If there are sufficient licenses remaining signed with available chassis serial numbers, the message can be stopped by using the ’license remove’ command to remove the licenses associated with the specified chassis. License Messages LICMGR Messages EM-956 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-4-LICENSE_WILL_EXPIRE Evaluation license for feature [chars] will expire in [chars]. Contact Cisco if you wish to purchase a permanent license. Explanation The specified feature’s evaluation license will expire in the time indicated. After the license has expired the feature will become unusable. This message appears even if the feature is not currently configured. Recommended Action In order to continue using the feature, contact Cisco to purchase a permanent licenses and install it using the ’license add’ command in admin mode. If the license is not needed, the messages can be stopped by removing all licenses for that feature using the ’license remove’ command in admin mode. Error Message %LICENSE-LICMGR-6-LICENSE_CLEAR_FEATURE [unsigned int] features cleared Explanation As a result of ’clear license’ command execution, license features installed on this system were cleared. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-6-LICENSE_CLEAR_NO_FEATURE There are no features to be cleared Explanation The ’clear license’ command was executed, but there are no feature licenses installed to be cleared on this system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-6-LICENSE_CLEAR_NO_POOL There are no license pools to be cleared Explanation The ’clear license’ command was executed, but there are no pools to be cleared on this system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. License Messages LICMGR Messages EM-957 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-6-LICENSE_CLEAR_POOL [unsigned int] license pools cleared (Owner pool still exists). Explanation As a result of ’clear license’ command execution, license pools other than the Owner pool were cleared. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-6-LOAD_LICENSE_FILE Loading license file [chars] Explanation The license manager is about to open the named license file to add licenses to the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-6-LOAD_LICENSE_FILE_OK All licenses from license file [chars] added successfully Explanation The license manager has installed all the licenses in the named license file to the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-6-READ_LICENSE_FILE Opening license backup file [chars] Explanation The license manager is about to open the named license backup file to show license backup to the user. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. License Messages LICMGR Messages EM-958 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %LICENSE-LICMGR-7-CLIENT_NORESPONSE License client [chars] failed to respond Explanation A license client program failed to respond. This may be due to some inter-process communications problem, or because the client process is blocked. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %LICENSE-LICMGR-7-LICENSE_RECLAIMED An active [chars] license was reclaimed by the license manager and moved to allocated state on node [chars] Explanation Due to a loss of inter-process communications the license manager had to reclaim a license that was not properly released. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.EM-959 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Media Messages This section contains all MEDIA related System Error Messages, including disk, nvram, flash, and so forth. c12000_bflash_prp_driver Messages Error Message %MEDIA-c12000_bflash_prp_driver-3-INIT_ERROR Process initialization failed: ([chars]) Explanation Performance Route Processor (PRP) Bootflash drivers failed to initialize. The booflash is a storage device that exists on every PRP. The effect is that PRP storage will not function. %s - indicates the reason for the failure. Recommended Action The System Manager process (sysmgr) will not respawn this process. Try to reload the PRP first. If it does not recover, power cycle the router. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. DISKUTIL Messages Error Message %MEDIA-DISKUTIL-3-INIT_ERROR Unexpected init error: [chars]: [chars]: [hex] Explanation An unexpected init error condition encountered. Recommended Action Collect system log information. No action is required.Media Messages FLASHFS_HES Messages EM-960 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FLASHFS_HES Messages Error Message %MEDIA-FLASHFS_HES-1-BADDEVOPEN Can’t open device [chars] Explanation Flash device could not be opened Recommended Action Make sure the flash device resource manager is running. If not restart it. If that fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-1-BADOPTIONS [chars]: invalid option [char] Explanation Bad options Recommended Action Start the flash file system with correct options Error Message %MEDIA-FLASHFS_HES-1-BADPATH [chars]: Can’t Attach Pathname [chars] Explanation Could not attach pathname Recommended Action Reboot the router if possible. If not try to start it from the command line. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-1-BADPERM [chars]: Illegal permission requested ([dec]) Explanation Not a valid permission Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-1-CARD_UNAVAILABLE [chars]: Can not access flash device Explanation Probably the flash card has been removed. Recommended Action Reinsert the flash card. Media Messages FLASHFS_HES Messages EM-961 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FLASHFS_HES-1-COND_PROBLEM Could not [chars] condition variable : Error [chars] Explanation Possibly condition variable does not exist Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-1-DRIVER_UNAVAILABLE Flash driver unavailable Explanation Flash device driver process is dead. Recommended Action Restrt the flash device driver process. Error Message %MEDIA-FLASHFS_HES-1-INIT_FAILED Flash device initialization failed. Error: [chars] Explanation Something wen’t wrong. Recommended Action Kill the flash file system and restart it. If that fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-1-MUTEX_PROBLEM Could not [chars] mutex : Error [chars] Explanation Possibly mutex does not exist Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-BAD_DEVICE_DATA [chars]: Bank Status Error. Shutting down device Explanation Bad device data Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages FLASHFS_HES Messages EM-962 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FLASHFS_HES-3-BAD_DRIVER_WAIT_THREAD Could not start the thread to wait for driver after driver crash Explanation Could not start a thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-BAD_PULSE_ATTACH [chars]: resmgr_pulse_attach failed: [text] Explanation Could not attach pulse for flash driver death detection Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-BAD_THREAD_CREATE Could not start the [chars] thread Explanation Could not start a thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-BADCARD [chars]: The flash card seems to be corrupted Explanation Probably the flash card is corrupted Recommended Action Format the flash card Error Message %MEDIA-FLASHFS_HES-3-BADCHANNEL [chars]: can’t create channel Explanation Could not create channel for the resource manager Recommended Action Reboot the router if possible. If not try to start it from the command line. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages FLASHFS_HES Messages EM-963 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FLASHFS_HES-3-BADDLLOPEN [chars]: [chars] [chars] Could not open DLL Explanation DLL Probably not Loaded Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-BADDLSYM [chars]: [chars] [chars] Can’t Resolve symbol Explanation Proabaly Function not Defined in DLL Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-BADHDR [chars]: Hdr Error, ptr equals [hex] Explanation A file with a bad header encountered on flash Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-3-BADSTATUS [chars]: Bank Status Error. Shutting down device Explanation Either device is in error or file system format can not be recognized. Recommended Action If possible format the device. If not Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %MEDIA-FLASHFS_HES-3-BOOTFLASH_CORRUPTED WARNING! [chars] is corrupted. Suggestion: reformat the device and copy the required boot files to it. Explanation The bootflash: is corrupted. Need to re-format it and copy boot files to it. Recommended Action do format bootflash: from CLI and copy boot files to it. Media Messages FLASHFS_HES Messages EM-964 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FLASHFS_HES-3-CONNECT_FAILED Could not establish connected to channel [dec] Explanation Could not create channel for the resource manager Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-DEBUG_INIT_FAILED [chars] Explanation Internal error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-DRIVER_CHANGED Underyling flash card seems to have changed. Closing file Explanation Probably the driver died or the flash card has been swapped (OIR). The flash card has changed. The current access seems to be for a file which has been opened with the driver for old card. Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-3-EVENT_BLOCK_ERROR event_block failed -[chars] Explanation -- Recommended Action -- Error Message %MEDIA-FLASHFS_HES-3-EVENT_MGR_CREATE_FAILED [chars]: can’t create channel-[chars] Explanation Could not create channel for the event manager Recommended Action Reboot the router if possible. If not try to start it from the command line. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages FLASHFS_HES Messages EM-965 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FLASHFS_HES-3-FAIL_DEBUG_REG can’t connect to configuration, [chars] Explanation Flash debugging service register to sysdb failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-RECOVERY_FROM_SQUEEZE_FAILED Flash device could not recover from interrupted sqeeze. Error: [dec] Explanation Something wen’t wrong. Recommended Action Kill the flash file system and restart it. If that fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-SYMLINK_EXPORT [chars]: unable to export mount point ([chars]) Explanation Device will not be accessible from all nodes. Recommended Action Kill the flash file system and restart it. If that fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-3-SYSMGR_PROC_READY_FAILED sysmgr_proc_ready failed - [chars] Explanation Failed to send message to Sysmgr about init completion. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-4-BAD_DRIVER_PULSE_REGISTRATION Could not register a pulse with the driver Explanation We register pulse with the driver so that we get notification of certain events. For some reason it did not work. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages FLASHFS_HES Messages EM-966 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FLASHFS_HES-4-BAD_SECTOR_ERASE Sector [unsigned long int] not erased Explanation Bad sector Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-4-CARD_WRITE_PROTECTED [chars]: The flash card is write protected Explanation The card is write protected, and a write operation is attempted Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-4-EXCLUSIVE_ACCESS_DENIED Could not get exclusive access to the device Explanation Possibly a read or write is still going on in the background Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-4-UNKNOWN_PULSE Unknown pulse received. Code: [dec], Value [dec]: Explanation An unexpected pulse has been received Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FLASHFS_HES-5-CARD_SWAPPED [chars]: The flash card has been swapped (OIR) Explanation The pcmcia flash card has been pulled out from its slot and re-inserted with a same or different card Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-6-DRIVER_BACK_UP Flash driver [chars] back up Explanation Flash device driver process came back up. Recommended Action No action is required. Media Messages FSDEVINFO Messages EM-967 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FLASHFS_HES-6-RECOVERING_FROM_SQUEEZE Flash device [chars] trying to recover from interrupted squeeze. Please wait Explanation Squeeze is used to recover space consumed by deleted files in flash file systems. A deleted file is just marked deleted and space occupied by it is not recovered till a squeeze is done. The flash card has been ejected or router crashed in while performing squeeze. We are trying to recover from that. Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-6-RECOVERING_FROM_SQUEEZE_DONE Flash device [chars] recovered from interrupted squeeze Explanation Squeeze is used to recover space consumed by deleted files in flash file systems. A deleted file is just marked deleted and space occupied by it is not recovered till a squeeze is done. The flash card has been ejected or router crashed in while performing squeeze. We are able to succesfully recover from that and flash is usable again. Recommended Action No action is required. Error Message %MEDIA-FLASHFS_HES-6-USAGE [chars]: Usage -m mount_point -d device_name Explanation Arguments for invoking the flash file system. mount_point is the mount location of the flash file system and device_name is the path name of the driver to be used by the file system. Wrong arguments have been used. Please use the correct ones. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FSDEVINFO Messages Error Message %MEDIA-FSDEVINFO-3-DBG_CLEANUP Failed to unregister the debug’s Explanation During total cleanup fs_dev_info failed to unregister the debugs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages FSDEVINFO Messages EM-968 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FSDEVINFO-3-EVM_ERROR [chars], Error: [chars] Explanation Failed in some event management functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-GET_FILESYS_ERR platform_get_fslist() failed, could not retrieve list of File Systems Explanation The api platform_get_fslist() returned NULL pointer instead of the list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-LWM_ERROR [chars], Error: [chars] Explanation Failed to execute some LWM library functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-MAIN_INIT_ERROR Initialization in main failed, Error: [chars] Explanation One of the functions called during initialization of the process failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-NO_MEMORY Failed in allocating memory, [chars] Explanation Not enough memory available in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages FSDEVINFO Messages EM-969 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FSDEVINFO-3-REGISTER_ERROR Could not register [chars] Explanation Failed to register Error description DLL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-SIGNAL_RELATED [chars], Error: [chars] Explanation Some signal related function returned with an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-SYSDB_CONNECT_FAIL Could not connect to sysdb Explanation During total cleanup fs_dev_info failed to unregister the debugs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-SYSMGR_READY Could not inform sysmgr that process is ready, Error: [chars] Explanation The main function failed to inform sysmgr that it is ready. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-FSDEVINFO-3-THREAD_ERROR [chars], Error: [chars] Explanation One of the pthread_* functions returned with an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages GETMEDIA Messages EM-970 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-FSDEVINFO-4-INVALID_PARM Invalid parameter [chars] equals [dec] in function [chars] Explanation An invalid parameter value was passed to the named function. Recommended Action Report GETMEDIA Messages Error Message %MEDIA-GETMEDIA-4-DEVFILE_READ_FAILED Unable to read file ’[chars]’, errno equals [dec]. Using default boot device. Explanation The qsm application device file was unavailable. Default boot device being used. Recommended Action Report this message to TAC. Error Message %MEDIA-GETMEDIA-4-INVALID_PARM Invalid parameter [dec] in function [chars] Explanation An invalid parameter value was passed to the named function. Recommended Action Report this message to TAC. GT_BFLASH_DRIVER Messages Error Message %MEDIA-GT_BFLASH_DRIVER-4-ERR_OPTION [chars]: invalid option [char] Explanation Wrong usage to start the flash driver resource manager. Recommended Action ’Start the driver with the correct options’ Error Message %MEDIA-GT_BFLASH_DRIVER-4-ERR_USAGE [chars]: Usage -m mount_point -d device_name Explanation Wrong usage to start the flash driver resource manager. Recommended Action ’Start the driver with the correct options’ Media Messages HARDDISK Messages EM-971 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-GT_BFLASH_DRIVER-7-ERR_DETECT_BOARD Failed to detect board type Explanation Platform library unable to determine hardware board type. Recommended Action ’Check software revison and/or ID EEPROM programming’ Error Message %MEDIA-GT_BFLASH_DRIVER-7-UNKNOWN_BOARD_STATE Unsupported board detected: [chars] Explanation Platform library unable to determine hardware board type. Recommended Action ’Check software revison and/or ID EEPROM programming’ HARDDISK Messages Error Message %MEDIA-HARDDISK-3-MALLOC_FAIL [chars] Explanation Memory allocation failed Recommended Action ’Attempt to clear event manager’ Error Message %MEDIA-HARDDISK-3-SPAWN_FAIL Failed to spawn [chars] Explanation Failed to spawn mount helper process Recommended Action ’Check for harddisk mount point’ Error Message %MEDIA-HARDDISK-3-SYSMGR_REGISTER_FAIL [chars] Explanation Unable to register with sysmgr for node state change. Recommended Action ’Check mount point of hd’ Error Message %MEDIA-HARDDISK-4-GET_NODE_FAIL [chars] Explanation Unable to get node state. Recommended Action ’Clear event manager’ Media Messages HFRSP_BFLASH_DRIVER Messages EM-972 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-HARDDISK-7-MUTEX_LOCK Failed to lock [chars] Explanation A required mutex lock failed. Recommended Action ’Mutex used by other process’ Error Message %MEDIA-HARDDISK-7-MUTEX_UNLOCK Failed to unlock [chars] Explanation A required mutex unlock failed. Recommended Action ’HD process has mutex’ Error Message %MEDIA-HARDDISK-7-UNKNOWN_MACHINE [chars] Explanation Unable to find the machine type. Recommended Action ’Check ID EEPROM programmed correctly’ Error Message %MEDIA-HARDDISK-7-UNSUPPORTED_BOARD [[dec]] not supported Explanation Unsupported Board type. Recommended Action ’Check ID EEPROM programmed correctly’ HFRSP_BFLASH_DRIVER Messages Error Message %MEDIA-HFRSP_BFLASH_DRIVER-3-INVALID_OPTION [chars]: invalid option [char] Usage -m mount_point -d device_name Explanation Wrong usage to start the flash driver resource manager. Recommended Action ’Start the driver with the correct options’ ’m mount_point, d device_name’ Error Message %MEDIA-HFRSP_BFLASH_DRIVER-3-INVALID_OPTION [chars]: invalid option [char] Usage -m mount_point -d device_name Explanation Wrong usage to start the flash driver resource manager. Recommended Action ’Start the driver with the correct options’ ’m mount_point, d device_name’Media Messages MB_FLASH_LIB Messages EM-973 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MB_FLASH_LIB Messages Error Message %MEDIA-MB_FLASH_LIB-1-BADCHANNEL Can’t Create Channel Explanation Could not create channel for the resource manager Recommended Action Reboot the router if possible. If not try to start it from the command line. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-MB_FLASH_LIB-1-BADPATH Can’t Attach Pathname [chars] Explanation Could not attach pathname Recommended Action Reboot the router if possible. If not try to start it from the command line. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-MB_FLASH_LIB-7-VERIFYINFO %Error: verify @ [hex]-expected [hex], read [hex] Explanation Verify information due to verbose option Recommended Action No action is required. mbus_flash_driver Messages Error Message %MEDIA-mbus_flash_driver-3-INIT_ERROR Process initialization failed: ([chars]) Explanation MBUS flash drivers failed to initialize. The MBUS flash is a storage device that exists on board and is used to store On Noard Failure Logs. The effect is that OBFL storage will not function. %s - indicates the reason for the failure. Recommended Action The System Manager process (sysmgr) will respawn this process. Try to reload the board first. If it does not recover, power cycle the router. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Media Messages MEDIAAPI Messages EM-974 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MEDIAAPI Messages Error Message %MEDIA-MEDIAAPI-4-CHAN_CONNECT_FAILED Unable to channel connect to ’[chars]’, errno equals [dec]:[chars]. Explanation The media server channel specified could not be opened for the specified reason. Recommended Action Report this message to TAC. Error Message %MEDIA-MEDIAAPI-4-INVALID_FSTYPE Error: FS([chars]) not supported for ’[chars]’ Explanation File system type is not supported on the media device. Recommended Action Please use supported file system type to format the media device. Error Message %MEDIA-MEDIAAPI-4-INVALID_PARM Invalid parameter [chars] equals [dec] in function [chars] Explanation An invalid parameter value was passed to the named function. Recommended Action Report this message to TAC. Error Message %MEDIA-MEDIAAPI-4-MSG_SEND_FAILED Unable to send message to media server, op [dec], errno equals [dec]:[chars]. Explanation The message send to the media server failed for the specified operation number and failed for the specified reason. Recommended Action Report this message to TAC.Media Messages MEDIASVR Messages EM-975 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MEDIASVR Messages Error Message %MEDIA-MEDIASVR-2-NODE_RELOADING Boot media storage device [chars] unavailable. Reloading node. Explanation The media storage device specified is the boot device and is unavailable. The software will not be able to continue functioning without the boot device so the node is reset to failover or recover the failed device. Recommended Action Media storage data should be recovered from either active node or current primary mirroring device. If media device still fails, replace media device. If not redundant node or no mirroring then reinstall software and configuration. Error Message %MEDIA-MEDIASVR-4-DEVICE_CORRUPT Media storage device [chars] corrupted beyond repair. Check fsck log at [chars] Explanation The media storage card specified was corrupted beyond repair. See log file for specific reason. Recommended Action Format media device manually, if still fails, replace media device. Error Message %MEDIA-MEDIASVR-4-DEVICE_FAILED Media storage device [chars] failed to [chars]. Error equals [hex]([chars]) Explanation The media storage card specified failed due to the specified operation. The returned error code is specified. Recommended Action Format media device manually, if still fails, replace media device. Error Message %MEDIA-MEDIASVR-4-FSTYPE_MISMATCH Media storage device [chars] is formatted as [chars] when software expects it to be formatted as [chars]. Please use device file system upgrade procedure to fix. Explanation The media storage device specified is formatted with a different file system type than expected. The running software version expects the device to contain a different file system tye. Recommended Action Use the appropriate upgrade file system procedure for the device or use format command once all needed data on device has been saved. Media Messages MEDIASVR Messages EM-976 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-MEDIASVR-4-INIT_ERROR Unexpected init error: [chars]: [chars]: [hex] Explanation An unexpected init error condition encountered. Recommended Action Collect system log information. No action is required. Error Message %MEDIA-MEDIASVR-4-NVRAM_WRITE Could not update nvram (Error equals [hex]). Explanation The access to the nvram failed, so that format operation was rejected. Recommended Action Please collect syslog information. Please retry. Error Message %MEDIA-MEDIASVR-5-DEVICE_FORMATTED Media storage device [chars] was formatted due to corruption. Check fsck log at [chars] Explanation The media storage card specified was corrupted beyond repair and was formatted. See log file for specific reason. Recommended Action Media storage data should be recovered from either active card or current primary mirroring device. If not redundant card or no mirroring then reinstall software and configuration. Error Message %MEDIA-MEDIASVR-5-DEVICE_INCONSISTENT Media storage device [chars] was detected as inconsistent. Device will be auto formatted. Explanation The media storage card specified is inconsistent between the partition table and the file system format. This inconsistency needs to be corrected and the contents formatted correctly. Recommended Action Verify that media device was formatted. If not, then format media device manually. If it still fails, replace media device. Error Message %MEDIA-MEDIASVR-5-DEVICE_REPAIRED Media storage device [chars] was repaired. Check fsck log at [chars] Explanation The media storage card specified has some inconsitencies in the filesystem and was repaired. See log file for specific reason. Recommended Action Run install verify and cfs check. Media Messages MEDIASVR Messages EM-977 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-MEDIASVR-5-DEVICE_UNFORMATTED Media storage device [chars] was detected as unformatted. Device will be auto formatted. Explanation The media storage card specified is unformatted. There are problems with the boot sector contents. Recommended Action Verify that media device was formatted. If not, then format media device manually. If it still fails, replace media device. Error Message %MEDIA-MEDIASVR-5-PARTITION_REASON Media storage device [chars] will be partitioned because ’[chars]’. This message is to notify the failure in log file ([chars]:[chars]) Explanation The media storage card specified is going to be partitioned. During we’re writing the operation log, there was error. Recommended Action Media storage data should be recovered from either active card or current primary mirroring device. If not redundant card or no mirroring then reinstall software and configuration. Error Message %MEDIA-MEDIASVR-6-BOOT_DEVICE_FORMAT_REQUESTED Media storage boot device [chars] was requested to format. Node will reload and device will be formatted while next boot. Explanation The media storage card specified was requested to format and will be formatted through the reload. Recommended Action Media storage data should be recovered from either active card or current primary mirroring device. If not redundant card or no mirroring then reinstall software and configuration. Error Message %MEDIA-MEDIASVR-6-DEVICE_FORMAT_COMPLETED Media storage device [chars] was formatted due to request. Check fsck log at [chars] Explanation The media storage card specified was requested to format and was formatted. See log file for specific reason. Recommended Action Media storage data should be recovered from either active card or current primary mirroring device. If not redundant card or no mirroring then reinstall software and configuration. Media Messages NVRAM_PLATFORM_COMMON Messages EM-978 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-MEDIASVR-6-DEVICE_FORMAT_REQUESTED Format is requested for [chars] [chars],filesystem ’[chars]’. Explanation The media storage card specified was requested to format with printed options. Recommended Action Media storage data should be recovered from either active card or current primary mirroring device. If not redundant card or no mirroring then reinstall software and configuration. Error Message %MEDIA-MEDIASVR-6-NVRAM_READ_FSTYPE [chars] has unknown value ’[chars]’, it will be ignored. Explanation The ROMMON variable for format option is unknown, so that format operation will not happen. Recommended Action Please do not set ROMMON variable by hand. Error Message %MEDIA-MEDIASVR-6-NVRAM_UNKNOWN_FSTYPE [chars] has unsupported value ’[chars]’ for ’[chars]’, it will be ignored. Explanation The ROMMON variable for format option is unsupported, so that format operation will not happen. Recommended Action Please do not set ROMMON variable by hand. NVRAM_PLATFORM_COMMON Messages Error Message %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CHECKSUM nvram is corrupt - textptr: [hex], textsize: [dec], textbase: [hex], chksum in nvram: [dec], newchksum: [dec], oldchksum: [dec] Explanation nvram corrupt. Recommended Action If need to use classic configs, boot an appropriate classic image and rewrite the config. If not No action is required.. Media Messages NVRAM_PLATFORM_COMMON Messages EM-979 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CLASSIC_CONFIG Unexpected version of classic configuration memory ([dec]). Please save contents of nvram by using classic image, and format nvram to recover. Please rewrite the config if need to use classic configs. If not, no further action is required. Explanation Classic configuration different version than expected Recommended Action If need to use classic configs, boot an appropriate classic image and rewrite the config. If not No action is required. Error Message %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CLASSIC_CONFIG_COMPRESS Couldn’t uncompress config ([dec]) Explanation Decompress of Compressed Classic Config Failed Recommended Action If need to use classic configs, boot an appropriate classic image and rewrite the config. If not No action is required.. Error Message %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CLASSIC_CONFIG_MEM Bad classic configuration memory structure ([chars]:[dec]) Explanation Nvptr corrupted Recommended Action If need to use classic configs, boot an appropriate classic image and rewrite the config. If not No action is required. Error Message %MEDIA-NVRAM_PLATFORM_COMMON-3-LOGGING_ERROR Error while logging nvram activity: [[chars]] Explanation Error while logging nvram activity Recommended Action No action is required. Error Message %MEDIA-NVRAM_PLATFORM_COMMON-4-WRITE_ABORT A write to the nvram was aborted Explanation A Write to nvram was aborted. Recommended Action Recovery will be attempted in the driver. Otherwise format nvram using command - erase nvram: formatMedia Messages NVRAM_PLATFORM Messages EM-980 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 NVRAM_PLATFORM Messages Error Message %MEDIA-NVRAM_PLATFORM-3-BAD_NVRAM_MAP Could not map Nvram Explanation Mapping of Nvram Failed. The cause could be limited physical memory or other unknown reasons. This does not have any impact on the router functionalities. Recommended Action Support personnel should run command ’show mem’, and file a DDTS with the output from the command. Error Message %MEDIA-NVRAM_PLATFORM-3-BAD_NVRAM_VAR ROMMON variable-value pair: [chars], contains illegal (non-printable)characters Explanation The value of a ROMMON variable contains illegal character. It is corrupted with unknown reasons. This does not have any impact on router functionalities. Recommended Action Re-assign the value of this ROMMON variable from configuration plane. Error Message %MEDIA-NVRAM_PLATFORM-3-BATTERY_LOW NVRAM low battery detected, battery needs to be replaced Explanation Detect NVRAM low battery state, the data stored in NVRAM may be destroyed after power down the board whit battery low state. Recommended Action ’NVRAM Battery may need to be replaced’ Error Message %MEDIA-NVRAM_PLATFORM-3-NO_SPACE Reading/Writing NVRAM raw: not enough space on NVRAM raw partition Explanation When reading from or writing to Nvram raw partition, there is not enough space. Recommended Action Report the problem Error Message %MEDIA-NVRAM_PLATFORM-3-NVRAM_RAW_NOT_SUPPORTED NVRAM is not supported on card type: [dec]. Explanation NVRAM is not currently supported on the type of cards. Recommended Action Report the problem Media Messages NVRAM_PLATFORM Messages EM-981 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-NVRAM_PLATFORM-3-NVRAM_SIZE_ZERO Warning: NVRAM size is 0 Explanation Nvram size is found to be zero. This is usually caused by nvram hardware failure. It does not have any impact on the router functionalities Recommended Action Support personnel needs to bring the board to the lab for hardware engineers to exam even though Error Message %MEDIA-NVRAM_PLATFORM-4-BAD_NVRAM_BYTES ROM: WARNING, nvram structure too big, user may loose system configuration Explanation Nvram data structure is too big and should be trimmed. This does not have any impact on the router functionalities. Recommended Action Support personnel needs to file a DDTS on this. Error Message %MEDIA-NVRAM_PLATFORM-4-BAD_NVRAM_MAP Could not map nvram Explanation Mapping of Nvram Failed Recommended Action ’Check for 2MB size NVRAM’ Error Message %MEDIA-NVRAM_PLATFORM-4-BAD_NVRAM_MAP Could not map nvram Explanation Mapping of Nvram Failed Recommended Action ’Check for 128KB size NVRAM’ Error Message %MEDIA-NVRAM_PLATFORM-7-BAD_NVRAM_VAR ROMMON variable-value pair: [chars], contains illegal (non-printable)characters Explanation Could not allocate memory for a DRAM buffer Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages NVRAM_UTIL Messages EM-982 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-NVRAM_PLATFORM-7-BAD_NVRAM_VAR ROMMON variable-value pair: [chars], contains illegal (non-printable)characters Explanation Could not allocate memory for a DRAM buffer Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM_PLATFORM-7-ERROR_REG_PM Warning: Failed register NVRAM to platform manager Explanation pm_fault_register_device() API return error Recommended Action No action is required. Error Message %MEDIA-NVRAM_PLATFORM-7-ERROR_RUN_BMON Warning: Failed running NVRAM battery monitor thread Explanation pthread_create() returns error Recommended Action No action is required. Error Message %MEDIA-NVRAM_PLATFORM-7-NVRAM_SIZE_ZERO Warning: NVRAM size is 0 Explanation Possible error during sizing nvram, the NVRAM may not exist Recommended Action ’Check if formatted and present’ NVRAM_UTIL Messages Error Message %MEDIA-NVRAM_UTIL-3-DEBUG_INIT_FAILED [chars] Explanation Debug init failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages NVRAM Messages EM-983 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-NVRAM_UTIL-3-FAIL_DEBUG_REG [chars]: Can’t connect to configuration, [chars] Explanation NVRAM debugging service register to sysdb failed. Recommended Action Check the existence of the Sysdb service. The system is supposed to re-register if the Sysdb service is available. NVRAM Messages Error Message %MEDIA-NVRAM-3-BADDLLOPEN [chars]: [chars] [chars] Could not open DLL Explanation DLL Probably not Loaded Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-3-BADDLSYM [chars]: [chars] [chars] Can’t Resolve symbol Explanation Proabaly Function not Defined in DLL Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-3-BADFUNCTIONS [chars]: Undefined Functions in DLL Explanation Some Required Functions have not been Defined in DLL Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-3-BADINIT [chars]: Nvram Initialization Failed Explanation Could not get the geometry of NVRAM. NVRAM may not exist Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Media Messages NVRAM Messages EM-984 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-NVRAM-3-BADMEM Nvram RM could not be started Explanation Could not get enough memory for NVRAM RM. Recommended Action ’Router running low in memory. Reboot if possible.’ Error Message %MEDIA-NVRAM-3-CONNECT_FAILED Could not establish connected to channel [dec] Explanation Could not create channel for the resource manager Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-3-CORRUPT Corrupt nvram. Format with erase nvram: format Explanation Nvram corrupt Recommended Action ’Format nvram’ Error Message %MEDIA-NVRAM-3-EVENT_BLOCK_ERROR event_block error -- [chars] Explanation Error during event block Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MEDIA-NVRAM-3-FORMATERROR [chars]: could not auto format corrupted NVRAM, error: [chars] Explanation Probably the NVRAM device has gone bad. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-3-NOSPACE Nvram out of space Explanation nvram full Recommended Action Delete unwanted files Media Messages NVRAM Messages EM-985 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-NVRAM-3-RECOVERED [chars]: [chars] Explanation The NVRAM device corruption fixed. Recommended Action No action is required. Error Message %MEDIA-NVRAM-4-BADFILES NVRAM File Corrupted ([chars]). Some of them May be Lost Explanation Files Overwritten by Another Image, or Router Crashed Recommended Action No action is required. Error Message %MEDIA-NVRAM-6-OPEN_DUMP_PATH [chars]: dump file path: [chars] Explanation Informational message indicating the nvram dump file path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-6-OPENERROR [chars]: Open for path [chars] failed, error: [chars], [chars] Explanation Check the state of the device pointed by path. Device may be inaccessible. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-6-UPGRADING nvram upgrade: [chars] Explanation Regular nvram: file system is in upgrading process Recommended Action Nothing needs to be done Error Message %MEDIA-NVRAM-7-BADPATH [chars]: Can’t Attach Pathname /dev/nvram Explanation Could not attach pathname Recommended Action Reboot the router if possible. If not try to start it from the command line. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages REDFSAPI Messages EM-986 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-NVRAM-7-BADRAWINIT raw partition resource manager failed: [chars] Explanation Could not spawn a thread to handle nvram raw partition request Recommended Action Restrat nvram server. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-NVRAM-7-EVENT_MGR_CREATE_FAILED Could not create event manager for [chars]: [chars] Explanation Failed to create event manager for the process Recommended Action Try to start it from the command line. If that too fails Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. REDFSAPI Messages Error Message %MEDIA-REDFSAPI-4-CHAN_CONNECT_FAILED Unable to channel connect to ’[chars]’, errno equals [dec]:[chars]. Explanation The redfs server channel specified could not be opened for the specified reason. Recommended Action Report this message to TAC. Error Message %MEDIA-REDFSAPI-4-INVALID_PARM Invalid parameter [chars] equals [dec] in function [chars] Explanation An invalid parameter value was passed to the named function. Recommended Action Report this message to TAC. Error Message %MEDIA-REDFSAPI-4-MSG_SEND_FAILED Unable to send message to redfs server, op [dec], errno equals [dec]:[chars]. Explanation The message send to the redfs server failed for the specified operation number and failed for the specified reason. Recommended Action Report this message to TAC.Media Messages SYNCFS2 Messages EM-987 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SYNCFS2 Messages Error Message %MEDIA-SYNCFS2-3-FAILURE [chars] [chars]: [chars] Explanation Syncfs failure Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-3-INIT_FAILED Failed to initialize module [chars] because [chars] and cannot continue. Explanation Syncfs failed to initialize a module. Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-3-REGISTER_NTFN Failed to register with [chars] for notification Explanation Syncfs failed to register with qsm/lrd for notification Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-3-STBY_SYMLINK Failed to create link to Standby card: [chars] Explanation Syncfs failed to create required links to the standby card. Syncfs unable to mirror any files to the standby card. Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-3-STBY_SYMLINK_NOTYET Symbolic Links to Standby root is not published yet. Explanation Syncfs noticed that required symbolic-links to the standby card, is not published yet. Syncfs will get notified when they are available. Recommended Action Contact customer support Media Messages SYNCFS2 Messages EM-988 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-SYNCFS2-7-CLIENT_ERR [chars]: [chars] Explanation Failed function call. Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-7-LOST_SYNC Unable to replicate [chars] [chars] to standby card because [chars] Explanation Syncfs failed to transfer the specified file to the standby card. Recommended Action Ensure there is sufficient disk space on standby card’s filesystems, and that all removeable media is correctly inserted. Once resolved, power cycle the standby card using ’hw-module slot X shut’ and ’no hw-module slot X shut’ to resume synchronization. Error Message %MEDIA-SYNCFS2-7-LRD_AVAILABLE Standby has become AVAILABLE - START SYNC Explanation The Standby card has been inserted and sync will be started Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-SYNCFS2-7-LRD_NOTAVAILABLE Standby has been rendered UNAVAILABLE - STOP SYNC Explanation The Standby card has been either removed or put down by admin Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MEDIA-SYNCFS2-7-LRD_PARTNER_AVAILABLE Standby has become AVAILABLE. LRD returned partner-node - START SYNC Explanation The Standby card has been inserted and sync will be started Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Media Messages SYNCFS2LIB Messages EM-989 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-SYNCFS2-7-MUTEX_LOCK Failed to lock mutex [chars] Explanation A required mutex lock failed. Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-7-MUTEX_TEST_LOCK Mutex [chars] was found unlocked Explanation A mutex which should have been locked was tested and found unlocked Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-7-MUTEX_UNLOCK Failed to unlock a mutex [chars] Explanation A required mutex unlock failed. Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2-7-REPLICATE_FAIL Replication of [chars] [chars] failed: [chars] -- Retry will be attempted. Explanation Syncfs failed to replicate file/dir, it will retry it again. Recommended Action Contact customer support SYNCFS2LIB Messages Error Message %MEDIA-SYNCFS2LIB-6-LOST_SYNC File [chars] lost synchronization to standby card Explanation Syncfs failed to transfer a file to the standby card. If a card failover occurs, some data may be lost. Recommended Action None Error Message %MEDIA-SYNCFS2LIB-7-MUTEX_LOCK Failed to lock mutex for file [chars] Explanation A required mutex lock failed. Recommended Action Contact customer support Media Messages SYNCFS2LIB Messages EM-990 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MEDIA-SYNCFS2LIB-7-MUTEX_TEST_LOCK Mutex for file [chars] was found unlocked Explanation A mutex which should have been locked was tested and found unlocked Recommended Action Contact customer support Error Message %MEDIA-SYNCFS2LIB-7-MUTEX_UNLOCK Failed to unlock mutex for file [chars] Explanation A required mutex unlock failed. Recommended Action Contact customer supportEM-991 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Manageability (MGBL) Messages This section contains all Management Plane and Manageability related System Error Messages, including config, cli, sml, pm, and so forth. adminexec Messages Error Message %MGBL-adminexec-3-ACCT_ERR [chars] - [chars] Explanation failed to send accounting record Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-AUTHORIZATION_ERR [chars] - [chars] Explanation Admin exec process failed to send AAA authorization record. Recommended Action collect the traceback, show log, show proc, show exec trace from SDR and admin modes. Show run and show user out. And contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-EVENT_ATTACH Event [chars] attach error: [chars] Explanation The call to event_*_attach() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages adminexec Messages EM-992 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-adminexec-3-EVENT_BLOCK Error: [chars] Explanation The call to event_block() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-EVENT_MANAGER_CREATE Failed to create event manager. Error code: [dec] Explanation The call to event_manager_create() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-EVENT_MANAGER_DESTORY_FAILED [chars]: [chars] Explanation ’Unable to destroy event manager on exec exit’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-GETLINE_DATA [chars]: [chars] Explanation ’lib/ui library API related to getline has failed’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-GETLINE_INIT [chars] Explanation getline_init() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages adminexec Messages EM-993 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-adminexec-3-LTRACE_INIT Failed to initialize tracing functionality for adminexec process([dec]). Shell will continue but trace messages will not be generated. Error:[chars] Explanation Initialization of trace functionality for exec shell failed. This would affect the debugging of exec shell. Recommended Action Try logging out and login again. If the message appears again, copy and save the message. Collect show logging output and any other suspicious error messages on console and inform technical support representative for assistance. Error Message %MGBL-adminexec-3-LWM Failure in lwm API call, [chars]. Error:[chars] Explanation The LWM api call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-PTHREAD_CREATE Error code:[dec]. [chars] Explanation Unable to create exec’s event handling thread Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-SYSDB_BIND_FAILED [chars]. [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-adminexec-3-SYSDB_REGISTER_NOTIFICATION sysdb_register_notification failed with error messsage:[chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages ALARM_LOC_TEST Messages EM-994 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-adminexec-4-DISPLAYING_DEFAULT_HOSTNAME failed to detect hostname displaying default: [chars] Explanation Unable to bind to sysdb to get hostname hence displaying default hostname. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ALARM_LOC_TEST Messages Error Message %MGBL-ALARM_LOC_TEST-4-SIMPLE_NO_SOURCELOC Normally a bear has [[dec]] eyes and [[dec]] legs, can speak Bearish Explanation This is a simple message with alarm_location set to false Recommended Action No action is required. Error Message %MGBL-ALARM_LOC_TEST-4-SIMPLE_WITH_SOURCELOC Today the bear has [[dec]] eyes and [[dec]] legs, can speak [[chars]] Explanation This is a simple message with alarm_location set to true Recommended Action No action is required. ALARMS Messages Error Message %MGBL-ALARMS-6-CLEAR alarm buffer [chars]: [unsigned int] event(s) deleted Explanation Some (or all) of the alarms in the alarm buffer have been deleted as a consequence of an action initiated by the user. This message does not require any action. It informs that a clear logging event delete command or an alarm buffer resize operation (or equivalent operation through another management interface) was executed. Recommended Action No action is required.Manageability (MGBL) Messages APP_OBJ Messages EM-995 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 APP_OBJ Messages Error Message %MGBL-APP_OBJ-2-ELEMENT_EXISTS Inconsistency for element in ENS and app-obj db - ’[chars]’ Explanation The app-obj DB and ENS are inconsistent with registration/existence. of this element. Recommended Action *SUPPORT* Error Message %MGBL-APP_OBJ-2-INVALID_ELEM_COUNT Inconsistency in element count in db: [chars] Explanation The number of elements in the app-obj DB is inconsistent with the element count. Recommended Action *SUPPORT* Error Message %MGBL-APP_OBJ-2-NULL_PARAM Fatal Error: [chars] Explanation The parameter specified by the message is unexpectedly null Recommended Action *SUPPORT* Error Message %MGBL-APP_OBJ-7-ERR Nonfatal error: [chars] Explanation This is an error message in the Netflow manager to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate a resource needed by the application. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action These error message is does not impact the functionality of NetFlow. Therefore no action is needed.Manageability (MGBL) Messages ATM_VCCLASS Messages EM-996 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ATM_VCCLASS Messages Error Message %MGBL-ATM_VCCLASS-2-CONSUMER_INIT_ERROR [chars] Explanation A failure occurred during the initialization of ENS library or during NRS class creation. This probably indicates an underlying more severe problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-2-MEM_ERROR [chars] Explanation Failed to allocate dynamic memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %MGBL-ATM_VCCLASS-2-PRODUCER_INIT_ERROR [chars] Explanation A failure occurred during the initialization of ENS library or during NRS class creation. This probably indicates an underlying more severe problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-2-VCCLASS_LIB_INIT_ERROR [chars] Explanation A failure occurred during the initialization of the common VCCCLASS library. This probably indicates an underlying more severe problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages ATM_VCCLASS Messages EM-997 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-ATM_VCCLASS-3-ATTACH_ERROR [chars] Explanation An ATM VCCLASS consumer has attempted to attach an unknown vcclass to its interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-CONSUMER_ENS_ERROR [chars] Explanation One or more ENS or NRS APIs has returned an error. The failure happens while the consumer is calling the ATM VCCLASS client APIs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-CONSUMER_ERROR [chars] Explanation These are general ATM VCCLASS client API errors. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-CONSUMER_RCV_BUF_ERROR [chars] Explanation The consumer finds one or more invalid fields in the buffer received from the producer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-EDM_ERROR [chars] Explanation A failure occurred in the ATM VCCLASS EDM backend. As a result the VCCLASS data will not be delievered to the front end. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages ATM_VCCLASS Messages EM-998 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-ATM_VCCLASS-3-ENS_ERROR [chars] Explanation One or more ENS or NRS APIs has returned an error. This failure happens on the producer side. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-INVALID_ARG [chars] Explanation One or more input arguments to an internal function is invalid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-PRODUCER_DATA_ERROR [chars] Explanation A failure occurred in the ATM VCCLASS producer while preparing the vcclass data to be sent to ENS. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-PRODUCER_HDLR_ERROR [chars] Explanation A failure occurred in the ATM VCCLASS producer handler while processing requests from the consumer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ATM_VCCLASS-3-SYSDB_ERROR [chars] Explanation A failure occurred related to SysDB or in one of the verify/apply/notify SysDB callback functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages BISCUIT_MA Messages EM-999 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-ATM_VCCLASS-3-TREE_ERROR [chars] Explanation A failure occurred while accessing the ATM VCCLASS internal data structrure. There might be an inconsistency between the SysDB and the vcclass tree or the vcclass tree is corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BISCUIT_MA Messages Error Message %MGBL-BISCUIT_MA-3-APPLY_ERROR Due to interface manager errors, the configuration failed to apply. Please manually remove all configurations Explanation Applying of Biscuit configuration failed. Recommended Action The error(s) may cause Biscuit configuration in SysDB to be inconsistent with Biscuit local database. User needs to manually remove all Biscuit configurations entered and retry. CLEAR Messages Error Message %MGBL-CLEAR-3-ERR_MEM_ALLOC Unable to allocate memory to copy: ’[chars]’ Explanation ’Memory allocation failure’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CLEAR-3-ERR_SYSDB_BIND Unable to bind to ’[chars]’: ’[chars]’ Explanation ’Unable to bind to action/gl path’ ; Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages CONAUX Messages EM-1000 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CLEAR-3-ERR_SYSDB_SET Unable to set value in path ’[chars]’: ’[chars]’. Probably nothing to clear. (process to clear is not running) Explanation ’Unable to set the value in the specified path’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CLEAR-3-ERR_SYSDB_UNBIND sysdb unbind failed: ’[chars]’ Explanation ’Unable to Unbind sysdb bind’ ; Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CONAUX Messages Error Message %MGBL-CONAUX-3-AUX_BLOCK_REG_ERROR Unable to register the aux block ([chars]) Explanation The ConAux Identity module has been unable to register the aux block. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONAUX-3-AUX_REG_ERROR Unable to register the aux TTY ([chars]) Explanation The ConAux Identity module has been unable to register the aux TTY. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages CONFIG_HIST_UPDATE Messages EM-1001 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONAUX-3-CONSOLE_BLOCK_REG_ERROR Unable to register the console block ([chars]) Explanation The ConAux Identity module has been unable to register the console block. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONAUX-3-CONSOLE_REG_ERROR Unable to register the console TTY ([chars]) Explanation The ConAux Identity module has been unable to register the console TTY. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CONFIG_HIST_UPDATE Messages Error Message %MGBL-CONFIG_HIST_UPDATE-3-INET_NTOP_ERR The call to inet_ntop() failed. Family: [dec] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_BIND_ERR Can’t bind to sysdb, aborting operation Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Manageability (MGBL) Messages CONFIG_HIST_UPDATE Messages EM-1002 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_DELETE Error [chars] deleting [chars] from sysdb Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_GET Error [chars] getting [chars] from sysdb Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_SET Error [chars] setting [chars] in sysdb Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-TRANSACTION_START Could not start transaction in, [chars] - abort operation Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-TTY_NMSPC_PATH [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Manageability (MGBL) Messages CONFIG_HIST_UPDATE Messages EM-1003 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_LOCK_ERROR Could not lock tuple [chars], in [chars] - abort operation Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_NULL_ON_SUCCESS Got NULL tuple although sysdb reported success in, [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_PACK Error packing tuple received from sysdb in, [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_UNLOCK_ERROR Could not unlock tuple [chars], in [chars], line [dec] - will time out eventually. Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_UNPACK Error unpacking tuple received from sysdb in, [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Manageability (MGBL) Messages CONFIG Messages EM-1004 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CONFIG Messages Error Message %MGBL-CONFIG-0-INIT_FAILURE Configuration Manager was unable to initialize the [chars] module. Error: ’[chars]’. Initialization will be tried again after 60 seconds. Explanation An error was encountered while initializing one of the critical modules of the configuration manager server. Without proper initialization of this module, configuration manager can not operate properly. Initialization will be retried every 60 seconds if required. Recommended Action Configuration Manager is a critical component and must be operational in order to configure the router. Please note that if the probem is caused by a system resource shortage continued initilization of the module may repair the problem. If this error is seen more than 5 times, contact Cisco TAC support because a reboot of the node may be required. Error Message %MGBL-CONFIG-0-INIT_RETRY_SUCCEEDED Configuration Manager succeeded in initializing the [chars] module upon retry. Explanation An error was previously encountered while initializing one of the critical modules of the configuration manager server. However, the initialization was retried and succeeded. Recommended Action No action is required. Error Message %MGBL-CONFIG-2-STARTUP_ALTERNATE [chars] Explanation Configuration Manager is displaying a message during boot time to indicate an alternate configuration will be restored during the router boot operation. The alternate configuration is specified by the user by using a boot option or ROMMON variable setting. Recommended Action None. Error Message %MGBL-CONFIG-3-ADMIN_INCONSISTENCY_ALARM Admin plane configuration inconsistency alarm has been [chars] Explanation The admin plane configuration inconsistency alarm has been raised or cleared. Recommended Action If the configuration inconsistency alarm has been raised, run ’clear configuration inconsistency’ in admin mode to synchronize the persistent configuration with the running configuration. Manageability (MGBL) Messages CONFIG Messages EM-1005 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIG-3-CFS_NATIVITY_CLEANUP Could not clean the local CFS before use. Error: ’[chars]’. Explanation Local CFS is non-native and automatic cleanup of it has failed. Recommended Action Run ’commit replace’. If contacting support, please provide trace information from executing command ’show cfgmgr trace location node ID’ for the node with this problem. Error Message %MGBL-CONFIG-3-DB_CONSOLIDATE The commit database is not in sync with the running configuration. Please use the command ’cfs check’ to resynchronize the commit database. Error: ’[chars]’ Explanation The chain of configuration changes stored in commit database is possibly broken. Recommended Action Use the command ’cfs check’ to check/fix the problem. Error Message %MGBL-CONFIG-3-DB_DISK [chars] Explanation The specified storage device is full or some files can not be deleted. Recommended Action Use the ’delete’ command to free up some space on the storage device. Error Message %MGBL-CONFIG-3-FILESAVE_ERROR The OS returned an error while SysDb was attempting to perform a file save operation. Any changes have been rolled back. Error: ’[chars]’ Explanation There was an internal error encountered while attempting to save a file during the user interactive commit operation. Recommended Action Retry the commit operation and if it gives the same error, copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIG-3-INCONSISTENCY_ALARM A configuration inconsistency alarm has been [chars] Explanation The configuration inconsistency alarm has been raised or cleared. Recommended Action If the configuration inconsistency alarm has been raised, run ’clear configuration inconsistency’ to synchronize the persistent configuration with the running configuration. Manageability (MGBL) Messages CONFIG Messages EM-1006 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIG-3-INTERFACE_ERROR Error encountered while [chars] configuration for ’[chars]’. Some configuration may not have been applied and any missing configuration needs to be reapplied manually. Error: ’[chars]’ Explanation An error was encountered during interface configuration restore/save operation. Some configuration may not have been applied or the line card may be in unusable state. Recommended Action Reapply the missing configuration. If the interface still doesn’t come up, try restarting the line card. Error Message %MGBL-CONFIG-3-OIR_TIMEOUT OIR ’[chars]’ request for interface ’[chars]’ could not be processed due to a pending commit operation or commit database consolidation operation. Explanation This is an error message to indicate that the configuration could not be either saved or restored because of a pending commit operation or commit database consolidation operation. A manual reset of the node after the pending operation has completed should save or restore the configuration for the node. Recommended Action Use the command ’show configuration sessions detail’ to verify if the pending operations are still occurring. After the pending commit operation or commit database consolidation operation has completed, use the admin mode command ’hw-module location node reload’ to reset the node and restore its configuration. Error Message %MGBL-CONFIG-3-PARSE The platform library failed to parse interface ’[chars]’. Error: [chars]. Explanation The platform library could not parse the interface name. Recommended Action The interface name flagged as an error could not be parsed by the platform libraries. This interface name should be corrected by the user during the next configuration. Error Message %MGBL-CONFIG-3-READ Illegal file read operation of configuration files by this process. Explanation The process has illegally read configuration files before configuration manager has applied configuration. This configuration read by this process might be inaccurate after configuration manager completes applying the configuration. Recommended Action Provide traceback details for further analysis. The process emitting this error message may need to be restarted after the node has completely rebooted. Manageability (MGBL) Messages CONFIG Messages EM-1007 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIG-3-STARTUP [chars] Explanation Configuration Manager is displaying an error message during boot time. Recommended Action Most likely the error has caused some kind of configuration loss that is not saved as failed configuration. Check running configuration and any reported failed startup configuration. Manually reapply any missing running configuration. Error Message %MGBL-CONFIG-3-UNLOCK_ERR Error encountered while deleting the configuration lock. Err: ’[chars]’ Explanation An error was encountered during deletion of the configuration lock. This configuration operation (e.g. save/restore configuration, CLI commit) is successful, but subsequent configuration operations could be affected by this error if not corrected. Recommended Action Use ’show configuration lock’ CLI to view the pending lock and ’clear configuration lock lock’ CLI to force deletion of it. Error Message %MGBL-CONFIG-4-CFS_NATIVITY Could not determine the nativity of the local CFS; will assume that it is native. Error: ’[chars]’. Problem: ’[chars]’. Explanation Could not determine the nativity of the local CFS. If it is native, this message should be ignored; if it is non-native, then automatic cleanup is not done and user intervention is required. Recommended Action If it is non-native, run ’commit replace’. If contacting support, please provide trace information from executing command ’show cfgmgr trace location node ID’ for the node with this problem. Error Message %MGBL-CONFIG-4-DB_DISK_FAILURE [chars]. Please check for problems with the boot device. Explanation Configuration manager failed to create the set of directories comprising the CFS repository under the cfs root directory. This renders the system practically unusable. The potential problems could range from no space on disk to a flawed disk. Recommended Action Make sure there’s enough space on disk; or if the storage media is flawed then replace it. Error Message %MGBL-CONFIG-4-DB_INIT_FAILURE Commit database initialization Failure. [chars] Explanation An error was encountered during initialization of the commit database. This is most likely due to an error in reading the commitdb info file, which could be due to disk0: or CFS being corrupted or the file itself being truncated. The system recovers from this situation by cleaning up all files in commitdb if needed and initializing it empty. This may result in loss of all rollback points. Manageability (MGBL) Messages CONFIG Messages EM-1008 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 However, this should not cause loss of configuration as the system applies the alternate ASCII file maintained for such situations. In certain scenarios, changes made in the last one or two commits may be lost. Recommended Action None. Error Message %MGBL-CONFIG-4-DIR_MODE_ERR Path ’[chars]’. Mode [hex]. Unlink: ’[chars]’. Explanation This message indicates that the directory path specified in the message has incorrect mode (ie. not a directory). As a corrective action, the software attempts to automatically remove the file. A message of ’No Error’ for unlink, for example, would indicate that it has successfully removed the file. Recommended Action None. Error Message %MGBL-CONFIG-4-FAILED Some ’[chars]’ Configuration could not be restored by Configuration Manager. To view failed config(s) use the command - ’[chars]’ Explanation None Recommended Action Run the commands specified in the message to browse and reapply the failed configurations. Error Message %MGBL-CONFIG-4-INIT_ERROR Configuration Manager was unable to initialize the [chars] module. Error: ’[chars]’. [chars]. Explanation An error was encountered while initializing one of the modules of configuration manager server. The failure of this module initialization is not critical to configuration manager to be completely operational. Recommended Action Provide the message details to Cisco Support personal. Error Message %MGBL-CONFIG-4-INTERFACE_PORTS [chars]: interface [[chars]] Explanation The total number of ports could not be determined for this interface. Configuration manager will not be able to determine if there is any more configuration for remaining ports. Recommended Action None. Manageability (MGBL) Messages CONFIG Messages EM-1009 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIG-4-TRACE [chars] Error:[chars] Explanation This is a non-fatal error and can happen when router is low on memory. It should not affect the functioning of the router, but trace messages may not be logged. Recommended Action None. Error Message %MGBL-CONFIG-4-VERSION Version of existing [chars] detected to be incompatible with the installed software. [chars] Explanation None Recommended Action The previous saved configuration is not compatible with the current loaded software. Error Message %MGBL-CONFIG-5-SESSION_CLEAR Configuration session ID ’[chars]’ (started by user ’[chars]’ from line ’[chars]’) was terminated by user ’[chars]’ from line ’[chars]’. Explanation This message indicates that the session specified in the message had been cleared via CLI ’clear configuration session seesion_ID’. Recommended Action None. Error Message %MGBL-CONFIG-6-DB_COMMIT Configuration committed by user ’[chars]’. Use ’show configuration commit changes [chars]’ to view the changes. Explanation An SDR plane configuration change was made by the specified user. Recommended Action No action is required. Error Message %MGBL-CONFIG-6-DB_COMMIT_ADMIN [chars]. Use ’show configuration commit changes [chars]’ to view the changes. Explanation An administration plane router configuration change occurred by the specified user. Recommended Action No action is required. Manageability (MGBL) Messages CONFIG Messages EM-1010 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIG-6-OIR_RESTORE Configuration for node ’[chars]’ has been restored. Explanation This is message indicates that configuration for this node has been restored. Recommended Action None. Error Message %MGBL-CONFIG-6-OIR_SAVE Configuration for removed node ’[chars]’ has been saved. Explanation This is message indicates that configuration for this node has been saved. Recommended Action None. Error Message %MGBL-CONFIG-6-PKG Some incompatible configuration was removed from the running configuration during this software activation/deactivation operation and saved in file ’[chars]’. To address the incompatibility issue enter configuration mode and use the ’load configuration removed [chars]’ and ’commit’ commands. Explanation Some configuration was removed for this software activation /deactivation operation. Recommended Action No action is required. Error Message %MGBL-CONFIG-7-INTERNAL [chars] Explanation An unexpected internal error occurred in the configuration subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information.Manageability (MGBL) Messages CONFIGCLI Messages EM-1011 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CONFIGCLI Messages Error Message %MGBL-CONFIGCLI-2-STARTUP_ANNOUNCE_ERR Failed to announce the completion of startup configuration. [chars] - ’[chars]’ Explanation Under normal circumstances configuration manager announces the completion of startup configuration. If for some reason config_cli cannot connect to configuration manager then it should announce the completion of startup configuration. This is so that the administrator can perform some basic tasks like configuring the ethernet interface, format a disk, kill some processes, etc., to restore some order to the system for a subsequent reload. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-AAA_ERR Failed to execute a AAA operation - [chars] - [chars] Explanation Failed to execute a AAA function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-ADMIN_BATCH_CONFIG_FAIL [dec] admin config(s) failed during [chars]. To view failed config(s) use the command - admin show configuration failed startup Explanation Some admin configurations can not be handled correctly because: - invalid configuration - configuration can not be accepted at this moment Recommended Action Use ’admin show configuration failed’ to see all the failed configurations. Error Message %MGBL-CONFIGCLI-3-ADMIN_CONFIG_INIT_ERR Failed to [chars]: Error: [chars] Explanation Initialization of admin config cli auto-save commit verifier failed. Recommended Action Collect show logging output and any other suspicious error messages on console and inform technical support representative for assistance. Manageability (MGBL) Messages CONFIGCLI Messages EM-1012 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGCLI-3-AUTOSAVE_INIT_ERR Failed to [chars]: Error: [chars] Explanation Initialization of config cli auto-save commit verifier failed. Recommended Action Collect show logging output, show config failed before exiting from admin config mode, to see which config commit caused this error. Also any other suspicious error messages on console and inform technical support representative for assistance. Error Message %MGBL-CONFIGCLI-3-BATCH_CONFIG_FAIL [dec] config(s) failed during [chars]. To view failed config(s) use the command - show configuration failed startup Explanation Some configurations can not be handled correctly because: - invalid configuration - configuration can not be accepted at this moment Recommended Action Use ’show configuration failed’ to see all the failed configurations. Error Message %MGBL-CONFIGCLI-3-CHILD_TERMINATED [chars] process: abnormal termination, signal number equals [dec] Explanation A child process received a signal and terminated abnormally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-CONFIG_ABORT Aborting startup configuration. [chars]. Explanation Failed to get the startup config file name. Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-3-EVENT_ATTACH Event [chars] attach error: [chars] Explanation The call to event_*_attach() failed. Config CLI library failed to attach events to event manager. The effect is that config-cli would not handle any events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages CONFIGCLI Messages EM-1013 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGCLI-3-EVH_INIT_ERR [chars]:Failed to create event manager:[chars] Explanation Config process is failing to create an event manager. See error for reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-FAILED_CREATE_THREAD [chars]:Failed to create the event handling thread:[chars] Explanation config process is failing to create a separate thread for creating and handling edm requests. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-FILE_OPERATION [chars] : [chars]: [chars] Explanation config process failed to perform a file operation due to either filesystem restart/busy or an internal error. Recommended Action This error could happen when config process can not perform a file operation successfully. This is mostly the case when filesystem has restarted or network connectivity is broken (if tftp file). Collect the show context output, config file being copied, show config failed output, console logs, pidin, top output and contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Workaround: Retry the config operation. Error Message %MGBL-CONFIGCLI-3-GETLINE_DATA [chars]: [chars] Explanation ’lib/ui library API related to getline has failed’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages CONFIGCLI Messages EM-1014 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGCLI-3-LTRACE_INIT Failed to initialize tracing functionality for config process. No trace messages will be logged. Error:[chars] Explanation Initialisation of trace functionality for config failed. This would affect the debugging of config shell. Recommended Action Retype the command to do config operation again. If the message appears again, copy and save the message. Collect show logging output and any other suspicious error messages on console and inform technical support representative for assistance. Error Message %MGBL-CONFIGCLI-3-LTRACE_INIT Failed to initialize tracing functionality for config cli library. No trace messages will be generated. Error:[chars] Explanation Initialization of trace functionality for config failed. This would affect the debugging of config shell. Recommended Action Retype the command to do config operation again. If the message appears again, copy and save the message. Collect show logging output and any other suspicious error messages on console and inform technical support representative for assistance. Error Message %MGBL-CONFIGCLI-3-LWM Failure in lwm API call, [chars]. Error:[chars] Explanation The LWM api call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-MALLOC_ERROR Failed to allocate memory:[chars] Explanation System could not successfully provide the request memory block. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-MEMORY_INFO_ERROR Unable to get memory info for the current node:[chars] Explanation Config process failed to get memory state info from wdsysmon when it came up. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages CONFIGCLI Messages EM-1015 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGCLI-3-PIPE_FAILURE Unable to create piping subproc: [chars] Explanation This condition might result in failure of communication between two process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-PROGRESS_BAR [chars] Explanation Config process bar failed to creation/deletion Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-3-READ_FAILURE Error associating [chars] stream with file descriptor : [chars] Explanation Read or Write operation not possible as there is an error in associating a stream with a file descriptor. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-SIGNAL_ATTACH config process failed to attach event handler for signal ’[chars]’:[chars] Explanation Config process is failing to perform event handling intialisation for a signal. The operations could cause bad handling of the signal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-STARTUP_FILE_DIR_ERR specified source is a ditectory; filename is expected :[chars] Explanation Failed to open the startup configration file for the following reason: - CONFIG_FILE is set to a directory. Recommended Action CONFIG_FILE should be set to a valid startup configuration file. Manageability (MGBL) Messages CONFIGCLI Messages EM-1016 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGCLI-3-SYSDB [chars]:[chars]:[chars] Explanation Config process is failing to perform a sysdb operation. The operation and cause of failure in message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-3-TARGET_CFG_CLEAR [chars]:Failed to clear target config:[chars] Explanation Config process failed to clear target config buffer. Configured items will not be cleared from buffer. Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-3-TARGET_CFG_COMMIT [chars]:Failed to commit target config:[chars] Explanation Config process failed to commit target config buffer. Configured items will not be committed in sysdb. Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-3-TARGET_CFG_COMMIT [chars]:Failed to commit target config:[chars]. Explanation Config process failed to commit target config buffer. Configured items will not be committed in sysdb. Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-3-TARGET_CFG_CREATE [chars]:Failed to create target config:[chars]. Explanation Config process failed to create target config buffer. Configuration can not proceed. Recommended Action *SH_TECH* Manageability (MGBL) Messages CONFIGCLI Messages EM-1017 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGCLI-3-TARGET_CFG_DESTROY [chars]:Failed to destroy target config:[chars] Explanation Config process failed to destroy target config buffer. Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-3-TARGET_CFG_LOCKERR [chars]:Failed to obtain exclusive lock for this session:[chars] Explanation Config process failed to obtain exclusive lock for this session. Terminate the other open sessions and try again. Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-3-TARGET_CFG_UNLOCKERR [chars]:Failed to release the lock held by session:[chars] Explanation Config process failed to release exclusive lock held by this session. Recommended Action *SH_TECH* Error Message %MGBL-CONFIGCLI-4-DISPLAYING_DEFAULT_HOSTNAME failed to detect hostname displaying default: [chars]: [chars] Explanation Unable to bind to sysdb to get hostname hence displaying default hostname. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-4-FAILED_CONFIG_NOT_DELETED failed to delete failed config file: [chars]: [chars] Explanation The failed_config file should be deleted when all the configurations are successfully reapplied. Recommended Action Check for failed_config under bootflash:/config and delete the file using ’delete bootflash:/config/failed_config’. Manageability (MGBL) Messages CONFIGEDM Messages EM-1018 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGCLI-4-SPAWN_FAILURE failed to spawn: [chars]: [chars] Explanation An executable was not spawned due to the mentioned error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGCLI-4-STARTUP_FILE_OPEN_WRN failed to open startup file: [chars]: [chars] Explanation Failed to open the startup configration file for any of the following reasons: - file does not exist. This may be case when booting for the first time or when even the default startup config file does not exist. IGNORE the message in this case. - CONFIG_FILE is set to a directory. - the config file doesn’t exist under the current directory. - Illegal file name. set CONFIG_FILE to a valid file name an retry. - Other system errors. The last part of the error message should give a hint of the system error. Recommended Action Since the startup configuration file cannot be opened, no run time configuation will be available. Make sure a startup config file exists somewhere and CONFIG_FILE points to it. Run copy running-config startup-config Error Message %MGBL-CONFIGCLI-7-INFRA_READY [chars] Explanation Config process is delaying applying configuration until infrastructure is ready. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CONFIGEDM Messages Error Message %MGBL-CONFIGEDM-3-FAILEDREGCOMP Regular expression compilation failed with error ’[chars]’. Explanation ’Compiling a regular expression failed with the reason mentioned in the message. This may lead to wrong ’show config failed’ listing.’ Recommended Action Please contact TAC with the output of the following commands: - console logs - show version - show process nvgen_server - show nvgen trace ascii-backup reverse - show configuration history If the error recurs frequently, it may be possible to rectify it by restarting ’nvgen_server’ process. But please collect the logs mentioned above, before restarting the process. Manageability (MGBL) Messages CORRELATOR Messages EM-1019 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-CONFIGEDM-3-FAILEDREGEXEC Regular expression match failed with error ’[chars]’. Explanation ’Regular expression match failed with the reason mentioned in the message. This may lead to wrong ’show config failed’ listing.’ Recommended Action Please contact TAC with the output of the following commands: - console logs - show version - show process nvgen_server - show nvgen trace ascii-backup reverse - show configuration history If the error recurs frequently, it may be possible to rectify it by restarting ’nvgen_server’ process. But please collect the logs mentioned above, before restarting the process. Error Message %MGBL-CONFIGEDM-3-REGISTER Failed to initialise edm for [chars] option - [chars]:[chars] Explanation Config library is failing to initialise the edm. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-CONFIGEDM-3-UNREGISTER Failed to unregister edm - [chars]:[chars] Explanation Failing to unregister the edm. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CORRELATOR Messages Error Message %MGBL-CORRELATOR-4-BUFFER_RECYCLE Maximum buffer size [[dec]] reached, deleting correlation ID [[dec]] from correlation buffer Explanation The alarm correlation buffer is full; the oldest correlation specified in the message is dropped from the buffer to make room for the new correlation. Recommended Action No action is required.Manageability (MGBL) Messages EMORB_XMLAGENT Messages EM-1020 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 EMORB_XMLAGENT Messages Error Message %MGBL-EMORB_XMLAGENT-3-CRYPTO_DEACT xmlagent process has stopped due to crypto package deactivation. Unconfigure xmlagent with ’no xml agent corba’ Explanation The crypto pie is deactived or removed while xmlagent is running in ssl mode. Recommended Action Unconfigure xmlagent or configure it to run in non-ssl Error Message %MGBL-EMORB_XMLAGENT-3-CRYPTO_INIT xmlagent process exits due to crypto initialization failure. Unconfigure xmlagent with ’no xml agent corba’ Explanation The crypto pie is not properly configured and can’t be initailized Recommended Action Configure crypto according to crypto setup procedures Error Message %MGBL-EMORB_XMLAGENT-6-PIPE_RESTART xmlagent process detected an anomaly with pipe due to possible pipe process restart. xmlagent process is now terminating and will be restarted automatically. Explanation The pipe process is probably restarted which is caught in TCP_Monitor Recommended Action just information message, no action is required Error Message %MGBL-EMORB_XMLAGENT-6-RESTART_WAIT_TIMEOUT xmlagent process is restarting after wait for configuration completion timeout. Explanation The xmlagent process is restarting while wait for config operation completion times out. Commit database info may lose Recommended Action just information message, no action is required Error Message %MGBL-EMORB_XMLAGENT-6-TCP_RESTART xmlagent process detected an anomaly with underlying transport layer due to possible TCP process restart. xmlagent process is now terminating and will be restarted automatically. Explanation The tcp process is probably restarted which is caught in TCP_Monitor Recommended Action just information message, no action is requiredManageability (MGBL) Messages exec Messages EM-1021 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 exec Messages Error Message %MGBL-exec-3-ACCT_ERR [chars]: [chars] - [chars] Explanation failed to send accounting record Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-BAG_REGISTER [chars]: [chars] Explanation The call to bag_register_all_outgoing_conn_bag() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-CHDIR_FAILED Unable to chdir [chars]:[chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-DEBUG_DLL_HOOK_FAILED [chars]: debug_dll_hook() - ([chars]) Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-DEBUGINIT Debug initialization failed: [chars] Explanation ’Failed to initialize a debugging event for the reason listed in’ ’ the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages exec Messages EM-1022 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-DEBUGREG Debug registration failed: [chars] Explanation ’Debug registration failed for the reason listed in the message.’ Recommended Action *SH_TECH* Error Message %MGBL-exec-3-EVENT_ATTACH Event [chars] attach error: [chars] Explanation The call to event_*_attach() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-EVENT_BLOCK Error: [chars] Explanation The call to event_block() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-EVENT_INIT_EVENT [chars]: Error code: [dec] Explanation The call to event_init_event() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-EVENT_MANAGER_CREATE [chars]: Failed to create event manager. Error code: [dec] Explanation The call to event_manager_create() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages exec Messages EM-1023 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-EVENT_MANAGER_DESTORY_FAILED [chars]: [chars]: [chars] Explanation ’Unable to destroy event manager on exec exit’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-GET_ENVPATH Unable to get path for env var [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-GETLINE_DATA [chars]: [chars] Explanation ’lib/ui library API related to getline has failed’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-GETLINE_INIT [chars]: [chars] Explanation getline_init() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-LOGIN_AUTHEN [chars] Explanation login() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages exec Messages EM-1024 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-LOGIN_ECM_CONN_SYSDB_FAILED [chars]: Call to login_ecm_conn_sysdb() failed. Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-LTRACE_INIT Failed to initialize tracing functionality for exec process([dec]). Exec shell will continue but trace messages will not be generated. Error:[chars] Explanation Initialization of trace functionality for exec shell failed. This would affect the debugging of exec shell. Recommended Action Try logging out and login again. If the message appears again, copy and save the message. Collect show logging output and any other suspicious error messages on console and inform technical support representative for assistance. Error Message %MGBL-exec-3-LWM Failure in lwm API call, [chars]. Error:[chars] Explanation The LWM api call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-MUTEX_LOCK Error code: [dec]. [chars] Explanation Unable to create exec’s event handling thread Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-PARSER_UNAVAIL [chars]: [chars] Explanation shell_parser_init() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages exec Messages EM-1025 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-PTHREAD_CREATE Error code:[dec]. [chars] Explanation Unable to create exec’s event handling thread Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-PTHREAD_MUTEX_LOCK [chars]: pthread_mutex_lock failed with error messsage:[chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-PTHREAD_MUTEX_UNLOCK [chars]: pthread_mutex_unlock failed with error messsage:[chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-SETENV_FAILED Unable to set [chars]:[chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-SYSDB_BIND_FAILED [chars]: sysdb_bind failed. [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages exec Messages EM-1026 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-SYSDB_ITEM_DELETE_FAILED [chars]: sysdb_item_delete() failed. [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-SYSDB_ITEM_GET_FAILED [chars]: sysdb_item_get failed. [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-SYSDB_REGISTER_EDM Exec failed to register EDM: [[hex]] [chars] Explanation Exec registers its EDM path for storing data. This registration of EDM has failed due to reasons mentioned in the error message. This failure could cause, exec session not to start up or could cause problem in entering configuration submodes. Recommended Action Close the exec session and relogin. If the message recurs, copy and save the message and call your technical support representative for assistance. Error Message %MGBL-exec-3-SYSDB_REGISTER_NOTIFICATION [chars]: sysdb_register_notification failed with error messsage:[chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-SYSDB_UNBIND_FAILED [chars]: sysdb_unbind failed. [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages exec Messages EM-1027 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-TASKMAP_GET Unable to obtain user’s taskmap via ([chars]):[chars] Explanation When exec is launched by certain clients like ssh/Fault-manager the authentication is bypassed. It is because authentication is done by clients already. In this case exec needs to obtain the user’s taskmap though. This is done by calling suitable AAA apis. If one of the apis fails, then this ios msg is emitted. Recommended Action Close the exec session and relogin. If the message recurs, copy and save the message and call your technical support representative for assistance. Error Message %MGBL-exec-3-TCGETATTR_FAIL [chars]: tcgetattr call failed with error [dec] [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TCSETATTR_FAIL [chars]: tcsetattr call failed with error [dec] [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TTY_DETAILS [chars]: [chars] Explanation tty_details_from_device_file() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TTY_MGMT_CONNECT [chars]: [chars] Explanation The call to tty_mgmt_connect() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages exec Messages EM-1028 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-TTY_MGMT_DEREGISTER [chars]: [chars] Explanation The call to tty_mgmt_deregister_tty_options() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TTY_MGMT_REG_OPTIONS [chars]: Error code: [dec]. Description: [chars] Explanation The call to tty_mgmt_register_tty_options() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TTY_MGMT_REG_SUBSET [chars]: Error:[dec]. [chars] Explanation The call to tty_mgmt_register_tty_subset() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TTY_MGMT_SCAN [chars]: [chars] Explanation The call to tty_mgmt_scan() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TUPLE_PACK [chars]: [chars] Explanation The call to tuple_pack() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages GSR_NETFLOW Messages EM-1029 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-exec-3-TUPLE_UNPACK [chars]: [chars] Explanation The call to tuple_unpack() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-exec-3-TUPLE_UNPACK_MASK [chars]: [chars] Explanation The call to tuple_unpack_mask() failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. GSR_NETFLOW Messages Error Message %MGBL-GSR_NETFLOW-7-ERR Nonfatal error: [chars] Explanation This is an error message in the nf_gsr_perf process to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate a resource needed by the application. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action These error message does not impact the functionality of NetFlow. Therefore no action is needed. HTTP_CLI Messages Error Message %MGBL-HTTP_CLI-3-AAA [chars] Explanation An AAA operation carried out by the HTTP CLI Agent returned unexpected results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages HTTP_CLI Messages EM-1030 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-HTTP_CLI-3-EMWEB An EmWeb function to [chars] returned an error to the HTTP CLI Agent Explanation The HTTP CLI Agent was unable to carry out an EmWeb server function. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-FILE [chars], Error: [chars] Explanation The HTTP CLI Agent was unable to carry out an operation on an internal file. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-INTERNAL [chars] Explanation The HTTP CLI Agent has encountered an invalid state - this point in the code should not have been reached. The HTTP process may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-INTERNAL_NULL A NULL pointer was passed by the HTTP CLI Agent to itself Explanation The HTTP CLI Agent has passed itself a NULL pointer when it should not have done - this point in the code should not have been reached. The HTTP process may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages HTTP_CLI Messages EM-1031 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-HTTP_CLI-3-INTERNAL_PARAMETER [chars] Explanation The HTTP CLI Agent has passed itself an invalid parameter - this point in the code should not have been reached. The HTTP process may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-MEMORY The HTTP CLI Agent was unable to allocate [unsigned int] bytes of memory Explanation The HTTP CLI Agent was unable to allocate the required amount of memory, as the HTTP process has run out of resources. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-PARSER [chars] Explanation A Parser operation carried out by the HTTP CLI Agent returned unexpected results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-SYSDB [chars] ’[chars]’ Explanation A SysDB operation carried out by the HTTP CLI Agent returned unexpected results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages HTTP_CLI Messages EM-1032 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-HTTP_CLI-3-SYSDB_CONN The HTTP CLI Agent was unable to create a connection to SysDB Explanation The HTTP CLI Agent was unable to create a connection to the SysDB component. It may be that the communication infrastructure is faulty, or that the SysDB component has not yet restarted. If the errors persist, the router may need to be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-SYSDB_GET The HTTP CLI Agent was unable to retrieve the item [chars] from SysDB Explanation The HTTP CLI Agent was unable to retrieve the specified item from the SysDB component. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-3-THREAD [chars], Error: [chars] Explanation The HTTP CLI Agent was unable to carry out an operation on an internal thread. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_CLI-5-WARN [chars] Explanation No error has occurred, but you should be aware that an unusual or unwanted situation may have arisen, and you may want to take preventation action as outlined in the warning message. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Manageability (MGBL) Messages HTTP_ENA Messages EM-1033 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 HTTP_ENA Messages Error Message %MGBL-HTTP_ENA-3-AUTH [chars] Explanation Authentication related error occured or returned unexpected results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-3-BACKEND_SCAN The HTTP Server was unable to carry out a backend scan on the SysDB item [chars] Explanation The HTTP Server was unable to retrieve the specified item(s) from the SysDB component. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-3-CRYPTO_DEACT HTTP server process has exited due to crypto package deactivation. Please unconfigure this command via ’no http server’. Explanation The crypto pie is deactived or removed while http server is running in ssl mode. Recommended Action Unconfigure http server or configure it to run in non-ssl Error Message %MGBL-HTTP_ENA-3-EMWEB An EmWeb function to [chars] returned an error to the HTTP ENA filesystem handler Explanation The HTTP ENA filesystem handler was unable to carry out an EmWeb server function. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages HTTP_ENA Messages EM-1034 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-HTTP_ENA-3-EVENT_MGR [chars], Error: [chars] Explanation An Event Manager operation carried out by the HTTP ENA filesystem handler returned unexpected results. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-3-FILE [chars], Error: [chars] Explanation The HTTP ENA filesystem handler was unable to carry out an operation on an internal file. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-3-INTERNAL_NULL A NULL pointer was passed by the HTTP ENA filesystem handler to itself Explanation The HTTP ENA filesystem handler has passed itself a NULL pointer when it should not have done - this point in the code should not have been reached. The HTTP process may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-3-MEMORY The HTTP ENA filesystem handler was unable to allocate [unsigned int] bytes of memory Explanation The HTTP ENA filesystem handler was unable to allocate the required amount of memory, as the HTTP process has run out of resources. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages HTTP_ENA Messages EM-1035 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-HTTP_ENA-3-SSL_INIT HTTP SSL init failed Explanation The HTTP Server SSL initialization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-3-SYSDB [chars] ’[chars]’ Explanation A SysDB operation carried out by the HTTP Server returned unexpected results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-3-SYSDB_CONN The HTTP Server was unable to create a connection to SysDB Explanation The HTTP Server was unable to create a connection to the SysDB component. It may be that the communication infrastructure is faulty, or that the SysDB component has not yet restarted. If the errors persist, the router may need to be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP_ENA-6-TCP_FAIL HTTP server is restarting since underlying transport is not available. Explanation TCP accept call failed, the HTTP server can’t function. Recommended Action No action is required. The server will automatically restart Error Message %MGBL-HTTP_ENA-7-TCP_UNKNOWN HTTP server encountered unexpected TCP error during accept function call, the errno is: [dec]. If this message continues to appear, try restarting the HTTP server. Explanation TCP accept call failed, the HTTP server can’t function. Recommended Action No action is required. The server will continue.Manageability (MGBL) Messages HTTP Messages EM-1036 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 HTTP Messages Error Message %MGBL-HTTP-3-EMWEB_ERROR [chars] Explanation The EmWeb code has encountered an error condition or state. The HTTP process may no longer be able to function correctly, and may need restarting if the errors persist. Recommended Action Restart http server if the errors persist. Error Message %MGBL-HTTP-7-DEBUGGING [chars], Error: [chars] Explanation A Debugging operation carried out by the HTTP Server returned unexpected results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-HTTP-7-INTERNAL [chars] Explanation The HTTP Server has encountered internal error conditions or this point in the code should not have been reached. The HTTP process may need restarting if the errors persist. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IFSTATS Messages Error Message %MGBL-IFSTATS-3-INIT Init failure: [chars]: [chars] Explanation This process failed during initialisation. Recommended Action If the process does not restart automatically then try manually restarting it. A likely cause for this error is that the system has run out of memory. In this case reduce system activity by killing non-essential processes. If this is not an out-of-memory problem and restarting the process does not solve it then contact support. Manageability (MGBL) Messages INTERFACE Messages EM-1037 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-IFSTATS-3-TYPE_LOOKUP Stats type ID lookup failure. Feature ’[chars]’, item ’[chars]’, node [hex], PID [unsigned int]: [chars] Explanation The process that is described by the Node ID and PID in this message sent a request for a stats type ID that cannot be handled. This will result in a failure to register for statistics collection. Recommended Action Restarting the process described in this message will cause the request to be resent. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-IFSTATS-4-ERR_EVENT_WAIT Error waiting for event: [chars]. Explanation The event loop has received a message of a type it does not recognize. All events should be received by handlers. This message is only a warning and does not represent a problem in its own right. Recommended Action If the process is otherwise working OK then a one-off occurrance of this message can be ignored. If the process is experiencing other problems then include this error message in the details given to support. Error Message %MGBL-IFSTATS-6-CLEAR_COUNTERS Clear counters on [chars] Explanation Counters on one or more interfaces have been cleared by the user. This message is for information only. Recommended Action None. INTERFACE Messages Error Message %MGBL-INTERFACE-3-CI_GEN_ERROR Interface CI DLL error:[chars] [dec] Explanation Failed to do DLL operation Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %MGBL-INTERFACE-3-CI_NOMEM_ERROR Interface CI DLL error:[chars] Explanation Failed to do DLL operation Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Manageability (MGBL) Messages IPSLA_TS_SVR Messages EM-1038 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-INTERFACE-4-ERR_SYSDB_BAG_DECODE Failed decode [chars] data, Error : [chars] Explanation Failed to decode data retrieved from database Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %MGBL-INTERFACE-4-ERR_SYSDB_BIND Path : [chars], Error : [chars] Explanation Failed to bind to system database. Interface stats retrieval could fail because of this error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* IPSLA_TS_SVR Messages Error Message %MGBL-IPSLA_TS_SVR-3-EVENT Error while processing event ([chars]) Explanation An error occurred while processing an event at the time stamp server event manager Recommended Action This is an unusual situation which should not occur under normal circumstances. If the situation persists it may require the restart of the time stamping process. Error Message %MGBL-IPSLA_TS_SVR-3-EVENT Error while processing event ([chars]) Explanation An error occurred while processing an event at the time stamp server event manager Recommended Action This is an unusual situation which should not occur under normal circumstances. If the situation persists it may require the restart of the time stamping process. Error Message %MGBL-IPSLA_TS_SVR-3-INIT Failed to initialize [chars]:[chars] Explanation Time stamp server failed to perform initialization task. The initialization step where it failed and the exact error are mentioned in the message. Recommended Action This could happen in a fatal situation. Such as system low on resources or communication failures. Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages IPSLA Messages EM-1039 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-IPSLA_TS_SVR-3-INIT Failed to initialize [chars]:[chars] Explanation Time stamp server failed to perform initialization task. The initialization step where it failed and the exact error are mentioned in the message. Recommended Action This could happen in a fatal situation. Such as system low on resources or communication failures. Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. IPSLA Messages Error Message %MGBL-IPSLA-4-ERR_MEM [chars] Explanation IPSLA modules are failed to allocate memory due to low memory conditions in the System. Recommended Action Increase System Memory or stop some applications which are not required. Error Message %MGBL-IPSLA-4-ERR_MPLSLM MPLSLM([dec]) [chars]: [chars] Explanation IPSLA MPLS LSP Monitor module has failed to perform an operation. Recommended Action See the message text for details of failure. Error Message %MGBL-IPSLA-4-ERR_OPER OP:[dec].[chars].[chars] Explanation IPSLA operation module has failed to perform an operation. Recommended Action See the message text for details of failure. Error Message %MGBL-IPSLA-5-INTERNAL [chars]:[dec]:[chars] Explanation IPSLA module incurred an internal error. This could happen in various situations. Such as system low on memory or communication failures with other processes. Recommended Action Try restarting the IPSLA process showing this error. Manageability (MGBL) Messages IPSLA Messages EM-1040 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-IPSLA-5-LPD_RESULT_CHG Op:[unsigned int] Tree trace for target address [chars] [chars] (retcode: [chars]) Explanation Result of the LSP Path Discovery has changed for the operation. In case of a failure, the value of the retcode field indicates the cause of the failure. Refer to the Textual Convention RttMplsVpnMonLpdFailureSense at the CISCO-RTTMON-MIB for possible reported causes. Recommended Action When result changes to a value other than ’OK’, it means that the ECMP discovery could not be completed successfully for the particular period. When paths are reported as broken or unexplorable, identify the available paths through the ’show ipsla mpls lsp-monitor lpd summary’ command and use the ’traceroute mpls’ tool to collect more information about the failure. Error Message %MGBL-IPSLA-5-LSP_GROUP_CHG Op:[unsigned int] for target address [chars] from [chars] to [chars] Explanation LSP Group status has changed for the operation. This is a result of some/all of the ECMPs monitored by the operation changing their status to Up or Down. Refer to the Textual Convention RttMplsVpnMonLpdGrpStatus at the CISCO-RTTMON-MIB for possible reported status values. Recommended Action When status of the group changes to ’Down’ or ’Partial’, check the output of ’show ipsla statistics group_id’ and look for those reported paths with ’Path Sense’ value different from 1. Run ’traceroute mpls’ for the failed paths to collect more information about the failure. Error Message %MGBL-IPSLA-5-THRESHOLD_CLEAR Monitor element has reset the threshold reaction. Op:[unsigned int], TargetAddr:[chars], MonElem:[chars]([chars]) Explanation A threshold condition has cleared for the operation Recommended Action None. Error Message %MGBL-IPSLA-5-THRESHOLD_SET Monitor element has exceeded the threshold condition. Op:[unsigned int], TargetAddr:[chars], MonElem:[chars]([chars]) Explanation A threshold condition has raised for the operation Recommended Action None Error Message %MGBL-IPSLA-6-DISC_LIMIT [chars] Explanation Discovered PE targets has exceeded the maximum number. Recommended Action Dicrease PEs in a topology or stop ipsla mpls-lsp-monitor which are not required. Manageability (MGBL) Messages LIBNVGEN Messages EM-1041 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-IPSLA-7-AGENT [chars]:id(gid:[dec],nid:[dec],pid:[dec]):[chars] Explanation An operation on agent table is failed. Error message displays operation:error. Recommended Action None Error Message %MGBL-IPSLA-7-ERR_SYSDB [chars]:[chars] Explanation A sysdb operation failed. See error message text for details of error. This may impact some functionality of IPSLA depending upon where the error occured. Recommended Action None LIBNVGEN Messages Error Message %MGBL-LIBNVGEN-3-ERR_MEM_ALLOC [chars]: memory allocation routine failed Explanation ’The system has run out of memory’ Recommended Action *SH_TECH* Error Message %MGBL-LIBNVGEN-3-ERR_SYSDB_BIND sysdb_bind: [chars], [chars] Explanation ’Unable to bind to sysdb. The error is displyed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-LIBNVGEN-3-ERR_THREAD_MUTEX_LOCK [chars]: [chars] Explanation ’The call to pthread_mutex_lock() was unsuccessful’ Recommended Action *SH_TECH* Error Message %MGBL-LIBNVGEN-3-ERR_THREAD_MUTEX_UNLOCK [chars]: [chars] Explanation ’The call to pthread_mutex_unlock() was unsuccessful’ Recommended Action *SH_TECH* Manageability (MGBL) Messages LIBPARSER Messages EM-1042 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBNVGEN-3-LWM_API_ERR [chars], ’[chars]’: Error - ’[chars]’ Explanation Failure in LWM client API. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBPARSER Messages Error Message %MGBL-LIBPARSER-3-AAA_STRING_TASKID_CHECK Error in checking taskid:’[chars]’ Explanation ’Special taskid string check against user taskmap failed’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-LIBPARSER-3-ADD_SESSION [chars]: Unable to create an entry for suspended connection: [dec] Explanation ’The call to add_session() was unsuccessful’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-API_FAIL [chars]: [chars] Explanation ’An API failed due to the mentioned error’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages LIBPARSER Messages EM-1043 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBPARSER-3-COMMENT_LIMIT Total length of the comment reached its limit. Explanation The total length of comment permitted for a command is 1024. Multiple lines of comments associated for a command is considered as a single comment for that command and the total length of all the comments would be considered as the total length of the comment associated to that command. This allowed limit would approximate to 10 lines of comments of width 100. Any more lines of comments will be discarded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-LIBPARSER-3-ERR_DLL_UNKNOWN Failed to locate DLL: [chars] specified in tree ’[chars]’ Explanation ’An error occurred when trying to open the dll library specified in command tree. This failure will cause the command tree unload.’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-ERR_DLL_UNKNOWN_FUNC Failed to locate function: [chars] in DLL ’[chars]’ Explanation ’An error occurred when trying to locate the dll function in DLL.’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-ERR_ETIMEOUT Timeout reading file. If tftp, try increasing the timeout value with config CLI ’tftp client timeout’. Error: [chars] Explanation ’Error while reading the file, Aborting the connection.’ Recommended Action Please consider increasing the tftp timeout value using, config CLI tftp client timeout. Error Message %MGBL-LIBPARSER-3-ERR_INVALID_DATA Unknown or wrong Input: [chars] Explanation ’Wrong/Unknown Input’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages LIBPARSER Messages EM-1044 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBPARSER-3-ERR_MEM_ALLOC [chars]: memory allocation routine failed Explanation ’The system has run out of memory’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-ERR_PARSE [chars]: Parse error Explanation ’Parse error’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-LIBPARSER-3-ERR_SYSDB_API [chars]: [chars]: [chars] Explanation ’Unable to perform a sysdb api call. The module which is calling this api, the description of the api and the error is displyed in the error message.’ Recommended Action collect show parser trace, show logging, any abnormal console message, and configuration of the router. Then send this output to tech support. Error Message %MGBL-LIBPARSER-3-ERR_SYSDB_BIND sysdb_bind: [chars], [chars] Explanation ’Unable to bind to sysdb. The error is displyed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-ERR_SYSDB_CONDITIONAL_DELETE sysdb_item_conditional_delete of ’[chars]’: [chars] Explanation ’sysdb conditional delete operation failed. The error is displyed in the error message.’ Recommended Action *SH_TECH* Manageability (MGBL) Messages LIBPARSER Messages EM-1045 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBPARSER-3-ERR_SYSDB_DATALIST Failed to get datalist for ’[chars]’: [chars] Explanation ’The sysdb operation failed. Error text is displayed in the message’ Recommended Action Unexpected failure happened while reading data from sysdb datastore. This could affect parser from parsing some commands. Please collect the console log, show logging output, any other messages related to system database, and unexpected syntax error failure in some commands if any noticed. Please contact technical support representative with this information. Error Message %MGBL-LIBPARSER-3-ERR_SYSDB_DATALIST_NEXT Failed to get item in data list for ’[chars]’: [chars] Explanation ’The sysdb operation failed. Error text is displayed in the message’ Recommended Action Unexpected failure happened while reading data from sysdb datastore. This could affect parser from parsing some commands. Please collect the console log, show logging output, any other messages related to system database, and unexpected syntax error failure in some commands if any noticed. And call your technical support representative for assistance. Error Message %MGBL-LIBPARSER-3-ERR_SYSDB_DELETE sysdb_item_delete of ’[chars]’: [chars] Explanation ’sysdb item delete operation failed. The error is displyed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-ERR_SYSDB_SET sysdb_item_set of [chars] failed: [chars] Explanation ’sysdb item set failed. The error is displyed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-ERR_THREAD_COND_WAIT [chars]: [chars] Explanation ’The call to pthread_cond_wait() was unsuccessful’ Recommended Action *SH_TECH* Manageability (MGBL) Messages LIBPARSER Messages EM-1046 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBPARSER-3-ERR_THREAD_MUTEX_LOCK [chars]: [chars] Explanation ’The call to pthread_mutex_lock() was unsuccessful’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-ERR_THREAD_MUTEX_UNLOCK [chars]: [chars] Explanation ’The call to pthread_mutex_unlock() was unsuccessful’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-FAILEDREGCOMP Regex operation ([chars]) failed for pattern:[chars]. Error([chars]) Explanation The regex operation failed for some reason. This may lead to parser errors. The possible causes are a regex compilation failure or a memory allocation failure. If the failure shows up during memory allocation , please check memory status for router. Recommended Action Collect ’show parser trace parsing’ output, and open a DDTS report. Error Message %MGBL-LIBPARSER-3-FILE_IO Error on file IO ’[chars]’: ’[chars]’ Explanation Unable to read/write the file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-LIBPARSER-3-FILE_SIZE Error in file ’[chars]’ of size : ’[chars]’ Explanation Unable to add command defined under the file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages LIBPARSER Messages EM-1047 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBPARSER-3-INITIFMGR [chars], error: [chars] Explanation ’Initialization of interface manager connection failed. The failure cause is mentioned in the error message displayed.’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-IP_ADDR2_HEX_STRING_FAILED [chars]: Conversion of ip_addr_t to string failed Explanation ’Conversion of ip_addr_t to string failed’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-LIBPARSER-3-IPV46_COMPRESSION_ERROR [chars]: Error in compression ipv6 address ’[chars]’ with ipv4 address ’[chars]’ as it’s subset. Explanation ’After compression, ipv4 address in ipv6 address should have been converted into’ ’ two 16 hexs , but this did not happen.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-LIBPARSER-3-LTRACE_INIT Failed to initialize tracing functionality, error: ([unsigned int]) [chars]. Explanation Initialisation of trace functionality for parser failed. This would affect the debugging of parser. Recommended Action Restart parser_server process (process restart parser_server). If the message recurs, copy and save the message and call your technical support representative for assistance. Error Message %MGBL-LIBPARSER-3-LWM_API_ERR [chars], ’[chars]’: Error - ’[chars]’ Explanation Failure in LWM client API. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages LIBPARSER Messages EM-1048 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBPARSER-3-TESTPOINT_LIMIT [chars]:Reached testpoint callback limit for callback([unsigned int]) Explanation Failure in adding a new testpoint callback function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-LIBPARSER-3-TOOMANYALIASES Only support 1000 aliases Explanation ’The system has 1000 aliases limitation’ Recommended Action ’please remove some unused aliases before defining more aliases’ *NONE* Error Message %MGBL-LIBPARSER-3-TTY_NMSPC_PATH [chars]: [chars] Explanation ’Unable to get the sysDB path of an item from TTY nmspc library’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-3-TUPLE_UNPACK can not unpack data for item/entity([chars]): [chars] Explanation ’This error will happen if parser can not unpack interface encap ’ ’info from sysdb. This information is published in sysdb by ifmgr ’ ’As a result parser may not be able to parse subinterfaces for ’ ’interface mentioned in the error message. Usually this error could ’ ’happen in the low memory condition. If this happens analyse the low ’ ’memory situation and once solved, restart parser_server’. Recommended Action This error can only happen in the low memory condition. Collect the error message, show logging output, show interface brief output and show it to tech support. Error Message %MGBL-LIBPARSER-3-WDSYSMON_REGISTER_ERROR Error in registering with wdsysmon:’[chars]’ Explanation ’Error in registering with wdsysmon’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages LIBSHELL Messages EM-1049 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBPARSER-7-ERR_DEBUG debug_event failed: [chars] Explanation ’Debug event logic failed. The reporting function is listed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-7-ERR_SYSDB_REG_NOTIFY sysdb_notification_register_evm of ’[chars]’: [chars] Explanation ’The sysdb operation failed. Error test is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-7-ERR_SYSDB_UNREG_NOTIFY sysdb_notification_unregister of ’[chars]’: [chars] Explanation ’The sysdb operation failed. Error test is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-LIBPARSER-7-FDOPEN [chars]: fdopen failed: [chars] Explanation ’The call to function fdopen failed. The error message is displayed in the message’ Recommended Action *SH_TECH* LIBSHELL Messages Error Message %MGBL-LIBSHELL-3-PTHREAD_MUTEX_LOCK Failed lock operation ’[chars]’ during ’[chars]’. Error:[chars] Explanation A lock operation for synchronising shared resource, failed due to the mentioned error. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1050 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-LIBSHELL-3-WS_INIT [chars]: [chars] Explanation Initialization of functionality in getline library failed for reason mentioned in the error message. The whitespace completion behaviour could not be modified. Recommended Action Exit the shell and get into the shell again. This would re-initialize the libshell library and error messages should no more appear. If the error message, persist; then undo the cli whitespace completion configuration from the line and call you’re technical support representatives for assistance. MDACON Messages Error Message %MGBL-MDACON-4-ABORTBULK [MDACon] While aborting a bulk operation the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-ABORTTRANS [MDACon] While aborting a transaction the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-ARRAYTOOBIG [MDACon] Unable to handle the large number of elements in data array Explanation The number of elements entered by user in an array are more than this application is designed to handle. Recommended Action * RECUR * Manageability (MGBL) Messages MDACON Messages EM-1051 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-BADCLASS [MDACON] Invalid class name - [chars] Explanation An invalid class name was entered either by itself or as part of a hierarchy string. Recommended Action Use the classinfo command to get more information about available class names. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-BADFILTER [MDACON] Invalid filter name - [chars] Explanation An invalid filter name was entered for the related class. Recommended Action Use the classinfo command to get more information about available filters for a given class. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-BADFORMAT [MDACon] Badly formatted [chars] Explanation The command entered is badly formatted. Recommended Action Re-enter the command. (Use the help command to find valid entry formats.) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-BADHRCHY [MDACON] Invalid hierarchy - [chars] Explanation An invalid hierarchy was entered by the user. Recommended Action Use the ’children’ command to progressively find out the correct hierarchy string. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-BADOPTION [MDACon] Invalid option - [chars] Explanation The command option is invalid Recommended Action Re-enter the command. (Use the help command to find valid options.) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1052 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-BIND [MDACon] Could not bind to the MDA: [chars]. MDACon cannot carry out any operations. XML agent (either corba or tty) needs to be configured to execute MDACon - try quitting and restarting it after configuring ’xml agent (corba|tty)’ Explanation MDACon was unable to bind to MDA. It is possible that there is a problem with MDA or the Schema Server, or the communication infrastructure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-COMMITTRANS [MDACon] While committing a transaction the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-COPY [MDACon] While copying object [chars] to [chars] the following error occurred: [chars] Explanation An error occurred invoking an MDA function. This could be because the object to copy does not exist. The details are in the error string. Recommended Action Check that the object to copy exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-CREATE [MDACon] While creating object [chars] the following error occurred: [chars] Explanation An error occurred invoking an MDA function. This could be because the object to create already exists. The details are in the error string. Recommended Action Check that the object to create does not exist. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1053 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-DATAARRAYLENGTH [MDACON] Too little or too much [chars] provided for class [chars] Explanation The number of elements entered for a data array does not match the expected value. Recommended Action Use the classinfo command to get more information about the naming or value information of a class. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-DATAARRAYTYPE [MDACON] Invalid [chars] entered for class [chars] Explanation The datatypes entered in a data array do not match the the expected datatypes. Recommended Action Use the classinfo command to get more information about the naming or value information of a class. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-DELETE [MDACon] While deleting object [chars] the following error occurred: [chars] Explanation An error occurred invoking an MDA function. This could be because the object does not exist. The details are in the error string. Recommended Action Check that the object to delete exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-ENDBULK [MDACon] While ending a bulk operation the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1054 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-ERR_MEM_ALLOC [MDACon] Not enough memory Explanation MDACon was unable to allocate enough memory required to process the command Recommended Action Memory on the box must be running low - are there services that can be stopped, or can more memory be added. Error Message %MGBL-MDACON-4-ERRORLIST [MDACon] While listing the errors which occurred in the previous operation the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-EVENTLIST [MDACon] While listing the operations which have been made within the current bulk operation, the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-EXCESS [MDACon] Excess tokens in command string Explanation There were more tokens entered as part of the command string than are required for the command. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1055 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-FILEOPEN [MDACon] The specified file ([chars]) could not be opened for [chars] Explanation The file specified for reading instructions from, or writing output to, when MDACon was started, cannot be found. The most probable reason is that an incorrect incorrect name or path was supplied. Recommended Action Check that the file name sor path upplied was correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-FILEREAD [MDACon] Unable to read from command file Explanation An error occurred during a read operation from the instruction file. Recommended Action Check that the file format is correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-FINDDATA [MDACON] While executing the find data or finddata_next request, the following error occured: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-GET [MDACon] While fetching object [chars] the following error occurred: [chars] Explanation An error occurred invoking an MDA function. This could be because the object to fetch does not exist. The details are in the error string. Recommended Action Check that the requested object exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1056 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-LIST [MDACon] While executing the list request the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-MISMATCH [MDACon] Mismatched quotes or brackets in command Explanation An unmatched ’’’ or ’{’ character was found part way through a token in a command string. Recommended Action Re-enter the command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-MISSDESTNAME [MDACon] Missing destination object name or path. Explanation The command entered requires a destination object name or path and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-MISSFILTER [MDACon] Missing filter name Explanation The command entered requires a filter name and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1057 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-MISSNUMBER [MDACon] Missing number Explanation The command entered requires a number and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-MISSSTARTOBJECT [MDACon] Missing start object naming information Explanation The command entered requires naming information of start and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-MISSVALUE [MDACon] Missing object value Explanation The command entered requires an object value and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-NOTLEAF [MDACON] Class [chars] is not a leaf Explanation The entered class name is not a leaf class, as is expected by the command. Recommended Action Use the classinfo command to get more information about available class names. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-READERINIT [MDACon] Unable to initialize the command line reader Explanation An error occurred while preparing to read instructions from the command line. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1058 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-SET [MDACon] While setting object [chars] the following error occurred: [chars] Explanation An error occurred invoking an MDA function. This could be because the object does not exist or has the wrong type. The details are in the error string. Recommended Action Check that the object to set exists and has the same type as it is being set to. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-STARTBULK [MDACon] While starting a bulk operation the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-STARTTRANS [MDACon] While starting a transaction the following error occurred: [chars] Explanation An error occurred invoking an MDA function. This could be because the timeout time was not correctly entered. The details are in the error string. Recommended Action Check that the format of the timeout time is correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-SYSDBMATCH [MDACon] While determining the MDA object instance which corresponds to the SysDB path, the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages MDACON Messages EM-1059 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-MDACON-4-TASKNAMES [MDACon] While requesting the AAA task names of a hierarchy point, the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-TEST [MDACon] Verification failed on object [chars] for the following reason [chars] Explanation An error occurred invoking an MDA function. This could be because the object does not exist or has the wrong type. Or because the verifier did not allow the change. The details are in the error string. Recommended Action Check that the object to set exists and has the same type as it is being set to. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-4-UNKCMD [MDACon] No such command - [chars] Type help or ? for a list of available commands Explanation The first token in a command string was not a recognised MDACon command. Recommended Action Check the list of available commands and retry. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-MDACON-7-INTERNAL [MDACon] [chars]%s: [chars] Explanation The code has performed an action which should not be possible. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Manageability (MGBL) Messages NETFLOW Messages EM-1060 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 NETFLOW Messages Error Message %MGBL-NETFLOW-3-ERR_CFG_APPLY Could not apply verified config: [chars] Explanation This is an error message in the Netflow manager to indicate that due to specified reasons, it was unable to apply the configuration that it had previously verified and accepted. This errmsg usually means that the netflow running config and netflow operational state are out of sync. Recommended Action This error message indicates that a configuration problem occurred. Try reapplying the configuration. If that fails, the try restarting the process that issued the error message with the command process restart name location node. Error Message %MGBL-NETFLOW-4-WARNING_CFG_APPLY Could not apply configuration: [chars] Explanation This message indicates that a configuration that was previously verified cannot be applied due to the reason specified. This may happen if a configuration that was applied to a Bundle interface cannot be applied due to either resources not being available in the Line Card where the member resides, or some configuration mismatch was detected. Recommended Action Check the reason for the application failure and correct it as appropriate. Error Message %MGBL-NETFLOW-6-INFO_HIGHWATER Cache for monitor [chars] entries [dec] exceeds highwater mark of [dec] entries Explanation This is an informational message to indicate that the specified flow monitor map cache has reached its high water mark and is being aggressively aged Recommended Action If this message is being issued too often, you might consider increasing the cache size. But keep in mind that the maximum cache size is 1,000,000 entries and it may put a strain on memory consumption in the LC. Error Message %MGBL-NETFLOW-7-ERR Nonfatal error: [chars] Explanation This is an error message in the Netflow manager to indicate anomolies which are not FATAL. Some of the messages may indicate a failure to allocate a resource needed by the application. In many cases these messages must not keep appearing after the temperory situation is resolved. Recommended Action These error message is does not impact the functionality of NetFlow. Therefore no action is needed.Manageability (MGBL) Messages NVGEN Messages EM-1061 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 NVGEN Messages Error Message %MGBL-NVGEN-3-ARG [chars]: Invalid argument Explanation ’Invalid argument has been passed to the function’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-BASENAME [chars]: basename of: [chars] Explanation ’The call to basename failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-BGCOPTIONMISSING1 [chars]: bgcoption missing ’,’ after id: ’[chars]’ Explanation ’The input is invalid. The calling function and the command are displayed’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-BLANKENTERTUPLE [chars]: blank enter tuple template ptr:[hex] ref [hex] : [chars] Explanation ’The enter tuple is blank. The calling function and enter tuple are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-BUFFER [chars]: new_cmd buffer null Explanation ’The command buffer is invalid. The calling function is displayed in the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1062 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-CFS_INIT_ERR [chars] [chars] Explanation ’Nvgen server could not initialize the CFS’ Recommended Action Collect the show logging output, console logs and error trace. Collect the show nvgen trace output. And contact tac representative with this information. Error Message %MGBL-NVGEN-3-COPTIONNOTPRESENT [chars]: Coption Not Present:’[chars]’ Explanation ’Coption is missing in the command. The calling function and the command are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-DECODESTR [chars]: sysdb_string_decode of ’[chars]’: [chars] Explanation ’The sysdb decode operation failed. The error message is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-DIR_IO [chars]: Error on directory ’[chars]’ during ’[chars]’: ’[chars]’ Explanation Unable to open/create the directory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-ENDCOPTIONINCOMPLETE [chars]: Incomplete endcoption mark for [hex]: ’[chars]’, new cmd: ’[chars]’ Explanation ’end option mark is incomplete in the command. The calling function the coption id and the commands are are displayed in the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1063 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-ENDCOPTIONMISSINGCOMMA [chars]: Missing comma in endcoption mark for [hex]: ’[chars]’ Explanation ’end option mark is missing a comma in the command. The calling function the coption id and the command are are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ENDCOPTIONNOTPRESENT [chars]: No endcoption mark for [hex]: ’[chars]’ Explanation ’end option mark is missing in the command. The calling function the coption id and the command are are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ENV [chars]: The call to ovl_setup_env() failed Explanation ’Could not update environment variables due to the error’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_DLL_UNKNOWN Unknown DLL [chars] in tree ’[chars]’ Explanation ’The nvgen try to load an unknow dll in the specified tree’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_DLL_UNKNOWN_FUNC Failed to locate function: [chars] in DLL ’[chars]’ Explanation ’An error occurred when trying to locate the dll function in DLL.’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_MEM_ALLOC [chars]: memory allocation routine failed Explanation ’The system has run out of memory’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1064 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-ERR_SYSDB_BIND sysdb_bind: [chars] [chars] Explanation ’Unable to bind to sysdb. The error is displyed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_SYSDB_GET [chars] while accessing [chars] Explanation ’An error occurred while accessing sysdb. The error is displayed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_SYSDB_LIST sysdb_list of ’[chars]’: [chars] Explanation ’The sysdb operation failed. Error text is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_SYSDB_SET Unable to set item in sysdb:[chars]: [chars] Explanation Nvgen server failed to set an item in sysdb database. The item name is part of the error. This may result in failure to generate running config properly in show run command. Or an impact may be seen during the internal config backup. Recommended Action Collect the show logging output, show nvgen trace output, show runnning output, show config history and show tech-support sysdb. Contact TAC representative with this information. Error Message %MGBL-NVGEN-3-ERR_THREAD_COND_WAIT [chars]: pthread_cond_wait of: [chars] Explanation ’The call to wait on a condition failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_THREAD_CREATE [chars]: pthread_create of : [chars] Explanation ’The call to pthread_create failed. The error text is displayed in the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1065 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-ERR_THREAD_JOIN [chars]: pthread_join of: [chars] Explanation ’The call to pthread_join failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_THREAD_MUTEX_LOCK [chars]: pthread_mutex_lock of: [chars] Explanation ’The call to lock a mutex failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ERR_THREAD_MUTEX_UNLOCK [chars]: pthread_mutex_unlock of: [chars] Explanation ’The call to unlock a mutex failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-EVENT_ATTACH [chars]: Failed to attach event handler: [chars] Explanation ’The call to attach nvgen requst handler to event manager failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-EVENTBLOCK [chars]: event_block failed : [chars] Explanation ’The call to event block in parser server failed. Parser may exit in this case. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-EVENTMGRCREATE [chars]: event_manager_create failed : [chars] Explanation ’The call to create parser event manager failed. The error is displayed in the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1066 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-FAILEDREGCOMP [chars]. Pattern: [chars] Explanation ’The regcomp function failed for some reason. This may lead to NVGEN errors. Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-FILE_COMPRESS [chars]: Error on compressing file in ’[chars]’: ’[chars]’ Explanation Unable to compress the file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-FILE_IO [chars]: Error on file IO ’[chars]’ for ’[chars]’: ’[chars]’ Explanation Unable to read/write the file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-FILE_NOT_OPEN [chars]: Unable to open file ’[chars]’ for ’[chars]’: ’[chars]’ Explanation Unable to open the specified file. The error is mentioned as part of the message. This could impact the show run functionality or cause the config loss at upgrade or reload. If this error has happened at the time of doing copying configuration to a file, then copy will not be successful. If this happens during internal system configuration backup then certain configuration will not be updated in the backup. This could result in the config loss at next reboot. If this happens during nvgen server process restart or during initialization after a pie/package upgrade then either command files or config order or partition files are not opened. In which case certain config lines will be missing in the show run. Recommended Action proc restart nvgen_server. If situation persists the Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages NVGEN Messages EM-1067 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-GENERAL_ERR [chars]: [chars] Explanation ’Nvgen server encountered an error, see message for more details’ Recommended Action Collect the show logging output, console logs and error trace. Collect the show nvgen trace output. And contact tac representative with this information. Error Message %MGBL-NVGEN-3-ILLEGAL_TEMPLATE_TUPLE Incorrect CLI template tuple:[chars]: [chars] Explanation Nvgen server obtained an incorrect cli template config tuple from system database. This may result in failure to generate complete template configuration in show run command. Or in internal config backup. Recommended Action Collect the show logging output, console logs, tracebacks, show nvgen trace output, show runnning output, show config history and show tech-support sysdb. Contact TAC representative with this information. Error Message %MGBL-NVGEN-3-ILLEGALENTERSTR [chars]: Illegal enter string ’[chars]’ on cmd ’[chars]’ Explanation ’The enter string is illegal. The calling function and enter string and command are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-ILLEGALENTERTUPLE [chars]: Illegal enter tuple ’[chars]’ for cmd ’[chars]’ Explanation ’The enter tuple is invalid. The calling function and enter string and command are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-INSTALL_READY_FAILED [chars]: Call to install_proc_ready failed with id: [dec] error: [chars] Explanation ’nvgen_server got an error return from calling install_proc_ready’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1068 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-INTF_NAME_NULL [chars]: interface name is NULL Explanation ’Interface name send for parsing is NULL.’ Recommended Action Collect the nvgen debug output and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-INTF_NAME_PARSE_ERROR [chars]: display of interfaces may not be in order. Name: [chars] Error: [chars] Explanation ’interfaces during nvgen are ordered based on logical intf or slot/’ ’/port/sub-intf. This ordering failed due to the mentioned reason’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-INTFINFO [chars]: Unable to get information about interface - [chars] Explanation ’Interface Manager API im_is_hw_interface was not successful.’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-INVALID_IPV4_6_FLAG [chars]:Invalid nvgen generic ipv4/6 flag. [dec]. Explanation ’generic ipv4/6 nvgen flags are incorrect. Probably error in ’ ’dumping the flags.’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-INVALID_IPV6_FLAG [chars]:Invalid flag in ipv6address template. [dec]. Explanation ’ ipv6 nvgen flags are incorrect. Probably error in ’ ’dumping the flags.’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1069 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-INVALID_NOTIFICATION [chars]: Unknown or unsupported ovl notification: [dec] Explanation ’nvgen_server got an invalid notification form ovl process’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-INVALID_ORDER Incorrect ordering info read from order table at:[chars] Explanation Nvgen server obtained an incorrect order list entry from an internal order file. This may result in the show run output to have a different ordering than intended. Recommended Action Collect the show version, show logging, show nvgen trace output, show runnning output, show config history and show tech-support sysdb. Contact TAC representative with this information. Error Message %MGBL-NVGEN-3-INVALIDINPUT [chars]: invalid input (no ’B’): ’[chars]’ Explanation ’The input is invalid. The calling function and the command are displayed’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-INVALIDINPUTFMT Input format(s) do not match output format in: ’[chars]’ Explanation ’The Number output format specification is not in the number input format specification, so we are writing a number that we probably cannot read back in’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-INVALIDNXCOPTION [chars]: invalid NXCOPTION mark:’[chars]’ Explanation ’The input is invalid. The calling function and the command are displayed’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1070 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-INVALIDTEMPLATE Invalid template file:’[chars]’ Explanation ’The template in this file is invalid or wrong version’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-INVALIDVERSION nvgen (version: [dec].[dec]) cannot handle version [dec].[dec] of nvgen template in component ’[chars]’ Explanation ’The version of this file is too old or wrong’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-INVALTUPLEPATH [chars]: [chars]: [chars] Explanation ’The path of the tuple is invalid’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-LOCK_ERR Failed lock operation ’[chars]’. Error:[chars] Explanation A lock operation on shared resource, called by nvgen failed due to the mentioned error. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-MINMSGLENGTH The length: [unsigned int] of the message: ’[chars]’ is less than minimum message length Explanation ’The message length must be greater than minimum message length. The minimum message length varies by request code.’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1071 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-MISSINGBRACKET [chars] : [chars]: missing ’’ in sysdb string ’[chars]’ for command ’[chars]’ Explanation ’The ’’ is missing in sysdb string. The sysdb string and the command are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-MISSINGEQUALSIGN [chars]: [chars]: missing ’ equals ’ in sysdb string ’[chars]’ for command ’[chars]’ Explanation ’The equal is missing in sysdb string. The sysdb string and the command are displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-MSGREADV [chars]: MsgReadv of: [chars] Explanation ’The call to MsgReadv failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-NAMESPACE_ERR Failed a namespace operation ([chars]). Partition([chars]), Error:[chars] Explanation Nvgen server failed to build config namespaces from internal namespace module. This may result in failure to output the configuration in the intended order in show run command. Or in internal config backup. Recommended Action Collect the show version, show logging, show nvgen trace output, show runnning output, show config history and show tech-support sysdb. Contact TAC representative with this information. Error Message %MGBL-NVGEN-3-NESTEDCOPTION [chars]: incorrect nested coption:’[chars]’ Explanation ’The input is invalid. The calling function and the command are displayed’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1072 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-NULLCHARMISSING The message is not null terminated. Explanation ’Parser messages must be null terminated.’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-OBJINREPLACE [chars]: [chars]: Unknown object type [unsigned int] in replace_type Explanation ’The object type in the replace_type is invalid. The objtype is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-OPEN [chars]: open of [chars] failed : [chars] Explanation ’The call to open() failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-PART_NAMES_GET_ERR Could not get partitions names from cfgmgr: [chars] Explanation ’Nvgen server could not get the changed partition names from cfgmgr’ Recommended Action Collect the show logging output, console logs and error trace. Collect the show nvgen trace output. And contact tac representative with this information. Error Message %MGBL-NVGEN-3-PATTERN_NOT_FOUND [chars]: Pattern:’[chars]’ not found in template ’[chars]’. Explanation Taskid pattern not found where it was expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-READERR [chars]: read failed: [chars] Explanation ’The call to function read failed. The error message is displayed in the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1073 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-REGISTER_INSTMGR [chars]: Failed to register with installmgr for software change notification : [chars] Explanation ’The call to register for notification from install mgr failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-RESMGRATTACH [chars]: event_resmgr_attach of : [chars] Explanation ’The call to attach to parser resource manager failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-SHRINK_IPV4_6ADDRESS_FAILED [chars]: Unable to shrink ipv4_6address: ’[chars]’ Explanation Shrinking of expanded ipv4_6address failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-STAT [chars]: stat of [chars] failed: [chars] Explanation ’The call to stat() failed. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-SUBMODESTRING [chars]: get_submode_string: no end mark: [chars] Explanation ’The end mark is missing in the submode string. The submode is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-SYSDBOPERATION sysdb_operation of [chars] : ’[chars]’: [chars] Explanation ’The sysdb find data operation failed. The error is displayed in the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages NVGEN Messages EM-1074 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-TARGET_CFG_CREATE [chars]:Failed to create target config:[chars]. Explanation Nvgen client failed to create target config buffer. Configuration can not proceed. Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-TARGET_CFG_DESTROY [chars]:Failed to destroy target config:[chars] Explanation Nvgen client failed to destroy target config buffer. Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-TARGET_CFG_LOCKERR [chars]:Failed to obtain exclusive lock for this session:[chars] Explanation Nvgen client failed to obtain exclusive lock for this session. Terminate the other open sessions and try again. Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-TARGET_CFG_UNLOCKERR [chars]:Failed to release the lock held by session:[chars] Explanation Nvgen client failed to release exclusive lock held by this session. Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-TASKID_COMPARE_ERROR [chars]: aaa_compare_tasktable_alt failed! Error: ’[chars]’ Explanation ’nvgen_server got an error from calling aaa_compare_tasktable_alt.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages NVGEN Messages EM-1075 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-TASKID_EXCEEDED [chars]: Number of taskid in .parser exceed maximum taskid limit for template :’[chars]’ Explanation Number of taskid found in .parser exceeded the maximum limit. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-TASKID_MISMATCH [chars]:Taskid found but number of taskid is 0:’[chars]’ Explanation Total number of taskid for the template is 0, but taskid struct is not NULL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-TASKID_NOT_FOUND [chars]: Taskid not found, where it is expected:’[chars]’ Explanation Taskid not found, but total number of taskid is greater than 0. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-NVGEN-3-TOKENNUMBER [chars]: [chars]: Possible loop detected in command ’[chars]’ Explanation ’The token number is invalid. The command is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-TOKENTYPE [chars]: token [dec], old type:[dec], new:[dec] cmd:’[chars]’ Explanation ’The token type is invalid. The calling function, token number and token type is displayed in the message’ Recommended Action *SH_TECH* Manageability (MGBL) Messages PARSER Messages EM-1076 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-NVGEN-3-UNMATCHEDCOPTIONS [chars] Explanation ’Filter coption index is not zero. There could be unmatched coptions’ Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-3-WRMEM_ABORT Aborting update of startup configuration. [chars]. Explanation Failed to get the startup config file name or run out of space on disk or some other transient error. Recommended Action *SH_TECH* Error Message %MGBL-NVGEN-4-CONFIG_GEN_ERR Generation of configuration in ASCII format failed due to internal error. The file ’[chars]’ was not updated Explanation Generation of configuration in ASCII format has failed. During periodic backup operation this may lead to internal backup files not getting updated with recent config changes Recommended Action For a system initiated ascii generation please run ’show running cache refresh’ in SDR mode. Look for similar IOS messages for additional recommended actions. Collect the show logging output, console logs, tracebacks, show nvgen trace output, show runnning output, show config history and show tech-support sysdb. PARSER Messages Error Message %MGBL-PARSER-3-API_FAIL [chars]: [chars]: [chars] Explanation ’An API failed due to the mentioned error’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-BOGUS_HOOKPOINT Bogus hook point index [unsigned int] Explanation ’Bogus hook point’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages PARSER Messages EM-1077 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-BOGUS_LINKPOINT Bogus link point index [unsigned int], sub system:[chars], offset:[hex], mask:[hex] Explanation ’Bogus link point’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-BUFFER_OVERFLOW [chars] Explanation ’buffer overflow’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-CARD_MODULE_FROM_NODEID_FAILED Unable to get card number and module number from nodeid: ’[unsigned int]’ Error: ’[chars]’ Explanation Parser relies on invmger API to get card number and module number. But the API had failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-CREATETHREAD Failed to create parse thread: [chars] Explanation ’pthread_create() API failed due to mentioned error’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-ENV [chars]: The call to ovl_setup_env() failed Explanation ’Could not update environment variables due to the error’ Recommended Action *SH_TECH* Manageability (MGBL) Messages PARSER Messages EM-1078 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-ERR_GENERAL_ERR [chars]: [chars] Explanation ’Parser encountered error, see message for more details’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-ERR_SYSDB_BAG_DECODE bag decode error ([chars]) Explanation ’Failure to decode the bag.’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-ERR_SYSDB_GET sysdb_item_get of ’[chars]’: [chars] Explanation ’sysdb item get operation failed. The error is displyed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-ERR_SYSDB_STRING_ENCODE [chars] Explanation ’Sysdb path has string that has special character without sysdb_encode flag’ Recommended Action Collect the following details: 1. Command issued 2. show parser trace. 3. console logs. 4. If config is restored from file, then filename/contents. 5.If command failed at startup, show config trace and show config failed startup. Error Message %MGBL-PARSER-3-EXTRACT_FAILED [chars]:[dec]:[chars] Explanation Nodeid conversion API has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-EXTRACT_NODEID_FIELDS_FAILED Extracting rack/slot/module from ’[chars]’ failed Explanation Parser unable to get rack/slot/module field from path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages PARSER Messages EM-1079 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-INVALID_NOTIFICATION Unknown or unsupported ovl notification: [dec] Explanation ’parser_server got an invalid notification form ovl process’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-INVALID_PARSERFILE Invalid parser file: [chars] Explanation ’Invalid parser file’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-INVALIDDETAILS Invalid details pointer [hex] at offset [hex] tokentype [hex] in tree ’[chars]’ Explanation ’The offset to the token details structure is bogus’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-INVALIDINPUTFMT Input format(s) do not match output format in: ’[chars]’ Explanation ’The Number output format specification is not in the number input format specification, so we are writing a number that we probably cannot read back in’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-INVALIDOFFSET Invalid offset [hex] from offset [hex] in tree ’[chars]’ Explanation ’The offset into the parser tree file is bogus’ Recommended Action *SH_TECH* Manageability (MGBL) Messages PARSER Messages EM-1080 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-INVALIDRANGE Invalid [chars] range [unsigned int],[unsigned int] in tree ’[chars]’ Explanation ’The numerical range within the token details structures is invalid’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-INVALIDVERSION parser version is [dec].[dec] cannot handle version [dec].[dec] of command chain in component ’[chars]’.Please do Jam clean and build the image. Explanation ’The version of this file is too old or wrong’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-INVENTORY_DB_INTEGRITY_ERROR Duplicate entries in inventory db for ’[chars]’ Explanation Duplicate entries found in inventory database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-INVENTORY_DB_SIZE_INCREASE_FAILED Increasing inventory database size from ’[dec]’ to ’[dec]’ failed Explanation Inventory database size increase failed. Can happen only if memory is too low. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-INVENTORY_DB_SIZE_ZERO Inventory database size is Zero Explanation Inventory database size is zero. Can happen only if memory is too low. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages PARSER Messages EM-1081 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-INVENTORY_DESCRIPTION_NULL Description pointer is null Explanation Description string is null. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-INVENTORY_FIELD_IS_NULL ’[chars]’ is NULL Explanation Error in extracting rack/slot/module name from sysdb path. Recommended Action Restart parser_server process (process restart parser_server). If the message recurs, copy and save the message and call your technical support representative for assistance. Error Message %MGBL-PARSER-3-INVENTORY_FIELD_NOT_NUMBER ’[chars]’ is not a number Explanation Rack/slot/module are stored as sysdb path in inventory DB. They are essentially numbers. So either rack/slot/module are not numbers, or the path is incorrect. Recommended Action Restart parser_server process (process restart parser_server). If the message recurs, copy and save the message and call your technical support representative for assistance. Error Message %MGBL-PARSER-3-LOCK_ERR Failed lock operation ’[chars]’ during ’[chars]’. Error:[chars] Explanation A lock operation on shared resource, called by parser failed due to the mentioned error. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-MMAP mmap of file ’[chars]’ Explanation ’mmap of file’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages PARSER Messages EM-1082 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-NODE_CREATION_FAILED Unable to create nodeid for ([dec],[dec],[dec]): error:’[chars]’ Explanation Error in getting rack/slot/module numbers from system database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-NODEID_TO_STRING_ERROR Unable to convert nodeid:’[dec]’ to string Explanation Error in conversion routine. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-NOTIFICATION_PATH_NULL NULL notification path Explanation Parser received notification from NULL path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-OBJECT_NOT_FOUND_FOR_RANGE Unable to find the parser object ’[dec]’ which is used as range Explanation ’The range value was given as a parser object ,but object could not be found’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-OVERFLOW ’[chars]’ overflows ambig_line ’[chars]’ Explanation ’Help string overflows ambig_line’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages PARSER Messages EM-1083 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-RACK_TO_STR_FAILED [chars]:[dec]:[chars] Explanation Nodeid conversion API has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-REGEX_COMP_ERROR Regex compilation error:[dec] ’[chars]’ Explanation Regex compilation error has occured. The command line execution would either fail or would not show proper result. Recommended Action Restart parser_server process (process restart parser_server). If the message recurs, copy and save the message and call your technical support representative for assistance. Error Message %MGBL-PARSER-3-RIGHTARG Right arg([dec]) type unsupported: [dec] Explanation ’The test token has invalid right argument’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-SUBMODE [chars]: Can not find submode : [chars] Explanation ’The call to parser_submode_find failed to find submode. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-SYSDBOPERATION [chars]: sysdb_action: [chars] Explanation ’Unexpected error in sysdb call. The error is displayed in the message’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-TASKID_LIMIT Exceeded ’[unsigned int]’ of taskids in a command Explanation ’A command can have only MAX_TASKIDS_PER_COMMAND different taskids’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages PARSER Messages EM-1084 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-THREAD_LIMIT Failed to increase the maximum limit of management connections. An unexpected error has occured, error: ([dec]) [chars]. Explanation An unexpected error caused failure to increase the maximum limit of management connections to the device. This error would affect the user only if he tries to have the number of management connections above an approximate count of 25. Recommended Action Restart parser_server process (process restart parser_server). If the message recurs, copy and save the message and call your technical support representative for assistance. Error Message %MGBL-PARSER-3-TUPLEUNPACK [chars]: tuple_unpack_mask failed: ’[chars]’ Explanation ’sysdb tuple unmask operation failed. The sysdb string is displyed in the error message.’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-UNKNOWNTOKEN Unknown token type [hex] at offset [hex] in tree ’[chars]’ Explanation ’The parser token type is undefined in the specified tree’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-3-UNRESOLVED_HOOKPOINT Unresolved hookpoint ’[chars]’ at chain ’[chars]’ Explanation ’Unresolved hookpoint’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-PARSER-3-UNRESOLVED_LINKPOINT Failed to resolve linkpoint ’[chars]’ specified in chainname ’[chars]’ in ’[chars]’ file. Explanation ’Unresolved linkpoint’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages PM Messages EM-1085 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PARSER-3-UNSUPPORTEDARG [chars]: [chars]([dec]) is of unsuppored type: [dec] Explanation ’left/right argument is of unsupported type’ Recommended Action *SH_TECH* Error Message %MGBL-PARSER-7-ERR_LRD_EVENT LRd event failed: [chars] Error: ’[chars]’ Explanation Registration to LRd failed. Recommended Action Restart parser_server process after all cards come up. PM Messages Error Message %MGBL-PM-5-CHKPT [chars] : [chars] Explanation An error has occurred while doing a checkpointing operation. This may result in loss of old statistics data during process restart. Recommended Action No action is required. Error Message %MGBL-PM-5-ERR_MEM [chars] Explanation The system is running out of memory and was not able to allocate sufficient memory to carry out a collection operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %MGBL-PM-5-MEMORY_LIMITS [chars]:[chars] Explanation Perfmgmt server could not restore configured memory thresholds. Perfmgmt server will restore the defaults for memory limits. Recommended Action Reconfigure the memory thresholds via cli. Manageability (MGBL) Messages PM Messages EM-1086 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PM-5-TFTP [chars]:[chars]:[chars] Explanation An error has occurred while tftp dumping of the collected data from the pm collector process. This error could error due to various reasons below : a) No tftp server configure in pm configuration. b) TFTP Server is not reachable. c) TFTP Directory configured does not have write permissions. Recommended Action Try eliminating the reasons mentioned in explanation. Error Message %MGBL-PM-6-TFTP_DISABLED [chars] Explanation This is an informational message. Recommended Action No action is required. Error Message %MGBL-PM-6-TFTP_SEND [chars]:[chars] Explanation An informational alarm upon dumping of the collected data on to tftp server. Recommended Action No action is required. Error Message %MGBL-PM-6-THRESHOLD Entity:[chars], Id:[chars] - Attribute:[chars]: value:’[unsigned long long int]’ threshold: [chars], threshold-op:[chars] Explanation The Entity Instance has met a threshold condition. Recommended Action None Error Message %MGBL-PM-7-ERR_SYSDB [chars] : [chars] Explanation An error has occurred while doing a sysdb operation. See the message text for error details. Recommended Action No action is required. Error Message %MGBL-PM-7-INTERNAL [chars]: ’[dec]’ : [chars] Explanation The Collector has detected an internal error. Reason of the error is in the message itself. Some of the errors are self recovering. Recommended Action If you see any loss of functionality try restarting pm collector and pm server process. Manageability (MGBL) Messages RS232 Messages EM-1087 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-PM-7-WDSYSMON_ERROR [chars]: [hex]: [chars] Explanation A wdsysmon api call returned an error. This can happen when the state of a node is transitioning e.g. a line card is restarted or the node is not booted. The node id is given by the hexadecimal number after this message and is followed by a more specific error description of the cause of the failure. Recommended Action Bring the node up to IOS-XR running stage and then rerun the PM show command. The node’s info should be displayed after the next sample collection interval. If the PM collection for the node is not configured, configure it. RS232 Messages Error Message %MGBL-RS232-1-CONSOLE_SESSION_ANYWAY Trying to start unconfigured console session anyway. Explanation The RS232 DLL tried to apply a template to the console and failed, but we are attempting to start a session anyway to try and ensure that it’s possible to log onto the router from the console. This may mean it’s impossible to gain terminal access any other way (ie via telnet, ssh, etc). Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the *param* command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the *param* output, call your Cisco technical support representative and provide the representative with the gathered information. show running-config Error Message %MGBL-RS232-3-BAUD_RATE The RS232 driver encountered an error retrieving the baud rate for the console; default to a value of [unsigned int]: [hex] ’[chars]’. Explanation The console baud rate is retrieved from the configurate register. Problems were encounted during this operation. Recommended Action Check the default value that the system has resorted to and configure the terminal server to this speed. This will allow the console to be used to gain further diagnostics. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-3-CABLE_MONITOR_DISABLED Error in cable monitor thread. ’[chars]([dec])’. Please restart ’[chars]’ to enable this functionality. Explanation Failure in cable monitoring function. Since this functionality is not so important in console driver, any error in this thread will be reported through syslog and thread will retire. Errors are failure in malloc or pthread operation and if such basic functions fail, then it might mean system Manageability (MGBL) Messages RS232 Messages EM-1088 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 is in bad shape. So we’re not sure restarting this process will recover the situation. To avoid worst case -lose console/aux accessibility-, this process will remain without cable disconnect function. Operator might want to restart this process if this functionality is required in which this router is physically located, such as datacenter or co-location house. Recommended Action If you need cable monitor functionality, please restart the process to recover. Error Message %MGBL-RS232-3-KERNEL The RS232 driver encountered an error making a kernel call Explanation The RS232 driver has made a kernel call which is failing; it cannot proceed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-3-SESSION_DISCONNECT_FAILURE Failed to close the existing session because of ’[chars]’ (category:[dec] port:[dec] rc:[dec]). If session should be closed, please issue ’clear line’ command Explanation Failed to close session. Recommended Action If you want to close existing session, please run ’clear line’ command. Error Message %MGBL-RS232-3-SESSION_NOTIFICATION_ABORT Couldn’t acquire mutex to notify [chars] (category:[dec] port:[dec] rc:[dec]). If session should be closed, please issue ’clear line’ command Explanation Failed to notify line status change. Recommended Action If you want to close existing session, please run ’clear line’ command. Error Message %MGBL-RS232-3-TTY_NOT_REGISTERED The TTY is not registered with the TTY Server Explanation The RS232 DLL tried to perform an operation on a TTY that isn’t registered with the TTY Server. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages RS232 Messages EM-1089 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-RS232-4-API_LOCATE_ERROR Unable to find the desired details in a loaded DLL Explanation The RS232 DLL was unable find the details required from a DLL it had loaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-4-DLL_OPEN_ERROR The RS232 DLL was unable to open a DLL (errno: [dec]) Explanation The RS232 DLL was unable to open a DLL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-4-MAPPING_ERROR The RS232 DLL was unable map from a TTY ID to a UART port Explanation The RS232 DLL was unable map from a TTY ID to a UART port Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-4-MEM_ALLOC_ERROR Unable to allocate memory for TTY structures Explanation The RS232 DLL was unable allocate the necessary memory it required to hold details about the TTYs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-4-NO_PACKET_MODE Packet mode sessions are not yet supported on RS232 TTYs Explanation The TTY Server informed the RS232 DLL about a packet mode session, but we don’t yet support packet mode. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages RS232 Messages EM-1090 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-RS232-4-PDP_SET_ERROR The RS232 DLL was unable to set the persistant data path Explanation The RS232 DLL has failed to enable the persistant data path for a TTY. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-4-SESSION_SETUP_ERROR The RS232 DLL was unable to setup a session on a TTY Explanation The RS232 DLL has been unable to setup a session on a TTY Recommended Action Try performing a ’clear line’ on the relevent TTY. Error Message %MGBL-RS232-4-TEMPLATE_APPLY_ERROR The RS232 DLL encountered an error trying to apply a template. Explanation The RS232 DLL tried to apply a template to a TTY but failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-4-TEMPLATE_DEAPPLY_ERROR The RS232 DLL encountered an error trying to deapply a template. Explanation The RS232 DLL tried to deapply a template to a TTY but failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-RS232-6-DCD_DISCOVERED Discovered data carrier detect signal (category:[dec] port:[dec]) Explanation The RS232 driver discovered Data Carrier Detect signal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages S2681 Messages EM-1091 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-RS232-6-DCD_LOST Lost data carrier detect signal (category:[dec] port:[dec]). Existing session will be closed. Explanation The RS232 driver lost Data Carrier Detect signal. Process will close existing session. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. S2681 Messages Error Message %MGBL-S2681-3-COND_SIGNAL_ERROR Unable to signal on the status variable Explanation The S2681 UART driver was unable to signal that that status variable was ready to be read. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-INTERRUPT_UNMASK_ERROR Unable to unmask UART interrupt (error: [dec]) Explanation The S2681 UART driver has been unable to unmask the UART interrupt. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-IO_PERM_ERROR Unable to obtain permission to access UART (error: [dec]) Explanation The S2681 UART driver has been unable to gain the required permissions to access the UART. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages S2681 Messages EM-1092 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-S2681-3-MUTEX_LOCK_ERROR Unable to lock the UART (error: [dec]) Explanation The S2681 UART driver has been unable to lock access to the UART. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-MUTEX_UNLOCK_ERROR Unable to unlock the UART (error: [dec]) Explanation The S2681 UART driver has been unable to unlock access to the UART. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-SCHED_PRIORITY_ERROR Unable to raise the priority of the interrupt handler Explanation The S2681 UART driver was unable to raise the priority of the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-SCHEDPARAM_ERROR Unable to set the parameters for the interrupt handler Explanation The S2681 UART driver was unable to set the parameters of the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-SCHEDPOLICY_ERROR Unable to set scheduling policy for the interrupt handler. Explanation The S2681 UART driver was unable to set the scheduling policy for the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SCHBRO Messages EM-1093 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-S2681-3-STATUS_MUTEX_LOCK_ERROR Unable to lock the status variable. Explanation The S2681 UART driver was unable to lock the status variable for the interrupt thread. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-STATUS_MUTEX_UNLOCK_ERROR Unable to unlock the status variable. Explanation The S2681 UART driver was unable to unlock the status variable for the interrupt thread. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-3-THREAD_CREATE_ERROR Unable to create the interrupt handler thread. Explanation The S2681 UART driver was unable to create a thread for the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-S2681-6-STAT_CREATE_ERROR Unable to create statistics file ([dec]). Explanation The S2681 UART driver was unable to create a file to store statistics. Show statistics command would fail. We can still see the statistics content from core file. Recommended Action No action is required. SCHBRO Messages Error Message %MGBL-SCHBRO-7-ARRAYTOOBIG [xml-schema] Unable to handle the large number of elements in data array Explanation The number of elements entered by user in an array are more than this application is designed to handle. Recommended Action * RECUR * Manageability (MGBL) Messages SCHBRO Messages EM-1094 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SCHBRO-7-AUTHENTICATE [xml-schema] [chars]%s: [chars] Explanation An error occurred invoking an AAA function. The details are in the error string Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-BADCLASS [xml-schema] Invalid class name - [chars] Explanation An invalid class name was entered either by itself or as part of a hierarchy string. Recommended Action Use the classinfo command to get more information about available class names. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-BADFORMAT [xml-schema] Badly formatted [chars] Explanation The command entered is badly formatted. Recommended Action Re-enter the command. (Use the help command to find valid entry formats.) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-BADHRCHY [xml-schema] Invalid hierarchy - [chars] Explanation An invalid hierarchy was entered by the user. Recommended Action Use the ’children’ command to progressively find out the correct hierarchy string. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-BADOPTION [xml-schema] Invalid option - [chars] Explanation The command option is invalid Recommended Action Re-enter the command. (Use the help command to find valid options.) If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SCHBRO Messages EM-1095 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SCHBRO-7-BIND [xml-schema] Could not bind to the MDA: [chars]. XML schema browser cannot carry out any operations. XML agent (either corba or tty) needs to be configured to execute XML schema browser - try quitting and restarting it after configuring ’xml agent (corba|tty)’ Explanation XML schema browser was unable to bind to MDA. It is possible that there is a problem with MDA or the Schema Server, or the communication infrastructure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-DATAARRAYLENGTH [xml-schema] Too little or too much [chars] provided for class [chars] Explanation The number of elements entered for a data array does not match the expected value. Recommended Action Use the classinfo command to get more information about the naming or value information of a class. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-DATAARRAYTYPE [xml-schema] Invalid [chars] entered for class [chars] Explanation The datatypes entered in a data array do not match the the expected datatypes. Recommended Action Use the classinfo command to get more information about the naming or value information of a class. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-ERR_MEM_ALLOC [xml-schema] Not enough memory Explanation XML schema browser was unable to allocate enough memory required to process the command Recommended Action Memory on the box must be running low - are there services that can be stopped, or can more memory be added. Manageability (MGBL) Messages SCHBRO Messages EM-1096 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SCHBRO-7-EXCESS [xml-schema] Excess tokens in command string Explanation There were more tokens entered as part of the command string than are required for the command. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-FILEOPEN [xml-schema] The specified file ([chars]) could not be opened for [chars] Explanation The file specified for reading instructions from, or writing output to, when XML schema browser was started, cannot be found. The most probable reason is that an incorrect name or path was supplied. Recommended Action Check that the file name sor path upplied was correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-FILEREAD [xml-schema] Unable to read from command file Explanation An error occurred during a read operation from the instruction file. Recommended Action Check that the file format is correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-FINDDATA [xml-schema] While executing the walk data or walkdata_next request, the following error occured: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SCHBRO Messages EM-1097 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SCHBRO-7-GET [xml-schema] While fetching object [chars] the following error occurred: [chars] Explanation An error occurred invoking an MDA function. This could be because the object to fetch does not exist. The details are in the error string. Recommended Action Check that the requested object exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-INTERNAL [xml-schema] [chars]%s: [chars] Explanation The code has performed an action which should not be possible. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-LIST [xml-schema] While executing the list request the following error occurred: [chars] Explanation An error occurred invoking an MDA function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-MISMATCH [xml-schema] Mismatched quotes or brackets in command Explanation An unmatched ’’’ or ’{’ character was found part way through a token in a command string. Recommended Action Re-enter the command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SCHEMA Messages EM-1098 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SCHBRO-7-NOTLEAF [xml-schema] Class [chars] is not a leaf Explanation The entered class name is not a leaf class, as is expected by the command. Recommended Action Use the classinfo command to get more information about available class names. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-READERINIT [xml-schema] Unable to initialize the command line reader Explanation An error occurred while preparing to read instructions from the command line. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCHBRO-7-UNKCMD [xml-schema] No such command - [chars] Type help or ? for a list of available commands Explanation The first token in a command string was not a recognised XML schema browser command. Recommended Action Check the list of available commands and retry. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SCHEMA Messages Error Message %MGBL-SCHEMA-6-VERSIONCHANGE A schema version change has occurred due to the [chars] of schema file ’[chars]’. Any management applications which use the schema may wish to update to the appropriate schema version. Explanation The version of some part(s) of the schema which are running on the router have changed - this is an informational message to let any users of the schema know of the change. Recommended Action No action is required. Manageability (MGBL) Messages SCONBKUP Messages EM-1099 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SCHEMA-7-INTERNAL The schema infrastructure has encountered an error. [chars] Explanation An internal error has occurred in the schema server or library. Some management functions may not operate correctly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SCONBKUP Messages Error Message %MGBL-SCONBKUP-3-INTERNAL_FATAL [chars] [dec]: [chars] Explanation Restarting the process as it is not in a recoverable state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCONBKUP-7-INTERNAL_ERR [chars] [dec]: [chars] Explanation Error encountered while Backing up the ASCII System Configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SCONBKUP-7-RELOAD_REPLY_ERR Reload([dec]) fail to reply to svr Sconbkup on [chars] [chars]. Error([dec]): [chars]. Explanation Error encountered while replying message during ASCII System Configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages ST16550 Messages EM-1100 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SCONBKUP-7-REPLY_ERR Sconbkup([dec]) fail to reply to Reload([dec]) on [chars] [chars]. Error([dec]): [chars]. Explanation Error encountered while replying message during ASCII System Configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ST16550 Messages Error Message %MGBL-ST16550-3-INTERRUPT_UNMASK_ERROR Unable to unmask UART interrupt (error: [dec]) Explanation The ST16550 UART driver has been unable to unmask the UART interrupt. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-IO_PERM_ERROR Unable to obtain permission to access UART (error: [dec]) Explanation The ST16550 UART driver has been unable to gain the required permissions to access the UART. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-MUTEX_LOCK_ERROR Unable to lock the UART (error: [dec]) Explanation The ST16550 UART driver has been unable to lock access to the UART. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages ST16550 Messages EM-1101 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-ST16550-3-MUTEX_UNLOCK_ERROR Unable to unlock the UART (error: [dec]) Explanation The ST16550 UART driver has been unable to unlock access to the UART. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-SCHED_PRIORITY_ERROR Unable to raise the priority of the interrupt handler Explanation The ST16550 UART driver was unable to raise the priority of the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-SCHEDPARAM_ERROR Unable to set the parameters for the interrupt handler Explanation The ST16550 UART driver was unable to set the parameters of the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-SCHEDPOLICY_ERROR Unable to set scheduling policy for the interrupt handler. Explanation The ST16550 UART driver was unable to set the scheduling policy for the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages ST16550 Messages EM-1102 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-ST16550-3-SEM_ERROR Unable to perform ’[chars]’ operation on semaphore ([chars]). Explanation The ST16550 UART driver was unable to perform semaphore operation for interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-STATUS_MUTEX_LOCK_ERROR Unable to lock the status variable. Explanation The ST16550 UART driver was unable to lock the status variable for the interrupt thread. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-STATUS_MUTEX_UNLOCK_ERROR Unable to unlock the status variable. Explanation The ST16550 UART driver was unable to unlock the status variable for the interrupt thread. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-3-THREAD_CREATE_ERROR Unable to create the interrupt handler thread. Explanation The ST16550 UART driver was unable to create a thread for the interrupt handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-ST16550-6-STAT_CREATE_ERROR Unable to create statistics file ([dec]). Explanation The ST16550 UART driver was unable to create a file to store statistics. Show statistics command would fail. We can still see the statistics content from core file. Recommended Action No action is required.Manageability (MGBL) Messages STATSD Messages EM-1103 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 STATSD Messages Error Message %MGBL-STATSD-3-EVENT_BLOCK An error occurred while handling an event: [chars] Explanation The event handling function returned an error which could not be handled Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-STATSD-3-LTRACE_INIT Failed to initialise tracing for Stats library: [chars] Explanation The infrastructure for tracing returned an error. Recommended Action Some Stats tracing will not be available for this process, which will make triage of any Stats problems more difficult. There is otherwise no detrimental effect to this process. Error Message %MGBL-STATSD-3-REGISTRATION_FAILED Registration of a stats collector failed - [chars] Explanation Registration of a stats collector with stats server failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-STATSD-3-SHMEM_CORRUPTED Stats shared memory window has become corrupted. [chars] Explanation In certain unlikely scenarios it is possible that during a process restart the shared memory region used by the stats infrastructure can become corrupted. In most cases this will automatically be recovered from, however there is a possibility that the system will not be able to recover from this - The specific instance of the message will indicate which of these cases has arisen. If the system is unable to restart all necessary processes then multiple process crashes/blockages may be observed. In either case, reported statistics may be reset or inaccurate. Recommended Action In the recovery case, processes should restart automatically and the system should recover so no user intervention should be required. If we are unable to automatically recover, then either the node should be reloaded, or support contacted. Manageability (MGBL) Messages SYS Messages EM-1104 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-STATSD-3-SHMEM_LOCK Failed to lock shared memory mutex: [chars] Explanation A failure occurred when attempting to acquire a shared memory lock Recommended Action This message probably indicates an error elsewhere in the system as some other process must be holding the lock. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SYS Messages Error Message %MGBL-SYS-3-ALREADY_THREADED_MSG [chars]: Attempt to re-add a node to a tree Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-COMPARE_ALREADY_SET [chars]: Compare already set for thread : [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-FTRUNCATE ftruncate of [chars] at failed because [chars] Explanation The packet subsystem was not able to initialize memory. Recommended Action The router will not start properly with this condition. ’ ’Call your technical support representative for assistance. Error Message %MGBL-SYS-3-ILLEGAL_THREAD [chars]: Illegal thread for this wavl : [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SYS Messages EM-1105 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SYS-3-MALLOCFAIL Memory allocation of [dec] bytes failed from [hex], pool [chars], alignment [dec] Explanation The requested memory allocation is not available from the specified memory pool. The current system configuration, network environment, or possibly a software error might have exhausted or fragmented the router’s memory. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %MGBL-SYS-3-MMAPFAIL mmap of [chars] at failed; errno ([dec]) [chars] Explanation The packet subsystem was not able to initialize memory. Recommended Action The router will not start properly with this condition. ’ ’Call your technical support representative for assistance. Error Message %MGBL-SYS-3-MMAPSHIFT mmap of [chars] at failed, returned address [hex] is, expected [hex] Explanation The packet subsystem was not able to initialize memory. Recommended Action The router will not start properly with this condition. ’ ’Call your technical support representative for assistance. Error Message %MGBL-SYS-3-MUTEX_OP_FAILED [chars]: Mutex op [chars] failed on mutex [chars]: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %MGBL-SYS-3-NODE_DEL_FAILED [chars]: failure to delete a node Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SYS Messages EM-1106 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SYS-3-NOMEMORY No memory available for [chars] [dec] Explanation An operation could not be accomplished because of a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %MGBL-SYS-3-NOT_THREADED_MSG [chars]: Attempt to remove an unthreaded node from a tree Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-NULL_HANDLE_MSG [chars]: Received a NULL handle Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-NULLREG NULL registry Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-REG_UNKNOWN_TYPE Unknown registry type ([dec]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SYS Messages EM-1107 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SYS-3-RN_ASC_DESC Tried to ascend in descend loop Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-RN_DELINK_INODE Attempt to delink inode with 2 decendents [pointer] ([dec], [hex], [pointer], [pointer]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-RN_NDESC Node [pointer] ([dec]) has no descendents ([hex]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-RN_PRNT_LINK Parent not linked to inode ([pointer], [pointer], [pointer], [pointer]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-RN_VPARENT Unable to find virtual node parent for [pointer] ([dec], [hex], [pointer], [pointer]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages SYS Messages EM-1108 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SYS-3-ROOT_ALREADY_SET [chars]: Root already set for thread : [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-SHMOPENFAIL shm_open of [chars] at failed because [chars] Explanation The packet subsystem was not able to initialize memory. Recommended Action The router will not start properly with this condition. ’ ’Call your technical support representative for assistance. Error Message %MGBL-SYS-3-THREAD_NOT_EXIST [chars]: Thread [dec] does not exist Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-3-UNINIT_MSG [chars]: Attempt to reference an uninitialized wavl tree Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-SYS-5-CONFIG_I Configured from [chars] by [chars] Explanation The routers’s configuration was changed. Recommended Action ’No action is required.’ Manageability (MGBL) Messages TTY_CONNECT Messages EM-1109 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-SYS-5-TABLEERR [chars] table [chars] damaged: [chars] Explanation An internal table entry became corrupted. Recommended Action Copy the message exactly as it appears, and report it your technical support representative. TTY_CONNECT Messages Error Message %MGBL-TTY_CONNECT-2-UNLOCKING Error releasing an internal lock ([dec]) - process aborting Explanation The TTY Connection library encountered an unexpected error releasing a lock. To avoid the potential for deadlock the process is aborting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY_CONNECT-3-INTERNAL An unexpected internal error occurred ([hex], ’[chars]’) Explanation The TTY Connection library encountered an unexpected error during normal operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %MGBL-TTY_CONNECT-3-LOCKING Error acquiring an internal lock ([dec]) Explanation The TTY Connection library encountered an unexpected error occurred acquiring a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY_CONNECT-3-MEMORY Failed to allocate [dec] bytes of memory Explanation The TTY Connection library has failed to acquire the required amount of memory Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Manageability (MGBL) Messages TTY_DB Messages EM-1110 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY_CONNECT-7-LWM An error ([dec]) occurred performing the following messaging operation: [chars] Explanation The TTY Connection library encountered an unexpected error whilst communicating with the TTY Server. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* TTY_DB Messages Error Message %MGBL-TTY_DB-2-PANIC The TTY DB library has encountered a critical error and must restart the process. Explanation A critical internal error has ocurred which requires the process to restart. For example if a lock cannot be released then the process is restarted to avoid deadlock. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY_DB-3-KERNEL_ERROR Kernel operation failed unexpectedly: [chars] ([dec]) Explanation A system library call failed unexpectedly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. TTY Messages Error Message %MGBL-TTY-0-ISSU_STDBY_CON_AVAILABLE STANDBY Console is now available ([chars]) [hex], ’[chars]’ Explanation ’Standby Console available during ISSU Load Exec and Load Done Phase’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages TTY Messages EM-1111 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-2-FATAL Fatal condition detected. TTY Server is restarting Explanation The TTY Server has encountered a fatal error and must restart in order to continue operation. Recommended Action Check to ensure that the TTY Server has restarted. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-2-PHASE2_FATAL Failed to complete phase 2 initialization: [hex], ’[chars]’ Explanation The TTY Server has failed to complete phase 2 initialization. For this instance of the server the failure is fatal; without the services that were being initialized the code will not be able to function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-ACCESS_CHECK Access checks for requested connections cannot proceed. TTY-Server restart required Explanation The TTY Server previously encountered an unexpected error whilst applying access configuration changes to a TTY. As a result it cannot allow future connection requests to be authorized. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-ACL Unexpected ACL error encountered: [hex], ’[chars]’ Explanation The TTY Server has encountered an error using the IPV4 ACL Library. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Manageability (MGBL) Messages TTY Messages EM-1112 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-3-CLOSE_DEVICE Failed to close file descriptor [dec]: ’[chars]’ Explanation Failed to close a file descriptor inheritited from the spawning process so that the appropriate device files can be reopened for exec to read/write. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-ENV_VARS Failed to set the process’ environment: [hex], ’[chars]’ Explanation Some instances of exec require the environment to be set up before exec initializes. The process which execs ’exec’ has failed to do this. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-EXEC exec of ’[chars]’ failed: [unsigned int], ’[chars]’ Explanation The Exec launcher failed to exec ’exec’. This could be due to an error picking up the load path from install manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-INTERNAL Unexpected internal error encountered: [hex], ’[chars]’ Explanation The TTY Server has either failed on a function which it expected to succeed, or has got itself into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-ISSU_NFN_REG_FAIL Failed to register for ISSU on STANDBY ([chars]), [hex], ’[chars]’ Explanation Failed to register for ISSU Intsall notification registration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages TTY Messages EM-1113 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-3-KERNEL Unexpected internal error encountered ’[chars]’ Explanation The TTY Server has encountered an unexpected error while using the system library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-MEMORY Failed to allocate [dec] bytes of memory Explanation The server has failed to acquire the required amount of memory Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %MGBL-TTY-3-MGMT_HOST_IP_ERROR Error getting host’s IP address. Explanation The show line command was unable to get the host IP address. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-MGMT_NO_ATTR No attribute provided. Explanation No attrbiute name was provide to the TTY Management terminal command process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-MGMT_NO_FEATURE No feature provided. Explanation No feature name was provide to the TTY Management terminal command process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages TTY Messages EM-1114 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-3-MGMT_NOT_ENOUGH_VALUES Not enough command line values supplied. Explanation The TTY Management Commands Process has been supplied with less values on the command line than it was expecting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-MGMT_TOO_MANY_VALUES Too many command line values supplied. Explanation The TTY Management Commands Process has been supplied with more values on the command line than it was expecting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-MGMT_TTY_DETAILS_ERROR Error getting TTY details Explanation The show line command was unable to get details about the mnemonic for the TTY. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-MGMT_UNEXPECTED Unexpected error: ’[chars]’ Explanation The TTY Management Commands Process has encountered an unexpected error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-OPEN_OR_DUP_DEVICE Failed to [chars] device file ’[chars]’: ’[chars]’ Explanation Failed to open or duplicate the device file that exec requires for read/write operations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages TTY Messages EM-1115 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-3-PACKET Unexpected packet error encountered Explanation The TTY Server has encountered an error using the Packet Library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-PHASE2_NON_FATAL Failed to complete phase 2 initialization: [hex], ’[chars]’. Explanation The TTY Server has failed to complete phase 2 initialization. For this instance of the server the failure is not fatal; some services are still available, in particular if the aux port is running ksh then this should still be running unimpacted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-SET_PROCESS_GROUP Failed to set ’[chars]’ as the controlling terminal for the process: ’[chars]’ Explanation Failed to set the specified device as the controlling terminal for the process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-SYSDB Unexpected SysDB error encountered: [hex], ’[chars]’ Explanation The TTY Server has encountered an error using the SysDB Library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-3-SYSDB_BIND_ERROR Error binding to SysDB. Explanation The show line command was unable to bind to SysDB to retrieve the information required. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages TTY Messages EM-1116 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-3-VERIFYD_EXIT Process exit with error ’[chars]’, rc equals [dec] Explanation tty_verifyd exit with failure. TTY related configuration might have not applied. Recommended Action Please check the configuration and reapply if required. Error Message %MGBL-TTY-3-WAIT_ON_SIGNAL An error occured while waiting for a signal: [hex], ’[chars]’ Explanation The exec launcher waits on a signal from the TTY server before continuing. The signal was not successfully received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-6-FILE_OPER Error encountered while opening fpd lock file ’[chars]’ Explanation The TTY Server has encountered an error while opening FPD lock file. Devc-conaux has no issue to run, but FPD warning message will not be printed on AUX port during FPD upgrade. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-6-ISSU_NFN_REG Registration for ISSU notification on STANDBY ([chars]), [hex], ’[chars]’ Successful Explanation Register for ISSU Intsall notification on standby. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-6-PHASE2_RETRY Timeout in phase 2 initialization([chars]) [dec]([chars]) Explanation The TTY Server found error in part of phase 2 initialization. Server is set not-to-restart, so retry. in particular if the aux port is running ksh then this should still be running unimpacted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages TTY Messages EM-1117 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-6-SESSION_STARTUP Skip detailed routine and proceed([chars]) [dec]([chars]) Explanation The TTY Session startup found some error. Error is ignored and console will be activated. Recommended Action No action is required. Error Message %MGBL-TTY-6-SYSDB_INTERN Unexpected internal error encountered:’[chars]’ [hex], ’[chars]’ Explanation TTY Server is trying to access Sysdb-mc and an error [no members in group] is retured from Sysdb-mc to all the Clients. This is a generic issue with all the admin band processes which comes up earlier than sysdb svrs will have to attempt the reconnect to sysdb with ECM retry. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-7-CERRNO Failed to register the TTY error codes: [hex], ’[chars]’ Explanation The TTY Server has failed to register the TTY error codes with the error subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-7-GET_CLINFO_FAILED Failed to obtain the clinfo of the given server handle: [hex], [hex], ’[chars]’ Explanation Matching clinfo couldnot be obtained for the given server handle. Recommended Action Debug message only. No action is required. Error Message %MGBL-TTY-7-INVALID_PULSE TTY Invalid pulse recvd! sender:[chars] ([dec]) recvr:[chars] ([dec]) EvPcode: [dec] DevCtlPcode: [dec] EvPload: [dec] Node [hex] SerHdl: [hex] [hex], ’[chars]’ Explanation This is due to either of the following reasons. First, TTY Server recieves an invalid pulse code. Or the send process is not tty server. This message added to capture maximum debug information to dig this issue further. Recommended Action Debug message only. No action is required. Manageability (MGBL) Messages TTY Messages EM-1118 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-7-INVALID_SRVR_HANDLE TTY device control pulse received with invalid server handle: [hex], ’[chars]’ Explanation This may be due to corruption in Event structure. Recommended Action Debug message only. No action is required. Error Message %MGBL-TTY-7-ISSU_LOAD_DONE ISSU Notification recieved for Load Done phase ([chars]) Explanation ’ISSU install notification message for LOAD DONE Phase recieved’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-7-ISSU_LOAD_EXEC ISSU Notification recieved for Load-Exec (or Load and EXEC) phase ([chars]) Explanation ’ISSU install notification message for LOAD EXEC Phase recieved’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-7-MGMT_STATE Failed to update TTY general state in SysDB: [hex], ’[chars]’ Explanation The TTY server tried to update the TTY’s state in SysDB and failed to do so. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-TTY-7-MGMT_TTY_ATTR_EXTRACT_ERROR Couldn’t extract TTY attribute (type equals [dec],name equals [[chars]]) Explanation The show line command was unable to extract attribute for the TTY. Recommended Action Debug message only. No action is required. Manageability (MGBL) Messages VTY Messages EM-1119 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-TTY-7-SESSION_STARTUP_OK [chars] Explanation Debug message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VTY Messages Error Message %MGBL-VTY-2-PANIC Critical error - restarting process. Explanation A critical internal error has ocurred which requires the process to restart. For example if a lock cannot be released then the process is restarted to avoid deadlock. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-VTY-3-CONTROL Error performing device control operation ’[chars]’: [hex], ’[chars]’ Explanation An unexpected error occurred when the VTY Device DLL asked the TTY Server to perform a control operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* *SUPPORT* Error Message %MGBL-VTY-3-DATA_PATH Error performing TTY Data Path operation ’[chars]’: [hex], ’[chars]’ Explanation An unexpected error occurred when the VTY Device DLL asked the TTY Server to perform a Data Path operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *SUPPORT* Manageability (MGBL) Messages VTY Messages EM-1120 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-VTY-3-DB Error performing TTY DB operation ’[chars]’: [hex], ’[chars]’ Explanation An unexpected error occurred whilst the VTY Device DLL was using the TTY DB library. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* *SUPPORT* Error Message %MGBL-VTY-3-MEM Failed to allocate [dec] bytes of memory for object ’[chars]’ Explanation The VTY DLL has failed to acquire the required amount of memory Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %MGBL-VTY-3-OPERATION Unsupported or invalid operation request: [chars] Explanation The TTY Server has asked the VTY DLL to perform an unexpected or incorrectly defined operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-VTY-3-POOL_APPLY_FAILURE Error performing vty-pool operation [dec]([chars]) ’[chars]’ [chars] will restart to recover Explanation An unexpected error occurred when process was trying to apply vty-pool configuration. Process will abort to take process core file then restart to recover. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* *SUPPORT* Error Message %MGBL-VTY-3-REGISTRATION Error performing TTY registration operation ’[chars]’: [hex], ’[chars]’ Explanation An unexpected error occurred when the VTY Device DLL asked the TTY Server to perform a TTY management operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* *SUPPORT* Manageability (MGBL) Messages VTY Messages EM-1121 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-VTY-3-SESSION Error performing TTY session operation ’[chars]’: [hex], ’[chars]’ Explanation An unexpected error occurred when the VTY Device DLL asked the TTY Server to perform a session operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* *SUPPORT* Error Message %MGBL-VTY-3-SYSDB Error performing SysDB operation ’[chars]’: [hex], ’[chars]’ Explanation An unexpected error occurred when the VTY Device DLL interacted with the SysDB client library. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* *SUPPORT* Error Message %MGBL-VTY-3-SYSTEM_LIB_ERROR System library operation failed unexpectedly: [chars] ([dec]) Explanation A system library call failed unexpectedly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-VTY-3-TTY_MANAGEMENT Error performing TTY Management operation ’[chars]’: [hex], ’[chars]’ Explanation An unexpected error occurred when the VTY Device DLL interacted with the TTY Management library Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* *SUPPORT* Error Message %MGBL-VTY-6-COMMAND_LINE_ARGS Unexpected initialization arguments Explanation Command line arguments were passed to the VTY Device DLL when it was initialized. It does not expect to be passed any arguments. Recommended Action No action is required. Manageability (MGBL) Messages XML_INFRA Messages EM-1122 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-VTY-6-SYSDB_TIMEOUT_SET Couldn’t extend SysDB timeout ’[chars]’ Explanation Couldn’t extend timeout value for ’vty-pool’ config. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the *param* command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the *param* output, call your Cisco technical support representative and provide the representative with the gathered information. *SUPPORT* *SH_TECH* Error Message %MGBL-VTY-7-SYSDB_BULKING Error calling [chars] for ’[chars]’ sysdb connection: [hex], ’[chars]’ ([chars]) Explanation An unexpected error occurred when interacting with SysDB’s bulking API. Recommended Action Debug message only. No action is required. *RECUR* XML_INFRA Messages Error Message %MGBL-XML_INFRA-7-INIT_ERR [chars]. Error : [chars] Explanation There is a problem with the system infrastructure - perhaps the communication infrastructure has not yet stabilized. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-XML_INFRA-7-INTERNAL [chars] Explanation The XML Service Library has detected an internal error. As a result, the XML operation that was requested has not been completely carried out. Recommended Action Repeat the XML operation, transient errors should have passed, and in all likelihood, this operation will go through. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Manageability (MGBL) Messages XML_TTY Messages EM-1123 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 XML_TTY Messages Error Message %MGBL-XML_TTY-7-INTERNAL [chars] Explanation An internal error has occurred in the XML TTY Agent. Some XML requests (over TTY) may not be able to complete correctly. Recommended Action Retry the XML request that had the error. Transient conditions should have passed, and in all likelihood, this request will go through. If not, close this TTY session, and restart a new TTY session. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-XML_TTY-7-LOGIN [chars] Explanation An internal error has occurred in the XML Dedicated Agent. The logint authentication (over dedicated) may not be able to complete correctly. Recommended Action Retry the XML request that had the error. Transient conditions should have passed, and in all likelihood, this request will go through. If not, close this TTY session, and start a new TTY session. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %MGBL-XML_TTY-7-SSLINIT [chars] Explanation An internal error has occurred in the XML SSL Agent. SSL library initialization may not be able to complete correctly. Recommended Action Retry the XML request that had the error. Transient conditions should have passed, and in all likelihood, this request will go through. If not, close this TTY session, and restart a new TTY session. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Manageability (MGBL) Messages XML_TTY Messages EM-1124 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %MGBL-XML_TTY-7-TRANSPORT [chars] Explanation The XML TTY Agent encountered a problem when interacting with the device file. This may be due to a problem with the infrastructure Recommended Action Retry the XML request. Any transient conditions should have passed, and in all likelihood, the request will go through. If not, it may help to close the current TTY session and restart another. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.EM-1125 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Operating System (OS) Messages This section contains all Operating System(OS) and OS infrastructure related System Error Messages. action Messages Error Message %OS-action-3-BISTATE_MSG State has changed Explanation This is a test message for action-bistate message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-action-3-NONE_MSG Invoking action ’none’ message Explanation This is a test message for action-none message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-action-3-PEG1MSG Invoking action ’peg’ message Explanation This is a test message for action-peg message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages ALARM_TEST Messages EM-1126 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-action-3-PEG2MSG Invoking action ’peg’ message Explanation This is a test message for action-peg message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-action-3-RESET_MSG Invoking action ’reset’ message Explanation This is a test message for action-reset message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-action-3-RESTART_MSG Invoking action ’restart’ message Explanation This is a test message for action-restart message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-action-3-TESTMSG Invoking a test message [chars] Explanation This is a test message for ios error message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ALARM_TEST Messages Error Message %OS-ALARM_TEST-3-ALARM_GENERATE [chars] alarm generated [[unsigned int] [chars] alarms generated so far]: [chars] Explanation Autogenerated alarm Recommended Action No action is required.Operating System (OS) Messages ALLOCATOR Messages EM-1127 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ALLOCATOR Messages Error Message %OS-ALLOCATOR-3-LTRACE_INIT_FAILED ltrace_init failed with retcode [dec], ([chars]) Explanation Ltrace initialization failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ALLOCATOR-7-LOCKING Failed to [chars] [chars]. Error [dec] ([chars]) Explanation The allocator module has either failed to acquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ALLOCATOR-7-MEMORY Failed to malloc [unsigned int] bytes Explanation The allocator module has failed to acquire the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ALLOCATOR-7-NULL A NULL argument was passed into an allocator API where a non-NULL value was expected. Explanation A client passed a NULL value into an allocator API, or an internal error caused a NULL value to be unexpectedly passed through to an internal API. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages ARBMGR Messages EM-1128 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-ALLOCATOR-7-SIZE_MISMATCH Mismatch between block size discovered in pool memory ([unsigned int]) and block size specified by client ([unsigned int]) Explanation The block size in the memory passed into the allocator module does not match that passed in by the caller on initialisation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ARBMGR Messages Error Message %OS-ARBMGR-4-INIT_ERROR Unexpected init error: [chars]: [chars]: [hex] Explanation An unexpected init error condition encountered. Recommended Action Collect system log information. No action is required. Error Message %OS-ARBMGR-4-MBI_BOOT_HOLD MBI Boot Hold delay of [dec] seconds done to allow other RP to become active due to multiple ungraceful resets on this RP. Explanation An MBI boot hold has been introduced to allow the other RP to boot first to give it the opportunity to become the active RP. This is because this RP has had multiple ungraceful resets in the last two hours which could be preventing the router from being stable. Recommended Action Collect system log information. Error Message %OS-ARBMGR-7-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required.Operating System (OS) Messages ATC_CACHE Messages EM-1129 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ATC_CACHE Messages Error Message %OS-ATC_CACHE-3-ERROR Operation [chars] failed : [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ATC_LIB Messages Error Message %OS-ATC_LIB-3-CLASS_CACHE_CREATE_FAIL Unable to create class cache entry for class [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ATC_LIB-3-ERROR Operation [chars] failed : [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ATTRACTOR Messages Error Message %OS-ATTRACTOR-3-ERROR Operation [chars] failed : [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages AVPAIR Messages EM-1130 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-ATTRACTOR-6-INFO [chars] [chars] Explanation Information associated with current attractor process state Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. AVPAIR Messages Error Message %OS-AVPAIR-6-ADD_FAIL [chars]: avpair_add failure on avlist [hex]. Explanation avpair_add failed while unpacking the Posix message into avlist Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-AVPAIR-6-BUFFER_TOO_SMALL [chars]: need [dec] bytes, only have [dec] in buffer, msg dropped. Explanation avpair API fails because the buffer is too small. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-AVPAIR-6-ERR_BAD_AVLIST [chars]: Attempt to use uninitialized avlist [hex]. Explanation An illegal attempt to use an uninitialized avpair list Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-AVPAIR-6-ERR_BAD_LIST [chars]: Attempt to re-initialize list [chars] failed Explanation An illegal attempt to reinitialize an avpair list Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages BANNER Messages EM-1131 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 BANNER Messages Error Message %OS-BANNER-3-CERR_REGISTER_FAILED Error code registration failed: [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-BANNER-3-CONFIG_INIT_FAILED Banner config initialization failed: [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-BANNER-3-EVENT_BLOCK_ERROR Event block dispatch error: [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-BANNER-3-EVENT_MGR_CREATE_FAILED [chars]: event manager creation failed: [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-BANNER-3-SYSMGR_CALL System manager call [chars] failed: [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages BCDL Messages EM-1132 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-BANNER-7-SYSDB_BIND_FAILURE Failed to bind to sysdb path [chars]: [chars] Explanation Error binding to sysdb path Recommended Action Copy the message exactly as it appears, andreport it your technical support representative. Error Message %OS-BANNER-7-SYSDB_REGISTRATION_FAILURE Failed to register for sysdb path [chars]: [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-BANNER-7-SYSDB_UNREGISTRATION_FAILURE Failed to unregister for sysdb path [chars]: [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-BANNER-7-UNKNOWNCARD The cardtype [dec] is unknown to us Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BCDL Messages Error Message %OS-BCDL-3-MSG_AGENT_USAGE usage: [chars] -p producer_base_name [-t r] Explanation Incorrect command line arguments were given to the module Recommended Action Contact support. Operating System (OS) Messages BCDL Messages EM-1133 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-BCDL-3-MSG_BASE_NAME The plug-in base name: [chars] is longer than [dec] bytes Explanation The name could not be used. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_DEBUG_INIT Unable to initialize debug capabilities: [chars] failed: [chars] Explanation The program cannot initialize its debug capabilities. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_DEBUG_INIT Unable to initialize debug capabilities: [chars] failed: [chars] Explanation The program cannot initialize its debug capabilities. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_DEBUG_SERVICES debug services function [chars] failed Explanation A call to a debug services interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_DEBUG_SERVICES debug services function [chars] failed Explanation A call to a debug services interface failed. Recommended Action Contact support. Operating System (OS) Messages BCDL Messages EM-1134 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-BCDL-3-MSG_DLL_OPEN The plug-in dll: [chars] could not be loaded: [chars] Explanation The interface library is not availble. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_DLSYM The plug-in dll symbol [chars] could not be found: [chars] Explanation The interface library is not availble. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_DOUBLE_AGENT Found duplicate agent for BCDL group [chars]: node [hex], jid [dec] Explanation A BCDL agent for the group is already running. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_EVENT event manager function [chars] failed, error [dec]: [chars] Explanation A call to a event manager interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_EVENT_MANAGER event manager function [chars] failed: [chars] Explanation A call to an event manager interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_GENERIC_FUNC function [chars] failed: [chars] Explanation A call to some function interface failed. Recommended Action Contact support. Operating System (OS) Messages BCDL Messages EM-1135 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-BCDL-3-MSG_GENERIC_FUNC function [chars] failed: [chars] Explanation A call to some function interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_GROUP group services function [chars] failed for gid [dec], error [dec]: [chars] Explanation A call to a group services interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_GROUP group services function [chars] failed for gid [dec], error [dec]: [chars] Explanation A call to a group services interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_GROUP_CREATE group_create failed for group [chars], error [dec]: [chars] Explanation A call to a group services interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_GROUP_CREATE_LWG group_create_lwg failed for group [chars], parent gid [dec], error [dec]: [chars] Explanation A call to a group services interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_GROUP_NODESET Nodeset call: gid [dec], nid [dec] Explanation Displaying the memberset details of a failed _nodeset call. Recommended Action Contact support. Operating System (OS) Messages BCDL Messages EM-1136 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-BCDL-3-MSG_GROUP_NODESET Nodeset contains [dec] mbrs: (nid) [chars] Explanation Displaying the memberset details of a failed _nodeset call. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_HB_MISS group [chars]: no heartbeats received in last [dec] seconds Explanation The bcdl client library detected that it should have received a heartbeat from the agent, but didn’t Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_INSTALLMGR An error was returned from install mgr function [chars]: [chars] Explanation A call to an install manager function failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_LWM LWM function [chars] failed, error [dec]: [chars] Explanation A call to a LWM interface failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_MALLOC Couldn’t malloc [dec] bytes: [chars] Explanation The requested memory is not available Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_MALLOC Couldn’t malloc [dec] bytes: [chars] Explanation The requested memory is not available Recommended Action Contact support. Operating System (OS) Messages BCDL Messages EM-1137 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-BCDL-3-MSG_PTHREAD Pthread operation [chars] [hex] failed: [chars] Explanation The mutex lock/unlock failed Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_PTHREAD Pthread operation [chars] [hex] failed: [chars] Explanation The mutex lock/unlock failed Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_RINFO Unable to use group services function [chars] for type [dec]: error [dec]: [chars], grp has [dec] mbrs Explanation A call to a group services rinfo function failed. Recommended Action Contact support. Error Message %OS-BCDL-3-MSG_TABLE_REF_COUNT Table id [hex] not found in subgroup [dec] to merge from subgroup [dec] Explanation Any table has to be part of the subgroup 0. Recommended Action Contact support. Error Message %OS-BCDL-7-MSG_CRIT_NORM Bad bytes critical ([dec]) or normal ([dec]), using default [dec] and [dec] Explanation The bcdl_agent_start api was used incorrectly. Recommended Action Contact support. Error Message %OS-BCDL-7-MSG_STALL_RESET Group [chars] hit max of [dec] messages queued - initiating reset of this consumer Explanation The consumer is not servicing the incoming message queue. Recommended Action Contact support.Operating System (OS) Messages BLWM Messages EM-1138 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 BLWM Messages Error Message %OS-BLWM-4-BATCH_CONFIG_REPLY_FAILED Failed to send batch-configuration reply to client, errno [dec] Explanation A BLWM-enabled server failed to send a reply about batch configuration to the client. The client might have restarted and this could be a transient error. Wait for the client to restart and reestablish connection with the server. Recommended Action No action is required. Error Message %OS-BLWM-4-BATCHED_REPLY_FAILED Failed to send a batch of replies to client, errno [dec] Explanation A BLWM-enabled server encountered a failure while sending batched replies to the client. The client might have restarted. Wait for the client to restart and reconnect to server to resume the processing. Recommended Action No action is required. Error Message %OS-BLWM-4-PULSED_FLUSH_FAILED Pulsed flush of batched requests failed, Reason: [chars] Explanation A BLWM-enabled client failed to flush the batched LWM requests. This is most likely because the server process restarted. Wait for client to reestablish connection with server and flush the batched requests again. Recommended Action No action is required. Error Message %OS-BLWM-4-REPLY_PROCESSING_ERRORS An error ocurred while processing the batched replies, error: [chars] Explanation A failure occurred while processing the batched replies received from the server. This is most likely an internal error. Recommended Action No action is required. Operating System (OS) Messages CDS_CONSUMER_LIB Messages EM-1139 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-BLWM-4-RESTART_PROCESSING_ERRORS An error ocurred during restart handling, error: [chars] Explanation A failure occurred while processing the requests/replies from the previous life after a restart. A best-effort attempt is made to process the requests/replies from the previous life. if this attempt fails, this error message is printed and the state is reset for normal BLWM operation. Recommended Action No action is required. Error Message %OS-BLWM-4-SHMEM_FAILURE Failed to acquire/access shared memory, error: [chars] Explanation A failure occurred while initializing or accessing the shared memory buffer used to assemble the responses. This is most likely an internal error. Recommended Action No action is required. Error Message %OS-BLWM-4-TIMED_FLUSH_FAILED Timed flush of batched requests failed, Reason: [chars] Explanation A BLWM-enabled client failed to flush the batched LWM requests. This is most likely because the server process restarted. Wait for client to reestablish connection with server and flush the batched requests again. Recommended Action No action is required. Error Message %OS-BLWM-4-WARNING [chars] rc equals [dec] Explanation For displaying blwm debugging information. Recommended Action No action is required. CDS_CONSUMER_LIB Messages Error Message %OS-CDS_CONSUMER_LIB-3-NULL_CONSUMER [dec]: Consumer has not registered yet, tag equals [hex] Explanation cds lib has got a message to process, but consumer has not yet registered. please collect cds consumer ltrace. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Operating System (OS) Messages CDS_PRODUCER_LIB Messages EM-1140 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CDS_PRODUCER_LIB Messages Error Message %OS-CDS_PRODUCER_LIB-3-MEMORY Failed to malloc [unsigned int] bytes Explanation The client library has failed to aquire the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CDS_PRODUCER_LIB-3-SEND_FAILED [chars]: ### failed to send LWM message ret [dec] error [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ cds_proxy Messages Error Message %OS-cds_proxy-2-USAGE Incorrect arguments: Usage: [chars] [svr_threads] Explanation Incorrect command line parameters were passed to the cds proxy, and so it failed to start. Recommended Action Check the startup arguments passed to nrs server. A default configuration will be used if no parameters are passed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-cds_proxy-3-INTERNAL [chars]: rc [hex], [chars] Explanation The server has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages cds_svr Messages EM-1141 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-cds_proxy-3-MEMORY Failed to malloc [unsigned int] bytes Explanation The server has failed to acquire the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-cds_proxy-3-NULLARG A NULL pointer was passed as a fn parameter Explanation A NULL pointer was passed as a fn parameter Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. cds_svr Messages Error Message %OS-cds_svr-2-USAGE Incorrect arguments: Usage: [chars] [svr_threads] Explanation Incorrect command line parameters were passed to the cds proxy, and so it failed to start. Recommended Action Check the startup arguments passed to nrs server. A default configuration will be used if no parameters are passed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-cds_svr-3-INTERNAL [chars]: rc [hex], [chars] Explanation The server has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages CDSUTILS Messages EM-1142 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-cds_svr-3-MEMORY Failed to malloc [unsigned int] bytes Explanation The server has failed to acquire the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CDSUTILS Messages Error Message %OS-CDSUTILS-7-INTERNAL_ERROR Encountered internal error: [chars]: [dec]:[hex]:[hex] Explanation The CDS module has encountered internal error. Recommended Action None Error Message %OS-CDSUTILS-7-INVALID_ARG Invalid argument passed: [chars]: [dec]:[hex]:[hex] Explanation CDS module was passed invalid arguments. Recommended Action None CERR_LIB Messages Error Message %OS-CERR_LIB-7-CORRUPT [chars]: corrupted data structured detected at line [dec] Explanation The infrastructure library detected a corrupt data structure while performing internal checks. Recommended Action Run diagnostics to determine if this is a result of a hardware problem. If the problem reoccurs, a memory dump should be taken to assist TAC. Operating System (OS) Messages CERR_SVR Messages EM-1143 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-CERR_LIB-7-NOMEM [chars]: could not allocate memory ([dec] bytes requested): [chars] Explanation The infrastructure library was unable to allocate memory from the system for an internal data structure. Recommended Action Check to see if sufficient memory resources remain for normal operations. Add memory if necessary. Verify the installation of the infrastructure library. Re-load if required. Error Message %OS-CERR_LIB-7-PTHREADKEY [chars]: could not create thread key: [chars] Explanation The infrastructure library was unable to obtain a thread key for thread private data storage. Recommended Action Check to see if sufficient memory resources remain for normal operations. Add memory if necessary. Error Message %OS-CERR_LIB-7-SETSPECIFIC [chars]: could not set threadspecific data pointer for key [hex]: [chars] Explanation The infrastructure library was unable to set a threadspecific data pointer for thread private data storage. Recommended Action Check to see if sufficient memory resources remain for normal operations. Add memory if necessary. CERR_SVR Messages Error Message %OS-CERR_SVR-7-EVENT Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process must exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages CHUNK Messages EM-1144 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-CERR_SVR-7-INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the Cerrno Server process Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CERR_SVR-7-INSTALL Error updating Cerrno DLL Lookup table during Install Event. Error: [chars] Explanation An error has occurred updating the reference table for cerrno error messages. Some cerrno messages may be incorrect or undecodable. Recommended Action A successful restart of the Cerrno Server will result in future messages being decodable. Error Message %OS-CERR_SVR-7-SYSMGR Failure communicating readiness to SysMgr. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CHUNK Messages Error Message %OS-CHUNK-3-CREATE Chunk named [chars] not created because [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-3-INIT Error initializing chunk [chars], mutex error, [chars] Explanation The chunk’s mutex could not be initialized. Recommended Action Copy the message exactly as it appears, and report it your technical support representative. Operating System (OS) Messages CHUNK Messages EM-1145 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-CHUNK-3-PRIVMEM_SIZE Private pool size ([dec]) smaller than request ([dec]) Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-7-BADELESIZE Chunk element size is more than 64k for [chars] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-7-BADREFCOUNT Bad chunk reference count ([dec]), chunk [pointer] data [pointer]. Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-7-BOUNDS Attempted to exceed freelist chunk bounds, chunk [hex], data [hex] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-7-DESTROY_NOTEMPTY Attempted to destroy chunk with siblings, chunk [hex] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Operating System (OS) Messages CHUNK Messages EM-1146 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-CHUNK-7-FREE Attempted to free nonchunk memory, chunk [pointer], data [pointer] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %OS-CHUNK-7-INVFREE Attempted to free already freed chunk memory, chunk [hex], data [hex] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %OS-CHUNK-7-LOCK Attempted to lock unlockable chunk data, chunk [hex] data [hex] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-7-NEG_FREE_COUNT Negative free counter on chunk [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-7-NOSIBLING Could not find the sibling to allocate memory from. Chunk [chars], total free [dec] inuse [dec]. Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DEBUG_CERR Messages EM-1147 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-CHUNK-7-NULLCHUNK NULL chunk pointer argument Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-CHUNK-7-PARTIAL Attempted to destroy partially full chunk, chunk [hex] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %OS-CHUNK-7-SIB_INDEX Error noticed in the sibling of the chunk [chars] Chunk index : [dec], Chunk real max : [dec] Explanation A software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. DEBUG_CERR Messages Error Message %OS-DEBUG_CERR-7-REGISTER [chars]: could not register the debug specific structured error messages: [chars] Explanation The debug library was unable to register its debug specific condition codes. Condition messages from the debug library are likely to be degraded. Recommended Action Check to see if sufficient memory resources remain for normal operations. Add memory if necessary. Verify the installation of the debug library. Re-load if required.Operating System (OS) Messages deflate Messages EM-1148 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 deflate Messages Error Message %OS-deflate-3-ERROR [chars] [chars] [chars] Explanation Error in uncompressing Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. DISTRIB_LIB Messages Error Message %OS-DISTRIB_LIB-3-ASYNC_HANDLER_FAILED [chars]: error attaching async handler: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-BAD_CANCEL_TYPE [chars]: bad cancel type [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-BAD_MSG_TYPE [chars]: bad message type [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DISTRIB_LIB Messages EM-1149 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DISTRIB_LIB-3-BAD_REPLY [chars]-I-replying to a non-block sync msg Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-COND_OP_FAILED [chars]: Cond op [chars] failed on conditional variable [chars]: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-CONNECT_FAILED [chars]: ### failed to connect to [chars], [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-CONNECT_GSP_FAILED [chars]: error connecting to GSP: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-CREATE_GROUP_ERR [chars]:[dec] [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DISTRIB_LIB Messages EM-1150 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DISTRIB_LIB-3-DEF_SYNC_HANDLER_FAILED [chars]: error attaching lib’s default sync handler: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-EVENT_ASYNC_ATTACH_FAILED [chars]: error async attach all failed: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-EVENT_BLOCK_ERR [chars]: rc [hex], [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-EVENT_FILE_ATTACH_FAILED [chars]: event_file_attach call failed: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-FUNCTION_ERR [chars]:[dec] [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DISTRIB_LIB Messages EM-1151 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DISTRIB_LIB-3-GSP_FAILURE [chars] GSP failure connection lost... Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-gsp_msg_failed Failed to notify node state when [chars]: [chars] Explanation The internal communication channel among pctl threads is broken. Recommended Action Must restart the process. Error Message %OS-DISTRIB_LIB-3-GSP_MSG_RCV_FAILURE [chars]: error retrieving msg from GSP: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-GSP_TRACE_BACK [chars] : [chars] [hex] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-INCORRECT_GROUP_ID Can not rejoin group [chars], group id changed from [dec] to [dec], restarting Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DISTRIB_LIB Messages EM-1152 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DISTRIB_LIB-3-INIT_MEM_MANAGER_FAILED [chars]: error initializing lib memory manager Explanation Error initializing lib memory manager Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-MALLOC_FAILED [chars]:[dec] malloc failed Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-MSG_CHAN_DISCONNECT_FAIL [chars]: msg_chan_disconnect failed [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-MSG_GET_CONN_FAILED [chars]: msg_get_conn call failed: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-MSG_SEND_ERR [chars] msg_send error ERRNO: [dec]::[chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DISTRIB_LIB Messages EM-1153 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DISTRIB_LIB-3-MUNMAP_FAILED [chars]: munmap of size [dec] at addr [hex] failed. Error [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-MUTEX_OP_FAILED [chars]: Mutex op [chars] failed on mutex [chars]: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-NO_PRIV_MSG_HANDLER [chars]: no private msg handler! Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-REG_ERROR [chars]-E-[chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-RELEASE_TICKET_FAILURE [chars]: release ticket failure ret: [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DISTRIB_LIB Messages EM-1154 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DISTRIB_LIB-3-SBM_MODE_ENTER_ERR [chars]: error sending sbm mode enter: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-SYNC_RESP_ERR [chars] error sending SYNC_RESPONSE: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-3-WRONG_TICKET_TYPE [chars]: wrong ticket type [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-6-BAD_SEQ_CHAN [chars]: Sequencer channel for [chars] does not exist. Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-6-GROUP_SEQ_INFO [chars][[dec]]-setting lib seq for gid : [dec] to nidx Explanation Just more information. Recommended Action ’No action is required.’ Operating System (OS) Messages DUMPER_MARK Messages EM-1155 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DISTRIB_LIB-6-GSP_TRACE_HDR [chars] : Previous accesses (line number): [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DISTRIB_LIB-6-MEM_TRACE_BLOCK [chars] -Traceback equals [hex] [hex] [hex] [hex] [hex] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ DUMPER_MARK Messages Error Message %OS-DUMPER_MARK-4-NO_SLOT The array is filled, no slot found for inserting [hex] dropping request Explanation A new request for marking segment came, but the marker reference array is already filled. Dropping this request. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER_MARK-7-NOT_FOUND The given entry [hex] not found, dropping request Explanation The request for a page to be unmarked came, but no such marking was found in the reference array. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages DUMPER_SNAP Messages EM-1156 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DUMPER_SNAP Messages Error Message %OS-DUMPER_SNAP-3-INSANE Coredump request rate exceeds sanity threshold - restarting process Explanation The process explicitly configured a threshold of how many non-invasive voluntary coredump requests should be permitted before deeming the process insane. This has been exceeded, and so the process is being restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER_SNAP-4-DUMP Process [dec] requested voluntary [chars] dump of itself Explanation A non-invasive voluntary coredump requested by the process. Process might be experiancing a condition which needs investigation. This core file will help analysing the issue. Recommended Action This should not occur in normal conditions, please provide the coredump to TAC. Error Message %OS-DUMPER_SNAP-4-NODUMP Problem with voluntary core dump requested by [dec] when [chars]: [chars] Explanation A non-invasive voluntary coredump was requested by the process, and was within the configured rate-limit, but a problem occured that prevented the coredump from being created. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER_SNAP-6-DUMP_OK Voluntary core dump requested by process [dec] completed Explanation A non-invasive voluntary coredump requested by the process completed successfully. Process might be experiancing a condition which needs investigation. This core file will help analysing the issue. Recommended Action This should not occur in normal conditions, please provide the coredump to TAC. Operating System (OS) Messages DUMPER Messages EM-1157 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER_SNAP-6-LIMITED Coredump request would exceed configured rate-limit Explanation A non-invasive voluntary coredump was requested by the process, but was declined since this would exceed the configured rate-limit. Recommended Action None, this is benign. DUMPER Messages Error Message %OS-DUMPER-3-CORE_FILE_TOO_SMALL Too small size [dec] for [chars] Explanation Core dump file resulted in illegally small size Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DUMPER-3-DLOPEN_FAILED dll loading [dec] failures: [chars] is [chars] Explanation Dumper startup failed because loading some of dlls failed. Most likely cause is memory running low. Recommended Action No action is required. Error Message %OS-DUMPER-3-GET_MAPPING_INFO_FAILED Core dump failed for [chars] in getting map info. Error: [chars] Explanation Core dump failed because getting map info failed. Recommended Action No action is required. Error Message %OS-DUMPER-3-MAP_INFO_FAILED Core dump for [chars] failed due to process information not available Explanation Core dump failed because the process information is not available. Recommended Action Possible Work Around: If there was dumper malloc failure, try following command for failed process. ’show proc failed_process_name | include COPY’ If it would produce something like following output, core: other_option COPY then dumper COPY option is enabled for this process and it temporary consume a lot of memory, so it might be one of the cause of the Operating System (OS) Messages DUMPER Messages EM-1158 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 memory shortage problem. If that is the case, then specifing following command for failed process will reduce the temporal memory usage of the process, thus it might work around the problem. ’proc failed_process_name core other_option’ Error Message %OS-DUMPER-3-PATH_FAILED Core dump for [chars] failed due to lack of working dump path choice Explanation Core dump failed because there is no working dump path. Recommended Action No action is required. Error Message %OS-DUMPER-3-SELECT_SEGMENTS_FAILED Core dump for [chars] failed in selecting process segments Explanation Core dump failed because selecting process segments in sparse mode failed. Recommended Action No action is required. Error Message %OS-DUMPER-3-SET_RLIMIT_FAIL Failed to set resource limit data. soft limit: [hex] hard limit: [hex] Error([dec]): [chars] Explanation Failed to set resource limit dat Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DUMPER-3-STACK_SIZE_INVALID Stack size [dec] [chars] at [chars]:[dec] Explanation Stack size of target process is invalid. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DUMPER-3-TIMER_PROBLEM Timer [chars] failure. Error: [chars] Explanation Something went wrong with the timer Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DUMPER Messages EM-1159 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-3-WRONG_COMP_MAGIC_NUMBER Wrong file magic number [hex] [hex] [hex] for [chars] Explanation Core dump file compression header is broken. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DUMPER-4-BUS_OBJERR Accessed BadAddr [hex] at PC [hex] code [dec] fltno [dec] Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-4-CORE_INFO Core for pid equals [dec] ([chars]) requested by [chars]@[chars] Explanation Debug core info Recommended Action No action is required. Error Message %OS-DUMPER-4-CORE_PAGE_LOST [chars] core COPY option enabled but free memory:[unsigned long int] is not enough for the next segment:0x[pointer](size [unsigned long int]) and succeeding ones. Use ’exception memory-threshold percentage_in_total_memory’ to change the minimum free memory threshold. Explanation Not enough free memory to continue COPY option core dump, which allocate local memory for each meory segent. Recommended Action No action is required. Error Message %OS-DUMPER-4-CRASH_INFO Crashed pid equals [dec] ([chars]) Explanation Debug crash info Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1160 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-4-DEVCTL_FAILED Devctl Code: [dec] failed. Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_MEM_ALIGN Memory addr:[hex] not aligned :[chars] at [dec] Explanation Core dump failed because the pending segment flush failed. Recommended Action No action is required. Error Message %OS-DUMPER-4-ERR_MEM_ALLOC Malloc (size:[dec]) failed :[chars] at [dec] Explanation Memory running low Recommended Action Reboot the router Error Message %OS-DUMPER-4-ERR_PATHMGR_SYMLINK Pathmgr symlink failed [chars] [chars] . Error: [chars] errno [hex] Explanation Pathmgr symlink failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_QSM_ADD_SERVICE QSM publish dumper path failed [chars] [chars] . Error: [chars] errno [hex] Explanation QSM publish dumper path failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1161 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-4-ERR_SP_INVAL Stack Pointer:[hex] is corrupted Base [hex], Top [hex]:[chars] at [dec] Explanation Core dump failed because the stack pointer is corrupted. Recommended Action No action is required. Error Message %OS-DUMPER-4-ERR_SYSDB_APPLY Failure in verification apply handler for [chars]. [chars] Explanation Error in apply handler Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_SYSDB_BIND [chars]: Unable to bind to [chars]. Error: [chars] Explanation Could not connect to sysdb Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_SYSDB_GET [chars]: Could not get [chars] [chars] Explanation Could not get sysdb item. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_SYSDB_NOTIFY Failure in notification handler for [chars]. [chars] Explanation Error in notify handler Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1162 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-4-ERR_SYSDB_REG_NOTIFY Sysdb notifier registration for [chars] failed. Error: [chars] Explanation Sysdb notifier registration failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_SYSDB_REG_VERIFY Sysdb verifier registration for [chars] failed. Error: [chars] Explanation Sysdb verifier registration failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_SYSDB_SET [chars]: Could not set [chars] [chars] Explanation Could not set sysdb item. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_SYSDB_UNBIND Unable to unbind from [chars]. Error: [chars] Explanation Could not disconnect to sysdb Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-ERR_SYSMGR_REG_LREVT Sysmgr LR evt registration failed. Error: [chars] errno [hex] Explanation Sysmgr LR event registration failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1163 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-4-ERR_SYSMGR_REG_REDST Sysmgr redundancy state registration failed. Error: [chars] errno [hex] Explanation Sysmgr redundancy state registration failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-SHOW_REGISTERS_FAILED show registers call failed Explanation Could not get the registers context for the process being dumped. This could happen if a core dump is explicitly requested of a running or suspended process using dumpcore command. If not it is a bug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-4-SIGNALCORE_INFO Core for pid equals [dec] ([chars]) as signal [dec] sent by [chars]@[chars] Explanation Debug core info Recommended Action No action is required. Error Message %OS-DUMPER-4-UNKNOWNCORE_INFO Core for pid equals [dec] ([chars]) requested by Unknown Explanation Debug core info Recommended Action No action is required. Error Message %OS-DUMPER-5-CORE_FILE_NAME Core for process [chars] at [chars] on [chars] Explanation Name of the core file Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1164 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-5-CORE_TRANSFER_STATUS Transfer of Core file from [chars] to [chars] on [chars] [chars] Explanation Status of the core dump transfer to persistent location. Recommended Action No action is required. Error Message %OS-DUMPER-5-DUMP_FAILURE Core dump failed: [chars] [chars] [unsigned long int] Explanation Could be any number of reasons. Check for other error messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-5-DUMP_SUCCESS Core dump success Explanation Core dump succeded Recommended Action No action is required. Error Message %OS-DUMPER-5-LTRACE_INIT Dumper ltrace init failure. Error([dec]): [chars] Explanation Failed to initialize dumper ltrace buffer Recommended Action ’No action is required.’ Error Message %OS-DUMPER-5-TIMEOUT dumper will be restarted due to watchdog timeout Explanation dumper restarted due to watchdog timeout. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-5-TMP_PATH_FULL [chars] Explanation /tmp/dumper is not available because it is full of files still being transferred. Recommended Action ’No action is required.’ Operating System (OS) Messages DUMPER Messages EM-1165 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-6-BAD_PATH Choice [dec]([chars]) either not configured or bad path [chars] at [dec]. Trying next choice. Explanation Could be any number of reasons. Check for other error messages. Recommended Action No action is required. Error Message %OS-DUMPER-6-BOOT_DEVICE_FAILURE Failed to get boot device for local node:[chars] Explanation Failed to determine the boot device for a RP Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-CORE_DUMP_OFF Core for process [chars] turned off Explanation The core for the process has turned off delibrately Recommended Action No action is required. Error Message %OS-DUMPER-6-CORE_FILE_NAME_UNAVAIL Could not get core file name for crash Explanation The core dump file name for this crash is invalid. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-CORE_MD5 [chars] [chars] size:[unsigned long int] md5:[chars] Explanation Keep core file md5 information to identify later file corruption. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-CORRUPT_CONTEXT Dumper context information is corrupted, throwing it away Explanation Looks like the core context infomation dumper stores is corrupted. The conext is being reset, all existing context infomation will be lost. Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1166 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-6-DEFAULT_PATH_TMP [chars] Explanation Notify that the default path has been set to /tmp/dumper Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-ERR_SYSMGR_CORE_OPTIONS Failed to get process core options from sysmgr. Error([dec]): [chars]. Default options will be used. Explanation Dumper failed to get process core option values from sysmgr. Typically because a non sysmgr managed process crashed, or rarely because sysmgr was being down or being very busy. Recommended Action No action is required. Error Message %OS-DUMPER-6-FALLBACK_CHOICE Fall back choice: [chars]%s[chars] Explanation Could be any number of reasons. Check for other error messages. Recommended Action No action is required. Error Message %OS-DUMPER-6-FALLBACK_CHOICE_BOOT_DEV Fallback choice is on boot device of local or remote node. Explanation The fallback choice is on the boot device for either the local node or the remote node. This device would be skipped as dump device choice to prevent dumper filling it up with core dumps. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-GET_PROC_CISCO devctl DCMD_PROC_CISCO failed with size:[dec]. Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1167 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-6-GET_PROC_CURTHREAD_FAILED devctl DCMD_PROC_CURTHREAD failed for [chars] with tid:[dec]. Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-6-GET_PROC_GETGREG_FAILED devctl DCMD_PROC_GETGREG failed for [chars]. Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-6-GET_PROC_TIDSTATUS_FAILED devctl DCMD_PROC_TIDSTATUS failed for [chars]. Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-6-GET_PROCINFO_FAILED devctl DCMD_PROC_INFO failed for [chars]. Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-6-MSGREPLY_CONFIRMED Reply to client is confirmed Explanation Reply to client could have been missing, so did reply at the end. Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1168 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-6-NO_SP_INFO No sub processor information on this card. Explanation No sub processor information found on this card. Display the local node information instead. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-NODE_NAME_FAIL Failed to get the local nodes internal node name Explanation Failed to get the local node name from platform library. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-NODEID_FAIL Failed to get the local nodeid. Explanation Failed to get the local nodeid from platform library. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-ONLY_CONTEXT Displaying just the context information as Core for process [chars] turned off Explanation The core for the process has turned off delibrately Recommended Action No action is required. Error Message %OS-DUMPER-6-PENDING_SEGMENT_FLUSH_FAILED Core dump failed in pending segment flush Explanation Core dump failed because the pending segment flush failed. Recommended Action No action is required. Error Message %OS-DUMPER-6-POPULATE_FILTERS_FAILED Core dump failed in populating filters Explanation Core dump failed because populating filters for the process mapinfo failed. Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1169 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-6-READ_TEXT_DUMP_FAIL Failed to read from text dump file:[chars]. Error:[chars] Explanation Failed to read from the text dump file. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-REMOVE_OLDEST Removing dump [chars] as we can have only limited number of cores in fallback path Explanation Memory limitation. Recommended Action No action is required. Error Message %OS-DUMPER-6-SAVE_SEGINFO_FAILED Core dump failed at [dec] in saving segment info Explanation Core dump failed because the saving segment info failed. Recommended Action No action is required. Error Message %OS-DUMPER-6-SCAN_DLLDATA_FAILED Core dump failed at [dec] in scanning the dll data Explanation Core dump failed because scanning the dll data failed. Recommended Action No action is required. Error Message %OS-DUMPER-6-SCAN_PROCDATA_FAILED Core dump failed in scanning the process data Explanation Core dump failed because scanning the process data failed. Recommended Action No action is required. Error Message %OS-DUMPER-6-SCAN_REGISTERS_FAILED Core dump failed in scanning regisers Explanation Core dump failed because scanning registers for the process failed. Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1170 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-6-SCAN_STACK_FAILED Core dump failed in scanning stack Explanation Core dump failed because scanning stack for the process failed. Recommended Action No action is required. Error Message %OS-DUMPER-6-SPARSE_CORE_DUMP Sparse core dump as [chars] Explanation The core for the process is sparse dump Recommended Action No action is required. Error Message %OS-DUMPER-6-TREEWALK_FAILED Core dump failed in sparse tree walk Explanation Core dump failed because the sparse tree processing failed. Recommended Action No action is required. Error Message %OS-DUMPER-6-UNLINK_CORE_FAILED Unlink of [chars] failed. Error: [chars] Explanation Could not delete a file Recommended Action ’No action is required.’ Error Message %OS-DUMPER-6-USAGE Usage: [chars] [-h] Explanation Usage information. Recommended Action No action is required. Error Message %OS-DUMPER-6-WORKER_THREAD_BUSY Too many dump request simultaneously Explanation Too many processes crashes or dump request simultaneously Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1171 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-6-WRITE_TEXT_DUMP_FAIL Failed to write to text dump file:[chars]. Error:[chars] Explanation Failed to write to the text dump file. Recommended Action ’No action is required.’ Error Message %OS-DUMPER-7-BAD_CORE_SIZE Bad core file size, Expecting: [dec], Collected: [dec] Explanation Could not collect the entire core file data Recommended Action No action is required. Error Message %OS-DUMPER-7-BUS_ADRALN Address alignment @ address [hex] Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-7-BUS_ADRERR Accessed BadAddr [hex] at PC [hex] Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-7-CLOSE_PROBLEM [chars]:[dec] [chars] failed. Error: [chars] Explanation Possibly the server died. Recommended Action No action is required. Error Message %OS-DUMPER-7-CORE_CONFLICT [chars] core dump is cancelled. The same name core is still being transferred from /tmp Explanation This happens when a process requests repeating core dump, and the next core dump is requested while the previous core was temporary dump’ed to /tmp, and still being transferred from /tmp. Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1172 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-CORE_FILE_OPEN_FAILED Dump to path [chars] fails. Error: [chars] Explanation Could not open a file to dump core. Recommended Action No action is required. Error Message %OS-DUMPER-7-DEBUG_INIT_FAILED [chars] Explanation Debug init failed Recommended Action No action is required. Error Message %OS-DUMPER-7-DLL_INFO [chars] [hex] [hex] [hex] [hex] [dec] Explanation Dll information for the process being dumped Recommended Action No action is required. Error Message %OS-DUMPER-7-DLL_INFO_HEAD DLL path Text addr. Text size Data addr. Data size Version Explanation Heading for dll info being printed Recommended Action No action is required. Error Message %OS-DUMPER-7-DUMP_ATTRIBUTE Dump request with attribute [hex] for process [chars] Explanation The information message for debug use. Recommended Action No action is required. Error Message %OS-DUMPER-7-DUMP_CORE_FAILURE Core dump failed: Could not create core Explanation Could be any number of reasons. Check for other error messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1173 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-DUMP_INFO_PROBLEM Dump Info [chars] failure. Error: [chars] Explanation Something went wrong with the dump information storage scheme Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-DUMP_REQUEST Dump request for process [chars] Explanation The information message for debug use. Recommended Action No action is required. Error Message %OS-DUMPER-7-ERR_EVM_CREATE [chars]: can’t create event manager. [chars] Explanation Failed to create event manager for the process Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERR_EVM_EVENT_BLOCK event_block error -- [chars] Explanation Error during event block Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERR_EVM_FILE_ATTACH [chars]: can’t attach resmgr funcs ’[chars]’ Explanation Failed to attach pathname to the process Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1174 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-ERR_SYSDB_DATALIST Failed call : [chars]. Error [chars] Explanation Unexpected failure for sysdb datalist. Recommended Action No action is required. Error Message %OS-DUMPER-7-ERR_SYSDB_ITEM Bad item : [chars]. [chars] Explanation Unexpected or bad item under config for dumper Recommended Action No action is required. Error Message %OS-DUMPER-7-ERR_SYSDB_ITEM_TYPE Bad item type for [chars] Explanation Unexpected item type in dumper config Recommended Action No action is required. Error Message %OS-DUMPER-7-ERR_THREAD_ATTRIBUTE [chars]: [chars] failed: [chars] Explanation Could not attribute a thread. Check for other error messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERR_THREAD_COND [chars]: [chars] failed: [chars] Explanation Could not cond_wait a thread. Check for other error messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERR_THREAD_CREATE [chars]:[dec] [chars]: [chars] failed: [chars] Explanation Could not create a thread. Check for other error messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1175 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-ERR_THREAD_JOIN thread timed join operation failed: [chars] Explanation A internal timed thread join operation has failed. This is a bug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERR_THREAD_MUTEX_INIT mutex operation [chars] failed for mutex_init mutex: [chars] Explanation A internal mutex operation has failed. This is a bug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERR_THREAD_MUTEX_LOCK [chars]:[dec] mutex operation [chars] failed for loc_mutex mutex: [chars] Explanation A internal mutex operation has failed. This is a bug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERR_THREAD_MUTEX_UNLOCK [chars]:[dec] mutex operation [chars] failed for unlock_mutex mutex: [chars] Explanation A internal mutex operation has failed. This is a bug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-ERROR [chars]: Unexpected error: [chars] Explanation Encountered an unexpected internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1176 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-FAIL_DEBUG_REG [chars]: Can’t connect to configuration, [chars] Explanation DUMPER debugging service register to sysdb failed. Recommended Action Check the existence of the Sysdb service. The system is supposed to re-register if the Sysdb service is available. Error Message %OS-DUMPER-7-FLT_STACK Failed to map stack @ PC [hex] Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-7-GET_FSLIST_FAILED [chars]: unable to read platform dependent filesystem Explanation Most probably some problem with the file systems data file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-GET_MAPINFO_FAILED devctl DCMD_PROC_MAPINFO failed, Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-GET_PAGEDATA_FAILED devctl DCMD_PROC_PAGEDATA failed, Error: [chars] Explanation A devctl failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1177 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-INSTALL_PKG [chars] V [chars][[chars]] [chars] [chars] at [chars] [chars] Explanation Active installed packages Recommended Action No action is required. Error Message %OS-DUMPER-7-INSTALL_PKG_SHOW_FAILED active installed packages show failed: [chars] Explanation Install manager might have died Recommended Action No action is required. Error Message %OS-DUMPER-7-INVALID_PATH [chars] not a valid path or not supported Explanation most probably tried to configure an unsupported path e.g. rcp. Recommended Action ’Configure a valid path’ Error Message %OS-DUMPER-7-KERNEL_INFO_MMAP_FAILURE Could not map kernel dumper information. [chars] Explanation Space might not have been allocated for storing kernel dump information Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-MKDIR_FAILED mkdir for path [chars] failed, error: [chars] Explanation Something wrong Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages DUMPER Messages EM-1178 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-MMAP_FAILED [chars]:[dec] Map of file descriptor [dec] for size [dec] Offset [hex] failed: [chars] Explanation Something wrong Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-MSGERROR_FAILED Failed to reply to client. Error: [chars] Explanation Could not reply to client Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-DUMPER-7-MSGREPLY_FAILED Failed to reply to client. Error: [chars] Explanation Could not reply to client Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-MUNMAP_FAILED Unmap for size [dec] at Address 0x[pointer] failed: [chars] Explanation Something wrong Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-NO_FREE_SPACE_INFO No space information available Explanation Something wrong Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1179 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-OPEN_FAILED Open of path [chars] failed at [chars]:[dec]. Error: [chars] Explanation Could not open a file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-PROC_OPEN_FAILED Fail to open process, pid equals [dec]. Error equals [chars] Explanation Could not open the process file system Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-PROC_PAGES Process memory pages [dec] Explanation The total memory page number of dumper target process Recommended Action ’No action is required.’ Error Message %OS-DUMPER-7-PROCESS_NAME_FAILED No process name information available, using pid as name instead: [chars] Explanation Something wrong Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-READ_FAILED Read of size [dec] to fd [dec] at offset [hex] failed, read [dec] Error: [chars] Explanation Most probably some problem with the procfs file system Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages DUMPER Messages EM-1180 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-REGISTERS_INFO [chars] Explanation This is the register contents at the time of the crash for the crashed process. Recommended Action No action is required. Error Message %OS-DUMPER-7-REMOVE_LOWMEM Removing dump [chars] as we are in low memory condition Explanation Memory running low Recommended Action Reboot the router Error Message %OS-DUMPER-7-SEEK_FAILED lseek to vaddr [hex] with fd [dec] failed. Error: [chars] Explanation Most probably some problem with the procfs file system Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-SIGBUS_INFO Thread [dec] received SIGBUS Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-7-SIGEMT Thread [dec] received Mutex deadlock signal Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-7-SIGILL Thread [dec] received SIGILL, accessed BadAddr [hex] at PC [hex] : [chars] Explanation Signal info Recommended Action No action is required. Operating System (OS) Messages DUMPER Messages EM-1181 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-SIGNAL_NUMBER Thread [dec] received SIGNAL [dec], si code [dec], si errno [dec] Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-7-SIGSEGV Thread [dec] received SIGSEGV Explanation Signal info Recommended Action No action is required. Error Message %OS-DUMPER-7-SYSMGR_CALL Failed call : [chars]. Error [chars] Explanation Unexpected failure for sysmgr call. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-TRACE_BACK #[dec] [hex] Explanation Trace back Recommended Action ’No action is required.’ Error Message %OS-DUMPER-7-TRACE_BACK_ERROR [chars] Explanation Some error happened in trace back operation Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-TRACE_BACK_FAILED Stack trace back failed Explanation Could not figure out trace back Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages EVM Messages EM-1182 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-DUMPER-7-UNKNOWNCARD Dumper unknown card Explanation Platfrom card type unknown to dumper. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-UNLINK_FAILED Unlink of [chars] failed. Error: [chars] Explanation Could not delete a file Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-DUMPER-7-WRITE_FAILED Write of size [dec] to fd [dec] failed. Written [dec]. Error: [chars] Explanation Most probably some problem with the file system Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EVM Messages Error Message %OS-EVM-1-CORRUPT_MLIST [chars]: attached-message list corrupted -- [[dec],[dec]] overlaps [[dec],[dec]] Explanation An Event Manager list of attached messages was found to be corrupt. Recommended Action This is an internal error and should be reported to TAC. A memory dump should be taken (to assist TAC) and the application should be restarted. Error Message %OS-EVM-1-FLAGS [chars]: invalid event manager flags -- [hex] Explanation An Event Manager call was made with an invalid flag argument. Recommended Action This is an internal error and should be reported to TAC. The application process making the call has corrupted data or some other internal error. The application should be restarted; if that fails, the router should be rebooted. Operating System (OS) Messages EVM Messages EM-1183 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-EVM-1-QSM [chars]: call to qsm_add_service([chars], [chars]) failed -- [chars] Explanation A call to the QSM API failed. The server was not able to advertise itself. Recommended Action This is an internal error and should be reported to TAC. The application process making the call has corrupted data or some other internal error. The application should be restarted; if that fails, the router should be rebooted. Error Message %OS-EVM-1-SIGPATCH [chars]: unexpected signal [dec] received Explanation The Event Manager signal handler should never be invoked directly. Recommended Action This is an internal error and should be reported to TAC. Error Message %OS-EVM-1-TIMEOUT [chars]: timeout call failed, handle [hex] Explanation An Event Manager blocking call was made with an invalid timeout specification. Recommended Action This is an internal error and should be reported to TAC. The application process making the call has corrupted data or some other internal error. The application should be restarted; if that fails, the router should be rebooted. Error Message %OS-EVM-3-MUTEX_LOCK mutex lock error: ([chars]:[dec]) Explanation An Event Manager library function was not able to lock mutex. Recommended Action Contact support. Error Message %OS-EVM-3-MUTEX_UNLOCK mutex unlock error: ([chars]:[dec]) Explanation An Event Manager library function was not able to unlock mutex. Recommended Action Contact support. Operating System (OS) Messages EVM Messages EM-1184 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-EVM-4-EMPTY_PATH registering empty path name without specifying _RESMGR_FLAG_FTYPEONLY flag, flags equals [hex] Explanation A server process has registered empty path name with the path manager without specifying _RESMGR_FLAG_FTYPEONLY flag. This may lead to undesired behaviour like receiving requests intended for some other server process (when the other server process is restarted). Recommended Action This is an internal error and should be reported to TAC. The application process making the call might have passed incorrect path name. Error Message %OS-EVM-4-FATTACH [chars]: event_file_attach failure for fd [dec], cond [dec]: [chars]. Explanation An ionotify call to request file-state notification failed. Recommended Action This is an internal error and should be reported to TAC. The server process for the failed fd has died or there is a connectivity failure. If it can be determined which server failed, it and the application with the ionotify error should be restarted. If that fails, the router should be rebooted. Error Message %OS-EVM-4-HANDLE [chars] event manager handle -- [hex] Explanation An Event Manager call was made with an invalid or corrupted event manager handle. Recommended Action This is an internal error and should be reported to TAC. The application process making the call has corrupted data or some other internal error. The application should be restarted for the invalid event manager handle; if that fails, the router should be rebooted. Error Message %OS-EVM-4-IONOTIFY_FAIL ionotify failed during reregistration on fd: [dec], error: [chars], attempt [dec] of [dec], Server info: nd [hex], pid: [dec], chid: [hex], scoid: [hex] Explanation Event-manager is unable to reregister for subsequent notifications with a server. Recommended Action This is an internal error and should be reported to TAC if all attempts fail. Please collect the output of ’show proc files jobid detail location location’ for the process in question. Operating System (OS) Messages EVM Messages EM-1185 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-EVM-4-RMCONTEXT [chars]: could not allocate memory for Resource Manager context Explanation The Event Manager could not allocate memory to construct a Resource Manager context when delivering an RM message. Recommended Action Either some process is using too much memory or there is not enough physical memory available in the router. Determine if an application is misbehaving by checking the amount of memory allocated to each application and noting whether one is unusually large. If there are no misbehaving applications, memory should be added to the router. Error Message %OS-EVM-4-SIGACTION [chars]: could not install signal handler for signal [dec] [chars] Explanation The Event Manager signal thread must install a signal handler for each signal that it is watching. Recommended Action This is an internal error and should be reported to TAC. Error Message %OS-EVM-4-SIGHEAP [chars]: could not allocate memory to deliver signal [dec] [attempt [dec] of [dec]] Explanation The Event Manager signal thread could not allocate memory needed to deliver a signal message to the Event Manager message channel. The Event Manager will try to work around the problem by sending itself the same signal a few times. Recommended Action Either some process is using too much memory or there is not enough physical memory available in the router. Determine if an application is misbehaving by checking the amount of memory allocated to each application and noting whether one is unusually large. If there are no misbehaving applications, memory should be added to the router. Error Message %OS-EVM-7-HEAP [chars]: could not allocate from heap Explanation An Event Manager library function was not able to obtain HEAP memory space. Recommended Action Either some process is using too much memory or there is not enough physical memory available in the router. Determine if an application is misbehaving by checking the amount of memory allocated to each application and noting whether one is unusually large. If there are no misbehaving applications, memory should be added to the router.Operating System (OS) Messages FIAM Messages EM-1186 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FIAM Messages Error Message %OS-FIAM-0-EMERGENCY [chars] Explanation The system is unusable. Recommended Action Contact support. Error Message %OS-FIAM-1-ABORT_WARM_RELOAD Aborting Warm Reload. Cold-restarting the card ([chars]:[dec]) Explanation Attempt to Warm Reload the card has failed. The syslog events logged preceeding this event would indicate the reason for the failure to warm reload the card. Recommended Action Contact support. Error Message %OS-FIAM-1-ALERT [chars] Explanation Action must be taken immediately. Recommended Action Contact support. Error Message %OS-FIAM-2-CRITICAL [chars] Explanation Critical conditions are present. Recommended Action Contact support. Error Message %OS-FIAM-2-MANAGED_REBOOT reboot to be managed by process ([chars]) reason ([chars]) Explanation A critical process ran into trouble and will reboot the node. Recommended Action Contact support. Error Message %OS-FIAM-2-REBOOT reboot required, process ([chars]) reason ([chars]) Explanation A critical process ran into trouble. Recommended Action Contact support. Operating System (OS) Messages FIAM Messages EM-1187 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FIAM-3-ERROR [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-FIAM-3-FUNCTION [chars]: call to [chars] failed: [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-FIAM-3-GET_PLACEMENT_LIST [chars]: sysmgr_msg_sendv SYSMGR_GET_PLACEMENT_LIST failed: [chars] Explanation Sysmgr prints this when a request for placement list comes to a wrong node like SC. Recommended Action None Error Message %OS-FIAM-3-UNEXPECTED [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-FIAM-4-CHECK_LOG [chars] Explanation Check specified log for important information Recommended Action Contact support. Error Message %OS-FIAM-4-MANDATORY_OFF mandatory state off for all processes by request Explanation Check specified log for important information Recommended Action None Operating System (OS) Messages FIAM Messages EM-1188 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FIAM-4-MANDATORY_ON mandatory state on for all processes by request Explanation Check specified log for important information Recommended Action None Error Message %OS-FIAM-4-MANDATORY_REBOOT_ABORTED mandatory reboot aborted by request Explanation Check specified log for important information Recommended Action None Error Message %OS-FIAM-4-MANDATORY_REBOOT_ENABLE mandatory reboot option enabled by request Explanation Check specified log for important information Recommended Action None Error Message %OS-FIAM-4-MANDATORY_REBOOT_OVERRIDE mandatory reboot option overridden by request Explanation Check specified log for important information Recommended Action None Error Message %OS-FIAM-4-PROC_CRASH_JID User [chars] ([chars]) requested a crash of process with jobid [dec] at [chars] Explanation For high availability demonstration, processes may be intentionally crashed by sending them a fatal signal. Recommended Action None Error Message %OS-FIAM-4-PROC_CRASH_NAME User [chars] ([chars]) requested a crash of process [chars] at [chars] Explanation For high availability demonstration, processes may be intentionally crashed by sending them a fatal signal. Recommended Action None Operating System (OS) Messages FIAM Messages EM-1189 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FIAM-4-PROC_RESTART_JID User [chars] ([chars]) requested a restart of process with jobid [dec] at [chars] Explanation For high availability demonstration, processes may be intentionally restarted by users. Recommended Action None Error Message %OS-FIAM-4-PROC_RESTART_NAME User [chars] ([chars]) requested a restart of process [chars] at [chars] Explanation For high availability demonstration, processes may be intentionally restarted by users. Recommended Action None Error Message %OS-FIAM-4-PROC_SHUTDOWN_JID User [chars] ([chars]) requested a shutdown of process with jobid [dec] at [chars] Explanation For high availability demonstration, processes may be intentionally shut down by users. Recommended Action None Error Message %OS-FIAM-4-PROC_SHUTDOWN_NAME User [chars] ([chars]) requested a shutdown of process [chars] at [chars] Explanation For high availability demonstration, processes may be intentionally shut down by users. Recommended Action None Error Message %OS-FIAM-4-PROC_START_JID User [chars] ([chars]) requested a start of process with jobid [dec] at [chars] Explanation Processes may be started by users. This log maintains a record of process starts Recommended Action None Error Message %OS-FIAM-4-PROC_START_NAME User [chars] ([chars]) requested a start of process [chars] at [chars] Explanation Processes may be started by users. This log maintains a record of process starts Recommended Action None Operating System (OS) Messages FIAM Messages EM-1190 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FIAM-4-WARNING [chars] Explanation Warning conditions are present. Recommended Action Contact support. Error Message %OS-FIAM-5-NOTICE [chars] Explanation A normal but significant event has occurred. Recommended Action none Error Message %OS-FIAM-6-INFO [chars] Explanation An informational message only Recommended Action none Error Message %OS-FIAM-7-DEBUG [chars] Explanation An informational message only Recommended Action Contact support. Error Message %OS-FIAM-7-FUNCTION_PATH [chars]: [chars] [chars] failed: [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-FIAM-7-INSTALL_FINISHED software installation is finished Explanation software installation has finished. Recommended Action None Operating System (OS) Messages FILECOPY_LIB Messages EM-1191 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FIAM-7-INSTALL_NOTIFICATION notification of software installation received Explanation A notification to begin processing a software installation has been received. Recommended Action None FILECOPY_LIB Messages Error Message %OS-FILECOPY_LIB-3-BAGDECODE An attempt to decode a filecopy bag failed when [chars] Explanation An attempt to decode a filecopy bag failed. This may be due to like low memory. You may need to free some resources from other processes if the system is running low on memory - if freeing up resources does not fix the problem, please contact your customer support representative and file a bug against the infra-filecopy-srv component. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY_LIB-3-BAGENCODE An attempt to encode a filecopy bag failed when [chars] Explanation An attempt to encode a filecopy bag failed. This may be due to like low memory. You may need to free some resources from other processes if the system is running low on memory - if freeing up resources does not fix the problem, please contact your customer support representative and file a bug against the infra-filecopy-srv component. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY_LIB-3-NOMEM Insufficient memory to [chars] Explanation No memory to perform bag operations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages FILECOPY Messages EM-1192 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FILECOPY_LIB-3-NULLARGS Null parameter passed to function when [chars] Explanation A NULL parameter was passed to a function expecting non-NULL parameters. This will result in the operation being performed failing. If this error occurs, please capture any contextual information from the CLI, and email it to your customer support representative. A bug should be filed against the infra-filecopy-srv component. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY_LIB-3-SYSDBFAIL A sysdb operation failed when [chars] Explanation An attempt to retrieve (or set) a sysdb item or list failed. This could be a transient problem that may be fixed by restarting the filecopy_process - note well that restarting this process could result in loss of data. If restarting the process does not solve this problem, please capture any contextual information from the CLI, contact your customer support representative and file a bug against the infra-filecopy-srv component. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FILECOPY Messages Error Message %OS-FILECOPY-3-BAGREGFAILED Failed to register filecopy bags during startup of filecopy_process Explanation The filecopy_process was unable register its bags during startup. This will result in the filecopy_process being terminated. The problem may be due to a transient condition like low memory. Try restarting the filecopy_process - you may do this by creating a new ccCopyEntry row in the CISCO-CONFIG_COPY-MIB. If the problem persists after a few tries, please open a bug and include the release number for the infra/filecopy/server component, the logged error message containing the traceback and a copy of the running-configuration at the time of the error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages FILECOPY Messages EM-1193 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FILECOPY-3-EVMCREATE Could not create event manager for the filecopy_process Explanation The filecopy_process was unable to create an event manager. The filecopy_process will shut down since it cannot receive any events. Try restarting the process - if the error continues, contact customer support with the error message and associated context. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY-3-NOMEM Insufficient memory to [chars] Explanation No memory to perform edm or bag operations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY-3-SIGATTACH Could not attach a handler function for the signal [chars] Explanation The filecopy_process was unable attach a handler for a signal. This could affect cleanup of open connections or allocated resources during shutdown, which could affect the filecopy_process’ ability to restart in the future. The filecopy_process will attempt to shutdown in the hope that this problem is transient, and that a future attempt to start it will succeed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY-3-SYSDBBIND Could not bind with SysDB Explanation The filecopy_process was unable to bind with sysdb. This means the process will be unable to communicate with its clients. Hence the filecopy_process will shut itself down. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages FSM Messages EM-1194 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-FILECOPY-4-DEBUGINIT Could not register for debug notifications Explanation The filecopy_process was unable to register for debug notifications. If you have turned on debugging for this process, it will have no effect. However, the rest of the filecopy_process functionality should still be available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY-4-NOTIFFAIL Failed to send a filecopy notification - [chars] Explanation The filecopy process failed to send a notification to its clients about a state-transition for a copy request. Users may find the reported duration of a copy operation to be quite large as a result, depending on how long it takes for a client to poll the filecopy_process to see if a state change occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-FILECOPY-4-SYSDBUNBIND Could not unbind with SysDB Explanation The filecopy_process was unable to unbind from sysdb when shutting down. This may result in a failure to re-register with sysdb when the process is restarted later. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FSM Messages Error Message %OS-FSM-4-ANOMALY [chars] Explanation A SW exception occurred in FSM Library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages GSP_C12000 Messages EM-1195 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GSP_C12000 Messages Error Message %OS-GSP_C12000-7-info [chars] Explanation -- Recommended Action ’No action is required.’ GSP_NOTIF Messages Error Message %OS-GSP_NOTIF-3-msg_failed Failure to notify node state when [chars]: [chars] Explanation The internal communication channel is broken. Recommended Action Must restart the process. gsp Messages Error Message %OS-gsp-3-BAD_GRP_DELETE [chars]: sgrp-grp for group [dec] ([chars]) still exists after group is deleted Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-CLIENT_LOCK_ERROR [chars]:[dec] Error in client locking of client id [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages gsp Messages EM-1196 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-gsp-3-CONDVAR_OP_FAILED [chars]:[dec] condvar op [chars] failed [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-ENS_INVALIDATE_HANDLE_FAILED [chars]:[dec] detect application error from mid [dec]:[dec]%d and [dec]:[dec]:[dec]. [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-ENS_MULTIPLE_PUBLISHERS_ERROR [chars]:[dec] ENS detects error in jid [dec], hdl [hex]:[dec], local-producer [dec]:[dec]:[dec], new-producer [dec]:[dec]:[dec]. Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-FILE_OP_FAILED [chars]: File op [chars] failed. : [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-GET_MEM_FAILED [chars]:[dec] gs_get_mem or malloc failed (other [dec]) Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages gsp Messages EM-1197 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-gsp-3-INCORRECT_RSI Inconsistent node-id received, expect:[hex], got [hex]:[dec] for group [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-LTRACE_INIT Ltrace init for file [chars] failed [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-MSG_ENQUEUE_ERROR Process [chars] (pid [dec]) not picking up messages, [dec] msgs dropped. [dec] msgs pending, taking [unsigned int] bytes Explanation -- Recommended Action ’No action is required.’ Error Message %OS-gsp-3-MUTEX_OP_FAILED [chars]: Mutex op [chars] failed on mutex [chars] ([chars]) : [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-node_insert_fail Can’t insert node [hex] to node state map Explanation -- Recommended Action ’No action is required.’ Operating System (OS) Messages gsp Messages EM-1198 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-gsp-3-PTHREAD_OP_FAILED [chars]:[dec] pthread op [chars] failed [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-3-TRACEBACK gsp traceback [chars] Explanation -- Recommended Action ’No action is required.’ Error Message %OS-gsp-3-UPDATE_ADDR Can not add node [hex] to group [chars](gid [dec]), error [dec] Explanation -- Recommended Action ’No action is required.’ Error Message %OS-gsp-3-WRONG_FLOW [chars]: wrong flow zone info Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-6-INFO [chars]. Explanation -- Recommended Action ’No action is required.’ Error Message %OS-gsp-7-DEBUG [chars]. Explanation -- Recommended Action ’No action is required.’ Operating System (OS) Messages gsp Messages EM-1199 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-gsp-7-FUNC_ERROR Function [chars] returned error: [chars] Explanation -- Recommended Action ’No action is required.’ Error Message %OS-gsp-7-MSG_ENQUEUE_WARN Process [chars] (pid [dec]) not picking up messages, [dec] msgs pending, taking [unsigned int] bytes Explanation -- Recommended Action ’No action is required.’ Error Message %OS-gsp-7-MSG_NOTIF_WARN Process [chars] (pid [dec]) not handling message notification [dec] msgs pending head value [hex] retry cnt [dec] Explanation -- Recommended Action ’No action is required.’ Error Message %OS-gsp-7-RCV_OWN_MSG Received own mcast on gid [dec] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-gsp-7-send_mcast_failed [chars] returned error: [chars] for node [hex] state [dec] with seq [dec] Explanation -- Recommended Action ’No action is required.’Operating System (OS) Messages INIT Messages EM-1200 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 INIT Messages Error Message %OS-INIT-2-MBI_BOOT_HOLD_TIMEOUT mbi boot hold was not released after [dec] seconds, resetting node Explanation An application set the MBI boot hold and it was not released within the specified timeout. This could indicate that the node is having problems and will be reset. Recommended Action Collect system log information. No action is required. Error Message %OS-INIT-4-INSTALL_TIMEOUT installation still not done after [dec] seconds, wait continuing Explanation The pakage installation sync did not complete in time. This could indicate that the node is hung and may require a reset. Recommended Action Collect system log information. No action is required. Error Message %OS-INIT-7-INSTALL_READY total time [dec].[dec] seconds Explanation The pakage installation software is now ready. This is not an error. Recommended Action No action is required. Error Message %OS-INIT-7-INSTALL_THRESHOLD_EXCEEDED package install time threshold of [dec] seconds has been exceeded, continuing Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. Error Message %OS-INIT-7-MBI_STARTED total time [dec].[dec] seconds Explanation The MBI processes have all been started. This is not an error. Recommended Action No action is required. Operating System (OS) Messages ISIS_MIB Messages EM-1201 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-INIT-7-MBI_THRESHOLD_EXCEEDED MBI bootup exceeded threshold of [dec] seconds, continuing Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. ISIS_MIB Messages Error Message %OS-ISIS_MIB-3-ERR_ALLOC A general allocation failed Explanation An allocation has failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-ISIS_MIB-3-ERR_BAG_DECODE Failed to decode a trap event bag: [chars] ([hex]) Explanation The agent was unable to decode the bag representing a trap event. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-ISIS_MIB-3-ERR_INIT [chars] : [chars] ([hex]) Explanation Initialization failed Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Enable ’debug snmp isis’, restart the process snmpd and cause the isis mib to be loaded. Error Message %OS-ISIS_MIB-3-ERR_MAKE_VAR_BIND Allocation failed for Var OID [chars] ID [dec] SNMP type [dec] value [hex] Explanation An allocation has failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Operating System (OS) Messages ITAL_SHM Messages EM-1202 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ITAL_SHM Messages Error Message %OS-ITAL_SHM-3-ERR_RESOURCE [chars] failed: [chars] Explanation Some error occurred in operations related to resource allocation. The text of the message displays the failed operation and the related error code. The system will try to re-aquire the resource. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL_SHM-7-ERR_GENERAL [chars] failed: [chars] Explanation Some error occurred in operations related to Shared Memory area. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL_SHM-7-ERR_INIT ITAL initialization failed: [chars] Explanation Initialization of ITAL failed. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL_SHM-7-ERR_INIT_DEBUG ITAL debug init failed: [chars] ([chars]) Explanation Initialization of ITAL failed. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages ITAL Messages EM-1203 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ITAL Messages Error Message %OS-ITAL-2-ERR_INIT ITAL lib not fully initialized: [chars], error code [chars] Explanation ITAL Initialization failed. The message displays the failed operation and the error code Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL-2-ERR_THREAD_LOCK An attempt to lock ITAL dbase failed for [chars] dbase, caller [chars] holder [chars] Explanation An effort to lock database failed. The function which tried to lock as well as the function holding the lock are given in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL-2-ERR_THREAD_UNLOCK An attempt to unlock ITAL dbase failed for [chars] dbase Explanation An effort to unlock database failed. The function which tried to unlock is given in the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL-3-ERR_DEBUG_INIT [chars] : [chars] Explanation Some error occurred in interactions with debug infrastructure. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages ITAL Messages EM-1204 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-ITAL-3-ERR_IF_NOTIF Invalid interface notification ([chars]) received: IfName equals [chars], IfHandle equals [hex] Explanation An invalid interface notification was received from one of the servers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL-3-ERR_MEM_ALLOC Memory allocation ([unsigned int] bytes) failed for [chars] Explanation A memory allocation operation failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-ITAL-5-ERR_UNSUPPORTED [chars] Explanation Some client requires unsupported ITAL functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL-7-ERR_GENERAL [chars]: [chars] Explanation Certain operation failed due to unexpected error. The message displays the reasons. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-ITAL-7-ERR_REG [chars], reason: [chars] Explanation Registration operation with a certain server failed. The message displays the reasons. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages KD_MBUS Messages EM-1205 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-ITAL-7-ERR_RETRY [chars], Retry Count equals [dec] Explanation Retry count exceeded the limit. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. KD_MBUS Messages Error Message %OS-KD_MBUS-3-DEBUG_INIT_FAILED Debug event [chars] init failed ([chars]) Explanation Initialisation of the specified debug event failed, the process is unable to start properly and will exit. The message may contain details about the failure. Recommended Action If the message details are insufficient to locate and correct the problem contact the support organisation. Error Message %OS-KD_MBUS-3-INIT_FAILED [chars] ([chars]) Explanation A failure was returned from the infrastructure software, the process is unable to start properly and will exit. The message may contain details about the failure. Recommended Action If the message details are insufficient to locate and correct the problem contact the support organisation. Error Message %OS-KD_MBUS-3-KDUMPER_FILE_FAILED Unable to upload and/or save file [chars] Explanation The kernel dumper file upload and/or save on local media failed. Recommended Action Check indicated file location and filename. Check configured storage device for kernel dumper files. Change configuration of storage device for kernel dumper files if necessary. Or delete/squeeze device to get necessary space. Check log/trace for errors in operation of the kd_mbus_server process. Operating System (OS) Messages KD_MBUS Messages EM-1206 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-KD_MBUS-3-KDUMPER_TRUNCATED Saved truncated file [chars] ([unsigned int] bytes) Explanation The kernel dumper file saved on local media is truncated. Recommended Action Check indicated file location and filename. Check configured storage device for kernel dumper files. Change configuration of storage device for kernel dumper files if necessary. Or delete/squeeze device to get necessary space. Check log/trace for errors in operation of the kd_mbus_server process. A partial uploaded file may occasionally still provide useful information. Error Message %OS-KD_MBUS-3-OPEN_FAILED Unable to open file [chars] for writing on any available storage media. Explanation The kernel dumper file writing failed on all available storage media. Recommended Action Check indicated file location and filename. Check configured storage device for kernel dumper files. Change configuration of storage device for kernel dumper files if necessary. Or delete/squeeze device to get necessary space. Error Message %OS-KD_MBUS-3-RC_FAILED [chars]: invoking [chars] failed ([chars]) Explanation A non-fatal condition encountered - a function call returned an error code. The message may contain details about the failure. Recommended Action If the message details are insufficient to locate and correct the problem contact the support organisation. Error Message %OS-KD_MBUS-3-READ_FAILED Read from file [chars] (fd [dec]) failed ([chars]) Explanation Reading from the specified file and storage media failed. The message may contain details about the failure. This does not have any other impact on the router functionality. Recommended Action Storage media might be full or corrupted. Check the integrity and the utilization of the storage media. A DDTS might be needed, depending on the outcome of the investigation. Operating System (OS) Messages KD_MBUS Messages EM-1207 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-KD_MBUS-3-REOPEN_FAILED Re-opening file [chars] for reading failed ([chars]) Explanation Re-opening the specified file and storage media failed. The associated KD uploaded file can not be recovered, the KD upload will fail. The message may contain details about the failure. This does not have any other impact on the router functionality. Recommended Action Storage media might be corrupted, damaged or removed while a KD upload in progress was stored on the device. Check the presence, integrity and the utilization of the storage media. A DDTS might be needed, depending on the outcome of the investigation. Error Message %OS-KD_MBUS-3-WRITE_FAILED Write of size [dec] to file [chars] (fd [dec]) failed ([chars]) Explanation Writing to the specified file and storage media failed. The message may contain details about the failure. This does not have any other impact on the router functionality. Recommended Action Storage media might be full or corrupted. Check the integrity and the utilization of the storage media. A DDTS might be needed, depending on the outcome of the investigation. Error Message %OS-KD_MBUS-6-FORCED_EXIT [chars] Explanation Intentional exit to restart clean, to keep things simple. Recommended Action Check the process ltrace and/or decode the included traceback to determine the condition leading to this decision, if desired. Error Message %OS-KD_MBUS-6-KDUMPER_FILE_INFO Successfully wrote [chars] file ([dec] bytes) received from slot [dec]. Explanation The kernel dumper file was successfully saved in the specified location. Recommended Action Check indicated file location and filename Error Message %OS-KD_MBUS-6-KDUMPER_INFO [chars] Explanation The kernel dumper message. Recommended Action No action is needed. Operating System (OS) Messages LGROUP Messages EM-1208 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-KD_MBUS-7-DEBUG_REG_FAILED Debug event [chars] registration failed ([chars]) Explanation Registration of the specified debug event failed, the respective debugging will not be possible. The message may contain details about the failure. This does not have any other impact on the router functionality. Recommended Action If the message details are insufficient to locate and correct the problem contact the support organisation. LGROUP Messages Error Message %OS-LGROUP-3-ERROR [chars]: Operation [chars] failed : [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBDLLMGR Messages Error Message %OS-LIBDLLMGR-4-OVERFLOW_DELETE Process had loaded more than 254 dlls (pid equals [dec]). We exclude dll-text from core file. Explanation An overflow encountered for the process. This is not an error. Recommended Action Collect system log information. No action is required. Error Message %OS-LIBDLLMGR-4-POSSIBLE_MISSING_INFO Given buffer size([dec]) is smaller than required, possible loss of dll-text segment in core file. Explanation Buffer given to the devctl routine is smaller than required. This will cause missing dll-text segment in the core file. Recommended Action Collect system log information. Collect ’show dll’ information from the node which printed this message. No action is required. Operating System (OS) Messages LIBDLLMGR Messages EM-1209 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LIBDLLMGR-4-SYSCALL [chars]: [chars](): [chars] Explanation A system call failed. The calling function, the failed call, and error are displayed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LIBDLLMGR-4-UNEXPECTED_ARRAY_ADDR Unexpected array address: [pointer]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. Error Message %OS-LIBDLLMGR-4-UNEXPECTED_MAGIC Unexpected magic value: [hex] Explanation An unexpected magic number encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. Error Message %OS-LIBDLLMGR-6-OVERFLOW_REPLACE Process had loaded more than 254 dlls (pid equals [dec]), process core file will have larger size than required. Replace dll-text info with [hex]-[hex] Explanation An overflow encountered for the process. This is not an error. Recommended Action Collect system log information. No action is required. Error Message %OS-LIBDLLMGR-7-OVERFLOW Process had loaded more than 254 dlls (pid equals [dec]) Explanation An overflow encountered for the process. This is not an error. Recommended Action Collect system log information. No action is required. Error Message %OS-LIBDLLMGR-7-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required.Operating System (OS) Messages LIBSYSMGR Messages EM-1210 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LIBSYSMGR Messages Error Message %OS-LIBSYSMGR-3-ALREADY_CALLED API [chars] already been called Explanation The specified API has already been called. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LIBSYSMGR-3-INST_ERR [chars]: software upgrade error ([dec], [dec]) Explanation Inconsistent file count between given and in the file list. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LIBSYSMGR-3-INTERNAL [chars]: sysmgr function [chars]() failed: [chars] Explanation The client library has failed a sysmgr function. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LIBSYSMGR-3-INVALID_ARG [chars]: Invalid value [[dec]] for argument [[chars]] passed Explanation An application called the API with invalid value. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LIBSYSMGR-3-NOMEM [chars]: failed to malloc [unsigned int] bytes Explanation The client library has failed to allocate the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LIBSYSMGR Messages EM-1211 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LIBSYSMGR-3-PARSE [chars]: parse error: [chars] Explanation An error was encountered whilst parsing the argument vector for a spawn script operation. Recommended Action No action is required. Error Message %OS-LIBSYSMGR-3-SYSCALL [chars]: [chars]() failed: [chars] Explanation The client library has failed a system call. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LIBSYSMGR-6-INFO [chars]: Node restart requested by pid [dec] Explanation Informational only. Recommended Action No action is required. Error Message %OS-LIBSYSMGR-6-SCRIPT_TIMEOUT Script [chars] exceeded allotted time of [dec] sec and was killed. Explanation Script exceeded allotted time. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LIBSYSMGR-7-ERR Unsupported API [chars] called by process [chars] Explanation The call is not supported during MBI boot. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages LPTS_LIB Messages EM-1212 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LPTS_LIB Messages Error Message %OS-LPTS_LIB-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_LIB-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_LIB-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LPTS_MRT Messages Error Message %OS-LPTS_MRT-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PA_FF_CL Messages EM-1213 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_MRT-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_MRT-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LPTS_PA_FF_CL Messages Error Message %OS-LPTS_PA_FF_CL-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when calling the debug_init_event() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF_CL-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when calling debug_register() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages LPTS_PA_FF Messages EM-1214 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LPTS_PA_FF Messages Error Message %OS-LPTS_PA_FF-3-CLIENT_NOT_FOUND [chars]: The client structure associated with this client was not found Explanation An internal error was detected when trying find the internal client structure for a given operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-EVENT_BLOCK [chars]: failed to block waiting for Event Manager events: [chars] Explanation An internal error was detected when block waiting for Event Manager events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-EVENT_INIT_EVENT [chars]: could not initialize event structure: [chars] Explanation An internal error was detected when initializing a sigevent structure using event_init_event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-EVENT_UPDATE_FAIL Failure in the PA-FF update module: [chars] ([chars]) Explanation An error was detected when initializing the event queue between two infrastructure module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PA_FF Messages EM-1215 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PA_FF-3-EVM_ASYNC_ATTACH [chars]: could not attach handler for Event Manager asynchronous event: [chars] Explanation An internal error was detected when attaching a handler for an Event Manager asynchronous event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-EVM_CREATE [chars]: could not create event manager: [chars] Explanation An internal error was detected when creating Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-GET_NODEID [chars]: Can’t get my own nodeid: [chars] Explanation A call to platform_get_my_nodeid faild. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-INIT [chars]: initialization for PA Flow Forwarder I/O thread failed: [chars] Explanation An internal error was detected when initializing PA Flow Forwarder I/O thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-LRD_FAIL [chars]: error from lrd function [chars]: [chars] Explanation An internal error was detected when using a logical router daemon api Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PA_FF Messages EM-1216 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PA_FF-3-MALLOC [chars]: malloc [dec] bytes failed: [chars] Explanation An attempt to allocate meory failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-MSG_ATTACH_SYNC [chars]: failed to attach handler for Event Manager synchronous event: [chars] Explanation An internal error was detected when attaching a handler for an Event Manager synchronous event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-MSG_CLINFO_GET_DATUM [chars]: msg_clinfo_get_datum failed: [chars] Explanation An internal error was detected when accessing a client info structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-MSG_SEND_EVENT [chars]: msg_send_event failed: [chars] Explanation An internal error was detected when sending an Event Manager synchronous event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PA_FF-3-TIMER_CREATE [chars]: could create the timer: [chars] Explanation An internal error was detected when creating a timer using timer_create. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PIFIB Messages EM-1217 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PA_FF-3-TIMER_SETTIME [chars]: could arm the timer: [chars] Explanation An internal error was detected when arming a timer using timer_settime. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LPTS_PIFIB Messages Error Message %OS-LPTS_PIFIB-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PIFIB-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PIFIB-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages LPTS_PREIFIB Messages EM-1218 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LPTS_PREIFIB Messages Error Message %OS-LPTS_PREIFIB-3-BACKEND_EDM [chars]: EDM backend function [chars] failed: [chars] Explanation An internal EDM backend function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-BAG [chars]: Bag function [chars] failed: [chars] Explanation An internal bag function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-BATCHING [chars]: Error [chars] during batching ’[chars]’ from hardware pre-ifib Explanation Hardware pre-ifib returned an error during a batching operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-BLC_UPDATE [chars]: BLC ’[chars]’ failed for interface handle: [hex] Explanation Bundle (vlan) interface update to local bundle (vlan) database failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PREIFIB Messages EM-1219 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-3-DATAPATH_CMD [chars]: Pre-IFIB datapath control command [chars] failed: [chars] Explanation The given Pre-IFIB datapath control command returns error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-EDM_UNREG [chars]: failed to unregister EDM: [chars] Explanation An internal error was detected when trying to unregister EDM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-ENTRY_UPDATE [chars]: Error [chars] while updating entry with ’[chars]’ [hex] Explanation Error during entry delete or update. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-EVENT_BLOCK [chars]: failed to block waiting for Event Manager events: [chars] Explanation An internal error was detected when block waiting for Event Manager events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-EVENT_CONN_CREATE [chars]: could not create event connection: [chars] Explanation An internal error was detected when trying to create event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PREIFIB Messages EM-1220 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-3-EVENT_CONN_NOTIFY [chars]: could not set notify handler for connection open/close/error: [chars] Explanation An internal error was detected when trying to set notify handler for connection opens, closes and errors. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-EVENT_CONN_OPEN_ALL [chars]: could not open all event connections of this event manager: [chars] Explanation An internal error was detected when trying to open all event connections of one event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-EVM_CREATE [chars]: could not create event manager: [chars] Explanation An internal error was detected when creating Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-EVM_TM_ATTACH [chars]: could not set up a managed timer identifier: [chars] Explanation An internal error was detected when trying to allocate a managed timer identifier and assign to it an event handler. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PREIFIB Messages EM-1221 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-3-EVM_TM_LEAF_NEW [chars]: could not create a managed timer tree leaf: [chars] Explanation An internal error was detected when trying to create a managed timer tree leaf for the event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-HW_RETRY [chars]: Error [chars] during hardware retry to update entry in TCAM Explanation Hardware pre-ifib returned an error during a update retry operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-IIR_QUERY [chars]: Error [chars] during POS bundle member query from IIR for ifhandle [hex] Explanation Hardware pre-ifib returned an error during a batching operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-IM_CAPS_DATAPATH_CONTROL [chars]: the datapath control function for the capsulation failed: [chars] Explanation An internal error was detected when calling datapath control function for the capsulation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PREIFIB Messages EM-1222 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-3-INVALID_ARGS [chars]: Invalid arguments: [chars] Explanation The given argument is invalid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-INVALID_FLOW_TYPE [chars]: Invalid flowtype [dec] Explanation The flow type information is not valid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-IPSEC_FVRF Failure occurred in IPSEC FRVF client API: [chars]. reason: [chars] Explanation An errror detetcetd in one of the IPSEC-FVRF client APIs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-LRD_FAIL [chars]: error from lrd function [chars]: [chars] Explanation An internal error was detected when using a logical router daemon api Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-LTRACE_INIT [chars]: Initialization of lightweight tracing buffer ’[chars]’ failed: [chars] Explanation Lightweight tracing initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PREIFIB Messages EM-1223 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-3-MSG_CHAN_GLOBAL [chars]: failed to publish global directory channel: [chars] Explanation An internal error was detected when publishing a global directory channel. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-NOMEM [chars]: Not enough memory Explanation Memory low condition is detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-PA_FF_OPEN [chars]: failed to connect to the Port Arbitrator as a Flow Forwarder: [chars] Explanation An internal error was detected when trying to connect to the Port Arbitrator as a Flow Forwarder. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-PA_FF_RESET [chars]: Reset of BCDL group in LPTS PA/FF library failed: [chars] Explanation An internal error was detected when trying to reset the BCDL group for the LPTS Port Arbitrator/Flow Forwarder. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-PA_UPDATE [chars]: Error [chars] during ’[chars]’ from PA Explanation Update from PA failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PREIFIB Messages EM-1224 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-3-PARSE_INFLOW_CONFIG [chars]: could not read input flow config file: [chars] Explanation An internal error was detected when trying to parse the input flow configuration file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-PFI_IFH_BIND [chars]: Failed to connect to PFI Interface Handle Server: [chars] Explanation Failed to connect to PFI Interface Handle Server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-PIFIBM_INIT [chars]: failed to initialize Pre-IFIB Mgr: [chars] Explanation An internal error was detected when trying to initialize the Pre-IFIB Mgr. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-REASS_LIST [chars]: Corrupted reassembly server list received: num_nodes [dec] Explanation The list of reassembly servers is incorrect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-SYSDB [chars]: Sysdb function [chars] failed: [chars] Explanation An internal sysdb function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS_PREIFIB Messages EM-1225 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-3-SYSMGR_PROC_READY [chars]: failed to notify sysmgr that we are ready: [chars] Explanation An internal error was detected when trying to notify sysmgr that we are ready. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-3-VRF_UPDATE [chars]: VRF ’[chars]’ failed for VRF id: [hex] Explanation VRF update to attached VRFs database on LC failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-6-NETIO_DOWN Pre-IFIB can’t establish connection to NetIO in [dec]:[dec] Explanation Pre-IFIB process can’t establish connection to NetIO. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-6-NETIO_UP Pre-IFIB establish connection to NetIO after [dec]:[dec] Explanation Pre-IFIB process established connection to NetIO. Recommended Action No action is required. Error Message %OS-LPTS_PREIFIB-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1226 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS_PREIFIB-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS_PREIFIB-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LPTS Messages Error Message %OS-LPTS-3-ERR_BAD_LISTENER_TAG bad listner tag detected on the packet, dropping packet Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_BAG_ENCODE [chars]: SysDB Bag encoding failed: [chars] Explanation An internal error was detected when trying to encode a SysDB Bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1227 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_BAG_REG [chars]: SysDB Bag registration failed: [chars] Explanation An internal error was detected when trying to register a SysDB Bag definition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_DATAPATH_INPUT_LEN datapath control input buffer len error: length equals ([dec]) Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_DEBUG_REG [chars]: debug register failed: [chars] Explanation An internal error was detected when trying to register for changes to debug tuples. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_ECM_CREATE [chars]: couldn’t create event connection manager: [chars] Explanation An internal error was detected when trying to create event connection manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_ECM_OPEN [chars]: couldn’t open event connection: [chars] Explanation An internal error was detected when trying to open event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1228 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_EDM_DATALIST_ADD [chars]: adding datalist as a SysDB EDM failed: [chars] Explanation An internal error was detected when trying to add an item to SysDB data list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_EDM_DATALIST_CREATE [chars]: adding datalist as a SysDB EDM failed: [chars] Explanation An internal error was detected when trying to create a SysDB data list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_EDM_REG [chars]: registering as a SysDB EDM failed: [chars] Explanation An internal error was detected when trying to register as a SysDB EDM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_EVM_CREATE [chars]: couldn’t create event manager: [chars] Explanation An internal error was detected when trying to create event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_FINT_MEDIA_REG Couldn’t set control mapping for lpts media on fint Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1229 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_HSSD [chars]: [chars] failed Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_HSSD_GET_DATA [chars]: retrieving data from HSSD failed: [chars] Explanation An internal error was detected when trying to read data from the packet HSSD area. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_IFIB [chars]: [chars] failed Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_IFIB_RES_ALLOC Couldn’t allocate platform-specific IFIB result structure: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_IFIB_RES_SET failed to set platform-specific IFIB result fields: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1230 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_IFIB_SET_KEY [chars]: lpts_netio_ifib_set_key() failed Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_INFO_GENERAL [chars]: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_INVALID_ARGS [chars]: invalid args Explanation Detected invalid arguments. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_MALLOC [chars]: malloc failure Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_NETIO_DEBUG_INIT lpts netio debugging failed to initialize Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1231 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_NETWORK_START_FAIL Unable to get packet network start. Dropping packet Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_NULL_FINT_IDB NULL fint idb.. dropping packet Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_NULL_TRANSPORT_CALLBACK [chars]: Null transport callback Explanation Detected a NULL transport callback function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PA_CLOSE [chars]: couldn’t close the client connection with PA: [chars] Explanation An internal error was detected when trying to close the client connection with PA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PA_CONN [chars]: couldn’t establish connection with PA: [chars] Explanation An internal error was detected when trying to connection to PA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1232 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_PAK_DUP couldn’t duplicate packet (deliver failed), error equals [dec] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PAK_NETIO_MUTEX_LOCK [chars]: pak_netio_mutex_lock() failed: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PAK_NETIO_MUTEX_UNLOCK [chars]: pak_netio_mutex_unlock() failed: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PAK_NETIO_RETURN_BUFFER [chars]: pak_netio_return_buffer() failed: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PAK_NETIO_UINT8_GET [chars]: pak_netio_uint8_get() failed: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LPTS Messages EM-1233 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_PLATFORM_GET_MY_NODEID [chars]: couldn’t get my node ID: [chars] Explanation An internal error was detected when trying to get the node ID for the node on which the caller is running. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PREPARE_EGRESS_BUFFHDR [chars]: failed to process egress buffer header of packet [hex]: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PROCESS_INGRESS_BUFFHDR [chars]: failed to process ingress buffer header of packet [hex]: [chars] Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_PUNT_FAIL punt to [chars] failed, dropping packet: [chars] Explanation One of the possible cause for this message could be denial-of-service attack. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-ERR_SYSDB_CONN_TO_COID [chars]: converting SysDB connection ID to file descriptor failed: [chars] Explanation An internal error was detected when trying to convert a SysDB connection ID to a file descriptor. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LTRACE_SDT_SHOW Messages EM-1234 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LPTS-3-ERR_SYSDB_NS_NODE_TO_STR [chars]: converting node ID to SysDB string failed: [chars] Explanation An internal error was detected when trying to convert a node ID to a string format that SysDB expects. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-3-LTRACE_INIT_FAIL The ltrace init for shmem file [chars] returned error ([chars]) Explanation An internal error is encountered during ltrace initialization. The fallout of this could be the respective show command to view traces for the transport will not yield any result. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LPTS-6-INFO_INTERNAL_TABLE LPTS tables changed in middle of walk. Show command incomplete. Explanation During processing of a show command, the internal LPTS data structures changed in such a way as to make completion of the show command impossible. Recommended Action Retry the command. LTRACE_SDT_SHOW Messages Error Message %OS-LTRACE_SDT_SHOW-4-EXTEND_FAIL Extending the trace string data to [dec] traces ran out of memory Explanation The show decode helper library attempted to extend its database of decode trace string data and was unable to do so. Any trace using this string may not be printable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LTRACE_SDT_SHOW Messages EM-1235 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LTRACE_SDT_SHOW-4-GROUP_CALLOC Unable to get space for group header data Explanation The show decode helper library isolates string trace data into group keyed by trace name and nodeid. The library was unable to obtain memory for one of this group items. Because of this, the library will not be able to print out data from the given trace name/node grouping. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LTRACE_SDT_SHOW-4-NODE_PRINT Unable to decode nodeid because [chars] Explanation The show helper was unable to decode a text name for the node id a given trace block containing string data came from. As a result of this, the given trace will not be printable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LTRACE_SDT_SHOW-4-STR_CALLOC Unable to get string data for trace [dec] of length [dec] Explanation The show decode helper library breaks up string data for mesasages into single trace buffers and reassembles them. There was not enough memory to create the string space to hold the data. Any trace using this string may not be printable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LTRACE_SDT_SHOW-4-STR_SEQ Sequence of string data on trace [dec] was [dec] instead of the expected [dec] Explanation The show decode helper library breaks up string data for mesasages into single trace buffers and reassembles them. While putting the trace data back together, the sequence received was not the expected next sequence. Any trace using this string may not be printable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LTRACE_SDT Messages EM-1236 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LTRACE_SDT_SHOW-4-TRACE_FIND The message decode locate for ’[chars]’ failed because:[chars] Explanation The show decode helper library isolates string and trace data to a given trace name and node. The attempt to find this in the lookup tree failed for the above reason. Any trace using this string may not be printable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-LTRACE_SDT_SHOW-4-TRACE_INSERT The message decode insert for ’[chars]’ failed because:[chars] Explanation The show decode helper library isolates string and trace data to a given trace name and node. The attempt to insert this into the lookup tree failed for the above reason. Any trace using this string may not be printable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LTRACE_SDT Messages Error Message %OS-LTRACE_SDT-4-BTREE_FIND [chars]: The message storage optimization failed in btree lookup for ’[chars]’:[chars] Explanation The internal message storage space optimizer failed to lookup the string being stored. This is not a critical, since the string will still be stored, however it does possibly indicate a lower level memory corruption or other problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages LTRACE_SYNC Messages EM-1237 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LTRACE_SDT-4-BTREE_INSERT [chars]: The message storage optimization failed in btree insert for ’[chars]’:[chars] Explanation The internal message storage space optimizer failed to insert the string being stored. This is not a critical, since the string will still be stored, however it does possibly indicate a lower level memory corruption or other problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LTRACE_SYNC Messages Error Message %OS-LTRACE_SYNC-3-EXTERNAL_API_ERROR [chars] failed: [chars] Explanation Common external API returned an error Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-3-FILE_BAD_MAGIC file [chars] has bad magic number [hex], should be [hex] Explanation The file has wrong magic number. Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-3-MEMORY_UNMAP_ERROR memory unmapping for [chars] failed. size:[dec]. Error([dec]): [chars] Explanation Memory unmapping for the file failed. Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-3-PTHREAD_API_ERROR [chars] failed. Error([dec]): [chars] Explanation Pthread API returned an error Recommended Action Contact support. Operating System (OS) Messages LTRACE_SYNC Messages EM-1238 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LTRACE_SYNC-3-RWLOCK_ERROR [chars] for [chars] failed. Error([dec]): [chars] Explanation Read-write lock failed. Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-4-FILE_SIZE_CHANGE The size of file [chars] couldn’t be changed to [dec]. Error([dec]): [chars] Explanation The operation to change the file size failed. Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-4-LTRACE_INIT_ERROR ltrace initialization failed. Error([dec]): [chars] Explanation ltrace initialization for ltrace synchronization server failed. Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-4-MEMORY_MAP_ERROR memory mapping for [chars] failed. size:[dec] protection:[hex] flags:[hex] fd:0x[dec] off:[dec] Error([dec]): [chars] Explanation Memory mapping for the file failed. Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-4-SHMEM_ERROR ltrace shmem [chars] failed for [chars]. flags:[hex] mode:%o Error([dec]): [chars] Explanation Shared memory operation failed. Recommended Action Contact support. Error Message %OS-LTRACE_SYNC-6-FILE_TOO_SHORT file [chars] is too short. size:[dec] version:[dec] Explanation The file is read when it’s being written, or version mismatch between the file and the reader. Recommended Action Informational only. Indicates upgraded software accessed older version file before it’s updated. Operating System (OS) Messages LTRACE Messages EM-1239 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LTRACE_SYNC-6-FILE_WRONG_VERSION file [chars] has wrong version [dec], should be [dec] Explanation The file has wrong version. Recommended Action Informational only. LTRACE Messages Error Message %OS-LTRACE-3-ERROR [chars] failed: [chars] Explanation Required functionality failed or returned an error Recommended Action Contact support. Error Message %OS-LTRACE-7-BADMAGIC magic number corrupted, filename:[chars], pid:[dec] tid:[dec] Explanation Internal debugging message. For subsequent analysis of magic number corruption, snapshot of running process core dump has been taken. Recommended Action Informational only. Indicates magic number corrupted and has been recovered. Error Message %OS-LTRACE-7-DEBUG [chars] [chars] [chars] Explanation Internal debugging message. Recommended Action Informational only. Error Message %OS-LTRACE-7-STRING_SCALE scaling down string buffer [chars] (len:[dec]) by [dec] Explanation Internal debugging message. Recommended Action Informational only. Indicates card has less system memory Error Message %OS-LTRACE-7-WRAP_SCALE scaling down wrap buffer [chars] (len:[dec]) by [dec] Explanation Internal debugging message. Recommended Action Informational only. Indicates card has less system memoryOperating System (OS) Messages LWMESS Messages EM-1240 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LWMESS Messages Error Message %OS-LWMESS-7-CORRUPT_CLI [chars]: Corrupted channel list for [chars]. Memory lost, chan equals [pointer], infop equals [pointer], connectp equals [pointer] magic equals [hex] guard equals [hex] Explanation A corrupt memory area was discovered in an internal data structure Recommended Action This is an internal error and should be reported to TAC. Take a memory dump and try re-starting the offending application. Error Message %OS-LWMESS-7-CORRUPT_CLI_SKIP [chars]: Corrupted channel list for [chars]. Iteration Skipped, chan equals [pointer], infop equals [pointer], connectp equals [pointer] magic equals [hex] guard equals [hex] Explanation A corrupt memory area was discovered in an internal data structure. A function that was searching the open connection list was not able to process all open connections. Recommended Action This is an internal error and should be reported to TAC. Take a memory dump and try re-starting the offending application. Error Message %OS-LWMESS-7-INVALID_MSG_ERROR_CODE Invalid msg_error errcode: [dec] Explanation The msg_error error codes are limited to errno values. Any error values with high bits set (such as -1) are invalid. Recommended Action Report this message to TAC. Error Message %OS-LWMESS-7-LOCK_CONN [chars]: Could not lock conn_list for [chars]: [chars] Explanation The mutex for the channel connection list could not be held Recommended Action This is an internal error and should be reported to TAC. Try re-starting the offending application. If that does not work, a memory dump should be taken (to assist TAC) and the router should be rebooted. Operating System (OS) Messages MEMLOG Messages EM-1241 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-LWMESS-7-UNLOCK_CONN [chars]: Could not unlock conn_list for [chars]: [chars] Explanation The mutex for the channel connection list could not be released Recommended Action This is an internal error and should be reported to TAC. Try re-starting the offending application. If that does not work, a memory dump should be taken (to assist TAC) and the router should be rebooted. MEMLOG Messages Error Message %OS-MEMLOG-3-ERRCHECK Invalid error check value: [hex] Explanation An unexpected value was found in the error check. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-MEMLOG-3-FREE A NULL pointer was passed to free Explanation An attempt was made to free a null pointer Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-MEMLOG-3-HEADER Invalid [chars] value in header: [hex] Explanation An unexpected value was found in the header. This might indicate a buffer overflow Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-MEMLOG-3-MALLOC Memory allocation failed Explanation A call to malloc failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages MEMPOOL_EDM Messages EM-1242 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-MEMLOG-3-MEMALIGN Attempt to use unsupported function: memalign() Explanation This function is not supported. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-MEMLOG-3-SIGERR Received unknown signal value [unsigned int] Explanation An unexpected signal value was received. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-MEMLOG-3-TOOBIG Attempt to allocate more than 16MB using [chars]() Explanation A process attempted to malloc more than the maximum size of 16MB Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MEMPOOL_EDM Messages Error Message %OS-MEMPOOL_EDM-1-EVENT_BLOCK_ERROR event_block error -- [chars] Explanation Error during event block Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-MEMPOOL_EDM-1-SYSDB_REGISTRATION_FAILURE Sysdb registration for [chars] failed. Error: [chars] Explanation Sysdb registration failure Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Operating System (OS) Messages MGII_API Messages EM-1243 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-MEMPOOL_EDM-3-EVENT_MGR_CREATE_FAILED Can’t create event manager. [chars] Explanation Failed to create event manager for the process Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-MEMPOOL_EDM-3-MALLOC_FAILED Malloc failed Explanation Memory running low Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-MEMPOOL_EDM-3-SYSDB_BIND_FAILURE Unable to bind to [chars]. Error: [chars] Explanation Could not connect to sysdb Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ MGII_API Messages Error Message %OS-MGII_API-3-INFRA_FAIL [chars] failed: [chars] Explanation An error occurred while processing an infrastructure service request. This should happen mostly due to resource exhaustion. Recommended Action Do the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages MPLS_VPN_MIB Messages EM-1244 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MPLS_VPN_MIB Messages Error Message %OS-MPLS_VPN_MIB-3-ERR_DLL_LOAD Cannot load DLL: [chars] Explanation Cannot load DLL error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-MPLS_VPN_MIB-3-ERR_DLL_SYMBOL_ERROR Cannot find symbol [chars] in DLL [chars] Explanation Cannot find DLL symbol error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-MPLS_VPN_MIB-3-ERR_INIT [chars] : [chars] Explanation Initialization failed Recommended Action Enable ’debug mpls vpn init’ and restart the process mpls_vpn_mib. NCD Messages Error Message %OS-NCD-3-INIT_ERR [chars]%s Explanation An software error occurred during the initialization of the NCD process. Recommended Action NCD will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages NQC Messages EM-1245 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-NCD-3-PAK_CSUM_ERR Checksum failed on received packet; Pak:0x[pointer] Length:[dec] Offset:[dec] Computed Checksum:[unsigned int] Explanation A checksum error was detected for a packet by NCD. Recommended Action The clients of NCD will attempt to recover from this situation by retransmitting the packets. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. NQC Messages Error Message %OS-NQC-3-PAK_CSUM_ERR Checksum failed on received packet; Pak:0x[pointer] Length:[dec] Offset:[dec] Computed Checksum:[unsigned int] Explanation A checksum error was detected for a packet by NCD. Recommended Action The clients of NCD will attempt to recover from this situation by retransmitting the packets. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. NRS_LIB Messages Error Message %OS-NRS_LIB-7-ERROR [chars]: info [hex]([chars]) error: [hex]([chars]) Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-NRS_LIB-7-REG_ERROR [chars]-E-[chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Operating System (OS) Messages nrs Messages EM-1246 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 nrs Messages Error Message %OS-nrs-2-USAGE Incorrect arguments: Usage: [chars] [svr_threads] Explanation Incorrect command line parameters were passed to the nrs server, and so it failed to start. Recommended Action Check the startup arguments passed to nrs server. A default configuration will be used if no parameters are passed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_ATTR_CREATE checkpoint create failed for attr [dec], handle [hex], err [hex] Explanation chkpt_create api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_ATTR_SAVE checkpoint save failed for attr [hex], handle [hex], err [hex] Explanation chkpt_save api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_CREATE checkpoint create failed for [chars], handle [hex], name [chars], err [hex] Explanation chkpt_create api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages nrs Messages EM-1247 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-nrs-3-CHKPT_DEBUG saved class [chars], handle [hex] to checkpoint table Explanation chkpt_iterate_* api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_DELETE_BYKEY checkpoint delete failed for table [chars], handle [hex], err [hex] Explanation chkpt_delete_bykey api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_ITERATE chkpt_iterate_[chars] failed for table [hex], err [hex] Explanation chkpt_iterate_* api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_ITERATE_NEXT chkpt_iterate_next failed for table [hex], after [dec] iterations, err [hex] Explanation chkpt_iterate_* api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_REGISTER checkpoint register failed for table [dec], err [hex], [chars] Explanation chkpt_register api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages nrs Messages EM-1248 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-nrs-3-CHKPT_RESTORE_ATTR Failed to restore attr, attr [hex], handle [hex] from checkpoint table, err [hex], [chars] Explanation nrs_chm_chkpt_create_attr api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_RESTORE_CLASS Failed to restore class [chars], handle [hex] from checkpoint table, err [hex], [chars] Explanation nrs_chm_chkpt_create_class api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_RESTORE_DATA Failed to restore data [chars], handle [hex] from checkpoint table, err [hex], [chars] Explanation nrs_chm_chkpt_create_data api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_RESTORE_DEBUG restoring from chkpt class [chars], handle [hex], index [hex] to checkpoint table Explanation chkpt_iterate_* api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_RESTORE_DEBUG_SUCCESS restored from chkpt class [chars], handle [hex], index [hex] to checkpoint table Explanation chkpt_iterate_* api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages nrs Messages EM-1249 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-nrs-3-CHKPT_RESTORE_SET Failed to restore set, exp [chars], handle [hex] from checkpoint table, err [hex], [chars] Explanation nrs_chm_chkpt_create_set api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_SAVE checkpoint save failed for [chars], handle [hex], name [chars], err [hex] Explanation chkpt_save api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-CHKPT_UNREGISTER checkpoint unregister failed for table [chars], class [chars], err [hex] Explanation chkpt_unregister api failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-ENS_PUBLISH ens_publish call failed [chars] Explanation ens_publish call has failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-ENS_WRITE ens_write call failed [chars] Explanation ens_write call has failed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages nrs Messages EM-1250 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-nrs-3-INIT NRS Server restarting due to error [hex] in intialisation Explanation An NRS Server hit an error from which it could not recover during initialisation and is restarting to continue normal operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-INTERNAL [chars]: rc [hex], [chars] Explanation The server has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-LOCKING Failed to [chars] [chars]. Error [dec] Explanation The server has either failed to aquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-MEMORY Failed to malloc [unsigned int] bytes Explanation The server has failed to acquire the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-NULLARG A NULL pointer was passed as a fn parameter Explanation A NULL pointer was passed as a fn parameter Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages nrs Messages EM-1251 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-nrs-3-REGCOMP regcomp failed - error [hex], regex [chars] Explanation The server has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-REGISTER_EXTERNAL_PUBLISH_DIFF_ID trying to create or get data [chars] handle [hex] of class [chars] with previous id [hex] and new id [hex] Explanation try to register a data with diff id Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-REPLY Failed to send reply to client pid [unsigned int] tid [unsigned int]: rc [hex] Explanation The server failed to reply to a client request. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-3-SHUTDOWN NRS Server restarting due to error during operation. Error [hex], [chars] Explanation An NRS Server hit an error from which it could not recover and is restarting to continue normal operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages NRSUTILS Messages EM-1252 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-nrs-7-EDM_INTERNAL [chars]: rc [hex], [chars] Explanation The server’s EDM has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-nrs-7-LTRACE_INIT Ltrace init for file [chars] failed [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ NRSUTILS Messages Error Message %OS-NRSUTILS-3-INTERNAL [chars]: rc [hex] Explanation The client library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-NRSUTILS-3-MEMORY Failed to malloc [unsigned int] bytes Explanation The nrs common library has failed to aquire the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_CLI Messages EM-1253 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-NRSUTILS-3-NULLARG A NULL pointer was passed as a fn parameter Explanation A NULL pointer was passed as a fn parameter Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OBFLINFRA_CLI Messages Error Message %OS-OBFLINFRA_CLI-3-NO_MEMORY Failed in allocating memory with size:[dec] Explanation Not enough memory available in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLI-7-FAIL_TO_GET_SDD Fail to get sdd information, file size: [dec] Explanation Fail to get sdd information Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLI-7-FILE_GARBAGE Garbage [dec] bytes at the end Explanation File has garbage bytes at the end. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLI-7-invalid_historical_file_format Invalid historical file format. [chars]. field id: [dec]. Abort printing file contents. Explanation Invalid historical file format. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_CLI Messages EM-1254 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_CLI-7-INVALID_RECORD_TYPE Invalid record type, type: [dec] Explanation Invalid record type Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLI-7-JID_GET_ERROR process’s JobID can not be obtained Explanation process’s JobID can not be obtained Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLI-7-STRING_LENGTH_TOO_LONG The string([chars]) is longer than buffer length([dec]). Explanation The string length is too long. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLI-7-SYMBOL_NOT_FOUND process(JobID:[dec]) notified symbol:[chars] but it is not found in dll:[chars]. Error:[chars] Explanation A symbol notified from a process is not found Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLI-7-UNABLE_TO_GET_NODENAME Unable to get the nodename of this card, file name: [chars] Explanation Unable to get the nodename of this card Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages OBFLINFRA_CLIENT Messages EM-1255 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OBFLINFRA_CLIENT Messages Error Message %OS-OBFLINFRA_CLIENT-7-APPLICATION_ERROR Failed to execute application function([chars]: [chars]), client_id:[dec], descriptor:[dec], error([dec]): [chars] Explanation Failed to execute some application functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLIENT-7-APPLICATION_REGIST_ERROR Failed to execute application registration function([chars]), nodeid:[hex], error([dec]): [chars] Explanation Failed to execute application registration function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLIENT-7-ID_INVALID Invalid client_id [dec] is returned for feature:[chars] target_node:[hex]. Explanation Invalid client_id is created. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLIENT-7-JID_GET_ERROR process’s JobID can not be obtained Explanation process’s JobID can not be obtained Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_CLIENT Messages EM-1256 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_CLIENT-7-NO_MEMORY Failed in allocating memory with size:[dec] Explanation Not enough memory available in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLIENT-7-NODEID_FAILURE Failed to get nodeid for [chars]. Error([dec]): [chars] Explanation Failed to get nodeid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLIENT-7-NUM_OF_SENSORS_OVERFLOW Cannot set more sensor ID than number of sensors([dec]). Explanation Cannot set more sensor ID than number of sensors. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLIENT-7-SENSOR_NOT_FOUND Sensor([dec]) is not found Explanation No sensor found Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_CLIENT-7-TOO_LONG_FEATURE_NAME feature [chars] is too long name Explanation Too long feature name is specified Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages OBFLINFRA_DRIVER Messages EM-1257 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OBFLINFRA_DRIVER Messages Error Message %OS-OBFLINFRA_DRIVER-3-JID_GET_ERROR process’s JobID can not be obtained Explanation process’s JobID can not be obtained Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_DRIVER-7-NODEID_FAILURE [chars] of nodeid for [chars] failed. Error([dec]): [chars] Explanation An error happened for a nodeid operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_DRIVER-7-TOO_LONG_DEVICE_NAME device [chars] is too long name Explanation Too long device name is specified Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OBFLINFRA_INT Messages Error Message %OS-OBFLINFRA_INT-3-EVM_ERROR [chars], Error([dec]): [chars] Explanation Failed in some event management functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_INT Messages EM-1258 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_INT-3-INVALID_RECORD_MAGIC_NUM Invalid record magic number: [hex]. [hex] is expected. Abort reading the file contents. Explanation Invalid magic number Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-MSG_ERROR Received a bad message, [chars] Explanation The message received by the server had inconsistent values. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-NO_MEMORY Failed to allocate memory with size:[dec] at [chars]:[dec] Explanation Not enough memory available in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-NO_PLATFORM_DATA_FILE platform data file:[chars] doesn’t exist Explanation The platform data file doesn’t exist. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-NO_SERVER_FOUND no destination OBFL manager found Explanation Destination OBFL manager path is not found. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_INT Messages EM-1259 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_INT-3-NODEID_FAILURE [chars] of nodeid for [chars] failed. Error([dec]): [chars] Explanation An error happened for a nodeid operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-NODEID_GET_FAILURE nodeid for [chars] can not be obtained Explanation Self nodeid can not be obtained. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-PLATFORM_DATA_FILE_ERROR platform data file:[chars] scan failed. Error([dec]): [chars] Explanation An error happened while reading the platform data file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-PTHREAD_ERROR [chars] failed. Error([dec]): [chars] : [chars]:[dec] Explanation Failed in a pthread function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-RECORD_TOO_SHORT Too short record size:[dec] for [chars] record. The file contents might be corrupted. Explanation A feature record is too short. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_INT Messages EM-1260 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_INT-3-RECORD_TYPE_MISMATCH Type mismatch for [chars] record. Record_type:[dec] My_type:[dec]. Explanation A feature record has different type with current software. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-RECORD_VERSION_MISMATCH Version mismatch for [chars] record. Record_version:[dec] My_version:[dec]. Explanation A feature record has different version format with current software. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-3-SYSCALL [chars]: [chars]() failed: [chars] Explanation The client library has failed a system call. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-4-JID_GET_ERROR process’s JobID can not be obtained Explanation process’s JobID can not be obtained Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-4-MSG_RESEND_ERROR [chars] [chars]. Error([dec]): [chars] Explanation Failed in re-sending a message after onboard logging server process resart. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_INT Messages EM-1261 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_INT-4-UNSUPPORTED_API Unsupported API [chars] called by process [chars] Explanation The call is not supported by OBFL infra. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-5-MSG_CKSUM_DATA_ERROR Received a corrupted message data with cksum:[hex] Calculated cksum:[hex] length:[dec] type:[dec] Explanation The message received by an application had a wrong cksum value. The message data could be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-5-MSG_CKSUM_HDR_ERROR Received a corrupted message header with cksum:[hex] Calculated cksum:[hex] length(corrupted?):[dec] type(corrupted?):[dec] Explanation The message received by an application had a wrong cksum value. The message data could be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-5-MSG_REPLY_ERROR Received message has wrong reply data:0x[pointer] data_len:[dec] actual_data_len:[dec] Explanation The message received by an application had a wrong reply data. The message data could be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_INT Messages EM-1262 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_INT-6-EXIT process terminated with code:[dec] at [chars]:[dec] Explanation An OBFL process exit. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-7-BUFFER_GARBAGE Garbage [dec] bytes at the end of a buffer for [chars] Explanation A buffer has garbage bytes at the end. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-7-DEBUG_CONNECT [chars]:[dec] server:[chars] Explanation debug print before msg_chan_connect Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-7-DEBUG_QSM [chars]:[dec] server:[chars] Explanation debug print before qsm_stat Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-7-DEBUG_SENDV [chars]:[dec] conn:[pointer] target_node:[pointer] Explanation debug print before msg_sendv Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLINFRA_INT Messages EM-1263 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLINFRA_INT-7-FILE_ERROR [chars] [chars]. Error([dec]): [chars] Explanation An error happened in a file operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-7-RECORD_TOO_LONG Too long record size:[dec] for [chars] record. The file contents might be corrupted. Explanation A feature record is too long. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-7-SLOT_DECODE_FAILURE decoding of rack:[hex] and slot:[hex] for [chars] failed. Error([dec]): [chars] Explanation An error happened for a nodeid decoding. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLINFRA_INT-7-TOO_LONG_NAME [chars] [chars] is too long name Explanation Too long name is specified Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages OBFLMGR Messages EM-1264 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OBFLMGR Messages Error Message %OS-OBFLMGR-3-CHECKSUM_ERROR checksum for [chars] is wrong. Original:[hex] Calculated:[hex] offset:[dec]. The contents of [chars] could be corrupted. Explanation A checksum of a record is wrong. The file could be corrupted. The file should be saved to other place for later debugging, and then it should be removed to recover current situation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-ENV_STATIC_DATA_ERROR Failed to [chars] env static data record. Error([dec]): [chars] Explanation An environment record data processing error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-EVENT_CONN_CREATION_ERROR Failed to create event connection. Error: [chars] Explanation Failed to create event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-EVENT_CONN_NOTIFY_ERROR Failed to attach a handler for an event connection. Error: [chars] Explanation Failed to attach a handler for an event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1265 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-3-EVENT_CONN_OPEN_ERROR Failed to open an event connection. Error: [chars] Explanation Failed to open an event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-EVM_ERROR [chars], Error([dec]): [chars] Explanation Failed in some event management functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-FILE_SIZE_GET_FAILURE file size for [chars] can not be obtained from platform DB Explanation An OBFL file size can not be obtained from platform DB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-FILELIMIT_TOO_SMALL A file’s max limit is too small for [chars], or internal parameters might be corrupted. cur_data_size:[dec] file_size_limit:[dec]. Explanation A file’s max limit is too small, or internal parameter might be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-HISTGROUP_TOO_LARGE Too large historical group for [chars], or internal parameters might be corrupted. cur_data_size:[dec] writing_group_size:[dec] file_size_limit:[dec]. Explanation A historical group is too large, or internal parameter might be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1266 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-3-LWM_ERROR [chars], Error([dec]): [chars] Explanation Failed to execute some LWM library functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-MSG_VER_MISMATCH Msg:[chars] version:[dec] mismatch from jid:[dec]. Correct version:[dec]. Explanation A msg from an application has different version format with current software. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-MUTEX_RESET_ERROR Mutex reset error. Exit and restart the process Explanation Failed to reset a corrupted mutex. Restart the process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-NO_FINAL_CLEAR_RECORD A file [chars] doesn’t have its final clear record after compressed records, or internal parameters might be corrupted. cur_data_size:[dec] file_size_limit:[dec]. Explanation A file don’t have its final clear record which is necessary for coalescing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-RECORD_LENGTH_UNMATCH A record length:[dec] and the LWM msg_length:[dec] doesn’t match for [chars] feature Explanation The message received by an application had inconsistent record length. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1267 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-3-RECORD_TOO_SHORT Too short record size:[dec] for [chars] record at offset:[dec]. The file contents might be corrupted. Explanation A feature record is too short. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-RECORD_VERSION_MISMATCH Version mismatch for [chars] record at offset:[dec]. Record_version:[dec] My_version:[dec]. Explanation A feature record has different version format with current software. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-REDUNDANCY_INIT_ERROR [chars], Error([dec]): [chars] Explanation Failed to init redundancy state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-SM_CALLBACK_ERROR [chars] [chars] failed. Error([dec]): [chars] Explanation Failure in self management callback routine. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-SYMBOL_NOT_FOUND process(JobID:[dec]) notified symbol:[chars] for owner:[chars], but it is not found. Error:[chars] Explanation A dll notified from a client is not found Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1268 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-3-SYSDB_BIND_ERROR Sysdb bind failed for [chars] [chars]. Error([dec]): [chars] Explanation Sysdb bind error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-SYSDB_EDM_INIT_ERROR Falied edm initialization. Error: [chars] Explanation Falied edm initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-SYSDB_REG_EDM_ERROR sysdb registration edm error. Error: [chars] Explanation Registration fail for sysdb edm. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-SYSDB_REG_NOTIFY_ERROR sysdb registration (notification) error, [chars] [chars], [chars] Explanation Registration fail for sysdb notification Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-3-SYSDB_REG_VERIFY_ERROR sysdb registration (verification) error, [chars] [chars], [chars] Explanation Registration fail for sysdb verification Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1269 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-3-UNLOAD_DLL_FAILED previous DLL:[chars] notified from process(JobID:[dec]) for FEATURE:[chars] can not be unloaded. Error:[chars] Explanation An old DLL can not be unloaded Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-CLI_MSG_ERROR Received a bad message with value:[dec]: [chars] Explanation The message received by the server had inconsistent values. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-CLIENTID_ERROR client_id:[dec] specified from process(JobID:[dec]) caused an error:[chars] Explanation Specified client ID caused an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-DEVCTL_ERROR Failed to get ReloadReason. Return:[dec], result:[dec]. Explanation devctl error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-DEVICE_CREATED_AND_DISABLED device:[chars] on node:[chars] is disabled by user configuration Explanation A device is disabled for logging onboard by user configuration. Recommended Action No action is required. Operating System (OS) Messages OBFLMGR Messages EM-1270 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-4-DEVICE_DEACTIVATED device:[chars](nodeid:[hex]) is deactivated for onboard logging due to [dec] times write error to file:[chars]. The last Error([dec]): [chars] Explanation The device on the node is deactivated for onboard logging. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-DEVICE_DISABLED device:[chars] on node:[chars] is disabled by user configuration Explanation A device is disabled for logging onboard by user configuration. Recommended Action No action is required. Error Message %OS-OBFLMGR-4-FEATURE_DEACTIVATED feature:[chars] on device:[chars](nodeid:[hex]) failed to get platform information from [chars], and is deactivated Explanation A feature is deactivated because it couldn’t get platform information from a new platform library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-FILE_ERROR file:[chars](fp:[pointer], fd:[dec]) [chars] failing. [dec] retry so far. Error([dec]): [chars] Explanation Failed to open/close an OBFL file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-FILE_OPEN_ERROR [chars] can not be opened. Error([dec]): [chars] Explanation File open failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1271 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-4-FILE_WRITE_ERROR Tried to write [dec] bytes to file: [chars](total size [dec]). Error([dec]): [chars] Explanation File write failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-QUEUE_CLEAR_ERROR queue clear error. elems:[dec] first:[pointer] last:[pointer] Explanation failed to clear internal queue. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-UNSUPPORTED_FEATURE Unsupported FEATURE: [chars] called by a process(JobID:[dec]) Explanation The feature is not supported by OBFL. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-4-UPTIME_RR_NOT_SET ResetReason is not set. Explanation ResetReason is not yet set. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-5-CORRUPTED_MSG Received a corrupted message for [chars] with value:[dec]: [chars] Explanation The message received by an application had inconsistent values. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1272 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-5-MSG_CKSUM_ERROR Received a corrupted message with cksum:[hex] Calculated cksum:[hex] length(corrupted?):[dec] type(corrupted?):[dec] Explanation The message received by an application had a wrong cksum value. The message data could be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-6-DEVICE_ACTIVATED device:[chars](nodeid:[hex]) is activated for onboard logging. Explanation The device on the node is activated for onboard logging. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-6-DEVICE_ENABLED device:[chars] on node:[chars] is enabled by user configuration Explanation A device is enabled for logging onboard by user configuration. Recommended Action No action is required. Error Message %OS-OBFLMGR-6-FEATURE_ACTIVATED feature:[chars] on device:[chars](nodeid:[hex]) is activated Explanation A deactivated feature is activated. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-COALESCE_ERROR Coalescing failed for feature:[chars] device:[chars](node:[hex]) because [chars]. Explanation Coalescing failed on a device. Records for the device will be discarded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1273 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-7-COALESCER_NOT_FOUND process(JobID:[dec]) notified coalescer:[chars] for FEATURE:[chars], but it is not found Explanation A coalesce function name notified from a client is not found Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-DEVICE_INACTIVE device on the node(ID:[hex]) is not active Explanation The device on the node is not active. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-DEVICE_NOT_READY no device ready for feature:[chars] from process(JobID:[dec]). target_node:[hex] client_id:[dec] device:[pointer]. Explanation no device ready yet for notified feature Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-DEVICE_NOT_REGISTERED device:[chars] notified from process(JobID:[dec]) is not registered Explanation Caller’s device is not yet registered Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-DEVICE_UNAVAILABLE device [chars] on nodeid:[hex] is not accessible on the filesystem. Error([dec]): [chars] Explanation A device specified from a driver is not accessible. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1274 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-7-ENV_STATE_UNKNOWN Unknown environment state:[dec] of node:[hex] Explanation An environment record has an unknown state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-ERRMSG_HIST_FULL Syslog histrical file buffer reached the limit. Current size:[dec]. limit:[dec]. Subsequent syslog historical records will be discarded. Explanation Syslog historical file reached the limit. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-JID_GET_ERROR process’s JobID can not be obtained Explanation process’s JobID can not be obtained Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-MAGIC_NUM_INVALID Invalid magic number:[hex] for [chars] record. [hex] is expected. The file contents might be corrupted. Explanation A feature record has an invalid magic number. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-META_OPER_WRITE_ERROR Failed to write [chars] meta oper record to the file:[chars]. Error([dec]): [chars] Explanation An OBFL internal record type write failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1275 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-7-MSG_ERROR Received a bad message with value:[dec]: [chars] Explanation The message received by an application had inconsistent values. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-NO_MEMORY Failed to allocate memory with size:[dec] at [chars]:[dec] Explanation Not enough memory available in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-NODEID_DECODE_FAILURE decoding of nodeid:[hex] for [chars] failed. Error([dec]): [chars] Explanation An error happened for a nodeid decoding. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-NODEID_FAILURE [chars] of nodeid for [chars] failed. Error([dec]): [chars] Explanation An error happened for a nodeid operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-QUEUE_LIMIT_OVER The queue:[pointer] for device:[chars] entry_num:[dec] and the max limit:[dec]. The new request for [chars] will be discarded. Explanation The destination queue is full. New enqueue request will be discarded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1276 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-7-RACK_DECODE_FAILURE decoding of rack:[hex] for [chars] failed. Error([dec]): [chars] Explanation An error happened for a rackid decoding. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-RECORD_TOO_LONG Too long record size:[dec] for [chars] record. The file contents might be corrupted. Explanation A feature record is too long. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-RECORD_TYPE_UNKNOWN Unknown record type:[dec] for [chars] record. The file contents might be corrupted. Explanation A feature record has an unknown record type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-REDUNDANCY_STANDBY logging to node:[hex] is denied because this node:[hex] is redundancy standby state. Explanation Node is redundancy standby state, so can’t log to other node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-SLOT_DECODE_FAILURE decoding of rack_type:[hex] and slot:[hex] for [chars] failed. Error([dec]): [chars] Explanation An error happened for a slot fields decoding. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages OBFLMGR Messages EM-1277 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-7-SYSDB_TUPLE_ERROR [chars] sysdb tuple, [chars] at [chars]:[dec] Explanation Invalid sysdb tuple Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-UNREGISTERED_FEATURE Unregistered FEATURE:[chars] called by a process(JobID:[dec]) Explanation The specified feature is not yet registered for OBFL manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-UPTIME_CONT_TOO_LARGE Too large continuous record, or internal parameters might be corrupted. length:[dec]. Explanation A continuous record too large, or internal parameter might be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-UPTIME_HIST_INVALID_TASKID Invalid block_and_task_id:[hex]. The file contents might be corrupted. Explanation This record has invalid block_and_task_id. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-OBFLMGR-7-UPTIME_HIST_TOO_LARGE Too large historic uptime record([chars]), or internal parameters might be corrupted. length:[dec] offset_ehud:[dec]. Explanation A historic uptime record too large, or internal parameter might be corrupted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PA Messages EM-1278 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-OBFLMGR-7-UPTIME_RECORD_NOT_FOUND Uptime record([chars]) is not found. Explanation Uptime record is not found Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PA Messages Error Message %OS-PA-2-CTX_CREATE [chars]: Can’t create VRF context structures. VRF ’[chars]’ ([hex]) error [chars] ([unsigned int]) Explanation PA Can’t create VFR context structures. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-2-IFIB_LIMIT IFIB entries threshold exceeded in LPTS - [chars] Explanation The number of IFIB entires in lpts has exceeded the threshold limit. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-2-INFRA_FAIL [chars]: [chars] failed rc equals [dec] Explanation There was a ENA infra call failure resulting in a failure to provide some infrastructure service. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %OS-PA-2-RSI_ERROR RSI [chars] failed error [chars] ([unsigned int]) Explanation RSI error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PA Messages EM-1279 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PA-2-RSI_UNKNOWN_EVENT Unknown event from RSI event [unsigned int] Explanation RSI sent unknown event Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ECM_SETRETRY_FAIL Error setting linear connection retry mechanism : [chars] Explanation Failed to set linear connection retry mechanism in Port Arbitrator Client Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ERR_ADD_SLICE [chars]: Assign of slice [chars] to node [hex] failed. ([chars]) Explanation The PA failed to assign an IFIB slice. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ERR_BACKEND [chars]: [chars] failed Explanation Sysdb backend api call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ERR_BAG [chars]: [chars] failed: [chars] Explanation Bag api call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PA Messages EM-1280 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PA-3-ERR_FM_MSG_TIMEOUT [chars]: [chars] update of slice [chars] to node [hex] timed out. Explanation The PA failed to receive a response to an IFIB table update or an IFIB slice assignment update message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ERR_LOCK [chars] line [dec]: error: [chars] Explanation An attempt to lock a mutex failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ERR_PIFIB_MSG_TIMEOUT [chars]: Pre-IFIB update for slice [chars] timed out. Explanation The PA failed to receive a response to a critical Pre-IFIB update. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ERR_SYSDB [chars]: [chars] failed [chars] Explanation Sysdb api call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-3-ERR_UNLOCK [chars] line [dec]: error: [chars] Explanation An attempt to lock a mutex failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PCDS Messages EM-1281 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PA-3-EVENT_REGISTRATION_FAILED PA failed to connect to the event manager: [chars] Explanation The PA process failed while attempting to connect to an event manager channel for the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PA-6-INFO_GENERAL [chars]: [chars] Explanation The PA encountered some problem in genric nature or plain information. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. PCDS Messages Error Message %OS-PCDS-3-ERROR [chars] failed: [chars] Explanation Required functionality failed or returned an error Recommended Action Contact support. Error Message %OS-PCDS-7-DEBUG [chars] [chars] [chars] Explanation Internal debugging message. Recommended Action Informational only.Operating System (OS) Messages PLACED_LIB Messages EM-1282 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLACED_LIB Messages Error Message %OS-PLACED_LIB-7-STARTUP_POLICY System placement policy found in [chars]. Policy should be moved to a .placement file. Explanation PlaceD discovered system placement policy specified in an unsupported format; the policy will not be honored. The system should continue to function correctly, though process placement decisions may be sub-optimal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_LIB-7-VECTOR_OVERFLOW Overflow in message vector ([dec] entries used, [dec] available) Explanation A client was unable to send a message to PlaceD due to encountering an internal error condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLACED_MAIN Messages Error Message %OS-PLACED_MAIN-3-EVENT_CONN_CREATE Failed to create an event connection manager : [chars] Explanation PlaceD daemon was unable to create an event connection manager. Recommended Action Automatically restarts & attempts to create event connection manager. Error Message %OS-PLACED_MAIN-3-EVENT_CREATE Failed to create an event manager for channel ’[chars]’: [chars] Explanation PlaceD daemaon was unable to create an event manager for receiving messages, and therefore failed to initialize. Recommended Action Automatically restarts & attempts to create event channel. Operating System (OS) Messages PLACED_MAIN Messages EM-1283 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-3-EVENT_HANDLER Failed to attach event handler to event manager: [chars] Explanation PlaceD daemon was unable register an event handling for processing received messages, and therefore failed to initialize. Recommended Action Automatically restarts & attempts to attach event handler. Error Message %OS-PLACED_MAIN-3-EVENT_NOTIFY Failed to set up notify for event disconnects : [chars] Explanation PlaceD daemon was unable to set up event notify for event disconnects. Recommended Action Automatically restarts & attempts to setup event notify. Error Message %OS-PLACED_MAIN-3-EVENT_OPEN Failed to open an event connection : [chars] Explanation PlaceD daemon was unable to open an event connection. Recommended Action Automatically restarts & attempts to open an event connection. Error Message %OS-PLACED_MAIN-3-EVENT_SETRETRY Failed to set retry mechanism for sysdb registration : [chars] Explanation PlaceD daemon was unable to set up retry mechanism for system database. Recommended Action Automatically restarts & attempts to setup retry mechanism. Error Message %OS-PLACED_MAIN-3-PTHREAD_CREATE Failed to create reoptimization thread: [chars] Explanation PlaceD daemon was unable to create the reoptimization thread for running at the very end. Recommended Action Automatically restarts & attempts to do a pthread_create. Error Message %OS-PLACED_MAIN-3-PTHREAD_DETACH Failed to detach pthread: [chars] Explanation PlaceD daemon was unable to detach the thread. Recommended Action Automatically restarts. Operating System (OS) Messages PLACED_MAIN Messages EM-1284 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-3-REGISTER_BLOCK Failed to event block sysdb on startup/done notification: [chars] Explanation PlaceD daemon was unable to block on system database for startup/done notification. Recommended Action Automatically restarts. Error Message %OS-PLACED_MAIN-3-REOPTIMIZE Failed to reoptimize: [chars] Explanation PlaceD daemon was unable to run reoptimization algorithm. Recommended Action Run placement reoptimization frm CLI. Error Message %OS-PLACED_MAIN-3-SYSDB_BIND Bind to sysdb failed for startup/done notification: [chars] Explanation PlaceD daemon was unable to bind to system database for startup/done notification. Recommended Action Automatically restarts. Error Message %OS-PLACED_MAIN-3-SYSDB_ITEM_SET Failed to set the sysdb item: [chars] Explanation PlaceD daemon was unable to set the system database item. Recommended Action Automatically restarts. Error Message %OS-PLACED_MAIN-3-SYSDB_NOTIFICATION Sysdb registration failed for startup/done notification: [chars] Explanation PlaceD daemon was unable to register with system databse for startup/done notification. Recommended Action Automatically restarts. Error Message %OS-PLACED_MAIN-3-SYSDB_UNBIND Failed to unbind sysdb connection: [chars] Explanation PlaceD daemon was unable to unbind the system database connection. Recommended Action Automatically restarts. Operating System (OS) Messages PLACED_MAIN Messages EM-1285 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-6-DUMP_CORE PlaceD is performing a voluntary core dump because an unexpected situation has arisen. This is not a crash, but does indicate there was a problem. Reason: [chars] Explanation The process placement daemon has encountered an unexpected internal situation. If there are no further signs of a problem then it is reasonably safe to assume that the system has recovered. Recommended Action Please check with your support representative, and if possible provide the core file for further examination. Error Message %OS-PLACED_MAIN-7-BACKUP_DLRSC Unable to determine new backup dLRSC: [chars] Explanation PlaceD was notified that the backup dLRSC has changed, but was unable to determine the new location. This means that it is unable to direct its checkpoint updates to that location, and so the system may be in an unstable state if the currently active dLRSC fails. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-BACKUP_DLRSC_REG Failed to register for backup dLRSC notifications: [chars] Explanation PlaceD failed to register for backup dLRSC change events, and therefore will not be able to mirror its checkpoint data to the backup location. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-CHKPT Failed to initialize checkpoint library: [chars] Explanation PlaceD was unable to initialize the checkpoint library for saving its internal state, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_MAIN Messages EM-1286 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-7-CHKPT_TARGET Unable to set checkpoint target to location [chars]: [chars] Explanation PlaceD tried to direct its remote checkpoint updates to the specified location (the backup dLRSC) but encountered an error. This may mean that the system will be in an unstable state if the currently active dLRSC fails. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-CLASSES Failed to initialize classes: [chars] Explanation PlaceD was unable to set up its object classes, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-DBG_ON Failed to switch on debugging flag ’[chars]’: [chars] Explanation PlaceD was unable to switch on one of its debugging flags whilst initializing, but ignored the error and continued. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-DBG_REG Failed to register for debug notification: [chars] Explanation PlaceD was unable to register for notification of its debugging flag settings. PlaceD ignored the error and continued. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_MAIN Messages EM-1287 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-7-DLRSC Failed to determine whether running on dLRSC: [chars] Explanation PlaceD was unable to determine whether it was running on the dLRSC, and therefore failed to initialize. Recommended Action None - PlaceD should restart and recover by itself. If the message recurs: Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support placement command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support placement output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-DLRSC_CHANGED The active dLRSC has changed, so the previously active PlaceD is transitioning to inactive state Explanation The active dLRSC changed, so the process placement daemon running on the previously active dLRSC has changed to inactive state, so that the instance on the newly active dLRSC can take over without problems. Recommended Action This indicates an unusual situation, but if there are no other indications of system problems then this is probably benign. Error Message %OS-PLACED_MAIN-7-DLRSC_NOT Failed to get event type from dLRSC notification: [chars] Explanation PlaceD couldn’t get the event type from a dLRSC notification it received, and therefore may no longer be aware whether or not it is running on the dLRSC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-DLRSC_REG Failed to register for dLRSC notifications: [chars] Explanation PlaceD failed to register for dLRSC change events, and therefore failed to initialize. Recommended Action None - PlaceD should restart and recover by itself. If the message recurs: Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support placement command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support placement output, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_MAIN Messages EM-1288 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-7-EVENT_BLOCK Error waiting for message - ignoring: [chars] Explanation An error occured whilst PlaceD was waiting for a messages, PlaceD ignored the error and continued to wait for more messages. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-INIT_COMPLETE Unable to record that initialization is complete: [chars] Explanation PlaceD encountered a problem when recording the fact that it has successfully initialized for the first time since this logical router powered up. This means that problems may be encountered when PlaceD restarts, such as after a dLRSC migration. Recommended Action In the short term this alone does not indicate that the system will operate incorrectly. It is however diagnostic of some underlying problem, and it is possible that the system will operate incorrectly after the placement daemon is forced to restart. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-PROC_READY Failed to signal end of initialization: [chars] Explanation PlaceD was unable to inform SysMgr that it had completed its initialization. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-QSM_CHAN Failed to publish QSM channel ’[chars]’ (rendezvous ’[chars]’): [chars] Explanation PlaceD was unable to publish a channel for receiving messages, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_MAIN Messages EM-1289 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-7-QSM_RENDEZ Failed to get rendezvous name: [chars] Explanation PlaceD was unable to get a rendezvous name for publishing the message channel, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-SIGNALS Failed to set up signal mask: [chars] Explanation One of the OS calls to set up the thread signal mask failed, and therefore PlaceD couldn’t initialise. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-SYSDB Failed to do a [chars] with SysDB at ’[chars]’: [chars] Explanation PlaceD was unable to perform a critical SysDB operation, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-SYSDB_VRFN_INIT Failed to initialize SysDB verification functions handle: [chars] Explanation PlaceD was unable to initialize its SysDB verification functions handle, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_MAIN Messages EM-1290 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_MAIN-7-TRACE_BUFFERS Failed to initialize trace buffers: [chars] Explanation PlaceD was unable to set up its trace buffers, and therefore failed to initialize. This almost certainly means there was insufficient memory available for placed to function correctly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-UNEXPECTED_REQ Ignoring request type [dec] to non-active PlaceD instance Explanation An inactive PlaceD instance received a request. Only the instance on the currently active dLRSC should receive any requests. Recommended Action If this is during a dLRSC migration then it is probably benign, provided no other ill effects are seen. Otherwise it probably indicates a problem in the underlying infrastructure, such as QSM. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-UNKNOWN_MSG Ignoring unrecognized message (comp ID: [dec], msg no: [dec]) Explanation PlaceD did not recognise a message it received, and therefore ignored it. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_MAIN-7-UNKNOWN_REQ Ignoring unrecognized request ([dec]) Explanation PlaceD did not recognise a request it received, and therefore ignored it. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages PLACED_NODES Messages EM-1291 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLACED_NODES Messages Error Message %OS-PLACED_NODES-3-NO_NODES Empty or badly damaged LR inventory - assuming only [chars]%s[chars] present as a fallback strategy Explanation There were no RP or DRP cards reported in the inventory for process placement. This is an error (the process placement daemon must be running on one such card if nothing else) and will have a very detrimental effect on process placement. The system will limp on as best it can, assuming the only RP/DRP in the LR is that on which the process placement daemon is itself running, and should the inventory problem be resolved then the system will then adjust accordingly automatically. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-DOWNGRADING_NODE System call to node [chars] indicated that node is not yet booted. Downgrading state to [unsigned int] Explanation An error encountered while querying a remote node indicated that the target location was not in the running state. PlaceD has downgraded the node accordingly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-LR_INVEN Failed to get [chars] from the LR inventory: [chars] Explanation PlaceD couldn’t retrieve the specified information from the LR inventory it received, and therefore may not have sufficient location information to place processes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-LR_INVEN_ENTRY Failed to get [chars] from the LR inventory entry [dec]: [chars] Explanation PlaceD couldn’t retrieve the specified information from an entry in the LR inventory, and therefore ignored the entry. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_NODES Messages EM-1292 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_NODES-7-LR_INVEN_NODETYPE Ignoring entry [dec] in the LR inventory entry since location is of unknown type ([dec]) Explanation PlaceD didn’t recognise the location type in an entry in the LR inventory, and therefore ignored the entry. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-LR_NOT Failed to get [chars] from LR notification: [chars] Explanation PlaceD couldn’t retrieve the specified information from an LR notification it received, and therefore may no longer have up-to-date location information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-LR_REG Failed to register for LR notifications: [chars] Explanation PlaceD couldn’t register for LR notifications, and may therefore be unable to maintain up-to-date location information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-MEMORY Insufficient memory for object representing location [chars] (partner [chars]), location will not be used for placement Explanation An object to represent the location could not be created (probably due to insufficient memory). PlaceD will not be able to place processes at the location. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Operating System (OS) Messages PLACED_NODES Messages EM-1293 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_NODES-7-NO_INVENTORY The LR inventory is empty or not available (despite waiting for over a minute for it) - error ’[chars]’. PlaceD cannot function without this information, so will restart and attempt to wait for the information again. Explanation Placement requires a complete knowledge of the LR inventory in order to function as expected. The LR inventory is currently not fully populated, so PlaceD is restarting in order to give the LR inventory time to finish initialising. If this message continues to appear, this indicates that the LR information is not able to complete, and that this will be affecting the ability of the system to function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-NODEID Failed to obtain ID of current location: [chars] Explanation PlaceD was unable to determine the ID of the location at which it was running, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_NODES-7-NOT_RUNNING LR inventory indicated that state of location [chars] was [dec], using state [dec] (RUNNING) instead Explanation The LR inventory showed that the location at which PlaceD was running was not in the running state. PlaceD assumed this was erroneous. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages PLACED_PLACE Messages EM-1294 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLACED_PLACE Messages Error Message %OS-PLACED_PLACE-3-ALGO Placement algorithm failed: [chars] Explanation An error occured in the algorithm used by PlaceD to determine the optimal placement. Recommended Action If the message recurs: Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support placement command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support placement output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PLACE-3-ALGO_RERUN Unable to determine optimal placement after running algorithm [unsigned int] times Explanation PlaceD was unable to place one or more processes on any of the available nodes in the system. Recommended Action If the message recurs: Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support placement command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support placement output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PLACE-4-CANT_START Unable to start program [chars]%s[chars] since there is insufficient cpu or memory capacity Explanation Starting the new program would overflow the watermarks for the cpu or memory capacity currently available. Recommended Action Options include adding or unpairing a DRP, deconfiguring some features, or increasing the watermarks configured by placement { cpu | memory } maximum. One can also specify particularly important or disposable processes via configuring large or small existence affinities if so desired. Error Message %OS-PLACED_PLACE-4-KILLING Killing program [chars]%s[chars] since there is insufficient cpu or memory capacity for all configured processes Explanation There is insufficient cpu or memory capacity for all configured placeable processes. Recommended Action Options include adding or unpairing a DRP, deconfiguring some features, or increasing the watermarks configured by placement { cpu | memory } maximum. One can also specify particularly important or disposable processes via configuring large or small existence affinities if so desired. Operating System (OS) Messages PLACED_PLACE Messages EM-1295 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PLACE-4-LISTEN Unable to listen for multicast messages: [chars] ([chars]) Explanation PlaceD is unable to register to receive multicast messages. This means that the location which emitted the message will not be able to keep its local copy of the current placement, persisted to non-volatile storage, up to date. Recommended Action If this is a transient issue then the router will recover. Also, restarting the PlaceD instance that emitted this message will cause it to re-register to receive these updates. If the issue persists: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PLACE-4-REOP_ABORTED Re-optimization of the placement aborted due to [chars]. Placement has been partially re-optimized. Running the command again will complete the re-optimization Explanation The re-optimization of the placement was aborted because PlaceD had to respond to a change in the router environment. Recommended Action Run the ’placement reoptimize’ command again to complete the re-optimization. Error Message %OS-PLACED_PLACE-5-RESTARTING Program [chars]%s[chars] has now been started (was previously unable to run) Explanation The program was previously prevented from running due to insufficient cpu or memory, but that situation no longer applies and so the program has now been started. This message may also result from problems in retrieving the node inventory for the router. Recommended Action Options to prevent the original inability to run include adding or unpairing a DRP, deconfiguring some features, or increasing the watermarks configured by placement { cpu | memory } maximum. One can also specify particularly important or disposable processes via configuring large or small existence affinities if so desired. If a node inventory problem is suspected: Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support placement command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support placement output, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PLACE Messages EM-1296 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PLACE-5-WRITE_PERSIST Unable to [chars] when writing persistent placement: [chars] ([chars]) Explanation The current placement was being persisted to non- volatile storage, but a problem occured. If this condition persists then it is possible that the placement of processes across the available RPs and DRPs will be different after the next router/LR reload. Recommended Action The write operation will be automatically re-tried later, so if this is a transitory condition then the system will recover completely without intervention. If this is a persistent problem then: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PLACE-6-REOP_COMPLETE Re-optimization of the placement complete. Use ’show placement’ to view the new placement Explanation The re-optimization of the placement has completed. Recommended Action Use the ’show placement’ command to view the newly re-optimized placement. Error Message %OS-PLACED_PLACE-6-REOP_START Re-optimization of the placement requested. You will be notified on completion Explanation A re-optimization of the placement has started. The most optimal location of each program will be re-calculated by ignoring any affinity of the default program to the current location. Any resulting migrations will be rate limited accoring to the slow migration interval configured for each program. Recommended Action Wait for the notification that the re-optimization has completed before adding or removing cards from the router, adding new configuration, or starting a new re-optimization. Error Message %OS-PLACED_PLACE-7-AFFINITY_ITERATOR Unable to obtain affinity iterator for [chars] Explanation PlaceD was unable to obtain an iterator for all the affinities. Recommended Action This is non-critical, and in the absence of other errors, simply means that one facility (triggering reoptimisation of placements by the user) is inoperable. Operating System (OS) Messages PLACED_PLACE Messages EM-1297 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PLACE-7-ALGO_INIT Unable to create placement algorithm Explanation PlaceD was unable to create the placement algorithm object, and therefore failed to initialize. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %OS-PLACED_PLACE-7-CHKPT_INIT Failed to initialize checkpoint store: [chars] Explanation PlaceD was unable to initialize the checkpoint store for the placement package, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PLACE-7-CHKPT_UPDATE Failed to update checkpoint record for re-optimization status: [chars] Explanation PlaceD was unable to update the checkpointed information indicating whether a placement re-optimization is in progress. Recommended Action This should not be a service-affecting incident. However, PlaceD may no longer be able to correctly report the completion of re-optimization events. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PLACE-7-LOOKUP_PERSIST Unable to [chars] when looking up persisted placement for [chars]%s[chars]: [chars] ([chars]) Explanation PlaceD hit a problem when looking up the persisted location for a process. This means that it may not be placed on the same location as it was assigned before the most recent reload of the router or LR. Recommended Action This should not be a service-affecting incident. If this is because the card on which the process was previously placed has been removed, taken administratively down, or been assigned to a different logical router, then this is entirely expected and benign. Otherwise: Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support placement command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support placement output, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROGS Messages EM-1298 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PLACE-7-SYSDB Unable to [chars] with SysDB at [chars]: [chars] Explanation PlaceD was unable to register with SysDB for receiving ’placement persist now’ actions. This facility will be unavailable. Recommended Action This is non-critical, and in the absence of other errors, simply means that one facility (triggering persisting of placements by the user) is inoperable. Error Message %OS-PLACED_PLACE-7-TIMER Unable to [chars] persistence timer Explanation PlaceD was unable to create the persistence timer, and therefore failed to initialize. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* PLACED_PROGS Messages Error Message %OS-PLACED_PROGS-3-KILL_MAN The attempt to kill process ’[chars]%s[chars]’ (job ID [dec]) at location [chars] failed, it should be killed manually Explanation PlaceD attempted to kill a process, but it is still running Recommended Action Attempt to kill the process manually. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-3-KILL_PROC Failed to kill process ’[chars]%s[chars]’ (job ID [dec]) at location [chars]: [chars] Explanation PlaceD was unable to kill a process. PlaceD’s view of the system state will now be incorrect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROGS Messages EM-1299 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-3-KILL_UNKNOWN Attempted to kill process ’[chars]%s[chars]’ (job ID [dec]) at location [chars], but failed to determine whether it is dead Explanation PlaceD attempted to kill a process, but is unable to determine whether the attempt was successful. Recommended Action Determine whether the process is still running, if so, attempt to kill it manually. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-3-PROC_STATE Unable to determine process placement information for process ’[chars]%s[chars]’ at location [chars]: [chars] Explanation PlaceD was unable to respond accurately to a placement request from SysMgr on a remote node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-3-START_PROC Failed to start process ’[chars]%s[chars]’ at location [chars]: [chars] Explanation PlaceD was unable to start a process. PlaceD’s view of the system state will now be incorrect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-4-CANT_SUSPEND Unable to suspend the request to start the process ’[chars]%s[chars]’ from location [chars]: [chars] Explanation This is an out-of-memory message. PlaceD received a request to start the specified process on the specified location, and wanted to suspend the request. This is because PlaceD has a better location in mind, but is keeping the present location as a backup in case that card gets into trouble. However, there was insufficient resources for PlaceD to effect the suspension. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *SUPPORT* Operating System (OS) Messages PLACED_PROGS Messages EM-1300 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-4-CHKPT_DELETE Failed to delete the checkpoint data for process ’[chars]%s[chars]’ at location [chars]: [chars] Explanation PlaceD was unable to delete the checkpoint segment for an application, eg before starting it from cold on that location. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-4-CHKPT_MIGRATE Failed to migrate checkpoint data for process ’[chars]%s[chars]’ from location [chars] to [chars]: [chars] Explanation Whilst moving a process to a new location, PlaceD was unable to migrate the checkpointed data belonging to the process. No checkpointed data was therefore available to the process when it started at the new location. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-4-CHKPT_WRITE Failed to update checkpoint record for process ’[chars]’: [chars] Explanation PlaceD was unable to update the checkpointed information for the specified process. PlaceD will fail to recover, or will recover out of date, information for the process if it is restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-4-RMPROC_INCORRECT_NODE Ignoring request from ’[chars]’ to remove process ’[chars]%s[chars]’ Explanation Request to remove the process came from a node on which the process is not currently running. PlaceD will ignore this request. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROGS Messages EM-1301 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-4-START_PROC_MIGRATE Process ’[chars]%s[chars]’ cannot be migrated to the location pair [chars] [chars] because the pair is no longer up Explanation PlaceD was unable to migrate the specified process to the specified locations because they are no longer up. If necessary, an alternative location will be selected for the process. Recommended Action If the specified location pair is still up: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-4-SYSTEM_POLICY Failed to read system placement policy. Process placement decisions will be sub-optimal. [chars] Explanation PlaceD was unable to read the system placement policy and thus has no built-in policy to use when placing processes. The results of process placement decisions made by PlaceD will be sub-optimal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-4-UNKNOWN_PROC Unable to place ’[chars]%s[chars]’ since this is an unknown program type Explanation PlaceD was asked to place a program whose name does not appear in the list of placeable processes and their properties. Recommended Action This indicates that placed is receiving inconsistent or incomplete information from sysmgr. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-4-UNREC_PROG Ignoring request to remove unrecognized process ’[chars]%s[chars]’ Explanation PlaceD did not recognise the process it was asked to remove, and therefore ingnored the request. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROGS Messages EM-1302 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-6-COLD_START The process ’[chars]%s[chars]’ is being restarted on the new location [chars] [chars] from cold, without its checkpoint data Explanation The process is being replaced without its checkpoint data, eg if the node it was previously running on has failed. This may impact the router’s operation. Recommended Action If every RP and DRP has a standby, then this situation should not occur unless there is a double-failure of both active and standby cards simultaneously. If this message occurs in any other situation: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-6-REMOVING_ENTITY ’[chars]%s[chars]’ appears to no longer be configured, and will not be started again until reconfigured. Explanation PlaceD was unable to start a process because it is purely configuration-driven and there is no configuration present. PlaceD will no longer attempt to keep the process running. Recommended Action If the process has indeed been deconfigured (possibly a long time before this message appeared), then this is entirely benign. Otherwise: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-6-START_PROC_NODE Process ’[chars]%s[chars]’ will be started at the location pair [chars] [chars] only when one of the locations completes booting Explanation PlaceD was unable to start the specified process (and possibly other processes as well) because the specified locations are not running. The locations may still be in the process of booting. When one of the locations completes booting the process will be started. Recommended Action If the locations are still in the process of booting then this is benign; the process will be started normally as part of the boot process. If the boot process takes too long, an alternative location for the process will automatically be chosen. Error Message %OS-PLACED_PROGS-6-START_PROC_TIMEOUT Process ’[chars]%s[chars]’ cannot be started at the location pair [chars] [chars]; an alternative location will be selected Explanation PlaceD was unable to start the specified process (and possibly other processes as well) at the specified locations because they are taking too long to finish booting. An attempt will be made to start the process at an alternative location. Recommended Action If the specified location pair does not boot successfully: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROGS Messages EM-1303 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-7-CHKPT_REG Failed to register checkpoint table: [chars] Explanation PlaceD was unable to register a table for checkpointing its program information, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-CLASS_INFO Failed to get all program info from SysMgr at location [chars]: [chars] Explanation PlaceD was unable to get information from System Manager about all program classes and will now be in an indeterminate state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-IPPH Failed to service an is-program-placed-here request: [chars] Explanation PlaceD was asked about the location of a process, but was unable to service the request. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-JID Failed to get job ID for process ’[chars]%s[chars]’ at location [chars]: [chars] Explanation PlaceD was unable to get the Job ID for a process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROGS Messages EM-1304 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-7-NOT_PLACEABLE Ignoring info from SysMgr about non-placeable process ’[chars]’ Explanation PlaceD received information from System Manager about a program or program class that is not placeable, and therefore ignored the information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-PARSE Failed to parse keyword ’[chars]’ in file [chars]:[dec] ([chars]) Explanation Whilst getting the system placement policy, an error occured whilst processing the specified file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-PLPROC Failed to service a place-processes request from cfgmgr: [chars] Explanation PlaceD was asked by cfgmgr about the location of a list of processes, but was unable to service the request. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-PROG_TYPE Ignoring unknown program type ([dec]) for ’[chars]’ Explanation PlaceD did not recognise the program type received from System Manager, and therefore ignored the program information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROGS Messages EM-1305 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-7-RECOVER_STATE Failed to recreate state for [chars]%s[chars] when attempting [chars]: [chars] Explanation PlaceD was unable to recreate its internal representation for the specified program, either from its checkpoint data or from information from SysMgr, and therefore failed to intialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-SYSMGR_TARGET Failed to set SysMgr target location to [chars]: [chars] Explanation PlaceD was unable to set the target location in order to communicate with the appropriate System Manager instance. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-TIMEOUT Ignoring timeout event with unknown [chars] Explanation A timeout event occurred, but PlaceD was unable to determine which program or node the event was for, and therefore ignored it. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-TIMERS Unable to initialize request timers Explanation PlaceD was unable to initialize the request timers, and therefore failed to initialize. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Operating System (OS) Messages PLACED_PROPS Messages EM-1306 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROGS-7-UNEXPECTED_NODE A message was received from the unknown location [chars] Explanation A message was received from a location not known to be an RP or DRP in the current LR. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROGS-7-UPDATE_CLASS Failed to get updated info for ’[chars]’ from SysMgr: [chars] Explanation PlaceD was unable to update information from System Manager about the program or program class specified. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLACED_PROPS Messages Error Message %OS-PLACED_PROPS-4-MAX_AFF Reached maximum limit on number of affinities ([dec]) for ’[chars]’, ignoring remaining affinities Explanation Whilst determining the optimal placement, PlaceD reached the limit on the number of affinities allowed per process, and therefore ignored any further affinities. Recommended Action Remove configured affinities that apply to this process until the number is equal to or below the given limit. Error Message %OS-PLACED_PROPS-5-BAD_CONFIG Refusing to apply some placement policy that would be rejected by placed’s config verifier Explanation Some placement policy is being ignored, since entering it normally would cause it to be rejected. This situation can occur only in rare situations, such as leaving placement policy configured for a program after that program’s package has been de-activated from all locations. Recommended Action If the situation is something like that in the explanation, then this message is correctly warning that the ’dead’ policy is no longer acted upon. Otherwise: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLACED_PROPS Messages EM-1307 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLACED_PROPS-5-REV_AFF Failed to apply program affinity from ’[chars]’ to ’[chars]’: affinity in reverse direction already configured Explanation PlaceD attempted to set up an affinity from the first program class to the second, but discovered that an affinity from the second to the first already existed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLACED_PROPS-5-SUSPECT_NODE The affinity for program [chars] to location [chars] will be ignored until an RP or DRP is inserted at that location Explanation The operator configured an affinity between a program and a location-set that includes a location not currently occupied by an RP or DRP. This part of the affinity policy will be ignored until an RP or DRP is inserted there. The policy applying to a given program (or program instance) can be inspected via the ’show placement policy program program [instance instance]’ command. Recommended Action Correct the configuration if this is an error, or insert an RP or DRP for the configuration to have any effect. Error Message %OS-PLACED_PROPS-7-INIT Failed to initialize the Properties module: [chars] Explanation PlaceD was unable to perform one of the steps required to initialize its Properties module. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %OS-PLACED_PROPS-7-NODETYPE Unknown location-type ([dec]) in location-type affinity (process ’[chars]’) Explanation Whilst determining the optimal placement for the specified process, PlaceD encountered an affinity containing an unrecognized location-type, and therefore ignored the affinity. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages PLATFORM_LPTS_COM_IFIB Messages EM-1308 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLATFORM_LPTS_COM_IFIB Messages Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_FLOW [chars]: Flow type ’[chars]’ not configured Explanation error in IFIB flow handling configuration. The named flow type was not explicitly configured and will have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_FLOW [chars]: Flow type ’[chars]’ not configured Explanation error in IFIB flow handling configuration. The named flow type was not explicitly configured and will have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_PARAMETER [chars]: Missing parameter after ’[chars]’ in flow ’[chars]’ Explanation Syntax error in IFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_PARAMETER [chars]: Missing parameter after ’[chars]’ in flow ’[chars]’ Explanation Syntax error in IFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_COM_IFIB Messages EM-1309 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_KEYWORD [chars]: Unknown keyword ’[chars]’ in flow ’[chars]’ Explanation Syntax error in IFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_KEYWORD [chars]: Unknown keyword ’[chars]’ in flow ’[chars]’ Explanation Syntax error in IFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_PARAMETER [chars]: Unknown parameter ’[chars]’ after ’[chars]’ in flow ’[chars]’ Explanation Syntax error in IFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_PARAMETER [chars]: Unknown parameter ’[chars]’ after ’[chars]’ in flow ’[chars]’ Explanation Syntax error in IFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_COM_IFIB Messages EM-1310 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-ERR_MEM_ALLOC Failed to allocate memory Explanation The system failed to allocate memory. It’s likely that the system is running low in memory. Recommended Action This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-ERR_MEM_ALLOC Failed to allocate memory Explanation The system failed to allocate memory. It’s likely that the system is running low in memory. Recommended Action This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG [chars]: Missing configuration for IFIB flow handling Explanation No configuration for IFIB flow handling was found. Default characteristics will be used for all packets. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG [chars]: Missing configuration for IFIB flow handling Explanation No configuration for IFIB flow handling was found. Default characteristics will be used for all packets. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_COM_IFIB Messages EM-1311 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG_MEMORY [chars]: Insufficient memory for IFIB flow handling configuration Explanation Insufficient memory was available for storing the IFIB flow handling configuration. Default characteristics will be used for all packets. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG_MEMORY [chars]: Insufficient memory for IFIB flow handling configuration Explanation Insufficient memory was available for storing the IFIB flow handling configuration. Default characteristics will be used for all packets. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when calling debug_cleanup() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when calling debug_cleanup() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_COM_IFIB Messages EM-1312 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when calling the debug_init_event() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when calling the debug_init_event() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when calling debug_register() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when calling debug_register() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. Operating System (OS) Messages PLATFORM_LPTS_COM_NETIO Messages EM-1313 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_COM_IFIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. PLATFORM_LPTS_COM_NETIO Messages Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_COM_NETIO Messages EM-1314 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when calling debug_cleanup() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when calling the debug_init_event() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_COM_NETIO Messages EM-1315 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when calling debug_register() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages PLATFORM_LPTS_LIB Messages EM-1316 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLATFORM_LPTS_LIB Messages Error Message %OS-PLATFORM_LPTS_LIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. Error Message %OS-PLATFORM_LPTS_LIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. Error Message %OS-PLATFORM_LPTS_LIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. PLATFORM_LPTS_PIFIB Messages Error Message %OS-PLATFORM_LPTS_PIFIB-3-BACKEND_EDM [chars]: EDM backend function [chars] failed: [chars] Explanation An internal EDM backend function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1317 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-BAG [chars]: Bag function [chars] failed: [chars] Explanation An internal bag function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CHKPT_INIT [chars]: Checkpoint Initialization function [chars] failed: [chars] Explanation An internal Checkpoint function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_FLOW_MEMORY [chars]: Insufficient memory for flow configuration Explanation There is insufficient memory for the flow configuration. All flows will be assigned default characteristics. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_MISSING_FLOW [chars]: Flow type ’[chars]’ not configured Explanation error in PIFIB flow handling configuration. The named flow type was not explicitly configured and will have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1318 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_MISSING_PARAMETER [chars]: Missing parameter after ’[chars]’ in flow ’[chars]’ Explanation Syntax error in PIFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_MEMORY [chars]: Insufficient memory for policer configuration Explanation There is insufficient memory for the policer configuration. All flows will be assigned default characteristics. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_PARAMETER_INVALID [chars]: Invalid parameter ’[chars]’ after ’[chars]’ in policer ’[dec]’ definition Explanation There is an invalid parameter after a keyword in a policer definition. The policer may be assigned default characterstics. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_PARAMETER_MISSING [chars]: Missing parameter after ’[chars]’ in policer ’[dec]’ definition Explanation There is a missing required parameter after a keyword in a policer definition. The policer may be assigned default characterstics. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1319 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_UNKNOWN_KEYWORD [chars]: Unknown keyword ’[chars]’ in policer ’[dec]’ definition Explanation There is an unknown keyword in a policer definition. The policer may be assigned default characterstics. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_UNDEFINED_POLICER [chars]: flow ’[chars]’ references undefined policer ’[dec]’ Explanation An input flow definition references an undefined policer. The flow will be configured to use policer 0. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_UNKNOWN_KEYWORD [chars]: Unknown keyword ’[chars]’ in flow ’[chars]’ Explanation Syntax error in PIFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_UNKNOWN_PARAMETER [chars]: Unknown parameter ’[chars]’ in flow ’[chars]’ Explanation Syntax error in PIFIB flow handling configuration. The named flow type may have default characteristics applied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1320 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_IFH_UIDB_INDEX Failed to find uidb index for interface handle [hex] Explanation Failed to find uidb index for an given interface handle. It is likely to be caused by a programming bug or a programming problem happened in the past. Recommended Action Run the command ’show uidb index’ to verify whether the uidb index is created for the interface. Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_IFH_UIDB_INDEX Failed to find uidb index for interface handle [hex] Explanation Failed to find uidb index for an given interface handle. It is likely to be caused by a programming bug or a programming problem happened in the past. Recommended Action Run the command ’show uidb index’ to verify whether the uidb index is created for the interface. Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_IFH_UIDB_INDEX Failed to find uidb index for interface handle [hex] Explanation Failed to find uidb index for an given interface handle. It is likely to be caused by a programming bug or a programming problem happened in the past. Recommended Action Run the command ’show uidb index’ to verify whether the uidb index is created for the interface. Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_IPV6_COMPRESS Failed to perform IPV6 compress, tm_rc equals [hex], prefix_len equals [hex] Explanation The IPv6 compression fail under fatal error condition. Recommended Action When this issue happens, it will trigger an automatic restart. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1321 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_MEM_ALLOC Failed to allocate memory Explanation The system failed to allocate memory. It’s likely that the system is running low in memory. Recommended Action When this issue happens, it will trigger an automatic restart. This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_MEM_ALLOC Failed to allocate memory Explanation The system failed to allocate memory. It’s likely that the system is running low in memory. Recommended Action When this issue happens, it will trigger an automatic restart. This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_MEM_ALLOC Failed to allocate memory Explanation The system failed to allocate memory. It’s likely that the system is running low in memory. Recommended Action When this issue happens, it will trigger an automatic restart. This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_NOTIF_Q_FULL The queue for notifications from [chars] is full Explanation Too many notifications have been sent to the component. The queue to hold the notification has overflowed. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1322 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_NOTIF_Q_FULL The queue for notifications from [chars] is full Explanation Too many notifications have been sent to the component. The queue to hold the notification has overflowed. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-ERR_NOTIF_Q_FULL The queue for notifications from [chars] is full Explanation Too many notifications have been sent to the component. The queue to hold the notification has overflowed. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-EVENT_CONN_CREATE [chars]: could not create event connection: [chars] Explanation An internal error was detected when trying to create event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-EVENT_CONN_OPEN [chars]: could not open event connection: [chars] Explanation An internal error was detected when trying to open event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1323 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-FM_ADD_FEAT2GRP [chars]: fm add feat to group failed for ISIS [chars] Explanation An internal fm add feature to group function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-FM_ADD_IFH2GRP [chars]: fm add ifh to group failed for ISIS [chars] Explanation An internal fm add ifh to group function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-FM_CREATE_GROUP [chars]: fm create group failed: [chars] Explanation An internal fm create group function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-FM_FEAT_PROCESSING [chars]: fm feature registration failed: [chars] Explanation An internal fm feature registration function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-FM_REGISTER [chars]: fm_register failed: [chars] Explanation An internal fm_register function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1324 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-HFA_REGISTER [chars]: hfa_register failed: [chars] Explanation An internal hfa_register function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-LTRACE_INIT [chars]: ltrace_init2 failed: [chars] Explanation An internal ltrace_init2 function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-MSG_ATTACH [chars]: Event Mgr function [chars] failed: [chars] Explanation An internal Event Manager function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-NO_CONFIG [chars]: Missing configuration for PIFIB flow handling Explanation No configuration for PIFIB flow handling was found. Default characteristics will be used for all packets. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-SHOW_EDM_CLOSE [chars]: Cleanup for EDM failed: [chars] Explanation Cleanup for EDM failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1325 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-3-SHOW_EDM_INIT [chars]: Initialization for show EDM failed: [chars] Explanation Initialization for show EDM failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-SYSDB [chars]: Sysdb function [chars] failed: [chars] Explanation An internal sysdb function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-3-TCAM_FMT_TO_HFA_MAP [chars]: vmr_builder_program_tcam_fmt_from_hfa_map failed: [chars] Explanation An tcam format to hfa mapping function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_MSTATS_ALLOC Failed to allocate HW counters. Explanation It failed to allocate HW counters. It may be because of running out of HW counters or encountering internal error. Recommended Action Disable the numbers of non crucial services which use HW counters. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_MSTATS_ALLOC Failed to allocate HW counters. Explanation It failed to allocate HW counters. It may be because of running out of HW counters or encountering internal error. Recommended Action Disable the numbers of non crucial services which use HW counters. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1326 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_PRM_STATS_ALLOC Failed to allocate HW counters. Explanation It failed to allocate HW counters. It may be because of running out of HW counters or encountering internal error. Recommended Action Disable the numbers of non crucial services which use HW counters. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_INVALID_REG_NAME Found the Pre-IFIB region with unrecognized name: [chars] Explanation A Pre-IFIB region with unrecognized name is found in the TCAM. It is likely caused by a programming bug or a programming problem happened in the past. Recommended Action Check the status of TCAM Manger because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_INVALID_REG_NAME Found the Pre-IFIB region with unrecognized name: [chars] Explanation A Pre-IFIB region with unrecognized name is found in the TCAM. It is likely caused by a programming bug or a programming problem happened in the past. Recommended Action Check the status of TCAM Manger because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_INVALID_REG_NAME Found the Pre-IFIB region with unrecognized name: [chars] Explanation A Pre-IFIB region with unrecognized name is found in the TCAM. It is likely caused by a programming bug or a programming problem happened in the past. Recommended Action Check the status of TCAM Manger because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1327 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_OVERFLOW Does not have enough space for the Pre-IFIB entry in TCAM region [chars] Explanation TCAM space is not enough for all Pre-IFIB entries in the particular TCAM region. All control packets which do not have matching Pre-IFIB entries in TCAM will use SW path to forward to destinations. Recommended Action Disable the numbers of services configured for the system. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_OVERFLOW Does not have enough space for the Pre-IFIB entry in TCAM region [chars] Explanation TCAM space is not enough for all Pre-IFIB entries in the particular TCAM region. All control packets which do not have matching Pre-IFIB entries in TCAM will use SW path to forward to destinations. Recommended Action Disable the numbers of services configured for the system. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_OVERFLOW Does not have enough space for the Pre-IFIB entry in TCAM region [chars] Explanation TCAM space is not enough for all Pre-IFIB entries in the particular TCAM region. All control packets which do not have matching Pre-IFIB entries in TCAM will use SW path to forward to destinations. Recommended Action Disable the numbers of services configured for the system. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_PREFIX_COMPRESS Failed to have IPv6 prefix compressed Explanation IPv6 prefix compression failed because the line card has run out of internal resources for compressing a preifx. It shouldn’t have any major impact on the system service. The in-bound (destined to the system) packets can still reach destinations through SW path. Recommended Action Try either change the prefix length or change the prefix value of IPv6 addressses used in the system if possible. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1328 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_PREFIX_COMPRESS Failed to have IPv6 prefix compressed Explanation IPv6 prefix compression failed because the line card has run out of internal resources for compressing a preifx. It shouldn’t have any major impact on the system service. The in-bound (destined to the system) packets can still reach destinations through SW path. Recommended Action Try either change the prefix length or change the prefix value of IPv6 addressses used in the system if possible. Error Message %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_PREFIX_COMPRESS Failed to have IPv6 prefix compressed Explanation IPv6 prefix compression failed because the line card has run out of internal resources for compressing a preifx. It shouldn’t have any major impact on the system service. The in-bound (destined to the system) packets can still reach destinations through SW path. Recommended Action Try either change the prefix length or change the prefix value of IPv6 addressses used in the system if possible. Error Message %OS-PLATFORM_LPTS_PIFIB-7-DEBUG_CLEANUP [chars]: Debug cleanup failed: [chars] Explanation An error was returned when cleaning up debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the lpts/[chars] event failed: [chars] Explanation An error was returned when initializing debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1329 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-DEBUG_REGISTER [chars]: Debug registration failed: [chars] Explanation An error was returned when registering debug. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_CONN_INIT Failed to connect to [chars]: [chars] Explanation An internal error was detected when trying to connect to the respective component. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of the respective component because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_CONN_INIT Failed to connect to [chars]: [chars] Explanation An internal error was detected when trying to connect to the respective component. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of the respective component because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_CONN_INIT Failed to connect to [chars]: [chars] Explanation An internal error was detected when trying to connect to the respective component. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of the respective component because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1330 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_DEBUG_INIT [chars]: [chars] Explanation An error was returned when initializing debug. The facility to debug the component may not work. Recommended Action Debug message only. No action is required. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_INIT [chars]: [chars] Explanation An internal error was detected when trying to set up event connection. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_INIT [chars]: [chars] Explanation An internal error was detected when trying to set up event connection. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_INIT [chars]: [chars] Explanation An internal error was detected when trying to set up event connection. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1331 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_ATTACH Could not set up a timer object: [chars] Explanation An internal error was detected when trying to allocate a timer object. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_ATTACH Could not set up a timer object: [chars] Explanation An internal error was detected when trying to allocate a timer object. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_ATTACH Could not set up a timer object: [chars] Explanation An internal error was detected when trying to allocate a timer object. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_LEAF_NEW Could not create a timer tree leaf objct: [chars] Explanation An internal error was detected when trying to create a timer tree leaf object. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_LEAF_NEW Could not create a timer tree leaf objct: [chars] Explanation An internal error was detected when trying to create a timer tree leaf object. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1332 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_LEAF_NEW Could not create a timer tree leaf objct: [chars] Explanation An internal error was detected when trying to create a timer tree leaf object. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_INIT_POLICERS Failed to initialize the flow policer [dec]: [chars] Explanation It failed to program a flow policer during initialization. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_INIT_POLICERS Failed to initialize the flow policer [dec]: [chars] Explanation It failed to program a flow policer during initialization. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_INIT_POLICERS Failed to initialize the flow policer [dec]: [chars] Explanation It failed to program a flow policer during initialization. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1333 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_LTRACE_INIT Failed to initialize the ltrace buffer Explanation An internal error was detected when trying to initalize a ltrace buffer. Recommended Action When this issue happens, it will not able to use ltrace buffer for debugging. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_LTRACE_INIT Failed to initialize the ltrace buffer Explanation An internal error was detected when trying to initalize a ltrace buffer. Recommended Action When this issue happens, it will not able to use ltrace buffer for debugging. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_LTRACE_INIT Failed to initialize the ltrace buffer Explanation An internal error was detected when trying to initalize a ltrace buffer. Recommended Action When this issue happens, it will not able to use ltrace buffer for debugging. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_INIT Failed to initialize with Metro IPC Server: [chars] Explanation An internal error was detected when trying to initialize with Metro IPC server. Recommended Action Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1334 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_INIT Failed to initialize with Metro IPC Server: [chars] Explanation An internal error was detected when trying to initialize with Metro IPC server. Recommended Action Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_INIT Failed to initialize with Metro IPC Server: [chars] Explanation An internal error was detected when trying to initialize with Metro IPC server. Recommended Action Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_NOTIF_ACK Failed to acknowledge a MIPC notification: [chars] Explanation It is an internal error which the system failed to acknowledge a MIPC Server notification. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_NOTIF_ACK Failed to acknowledge a MIPC notification: [chars] Explanation It is an internal error which the system failed to acknowledge a MIPC Server notification. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1335 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_NOTIF_ACK Failed to acknowledge a MIPC notification: [chars] Explanation It is an internal error which the system failed to acknowledge a MIPC Server notification. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MSTATS_INIT Failed to initialize stats table: [chars] Explanation An internal error was detected when trying to initialize a statistic counter table. Recommended Action Check the status of Metro Stats Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_MSTATS_INIT Failed to initialize stats table: [chars] Explanation An internal error was detected when trying to initialize a statistic counter table. Recommended Action Check the status of Metro Stats Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_NOTIF_HANDLE Failed to handle [chars] notification: [chars] Explanation An internal error was detected when trying to handle a notification from the respective component. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1336 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_NOTIF_HANDLE Failed to handle [chars] notification: [chars] Explanation An internal error was detected when trying to handle a notification from the respective component. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_NOTIF_HANDLE Failed to handle [chars] notification: [chars] Explanation An internal error was detected when trying to handle a notification from the respective component. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_PRM_STATS_INIT Failed to initialize stats table: [chars] Explanation An internal error was detected when trying to initialize a statistic counter table. Recommended Action Check the status of Metro Stats Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_PROGRAM_ERRORED_POLICER Failed to reprogram the flow policer [dec]: [chars] Explanation An internal error was detected when trying to program the flow policer. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1337 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_PROGRAM_ERRORED_POLICER Failed to reprogram the flow policer [dec]: [chars] Explanation An internal error was detected when trying to program the flow policer. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_PROGRAM_ERRORED_POLICER Failed to reprogram the flow policer [dec]: [chars] Explanation An internal error was detected when trying to program the flow policer. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_REPROGRAM_POLICERS Failed to program the flow policer [dec]: [chars] Explanation It failed to reprogram a flow policer when it had received a request to reprogram all flow policers to HW. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_REPROGRAM_POLICERS Failed to program the flow policer [dec]: [chars] Explanation It failed to reprogram a flow policer when it had received a request to reprogram all flow policers to HW. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PLATFORM_LPTS_PIFIB Messages EM-1338 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_REPROGRAM_POLICERS Failed to program the flow policer [dec]: [chars] Explanation It failed to reprogram a flow policer when it had received a request to reprogram all flow policers to HW. Recommended Action When this issue happens, it will trigger an automatic restart. Check the status of Metro IPC Server because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_SYSDB_DATALIST_CREATE Sysdb datalist function failed to create an object handle: [chars] Explanation An internal sysdb function failed. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_SYSDB_DATALIST_CREATE Sysdb datalist function failed to create an object handle: [chars] Explanation An internal sysdb function failed. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_SYSDB_DATALIST_CREATE Sysdb datalist function failed to create an object handle: [chars] Explanation An internal sysdb function failed. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PMHAC Messages EM-1339 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_TCAM_INIT Failed to initialize TCAM regions: [chars] Explanation An internal error was detected when trying to initialize TCAM regions. Recommended Action Check the status of TCAM Manger because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_TCAM_INIT Failed to initialize TCAM regions: [chars] Explanation An internal error was detected when trying to initialize TCAM regions. Recommended Action Check the status of TCAM Manger because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PLATFORM_LPTS_PIFIB-7-ERR_TCAM_INIT Failed to initialize TCAM regions: [chars] Explanation An internal error was detected when trying to initialize TCAM regions. Recommended Action Check the status of TCAM Manger because this issue is likely related to it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PMHAC Messages Error Message %OS-PMHAC-7-ERR_DLL_INIT PM HA Client DLL failed to initialize debugging services, reason [chars] Explanation The Platform Manager HA DLL encountered an internal software error. The debugging services could not be initialized. This problem should rarely happen. Restarting the Platform Manager HA process might recover the problem Recommended Action There is no action required because the client process should handle this error.Operating System (OS) Messages PMHAD Messages EM-1340 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PMHAD Messages Error Message %OS-PMHAD-3-ERR_NOMEM [chars] Explanation The Platform Manager HA Driver DLL was unable to add any new fault record due to lack of memory. This condition will cause the DLL to exit. Recommended Action Add more memory to the card specified in the System Message. If the this message recurs after a memory upgrade, copy the System Message text exactly as it appears on the console or in the system log, and contact your Cisco technical support representative, and provide the representative with the gathered information. Error Message %OS-PMHAD-4-ERR_NOMEM_WARNING [chars] Explanation The Platform Manager HA Driver DLL was unable to add one new fault record due to lack of memory, but it is still running. Recommended Action Add more memory to the card specified in the System Message. If the this message recurs after a memory upgrade, copy the System Message text exactly as it appears on the console or in the system log, and contact your Cisco technical support representative, and provide the representative with the gathered information. Error Message %OS-PMHAD-7-ERR_DLL_INIT [chars], reason [chars] Explanation The Platform Manager HA Driver DLL encountered an internal software error. The debugging services could not be initialized. This problem should rarely happen. Restarting the Platform Manager HA process might recover the problem Recommended Action There is no action required because the client process should handle this error. Error Message %OS-PMHAD-7-ERR_INIT [chars], reason: [chars] Explanation The Platform Manager HA Driver DLL was unable to initialize due to internal software resource issues. Recommended Action The Platform Manager HA Driver DLL will exit and the client process should handle the error accordingly. Please exam the output of show logging to see if similar issue had occured.Operating System (OS) Messages PROCFIND Messages EM-1341 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PROCFIND Messages Error Message %OS-PROCFIND-4-NODETYPE Running on unknown nodetype, assuming it is a linecard Explanation Procfind was did not recognise the node type on which it was running, and therefore assumed it was a linecard. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PROCFIND-6-EVENT_BLOCK Error waiting for message - ignoring: [chars] Explanation An error occured whilst Procfind was waiting for messages, Procfind ignored the error and continued to wait for more messages. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PROCFIND-6-PROC_INFO Failed to retrieve info for process [dec]: [chars] Explanation Procfind was unable to read the information for the specified process, and will therefore return incomplete results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PROCFIND-6-PROC_OPEN Failed to open process [dec]: [chars] Explanation Procfind was unable to open the specified process, and will therefore return incomplete results. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PROCFIND Messages EM-1342 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PROCFIND-6-READY Failed to signal end of initialization to SysMgr: [chars] Explanation Procfind was unable to inform System Manager that it has finished initializing and is ready to service request. Procfind ignored the error and continued normally. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PROCFIND-7-EVENT_MGR Failed to create an event manager: [chars] Explanation Procfind was unable to create an event manager for receiving messages, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PROCFIND-7-MEMORY Failed to allocate memory for [chars] Explanation Insufficient resources were available to allocate memory for the specified item. Procfind may not be able to continue running. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-PROCFIND-7-NODEID Failed to get node ID of current node: [chars] Explanation Procfind was unable to determine the ID of the node on which it was running, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PROCFIND-7-SYSDB_BIND Failed to bind to SysDB at ’[chars]’: [chars] Explanation Procfind was unable to bind to the SysDB server, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages PUF Messages EM-1343 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-PROCFIND-7-SYSDB_EDM_INIT Failed to initialize SysDB EDM functions handle: [chars] Explanation Procfind was unable to initialize its SysDB EDM functions handle, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-PROCFIND-7-SYSDB_EDM_REG Failed to register with SysDB as an EDM at ’[chars]’: [chars] Explanation Procfind was unable to register with the SysDB server for as an EDM, and therefore failed to initialize. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PUF Messages Error Message %OS-PUF-4-MCAST_MSG Problem processing incoming multicast message: [chars] Explanation An incoming multicast message was received, supposedly containing data that should be persisted to non-volatile storage on the receiving location, but this persisting operation could not complete because of a problem. Recommended Action This is unlikely to be immediately threatening to the router’s health, but could cause misbehavior if the router is reloaded. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. QAD_LIB Messages Error Message %OS-QAD_LIB-3-ERROR Operation [chars] failed : [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QAD_QUEUE_MODEL Messages EM-1344 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QAD_LIB-6-INFO Condition [chars] : [chars] Explanation The specified condition has occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. QAD_QUEUE_MODEL Messages Error Message %OS-QAD_QUEUE_MODEL-3-ERROR Operation [chars] failed : [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. QAD_SERVER Messages Error Message %OS-QAD_SERVER-3-ERROR Operation [chars] failed : [chars] Explanation The specified operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. QNET_LC Messages Error Message %OS-QNET_LC-7-BASE_BAD_CHAIN_TYPE [chars]:[dec]:[chars]: Invalid attempt to build chain (type [dec]) Explanation qnetbase_builder_func() called with bad chain type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QNET_LC Messages EM-1345 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QNET_LC-7-BASE_CONTROL_FUNC_ERR [chars]:[dec]:[chars]: Base Control function erroneously called! Explanation qnetbase_control_func() wrongly called. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET_LC-7-CAPS_BAD_CHAIN_TYPE [chars]:[dec]:[chars]: Invalid attempt to build chain (type [dec]) Explanation qnetcaps_builder_func() called with wrong chain type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET_LC-7-CAPS_CONTROL_FUNC_ERR [chars]:[dec]:[chars]: Caps Control function erroneously called! Explanation qnetcaps_control_func() has been called, which should never happen. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET_LC-7-DUPLICATE_BMA_PAK [chars]: Cannot duplicate BMA packet (rc equals [dec] dropping Qnet packet. Explanation pak_netio_duplicate() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET_LC-7-ENCAPS_FUNC_ERR [chars]:[dec]:[chars]: Qnet encapsulation node erroneously called! Explanation qnetcaps_encaps() has been called, which should never happen. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QNET Messages EM-1346 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QNET_LC-7-LOST_QNET_CONN Lost connection to Qnet process; dropping packets. Explanation netio_dll_packet_input_NEW() to Qnet failed and Qnet connection is closed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET_LC-7-PAK_INPUT_FAIL [chars]:[dec]:[chars]: packet_input returned non-zero result code ([dec]) Explanation netio_dll_packet_input_NEW() to Qnet failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET_LC-7-UINT32_GET [chars]:[dec] failed to get destination slot. error [dec] Explanation pak_netio_uint32_get() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. QNET Messages Error Message %OS-QNET-0-EMG [chars] Explanation An EMERGENCY level message was emitted by QNET. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QNET Messages EM-1347 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QNET-1-ALT [chars] Explanation An ALERT level message was emitted by QNET. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET-2-CRT [chars] Explanation A CRITICAL level message was emitted by QNET. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET-2-FATAL Fatal: [chars] Explanation some fatal error has happended. Recommended Action This should not occur in normal conditions Error Message %OS-QNET-3-ERR [chars] Explanation An ERROR level message was emitted by QNET. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET-4-DUMPER_SNAP_DUMP Process [dec] requested voluntary [chars] dump of itself Explanation A non-invasive voluntary coredump requested by the process. Process might be experiancing a condition which needs investigation. This core file will help analysing the issue. Recommended Action This should not occur in normal conditions, please provide the coredump to TAC. Operating System (OS) Messages QNET Messages EM-1348 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QNET-4-DUMPER_SNAP_NODUMP Problem with voluntary core dump requested by [dec] when [chars]: [chars] Explanation A non-invasive voluntary coredump was requested by the process, but a problem occured that prevented the coredump from being created. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET-4-WRN [chars] Explanation A WARNING level message was emitted by QNET. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QNET-5-NOT [chars] Explanation A NOTICE level message was emitted by QNET. Recommended Action No action is required. Error Message %OS-QNET-6-DUMPER_SNAP_DUMP_OK Voluntary core dump requested by process [dec] completed Explanation A non-invasive voluntary coredump requested by the process completed successfully. Process might be experiancing a condition which needs investigation. This core file will help analysing the issue. Recommended Action This should not occur in normal conditions, please provide the coredump to TAC. Error Message %OS-QNET-6-INF [chars] Explanation An INFO level message was emitted by QNET. Recommended Action No action is required. Operating System (OS) Messages QSM Messages EM-1349 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QNET-7-DEB [chars] Explanation A DEBUG level message was emitted by QNET. Recommended Action Debug message only. No action is required. Error Message %OS-QNET-7-SIO_Q_PROD q_produce for QNET tx failed, rc equals [dec] Explanation could not send pkt to fabric driver. Recommended Action This should not occur in normal conditions QSM Messages Error Message %OS-QSM-3-ADD_SYMLINKS_DIR Unable to add directory link [chars]: [chars] Explanation A error occured while processing a QSM configuration file. This could be due to a problem with the installed media or file system damage. QSM will continue startup-up, but some system functionality may be impared. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-ADD_SYMLINKS_FILE Unable to add link [chars]-[chars]: [chars] Explanation A error occured while processing a QSM configuration file. This could be due to a problem with the installed media or file system damage. QSM will continue startup-up, but some system functionality may be impared. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1350 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-BAD_DBDUMP_MESSAGE An database dump message from another node could not be processed ([chars]): [chars] Explanation The indicated error occured while processing a dbdump from another node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-BAD_MESSAGE An unexpected message from another node could not be processed ([chars]): [dec] Explanation An invalid message type was received from another node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-BAD_UPDATE_MESSAGE An update message from another node could not be processed ([chars]): [chars] Explanation The indicated error occured while processing an update from another node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CERR_REGISTER Unable to register the QSM error messages: [chars] Explanation The QSM error number/messages table could not be registered with the cerrno system. Error translations will not be available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1351 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-CHECKPOINT_CANT_OPEN Unable to open QSM checkpoint file [chars]: [chars] Explanation The checkpoint file could not be opened. A restart of QSM is likely to have incomplete data. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CHECKPOINT_CANT_RELOAD Unable to re-load QSM link [chars]-[chars]: [chars] Explanation A link found in the checkpoint file could not be created in the QSM database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CHECKPOINT_CANT_RELOAD_NOTIFY Unable to re-load QSM notification for [chars]: [chars] Explanation A link found in the checkpoint file could not be created in the QSM database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CHECKPOINT_CANT_RENAME Unable to rename checkpoint file [chars]-[chars]: [chars] Explanation The checkpoint temporary file could not be renamed. A restart of QSM is likely to have incomplete data. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1352 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-CHECKPOINT_CANT_SEEK Unable to seek to the end of the QSM checkpoint file [chars]: [chars] Explanation The checkpoint file could not be appended to. A restart of QSM is likely to have incomplete data. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CHECKPOINT_CANT_TRUNCATE Unable to truncate QSM checkpoint file [chars]: [chars] Explanation The QSM checkpoint file could not be truncated -- prior to being overwritten with updated data. A restart of QSM is likely to have incomplete data. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CHECKPOINT_CANT_WRITE Unable to write to QSM checkpoint file [chars]: [chars] Explanation A link could not be written to the QSM checkpoint file. A restart of QSM is likely to have incomplete data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CHECKPOINT_FORMAT Insufficient buffer size to format QSM checkpoint record. Have [dec], need [dec] Explanation A QSM checkpoint record could not be placed in the checkpoint file due to insufficient buffer space. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1353 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-CHECKPOINT_LOCK_FAILURE Checkpoint lock failure: [chars] Explanation The lock that protects the QSM checkpoint database could not be taken. The checkpoint database could become corrupted -- causing a restart of QSM to have incomplete data. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-CHECKPOINT_NOSPACE Unable to allocate space for the checkpoint buffer Explanation A QSM checkpoint record could not be placed in the checkpoint file due to insufficient heap space. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %OS-QSM-3-INITIALIZATION_FAILURE Unable to initialize [chars]: [chars] Explanation The QSM process wasn’t able to startup up due the indicated failure during initialization. A restart of the process will be attempted. If the process can not be sucessfully started after several attempts, the board will probably be unusable. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-INVALID_PLATFORM_TYPE Platform_get_type returned an unknown node type: [dec] Explanation The QSM process wasn’t able to startup up due the indicated failure during initialization. A restart of the process will be attempted. If the process can not be sucessfully started after several attempts, the board will probably be unusable. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1354 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-INVALID_SYMLINKS_FILE Invalid line in symlinks file: [chars] Explanation A startup configuration file for QSM contained an invalid line. This could be due to a problem with the installed media or file system damage. QSM will continue startup-up, but some system functionality may be impared. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LINK_BAD_MODE A Link database entry had an unexpected mode: 0o%o Explanation The mode data (MOG) for a link entry had an unexpected value. This could indicate a memory corruption problem. Recommended Action Take a dump of the process and restart it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LINK_CREATE_FAILURE Unable to create link database entry ’[chars]’ ([chars]): [chars] Explanation An entry could not be placed in the links database. The full error message should indicate where the failure occured and why. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LINK_DELETE_FAILURE_INUM Unable to delete link database entry: [dec] Explanation A link could not be deleted from the links database. This could indicate either a code problem or a memory corruption problem. Recommended Action Take a dump of the process and restart it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1355 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-LINK_DELETE_FAILURE_PATH Unable to delete link database entry: [chars] Explanation An entry could not be deleted from the links database. The full error message should indicate where the failure occured and why. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LINK_FREE_ZERO_INUM The QSM links database was requested to free a inode with a zero inumber Explanation A internal error occured. A small amount of memory has been lost. QSM can be restarted to recover the lost memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LINK_INVALID_CUR_INDEX Invalid cur index in [chars]. CUR: [dec], path: [chars], inum: [dec] Explanation A internal error has occured. The QSM directory scrub routine has been aborted. This should not cause any instability unless this message is repeated many times. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LINK_LOCK_FAILURE A lock failure occured in the links database ([chars]():[chars]): [chars] Explanation An expected database lock was not held. This could indicate a memory corruption problem. Recommended Action Take a dump of the process and restart it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1356 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-LINK_WRONG_RESULT link delete returned wrong link entry. path [chars], result: [hex], delete_result: [hex] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-3-LOCATE_SYMLINKS_FILE Unable to locate symlinks file at etcpath [chars]: [chars] Explanation An expected startup configuration file for QSM could not be found. This could be due to an install problem or due to data being deleted from the installation file system. QSM will continue startup-up, but some system functionality may be impared. Recommended Action Your installed file system is missing a file. Perform a re-install to refresh the missing file. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LOCK_FAILURE A lock failure occured ([chars]): [chars] Explanation The indicated error occurred while attempting to hold or release a lock. Recommended Action Take a dump of the process and restart it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-LOCK_FAILURE_LOCKTEST [chars]: [dec]. A lock failure occured ([chars]): [chars] Explanation The indicated error occurred while attempting to hold or release a lock. Recommended Action Take a dump of the process and restart it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-NO_MEMORY Unable to obtain [dec] bytes of memory while: [chars] Explanation QSM could not obtain system meory while performing the indicated operation. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Operating System (OS) Messages QSM Messages EM-1357 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-NON_ADMIN_ADD (transition message) Detected NON admin plane add for [chars]. class: [hex], svctype: [hex], msgflags: [hex] Explanation Development debug message Recommended Action Debug message only. No action is required. Error Message %OS-QSM-3-NOTIFY_LOCK_FAILURE A lock failure occured in the notification database ([chars]): [chars] Explanation An expected database lock was not held. This could indicate a memory corruption problem. Recommended Action Take a dump of the process and restart it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-NOTIFY_WRITE_FAILED Notification checkpoint record could not be written: [chars] Explanation A notification record could not be written to the QSM notification checkpoint file. A restart of QSM is likely to have incomplete data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-3-OPEN_SYMLINKS_FILE Unable to open symlinks file [chars]: [chars] Explanation An expected startup configuration file for QSM could not be opened. This could be due to a problem with the installed media or file system damage. QSM will continue startup-up, but some system functionality may be impared. Recommended Action Your installed file system may be corrupted. Perform a format and re-install to fix it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1358 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-3-SEND_DATABASE_MESSAGE Unable to send a database message ([chars]): [chars] Explanation A database update or dump mesage could not be sent to the other nodes. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-7-ADMIN_ADD (transition message) Detected admin plane add for [chars]. class: [hex], svctype: [hex], msgflags: [hex] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-BAD_LWM_MSG Bad LWM Message received from pid [dec]. ([chars]): [chars] Explanation An error was received while processing a request from a local process. There could be a version mis-match or corruption in the client process. The error message should provide some clue to the problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-7-BAD_LWM_VERSION A QSM message was received, but it had the wrong version number. Received: [hex], Expected: [hex]. Explanation An error was received while processing a request from a local process. There could be a version mis-match or corruption in the client process. The error message should provide some clue to the problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-7-DEBUG_KEY_CREATE Could not create key. rc: [dec], qsm_lock_key: [dec] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Operating System (OS) Messages QSM Messages EM-1359 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-7-DEBUG_SPECIFIC_ALLOC Could not alloc space for thread specific lock data: [chars] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-DEBUG_SPECIFIC_SET Could not set thread specific for lock data: [chars] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-LINK_BAD_THREAD_INUM A link was not threaded correctly in the links database ([chars]). thread: [dec]. inum: [dec] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-LINK_BAD_THREAD_PATH A link was not threaded correctly in the links database ([chars]). thread: [dec]. path: [chars] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-LINK_LOST_EMPTY_DIRECTORY An empty directory was to be deleted but inode [dec] could not be found: [chars] Explanation An empty directory was to be automatically purged from the QSM database. When the directory was searched for, it could not be found. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-LOCK_HELD Unexpected lock held at [chars]: [dec]. Last taken at [chars]: [dec] Explanation This is a debug message that is not compiled into a customer version of the code. Recommended Action Debug message only. No action is required. Operating System (OS) Messages QSM Messages EM-1360 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-7-LOCK_NOTFOUND A lock list did not have an expected lock at [chars]: [dec] Explanation The lock list was corrupted. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-LOCK_WRONG_COUNT A lock list had an incorrect count at [chars]: [dec]. ([dec] vs [dec]) Explanation The lock list was corrupted. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-LOCKORDER_FAILURE A lock ordering failure occured ([chars]) at [chars]:[dec]. ([dec] vs [dec]). Explanation A lock was taken in an invalid sequence. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-LOCKORDER_UPGRADE A lock upgrade (read to write) attempt was made at [chars]:[dec]. The lock was first taken at [chars]:[dec] Explanation An invalid upgrade was made of a lock. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-NODE_DELETE_FAILURE A node was only partially deleted. thread [dec], node: [chars] Explanation Internal memory corruption occured in the QSM nodes database. Recommended Action Take a dump of the process and restart it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages QSM Messages EM-1361 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-QSM-7-NODE_LOOKUP_FAILURE A node could not be found in the QSM nodes database: [chars] Explanation An attempt to use a QSM link was made -- but the remote node that exported the link to the local node was not in the local nodes database. This could be a harmless timing condition. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-7-NON_LOCAL A QSM message was received from a non-local process Explanation A process on another node contacted the local QSM server. The local server refused the request. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-QSM-7-NOTIFY_REGISTER_FAILED notification register of [chars] failed: [chars] Explanation A application requested database notification could not be placed in the QSM notification database. An error will be returned to the client process. Recommended Action Debug message only. No action is required. Error Message %OS-QSM-7-NOTIFY_UNREGISTER_FAILED notification register of [dec] failed: [chars] Explanation A application requested database un-notification could not be removed from the QSM notification database. An error will be returned to the client process. Recommended Action Debug message only. No action is required.Operating System (OS) Messages QUEUE Messages EM-1362 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 QUEUE Messages Error Message %OS-QUEUE-7-LINKED Bad [chars] of [hex] in queue [hex] Explanation The router is running short on memory. Recommended Action It may be necessary to free some memory by exiting a program. If this message recurs, call your technical support representative for assistance. Error Message %OS-QUEUE-7-NOTQ [chars] didn’t find [hex] in queue [hex] Explanation An internal software error occurred. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %OS-QUEUE-7-QCOUNT Bad [chars] [hex] count [dec] Explanation An internal software error occurred. Recommended Action If any of these messages recur, call your technical support representative for assistance. RDS Messages Error Message %OS-RDS-2-IDT_FAILED IDT for replica [chars] (all handles) FAILED Explanation IDT for the specified replica has totally failed and the process will do a voluntary dump to recover. Recommended Action If this message is seen for a particular process on a particular node continously then contact support Error Message %OS-RDS-3-ALLOC_FAILURE_MSG couldnt alloc for [chars], len equals [dec], errno equals [dec] Explanation This is a generic error msg for memory allocation failure. Recommended Action Contact support. Operating System (OS) Messages RDS Messages EM-1363 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDS-3-ASSERT_MSG [chars].[dec]: hit assert condition. ’val1 equals [hex]’ expected to be [chars] ’val2 equals [hex]’ Explanation rds hit an internal assert. Recommended Action Contact support. Error Message %OS-RDS-3-BAD_READ ens_[chars] returned len equals [dec] for DH_ENTRY: [hex], expected equals [dec] Explanation ens_read returned bad len. Recommended Action Contact support. Error Message %OS-RDS-3-BAD_SEQNUM UNEXPECTED rdr_dh_seqnum equals [dec] rhdr.seq_num equals [dec] for DH equals [hex], dlen equals [dec], rdr_data equals [pointer] Explanation ens_read returned data with bad seqnum. Recommended Action Contact support. Error Message %OS-RDS-3-ENS_BULK_REGISTER [dec]: ens_bulk_register failed, rc equals [hex], errno equals [dec] Explanation ens_bulk_register failed. Recommended Action Contact support. Error Message %OS-RDS-3-ENS_PRODUCER_RELEASE ens_producer_release for DH equals [hex] failed, errno equals [dec] Explanation ens_producer_release failed. Recommended Action Contact support. Error Message %OS-RDS-3-ENS_PUBLISH [chars]: ens_publish for DH equals [hex] failed, errno equals [dec] Explanation ens_publish failed. Recommended Action Contact support. Operating System (OS) Messages RDS Messages EM-1364 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDS-3-ENS_REGISTER_CLASS [chars]: ens_register_class for replica_name equals [chars] ch equals [hex] failed, rc equals [hex], errno equals [dec] Explanation ens_bulk_register failed. Recommended Action Contact support. Error Message %OS-RDS-3-GROUP_CREATE group_create for [chars]/[chars] failed, errno equals [dec] Explanation Group create failed. Recommended Action Contact support. Error Message %OS-RDS-3-LOCK_FAILURE [chars] failed, errno equals [dec] Explanation Lock/Unlock operation failed. Recommended Action Contact support. Error Message %OS-RDS-3-NRS_CREATE_CLASS [chars]: nrs_create_class for [chars] failed, errno equals [dec] Explanation nrs_create_class failed. Recommended Action Contact support. Error Message %OS-RDS-3-NRS_REGISTER_BULK [chars]: nrs_register_bulk for CH equals [hex] failed, rc equals [dec] errno equals [dec] Explanation nrs_register_bulk failed. Recommended Action Contact support. Error Message %OS-RDS-3-PENDING_MSG [chars]: couldnt create pending msg for CH equals [hex], DH equals [hex], errno equals [dec] Explanation couldnt create pending msg for the incoming write/publish. Recommended Action Contact support. Operating System (OS) Messages RDS Messages EM-1365 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDS-3-SEARCH_HDLS_FAILED [chars]:[dec] nrs_search for replica_name [chars] returned NULL after 50 retries Explanation nrs_search for the specified replica did not yield any data handles. Recommended Action If this message is seen for a particular process on a particular node more than 5 times then contact support. Error Message %OS-RDS-3-SNAP_DUMP [chars]: handle equals [hex] memory ptr equals 0x[pointer] Explanation rds hit an internal error. Recommended Action Contact support. Error Message %OS-RDS-3-SYNC_CREATE TID equals [dec]: gs_sync_create failed for tag [hex], err [dec] Explanation Ticket create failed. Recommended Action Contact support. Error Message %OS-RDS-3-SYNC_RELEASE_FAILED TID equals [dec]: Ticket Release failed rp equals [pointer] tick equals [hex] curr equals [dec] hi equals [dec] currturn equals [hex] next equals [hex] waitcnt equals [dec] rc equals [dec] errno equals [dec] Explanation Ticket request timed out. Recommended Action Contact support. Error Message %OS-RDS-3-SYNC_REQUEST TID equals [dec]: Ticket Request failed for ticket [hex], rp [pointer], err [dec] Explanation Ticket request failed. Recommended Action Contact support. Operating System (OS) Messages RDS Messages EM-1366 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDS-3-SYNC_REQUEST_TIMED_OUT TID equals [dec]: Tick Req Timed out rp equals [pointer] tick equals [hex] curr equals [dec] hi equals [dec] currturn equals [hex] next equals [hex] waitcnt equals [dec] rc equals [dec] errno equals [dec], RETRYING... Explanation Ticket request timed out. Recommended Action Contact support. Error Message %OS-RDS-3-SYNC_REQUEST_UNEXPECTED TID equals [dec]: Tick Req unknown failure, rp equals [pointer] tick equals [hex] curr equals [dec] hi equals [dec] currturn equals [hex] next equals [hex] waitcnt equals [dec] rc equals [dec] errno equals [dec] Explanation Ticket request failed with unknown error. Recommended Action Contact support. Error Message %OS-RDS-3-WRITE_TIMEDOUT rds_write DHDL equals [hex]([chars]), req equals [dec], resp equals [dec], #wtrs equals [dec]: [chars], errno equals [dec], retries equals [dec] Explanation rds_write request timed out. Recommended Action Contact support. Error Message %OS-RDS-4-COND_TIMED_WAIT TID equals [dec]: Unexpected error equals [dec] from pthread_cond_timedwait cmd equals [dec] Explanation pthread_cond_timedwait failed. Recommended Action Contact support. Error Message %OS-RDS-4-RING_LOOKUP Lookup of identifier equals [hex] index equals [hex] in RING equals [pointer] failed Explanation atomic tag ring lookup failed. Recommended Action Contact support. Operating System (OS) Messages RDS Messages EM-1367 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDS-7-BAD_RDSTYPE TID equals [dec]: [dec]: Wrong replica type passed, expected equals [dec].. Explanation passed in replica_id is wrong. Recommended Action Contact support. Error Message %OS-RDS-7-DUPLICATE_TICKET_NOTIF TID equals [dec]: [dec]: Duplicate Tick Notif (Dropping it) rp equals [pointer] tick equals [hex] curr equals [dec] hi equals [dec] currturn equals [hex] next equals [hex] TickCurr equals [dec] TickHi equals [dec] state equals [hex] Explanation Got a ticket notification, for an already active ticket. Recommended Action Contact support. Error Message %OS-RDS-7-GENERIC_FAILURE_MSG [chars][dec] Explanation This is a generic error msg. Recommended Action Contact support. Error Message %OS-RDS-7-GET_DH_ENTRY [dec]: No entry for Datahandle equals [hex], rp equals [pointer] vec equals [pointer] errno equals [dec] Explanation Could find datahandle entry in the vector for replica Recommended Action Contact support. Error Message %OS-RDS-7-GET_REPLICA [dec]: [chars] for CH equals [hex], errno equals [dec], rds_type equals [dec] Explanation Couldnt get the replica entry Recommended Action Contact support. Operating System (OS) Messages RDS Messages EM-1368 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDS-7-GROUP_SEND_RINFO [chars]: group_send_rinfo failed GID equals [hex], errno equals [dec], rc equals [dec], #resp equals [dec], pattern equals [chars] Explanation group_send_rinfo failed. Recommended Action Contact support. Error Message %OS-RDS-7-GSM_FAIL GSM for [chars] Failed for Handle equals [hex], to (g:[hex]/n:[hex]/p:[dec]), errno equals [dec] Explanation group_send_memberset failed. Recommended Action Contact support. Error Message %OS-RDS-7-INVALID_ARGS [dec]: invalid args passed Explanation a function was invoked with invalid arguments Recommended Action Contact support. Error Message %OS-RDS-7-INVALID_RHDR [dec]: invalid rhdr equals [pointer] passed Explanation a function was invoked with invalid rhdr msg Recommended Action Contact support. Error Message %OS-RDS-7-NO_PREQ_ENTRY [chars].[dec]: [chars] rp equals [pointer] nptr equals [pointer] from sender equals g:[dec]/n:[dec]/p:[dec] Explanation Couldnt find pending request entry in the pending list. Recommended Action Contact support. Error Message %OS-RDS-7-NRS_DECODE [chars], Datahandle equals [hex], errno equals [dec] Explanation An internal NRS function failed. Recommended Action Contact support. Operating System (OS) Messages RDSFS Messages EM-1369 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDS-7-NRS_SEARCH [chars]: nrs_search for [chars] failed, rc equals [dec] errno equals [dec] Explanation nrs_search failed. Recommended Action Contact support. Error Message %OS-RDS-7-QUERY_PEERS_TIMED_OUT TID equals [dec] Couldnt cmd equals [dec] for GID equals [hex] CHDL equals [hex]([hex]) #to_resp equals [dec] req equals [dec] got equals [dec] state equals [hex], expstate equals [hex] preq_id equals [dec] rds_type equals [dec] Explanation Ticket request timed out. Recommended Action Contact support. Error Message %OS-RDS-7-READ_FAILED [chars] DH_ENTRY equals [hex] for exp_len equals [dec] got equals [dec] rc equals [dec] errno equals [dec] Explanation ens_read API failed. Recommended Action Contact support. Error Message %OS-RDS-7-WRONG_PLANE [dec]: Wrong plane [dec] for [chars] failed.. Explanation ens_bulk_register failed. Recommended Action Contact support. RDSFS Messages Error Message %OS-RDSFS-4-BAD_REPLICA Bad Replica detected: Condition-[chars] Path-[chars] Error-[chars]. Explanation The current instance of RDSFS encountered an error so that it is no longer a replica. Recommended Action Contact customer support. Operating System (OS) Messages REDFS Messages EM-1370 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RDSFS-7-DEBUG PID:TID equals [dec]:[dec] [chars] [chars] Error-[chars] Explanation RDSFS failure. Recommended Action Contact customer support. Error Message %OS-RDSFS-7-EDM_INTERNAL There was an internal error with the RDSFS EDM: [chars], [hex] ([chars]). Explanation RDSFS encountered an internal error within it’s EDM, which is a non vital component for normal operation. Recommended Action Contact customer support Error Message %OS-RDSFS-7-FAILURE [chars] [chars] Error-[chars] Explanation RDSFS failure. Recommended Action Contact customer support. Error Message %OS-RDSFS-7-INIT_FAILED Failed to initialize [chars] because [chars]. Explanation RDSFS failed to initialize a module. Recommended Action Contact customer support REDFS Messages Error Message %OS-REDFS-4-MIRROR_DISABLED Mirroring disabled because [chars]. Explanation RedFs disabled mirroring because of the specified reason. Recommended Action Check mirroring configuration. Error Message %OS-REDFS-5-INIT_FAILED Failed to initialize [chars]: [hex]:[chars]. Explanation RedFs failed to initialize a module. Recommended Action Contact customer support Operating System (OS) Messages REDFS Messages EM-1371 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-REDFS-5-MIRROR_ERROR Mirror [chars] error on [chars]/[chars]. Error-[dec]:[chars]. Explanation RedFs indicates that mirroring error occured on the operation and file specified with the specified error. Recommended Action Check ’show mirror’ state and confirm if a re-sync has started or redundancy has been restored. If sync failed or not redundant, contact customer support. Error Message %OS-REDFS-5-MIRROR_NOT_REDUNDANT Mirroring is not redundant because [chars]. Only using device [chars] now. Explanation RedFs indicates that mirroring state is no longer redundant and is only using the specified device. Recommended Action No action is required. Error Message %OS-REDFS-5-MIRROR_NOT_START Mirroring unable to start because secondary device [chars] is not partitioned. Please format partition it. Explanation RedFs indicates that mirror sync process cannot start because the specfied secondary device is not partitoned. It must be partitioned to start mirroring. Recommended Action Verify state of secondary device using ’show media’. If not partitioned, do ’format device partition’ to create second partition on specified secondary device. If mirroring fails to start sync, contact customer support. Error Message %OS-REDFS-5-MIRROR_PAUSED Mirroring has been paused. Please do ’mirror resume’ to restart mirroring. Explanation RedFs indicates that mirroring has been paused. Recommended Action Please use the ’mirror resume’ command to restart mirroring if operations which required ’mirror pause’ are complete. Error Message %OS-REDFS-5-MIRROR_SYNC_FAILED Mirror sync failed on [chars]/[chars]. Error-[dec]:[chars]. Explanation RedFs indicates that mirror sync process has failed on the specified file and is not able to make disks redundant. Recommended Action Restart mirror sync by doing ’mirror pause’ and ’mirror resume’ on sync failed node. If sync fails again, contact customer support. Operating System (OS) Messages REGEXP Messages EM-1372 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-REDFS-6-MIRROR_ENABLED Mirroring has been enabled with configured devices of [chars] and [chars]. Explanation RedFs indicates that mirroring has been enabled with the specified devices. Recommended Action No action is required. Error Message %OS-REDFS-6-MIRROR_REDUNDANT Mirroring is now fully redundant for devices [chars] and [chars]. Explanation RedFs indicates that mirroring state is now fully redundant for the specified devices. Recommended Action No action is required. Error Message %OS-REDFS-6-MIRROR_RESUMED Mirroring has been resumed after being paused. Explanation RedFs indicates that mirroring has been resumed after being paused. Recommended Action No action is required. Error Message %OS-REDFS-6-MIRROR_UPGRADE Mirroring is partitioning device [chars] as part of upgrade procedure. Explanation RedFs indicates that it is partitioning the specified device as part of the mirroring upgrade procedure. Recommended Action No action is required. REGEXP Messages Error Message %OS-REGEXP-6-ENOMEM % Out of memory Explanation *NONE* Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Operating System (OS) Messages RSI_AGENT Messages EM-1373 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-REGEXP-6-INTERNAL % Internal error Explanation *NONE* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-REGEXP-6-INVALID % invalid regexp: [chars] Explanation *NONE* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-REGEXP-6-REGERROR % [chars] Explanation *NONE* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RSI_AGENT Messages Error Message %OS-RSI_AGENT-2-OBJ_CREATE Failed to create required ’[chars]’ object ’[chars]’, id equals [hex]: [chars] Explanation Failed to internally create an object required to provide service. Recommended Action Correct the problem, and restart the rsi_agent process. Error Message %OS-RSI_AGENT-2-RESOURCE_DOWN Critical resource ’[chars]’ required to operate was unavailable: [chars] Explanation A critical resource required to perform an operation was unavailable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages RSI_AGENT Messages EM-1374 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RSI_AGENT-3-CONSISTENCY_CHECK ’[chars]’ had a value of ’[chars]’, which did not match the expected value ’[chars]’. Explanation A software bug when an internal data consistency check failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSI_AGENT-3-ERR_GENERAL ’[chars]’ failed: [chars] Explanation Some requested operation failed. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSI_AGENT-3-ERR_INIT ’[chars]’ failed during initialization: [chars] Explanation Initialization of a required module failed. The process was unable to continue. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSI_AGENT-3-INTF_MAPPING_CHANGE Unexpected interface name:handle mapping change from [chars]:[hex] to [chars]:[hex]. Explanation An interface handle was received which does not match the interface handle already in the database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages RSI_MASTER Messages EM-1375 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RSI_AGENT-3-NONRESPONSIVE_CLIENT Client ’[chars]’ has not processed an update [dec] seconds after being notified. Forcing reconnect. PID equals [dec], Explanation RSI is forcing the specified client to reconnect, as the client has not processed a notification after a substantial timeout period. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RSI_MASTER Messages Error Message %OS-RSI_MASTER-2-ERR_INVALID_THREAD Callback from ENS on incorrect thread, actual/expected equals [dec]/[dec] (CSCsd51829) Explanation Detected single-threaded RSI Master code running on an unknown thread. This concurrency can result in corruption. Recommended Action Collect RSI traces Error Message %OS-RSI_MASTER-2-ERR_MEM_ALLOC Insufficient memory for ’[chars]’, [unsigned int] bytes, terminating Explanation RSI Master terminated due to lack of memory for a critical operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSI_MASTER-3-ERR_GENERAL ’[chars]’ failed: [chars] Explanation Some requested operation failed. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages RSVDPMEM Messages EM-1376 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RSI_MASTER-3-ERR_GENERAL_NO_RC [chars] Explanation Some requested operation failed. The text of the message displays the failed operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RSVDPMEM Messages Error Message %OS-RSVDPMEM-3-BAD_DATAFILE_VALUES Values from [chars] are invalid. data equals [chars]. start equals [dec], end equals [dec]. Explanation Reserve Physmem encountered a severe error and is not able to recover from the error. Details are provided with the error message. Call support with this error message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSVDPMEM-3-BAD_RETURN_VALUES Did not set return values correctly. start equals [dec], size equals [dec], base_addr equals [hex], mem_size equals [dec], mem_physical_start equals [hex], mem_physical_size equals [dec]. Explanation Reserve Physmem encountered a severe error and is not able to recover from the error. Details are provided with the error message. Call support with this error message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSVDPMEM-3-INVALID_PARAMS Invalid parameters passed to function. [chars] is NULL Explanation Reserve Physmem encountered a severe error and is not able to recover from the error. Details are provided with the error message. Call support with this error message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages RSVDPMEM Messages EM-1377 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RSVDPMEM-3-MEMUTIL_FIND_FAIL memutil_find_reserved_mem returned invalid memory reservation - mem_physical_start equals [hex], mem_physical_size equals [hex]. Explanation Reserve Physmem encountered a severe error and is not able to recover from the error. Details are provided with the error message. Call support with this error message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSVDPMEM-3-NO_MATCHING_STRING Failed to find any line in [chars] containing string: [chars] Explanation Reserve Physmem encountered a severe error and is not able to recover from the error. Details are provided with the error message. Call support with this error message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSVDPMEM-3-OPEN_FAIL Open of [chars] failed. Error [chars] Explanation Reserve Physmem encountered a severe error and is not able to recover from the error. Details are provided with the error message. Call support with this error message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RSVDPMEM-3-SSCANF_FAIL sscanf function failed to match required number of parameters. Matched [dec], error: [chars]. data equals [chars]. Explanation Reserve Physmem encountered a severe error and is not able to recover from the error. Details are provided with the error message. Call support with this error message text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages RT_CHECK_LIB Messages EM-1378 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RT_CHECK_LIB Messages Error Message %OS-RT_CHECK_LIB-3-CERR_REGISTER_DLL Could not register dll with error services: [chars] Explanation The call register the dll using cerr_register_dll failed. Recommended Action Contact support. Error Message %OS-RT_CHECK_LIB-3-DEBUG_SERVICES debug services function [chars] failed Explanation A call to a debug services interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK_LIB-3-EVENT_MANAGER event manager function [chars] failed: [chars] Explanation A call to an event manager interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK_LIB-3-GSP_CONN [chars]: error connecting with Group Services: [chars] Explanation A call to group_join() failed. Recommended Action Contact support. Error Message %OS-RT_CHECK_LIB-3-GSP_LOOKUP [chars]: error group lookup with Group Services: [chars] Explanation A call to group_lookup() failed. Recommended Action Contact support. Operating System (OS) Messages RT_CHECK Messages EM-1379 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RT_CHECK_LIB-3-GSP_NOTIFY [chars]: error group set notify with Group Services: [chars] Explanation A call to group_set_notify() failed. Recommended Action Contact support. Error Message %OS-RT_CHECK_LIB-3-GSP_SEND [chars]: error sending with Group Services: [chars] Explanation A call to group_send() failed. Recommended Action Contact support. Error Message %OS-RT_CHECK_LIB-3-MGD_TIMER mgd timer function [chars] failed Explanation A call to a mgd timer interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK_LIB-3-PTHREAD Pthread operation [chars] [hex] failed: [chars] Explanation A pthread operation failed Recommended Action Contact support. RT_CHECK Messages Error Message %OS-RT_CHECK-3-BCDL_REQ BCDL [chars] request failure, error [dec]: [chars] Explanation A call to a BCDL interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK-3-CHAN_CONN [chars] msg chan connect failed: [chars], error [dec]: [chars] Explanation A call to a LWM API failed. Recommended Action Contact support. Operating System (OS) Messages RT_CHECK Messages EM-1380 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RT_CHECK-3-DEBUG_SERVICES debug services function [chars] failed Explanation A call to a debug services interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK-3-EDM_DATALIST_ADD_FAILED Failed to add an external data manager datalist for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RT_CHECK-3-EDM_DATALIST_CREATE_FAILED Failed to create external data manager datalist for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RT_CHECK-3-EDM_ENCODE_FAILED Failed to encode [chars] data in external data manager Explanation A process has requested information through SysDB, probably as the result of executing a show command. The data requested could not be encoded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages RT_CHECK Messages EM-1381 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RT_CHECK-3-EDM_LIST_ADD_FAILED Failed to add to an external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RT_CHECK-3-EDM_LIST_CREATE_FAILED Failed to create external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RT_CHECK-3-EDM_REGISTER_FAILED Failed to register its external data manager: [chars] Explanation The process failed when attempting to register its external data manager with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RT_CHECK-3-EVENT_MANAGER event manager function [chars] failed: [chars] Explanation A call to an event manager interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK-3-GROUP group services function [chars] failed, error [dec]: [chars] Explanation A call to a group services interface failed. Recommended Action Contact support. Operating System (OS) Messages RT_CHECK Messages EM-1382 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RT_CHECK-3-MEMORY Memory allocation error. Explanation Malloc or calloc returned a null pointer. This indicates an out of memory condition. The rt_check process will exit or return. Recommended Action Collect system log information. Error Message %OS-RT_CHECK-3-MGD_TIMER mgd timer function [chars] failed Explanation A call to a mgd timer interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK-3-PTHREAD pthread function [chars] failed Explanation A call to a pthread interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK-3-PTHREAD_MUTEX Pthread operation [chars] [hex] failed: [chars] Explanation The mutex lock/unlock failed Recommended Action Contact support. Error Message %OS-RT_CHECK-3-RSI_INIT Failed to initialize RSI client library: [chars] Explanation Failed to initialize RSI global client library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RT_CHECK-3-RSI_TBL_ID Failed to get RSI tbl id from vrf name: [chars] Explanation The RSI failed to translate a vrf name into a tbl id. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages RT_CHECK Messages EM-1383 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-RT_CHECK-3-RSI_VRF_NAME Failed to get RSI vrf name from tbl id: [chars] Explanation The RSI failed to translate a tbl id to a vrf name. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-RT_CHECK-3-SYSDB [chars] Explanation A call to a sysdb interface failed. Recommended Action Contact support. Error Message %OS-RT_CHECK-3-TIMER_INIT timer init failed Explanation A call to the rt_check timer init routine failed. Recommended Action Contact support. Error Message %OS-RT_CHECK-3-USAGE usage: [chars] [-m] [-u] [-M] [-U] Explanation Incorrect command line arguments were given to the module Recommended Action Contact support. Error Message %OS-RT_CHECK-6-EDM_BAG_REGISTRATION_FAILED Failed to register its external data manager data blocks: [chars] Explanation The process failed while attempting to register its external data manager data blocks with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages SEIPC Messages EM-1384 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SEIPC Messages Error Message %OS-SEIPC-3-DEBUG_ERROR [chars]: [chars] Explanation Encountered an error in debug module. This error should not impact the major functionality of the module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SEIPC-3-INIT_CRITICAL_ERROR [chars]: [chars], [chars] Explanation A critical error during the initialization of Service Engine IPC. The cause of the error will be mentioned in the message displayed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SEIPC-3-LTRACE_ERROR Error encountered tracing for [chars]: [chars] Explanation Error message from tracing module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SHMWIN_SVR Messages Error Message %OS-SHMWIN_SVR-3-EVM_ERROR [chars], Error: [chars] Explanation Failed in some event management functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SHMWIN_SVR Messages EM-1385 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SHMWIN_SVR-3-GLOBAL_MUTEX_ERR [chars] ([dec], [chars]) Explanation Mutex lock/unlock failure has occurred for shmwins open/close operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-INVALID_ID Invalid window ID or group ID ([dec], [dec]) Explanation Window ID or Group ID specified by client is invalid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-LWM_ERROR [chars], Error: [chars] Explanation Failed to execute some LWM library functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-MAIN_INIT Initialization in main failed, Error: [chars] Explanation One of the functions called during initialization of the process failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-MMAP_FAIL Failed to mmap [chars] Explanation mmap of the shared memory required to store servers tree nodes failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SHMWIN_SVR Messages EM-1386 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SHMWIN_SVR-3-MSG_ERROR Received a bad message, [chars] Explanation The message received by the server had inconsistent values. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-NO_MEMORY Failed in allocating memory Explanation Not enough memory available in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-PLATFORM_FILE [chars], Error: [chars] Explanation Problem opening/reading from the platform shmwin file. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-QSM_ERROR Failed to publish QSM namespace, [chars] Explanation The server failed in advertising its namespace through QSM Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-SHM_ERROR [chars] [chars], Error: [chars] Explanation There was a problem with the shared memory file allocation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SHMWIN_SVR Messages EM-1387 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SHMWIN_SVR-3-SHMWIN_SIZE [chars] area’s size [dec] is smaller than [dec](shmwin header size) Explanation Opened shmwin size is smaller the shmwin header size. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-SVR_ERR [chars] Explanation An error has occurred in a server operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-3-WINDOW_MUTEX_ERR [chars] window:[chars] ([dec], [chars]) Explanation Mutex lock/unlock failure has occurred for a shmwin open/close operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN_SVR-6-SHARED_MUTEX_REVIVED The shmwin control mutex was revived by shmwin_svr Explanation A participant process crashed while holding the shared shmwin control mutex and the shmwin_svr revived the mutex. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages SHMWIN Messages EM-1388 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SHMWIN Messages Error Message %OS-SHMWIN-2-ERROR_ENCOUNTERED SHMWIN: Error encountered: [chars] Explanation SHMWIN hit an error, which is described by the description printed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-2-SHARED_PAGE_ERROR SHMWIN: Shared page related error encountered: [chars]: failed with [chars] Explanation SHMWIN hit an error related to the shared page. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-ALLOC_ARENA_FAILED SHMWIN: Failed to allocate new arena from the server : [chars] Explanation SHMWIN failed to allocate the arena’s virtual range from the server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-FREE_ARENA_FAILED SHMWIN: Failed to free VM at address [hex] back to the server : [chars] Explanation SHMWIN failed to free the arena’s virtual range back to the server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SHMWIN Messages EM-1389 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SHMWIN-3-FSTAT_FAILED SHMWIN: fstat call for [chars] failed, error: [chars][[dec]] Explanation SHMWIN encountered an error condition, a fstat call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-FTRUNCATE_FAILED SHMWIN: [chars]: ftruncate for [chars] to size [dec] failed, error: [chars][[dec]] Explanation SHMWIN encountered an error condition, the ftruncate failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-LIST_NODE_INCONSISTENCY SHMWIN: List node check failed, block pointer: [pointer], list node pointer: [pointer], element size: [dec], user-requested size: [dec] Explanation SHMWIN encountered an error condition, Shmwin internal database is inconsistent. List node check failed. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-MMAP_FAILED SHMWIN: [chars]: mmap at pid [dec] address [hex] size [dec] failed, error: [chars][[dec]] Explanation SHMWIN encountered an error condition, the mmap failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SHMWIN Messages EM-1390 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SHMWIN-3-MUNMAP_FAILED SHMWIN: [chars]: munmap at pid [dec] address [hex] size [dec] failed, error: [chars][[dec]] Explanation SHMWIN encountered an error condition, the munmap failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-MUTEXOP_FAILED SHMWIN: [chars] failed, error: [chars][[dec]] Explanation SHMWIN encountered an error condition, the a mutex operation failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-OPEN_FAILED SHMWIN: shm open for [chars] failed, error: [chars][[dec]] Explanation SHMWIN encountered an error condition, the shm open failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-3-UNLINK_FAILED SHMWIN: [chars]: shmem unlink failed for [chars] to size [dec] failed, error: [chars][[dec]] Explanation SHMWIN encountered an error condition, the ftruncate failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SHMWIN-6-FILE_EXISTS SHMWIN: [chars]: shmwin found file [chars] of size [dec] existing when not expecting, trying to continue Explanation SHMWIN encountered an error condition, the file was existing already. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Operating System (OS) Messages SPAIPC_NETIO Messages EM-1391 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SPAIPC_NETIO Messages Error Message %OS-SPAIPC_NETIO-7-BASE_BAD_CHAIN_TYPE [chars]:[dec]:[chars]: Invalid attempt to build chain (type [dec]) Explanation qnetbase_builder_func() called with bad chain type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SPAIPC_NETIO-7-BASE_CONTROL_FUNC_ERR [chars]:[dec]:[chars]: Base Control function erroneously called! Explanation qnetbase_control_func() wrongly called. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SPAIPC_NETIO-7-CAPS_BAD_CHAIN_TYPE [chars]:[dec]:[chars]: Invalid attempt to build chain (type [dec]) Explanation qnetcaps_builder_func() called with wrong chain type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SPAIPC_NETIO-7-DEBUG_INIT_FAILED [chars]:[dec] spaipc-base to register debug. Explanation debug_register() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SS_LIB Messages EM-1392 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SPAIPC_NETIO-7-ENCAPS_FUNC_ERR [chars]:[dec]:[chars]: Qnet encapsulation node erroneously called! Explanation qnetcaps_encaps() has been called, which should never happen. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SPAIPC_NETIO-7-PAK_INPUT_FAIL [chars]:[dec]:[chars]: packet_input returned non-zero result code ([dec]) Explanation netio_dll_packet_input_NEW() to Qnet failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SPAIPC_NETIO-7-UINT32_GET [chars]:[dec] failed to get destination slot. error [dec] Explanation pak_netio_uint32_get() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SS_LIB Messages Error Message %OS-SS_LIB-3-BLOCKED Process (pid1 equals [dec]) didn’t finish task for [dec] seconds. Overseved by [chars](pid2 equals [dec]). Please raise a bug against infra-lwmsg. attach_process -p pid1 and pid2 are required to fix the issue. Meantime, please try to restart process with pid1 to temporary fix this issue. Explanation Process may have been blocking in library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SS_LIB Messages EM-1393 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SS_LIB-3-ERROR [chars] [[dec]:[chars]] Explanation Critical error message from library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SS_LIB-3-MUTEX_REVIVAL Couldn’t register mutex revival service ([chars]) Explanation New service can’t be registered due to other infrastructure issue. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SS_LIB-3-SERVICE_ENTRY_NOT_AVAILABLE No more memory for monitoring [[chars]] service. Need to expand shared memory array. Explanation New service can’t be registered due to memory exhaustion. Need to fix source code to accept more services. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SS_LIB-3-STRING_LENGTH String length is [dec] where limited to [dec] ([chars]) Explanation Given string is longer than expected. There is mismatch in source code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SS_LIB-6-INVALID_REQUEST Library misuse [[chars]] (pid equals [dec], function equals [chars]) Explanation There is miuse of library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SSM Messages EM-1394 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SS_LIB-6-INVALID_REQUEST_ID Invalid ID is given ([dec]) (pid equals [dec], function equals [chars]) Explanation There is miuse of library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SS_LIB-6-OTHER_LIBRARY_ERROR Error from [chars] ([dec]:[chars]), (pid equals [dec],id equals [dec]) Explanation Error in other library Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SS_LIB-6-WAITING Process (pid equals [dec]) didn’t finish task for [dec] seconds. Overseved by [chars](pid equals [dec]). Explanation Process is experiencing delay in library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SS_LIB-7-DEBUG MSG1[[chars]] ID[[dec]] MSG2[[chars]] Explanation Debug message Recommended Action No action is required. SSM Messages Error Message %OS-SSM-2-CFG_FAILED [chars]: ssm_config_init failed, error: [chars] Explanation ssm_config_init failed due to sysdb intialization problem. Recommended Action Collect all logs, especially those from SSM. Forward the messages to technical support. Operating System (OS) Messages SSM Messages EM-1395 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SSM-3-CONNECT_ATTACH ConnectAttach to Channel [chars] failed, name equals [chars], id equals [dec], pid equals [dec], coid equals [dec], err equals [chars]. Explanation SSM process tried to connect to the clients channel using ConnectAttach api and encountered a failure. Recommended Action Collect system log information for the reported service and pid. No action is required. Error Message %OS-SSM-3-CONNECT_DETACH ConnectDetach to Channel [chars] failed, name equals [chars], id equals [dec], pid equals [dec], coid equals [dec], retval equals [dec], err equals [chars]. Explanation SSM process tried to detach to the clients channel using ConnectDetach api and encountered a failure. Recommended Action Collect system log information for the reported service and pid. No action is required. Error Message %OS-SSM-3-EVM_CREATE [chars]: could not create event manager: [chars] Explanation An internal error was detected when creating Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SSM-3-MALLOC_FAILED [chars]:[dec] malloc failed Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-SSM-3-MDR_RECOVERY ysmgr_start_mdr failed for service [chars], pid equals [dec], err equals [chars] Explanation SSM process tried to recover service by calling sysmgr_start_mdr and and encountered an error. Collect sysmgr traces and check state of the process specified by pid. Recommended Action Collect system logs. No action is required. Operating System (OS) Messages SSM Messages EM-1396 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SSM-3-MSG_SEND_PULSE Sending async pulse to Channel [chars] failed, name equals [chars], id equals [dec], pid equals [dec], coid equals [dec]. Explanation SSM process tried to send a pulse to the clients channel using MsgSendPulse api and encountered a failure. Recommended Action Collect system log information for the reported service and pid. No action is required. Error Message %OS-SSM-3-PULSE_FAILED Connection to Channel [chars] is stuck, name equals [chars], id equals [dec], pid equals [dec], A detail information is stored on /tmp/ssm_restart_[dec].log, ssm process will restart. Explanation SSM process sends a pulse to the monitored process over a lwm channel. This error is reported when it tries to open a connection to the channel and is stuck. Recommended Action Collect system log information for the reported service and pid. No action is required. Error Message %OS-SSM-3-RESTART_FAIL Failed to send [chars] to [chars], pid equals [dec], err equals [chars] Explanation SSM process tried to restart the process using the kill command and encountered an error. Check state of the process specified by pid. Recommended Action Collect system logs. No action is required. Error Message %OS-SSM-3-SHM_OPEN_FAIL [chars]:ssm_shm_open failed with err: [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-SSM-3-SYSDB_BLOCK_DETECT Sysdb service is not available, ssm process is restarting([chars]:[dec]). Explanation SSM process detects sysdb is not available. It will restart and configuration will be ignored until sysdb comes back. Recommended Action Collect system log information for the sysdb. No action is required. Operating System (OS) Messages SSM Messages EM-1397 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SSM-4-MDR_RECOVERY_UNSUPPORTED mdr recovery specified on RP for service [chars], pid equals [dec] Explanation Recovery action specified (MDR) for the failing service is unsupported on RP. Recommended Action No action is required. Error Message %OS-SSM-5-CARD_RELOAD Card Reloading to recover failing service [chars], pid equals [dec] Explanation SSM Process is taking recovery action for the failing service. Cold reload is the specifed recovery action for this service. Recommended Action No action is required. Error Message %OS-SSM-6-ALARM_CHANGE Service [chars], id equals [dec] reports alarm transition from [chars] to [chars] Explanation Service alarm changes. They are not necessarily critical errors but need investigation by DE Recommended Action Collect system logs. No action is required. Error Message %OS-SSM-6-NODAL_SERVICE_STATE_CHANGE Nodal service state changes from [chars] to [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %OS-SSM-6-RECOVER_FAIL Recovery unsuccessful for service [chars], pid equals [dec] Explanation SSM Process took a recovery action, but service is not responding Recommended Action No action is required. Operating System (OS) Messages SSM Messages EM-1398 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SSM-6-SERVICE_UNAVAIL Service [chars], id equals [dec] is down, fail_count equals [dec], callback_max equals [dec], proc_exited equals [dec], recovery equals [chars] Explanation Service state has become unavailable. SSM process will try a recovery action. They are not necessarily critical errors but need investigation by DE. Recommended Action Collect system logs. No action is required. Error Message %OS-SSM-6-STATE_CHANGE Service [chars], id equals [dec] transitions from [chars] to [chars] Explanation Service state changes. They are not necessarily critical errors but need investigation by DE Recommended Action Collect system logs. No action is required. Error Message %OS-SSM-6-SYSDB_BLOCK_RECOVER Sysdb service becomes available, update configuration. Explanation SSM process detects sysdb becomes available. It will register with sysdb to read new configurations. Recommended Action No action is required No action is required. Error Message %OS-SSM-6-SYSDB_BLOCK_RECOVER_WAIT Wait for sysdb service becomes available. Explanation SSM process is waiting for sysdb service(s) become available. Recommended Action No action is required No action is required. Error Message %OS-SSM-6-SYSDB_BLOCK_SERVICE Sysdb service [[chars]] is not available. Explanation SSM process detects sysdb service is not available. Recommended Action Collect system log information for the sysdb. No action is required. Operating System (OS) Messages SYSLOG Messages EM-1399 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SSM-7-SYSCALL [chars]: [chars](): [chars] Explanation A system call failed. The calling function, the failed call, and error are displayed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SSM-7-UNEXPECTED Unexpected: [chars]: [chars]: [hex] Explanation An unexpected condition encountered. This is not necessarily an error. Recommended Action Collect system log information. No action is required. SYSLOG Messages Error Message %OS-SYSLOG-7-EVM_CREATE Could not create event manager: [chars] Explanation The syslog_dev has failed to create an Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SYSLOG-7-EVM_EVENT_BLOCK An error occurred while waiting for an event: [chars] Explanation The event infrastructure will ignore this error and continue to wait for the next event. If this error is seen repeatedly, the process may not be able to function and will need to be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SYSLOG-7-MISC_ERR [chars] ([chars]) Explanation An unexpected error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages SYSMGR Messages EM-1400 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SYSLOG-7-RM_ATTACH Could not attach resource manager funtions to event manager: [chars] Explanation The syslog_dev has failed to attach a Resource Manager to an Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-SYSLOG-7-THREAD_CREATE Could not create a Posix thread Explanation The pthread_create function reported an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SYSMGR Messages Error Message %OS-SYSMGR-0-EMERGENCY [chars] Explanation The system is unusable. Recommended Action Contact support. Error Message %OS-SYSMGR-1-ABORT_WARM_RELOAD Aborting Warm Reload. Cold-restarting the card ([chars]:[dec]) Explanation Attempt to Warm Reload the card has failed. The syslog events logged preceeding this event would indicate the reason for the failure to warm reload the card. Recommended Action Contact support. Error Message %OS-SYSMGR-1-ALERT [chars] Explanation Action must be taken immediately. Recommended Action Contact support. Operating System (OS) Messages SYSMGR Messages EM-1401 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SYSMGR-2-CRITICAL [chars] Explanation Critical conditions are present. Recommended Action Contact support. Error Message %OS-SYSMGR-2-MANAGED_REBOOT reboot to be managed by process ([chars]) reason ([chars]) Explanation A critical process ran into trouble and will reboot the node. Recommended Action Contact support. Error Message %OS-SYSMGR-2-REBOOT reboot required, process ([chars]) reason ([chars]) Explanation A critical process ran into trouble. Recommended Action Contact support. Error Message %OS-SYSMGR-3-ERROR [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-SYSMGR-3-FUNCTION [chars]: call to [chars] failed: [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-SYSMGR-3-GET_PLACEMENT_LIST [chars]: sysmgr_msg_sendv SYSMGR_GET_PLACEMENT_LIST failed: [chars] Explanation Sysmgr prints this when a request for placement list comes to a wrong node like SC. Recommended Action None Operating System (OS) Messages SYSMGR Messages EM-1402 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SYSMGR-3-UNEXPECTED [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-SYSMGR-4-MANDATORY_OFF mandatory state off for all processes by request Explanation Check specified log for important information Recommended Action None Error Message %OS-SYSMGR-4-MANDATORY_ON mandatory state on for all processes by request Explanation Check specified log for important information Recommended Action None Error Message %OS-SYSMGR-4-MANDATORY_REBOOT_ABORTED mandatory reboot aborted by request Explanation Check specified log for important information Recommended Action None Error Message %OS-SYSMGR-4-MANDATORY_REBOOT_ENABLE mandatory reboot option enabled by request Explanation Check specified log for important information Recommended Action None Error Message %OS-SYSMGR-4-MANDATORY_REBOOT_OVERRIDE mandatory reboot option overridden by request Explanation Check specified log for important information Recommended Action None Operating System (OS) Messages SYSMGR Messages EM-1403 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SYSMGR-4-PROC_CRASH_JID User [chars] ([chars]) requested a crash of process with jobid [dec] at [chars] Explanation For high availability demonstration, processes may be intentionally crashed by sending them a fatal signal. Recommended Action None Error Message %OS-SYSMGR-4-PROC_CRASH_NAME User [chars] ([chars]) requested a crash of process [chars] at [chars] Explanation For high availability demonstration, processes may be intentionally crashed by sending them a fatal signal. Recommended Action None Error Message %OS-SYSMGR-4-PROC_RESTART_JID User [chars] ([chars]) requested a restart of process with jobid [dec] at [chars] Explanation For high availability demonstration, processes may be intentionally restarted by users. Recommended Action None Error Message %OS-SYSMGR-4-PROC_RESTART_NAME User [chars] ([chars]) requested a restart of process [chars] at [chars] Explanation For high availability demonstration, processes may be intentionally restarted by users. Recommended Action None Error Message %OS-SYSMGR-4-PROC_SHUTDOWN_JID User [chars] ([chars]) requested a shutdown of process with jobid [dec] at [chars] Explanation For high availability demonstration, processes may be intentionally shut down by users. Recommended Action None Error Message %OS-SYSMGR-4-PROC_SHUTDOWN_NAME User [chars] ([chars]) requested a shutdown of process [chars] at [chars] Explanation For high availability demonstration, processes may be intentionally shut down by users. Recommended Action None Operating System (OS) Messages SYSMGR Messages EM-1404 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SYSMGR-4-PROC_START_JID User [chars] ([chars]) requested a start of process with jobid [dec] at [chars] Explanation Processes may be started by users. This log maintains a record of process starts Recommended Action None Error Message %OS-SYSMGR-4-PROC_START_NAME User [chars] ([chars]) requested a start of process [chars] at [chars] Explanation Processes may be started by users. This log maintains a record of process starts Recommended Action None Error Message %OS-SYSMGR-4-UNLINK_NVLOG [chars] Unable to delete logfile [chars], because device was busy. Please delete this file manually after making a copy. Explanation Check specified log for important information Recommended Action Delete the NV_LOG file manually after copying it out of the router. Error Message %OS-SYSMGR-4-WARNING [chars] Explanation Warning conditions are present. Recommended Action Contact support. Error Message %OS-SYSMGR-5-NOTICE [chars] Explanation A normal but significant event has occurred. Recommended Action none Error Message %OS-SYSMGR-6-INFO [chars] Explanation An informational message only Recommended Action none Operating System (OS) Messages TIMER Messages EM-1405 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-SYSMGR-7-CHECK_LOG [chars] Explanation Check specified log for important information Recommended Action Contact support. Error Message %OS-SYSMGR-7-DEBUG [chars] Explanation An informational message only Recommended Action Contact support. Error Message %OS-SYSMGR-7-FUNCTION_PATH [chars]: [chars] [chars] failed: [chars] Explanation A function call returned an unexpcted error Recommended Action Contact support. Error Message %OS-SYSMGR-7-INSTALL_FINISHED software installation is finished Explanation software installation has finished. Recommended Action None Error Message %OS-SYSMGR-7-INSTALL_NOTIFICATION notification of software installation received Explanation A notification to begin processing a software installation has been received. Recommended Action None TIMER Messages Error Message %OS-TIMER-3-MGDTIMER [chars]%s, timer equals [hex] Explanation A software or hardware error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages TIMER Messages EM-1406 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-TIMER-3-NO_CHILD Parent has no child, this may be a freed/stopped parent Explanation All parents in a managed timer tree should have at least one child. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TIMERNEG Cannot start timer ([hex]) with negative offset ([dec]). Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TW_CREATE_TIMESLICE_TOO_SMALL A timer wheel has been created with a timeslice less than 100ms and cannot accurately be supported. The timeslice specified was [dec]ms. Explanation The kernel will override a request to create a repetitive timer of less than 100ms on a priority 10 thread and internally use 100ms. This could cause software using this timer wheel to behave extremely badly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TWCHUNKALLOC Couldn’t allocate a chunk for timer wheel Explanation There wasn’t enough resources to allocate a chunk in timer wheels. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TWCHUNKFREE Couldn’t free chunk for timer wheel Explanation Resources were not able to be deallocated in timer wheels. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages TIMER Messages EM-1407 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-TIMER-3-TWEVMERROR EVM error [dec] in timer wheels. Explanation EVM failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TWMUTEXLOCKERROR Error acquiring mutex for timer wheel; [chars] Explanation A software error occurred acquiring a mutex. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TWMUTEXUNLOCKERROR Error releasing mutex for timer wheel; [chars] Explanation A software error occurred releasing a mutex. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TWNOMEM Couldn’t allocate memory for timer wheel Explanation Not enough resources to allocate a system structure in timer wheels. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TWOSERROR OS error [dec] in timer wheels. Explanation OS call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Operating System (OS) Messages TZ Messages EM-1408 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %OS-TIMER-3-TWTIMERALLOC Timer wheels Couldn’t allocate OS timer for timer wheel ([dec]) Explanation Could get access to OS timer resources. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TIMER-3-TWTIMERERROR OS timer error [dec] in timer wheels Explanation Couldn’t manipulate OS timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. TZ Messages Error Message %OS-TZ-3-INTERNAL [chars]: [chars] Explanation Serious problem occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TZ-3-LRD LRd error: [chars] Explanation Unable to query LR status Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %OS-TZ-3-SYSDB [chars]: [chars] Explanation One of the sysdb APIs failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.EM-1409 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Packet Infrastructure Messages This section contains all Packet Infrastructure related System Error Messages, including ifmgr, tunnels, bundlemgr, pakman, and so forth. BFM_API Messages Error Message %PKT_INFRA-BFM_API-3-FATAL bfm: fatal error encountered, reason equals [chars] Explanation iq manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM_API-3-FATAL_2 bfm: fatal error encountered, reason equals [chars], errno equals [dec] Explanation bfm encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM_API-3-GEN_INFO bfm: general information,[chars] Explanation The BFM’s informational message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages BFM_API Messages EM-1410 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-BFM_API-3-INFO bfm: service degrading error, reason equals [chars] Explanation The bfm encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM_API-3-MALLOC_FAILED BFM: fatal memory allocation error for [dec] bytes Explanation BFM encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-BFM_API-3-NOT_YET_IMPLEMENTED bfm: this function [chars] is not yet implemented Explanation BFM, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM_API-3-USAGE bfm: invalid option [chars] passed to bfm server Explanation Startup option supplied to BFM is not valid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM_API-4-PTCL_TYPE_WRONG BFM: ptcl type [chars] is not as expected type is [chars] Explanation BFM encountered a warning condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages BFM Messages EM-1411 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-BFM_API-7-DEBUG bfm: general debug,[chars] Explanation The BFM’s debug message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BFM Messages Error Message %PKT_INFRA-BFM-2-UNKNOWN_PLATFORM an unknown platform type. Explanation platform_get_type returned an unknown platform type. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-BFM-3-BCAST_FAILED BFM: fatal event msg type [dec] bradcast for client jid [dec] error [chars] Explanation BFM encountered a fatal message event send error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-DEGRAD_INFO bfm: service degrading error, reason equals [chars] Explanation The bfm encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-EDM BFM: fatal edm error [chars] due to [chars] Explanation BFM encountered a fatal edm error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages BFM Messages EM-1412 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-BFM-3-FATAL bfm: fatal error encountered, reason equals [chars] Explanation iq manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-FATAL_2 bfm: fatal error encountered, reason equals [chars], errno equals [dec] Explanation bfm encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-FATAL_3 bfm: fatal error encountered, reason equals [chars], error equals [chars] Explanation bfm encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-GEN_INFO bfm: general information,[chars] Explanation The BFM’s informational message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-MALLOC_FAILED BFM: fatal memory allocation error for [dec] bytes Explanation BFM encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages BFM Messages EM-1413 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-BFM-3-MSGRPLY_FAILED BFM: fatal msg reply error for client [dec] msg type [dec] Explanation BFM encountered a fatal message reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-NOT_YET_IMPLEMENTED bfm: this function [chars] is not yet implemented Explanation BFM, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-POOL_STATUS_UNKNOWN A Pool with ID [dec] in region ID [dec] found to be in *unknown* state Explanation BFM encountered a fatal pool state error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-3-USAGE bfm: invalid option [chars] passed to bfm server Explanation Startup option supplied to BFM is not valid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages C12000_FWD_CLIENT_DLL Messages EM-1414 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-BFM-3-WARNING bfm: An error encountered, reason equals [chars], error equals [chars] Explanation iq manager encountered an error and is not able recover from the error. A reason text will be supplied call support with this text. Some of the functionality may not work until this error is removed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-BFM-4-INIT_ERROR bfm: init error encountered, reason equals [chars], attempt equals [dec], error equals [chars] Explanation bfm encountered a error and is not able to recover from the error trying again. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. C12000_FWD_CLIENT_DLL Messages Error Message %PKT_INFRA-C12000_FWD_CLIENT_DLL-3-ERR [chars][dec] Explanation An error occured in the forwarder netio client dll (possible the plim driver) Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. DM Messages Error Message %PKT_INFRA-DM-7-INFO [chars] Explanation An error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Packet Infrastructure Messages ENCAP_RM Messages EM-1415 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ENCAP_RM Messages Error Message %PKT_INFRA-ENCAP_RM-3-FATAL_ERR Fatal error: [chars]: Err equals [dec] Explanation A fatal error occurred in L2 Encap String RM which involves exiting the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ENCAP_RM-3-MSG_SEND_FAILED encap_rm: msg: [dec], retried: [dec] time(s), failed to send, errno: [chars] Explanation Unable to send a message to the L2 Encap String RM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ENCAP_RM-3-NONFATAL_ERR Nonfatal error: [chars]: Err equals [dec] Explanation This is a error message in the L2 Encap String RM to indicate anomalies which are not FATAL. Some of the messages may indicate a failure to allocate resources needed by applications. In many cases these messages must not keep appearing after the temporary situation is resolved. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ENCAP_RM-3-OOR Failed to insert L2 encapsulation string. Out of resource condition reached. Explanation A request to insert a L2 encapsulation string into the encapsulation table has failed due to out of resource condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages ERRDIS Messages EM-1416 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-ENCAP_RM-6-INFO_MSG Info: [chars] Explanation This is an informational message in the L2 Encap String RM. Recommended Action No action is required. ERRDIS Messages Error Message %PKT_INFRA-ERRDIS-3-AUTO_RECOVERY_RETRY_DISABLED Auto-recovery failed on interface [hex] which has since had auto-recovery disabled Explanation Auto-recovery failed on an interface and will not be retried due to the auto-recovery configuration being deleted. Recommended Action This is a warning message and no action is required. The interface will remain in error-disable state and will not be auto-recovered. Error Message %PKT_INFRA-ERRDIS-3-AUTO_RECOVERY_RETRY_FAILED Auto-recovery failed on interface CH[hex]: [chars] Explanation Auto-recovery failed to restart on the given interface. This interface will remain in Error-Disable state until manually cleared. Recommended Action Manually clear Error-Disable state on the given interface if desired, else reconfigure an Auto-Recovery period to retry. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ERRDIS-3-DEBUG_INIT_FAILED The Verification Daemon Debug failed to initialize: [chars] Explanation The Verification Daemon Debug failed to initialize. This is a fatal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages ERRDIS Messages EM-1417 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-ERRDIS-3-EVENT_BLOCK Failed to begin processing events: [chars] Explanation The Verification Daemon failed to start processing events. This is a fatal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ERRDIS-3-MISCONFIGURED Invalid configuration has been received by the owner library: [chars] Explanation The owner library has received configuration that should have been rejected by the verification daemon. Recommended Action Copy and save this message, and call your technical support representative for assistance. Error Message %PKT_INFRA-ERRDIS-3-SYSMGR_FAIL Failed to shut down process correctly: [chars] Explanation The Verification Daemon failed to inform SysManager of it shutting down due to removal of configuration. This is not a fatal error but should be investigated all the same as it may cause the process to restart when no configuration is present. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ERRDIS-4-CFG_CLEANUP_FAILED The Verification Daemon failed to cleanup the config module: [chars] Explanation The Verification Daemon failed to cleanup the config module. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ERRDIS-4-CFG_INIT_FAILED Verification Daemon failed to initialize the config module: [chars] Explanation The Verification Daemon failed to initialize the config module. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages ERRDIS Messages EM-1418 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-ERRDIS-4-COULD_NOT_GET_NODEID Failed to get node ID that the owner is running on: [chars] Explanation Could not get the node ID that the owner is running on. Recommended Action Copy and save this message, and call your technical support representative for assistance. Error Message %PKT_INFRA-ERRDIS-4-DEBUG_CLEANUP_FAILED Failed to cleanup debug module: [chars] Explanation Could not cleanup the debug module. Recommended Action Copy and save this message, and call your technical support representative for assistance. Error Message %PKT_INFRA-ERRDIS-4-DEBUG_CLEANUP_FAILED The Verification Daemon failed to cleanup the debug module: [chars] Explanation The Verification Daemon failed to cleanup the debug module. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ERRDIS-4-EVM_CLEANUP_FAILED The Verification Daemon failed to shutdown the event manager: [chars] Explanation The Verification Daemon failed to shutdown the event manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ERRDIS-4-EVM_INIT_FAILED Verification Daemon failed to initialize the event manager: [chars] Explanation The Verification Daemon failed to initialize the event manager. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FEA_DLL Messages EM-1419 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-ERRDIS-4-PROC_READY_FAILED Verification Daemon failed to inform SysMgr that the process is ready: [chars] Explanation The Verification Daemon failed to inform sysmgr that the process is ready. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-ERRDIS-6-ERROR_DISABLE CH[hex]: Error disabling due to reason: [chars] Explanation The interface is being error disabled. This has occurred due to the reason given in the log. Recommended Action This is an informational message. FEA_DLL Messages Error Message %PKT_INFRA-FEA_DLL-2-PRM_SSH_ERR PRM SSH [chars] error: [chars] Explanation Feature EA DLL encountered error in completing PRM SSH operation. This can lead to failure of configuration. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FEA_DLL-3-CHKPT_ERR [chars] error. region [chars] direction [chars] ([chars]) Explanation After a process restart, an error was encountered while recovering checkpoint memory/database. The running-configuration and hardware programming may be inconsistent. Problems may be encountered with future configuration changes as well. Recommended Action Try to manually restart pfilter-ea. If the problem/log persists, a reload of the line card is necessary. Packet Infrastructure Messages FEA_DLL Messages EM-1420 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FEA_DLL-3-MSTATS_ALLOC_ERR MSTATS [chars] region: [chars] Explanation Feature EA DLL failed to allocate statistics entry for ACL. Number of ACL entries requiring statistics entries has exceeded statistics entries reserved for security ACLs on this line card. As a result, per ACE hardware accouting for the failed ACL entries is not available. There is no impact on ability to apply security ACLs in hardware. Recommended Action If per ACE hardware accouting is needed for ACL in error message, reduce security ACL configuration on this line card. Error Message %PKT_INFRA-FEA_DLL-3-MSTATS_ALLOC_ERR MSTATS [chars] region: [chars] Explanation Feature EA DLL failed to allocate statistics entry for ACL. Number of ACL entries requiring statistics entries has exceeded statistics entries reserved for security ACLs on this line card. As a result, per ACE hardware accouting for the failed ACL entries is not available. There is no impact on ability to apply security ACLs in hardware. Recommended Action If per ACE hardware accouting is needed for ACL in error message, reduce security ACL configuration on this line card. Error Message %PKT_INFRA-FEA_DLL-3-MSTATS_ERR MSTATS [chars] error: [chars] Explanation Feature EA DLL encountered error on initializing interface with hardware statistics API. Process will be restarted automatically. On restart, Feature EA DLL will initialize interface with hardware statistics API and no action needs to be taken. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FEA_DLL-3-MSTATS_ERR MSTATS [chars] error: [chars] Explanation Feature EA DLL encountered error on initializing interface with hardware statistics API. Process will be restarted automatically. On restart, Feature EA DLL will initialize interface with hardware statistics API and no action needs to be taken. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FEA_DLL Messages EM-1421 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FEA_DLL-3-PRM_INIT_ERR PRM INIT [chars] error: [chars] Explanation Feature EA DLL encountered error in completing PRM init operation. This can lead to malfunction or restart of pfilter ea process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FEA_DLL-3-REPRGM_ERROR Errored during scrub reprogramming [chars] : [chars] Explanation TCAM entries are reprogrammed every 24 hours to ensure accuracy of hardware entries programmed earlier on user configuration or system changes. This message lists the ACL for which errors have occured during reprogramming. Recommended Action Detach ACL in the error message from all interfaces of the line card where issue is seen. Now, re-attach ACL to the interfaces. Note that, there is a security hole during re-attachment operation window for these interfaces. Error Message %PKT_INFRA-FEA_DLL-3-REPRGM_ERROR Errored during scrub reprogramming [chars] : [chars] Explanation TCAM entries are reprogrammed every 24 hours to ensure accuracy of hardware entries programmed earlier on user configuration or system changes. This message lists the ACL for which errors have occured during reprogramming. Recommended Action Detach ACL in the error message from all interfaces of the line card where issue is seen. Now, re-attach ACL to the interfaces. Note that, there is a security hole during re-attachment operation window for these interfaces. Error Message %PKT_INFRA-FEA_DLL-3-REPRGM_ERROR Errored during scrub reprogramming [chars] : [chars] Explanation TCAM entries are reprogrammed every 24 hours to ensure accuracy of hardware entries programmed earlier on user configuration or system changes. This message lists the ACL for which errors have occured during reprogramming. Recommended Action Detach ACL in the error message from all interfaces of the line card where issue is seen. Now, re-attach ACL to the interfaces. Note that, there is a security hole during re-attachment operation window for these interfaces. Packet Infrastructure Messages FEA_DLL Messages EM-1422 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FEA_DLL-3-STATS_ALLOC_ERR STATS [chars] region: [chars] Explanation Feature EA DLL failed to allocate statistics entry for ACL. Number of ACL entries requiring statistics entries has exceeded statistics entries reserved for security ACLs on this line card. As a result, per ACE hardware accouting for the failed ACL entries is not available. There is no impact on ability to apply security ACLs in hardware. Recommended Action If per ACE hardware accouting is needed for ACL in error message, reduce security ACL configuration on this line card. Error Message %PKT_INFRA-FEA_DLL-3-STATS_ERR STATS [chars] error: [chars] Explanation Feature EA DLL encountered error on interacting with PRM Stats APIs. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FEA_DLL-3-TCAM_ERR TCAM [chars] error: [chars] Explanation Feature EA DLL encountered error in completing TCAM operation. This can lead to mismatch between hardware and software configuration. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FEA_DLL-3-TCAM_ERR TCAM [chars] error: [chars] Explanation Feature EA DLL encountered error in completing TCAM operation. This can lead to mismatch between hardware and software configuration. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FEA_DLL-3-TCAM_LIMIT TCAM [chars] limit exceeded Explanation This message will typically occur when permissible single region size is exceeded or total number of entries allowed in TCAM for a given application is exceeded. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FEA_DLL Messages EM-1423 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FEA_DLL-3-TCAM_LIMIT TCAM [chars] limit exceeded Explanation This message will typically occur when permissible single region size is exceeded or total number of entries allowed in TCAM for a given application is exceeded. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FEA_DLL-3-UIDB_ERR UIDB [chars] error: [chars] : [chars] Explanation UIDB stores the reference to ACL entries programmed in TCAM for the interface, protocol and direction. This error message is due to one of the following reasons: 1. Initialization failure of Feature EA DLL and UIDB manager interface. 2. Failure to set reference of hardware entries programmed or removed for security ACL in UIDB on configuration or system changes. This failure can lead to mismatch between hardware and software configuration. Recommended Action If the failure is on initialization, process restart is done automatically. No manual action is required. If the failure is to set configuration bits in hardware on detaching a security ACL from interface, attach and detach security ACL again on the interface. In all other cases, detach ACL in the error message from all interfaces of the line card where issue is seen. Now, re-attach ACL to the interfaces. Error Message %PKT_INFRA-FEA_DLL-3-UIDB_ERR UIDB [chars] error: [chars] : [chars] Explanation UIDB stores the reference to ACL entries programmed in TCAM for the interface, protocol and direction. This error message is due to one of the following reasons: 1. Initialization failure of Feature EA DLL and UIDB manager interface. 2. Failure to set reference of hardware entries programmed or removed for security ACL in UIDB on configuration or system changes. This failure can lead to mismatch between hardware and software configuration. Recommended Action If the failure is on initialization, process restart is done automatically. No manual action is required. If the failure is to set configuration bits in hardware on detaching a security ACL from interface, attach and detach security ACL again on the interface. In all other cases, detach ACL in the error message from all interfaces of the line card where issue is seen. Now, re-attach ACL to the interfaces. Packet Infrastructure Messages FINT_N2N_NETIO Messages EM-1424 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FEA_DLL-3-UIDB_ERR UIDB [chars] error: [chars] : [chars] Explanation UIDB stores the reference to ACL entries programmed in TCAM for the interface, protocol and direction. This error message is due to one of the following reasons: 1. Initialization failure of Feature EA DLL and UIDB manager interface. 2. Failure to set reference of hardware entries programmed or removed for security ACL in UIDB on configuration or system changes. This failure can lead to mismatch between hardware and software configuration. Recommended Action If the failure is on initialization, process restart is done automatically. No manual action is required. If the failure is to set configuration bits in hardware on detaching a security ACL from interface, attach and detach security ACL again on the interface. In all other cases, detach ACL in the error message from all interfaces of the line card where issue is seen. Now, re-attach ACL to the interfaces. Error Message %PKT_INFRA-FEA_DLL-4-TCAM_ERR TCAM [chars] error: [chars] Explanation Feature EA DLL encountered error in completing TCAM operation. This can lead to mismatch between hardware and software configuration. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FINT_N2N_NETIO Messages Error Message %PKT_INFRA-FINT_N2N_NETIO-3-SET_MAPPING_FAILED control set mapping for capsulation [chars] protocol [dec] ([chars]) failed: [chars] Explanation FINT n2n protocol dll could not set certain internal protocol mapping. This should not affect the functionality of any other protocol traffic, but might affect n2n protocol traffic only. Recommended Action Try restarting the netio process. This could sometimes help fix the problem as the set mapping will be trigged again and we might not hit the failure the 2nd time. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Packet Infrastructure Messages FM Messages EM-1425 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FM Messages Error Message %PKT_INFRA-FM-2-INFRA_FAIL [chars]: [chars] failed rc equals [dec] Explanation There was a ENA infra call failure resulting in a failure to provide some infrastructure service. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PKT_INFRA-FM-3-BACKEND_EDM_DATALIST Failed to call the backend parser to handle all datalist requests : [chars] Explanation backend_edm_datalist() call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-3-BACKEND_EDM_GET Failed to call the backend parser to handle all get requests : [chars] Explanation backend_edm_get() call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-3-DATAPATH_CONTROL_FAILED [chars]: im_caps_datapath_control failed err [[chars]] Explanation im_caps_datapath_control to LPTS netio caps dll failed Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Packet Infrastructure Messages FM Messages EM-1426 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FM-3-EDM_REGISTER_FAILED FM EDM initialization failed: [chars] Explanation The FM process failed to initialize its edm manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-3-ERR_BAG [chars]: [chars] failed Explanation bag_xxxx() call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-3-ERR_INVALID_ARGS [chars]: Invalid Params Explanation Internal error. Function was passed an Invalid Parameter. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PKT_INFRA-FM-3-ERR_MALLOC Cannot allocate memory in function [chars]() Explanation Internal error. System is out of memory - malloc failed. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PKT_INFRA-FM-3-ERR_SYSDB [chars]: [chars] failed [chars] Explanation Sysdb api call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FM Messages EM-1427 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FM-3-EVENT_CONN_CREATE [chars]: could not create event connection: [chars] Explanation An internal error was detected when trying to create event connection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-3-EVENT_CONN_NOTIFY [chars]: could not set notify handler for connection open/close/error: [chars] Explanation An internal error was detected when trying to set notify handler for connection opens, closes and errors. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-3-EVENT_CONN_OPEN_ALL [chars]: could not open all event connections attached to an Event Manager: [chars] Explanation An internal error was detected when trying to open all event connections attached to an Event Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-3-IM_API_FAILED [chars]: [chars] failed Explanation Interface Manager client api call failed Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Packet Infrastructure Messages FMGR Messages EM-1428 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FM-3-INIT_ERROR Process initialization failed: ([chars]%s) Explanation The feature manager (feat_mgr) process failed to initialize. This process programs packet classification hardware for features which require an action to be performed based on the packet classification. If the feat_mgr process fails to initialize, the access control list cannot be programmed into the hardware. %s - indicates the reason for the initialization failure. %s - is the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process feat_mgr location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart feat_mgr location 0/x/cpu0’. Collect all debug information if the process is continually restarting: ’debug featmgr error location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FM-6-INFO_GENERAL [chars]: [chars] Explanation The FM encountered a problem of a generic nature or an informational message. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. FMGR Messages Error Message %PKT_INFRA-FMGR-3-MATCH_TYPE_IN_ACL_NOT_SUPPORTED [chars] Explanation The following match criteria specified in an ACL are not supported in a QoS policy: Source Port (ipv4), Packet Length. However, rest of the match criteria in the ACE (ignoring the unsupported types) have been programmed in hardware. Recommended Action If the partial match criteria is not acceptable, the QoS policy should be removed from the interface and modified to use supported match-types. Use ’no service-policy input|output policy_name’ in interface configuration mode to remove the QoS policy. Packet Infrastructure Messages FMGR Messages EM-1429 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FMGR-3-MATCH_TYPE_IN_ACL_NOT_SUPPORTED [chars] Explanation The following match criteria specified in an ACL are not supported in a QoS policy: Source Port (ipv4), Packet Length. However, rest of the match criteria in the ACE (ignoring the unsupported types) have been programmed in hardware. Recommended Action If the partial match criteria is not acceptable, the QoS policy should be removed from the interface and modified to use supported match-types. Use ’no service-policy input|output policy_name’ in interface configuration mode to remove the QoS policy. Error Message %PKT_INFRA-FMGR-3-SUB_ID_MSG_TOO_LARGE [chars] Explanation A message from Platform Manager containing set/unset notifications for sub-interface VLAN IDs was too large and had to be dropped because enough memory could not be allocated. As a result, for a ’set’ notification, QoS was not enabled for the reported VLANs. For an unset notification, QoS was not disabled for the reported VLANs. Recommended Action Restart feature_mgr process. Example: In exec mode, ’process restart feature_mgr location 0/1/CPU0’ This will cause all notifications to be delivered to Feature Manager again. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FMGR-3-SUB_ID_MSG_TOO_LARGE [chars] Explanation A message from Platform Manager containing set/unset notifications for sub-interface VLAN IDs was too large and had to be dropped because enough memory could not be allocated. As a result, for a ’set’ notification, QoS was not enabled for the reported VLANs. For an unset notification, QoS was not disabled for the reported VLANs. Recommended Action Restart feature_mgr process. Example: In exec mode, ’process restart feature_mgr location 0/1/CPU0’ This will cause all notifications to be delivered to Feature Manager again. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FMGR Messages EM-1430 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FMGR-3-TCAM_MGR_ERROR [chars] (error equals [chars]) Explanation Request to TCAM Manager for programming QoS match rules into TCAM failed. Feature manager sends this request to TCAM manager when a policy is attached/removed to/from an interface (or fabric), when there is a change in bundle membership or when an ACL which is used in a QoS policy is modified. The most likely cause of this error is not enough space remaining in TCAM. Recommended Action Try modifying QoS and ACL configuration to reduce TCAM usage. If TCAM space doesn’t seem to be the reason, try removing and re-applying the QoS policy. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FMGR-3-TCAM_MGR_ERROR [chars] (error equals [chars]) Explanation Request to TCAM Manager for programming QoS match rules into TCAM failed. Feature manager sends this request to TCAM manager when a policy is attached/removed to/from an interface (or fabric), when there is a change in bundle membership or when an ACL which is used in a QoS policy is modified. The most likely cause of this error is not enough space remaining in TCAM. Recommended Action Try modifying QoS and ACL configuration to reduce TCAM usage. If TCAM space doesn’t seem to be the reason, try removing and re-applying the QoS policy. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FMGR-3-TCAM_MGR_QOSID_ALLOC_ERROR [chars] (error equals [chars]) Explanation Request to TCAM Manager for allocating a QOS Policy ID for a policy attached to an interface failed. The most likely cause of this error is not enough ACL IDs remaining in TCAM manager. QOS policy on this interface will not take effect since TCAM entries are not programmed. Recommended Action The QoS policy on this interface must be removed to free up other allocated hardware resources. QOS IDs may become available if policies are removed from other interfaces. Error Message %PKT_INFRA-FMGR-4-UIDB_SET_WARNING Feature Mgr failed to program UIDB for QoS. (reason: [chars]) Explanation Feature Mgr failed to program the correct QoS related information in UIDB (interface data structure in hardware) when enabling/disabling QoS on the interface. The most likely cause of this message is deletion of a vlan sub-interface when there is a qos policy attached on the parent physical interface. In this case, the message is harmless and can be ignored. The reason this happens is because, the feature_mgr process tries to reset QoS related flags in the UIDB, but by that time the UIDB entry has already been deleted. It is possible, though very unlikely, for this message to appear in the following cases: 1) A QoS policy is attached on an interface. 2) QoS policy is removed from an interface. 3) Vlan-id is configured for a sub-interface and a QoS policy exists on the associated Packet Infrastructure Messages FMGR Messages EM-1431 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 physical interface. 4) Vlan-id is un-configured on a sub-interface and a QoS policy exists on the associated physical interface. 5) When all members of a bundle go ’down’. In such cases, the warning message indicates that there could be a problem in enabling/disabling QoS on the interface. Recommended Action For case 5 mentioned above, message can be ignored. For cases 1, 3 try removing and re-applying the QoS policy. For case 2, try applying the policy and removing it again. For case 4, delete the sub-interface itself and if needed re-create it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FMGR-4-UIDB_SET_WARNING Feature Mgr failed to program UIDB for QoS. (reason: [chars]) Explanation Feature Mgr failed to program the correct QoS related information in UIDB (interface data structure in hardware) when enabling/disabling QoS on the interface. The most likely cause of this message is deletion of a vlan sub-interface when there is a qos policy attached on the parent physical interface. In this case, the message is harmless and can be ignored. The reason this happens is because, the feature_mgr process tries to reset QoS related flags in the UIDB, but by that time the UIDB entry has already been deleted. It is possible, though very unlikely, for this message to appear in the following cases: 1) A QoS policy is attached on an interface. 2) QoS policy is removed from an interface. 3) Vlan-id is configured for a sub-interface and a QoS policy exists on the associated physical interface. 4) Vlan-id is un-configured on a sub-interface and a QoS policy exists on the associated physical interface. 5) When all members of a bundle go ’down’. In such cases, the warning message indicates that there could be a problem in enabling/disabling QoS on the interface. Recommended Action For case 5 mentioned above, message can be ignored. For cases 1, 3 try removing and re-applying the QoS policy. For case 2, try applying the policy and removing it again. For case 4, delete the sub-interface itself and if needed re-create it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FMGR-7-INIT_ERROR [chars] (error: [chars]). Feature Mgr initialization failed! Explanation Feature Mgr process failed to initialize correctly. In this case process will restart. Recommended Action No action needed. Process will restart automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FWD_BASE_NETIO Messages EM-1432 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FMGR-7-INIT_ERROR [chars] (error: [chars]). Feature Mgr initialization failed! Explanation Feature Mgr process failed to initialize correctly. In this case process will restart. Recommended Action No action needed. Process will restart automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FWD_BASE_NETIO Messages Error Message %PKT_INFRA-FWD_BASE_NETIO-3-ERR_MEM_ALLOC Unable to get heap memory during upgrade: [chars] Explanation Fwd basecaps dll was not able to get heap memory. Recommended Action This message could be seen under low memory conditions and should recover once memory becomes available. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_BASE_NETIO-5-INCORRECT_SAVE_DATA_LEN Unexpected saved data length during upgrade for DLL. Expected len [unsigned int], got [unsigned int] Explanation FINT DLL saves data across DLL upgrades. It expects the length of saved data to be same before and after upgrade, else it would cause netio to take default action (to restart) for upgrade to take effect. Recommended Action This message indicates that netio will take default action to restart as fwd netio dll does not support dll upgrade with different saved data length. No further action is needed. Error Message %PKT_INFRA-FWD_BASE_NETIO-5-UNSUP_MAJOR_VERSION DLL upgrade with change in major version number is not supported. Expected version [dec], got [dec] Explanation FINT DLL does not support DLL upgrade across major version changes. This will cause netio to take default action to restart for upgrade to take effect. Recommended Action This message indicates that netio will take default action to restart as fwd netio dll does not support dll upgrade across major version number changes. No action is needed.Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1433 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FWD_NETIO_DLL Messages Error Message %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED fwd: netio idb attach failed for plim interface: [hex]. Explanation FWD was not able to attach to plim interface . Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED netio idb attach failed for plim interface: [hex]. Explanation FWD was not able to attach to plim interface . Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED fwd: netio idb attach failed for plim interface: [hex]. Explanation FWD was not able to attach to plim interface . Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED fwd: netio idb attach failed for plim interface: [hex]. Explanation FWD was not able to attach to plim interface . Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-BAD_COMMAND_RESULT fwd: received bad command result for buffer request: [hex] Explanation FWD received a bad command result for BMA free buffer request Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1434 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-BAD_COMMAND_RESULT fwd: received bad command result for buffer request: [hex] Explanation FWD received a bad command result for BMA free buffer request Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-BMA_OUT_OF_SEQUENCE fwd: BMA buffer request/response sequence number mismatch - received [dec], expected [dec] Explanation FWD received an out of sequence BMA buffer request response Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-BMA_OUT_OF_SEQUENCE fwd: BMA buffer request/response sequence number mismatch - received [dec], expected [dec] Explanation FWD received an out of sequence BMA buffer request response Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-EGRESSQ_CREATE_FAILED egressq queue creation failed, q: [dec], rx: [dec], client: [dec], dev: [dec], rc equals [dec] Explanation FWD was not able to create one of the egressq queues. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-EGRESSQ_CREATE_FAILED fwd: egressq queue creation failed, q: [dec], rx: [dec], client: [dec], dev: [dec], rc equals [dec] Explanation FWD was not able to create one of the egressq queues. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1435 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-ERR_MEM_ALLOC fatal memory allocation error for [dec] bytes Explanation FWD encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-ERROR fatal error encountered, reason equals [chars] Explanation Null Driver partner encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FABRICQ_CREATE_FAILED fabricq queue creation failed, q: [dec], rx: [dec], client: [dec], dev: [dec], rc equals [dec] Explanation FWD was not able to create one of the fabricq queues. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FABRICQ_CREATE_FAILED fwd: fabricq queue creation failed, q: [dec], rx: [dec], client: [dec], dev: [dec], rc equals [dec] Explanation FWD was not able to create one of the fabricq queues. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FATAL fwd: fatal error encountered, reason equals [chars] Explanation Null Driver partner encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1436 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FATAL fwd: fatal error encountered, reason equals [chars] Explanation Null Driver partner encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FATAL fwd: fatal error encountered, reason equals [chars] Explanation Null Driver partner encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FATAL_2 fwd: fatal error encountered, reason equals [chars], errno equals [dec] Explanation fwd encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FATAL_2 fwd: fatal error encountered, reason equals [chars], errno equals [dec] Explanation fwd encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1437 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-FATAL_2 fwd: fatal error encountered, reason equals [chars], errno equals [dec] Explanation fwd encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-GET_CTX_ERR Failed to get idb ctx for port [dec], error - ([dec]) Explanation FWD driver got a packet but couldn’t map a port to an idb context Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-GET_CTX_ERR Failed to get idb ctx for port [dec], error - ([dec]) Explanation FWD driver got a packet but couldn’t map a port to an idb context Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-HSRMODE [[chars]]: error getting hsrmode , reason equals [chars], errno equals [dec] Explanation Error determining if mode is HSR. Caller will error string and errno. Caller can also supply an additional description (like function name) to identify where this error occurred in the code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1438 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-HSRMODE [[chars]]: error getting hsrmode , reason equals [chars], errno equals [dec] Explanation Error determining if mode is HSR. Caller will error string and errno. Caller can also supply an additional description (like function name) to identify where this error occurred in the code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-IDB_CTX_NULL FWD idb context for port [hex] is NULL! Explanation While processing an ingress packet, the fwd driver failed to find idb context Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-IDB_CTX_NULL FWD idb context for port [hex] is NULL! Explanation While processing an ingress packet, the fwd driver failed to find idb context Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB fwd: looking for plim interface: [hex], netio gave us: [hex]. Explanation FWD was supplied with a plim interface that does not have an idb yet. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB fwd: looking for plim interface: [hex], netio gave us: [hex]. Explanation FWD was supplied with a plim interface that does not have an idb yet. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1439 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB looking for plim interface: [hex], netio gave us: [hex]. Explanation FWD was supplied with a plim interface that does not have an idb yet. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB fwd: looking for plim interface: [hex], netio gave us: [hex]. Explanation FWD was supplied with a plim interface that does not have an idb yet. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INFO fwd: service degrading error, reason equals [chars] Explanation The fwd encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INFO fwd: service degrading error, reason equals [chars] Explanation The fwd encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INGRESSQ_CREATE_FAILED fwd: ingressq queue creation failed, q: [dec], rx: [dec], client: [dec], dev: [dec], rc equals [dec] Explanation FWD was not able to create one of the ingressq queues. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1440 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INGRESSQ_CREATE_FAILED ingressq queue creation failed, q: [dec], rx: [dec], client: [dec], dev: [dec], rc equals [dec] Explanation FWD was not able to create one of the ingressq queues. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PLIM_PORT fwd: invalid plim port [dec] for plim interface: [hex] Explanation FWD was supplied with a plim port that exceeds the limit of num ports. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PLIM_PORT fwd: invalid plim port [dec] for plim interface: [hex] Explanation FWD was supplied with a plim port that exceeds the limit of num ports. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PORT invalid plim port [dec] for plim interface: [hex] Explanation FWD was supplied with a plim port or uidb index that exceeds the limit of num ports. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PORT fwd: invalid plim port [dec] for plim interface: [hex] Explanation FWD was supplied with a plim port or uidb index that exceeds the limit of num ports. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1441 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-MALLOC_FAILED fwd: fatal memory allocation error for [dec] bytes Explanation FWD encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-MALLOC_FAILED fwd: fatal memory allocation error for [dec] bytes Explanation FWD encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-MALLOC_FAILED fwd: fatal memory allocation error for [dec] bytes Explanation FWD encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-MISSING_IDB fwd: plim interface: [hex] does not have a netio idb. Explanation FWD was supplied with a plim interface that does not have an idb yet. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-MISSING_IDB fwd: plim interface: [hex] does not have a netio idb. Explanation FWD was supplied with a plim interface that does not have an idb yet. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1442 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-MUTEXOPFAIL [chars]: Mutex [chars] operation failed on [chars]; reason [chars] Explanation The packet subsystem failed to get mutex. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-MUTEXOPFAIL [chars]: Mutex [chars] operation failed on [chars]; reason [chars] Explanation The packet subsystem failed to get mutex. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-NETIO_IDB_UNAVAILABLE netio idb for interface [hex] not found, dropping packet 0x[pointer] Explanation While processing an ingress packet, the fwd driver failed to find netio idb Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-NETIO_IDB_UNAVAILABLE netio idb for interface [hex] not found, dropping packet 0x[pointer] Explanation While processing an ingress packet, the fwd driver failed to find netio idb Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-NO_OUTSTANDING_BMA_REQ fwd: received BMA buffer request response with no outstanding request Explanation FWD received a BMA interrupt indicating a response to a BMA buffer request but there was no request made Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1443 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-NO_OUTSTANDING_BMA_REQ fwd: received BMA buffer request response with no outstanding request Explanation FWD received a BMA interrupt indicating a response to a BMA buffer request but there was no request made Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-NOT_YET_IMPLEMENTED fwd: this function [chars] is not yet implemented Explanation FWD, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-NOT_YET_IMPLEMENTED fwd: this function [chars] is not yet implemented Explanation FWD, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-NOT_YET_IMPLEMENTED fwd: this function [chars] is not yet implemented Explanation FWD, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1444 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-PAK_PROC_ERR [chars] : [chars], pak equals [hex], rc equals [hex] Explanation There was an packet processing error. Possible causes 1) Unable to retrieve fabric dest addr from inside the pkt 2) Error setting/getting input ifh from pkt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-PAK_PROC_ERR [chars] : [chars], pak equals [hex], rc equals [hex] Explanation There was an packet processing error. Possible causes 1) Unable to retrieve fabric dest addr from inside the pkt 2) Error setting/getting input ifh from pkt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-QAD_EGRESS_Q_LOOKUP_ERR Failed to find netio egress qad queue. dropping packet 0x[pointer] Explanation While transmitting a packet down to the fabric, couldn’t find the egress queue Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-QAD_EGRESS_Q_LOOKUP_ERR Failed to find netio egress qad queue. dropping packet 0x[pointer] Explanation While transmitting a packet down to the fabric, couldn’t find the egress queue Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-QAD_Q_PRODUCE_FAILED Failed to populate netio egress queue, error - [chars] Explanation FWD driver failed to populate qad netio egress queue Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_NETIO_DLL Messages EM-1445 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-3-QAD_Q_PRODUCE_FAILED Failed to populate netio egress queue, error - [chars] Explanation FWD driver failed to populate qad netio egress queue Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-QAD_RX_THREAD_ERR Failed to create forwarder qad rx thread, error - [chars] Explanation FWD driver failed to create qad rx thread Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-QAD_RX_THREAD_ERR Failed to create forwarder qad rx thread, error - [chars] Explanation FWD driver failed to create qad rx thread Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-SET_INPUT_IF_ERR Failed to set input interface handle [hex] on packet Explanation While processing an ingress packet, the fwd driver failed to set input interface Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-3-SET_INPUT_IF_ERR Failed to set input interface handle [hex] on packet Explanation While processing an ingress packet, the fwd driver failed to set input interface Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Packet Infrastructure Messages FWD_TP_NETIO Messages EM-1446 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_NETIO_DLL-4-MISSING_IDB fwd: plim interface: [hex] does not have a netio idb. Could be transient. Explanation FWD was supplied with a plim interface that does not have an idb yet. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-FWD_NETIO_DLL-5-UNEXPECTED_PKT Unexpected packet has been received by PRP3 Netio Forward Driver. Type: [dec] Explanation An unexpected packet type was sent to the PRP3 Fabric. This will not impact functionality or performance. It is being reported for informational purposes only. Type: %d is the type of the packet that the driver rejected. Recommended Action No intervention is required. A log of these messages together with the gathered data should be kept for future reference by your Cisco technical representative. Error Message %PKT_INFRA-FWD_NETIO_DLL-6-INFO fwd: [chars] Explanation The fwd encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FWD_TP_NETIO Messages Error Message %PKT_INFRA-FWD_TP_NETIO-3-DEBUG_FAIL Failed to [chars] [chars] with the debugging subsystem: ’[chars]’ Explanation Teleport Netio DLL failed initialization or registration with the debugging subsystem. This resulted in the restart of NetIO process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FWD Messages EM-1447 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD_TP_NETIO-3-DEBUG_GET_EVM_FAIL Failed to get event manager handle to register with the debugging subsystem: ’[chars]’ Explanation Teleport Netio DLL failed to get the event manager handle from netio to register with debug system. This resulted in the restart of NetIO process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD_TP_NETIO-5-DEBUG_CLEANUP_FAIL Failed to cleanup registration with debugging subsystem: ’[chars]’ Explanation Teleport Netio DLL failed to cleanup the registration with the debugging subsystem. This may result in error when fwd DLL is re-registering with the debug system. If such an error is not noticed, no further action is needed. Recommended Action If error is observed during reregistration, this error message could be a clue about the reregistration failing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FWD Messages Error Message %PKT_INFRA-FWD-3-CAPS_ADD_FAIL Failed to add encapsulation [dec] protocol [dec] to interface CH[hex] ([hex]): [chars] Explanation Forwarder was not able to add this encapsulation to the forwarder interface. This will effect the traffic of this protocol type going to/from fabric. Recommended Action Based on the type of error, restart of forwarder or ifmgr process might help in the capsulation addition to the interface. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages FWD Messages EM-1448 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD-3-CHKPT_SAVE_ERR Error checkpointing data. This will not affect present service but forwarding of CPU bound traffic from this interface may be affected on fwd_driver_partner process restart. Ifh equals [hex], port num equals [dec], error equals [chars] Explanation FWD encountered an error while checkpointing interface info. While this will not affect present service, it will affect CPU bound fwding if partner process restarts. Recommended Action If any traffic is affected after partner process restart, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD-3-FATAL fwd: fatal error encountered, reason equals [chars], error equals [chars] Explanation FWD Driver partner encountered a fatal error and is not able to recover from the error. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed the there is no need to take any action. Otherwise check whether the error code contained in the message indicates that there was a failure to allocate the necessary memory and take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If resource allocation was not the problem and it hasn’t been fixed by a subsequent restart then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD-3-USAGE fwd: invalid option [chars] passed to fwd server Explanation Startup option supplied to FWD is not valid. Recommended Action The process will attempt to recover from this situation by restarting. If this message is not seen again and no other adverse effects are observed the there is no need to take any action. Otherwise Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD-4-NOT_YET_IMPLEMENTED fwd: this function [chars] is not yet implemented Explanation FWD, a function was not implemented. Recommended Action No action needs to be taken. Packet Infrastructure Messages HFR_FWD Messages EM-1449 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-FWD-6-IFMGR_REPLY_FAIL Response to IM Notfn [chars] failed for interface CH[hex] ([hex]), caps [dec], proto [dec] with error [chars] Explanation Forwarder was not able to reply to IFMGR notification. Based on the type of notification the traffic flowing through forwarder interface might or might not be affected. Recommended Action If any traffic is affected, restarting forwarder process or ifmgr process might help in fixing the issue. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-FWD-7-SPECIFY_PLIM_INTERFACE_RETRIES_COMPLETE All retries now complete. Forwarder and NetIO are in sync. Explanation All queued retries from forwarder to its NetIO DLL have been completed successfully. The two are now in sync and all slow-path forwarding should be operational. Recommended Action None - this is an indication of an error situation clearing. Error Message %PKT_INFRA-FWD-7-SPECIFY_PLIM_INTERFACE_RETRY_QUEUED [unsigned int] failures encountered (first error: [chars]) sending specify plim interface information to Forwarder NetIO DLL. Enqueuing retries Explanation The forwarder NetIO DLL returned errors when sent a bulk of specify plim interface information, most likely because the interface is not yet in NetIO. A retry has been enqueued. Recommended Action If this condition persists, it is likely NetIO is out of sync. Restarting NetIO should clear the issue. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HFR_FWD Messages Error Message %PKT_INFRA-HFR_FWD-3-FATAL hfr_fwd: fatal error encountered, reason equals [chars] Explanation HFR FWD Driver partner encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages HFR_FWD Messages EM-1450 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-HFR_FWD-3-FATAL_2 hfr_fwd: fatal error encountered, reason equals [chars], errno equals [dec] Explanation hfr_fwd encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-HFR_FWD-3-GEN_INFO hfr_fwd: general information,[chars] Explanation The HFR FWD’s informational message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-HFR_FWD-3-INFO hfr_fwd: service degrading error, reason equals [chars] Explanation The hfr_fwd encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-HFR_FWD-3-MALLOC_FAILED hfr_fwd: fatal memory allocation error for [dec] bytes Explanation HFR FWD encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PKT_INFRA-HFR_FWD-3-NOT_YET_IMPLEMENTED hfr_fwd: this function [chars] is not yet implemented Explanation HFR FWD, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages HFR_PFI Messages EM-1451 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-HFR_FWD-3-USAGE hfr_fwd: invalid option [chars] passed to fwd server Explanation Startup option supplied to HFR FWD is not valid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HFR_PFI Messages Error Message %PKT_INFRA-HFR_PFI-3-SET_GLOBALS_FAILED [chars] ([chars]) Explanation Platform PFI was unable to set globals Recommended Action No action is required. Error Message %PKT_INFRA-HFR_PFI-3-SET_GLOBALS_FAILED [chars] ([chars]) Explanation Platform PFI was unable to set globals Recommended Action No action is required. IFMGR_ENCAP Messages Error Message %PKT_INFRA-IFMGR_ENCAP-3-BC_ERR Encap change for [chars] [chars] [chars] failed(error [chars]) Explanation The code has hit an error situation for which there is no current handling, therefore the system may now be out of sync Recommended Action Repeat failed configuration command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages IFMGR Messages EM-1452 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IFMGR_ENCAP-3-INIT_ERR Process initialisation failed. [chars] : [chars] ([hex]) Explanation The code has hit an error situation for which there is no current handling, therefore the system may now be out of sync Recommended Action Repeat failed configuration command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR_ENCAP-3-SYSDB_ERR Sysdb [chars] for [chars] failed(error [chars]) Explanation The code has hit an error situation for which there is no current handling, therefore the system may now be out of sync Recommended Action Repeat failed configuration command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IFMGR Messages Error Message %PKT_INFRA-IFMGR-3-CAPS_DELETE Implicit remove: Intf [hex] ([chars]) caps [unsigned int], proto [unsigned int] (views [hex]) Explanation IM has implicitly removed some caps nodes as part of an interface delete. These caps nodes should have been removed prior to the interface delete. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-3-GSP_SEND_FAILED [chars] message send failed. Group ID: [hex], Group Name: [chars], Error: [hex] [chars] Explanation GSP has difficulty in delivering the message to some nodes. There could be a communication problem. Recommended Action If there is a problem, it might be cleared by restarting ifmgr. Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages IFMGR Messages EM-1453 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IFMGR-3-INIT Process initialisation failed. [chars]: [chars] ([hex]) Explanation There was a software error during process startup. Recommended Action The process will restart and try to recover. If this message is not seen again and no other adverse effects are observed then there is no need to take any action. Otherwise, check whether the error code contained in the message indicates that there was a failure to allocate the necessary memory and take the following action. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If resource allocation was not the problem and it hasn’t been fixed by a subsequent restart, then take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the process does not restart automatically, restart it manually. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-3-MISSING_RULES Failed to find [chars] rule for ID [unsigned int] Explanation IM is unable to create an interface/caps due to static information about the resource type being missing. The system may be in an inconsistent state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-3-RDQ_CLIENT_SEND_FAILED Failed to send message to IM Server: [chars] Explanation An IM client has failed to send a message to the server, most likely because the server’s queue is full. Recommended Action Check the ifmgr process. If it is blocked then try restarting it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-3-RDQ_SERVER_SEND_FAILED Failed to send message to client ’[chars]’ (cb [hex]): [chars] Explanation IM has failed to send a message to a client, most likely because the client’s queue is full. Recommended Action Check the process name listed in the message. If it is blocked then try restarting it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages IFMGR Messages EM-1454 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IFMGR-3-RULES_DUPLICATE_ID Error: Duplicate ID [dec] found in rules file [chars] Explanation A rule with no static id is found in rules file. Every rule should have exactly one static id assigned to it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-3-RULES_NO_ID Error: ID not found in the rules file [chars] Explanation A rule with no static id is found in rules file. Every rule should have a static id assigned to it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-4-CAPS_NOT_ALLOWED [chars] caps is not allowed on interface type [unsigned int] (allowed caps equals [chars]) ([chars]) Explanation The current operation failed because the capsulation is not allowed on this interface. Recommended Action Configure a valid caps on this interface or choose a different interface on which to configure this capsulation. Error Message %PKT_INFRA-IFMGR-4-CLIENT_API_ABUSE [chars]: [chars] Explanation An IM client has used the IM API in an unexpected way, usually implying a bug in the client code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages IFMGR Messages EM-1455 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IFMGR-4-IIR_ID_CONFLICT Member ID conflict while attempting to add interface CH[hex] to CH[hex]. [chars] Explanation Each member interface must have a unique ID, however during the addition of a new member an existing member with a matching ID was detected. The system will attempt to recover from this situation but if this is not possible then the system may end up in an inconsistent state. Recommended Action Check the status of the main interface and any members. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-4-LWM_UNEXPECTED_ERROR Unexpected error received in reply: code: [hex] (msgno equals [unsigned int], sparts equals [unsigned int] rparts equals [unsigned int]) Explanation This is a temporary ios_msg to identify when an unexpected error is returned when communicating with the IM server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-4-MTU_RANGE MTU out of range for interface CH[hex], protocol [unsigned int], encapsulation [unsigned int]. Minimum MTU [unsigned int], maximum MTU [unsigned int], actual MTU [unsigned int]. Explanation The MTU on an interface or encapsulation is outside its operational range. This may result in traffic loss on the interface. Recommended Action Check the MTU configuration on the interface, it may be necessary to raise or lower any configured values to achieve MTU values within the supported range. If this does not help Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-4-NB_DPC_DOWNLOAD_ERROR An error was encountered processing a non-blocking DPC for feature [chars] on interface CH[hex]. The system may be in an inconsistent state. Error: [chars] Explanation An error has been encountered during processing of a DPC that cannot be handled by the client due to the client having already been unblocked. This may have left the system in an inconsistent state, as this specified feature may not be configured correctly on the given interface. Recommended Action Try shutting down / no-shutting the interface in question. If this doesn’t work, try restarting the MA process for the feature in question. If this does not help Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages IFMGR Messages EM-1456 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IFMGR-6-GSP_SEND_RETRY [chars] message send error. Group ID: [hex], Group Name: [chars], Error: [hex] [chars] Explanation GSP has difficulty in delivering a message to some nodes. There could be a communication problem. This warning is for information only since the message will be resent. Recommended Action No action is required. Error Message %PKT_INFRA-IFMGR-6-IMPLICIT_DOWNLOAD_FAIL After [unsigned int] minutes of retries, implicit download of [unsigned int] interfaces is still failing (first intf CH[hex], error: [chars]) Explanation An error was repeatedly encountered while attempting to replicate the dataplane of an interface to a node to which it implicitly required replication (e.g. due to wildcard replication being used, and a new node coming up later). This may cause forwarding on this interface (via this node) to be broken. Recommended Action The download will continue to be retried, so if the issue is transient and just taking a long time to clear then it will clear eventually and this message will stop appearing. If this message continues to be seen for a long time Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-6-LWM_UNEXPECTED_PULSE Ignoring unexpected pulse with code [unsigned int], value [hex] Explanation This error message indicates that a pulse has been delivered to the event manager in the IM client library which was intended for someone else. This is almost certainly harmless in this case since IM has detected and ignored the event. Recommended Action No action is required. Error Message %PKT_INFRA-IFMGR-6-MUTEX_MONITOR_EVENT_REGISTER Failure registering for mutex revival Explanation IM was unable to perform a system operation that it expects to succeed. IM will exit and restart in an effort to help clear the condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages IMAEDM Messages EM-1457 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IFMGR-6-OUT_OF_MEMORY Ifmgr was unable to allocate memory for an operation. Ifmgr will exit and restart to attempt to clear this condition Explanation IM was unable to allocate the memory it needed - indicating the system is in a very low-memory condition, which should be recovered by wdsysmon automatically. IM will exit and restart in an effort to help clear the low memory condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-6-PREMATURE_OP [chars] operation from callback [hex] received for interface CH[hex] that has not been created. Explanation A client performed an operation on an interface that is in the progress of being created. In general, the interface handle for the interface being created is not published until the interface create has completed. The most likely reason for this log is that the client is using a stale interface handle (for example, from before a linecard OIR). An IM_ERROR_NOTFOUND error is returned to the client. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IFMGR-6-SYSTEM_ERR Ifmgr encountered an unexpected error calling ’[chars]’: [chars] ([dec]). [chars] Explanation IM was unable to perform a system operation that it expects to succeed. IM may exit and restart in an effort to help clear the condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IMAEDM Messages Error Message %PKT_INFRA-IMAEDM-3-EVENT_CONN_CREATE_FAILED [chars]: could not create connection structure for the connection to [chars]: [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Packet Infrastructure Messages IMAEDM Messages EM-1458 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IMAEDM-3-EVENT_CONN_NOTIFY_FAILED [chars]: could not set notify handler for connection opens and errors to [chars] : [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-IMAEDM-3-EVENT_CONN_OPEN_ALL_FAILED [chars]: opening all connections of Event Manager failed: [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-IMAEDM-3-INTERNAL_ERR [chars]: Internal error: [chars]: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IMAEDM-3-SYSMGR_PROC_READY_FAILED [chars]: sysmgr_proc_ready failed: [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-IMAEDM-3-TIMER_CREATE_FAILED [chars]: Timer creation failed: [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Packet Infrastructure Messages IMAEDM Messages EM-1459 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IMAEDM-7-BAG_REG_FAILED [chars]: bag register error is detected; [chars]. Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-IMAEDM-7-DEBUG_INIT_EVENT [chars]: Debug initialization for the im/imaedm/[chars] event failed: [chars] Explanation An error was returned when the IM Attribute EDM server called the debug_init_event() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IMAEDM-7-DEBUG_REGISTER [chars]: Debug registration for IM Attribute EDM server failed: [chars] Explanation An error was returned when the IM Attribute EDM server called the debug_register() function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IMAEDM-7-EDM_INIT_FAILED [chars]: Failed to open EDM connections (retries [unsigned int][chars]). Turn on debug imaedm errors to diagnose failure. Explanation The opening of EDM connections has failed repeatedly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages IMATTR Messages EM-1460 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IMAEDM-7-EVM_CREATE_FAILED [chars]: event_manager_create failed; [chars] Explanation The event_manager_create function reported an error trying to initialize the event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IMATTR Messages Error Message %PKT_INFRA-IMATTR-3-DUPLICATE Received duplicate successful replies for interface [hex], attribute type [chars] Explanation The attribute client has received duplicate successful responses for this attribute on this interface. This would suggest that multiple attribute owners have been configured for this (interface, attribute) pair. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-IMATTR-3-NOTIFY_FAILED A bulked notification message failed to be sent: [chars] Explanation The attribute owner library has failed to send a bulk notification message to the attribute clients. However, the attribute owner that produced these notifications is not aware that they failed to be sent. This could result in the attribute clients being out of sync with this owner. Recommended Action If the system appears to be in a low-memory condition (check the output of ’show mem summary’) then this is most likely the cause of the problem. Please try to fix the low-memory condition. If this is not the case, then contact technical support. Error Message %PKT_INFRA-IMATTR-3-SET_REPLY_FAILED At least 1 item in a bulk set/clear operation succeeded, but the client cannot be informed due to an error: [chars] Explanation The attribute owner library has failed to reply to the client to inform it that a set or clear operation has succeeded. This could result in the client being out of sync with the owner. Recommended Action If the system appears to be in a low-memory condition (check the output of ’show mem summary’) then this is most likely the cause of the problem. Please try to fix the low-memory condition. If this is not the case, then contact technical support. Packet Infrastructure Messages INTERFACE_CONFIG Messages EM-1461 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-IMATTR-3-UNKNOWN_PULSE Received an asynchronous message from an unknown source which has been dropped (pulse code [hex], request 0x[pointer]) Explanation The attribute client or owner has received a pulse which is not expected, and cannot be handled. This message has been dropped. If no other problems are seen then the error can be considered harmless. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INTERFACE_CONFIG Messages Error Message %PKT_INFRA-INTERFACE_CONFIG-3-SET_DEFAULT_ERR Couldn’t reset MAC address value for interface [chars] (error: [chars]) Explanation An error occurred while resetting the MAC address for the specified interface to the default. The interface may still have the wrong MAC address, and different parts of the system may be using different values for the interface’s MAC address. Recommended Action If the message appeared as a result of applying configuration, try removing and re-applying the configuration concerned. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-INTERFACE_CONFIG-3-SET_ERR Could not set MAC address for interface [chars] (error: [chars]) Explanation An error occurred while setting the MAC address for the specified interface to the configured value. The interface may still have the wrong MAC address, and different parts of the system may be using different values for the interface’s MAC address. Recommended Action If the message appeared as a result of applying configuration, try removing and re-applying the configuration concerned. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages INTF_MGBL Messages EM-1462 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-INTERFACE_CONFIG-4-EVENT_BLOCK_ERROR An error occurred while waiting for an event (error: [chars]) Explanation The Interface Configuration process encountered an error while waiting for an event. The process will automatically restart and retry. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-INTERFACE_CONFIG-4-INIT_FAILURE Initialisation failure during [chars]: error [chars] Explanation The Interface Configuration process encountered an error while initialising. It will not be possible to configure interface MAC addresses until the process starts successfully. The process will automatically restart and retry. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INTF_MGBL Messages Error Message %PKT_INFRA-INTF_MGBL-7-INIT_FAILED Initialisation Failed. Task: ’[chars]’ Error: ’[chars]’ Explanation The process failed to initialise and will exit. Recommended Action The process will be restarted automatically. If the error happens repeatedly then contact support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LINEPROTO Messages Error Message %PKT_INFRA-LINEPROTO-5-UPDOWN Line protocol on Interface [chars], changed state to [chars] Explanation The data link level line protocol changed state. Recommended Action If the state change was unexpected, confirm the configuration settings for the interface and line protocol.Packet Infrastructure Messages LINK Messages EM-1463 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LINK Messages Error Message %PKT_INFRA-LINK-3-UPDOWN Interface [chars], changed state to [chars] Explanation The interface hardware went either up or down. Recommended Action If the state change was unexpected, confirm the configuration settings for the interface. Error Message %PKT_INFRA-LINK-4-BERTADMINDOWN [chars] is administratively down Explanation Unable to start BERT because controller in admin down state Recommended Action None. Error Message %PKT_INFRA-LINK-4-BERTNOTRUNNING [chars] is not running BERT Explanation Trying to stop BERT when not running Recommended Action None. Error Message %PKT_INFRA-LINK-4-BERTRESTART [chars] is already running BERT Explanation Restarting a running BERT is not allowed Recommended Action None. Error Message %PKT_INFRA-LINK-4-BERTSTART [chars] could not start BERT Explanation BERT could not be started Recommended Action None. Error Message %PKT_INFRA-LINK-4-BERTSTATUS [chars] [chars] Explanation The bert status of the link Recommended Action None. Packet Infrastructure Messages LPTS_PA_FGID_DB Messages EM-1464 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-LINK-5-CHANGED Interface [chars], changed state to [chars] Explanation The interface has changed state. Recommended Action If the state change was unexpected, confirm the configuration settings for the interface. LPTS_PA_FGID_DB Messages Error Message %PKT_INFRA-LPTS_PA_FGID_DB-3-INFRA_ERR Unrecoverable error in FGID resource managing infrastructure : [chars] Explanation A severe internal error was detected while using Fabric Multicast Group Indentifier(FGID) resource managing infrastructure APIs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-LPTS_PA_FGID_DB-3-INFRA_ERR Unrecoverable error in FGID resource managing infrastructure : [chars] Explanation A severe internal error was detected while using Fabric Multicast Group Indentifier(FGID) resource managing infrastructure APIs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. netio_debug Messages Error Message %PKT_INFRA-netio_debug-3-INIT_FAILED NetIO debugging partner initialization failed: [chars] (Err equals [chars]) Explanation The NetIO debugging partner process initialization failed. This could happen due to errors in various server processes. The error code and its text in the message will reveal the source of the error. Recommended Action If the process restarts and this message is not repeating, no actions are needed. If this message recurs, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages NETIO Messages EM-1465 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-netio_debug-4-ASYNC_HANDLER Couldn’t install the default handler for async messages, err: [chars] Explanation The NetIO debugging partner process couldn’t install the default event handler for async messages. Recommended Action No action is required. NETIO Messages Error Message %PKT_INFRA-NETIO-3-ERR_ARP [chars], [chars], [dec] Explanation ARP netio error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-NETIO-3-ERR_INIT [chars] : Failed to initialize ipv4 proto for [chars] with error ([chars]) Explanation netio initialization error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-NETIO-3-ERR_MEDIA_REGISTER [chars] : Failed for ipv4 proto to [chars] ([chars]) Explanation netio media register or callback error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages NETIO Messages EM-1466 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-NETIO-3-ERR_PACKET_INPUT Failed to input the packet for [chars] ([chars]) Explanation Failed to input the packet. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-NETIO-3-ERR_RESYNC An error occurred during a synchronization with Interface Manager: Failed to [chars], error: [chars] Explanation An error occurred while processing a resync from Interface Manager. If this message is repeatedly seen then the software packet path on this node may be broken. Recommended Action The process will reconnect to Interface Manager and try to recover. If this message is not seen again then the issue has been recovered and no further action is required. If this message continues to be seen Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-NETIO-3-LTRACE_INIT ltrace_init failed for ’[chars]’: [chars] Explanation Netio ltrace facility failed to initlize one of the trace buffers. The Netio trace information will not be available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-NETIO-3-PAK_NETIO_MUTEX_LOCK [chars] : Failed to acquire pak netio mutex lock ([chars]) Explanation ARP netio error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages NETIO Messages EM-1467 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-NETIO-3-SCRIPT_ERR_MEM_ALLOC Cannot allocate memory in [chars] Explanation Internal error. System is out of memory - malloc failed. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-NETIO-3-SCRIPT_FAIL netio script failed: [chars] Explanation An error occurred during netio script processing. Please check the error message for more details. Recommended Action Check if the script file exists and is in correct format. If the message recurs, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-NETIO-3-SELFMANAGE_FAILURE [chars] failed during self managed upgrade of DLL/SMU, Error: [chars] Explanation NetIO was attempting a hitless upgrade of a DLL that was part of a SMU/PIE. A step during this operation encountered this error. Netio may or may not be able to perform the DLL upgrade successfully when this error is encountered. Recommended Action If the DLL upgrade is successful, no further action is needed. Otherwise it is recommended that netio is restarted, to recover from an inconsistent DLL upgrade state in NetIO. Restart of netio should lead to the new DLL take effect and bring back things to normal. Error Message %PKT_INFRA-NETIO-4-BAD_PACKET NetIO received a packet with no data particle in it, packet: 0x[pointer], packet PID: [dec] Explanation NetIO received a bad packet from the driver (or from an application) that had no particle data in it. NetIO drops these packets. If too many such packets belonging to a routing protocol are received and dropped, we have a potential possibility of an adjancency flap. Recommended Action If no side effects are observed nothing needs to be done and NetIO would just drop these packets and continue with its normal operation. If this message is seen many number of times, it indicates some sort of issue in the driver sending packets to NetIO and the driver needs to be analysed further, in that case Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages NETIO Messages EM-1468 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-NETIO-4-SCRIPT_WARNING script [chars]([dec]): [chars] Explanation An internal syntax error was detected in the script file. The current line was skipped and the execution of the script continued. Recommended Action Check the script for the skipped or ignored line. Make syntax changes as needed. Error Message %PKT_INFRA-NETIO-5-SELFMANAGE_UPGRADE_NOTICE NetIO DLL [chars] is being upgraded. NetIO will be restarted Explanation NetIO gets restarted whenever we upgrade a DLL that does not support NetIO DLL upgrade. This should not cause any problems to the router and NetIO should come back up fine after restart. Recommended Action This should not cause any problems in the router, NetIO should restart and come back up fine & resume its normal functionality. If it causes any routing issues such as adjacency going down or some other problem, one potential cause is that NetIO took longer to restart. NetIO restart time is a function of number of interfaces configured in NetIO on this node. ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-NETIO-6-ERR_THREAD_MUTEX packet mutex [chars] failed : [chars] Explanation NetIO was unable lock/unlock the packet mutex. This could lead to certain cases when the same packet is used Recommended Action -- Error Message %PKT_INFRA-NETIO-6-SELFMANAGE_INFO NetIO is upgrading([chars]) the dll [chars] Explanation Netio is upgrading this dll. This is here only for informational purpose only. No further action is recommended/needed. Recommended Action ’No action is required.’ Packet Infrastructure Messages NETIO Messages EM-1469 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-NETIO-7-ERR_CREATE_IDB create idb error: interface ifhandle [hex] already in datastore with name [chars], new name [chars] Explanation Netio already has this IDB in its datastore. It is getting a request for create for the same interface handle but with a different name. This could possibly cause issues with this interface in NetIO. Recommended Action After the information is gathered, restart of netio/improxy should possibly bring netio in sync with ifmgr leading to the delete of this idb from Netio. If the create operation is retried it might succeed. ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-NETIO-7-ERR_DELETE_IDB_SUBBLOCK delete idb:interface (ifhandle equals [hex], name [chars]) having subblocks (name [chars], refcount [dec]) cannot be deleted. Error: [chars] Explanation NetIO cannot delete an interface which still has subblocks associated with it. This error could potentially cause issues with recreate of any interface, if the same interface handle is reused. Recommended Action After the information is gathered, restart of netio/improxy should possibly will bring them in sync with ifmgr & delete the protocol chains and hence the subblocks. If restart doesnot help. ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-NETIO-7-ERR_DELETE_IDB_SUBINTF delete idb: interface (ifhandle equals [hex], name [chars]) having subinterfaces (demux index: [dec], ifh [hex], name [chars]) cannot be deleted. Error: [chars] Explanation NetIO cannot delete a interface which still have subinterfaces under it. This could potentially cause issues with recreate of any interface, if the same interface handle is reused. Recommended Action After the information is gathered, restart of netio/improxy should possibly bring them in sync with ifmgr & delete the main and subinterfaces. ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Packet Infrastructure Messages PAK_CAPTURE Messages EM-1470 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-NETIO-7-ERR_DELETE_IDB_SUBINTF_ASSOC delete idb: interface (ifhandle equals [hex], name [chars]) has [unsigned int] subinterfaces associated with it and cannot be deleted. Error: [chars] Explanation NetIO cannot delete a interface which still have subinterfaces under it. This could potentially cause issues with recreate of any interface, if the same interface handle is reused. Recommended Action After the information is gathered, restart of netio should possibly bring netio in sync with ifmgr & delete the main and subinterfaces. ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-NETIO-7-ERROR_INIT [chars] Failed, Error: [chars] Explanation NetIO process has problem initializing its database and attempts to restart in an attempt to recover from the error. Recommended Action The process attempts to restart on detecting this failure, in an effort to recover from the failure. If after restart things recover, then nothing more needs to be done. If the error is seen when the system is low on system resources, once the system resource like memory, cpu go back to normal state, the process should succeed in coming back up. If the process fails to recover and repeatedly exits then the ios message will have the details of what part of initialization failed and the reason for it, for further action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. PAK_CAPTURE Messages Error Message %PKT_INFRA-PAK_CAPTURE-4-ECC_ERROR packet dropped in hw due to programming error: pkt type [hex] pkt: [chars] Explanation A packet was dropped in hardware due to bad programming or a hardware error. This is a raw dump of the packet to aid in debugging. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages PAK Messages EM-1471 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAK_CAPTURE-4-ECC_ERROR packet dropped in hw due to programming error: pkt type [hex] pkt: [chars] Explanation A packet was dropped in hardware due to bad programming or a hardware error. This is a raw dump of the packet to aid in debugging. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PAK Messages Error Message %PKT_INFRA-PAK-3-DEBUGINITFAIL [chars] Explanation An error occurred during packet debug events initilization. Refer to the error message for the particular cause. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAK-3-PTCL_LIST_NOT_NULL When getting packet header, particle list on returned packet non-NULL ([pointer]). Packet last owned by [unsigned int] Explanation A packet header on the free list had a non-NULL particle list. Recommended Action Please collect a core dump of the packet client that emitted the message, or whose pid matches that in the error message with ’exception pakmem on’ configured. Error Message %PKT_INFRA-PAK-7-EXCEPTION_LITE packet exception, reason: [chars] Explanation An software exception had occurred in the packet manager library. The client process terminated with exit code -1. The reason is that the client passed an invalid packet to packet manager library and led to the exception. Recommended Action Normally the client process will restart and re-connect to packet manager. If any of these messages recur, call your technical support representative for assistance. Packet Infrastructure Messages PAKPLATFORM Messages EM-1472 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAK-7-GETNODENAMEFAIL Failed to get node name Explanation The Packet manager library was unable to retrieve the nodename for the node/linecard. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAK-7-SPP_TRYMAP __spp_trymap: [chars] Explanation The vector packet path API bind routine has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PAKPLATFORM Messages Error Message %PKT_INFRA-PAKPLATFORM-3-CONNECTFAIL Connect to the packet server failed. Reason : [chars] Explanation The platform driver was not able to connect to the packet server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-PAKPLATFORM-6-REGION_TOO_BIG Platform attempted to define a packet region that was too large: Start:0x[pointer] Size:[dec] Explanation The platform driver attempted to define a packet memory region larger than is currently supported. This will be automatically reduced to a supported size. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages PAKSRV Messages EM-1473 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKPLATFORM-6-SENDFAIL Send data to the packet server failed. Reason : [chars] Explanation The platform driver was not able to send data to the packet manager. This could happen when the platform driver is trying to send the initilization information to the packet manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PAKSRV Messages Error Message %PKT_INFRA-PAKSRV-2-ERR_MUTEX_REVIVAL Failed to revive the packet mutex, reason: [chars] Explanation The packet subsystem failed to revive the packet mutex. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-2-MEMUTILMAPFAIL Memory mapping for [chars] failed, reason: [chars] Explanation Memory maping for the specified area failed and packet server will restart. Recommended Action If the error is not rectified after two or more restarts, please call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-3-BADPAK Corruption detected in the [chars] at [pointer] owned by packet [pointer] belonging to process [dec] Explanation Consistency check detected corruption in the specified area of the specified packet. This will cause packet manager to restart. Please report the message and value to your technical support representative. Recommended Action If any of these messages recur, call your technical support representative for assistance. Packet Infrastructure Messages PAKSRV Messages EM-1474 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKSRV-3-DIAGFAIL Packet server: line [dec], fatal misalignment. Explanation Packet server internal structures are misaligned. This is a fatal programming error. The value is a marker for tracking down the misalignment. Please report the message and value to your technical support representative. Recommended Action Call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-3-ERR_MEM_ALLOC Memory allocation failed in process [dec] at [chars] Explanation Packet server failed to allocate more memory. Recommended Action It may be necessary to free some memory by exiting a program. If this message recurs, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-BADPTCL_DUMP [chars]: [chars] Explanation Particle body corruption is detected. This message follows a BADPAK message and dumps the first few bytes of the particle body and the last few bytes of the one before. Recommended Action None. This is message is only for debugging purpose. Error Message %PKT_INFRA-PAKSRV-7-BCASTFAIL Failed to send broadcast message [dec] to client [dec], error: [chars] Explanation Packet server failed to send a broadcast message to the client. This will result in the client being unaware of an event that occurred in the packet server. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-CHANCREATEFAIL Failed to create a channel and event manager, error: [chars] Explanation Packet server failed to create an event manager and channel. Clients will be unable to connect to packet server, and packet server will be unable to send and receive messages. Recommended Action If any of these messages recur, call your technical support representative for assistance. Packet Infrastructure Messages PAKSRV Messages EM-1475 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKSRV-7-CHUNKCREATEFAIL Chunk creation for packet headers failed Explanation Could not allocate a chunk of memory for the packet headers. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-CONDWAITFAIL Conditional wait operation on [chars] in [chars] failed; reason [chars] Explanation The packet subsystem failed to perform a conditional wait. This usually indicates a programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-PAKSRV-7-DEBUGINITFAIL Packet server debug initialization: [chars] failed, error [chars] Explanation The debug support initalization failed in the packet server. It will be restarted by sysmgr and should recover. Recommended Action If packet manager is unable to start up after several restarts by sysmgr, please collect the ’sh log’ output and contact your customer support representative. Error Message %PKT_INFRA-PAKSRV-7-DEQUEUEFAIL Failed to remove client [dec] from clients list at [chars] Explanation Packet server failed to remove the specified client from the client list queue. This may cause the client fail to reconnect to packet server. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-ENQUEUEFAIL Fail to insert client [dec] into the list of clients at [chars] Explanation Packet Server failed to insert a client into client list queue. This will prevent the client from connecting to packet server. Recommended Action If any of these messages recur, call your technical support representative for assistance. Packet Infrastructure Messages PAKSRV Messages EM-1476 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKSRV-7-ERR_CHKPT_OP [chars]: [chars] check point operation failed, reason : [chars] Explanation A check point operation failed in packet manager. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-ERR_EVM_ATTACH Failed to attach event handler. Explanation The packet subsystem encountered an error when attaching a handler for synchronous or asynchronous events. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-ERR_MUTEX_INIT Failed to initialize packet mutex, reason: [chars] Explanation The packet subsystem failed to initialize the packet mutex. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-ERR_MUTEX_MONREG Packet server registration for mutex monitoring (revival) failed, error [chars] Explanation Packet server failed to register for the mutex revival and will exit. It will be restarted by sysmgr. Recommended Action If packet manager is unable to start up after several restarts by sysmgr, please collect the ’sh log’ output and contact your customer support representative. Error Message %PKT_INFRA-PAKSRV-7-ERR_MUTEX_OP Mutex [chars] operation on [chars] in [chars] failed; reason [chars] Explanation The packet subsystem failed to perform the specified operation on the specified mutex. This usually indicates a programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages PAKSRV Messages EM-1477 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKSRV-7-ERR_THREAD_ATTR_SET [chars]: Failed to set thread attributes Explanation Packet server unable to set the thread’s attributes. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-ERR_THREAD_CREATE Failed to create the [chars] thread Explanation Packet server was unable to create the specified thread. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-ERR_THREAD_DETACH [chars]: Failed to detach from a new thread Explanation Packet server was unable to detach from a new thread. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-FSVFAIL [chars]: fsv_register for name equals [chars] failed, error : [dec] Explanation An automatic register for one of the FSVs failed. Recommended Action If any of these messages occur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-GET_RENDEZVOUS msg_chan_get_rendezvous failure: [chars]. Explanation msg_chan_get_rendezvous failed. Recommended Action If any of these messages recur, call your technical support representative for assistance. Packet Infrastructure Messages PAKSRV Messages EM-1478 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKSRV-7-GETPIDFAIL Failed to get client’s pid at [chars] Explanation Packet Server failed to get the client’s pid. This will prevent the client from connecting to packet server. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-HSSDFAIL [chars]: hssd_register for name equals [chars],size equals [dec] failed, error : [dec] Explanation An automatic register for one of the HSSDs failed. Recommended Action If any of these messages occur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-INITFAIL Packet server initialization failed. Reason : [chars] Explanation The packet subsystem was not able to initialize properly. It will be restarted by sysmgr and should recover. Recommended Action If packet manager is unable to start up after several restarts by sysmgr, please collect the ’sh log’ output and contact your customer support representative. Error Message %PKT_INFRA-PAKSRV-7-MSGREPLYFAIL Failed to reply to client [dec] message [dec] at [chars] Explanation Packet server failed to reply to a client’s request. This will result in the client getting blocked on packet server. Recommended Action Restart the specified client. If the problem is not rectified, contact customer support. Error Message %PKT_INFRA-PAKSRV-7-PAKBCASTFAIL Broadcast to clients from packet server failed Explanation Packet server failed to broadcast to message to its clients that it is about to restart. Recommended Action If any of these messages recur, call your technical support representative for assistance. Packet Infrastructure Messages PAKSRV Messages EM-1479 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKSRV-7-PARTICLEINITFAIL Particle initialization failed. Explanation Packet server was not able to initialize the particles correctly and will restart. Recommended Action If the error is not rectified after two or more restarts, please call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-QSM_ADD_SERVICE qsm_add_service failure: [chars]. Explanation qsm_add_service failed. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-SIGALRM Received SIGALRM unexpectedly, ignored. Explanation An unexpected signal SIGALRM was received. Recommended Action If any of these messages occur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-SIGNAL signal: [chars]. Explanation The packet subsystem encountered an error while performing a signal operation. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-SYSMGR_GET_NODE_STATE Failed to get node state from Sysmgr: [chars]. Explanation Packet server failed to get node state from sysmgr. Recommended Action If any of these messages recur, call your technical support representative for assistance. Error Message %PKT_INFRA-PAKSRV-7-TIMER [chars]: timer: [chars]. Explanation The packet subsystem encountered an error while operating/handling a timer. Recommended Action If any of these messages recur, call your technical support representative for assistance.Packet Infrastructure Messages PAKWATCH Messages EM-1480 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PAKWATCH Messages Error Message %PKT_INFRA-PAKWATCH-6-DOUBLE_FREE Particle [pointer] with [dec] refcount being freed Explanation An attempt has been made to free a packet buffer that is already freed. This usually indicates the process using the particle has used it after it has been returned. Recommended Action Please collect a core dump of the process from which the message is output, using the ’dumpcore running’ command to catch the current packet memory state (’exception pakmem on’ must also be configured). Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-PAKWATCH-6-HEADER_CORRUPTION [chars] free list NULL when count shows [unsigned int] headers free Explanation The particle/header free list and particle/header free count are out of sync; probable corruption of packet memory. Recommended Action Please collect a core dump of the process from which the message is output, using the ’dumpcore running’ command to catch the current packet memory state (’exception pakmem on’ must also be configured). Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-PAKWATCH-6-INFO Depletion level [dec] percent for resource [chars]: Explanation The info about the current depletion level of the specified resource. Recommended Action It is an informational message. Error Message %PKT_INFRA-PAKWATCH-6-INFO_BODY [chars] [dec] [dec] Explanation The resource depletion information in the following format: PROCESS_NAME PID COUNT Recommended Action It is an informational message. Packet Infrastructure Messages PFI_IFH Messages EM-1481 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-PAKWATCH-6-INFO_HEAD [chars] [chars] [chars] Explanation The header for resource depletion information that follows this message. It is of the format: PROCESS_NAME PID COUNT Recommended Action It is an informational message. Error Message %PKT_INFRA-PAKWATCH-6-TRACEBACK [chars] Explanation The traceback info about caller Recommended Action It is an informational message. Error Message %PKT_INFRA-PAKWATCH-6-USER_INFO Top [dec] users of [chars]: Explanation The info about the top users of the specified resource. Recommended Action It is an informational message. Error Message %PKT_INFRA-PAKWATCH-6-USER_INFO2 Only [dec] users found using [chars]. Explanation The info about the total number of users of the specified resource. Recommended Action It is an informational message. PFI_IFH Messages Error Message %PKT_INFRA-PFI_IFH-4-FAIL [chars]: [chars] ([hex]) Explanation An error occured in the ifh process. This may lead to problems elsewhere in the system. Recommended Action If no further problems are seen, this warning may probably safely be ignored. If the message recurs, or problems are seen elsewhere in the system, take the following action. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Packet Infrastructure Messages PFI Messages EM-1482 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PFI Messages Error Message %PKT_INFRA-PFI-3-ASSERT Fatal error - assert condition [chars] failed - [chars] thread [dec] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ PLATFORM_C12000_NETIO_LIB Messages Error Message %PKT_INFRA-PLATFORM_C12000_NETIO_LIB-4-FINT_IDB_NOT_FOUND Failed to obtain netio idb for FINT interface Explanation The FINT idb is not yet created in netio. This could be a transient condition. Recommended Action Please capture the following information and if traffic loss also is being observed Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. show logging show proc blocked Error Message %PKT_INFRA-PLATFORM_C12000_NETIO_LIB-4-GET_MYNODEID_FAIL Failed to obtain my node id [chars] Explanation Unable to determine my node id using platform api. Recommended Action Please capture show proc ouput and show logging output - ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-PLATFORM_C12000_NETIO_LIB-4-GET_PPINDEX_INFO_FAIL Lookup for ppindex([dec]), pp_proto([dec]), failed due to [chars] Explanation Unable to get the adjacency and next hop information from given ppindex. Recommended Action Please capture the following information and if traffic loss also is being observed Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. show logging show proc blockedPacket Infrastructure Messages PLATFORM_HFR_NETIO_LIB Messages EM-1483 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLATFORM_HFR_NETIO_LIB Messages Error Message %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-FINT_IDB_NOT_FOUND Failed to obtain netio idb for FINT interface Explanation The FINT idb is not yet created in netio. This could be a transient condition. Recommended Action Please capture the following information and if traffic loss also is being observed Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. show logging show proc blocked Error Message %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-FINT_IDB_NOT_FOUND Failed to obtain netio idb for FINT interface Explanation The FINT idb is not yet created in netio. This could be a transient condition. Recommended Action Please capture the following information and if traffic loss also is being observed Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. show logging show proc blocked Error Message %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-GET_MYNODEID_FAIL Failed to obtain my node id [chars] Explanation Unable to determine my node id using platform api. Recommended Action Please capture show proc ouput and show logging output - ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-GET_MYNODEID_FAIL Failed to obtain my node id [chars] Explanation Unable to determine my node id using platform api. Recommended Action Please capture show proc ouput and show logging output - ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Packet Infrastructure Messages PLATFORM_PFI Messages EM-1484 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLATFORM_PFI Messages Error Message %PKT_INFRA-PLATFORM_PFI-4-IFHANDLE_DECODE Could not map handle [hex] to slot Explanation The interface handle cannot be mapped to a slot on the card. Recommended Action Debug message only. *DEBUG* Error Message %PKT_INFRA-PLATFORM_PFI-4-INIT Failed to initialise [chars] Explanation An error occured when a module was going to be initialised. This may cause the process to terminate. Recommended Action Restarting the process might help. PLATFORM_VKG_NETIO_LIB Messages Error Message %PKT_INFRA-PLATFORM_VKG_NETIO_LIB-4-FINT_IDB_NOT_FOUND Failed to obtain netio idb for FINT interface Explanation The FINT idb is not yet created in netio. This could be a transient condition. Recommended Action Please capture the following information and if traffic loss also is being observed Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. show logging show proc blocked Error Message %PKT_INFRA-PLATFORM_VKG_NETIO_LIB-4-GET_MYNODEID_FAIL Failed to obtain my node id [chars] Explanation Unable to determine my node id using platform api. Recommended Action Please capture show proc ouput and show logging output - ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Packet Infrastructure Messages PLATFORM_VKG_PFI_LIB Messages EM-1485 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLATFORM_VKG_PFI_LIB Messages Error Message %PKT_INFRA-PLATFORM_VKG_PFI_LIB-3-SET_GLOBALS_FAILED [chars] ([chars]) Explanation Platform PFI was unable to set globals Recommended Action No action is required. PQMON Messages Error Message %PKT_INFRA-PQMON-6-QUEUE_DROP Taildrop on [chars] queue [dec] owned by [chars] (jid equals [dec]) Explanation A producer process was unable to produce into a software queue because the queue was full. This typically means that the owning process is blocked or CPU is under heavy stress. Recommended Action These messages are for the purpose of proactively alerting the operator to any potential issues that may arise from tail drops on the software queues. If no impact (such as routing protocol flaps or traffic loss) is seen, these messages can be ignored. For debugging, please collect the following information. ’show logging’ ’show pqmon trace’ ’show packet-memory trace mutex’ Error Message %PKT_INFRA-PQMON-6-QUEUE_HIGH_THRESH Build-up detected on [chars] queue [dec] owned by [chars] (jid equals [dec]) Explanation The amount of work queued into a software queue has crossed the high threshold (three-fourths of the queue size). This typically means that the owning process is blocked or CPU is under heavy stress and, hence, the owner process is unable to process the queued work items. Recommended Action These messages are for the purpose of proactively alerting the operator to any potential issues that may arise from queue build-up on the software queues. If no impact (such as routing protocol flaps or traffic loss) is seen, these messages can be ignored. For debugging, please collect the following information. ’show logging’ ’show pqmon trace’ ’show packet-memory trace mutex’ Error Message %PKT_INFRA-PQMON-6-QUEUE_LOW_THRESH Build-up cleared on [chars] queue [dec] owned by [chars] (jid equals [dec]) Explanation Informational message to indicate that a queue build-up has cleared up. This message coupled with the corresponding queue build-up message can give an indication of how long the queue build-up condition lasted. Recommended Action None.Packet Infrastructure Messages spp Messages EM-1486 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 spp Messages Error Message %PKT_INFRA-spp-0-EMERG [chars] Explanation An emergency error has been detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-spp-1-ALERT [chars] Explanation An alert error has been detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-spp-2-CRIT [chars] Explanation A critical error has been detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-spp-3-ERR [chars] Explanation An error has been detected. Recommended Action If the process restarts and this message is not repeating, no actions are needed. If this message recurs, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-spp-4-WARNING [chars] Explanation A warning codition has been detected. Recommended Action If this message is not repeating, no actions are needed. If this message recurs, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages SVII_ADJ_LIB Messages EM-1487 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-spp-5-NOTICE [chars] Explanation A condition worthy of note has been detected. Recommended Action No action is required. Error Message %PKT_INFRA-spp-6-INFO [chars] Explanation An informational message. Recommended Action No action is required. Error Message %PKT_INFRA-spp-6-INFO_TRACEBACK [chars] Explanation An informational message. Recommended Action No action is required. Error Message %PKT_INFRA-spp-7-DEBUG [chars] Explanation A debug message. Recommended Action No action is required. SVII_ADJ_LIB Messages Error Message %PKT_INFRA-SVII_ADJ_LIB-3-ADJ_DATA_CORRUPT The SVI Adjacency Manager was provided with corrupt adjacency data for [chars] SSC belonging to service [chars] on location [chars] Explanation Either the active or standby Service State Controller for the location given in the message provided the Adjacency Manager with corrupt data. This most likely indicates a bug in the Service State Controller logic. No adjacencies will be installed for the named service, so no traffic will be forwarded to or from it. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages SVII_ADJ_LIB Messages EM-1488 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-SVII_ADJ_LIB-3-FOLLOW_STANDBY_MISMATCH The SVI Adjacency Manager was provided with conflicting settings for installing adjacencies for interface [hex] Explanation Conflicting ’follow standby’ instructions were supplied to the Adjacency Manager for an interface. ’Follow standby’ is specified for an interface by a Service State Controller if it believes that traffic should be directed towards the standby, rather than active, service instance. This message indicates that the active and standby Service State Controllers gave conflicting information about where traffic to be directed to. This indicates an inconsistency between the system state as viewed by the Service State Controllers that are responsible for the service to which the interface belongs. Restarting those processes may help, after allowing any other problems that could lead to inconsistencies being resolved. No adjacencies will be installed for the interface, and all traffic to it will be dropped. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_LIB-3-INIT_FAILED Initialization failed, module: [chars], operation: [chars], error: [chars] Explanation The SVI Adjacency Manager Library’s initialization has failed. The process will exit and automatically restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_LIB-3-SERVICE_FAILED An error occurred while setting up adjacencies for service ’[chars]’: [chars] Explanation The SVII Adjacency Manager encountered an error while preparing to set up adjacencies for the specified service. It is likely that packets will not be forwarded to interfaces for that service. This may be caused by a lack of resources or other system problems. Restarting the ’svi_adj_mgr’ process on the affected node (after any other problems have been cleared up) will restore adjacencies for the affected service. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages SVII_ADJ_LIB Messages EM-1489 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-SVII_ADJ_LIB-4-INTF_DB_INCONSISTENT An inconsistency has been found in the interface database (interface handle [hex]) Explanation An inconsistency has been found in the adjacency manager interface database. The adjacency manager will automatically recover from this; nevertheless it may indicate a software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_LIB-4-REFRESH_FAILED An error occurred while requesting adjacency refresh for service ’[chars]’: [chars] Explanation The SVII Adjacency Manager encountered an error while resynchronising its adjacencies. The adjacencies for the specified service may not be correctly set up on the specified card, meaning that traffic for that service arriving at that card may not be forwarded correctly. Recommended Action Restarting the ’svi_adj_mgr’ process on the affected node (after any other problems - such as lack of memory - have been cleared up) will restore adjacencies for the affected service. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_LIB-4-RESTART_FAILED An error occurred while trying to restart cleanly: [chars] Explanation The SVII Adjacency Manager encountered an error while preparing to restart itself. It will restart itself anyway, but there may be other errors. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_LIB-4-SDIR_INVALID The Service Director library passed invalid parameters to the SVII Adjacency Manager process. Explanation The Service Director process/library sent an invalid message to the SVII Adjacency Manager. This indicates a problem with the Service Director. It is likely that packets will not be correctly forwarded to some Service Virtual Interfaces. Recommended Action It may help to restart the SVII Adjacency Manager and/or the Service Director processes. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages SVII_ADJ_MGR Messages EM-1490 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-SVII_ADJ_LIB-4-SRV_CLEANUP_FAILED The SVI Adjacency Manager ’publish’ library encountered an error when trying to clean up after a service unregistered. Error [chars] Explanation A Service owner tried to revoke a request for adjacencies to be managed by the SVI Adjacency Manager. It is likely that the originally published request has not been cleaned up correctly. This should not have any adverse effects, other than the use of some additional resouces, but probably indicates some kind of programming error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SVII_ADJ_MGR Messages Error Message %PKT_INFRA-SVII_ADJ_MGR-3-ADJ_FAILED An error occurred while trying to program an adjacency: [chars] (interface handle equals [hex]) Explanation The SVII Adjacency Manager encountered an error while programming an adjacency. Packets may not be forwarded to the affected service interface. The name of the interface can be retrieved with ’show im chains ifhandle 0xabc’, where ’0xabc’ is the interface handle shown in the message. Recommended Action This error should only arise due to resource constraints (eg memory). Determine which resources are short, and make more available; then restart the ’svi_adj_mgr’ process on the affected node. Error Message %PKT_INFRA-SVII_ADJ_MGR-3-ECM_ERROR_FAILED An error occurred while trying to recover from a previous failure: [chars] Explanation The SVII Adjacency Manager encountered an error while calling AIB. Normally, it would recover from this error. However, a secondary failure has occurred while invoking the recovery mechanism. After this error, packets may not be forwarded correctly for some service virtual interfaces. Recommended Action The system can be recovered by restarting the ’svi_adj_mgr’ process on the affected node. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages SVII_ADJ_MGR Messages EM-1491 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-SVII_ADJ_MGR-3-INIT_FAILED Initialization failed, module: [chars], operation: [chars], error: [chars] Explanation The SVI Adjacency Manager’s initialization has failed. The process will exit and automatically restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_MGR-3-LOOP_FAILED Event Loop failed, error: [chars] Explanation The SVII Adjacency Manager encountered an error while waiting for an event. This should not ordinarily happen, but may indicate a temporary glitch that will automatically recover. If it occurs very frequently it may be necessary to restart the SVII Adjacency Manager process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_MGR-3-RECEIVE_MESSAGE An error occurred whilst processing a ’[chars]’ message from a client, during operation [chars]: [chars] Explanation The process encountered an error while trying to handle a message from a Service on a line card. If this happens frequently, then restarting the process that caused the error may fix the problem. It may indicate that the card is low on memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_MGR-3-SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages TCAM_MGR_LIB Messages EM-1492 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-SVII_ADJ_MGR-4-RESTART A failure occured while re-syncing state with AIB after a restart: [chars] Explanation After a restart, the adjacency manager attempts to re-sync its state with AIB. A failure occurred during this process. This could result in adjacencies being erroneously deleted in AIB, and hence forwarding could be interrupted. Recommended Action Wait five minutes, then restart the adjacency manager again by entering the command: ’process restart svii_adj_mgr location node’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-SVII_ADJ_MGR-6-CERRNO_FAILED Error registration failed ([chars]) - some messages may not be displayed correctly Explanation The SVI Adjacency Manager encountered an error while registering its error messages. Some error messages may be displayed numerically rather than with full messages. No other problems will be caused by this failure. Recommended Action No action need be taken. TCAM_MGR_LIB Messages Error Message %PKT_INFRA-TCAM_MGR_LIB-3-INTERNAL_ERR Internal error: [chars] Explanation An internal error occurred in TCAM Manager which involves exiting the process. After the TCAM Manager process restarts, the error should have been cleared. *DDTS* Recommended Action Collect the configuration, syslog and coredump file. Attach them to the ddts. After the process restarts automatically, the error should have been cleared and no user action is needed. Error Message %PKT_INFRA-TCAM_MGR_LIB-3-INTERNAL_ERR Internal error: [chars] Explanation An internal error occurred in TCAM Manager which involves exiting the process. After the TCAM Manager process restarts, the error should have been cleared. *DDTS* Recommended Action Collect the configuration, syslog and coredump file. Attach them to the ddts. After the process restarts automatically, the error should have been cleared and no user action is needed. Packet Infrastructure Messages TCAM_MGR Messages EM-1493 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TCAM_MGR_LIB-3-V6_CMPR_FAILED v6 source prefix compression failed: [chars] Explanation V6 source prefix compression failed due to lack of extended path. This failure indicates that a particular v6 prefix indicated in the message will not be compressed. There are 3 workarounds of this problem. 1) do not use this entry. 2) change the prefix length. 3) change the prefix value. For example if an entry failed during an ACL programming then try removing that ACE indicated in the message and apply the configuration again. *DDTS* Recommended Action Ouput generated by this message and related config, for example v6 ACL failed in case of ACL configuration. Attach them to the ddts. This failure indicates that a particular v6 prefix indicated in the message will not be compressed. There are 3 workarounds of this problem. 1) do not use this entry. 2) change the prefix length. 3) change the prefix value. For example if an entry failed during an ACL programming then try removing that ACE indicated in the message and apply the configuration again. Error Message %PKT_INFRA-TCAM_MGR_LIB-6-V6_CMPR_FAILED v6 source prefix compression failed: [chars] Explanation V6 source prefix compression failed due to lack of extended path. This failure indicates that a particular v6 prefix indicated in the message will not be compressed. There are 3 workarounds of this problem. 1) do not use this entry. 2) change the prefix length. 3) change the prefix value. For example if an entry failed during an ACL programming then try removing that ACE indicated in the message and apply the configuration again. *DDTS* Recommended Action Ouput generated by this message and related config, for example v6 ACL failed in case of ACL configuration. Attach them to the ddts. This failure indicates that a particular v6 prefix indicated in the message will not be compressed. There are 3 workarounds of this problem. 1) do not use this entry. 2) change the prefix length. 3) change the prefix value. For example if an entry failed during an ACL programming then try removing that ACE indicated in the message and apply the configuration again. TCAM_MGR Messages Error Message %PKT_INFRA-TCAM_MGR-3-INTERNAL_ERR Internal error: [chars]: [chars] Explanation An internal error occurred in TCAM Manager which involves exiting the process. After the TCAM Manager process restarts, the error should have been cleared. *DDTS* Recommended Action Collect the configuration, syslog and coredump file. Attach them to the ddts. After the process restarts automatically, the error should have been cleared and no user action is needed. Packet Infrastructure Messages tunnel_ea Messages EM-1494 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TCAM_MGR-3-INTERNAL_ERR Internal error: [chars]: [chars] Explanation An internal error occurred in TCAM Manager which involves exiting the process. After the TCAM Manager process restarts, the error should have been cleared. *DDTS* Recommended Action Collect the configuration, syslog and coredump file. Attach them to the ddts. After the process restarts automatically, the error should have been cleared and no user action is needed. Error Message %PKT_INFRA-TCAM_MGR-6-V6_ANCHOR_PREFIX IPv6 compression anchor prefixes are changed. A linecard reload is needed to make this change effective Existing anchor prefix length [dec] [dec] [dec] [dec] [dec] [dec] Pending anchor prefix length [dec] [dec] [dec] [dec] [dec] [dec] Explanation The IPv6 compression anchor prefixes are changed. The linecard needs to be reloaed to make the changes effective. This is not an error message or condition. Recommended Action The IPv6 compression anchor prefixes are changed. The linecard needs to be reloaed to make the changes effective. This is not an error message or condition. tunnel_ea Messages Error Message %PKT_INFRA-tunnel_ea-3-DEBUG_INIT_FAILED debug_init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-DEBUG_INIT_FAILED debug_init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Packet Infrastructure Messages tunnel_ea Messages EM-1495 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-tunnel_ea-3-DEBUG_INIT_FAILED debug_init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-EVENT_BLOCK_FAILED event_block failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-EVENT_BLOCK_FAILED event_block failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-EVENT_BLOCK_FAILED event_block failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-EVM_CREATE_FAILED Fatal error [chars] creating event manager Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Packet Infrastructure Messages tunnel_ea Messages EM-1496 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-tunnel_ea-3-EVM_CREATE_FAILED Fatal error [chars] creating event manager Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-EVM_CREATE_FAILED Fatal error [chars] creating event manager Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-IMP_INIT_FAILED imp_init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-IMP_INIT_FAILED imp_init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-IMP_INIT_FAILED imp_init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Packet Infrastructure Messages tunnel_ea Messages EM-1497 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-tunnel_ea-3-PLATFORM_MANAGER_ERROR Platform Manger returned the error [chars], for interface [chars] handle [hex] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-PLATFORM_MANAGER_ERROR Platform Manger returned the error [chars], for interface [chars] handle [hex] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-PLATFORM_MANAGER_ERROR Platform Manger returned the error [chars], for interface [chars] handle [hex] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-PROC_READY_FAILED (Sysmgr_proc_ready failed [hex]) [chars] Explanation sysmgr had difficulty in processing the READY notification for tunnel_ea. Recommended Action If there is a problem, it might be cleared by restarting tunnel_ea Error Message %PKT_INFRA-tunnel_ea-3-PROC_READY_FAILED (Sysmgr_proc_ready failed [hex]) [chars] Explanation sysmgr had difficulty in processing the READY notification for tunnel_ea. Recommended Action If there is a problem, it might be cleared by restarting tunnel_ea Packet Infrastructure Messages TUNNEL Messages EM-1498 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-tunnel_ea-3-PROC_READY_FAILED (Sysmgr_proc_ready failed [hex]) [chars] Explanation sysmgr had difficulty in processing the READY notification for tunnel_ea. Recommended Action If there is a problem, it might be cleared by restarting tunnel_ea Error Message %PKT_INFRA-tunnel_ea-3-STATS_INIT_FAILED stats collecton init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-STATS_INIT_FAILED stats collecton init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PKT_INFRA-tunnel_ea-3-STATS_INIT_FAILED stats collecton init failed [chars] Explanation Internal error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ TUNNEL Messages Error Message %PKT_INFRA-TUNNEL-1-RESOURCES Could not program hardware resources for interface [chars] Explanation Some hardware resource could not be programmed. The reason details which resource failed Recommended Action Ensure that enough resources are available. The user may have to unconfigure some resources, and then will have to reapply the xconnect configuration. Packet Infrastructure Messages TUNNEL Messages EM-1499 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TUNNEL-3-API_ERR The [chars] API function to [chars] returned the following error: [chars] Explanation An internal error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-API_ERROR [chars]: [chars] - error ([hex]): [chars] Explanation The specified API returned the specified error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-API_ERROR_2 [chars]: [chars] - error: [chars] Explanation The specified API returned the specified error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-BAD_CHAIN Invalid chain type ([dec]) Explanation An invalid chain type was received by the chain builder. This is an internal error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-BAD_CHECKSUM Bad checksum - computed equals [hex], received equals [hex] Explanation Mismatch in received/computed checksum was detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages TUNNEL Messages EM-1500 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TUNNEL-3-BAD_KEY Incorrect key - received: [dec], expected: [dec] Explanation A packet was received with a bad key. Recommended Action No action is required. Error Message %PKT_INFRA-TUNNEL-3-CONFIG_SCAN_FAILED [chars]: item [chars]: [chars] Explanation An unexpected error occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-CURRENT_MAXIMUM_HIGH Current maximum [dec] exceeds absolute maximum [dec] Explanation New current maximum is larger than the absolute max. Recommended Action Use a current maximum value which is lower than the abosulte max value. Error Message %PKT_INFRA-TUNNEL-3-CURRENT_MAXIMUM_LOW New current max [dec] is lower than the number of tunnels currently configured [dec]. Explanation New current max is lower than the current tunnel count. Recommended Action Use a current maximum value which is lower than the current tunnel count. Error Message %PKT_INFRA-TUNNEL-3-CURRENT_MAXIMUM_REACHED tunnel-[chars]: Current Maximum # of configured tunnels reached [dec] Explanation Tunnel Count has reached the current maximum limit. Recommended Action Use the ’maximum tunnel-te N’ config CLI to increase the current maximum value. Packet Infrastructure Messages TUNNEL Messages EM-1501 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TUNNEL-3-GENERIC [chars] Explanation None Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-IM_ERR The interface manager API function to [chars] returned the following error: [chars] Explanation An internal error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-IMP_ERROR Unknown condition code received from imp: ([dec]) Explanation The specified condition code was received from imp. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-INIT_FAIL Tunnel process initialization failed while [chars] with error: [chars] Explanation The tunnel process responsible for the creation of tunnel interfaces failed during initialization. The process will exit and as a result, no tunnel interfaces can be configured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-INVALID_IDB datapath_control information for unknown IDB Explanation A datapath_control message was received for an unknown interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages TUNNEL Messages EM-1502 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TUNNEL-3-LOOPING Encapsulation looping detected: inner: [chars], outer: [chars] Explanation An encapsulation loop was detected. Recommended Action No action is required. Error Message %PKT_INFRA-TUNNEL-3-NEGATIVE_CURRENT_COUNT tunnel-[chars]: current tunnel count became negative, restarting Explanation Tunnel count has been decremented till it became negative. process tunnel_infra will restart to recover from the situation. Recommended Action Ideally this should never happen and points to a serious bug in pfi/tunnel/infra File a tracking DDTS if it happens. Error Message %PKT_INFRA-TUNNEL-3-NO_IDB IDB not available in context Explanation Could not find the tunnel IDB in the context structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-NO_INTERFACE Interface [chars] does not exist to delete Explanation A request to delete a non-existent interface has been received. This is relatively a harmless error, unless it is too frequent, in which case the reason for the error must be investigated, starting with the name of the interface printed in the error message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-NULL_DPC NULL DPC received Explanation The EA received a datapath control with NULL input data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages TUNNEL Messages EM-1503 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TUNNEL-3-NULL_NEXT ip_fib_soutput returned NULL en_next: fail code: [dec] Explanation The decapsulated packet could not be forwarded. This is an internal error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-ROUTING GRE tunnel packet received with source routing Explanation A GRE tunnel packet with the source routing option was received. Recommended Action No action is required. Error Message %PKT_INFRA-TUNNEL-3-SEQUENCE GRE tunnel packet received with sequence option Explanation A GRE packet was received with the sequence option. Recommended Action No action is required. Error Message %PKT_INFRA-TUNNEL-3-SOCKET Socket op [chars] failed: [chars] Explanation The specified socket operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-UNKNOWN_GRE_TUNNEL Packet received for unknown tunnel or bad key. Source: [chars], Destination: [chars], Key: [dec] Explanation A GRE tunnel packet was received for a tunnel that is not configured in this router or there was a key mis-match. Recommended Action No action is required. Packet Infrastructure Messages TUNNEL Messages EM-1504 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TUNNEL-3-UNKNOWN_HANDLE IDB for interface [hex] not found Explanation The EA received a datapath control indication for an unknown interface handle Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-UNKNOWN_IPIP_TUNNEL Packet received for unknown tunnel. Source: [chars], Destination: [chars] Explanation An IPinIP tunnel packet was received for a tunnel that is not configured in this router. Recommended Action No action is required. Error Message %PKT_INFRA-TUNNEL-3-UNKNOWN_MSG Received unexpected message opcode [dec] in Interface Manager handler Explanation An unexpected message was received by this process. This is relatively a harmless error and should not have any immediate impact on the operation of tunnel interfaces. It must still be reported and looked into. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-UNKNOWN_PROTOCOL Unknown protocol [dec] received by the gre socket handler Explanation A packet with an unknown protocol type was passed to the GRE socket handler. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-3-UNSUPPORTED_CODE_RCVD Unsupported code received ([dec]) Explanation An unexpected error occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages TUNNEL Messages EM-1505 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-TUNNEL-3-UNSUPPORTED_PROTOCOL An unsupported protocol type [dec] received in GRE tunnel Explanation An GRE tunnel packet was received with an unsupported protocol type as the payload. Recommended Action No action is required. Error Message %PKT_INFRA-TUNNEL-3-VERSION GRE tunnel packet received with bad version number ([dec]) Explanation A GRE tunnel packet was received with a bad version number. Recommended Action NONE* Error Message %PKT_INFRA-TUNNEL-3-ZERO_HEADER Encapsulation IP header length is zero Explanation The length of the tunnel encapsulating header is zero. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-TUNNEL-6-DEBUG_ERROR Invalid value [dec] for debug Explanation An invalid value was received for the debug flag. Recommended Action No action is required. Error Message %PKT_INFRA-TUNNEL-7-IFACE_NOT_UP Packet received on tunnel whose interface is not up Explanation A packet was received on a tunnel whose interface status is not up. Recommended Action No action is required.Packet Infrastructure Messages VI_REPL Messages EM-1506 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 VI_REPL Messages Error Message %PKT_INFRA-VI_REPL-3-ISSU Failure during ISSU operation. [chars]. Error: [chars]. Explanation A failure occurred during the special handling that takes place during an ISSU operation. Recommended Action The consequences of this error are unpredictable. There may be no problem but it is also possible it will affect virtual interface configuration during the ISSU. It is advisable to check all virtual interface configuration on the active and standby nodes before continuing with the ISSU operation. Error Message %PKT_INFRA-VI_REPL-3-NAMESTRING Failure during initialization of virtual interface namestring [chars] for replication. [chars]. Error: [chars]. Explanation A failure occurred during the registration of a virtual interface namestring for replication. Recommended Action The process will attempt to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-VI_REPL-3-REPLICATE Virtual Interface config replication failed. [chars]. Error: [chars]. Explanation A failure occurred during the replication of an item of virtual interface configuration to one or more of the backup RPs. Recommended Action The process will restart and attempt to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PKT_INFRA-VI_REPL-7-EVENT Unrecoverable error in event loop. Error: [chars] Explanation An unhandled error occured while waiting for an event. Recommended Action The process will restart and attempt to recover from this problem. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Packet Infrastructure Messages vkg_FWD_CLIENT_DLL Messages EM-1507 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PKT_INFRA-VI_REPL-7-INIT Failed to intialize config replicator. [chars]. Error: [chars] Explanation A failure occurred during the initialization of the Virtual Interface Config Replicator process. Recommended Action The vi_config_replicator process will restart and attempt to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. vkg_FWD_CLIENT_DLL Messages Error Message %PKT_INFRA-vkg_FWD_CLIENT_DLL-3-ERR [chars][dec] Explanation An error occured in the forwarder netio client dll (possible the plim driver) Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Packet Infrastructure Messages vkg_FWD_CLIENT_DLL Messages EM-1508 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-1509 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Platform Messages This section contains all Platform related System Error Messages, such as shelf magr, chassis, env ctrl, and so forth. ALPHA_DISPLAY Messages Error Message %PLATFORM-ALPHA_DISPLAY-3-INIT_ERROR Process Initialization Failed: ([chars]%s) Explanation The alphadisplay process failed to initialize. The alphadisplay process controls the 8 characters alphanumeric LEDs on the bottom of all 12000 series line and route processor cards (excluding SIP cards). It provides for the configuration of custom messages as well as the reading of the current output both through CLI and XML. %s - indicates the reason for the failure. There are 2 types of possible failures, these include: - Event Manager Creation Failure - SYSDB Initialization Failure %s - is the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process alphadisplay’ to verify that the process is up and running. If it is still non-operational, try doing try doing ’process restart alphadisplay’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ALPHA_DISPLAY-6-CHANGE Alpha display on node [chars] changed to [chars] in state [chars] Explanation Message to indicate that alpha-display was updated with new string or state. Recommended Action *None* Platform Messages ALPHA_DISPLAY Messages EM-1510 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ALPHA_DISPLAY-6-CHANGE Alpha display on node [chars] changed to [chars] in state [chars] Explanation Message to indicate that alpha-display was updated with new string or state. Recommended Action None. Error Message %PLATFORM-ALPHA_DISPLAY-6-CHANGE Alpha display on node [chars] changed to [chars] in state [chars] Explanation Message to indicate that alpha-display was updated with new string or state. Recommended Action None. Error Message %PLATFORM-ALPHA_DISPLAY-6-CHANGE Alpha display on node [chars] changed to [chars] in state [chars] Explanation Message to indicate that alpha-display was updated with new string or state. Recommended Action None. Error Message %PLATFORM-ALPHA_DISPLAY-7-EVENT_ERROR Event Failure: ([chars]) Explanation The alphadisplay process received a bad event. The alphadisplay process controls the 8 characters alphanumeric LEDs on the bottom of all 12000 series line and route processor cards (excluding SIP cards). It provides for the configuration of custom messages as well as the reading of the current output both through CLI and XML. %s - is the decoded error reason Recommended Action Monitor the event messages. The alphadisplay process will handle the failure gracefully but if they continually appear on the console, try doing ’process restart alphadisplay’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages ASM Messages EM-1511 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ASM Messages Error Message %PLATFORM-ASM-0-FAULT_RECOVERY_ERR The fault recovery procedure for the FromFab component of the fabric driver has failed. The root fault was: [chars] Explanation When a hardware fault occurs and the device driver cannot correct it, the Platform Manager is required to reset the ASICs. This error indicates that the Platform Manager failed to reset the ASICs and the hardware on the PRP may not be in an operational state. This condition affects the functionality of the entire router. %s is the Interrupt Source. Recommended Action If the system has not failed over automatically and a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0 ’ where x is the slot of route processor that generated the error. If no redundant RP is configured you will need to reboot the router by issuing the reload command. Call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-0-SW_INIT_ERR A software error occurred in the FrFab driver component during initialization: [chars] Explanation The fabricq_prp_driver process which controls the FromFab driver on the route processor has failed to initalize and cannot recover automatically. This is a software fault. The FromFab driver controls the hardware that receives data from the fabric. It runs in the fabricq_prp_driver process. An unrecoverable failure of the fabricq_prp_driver process may prevent this route processor card from communicating with other cards on the chassis. %s indicates the type failure Recommended Action Restart the fabricq_prp_driver process with the following command: ’process restart fabricq_prp_driver’ If the error message appears again, then: if a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0 ’ where x is the slot of route processor that generated the error. if no redundant RP is configured you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages ASM Messages EM-1512 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ASM-3-BADDESC_ERR Assembler detected a bad descriptor error: Data [hex] Explanation Assembler detected a bad descriptor in the free queue. The hex number indicates the error cause register value. This usually indicates a hardware problem on the RP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-CRC_ERR assembler dll: block: [chars], entity: [chars] had CRC error, count: [dec] Explanation PII block got a packet from the entity mentioned above with a CRC error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-ASM-3-DEVICE_HALT FFQ: device halted, sub-block: [chars], halted entity: [chars] Explanation FFQ, ASIC got halted. The halted block and its parent block are provided Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-FATAL assembler dll: fatal error encountered, reason equals [chars] Explanation iqm, assembler dll manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages ASM Messages EM-1513 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ASM-3-FATAL_2 assembler dll: fatal error encountered, reason equals [chars], errno equals [dec] Explanation assembler encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-FIA_INTFERR Assembler detected a FIA interface error: Data [hex] Explanation Assembler detected an error with the fia interface. The hex number indicates the error cause register value. This usually indicates a hardware problem on the RP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-FIA_PARITYERR Assembler detected a FIA parity error: Data [hex] Explanation A parity error has been detected on the assembler to fia interface. The hex number indicates the error cause register value. This usually indicates a hardware problem on the RP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-FQEMPTY_ERR Assembler detected that a free queue is empty Explanation The assembler component has detected that one of the free queues used to buffer packets coming from the fabric into the route processor is empty. Recommended Action The system will most likely recover from this error automatically. No intervention is required. If this error is reported frequently you may want to call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages ASM Messages EM-1514 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ASM-3-FQEMPTY_ERR Assembler detected a free queue empty error: Data [hex] Explanation Assembler detected a that the free queue is empty. The hex number indicates the error cause register value. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-GEN_INFO assembler dll: general information,[chars] Explanation The ASM’s informational message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-HWINIT_INCOMPLETE assembler dll: hardware initialization not complete Explanation hardware init is not complete. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-ASM-3-INFO assembler dll: service degrading error, reason equals [chars] Explanation The assembler encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-3-INTR_ENABLE_FAIL assembler dll: intr enable at addr: [hex] mask: [hex] failed. Explanation hardware state is not correct. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Platform Messages ASM Messages EM-1515 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ASM-3-INTR_STATUS_GET_ERR assembler dll: intr status get failed for: [chars]@[hex], rc equals [dec] Explanation Hardware register read failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-ASM-3-MALLOC_FAILED assembler dll: fatal memory allocation error for [dec] bytes Explanation ASM encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-ASM-3-NOT_AVAILABLE assembler dll: asic is not available Explanation hardware state is not correct. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-ASM-3-NOT_OPERATIONAL assembler dll: asic is not operational, state: [dec] Explanation hardware state is not correct. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-ASM-3-NOT_YET_IMPLEMENTED assembler dll: this function [chars] is not yet implemented Explanation FFQ, assembler dll , a function is not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages ASM Messages EM-1516 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ASM-3-RESET_ERR Assembler is being reset because of too many errors. Explanation Assembler software driver is seeing too many errors that indicated a problem with the hardware. Some of the error logs prior to this message should indicate the errors that lead to this reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-4-BADDESC_ERR Assembler detected a bad descriptor. Explanation Assembler detected a bad descriptor in the free queue. The system will usually recover from this error automatically. If the frequency of this alert increases noticeably it could indicate a hardware problem on the route processor card. Recommended Action The system will normally recover from this error without intervention. If the frequency with which this error occurs increases substantially, call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ASM-6-UNHANDLED_HALT assembler dll: halt not handled, parent: [chars], child: [chars], intr: [dec] Explanation Hardware halt is not handled. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-ASM-6-UNHANDLED_INTR assembler dll: intr not handled, parent: [chars], child: [chars], group id: [dec], intr: [dec] Explanation Hardware interrupt is not handled in the code, need to implement. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Platform Messages BCM_SWITCH Messages EM-1517 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 BCM_SWITCH Messages Error Message %PLATFORM-BCM_SWITCH-2-LINK_SHUT_DOWN Spanning Tree Port [chars] state changed to ADMIN_DOWN Explanation Spanning Tree Port’s state change by manual intervention. Recommended Action No action is required. Error Message %PLATFORM-BCM_SWITCH-2-LINK_STATE_CHANGE Spanning Tree Port [chars] state changed to [chars] Explanation Spanning Tree Port’s state change indication. Recommended Action No action is required. Error Message %PLATFORM-BCM_SWITCH-2-PCI_ERR PCI fatal error seen on switch [dec] DMA channel [dec] type [chars] Explanation The switch encountered a PCI error during a DMA transaction. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BCM_SWITCH-6-LINK_STATE_CHANGE Spanning Tree Port [chars] state changed to [chars] Explanation Spanning Tree Port’s state change indication. Recommended Action No action is required. Error Message %PLATFORM-BCM_SWITCH-7-PCI_ERR PCI fatal error seen on switch [dec] DMA channel [dec] type [chars] Explanation The switch encountered a PCI error during a DMA transaction. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages BE2 Messages EM-1518 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 BE2 Messages Error Message %PLATFORM-BE2-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation BELLAGIO2 Driver encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BE2-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation BE2 encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BE2-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the be2_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BE2-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation BE2 Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BE2 Messages EM-1519 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BE2-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation BE2 Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BE2-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in BE2 Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BE2-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation BE2 Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BE2-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation BE2 LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages BP_SERVER Messages EM-1520 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 BP_SERVER Messages Error Message %PLATFORM-BP_SERVER-3-ERR_DSC_ELECTION This RP detected more than 2 RPs (active/standby) inserted in the chassis. Explanation When more than 2 RPs (active/standby) are used in the same chassis, one must be elected as the dSC, the master of the chassis. In order to select which RP will become the dSC, insert only the RPs that will be part of the Owner Logical Router (maximum of 2 RPs). Once these RPs are fully booted, you may insert other RPs as required and assign them to manage logical routers. At this point, chassis mastership has been determined and subsequent power-cycle of the chassis will support multiple RPs with no problem. Recommended Action Eject RPs that are unused or not in the Owner Logical Router. Ensure there are no more than 2 RPs inserted. Reload the RPs. Wait for console prompt. Insert other RP cards and load them as required. Error Message %PLATFORM-BP_SERVER-3-ERR_INIT_DSC Failed to learn if we are running on the DSC ([chars]) Explanation This process needs to know if it runs on the DSC or standby DSC. An error occured while trying to get the information from the DSC process. The process will voluntary exit, and should be restarted. Recommended Action Verify that the DSC process is running using ’show process’ command. Error Message %PLATFORM-BP_SERVER-3-ERR_MAC_BLK_SIZE Backplane NVRAM contains MAC address info field [hex] which is invalid. Please rectify this problem to ensure quality operation of your router Explanation There is a MAC address block field in the backplane NVRAM. If the MAC address block field is invalid, there is the possibility of corrupted backplane NVRAM or incompatibility with the software Recommended Action Verify that the chassis is supported with the version of software. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Platform Messages BPE Messages EM-1521 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BP_SERVER-3-INVALID_BP_VERSION Backplane NVRAM contains Backplane Version number [dec] which is invalid. Please rectify this problem to ensure quality operation of your router Explanation There is a Backplane Version field in the backplane NVRAM. If the Backplane Version field is invalid, there is the possibility of corrupted backplane NVRAM or incompatibility with the software Recommended Action Verify that the chassis is supported with the version of software. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Error Message %PLATFORM-BP_SERVER-3-INVALID_CHASSIS_MODEL Backplane NVRAM contains chassis model number [dec] which is invalid. Please rectify this problem to ensure quality operation of your router Explanation Backplane NVRAM contains the chassis model number which the software relies on for chassis identification. This is a complaint about an invalid chassis model number is stored in backplane NVRAM. Software will try its best to use the CSC card in the chassis to determine the chassis model. Recommended Action Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. BPE Messages Error Message %PLATFORM-BPE-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation BPE Driver encountered a fatal error and is not able to recover. The supplied text string will explain the reason. Call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BPE Messages EM-1522 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BPE-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation BPE encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BPE-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the bpe_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BPE-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation BPE Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BPE-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation BPE Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BPE-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in BPE Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1523 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BPE-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation BPE Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BPE-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation bpe LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BRIDGE3 Messages Error Message %PLATFORM-BRIDGE3-2-DDR_BUS_BIT_STUCK_0 DDR bus data bit stuck-0 Explanation DDR bus databit stuck on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-DDR_BUS_BIT_STUCK_1 DDR bus data bit stuck-1 Explanation DDR bus databit stuck on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1524 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-DDR_LOSS_OF_SYNC_0 DDR interface loss of sync-0 Explanation Loss of sync on DDR interface on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-DDR_LOSS_OF_SYNC_1 DDR interface loss of sync-1 Explanation Loss of sync on DDR interface on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-MAC_0_RX_FRAME_ERR_1 MAC on NPU-0 receive frame error - 1 Explanation MAC on NPU-0 received an errored frame interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-NPU_0_LOSS_OF_SYNC_0 NPU-0 interface loss of sync-0 Explanation Loss of sync on NPU-0 interface on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-NPU_0_LOSS_OF_SYNC_1 NPU-0 interface loss of sync-1 Explanation Loss of sync on NPU-0 interface on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1525 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-NPU_1_LOSS_OF_SYNC_0 NPU-1 interface loss of sync-0 Explanation Loss of sync on NPU-1 interface on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-NPU_1_LOSS_OF_SYNC_1 NPU-1 interface loss of sync-1 Explanation Loss of sync on NPU-1 interface on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-QDR_DATABIT_STUCK_0 QDR memory data bit stuck-0 Explanation QDR memory databit stuck on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-QDR_DATABIT_STUCK_1 QDR memory data bit stuck-1 Explanation QDR memory databit stuck on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-QDR_MEM_SELFTEST_FAIL_0 QDR memory self test failure on bridge3-0 Explanation QDR memory self test failure on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. Please verify the bridge3 FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1526 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-QDR_MEM_SELFTEST_FAIL_1 QDR memory self test failure on bridge3-1 Explanation QDR memory self test failure on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. Please verify the bridge3 FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-REG_ACCESS_FAIL_0 Register access failure on bridge3-0 Explanation Register access failure on bridge3 instance-0. Recommended Action Please reload the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-REG_ACCESS_FAIL_1 Register access failure on bridge3-1 Explanation Register access failure on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_CHAN_SYNC_0 XAUI to NPU-0 chan sync error on bridge3-0 Explanation XAUI to NPU-0 chan sync error on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_CHAN_SYNC_1 XAUI to NPU-0 chan sync error on bridge3-1 Explanation XAUI to NPU-0 chan sync error on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1527 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-XAUI_0_CHAR_ALIGN_0 XAUI to NPU-0 char alignment error on bridge3-0 Explanation XAUI to NPU-0 char alignment error on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_CHAR_ALIGN_1 XAUI to NPU-0 char alignment error on bridge3-1 Explanation XAUI to NPU-0 char alignment error on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_MGT_CV_0 XAUI to NPU-0 MGT code violation on bridge3-1 Explanation XAUI to NPU-0 MGT code violation on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_MGT_CV_1 XAUI to NPU-0 MGT code violation on bridge3-1 Explanation XAUI to NPU-0 MGT code violation on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1528 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-XAUI_0_RX_ALIGN_LOSS_0 XAUI to NPU-0 Rx alignment loss - 0 Explanation Rx alignment loss on XAUI to NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_RX_ALIGN_LOSS_1 XAUI to NPU-0 Rx alignment loss - 1 Explanation Rx alignment loss on XAUI to NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_STAT_VEC_0 XAUI to NPU-0 state error on bridge3-0 Explanation XAUI to NPU-0 state error on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_0_STAT_VEC_1 XAUI to NPU-0 state error on bridge3-1 Explanation XAUI to NPU-0 state error on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_CHAN_SYNC_0 XAUI to NPU-1 chan sync error on bridge3-0 Explanation XAUI to NPU-1 chan sync error on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1529 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-XAUI_1_CHAN_SYNC_1 XAUI to NPU-1 chan sync error on bridge3-1 Explanation XAUI to NPU-1 chan sync error on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_CHAR_ALIGN_0 XAUI to NPU-1 char alignment error on bridge3-0 Explanation XAUI to NPU-1 char alignment error on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_CHAR_ALIGN_1 XAUI to NPU-1 char alignment error on bridge3-1 Explanation XAUI to NPU-1 char alignment error on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_MGT_CV_0 XAUI to NPU-1 MGT code violation on bridge3-0 Explanation XAUI to NPU-1 MGT code violation on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1530 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-XAUI_1_MGT_CV_1 XAUI to NPU-1 MGT code violation on bridge3-1 Explanation XAUI to NPU-1 MGT code violation on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_RX_ALIGN_LOSS_0 XAUI to NPU-1 Rx alignment loss - 0 Explanation Rx alignment loss on XAUI to NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_RX_ALIGN_LOSS_1 XAUI to NPU-1 Rx alignment loss - 1 Explanation Rx alignment loss on XAUI to NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_STAT_VEC_0 XAUI to NPU-1 state error on bridge3-0 Explanation XAUI to NPU-1 state error on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_1_STAT_VEC_1 XAUI to NPU-1 state error on bridge3-1 Explanation XAUI to NPU-1 state error on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1531 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-2-XAUI_A_DATABUS_STUCK_0 XAUI-A databus stuck-0 Explanation XAUI-A databus stuck on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-2-XAUI_A_DATABUS_STUCK_1 XAUI-A databus stuck-1 Explanation XAUI-A databus stuck on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CHKSUM_ERR_0_FIA_0 Checksum error - 0 from FIA on bridge3-0 Explanation Checksum error - 0 from FIA on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CHKSUM_ERR_0_FIA_1 Checksum error - 0 from FIA on bridge3-1 Explanation Checksum error - 0 from FIA on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CHKSUM_ERR_1_FIA_0 Checksum error - 1 from FIA on bridge3-0 Explanation Checksum error - 1 from FIA on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1532 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-CHKSUM_ERR_1_FIA_1 Checksum error - 1 from FIA on bridge3-1 Explanation Checksum error - 1 from FIA on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_0_FIA_0 CRC error - 0 from FIA on bridge3-0 Explanation CRC error - 0 from FIA on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_0_FIA_1 CRC error - 0 from FIA on bridge3-1 Explanation CRC error - 0 from FIA on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_0_NPU_0 CRC error from NPU-0 on bridge3-0 Explanation CRC error from NPU-0 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_0_NPU_1 CRC error from NPU-0 on bridge3-1 Explanation CRC error from NPU-0 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1533 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_1_FIA_0 CRC error - 1 from FIA on bridge3-0 Explanation CRC error - 1 from FIA on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_1_FIA_1 CRC error - 1 from FIA on bridge3-1 Explanation CRC error - 1 from FIA on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_1_NPU_0 CRC error from NPU-1 on bridge3-0 Explanation CRC error from NPU-1 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-CRC_ERR_1_NPU_1 CRC error from NPU-1 on bridge3-1 Explanation CRC error from NPU-1 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1534 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MAXLEN_ERR_0 FIA to NPU-0 packet maximum length error - 0 Explanation Packet maximum length error on FIA to NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MAXLEN_ERR_1 FIA to NPU-0 packet maximum length error - 1 Explanation Packet maximum length error on FIA to NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MINLEN_ERR_0 FIA to NPU-0 packet minimum length error - 0 Explanation Packet minimum length error on FIA to NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MINLEN_ERR_1 FIA to NPU-0 packet minimum length error - 1 Explanation Packet minimum length error on FIA to NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1535 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MAXLEN_ERR_0 FIA to NPU-1 packet maximum length error - 0 Explanation Packet maximum length error on FIA to NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MAXLEN_ERR_1 FIA to NPU-1 packet maximum length error - 1 Explanation Packet maximum length error on FIA to NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MINLEN_ERR_0 FIA to NPU-1 packet minimum length error - 0 Explanation Packet minimum length error on FIA to NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MINLEN_ERR_1 FIA to NPU-1 packet minimum length error - 1 Explanation Packet minimum length error on FIA to NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1536 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_FIA2BR_0 FIFO-0 FIA to bridge3-0 overflow Explanation FIFO-0 FIA to bridge3 instance-0 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_FIA2BR_1 FIFO-0 FIA to bridge3-1 overflow Explanation FIFO-0 FIA to bridge3 instance-1 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_NPU2BR_0 FIFO-0 NPU to bridge3-0 overflow Explanation FIFO-0 NPU to bridge3 instance-0 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_NPU2BR_1 FIFO-0 NPU to bridge3-1 overflow Explanation FIFO-0 NPU to bridge3 instance-1 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_FIA2BR_0 FIFO-1 FIA to bridge3-0 overflow Explanation FIFO-1 FIA to bridge3 instance-0 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1537 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_FIA2BR_1 FIFO-1 FIA to bridge3-1 overflow Explanation FIFO-1 FIA to bridge3 instance-1 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_NPU2BR_0 FIFO-1 NPU to bridge3-0 overflow Explanation FIFO-1 NPU to bridge3 instance-0 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_NPU2BR_1 FIFO-1 NPU to bridge3-1 overflow Explanation FIFO-1 NPU to bridge3 instance-1 overflow. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MAC_0_RX_FRAME_ERR_0 MAC on NPU-0 receive frame error - 0 Explanation MAC on NPU-0 received an errored frame interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MAC_0_TX_FIFO_OFLOW_0 MAC on NPU-0 transmit fifo overflow - 0 Explanation MAC on NPU-0 had transmit fifo overflow on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1538 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-MAC_0_TX_FIFO_OFLOW_1 MAC on NPU-0 transmit fifo overflow - 1 Explanation MAC on NPU-0 had transmit fifo overflow on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MAC_1_RX_FRAME_ERR_0 MAC on NPU-1 receive frame error - 0 Explanation MAC on NPU-1 received an errored frame interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MAC_1_RX_FRAME_ERR_1 MAC on NPU-1 receive frame error - 1 Explanation MAC on NPU-1 received an errored frame interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MAC_1_TX_FIFO_OFLOW_0 MAC on NPU-1 transmit fifo overflow - 0 Explanation MAC on NPU-1 had transmit fifo overflow on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MAC_1_TX_FIFO_OFLOW_1 MAC on NPU-1 transmit fifo overflow - 1 Explanation MAC on NPU-1 had transmit fifo overflow on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1539 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_0_FIADDR_0 Missing EOP-0 from FIA DDR on bridge3-0 Explanation Missing EOP-0 from FIA DDR on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_0_FIADDR_1 Missing EOP-0 from FIA DDR on bridge3-1 Explanation Missing EOP-0 from FIA DDR on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_0_XAUI_0 Missing EOP-0 from XAUI on bridge3-0 Explanation Missing EOP-0 from XAUI on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_0_XAUI_1 Missing EOP-0 from XAUI on bridge3-1 Explanation Missing EOP-0 from XAUI on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_1_FIADDR_0 Missing EOP-1 from FIA DDR on bridge3-0 Explanation Missing EOP-1 from FIA DDR on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1540 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_1_FIADDR_1 Missing EOP-1 from FIA DDR on bridge3-1 Explanation Missing EOP-1 from FIA DDR on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_1_XAUI_0 Missing EOP-1 from XAUI on bridge3-0 Explanation Missing EOP-1 from XAUI on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-MISS_EOP_1_XAUI_1 Missing EOP-1 from XAUI on bridge3-1 Explanation Missing EOP-1 from XAUI on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_EGR_Q_ERR_0 NPU-0 egress queue error - 0 Explanation Egress queue error on NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_EGR_Q_ERR_1 NPU-0 egress queue error - 1 Explanation Egress queue error on NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1541 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-NPU_0_FC_DIP2_ERR_0 NPU-0 egress flow control DIP2 parity error - 0 Explanation Egress flow control DIP2 parity error on NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_FC_DIP2_ERR_1 NPU-0 egress flow control DIP2 parity error - 1 Explanation Egress flow control DIP2 parity error on NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_FC_OOS_0 NPU-0 egress flow control out-of-sync - 0 Explanation Egress flow control out-of-sync on NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_FC_OOS_1 NPU-0 egress flow control out-of-sync - 1 Explanation Egress flow control out-of-sync on NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1542 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-NPU_0_PKT_MAXLEN_ERR_0 NPU-0 packet maximum length error - 0 Explanation Packet maximum length error on NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_PKT_MAXLEN_ERR_1 NPU-0 packet maximum length error - 1 Explanation Packet maximum length error on NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_PKT_MINLEN_ERR_0 NPU-0 packet minimum length error - 0 Explanation Packet minimum length error on NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_PKT_MINLEN_ERR_1 NPU-0 packet minimum length error - 1 Explanation Packet minimum length error on NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1543 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-NPU_0_SCH_MEMP_ERR_0 NPU-0 scheduler mem parity error - 0 Explanation Scheduler Hang, Sram or egress mid-fifo parity error on NPU-0 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_0_SCH_MEMP_ERR_1 NPU-0 scheduler mem parity error - 1 Explanation Scheduler Hang, Sram or egress mid-fifo parity error on NPU-0 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_EGR_Q_ERR_0 NPU-1 egress queue error - 0 Explanation Egress queue error on NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_EGR_Q_ERR_1 NPU-1 egress queue error - 1 Explanation Egress queue error on NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1544 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-NPU_1_FC_DIP2_ERR_0 NPU-1 egress flow control DIP2 parity error - 0 Explanation Egress flow control DIP2 parity error on NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_FC_DIP2_ERR_1 NPU-1 egress flow control DIP2 parity error - 1 Explanation Egress flow control DIP2 parity error on NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_FC_OOS_0 NPU-1 egress flow control out-of-sync - 0 Explanation Egress flow control out-of-sync on NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_FC_OOS_1 NPU-1 egress flow control out-of-sync - 1 Explanation Egress flow control out-of-sync on NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1545 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-NPU_1_PKT_MAXLEN_ERR_0 NPU-1 packet maximum length error - 0 Explanation Packet maximum length error on NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_PKT_MAXLEN_ERR_1 NPU-1 packet maximum length error - 1 Explanation Packet maximum length error on NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_PKT_MINLEN_ERR_0 NPU-1 packet minimum length error - 0 Explanation Packet minimum length error on NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_PKT_MINLEN_ERR_1 NPU-1 packet minimum length error - 1 Explanation Packet minimum length error on NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1546 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-NPU_1_SCH_MEMP_ERR_0 NPU-1 scheduler mem parity error - 0 Explanation Scheduler Hang, Sram or egress mid-fifo parity error on NPU-1 interface on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-NPU_1_SCH_MEMP_ERR_1 NPU-1 scheduler mem parity error - 1 Explanation Scheduler Hang, Sram or egress mid-fifo parity error on NPU-1 interface on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_FIA_0 Packet length error - 0 from FIA on bridge3-0 Explanation Packet length error - 0 from FIA on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_FIA_1 Packet length error - 0 from FIA on bridge3-1 Explanation Packet length error - 0 from FIA on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1547 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_XAUI_0 Packet length error - 0 from XAUI on bridge3-0 Explanation Packet length error - 0 from XAUI on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_XAUI_1 Packet length error - 0 from XAUI on bridge3-1 Explanation Packet length error - 0 from XAUI on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_FIA_0 Packet length error - 1 from FIA on bridge3-0 Explanation Packet length error - 1 from FIA on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_FIA_1 Packet length error - 1 from FIA on bridge3-1 Explanation Packet length error - 1 from FIA on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1548 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_XAUI_0 Packet length error - 1 from XAUI on bridge3-0 Explanation Packet length error - 1 from XAUI on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_XAUI_1 Packet length error - 1 from XAUI on bridge3-1 Explanation Packet length error - 1 from XAUI on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-QDR_MEM_ECC_FAIL_0 QDR memory ECC failure on bridge3-0 Explanation QDR memory ECC failure on bridge3 instance-0. Recommended Action Please reload the board using the command ’reload location ’. Please verify the bridge3 FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-QDR_MEM_ECC_FAIL_1 QDR memory ECC failure on bridge3-1 Explanation QDR memory ECC failure on bridge3 instance-1. Recommended Action Please reload the board using the command ’reload location ’. Please verify the bridge3 FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1549 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-STATEMC_0_ERR1_0 State machine-0 error-1 on bridge3-0 Explanation State machine - 0 ran into error-1 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_0_ERR1_1 State machine-0 error-1 on bridge3-1 Explanation State machine - 0 ran into error-1 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_0_ERR2_0 State machine-0 error-2 on bridge3-0 Explanation State machine - 0 ran into error-2 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_0_ERR2_1 State machine-0 error-2 on bridge3-1 Explanation State machine - 0 ran into error-2 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_0_ERR3_0 State machine-0 error-3 on bridge3-0 Explanation State machine - 0 ran into error-3 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1550 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-STATEMC_0_ERR3_1 State machine-0 error-3 on bridge3-1 Explanation State machine - 0 ran into error-3 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_1_ERR1_0 State machine-1 error-1 on bridge3-0 Explanation State machine - 1 ran into error-1 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_1_ERR1_1 State machine-1 error-1 on bridge3-1 Explanation State machine - 1 ran into error-1 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_1_ERR2_0 State machine-1 error-2 on bridge3-0 Explanation State machine - 1 ran into error-2 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_1_ERR2_1 State machine-1 error-2 on bridge3-1 Explanation State machine - 1 ran into error-2 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1551 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-STATEMC_1_ERR3_0 State machine-1 error-3 on bridge3-0 Explanation State machine - 1 ran into error-3 on bridge3 instance-0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-STATEMC_1_ERR3_1 State machine-1 error-3 on bridge3-1 Explanation State machine - 1 ran into error-3 on bridge3 instance-1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-XAUI_0_FRAG_ERR_0 XAUI to NPU-0 fragment error - 0 Explanation XAUI interface to NPU-0 reported fragmentation error on TX side on bridge3 instance - 0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-XAUI_0_FRAG_ERR_1 XAUI to NPU-0 fragment error - 1 Explanation XAUI interface to NPU-0 reported fragmentation error on TX side on bridge3 instance - 1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages BRIDGE3 Messages EM-1552 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-XAUI_0_TX_FIFO_OFLOW_0 XAUI to NPU-0 tx fifo overflow - 0 Explanation XAUI interface to NPU-0 reported tx fifo overflow on bridge3 instance - 0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-XAUI_0_TX_FIFO_OFLOW_1 XAUI to NPU-0 tx fifo overflow - 1 Explanation XAUI interface to NPU-0 reported tx fifo overflow on bridge3 instance - 1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-XAUI_1_FRAG_ERR_0 XAUI to NPU-1 fragment error - 0 Explanation XAUI interface to NPU-1 reported fragmentation error on TX side on bridge3 instance - 0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-XAUI_1_FRAG_ERR_1 XAUI to NPU-1 fragment error - 1 Explanation XAUI interface to NPU-1 reported fragmentation error on TX side on bridge3 instance - 1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CANB_SERVER Messages EM-1553 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-BRIDGE3-3-XAUI_1_TX_FIFO_OFLOW_0 XAUI to NPU-1 tx fifo overflow - 0 Explanation XAUI interface to NPU-1 reported tx fifo overflow on bridge3 instance - 0. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-BRIDGE3-3-XAUI_1_TX_FIFO_OFLOW_1 XAUI to NPU-1 tx fifo overflow - 1 Explanation XAUI interface to NPU-1 reported tx fifo overflow on bridge3 instance - 1. Recommended Action If the error persists, please reload the board using the command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CANB_SERVER Messages Error Message %PLATFORM-CANB_SERVER-3-ALARM_CLEARED Clear alarm from CBC in slot [dec], alarm code [chars] Explanation Alarm notification received from CBC. This may be a serious failure, however process may continue functioning as expected (or successfully retry) despite the failure. Recommended Action No action is required. Error Message %PLATFORM-CANB_SERVER-3-ALARM_INDICATION Raise alarm from CBC in slot [dec], alarm code [chars] Explanation Alarm notification received from CBC. This may be a serious failure, however process may continue functioning as expected (or successfully retry) despite the failure. Recommended Action No action is required. Platform Messages CANB_SERVER Messages EM-1554 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CANB_SERVER-3-ERROR_EXIT Canbus-server process exiting in [chars].[dec], error code [chars] Explanation The CAN Bus Server/Driver process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process canb-server location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart canb-server location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CANB_SERVER-3-OPERATION_FAIL Failed in [chars].[dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This may be a serious failure, however process may continue functioning as expected (or successfully retry) despite the failure. Recommended Action No action is required. Error Message %PLATFORM-CANB_SERVER-6-OPERATION_INFO [chars].[dec], Info - [chars] Explanation Informational condition and/or failure. The process can continue functioning as expected despite the failure. Recommended Action No action is required. Error Message %PLATFORM-CANB_SERVER-7-OPERATION_DEBUG Failed in [chars].[dec], [dec], [dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required.Platform Messages CARD Messages EM-1555 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CARD Messages Error Message %PLATFORM-CARD-0-OVERCURRENT ClkCtrl detected an overcurrent condition on card [chars] Explanation ClkCtrl driver detected a card overcurrent condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CARDMGR Messages Error Message %PLATFORM-CARDMGR-3-BAD_CS_INFO could not get CS revision info! Explanation Could not get CS revision info Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-3-CHDIR_FAILED chdir to [chars] failed: [chars] Explanation Chdir failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-3-MODULE_UNAVAILABLE module [chars] not available Explanation Module unavailable Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CARDMGR Messages EM-1556 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CARDMGR-3-NO_CARDS_DEFINED no cards defined Explanation No cards defined Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-3-NO_DRIVERS_FOUND no device drivers defined Explanation No device drivers Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-3-NO_SOCKETS no sockets found! Explanation No sockets Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-3-PCMCIA_INIT_ERROR PCMCIA initialization error at: [chars] Explanation PCMCIA initialization error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-3-SELECT_FAILURE select (): [chars] Explanation Select failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CARDMGR Messages EM-1557 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CARDMGR-3-UNSUPPORTED_CARD Unsupported card in socket [dec] Explanation Unsupported card Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-6-PRODUCT_INFO product info: [chars] Explanation Product info Recommended Action No action is required. Error Message %PLATFORM-CARDMGR-6-SOCKET_INFO socket [dec]: [chars] Explanation Socket info Recommended Action No action is required. Error Message %PLATFORM-CARDMGR-7-ADJ_RES_FAILED could not adjust resource: [chars]: [chars] Explanation Could not adjust resource Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-BAD_OPEN could not open [chars]: [chars] Explanation Open of file failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CARDMGR Messages EM-1558 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CARDMGR-7-BIND_FAILED bind ’[chars]’ to socket [dec] failed: [chars] Explanation Bind failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-BIND_MTD_REGION_FAILED bind MTD ’[chars]’ to region at [hex] failed: [chars] Explanation Bind mtd region failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-BIND_MTD_SOCKET_FAILED bind MTD ’[chars]’ to socket [dec] failed: [chars] Explanation Bind mtd to socket failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-CIS_DATA_PARSING_ERROR error parsing CIS([hex]) on socket [dec]: [chars] Explanation CIS data parsing error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-CIS_DATA_READ_ERROR error reading CIS data on socket [dec]: [chars] Explanation CIS data read error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CARDMGR Messages EM-1559 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CARDMGR-7-CIS_REPLACE_ERROR could not replace CIS: [chars] Explanation CIS replace error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-CS_REL_MISMATCH Card Services release does not match Explanation Release mismatch Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-GET_DEV_INFO_FAILED get device info on socket [dec] failed: [chars] Explanation Device info failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-NO_MEM Malloc failure Explanation Out of memory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-OPEN_SOCK_FAILED open_sock(socket [dec]) failed: [chars] Explanation Open of socket failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CARDMGR Messages EM-1560 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CARDMGR-7-READ_FAILED read ([dec]): [chars] Explanation Read failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-THREAD_CREATE_FAILED Thread create failed: [chars] Explanation Thread create failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-UNBIND_FAILED unbind ’[chars]’ from socket [dec] failed: [chars] Explanation Unbind failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CARDMGR-7-UNBIND_MTD_FAILED unbind MTD ’[chars]’ from socket [dec] failed: [chars] Explanation Unbind MTD failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages CCTL_ENS Messages EM-1561 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CCTL_ENS Messages Error Message %PLATFORM-CCTL_ENS-3-ERROR_EXIT Envmon process exiting because [chars], error code [chars] Explanation The Chassis Control driver process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process envmon location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CCTL_ENS-3-ERROR_EXIT Envmon process exiting because [chars], error code [chars] Explanation The Chassis Control driver process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process envmon location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CCTL_ENS-7-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-CCTL_ENS-7-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required.Platform Messages CCTL Messages EM-1562 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CCTL Messages Error Message %PLATFORM-CCTL-2-CARD_POWERUP_FAIL Unable to powerup card(for node:[chars]) rc: [chars] Explanation The hardware powerup was unsuccessful due to the mentioned reason. This will result in node not able to boot again until next software powerup or manual recovery. The XR software will try to powerup the node 5 times and if the powerup failed everytime, that node will be put in IN-RESET state. The user can try ’hw-module location node_name reload’ to try more powerup retry recovery. Recommended Action Card powerup is typically initiated when a card needs to power. If that fails, the user can perform manual reset using ’hw-module loc node_name reload’. Please collect ’show cctl trace shelfmgr loc ’ from the node on which this ios-msg is seen. Error Message %PLATFORM-CCTL-2-CARD_SHUTDOWN_FAIL Unable to shutdown card(for node: [chars]) rc: [chars] Explanation The shutdown of the card was unsuccessful due to the mentioned reason. This will result in all nodes on the card not to go down when it is supposed to be power cycled. Recommended Action Card shutdown is typically initiated when a card needs to be hard reset. If that fails, the user can perform manual reset using ’hw-module loc node_name reload’. Please collect ’show cctl trace shelfmgr loc’ from the node on which this ios-msg is seen. Error Message %PLATFORM-CCTL-2-CHASSIS_SHUTDOWN_FAIL Unable to shutdown chassis because [chars] Explanation The shutdown of the chassis was unsuccessful due to the mentioned reason. Recommended Action Chassis shutdown is typically initiated due to some critical failure. If the software initiated chassis shutdown has failed, then user should intervene and shut down the chassis manually. Platform Messages CCTL Messages EM-1563 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CCTL-2-CHASSIS_SHUTDOWN_FAIL Unable to shutdown chassis because [chars] Explanation The shutdown of the chassis was unsuccessful due to the mentioned reason. Recommended Action Chassis shutdown is typically initiated due to some critical failure. If the software initiated chassis shutdown has failed, then user should intervene and shut down the chassis manually. Error Message %PLATFORM-CCTL-2-RESET_SP_FAIL Unable to reset SP node([chars]) rc: [chars] Explanation The hardware reset of SP was unsuccessful due to the mentioned reason. This will result in SP node on the card not to go down when it is supposed to be power cycled. Recommended Action Reset of SP is typically initiated when that SP needs to be hard reset. If that fails, the user can perform manual reset using ’hw-module loc node_name reload’. Please collect ’show cctl trace shelfmgr loc’ from the node on which this ios-msg is seen. Error Message %PLATFORM-CCTL-2-STANDBY_SHUTDOWN_FAILED Unable to shutdown the standby node as part of chassis shutdown Explanation The shutdown of the standby SC/RP node failed during the chassis shutdown process. Recommended Action Please power off the chassis manually. Error Message %PLATFORM-CCTL-2-STANDBY_SHUTDOWN_FAILED Unable to shutdown the standby node as part of chassis shutdown Explanation The shutdown of the standby SC/RP node failed during the chassis shutdown process. Recommended Action Please power off the chassis manually. Error Message %PLATFORM-CCTL-3-ERROR_EXIT Envmon process exiting because [chars], error code [chars] Explanation The Chassis Control driver process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process envmon location ’ to verify that the process is up and running. If it is still non-operational, Platform Messages CCTL Messages EM-1564 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CCTL-3-ERROR_EXIT Envmon process exiting because [chars], error code [chars] Explanation The Chassis Control driver process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process envmon location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CCTL-3-MASTERSHIP_EXIT Exiting because not able to [chars] mastership Explanation The Chassis Control driver process exited as it was not able to grab mastership or unable to release it. Recommended Action No action is required. Error Message %PLATFORM-CCTL-3-READ_POWER_SHELF_TYPE_FAILURE Unable to detect power shelf type. Assuming AC shelf and continuing for now. Please check EEPROM programming on power shelf backplane. Explanation We are unable to read the power shelf backplane EEPROM for some reason. Need to check the programming of the backplane. Recommended Action Check that the power-shelf is seated correctly, and that the backplane EEPROM is programmed correctly. In the admin mode, use ’show diag power-supply eeprom-info’ to check the contents of the EEPROM. Platform Messages CCTL Messages EM-1565 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CCTL-3-READ_POWER_SHELF_TYPE_FAILURE Unable to detect power shelf type. Assuming AC shelf and continuing for now. Please check EEPROM programming on power shelf backplane. Explanation We are unable to read the power shelf backplane EEPROM for some reason. Need to check the programming of the backplane. Recommended Action Check that the power-shelf is seated correctly, and that the backplane EEPROM is programmed correctly. In the admin mode, use ’show diag power-supply eeprom-info’ to check the contents of the EEPROM. Error Message %PLATFORM-CCTL-4-UNKNOWN_SHELF_ID Unknown shelf ID [hex] read from power shelf backplane EEPROM - please check EEPROM programming. Explanation The value read from the power shelf backplane does not match any of the known shelf ID values. Please check the EEPROM programming. Recommended Action Please check the EEPROM programming of the power-shelf backplane. ’show diag power-supply eeprom-info’ in admin mode gives a raw dump of the EEPROM data. Refer EDCS-137763 to interpret the data to check if the shelf ID is programmed correctly or not. If the shelf ID is incorrect, the unit will have to be RMA’d to reprogram the EEPROM correctly. Error Message %PLATFORM-CCTL-4-UNKNOWN_SHELF_ID Unknown shelf ID [hex] read from power shelf backplane EEPROM - please check EEPROM programming. Explanation The value read from the power shelf backplane does not match any of the known shelf ID values. Please check the EEPROM programming. Recommended Action Please check the EEPROM programming of the power-shelf backplane. ’show diag power-supply eeprom-info’ in admin mode gives a raw dump of the EEPROM data. Refer EDCS-137763 to interpret the data to check if the shelf ID is programmed correctly or not. If the shelf ID is incorrect, the unit will have to be RMA’d to reprogram the EEPROM correctly. Error Message %PLATFORM-CCTL-6-TEMP_ALARM [chars] alarm occured for [chars] sensor at temperature [dec] deg C, against configured threshold of [dec] deg C Explanation Informational msg indicating temperature at which alarm occured. Recommended Action Software will take corrective action on its own. No action is required. Platform Messages CEMGBL Messages EM-1566 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CCTL-6-TEMP_ALARM [chars] alarm occured for [chars] sensor at temperature [dec] deg C, against configured threshold of [dec] deg C Explanation Informational msg indicating temperature at which alarm occured. Recommended Action Software will take corrective action on its own. No action is required. Error Message %PLATFORM-CCTL-7-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-CCTL-7-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. CEMGBL Messages Error Message %PLATFORM-CEMGBL-7-ERROR [chars] : [chars] Explanation An unexpected error condition encountered. Recommended Action Collect system log information. No action is required. CETHHA Messages Error Message %PLATFORM-CETHHA-2-CRITICAL Hardware error on control-ethernet port [chars] Explanation Hardware error on CPU control ethernet port. Recommended Action Remove/Replace the RP. Platform Messages CHP Messages EM-1567 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CETHHA-2-CRITICAL Hardware error on control-ethernet port [chars] Explanation Hardware error on CPU control ethernet port. Recommended Action Remove/Replace the RP. Error Message %PLATFORM-CETHHA-2-PORT_FAULT High rate of errors on control ethernet port [chars] Explanation The rate of link errors on the control ethernet port has exceeded the threshold. The link should be fixed to avoid disruption in router services. Recommended Action Fix the bad link after switching traffic to redundant link. Error Message %PLATFORM-CETHHA-4-NOGE RP does not have GE connectivity Explanation RP does not have GE connectivity. Reload/failovers may cause problems. Recommended Action Check the GE connections on the front panel of the RP/SC and re-connect/replace to make sure atleast one GE connection is there. Error Message %PLATFORM-CETHHA-4-NOGE RP does not have GE connectivity Explanation RP does not have GE connectivity. Reload/failovers may cause problems. Recommended Action Check the GE connections on the front panel of the RP/SC and re-connect/replace to make sure atleast one GE connection is there. CHP Messages Error Message %PLATFORM-CHP-0-FAULT_RECOVERY_ERR The fault recovery procedure for the ToFab component of the fabric driver has failed. The root fault was: [chars] Explanation When a hardware fault occurs and the device driver cannot correct it, the Platform Manager is required to reset the ASICs. This error indicates that the Platform Manager failed to reset the ASICs and the hardware on the PRP may not be in an operational state. This condition affects the functionality of the entire router. %s is the Interrupt Source. Recommended Action If the system has not failed over automatically and a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0 ’ where x is the slot of route processor that generated Platform Messages CHP Messages EM-1568 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 the error. If no redundant RP is configured you will need to reboot the router by issuing the reload command. Call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-CRC_ERR chopper dll: block: [chars], entity: [chars] had CRC error, count: [dec] Explanation PII block got a packet from the entity mentioned above with a CRC error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-CHP-3-DEVICE_HALT TFQ: device halted, sub-block: [chars], halted entity: [chars] Explanation TFQ, ASIC got halted. The halted block and its parent block are provided Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-DMA_ERR Chopper detected a DMA error: Data [hex] Explanation This message indicates that the Chopper hardware found a DMA problem. The hexadecimal data indicates the error register value when the problem is detected. This usually indicates a hardware error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-FATAL chopper dll: fatal error encountered, reason equals [chars] Explanation iqm, chopper dll manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CHP Messages EM-1569 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CHP-3-FATAL_2 chopper dll: fatal error encountered, reason equals [chars], errno equals [dec] Explanation chopper encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-FUSILLI_PARITY_ERR Chopper detected a Fusilli parity error: Data [hex] Explanation A parity error has been detected on the Chopper to Fusilli interface. The hex number indicates the error cause register value. This usually indicates a hardware problem on the RP. RP may be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-GEN_INFO chopper dll: general information,[chars] Explanation The CHP’s informational message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-HWINIT_INCOMPLETE chopper dll: hardware initialization not complete Explanation hardware init is not complete. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-CHP-3-INFO chopper dll: service degrading error, reason equals [chars] Explanation The chopper encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CHP Messages EM-1570 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CHP-3-INTR_ENABLE_FAIL chopper dll: intr enable at addr: [hex] mask: [hex] failed. Explanation hardware state is not correct. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-CHP-3-INTR_STATUS_GET_ERR chopper dll: intr status get failed for: [chars]@[hex], rc equals [dec] Explanation Hardware register read failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-CHP-3-MALLOC_FAILED chopper dll: fatal memory allocation error for [dec] bytes Explanation CHP encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-CHP-3-NOT_AVAILABLE chopper dll: asic is not available Explanation hardware state is not correct. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-CHP-3-NOT_OPERATIONAL chopper dll: asic is not operational, state: [dec] Explanation hardware state is not correct. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Platform Messages CHP Messages EM-1571 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CHP-3-NOT_YET_IMPLEMENTED chopper dll: this function [chars] is not yet implemented Explanation TFQ, chopper dll , a function is not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-PCI_ERR Chopper detected a PCI error: Data [hex] Explanation A PCI error has been detected by the Chopper PCI interface. The hex number indicates the error cause register value. This usually indicates a hardware problem on the RP. RP may be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-3-SRAM_PARITY_ERR Chopper detected a SRAM parity error: Data [hex] Explanation A parity error has been detected on the Chopper to SRAM interface. The hex number indicates the error cause register value. This usually indicates a hardware problem on the RP. RP may be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CHP-6-UNHANDLED_HALT chopper dll: halt not handled, parent: [chars], child: [chars], intr: [dec] Explanation Hardware halt is not handled. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-CHP-6-UNHANDLED_INTR chopper dll: intr not handled, parent: [chars], child: [chars], group id: [dec], intr: [dec] Explanation Hardware interrupt is not handled in the code, need to implement. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.Platform Messages CLKCTRL_T Messages EM-1572 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CLKCTRL_T Messages Error Message %PLATFORM-CLKCTRL_T-2-DEV_VERSION_ERROR Timing driver version is not compatible with the hardware FPGA version. S/W ver: [dec]:[dec] H/W ver: [dec]:[dec] Explanation Timing driver software version is not compatible with the hardware FPGA version. Recommended Action Upgrade the ClkCtrl Timing FPGA image using the FPD procedure. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CLKCTRL_T-2-EEPROM_OVERCURRENT ClkCtrl detected an EEPROM overcurrent condition Explanation ClkCtrl detected an EEPROM overcurrent condition Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CLKCTRL_T-2-PARITY_ERROR Timing software detected a parity error address equals [dec] data equals [dec] Explanation Timing software detected a parity error from interrupt controller Recommended Action If a redundant RSP card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’. 2 - reload the RSP card that failed with the ’reload location’ command in admin mode. If no redundant RSP is configured, you will need to reboot the router by issuing the above reload command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages COMMON Messages EM-1573 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 COMMON Messages Error Message %PLATFORM-COMMON-0-LC_HEADLESS_ACT_RSP_HB_REQ_FAILURE Headless RSP Detected: No HB requests from the active RSP. Explanation This LC has timed out waiting for Heartbeat requests from the active RSP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-COMMON-0-RSP_HEADLESS_ACT_RSP_HB_REQ_FAILURE Headless RSP Detected: No HB requests from the active RSP. Explanation This RSP has timed out waiting for Heartbeat requests from the active RSP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CONCERTO Messages Error Message %PLATFORM-CONCERTO-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation CONCERTO Driver encountered a fatal error and is not able to recover. The supplied text string will explain the reason. Call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CONCERTO-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation CONCERTO encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CONCERTO Messages EM-1574 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CONCERTO-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the concerto_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CONCERTO-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation CONCERTO Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CONCERTO-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation CONCERTO Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CONCERTO-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in CONCERTO Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL_PCI Messages EM-1575 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CONCERTO-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation CONCERTO Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CONCERTO-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation concerto LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CPUCTRL_PCI Messages Error Message %PLATFORM-CPUCTRL_PCI-3-FAILED_S cpuctrl PCI: [chars] Explanation CPUCTRL PCI, this function has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL_PCI-3-FAILED_S cpuctrl PCI: [chars] Explanation CPUCTRL PCI, this function has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL_PCI Messages EM-1576 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL_PCI-3-FAILED_SD cpuctrl PCI: [chars] [dec] Explanation CPUCTRL PCI, this function has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL_PCI-3-FAILED_SD cpuctrl PCI: [chars] [dec] Explanation CPUCTRL PCI, this function has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_S cpuctrl PCI: [chars] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_S cpuctrl PCI: [chars] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SD cpuctrl PCI: [chars] [dec] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SD cpuctrl PCI: [chars] [dec] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Platform Messages CPUCTRL_PCI Messages EM-1577 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SS cpuctrl PCI: [chars] [chars] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SS cpuctrl PCI: [chars] [chars] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_1 cpuctrl PCI: [chars] [hex] [hex] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_1 cpuctrl PCI: [chars] [hex] [hex] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_8 cpuctrl PCI: [chars] [hex] [hex] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_8 cpuctrl PCI: [chars] [hex] [hex] Explanation CPUCTRL PCI, event logging. Recommended Action No action is required.Platform Messages CPUCTRL Messages EM-1578 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CPUCTRL Messages Error Message %PLATFORM-CPUCTRL-3-ASIC_NOT_FOUND Cpuctrl could not find [chars] Explanation While booting up, CPUCTRL could not find the required ASICs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-ASIC_RESET_FAILURE Cpuctrl could not reset board ASICs. [chars] Error. Explanation While trying to bring up ASIC links, Cpuctrl manager could not reset MSC and PLIM board ASICs port. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-CDMA_RAM_CORRECTABLE_ERROR Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. The error is corrected transparently. The location will be written automatically before being read again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-CDMA_RAM_CORRECTABLE_ERROR Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. The error is corrected transparently. The location will be written automatically before being read again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1579 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-CDMA_RAM_PARITY_ERROR Cpuctrl HW detected parity in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable parity error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-CDMA_RAM_PARITY_ERROR Cpuctrl HW detected parity in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable parity error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-CDMA_RAM_UNCORRECTABLE_ERROR Cpuctrl HW detected MBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable multi-bit error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-CDMA_RAM_UNCORRECTABLE_ERROR Cpuctrl HW detected MBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable multi-bit error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1580 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-DETECTED_TX_PDMA_STALL TX PDMA Ring Stalled, port equals [dec] ([chars]), queue equals [dec] ([chars]), cur_ind equals [dec], tx_ind equals [dec]. Explanation CPUCTRL TX PDMA ring remained full over non-transient period. Packets which could not be sent were discarded. The downstream ASIC may be stalled. Asic error logged with queue details. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-ERR_INIT [chars], Reason: [chars]. Exiting. Explanation Cpuctrl manager encountered a fatal error and is not able to recover from the error. A reason text will be supplied; please provide this text when calling Cisco support. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-ERR_INIT [chars], Reason: [chars]. Exiting. Explanation Cpuctrl manager encountered a fatal error and is not able to recover from the error. A reason text will be supplied; please provide this text when calling Cisco support. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-FAULT_REPORT_FAILURE Cannot report fault ([chars]) to PM fault manager Explanation Cpuctrl attempted to report a fault and was unable to log the message with the fault manager. The message text is supplied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1581 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-FAULT_REPORT_FAILURE Cannot report CRITICAL fault ([chars]) to PM fault manager Explanation Cpuctrl attempted to report a critical fault and was unable to log the message with the fault manager. The message text is supplied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_ISN HW error interrupt Cpuctrl Internal Access failure interrupt_id equals [hex], pci_isnerr_status equals [hex] pci_isnerr_addr_hi equals [hex], pci_isnerr_addr_lo equals [hex] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCI ISN register from a Cpuctrl Internal Access failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_ISN [chars] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCI ISN register from a Cpuctrl Internal Access failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_LINK [chars] Explanation The cpuctrl driver HW error interrupt handler was invoked and found a port with valid link error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1582 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_LINK HW error interrupt link, port equals [dec] interrupt_id equals [hex], port_link_error equals [hex], port_link_crc_count equals [hex] Explanation The cpuctrl driver HW error interrupt handler was invoked and found a port with valid link error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_PM [chars] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCI PM error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_PM HW error interrupt pci pm, port equals [dec] interrupt_id equals [hex], pci_pmerr_status equals [hex] pci_pmerr_addr_hi equals [hex], pci_pmerr_addr_lo equals [hex] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCI PM error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_SN [chars] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCI SN error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1583 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_SN HW error interrupt pci sn, port equals [dec] interrupt_id equals [hex], pci_snerr_status equals [hex] pci_snerr_addr_hi equals [hex], pci_snerr_addr_lo equals [hex] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCI SN error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCIX [chars] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCIX error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCIX HW error interrupt pcix, port equals [dec] interrupt_id equals [hex], pcix_pmerr_comptran_status equals [hex], pcix_pmerr_status equals [hex] pcix_pmerr_addr_hi equals [hex], pcix_pmerr_addr_lo equals [hex] Explanation The cpuctrl driver HW error interrupt handler was invoked and found valid PCIX error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PORT [chars] Explanation The cpuctrl driver HW error interrupt handler was invoked and found a port with valid isn error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1584 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PORT HW error interrupt port, port equals [dec] interrupt_id equals [hex], port_isn_cause equals [hex], port_isn_error equals [hex] port_isn_last_reqhi equals [hex], port_isn_last_reqlo equals [hex] Explanation The cpuctrl driver HW error interrupt handler was invoked and found a port with valid isn error registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_GASPP_READ_BUS_ERROR Bus error when attempting User requested GASPP Read, Address equals [hex] Explanation The user may have entered an invalid address, or else there is a HW problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_GASPP_READ_BUS_ERROR Bus error when attempting User requested GASPP Read, Address equals [hex] Explanation The user may have entered an invalid address, or else there is a HW problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-HW_GASPP_WRITE_ERROR Cpuctrl HW detected error on GASPP write, Address equals [hex] Explanation The user may have entered an invalid address that is not writable. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1585 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-HW_GASPP_WRITE_ERROR Cpuctrl HW detected error on GASPP write, Address equals [hex] Explanation The user may have entered an invalid address that is not writable. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERROR_MASK Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. This memory is considered ’persistent’ and requires special handling as described in the ’Data_corrected’ row of Table 1.2. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERROR_MASK Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. This memory is considered ’persistent’ and requires special handling as described in the ’Data_corrected’ row of Table 1.2. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERROR_OTHER Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. The error is corrected transparently. The location will be written automatically before being read again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1586 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERROR_OTHER Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. The error is corrected transparently. The location will be written automatically before being read again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PCI_RAM_UNCORRECTABLE_ERROR Cpuctrl HW detected MBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable multi-bit error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PCI_RAM_UNCORRECTABLE_ERROR Cpuctrl HW detected MBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable multi-bit error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PDMA_RAM_CORRECTABLE_ERROR Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. The error is corrected transparently. The location will be written automatically before being read again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1587 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-PDMA_RAM_CORRECTABLE_ERROR Cpuctrl HW detected SBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates a correctable single-bit error occurred on this internal SRAM. The error is corrected transparently. The location will be written automatically before being read again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PDMA_RAM_PARITY_ERROR Cpuctrl HW detected parity in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable parity error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PDMA_RAM_PARITY_ERROR Cpuctrl HW detected parity in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable parity error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PDMA_RAM_UNCORRECTABLE_ERROR Cpuctrl HW detected MBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable multi-bit error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1588 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-3-PDMA_RAM_UNCORRECTABLE_ERROR Cpuctrl HW detected MBE in [chars] RAM. Key: [hex] [chars] Explanation Indicates an uncorrectable multi-bit error occurred on this internal SRAM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-3-PERSISTENT_CRC_LINK_FAILURE Cpuctrl port [dec] link is unframeable with persistent CRC errors. Explanation Cpuctrl manager could not bring up the ASIC link on the specified port. This indicates a hardware failure on the MSC or PLIM board. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_BAG_REG Bag register failed for rules. Reason: [chars] Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_BAG_REG Bag register failed for rules. Reason: [chars] Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1589 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-7-ERR_DLL_INIT Dll Initialization for [chars] failed. Reason: [chars] Explanation Cpuctrl driver tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_DLL_INIT Dll Initialization for [chars] failed. Reason: [chars] Explanation Cpuctrl driver tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation Cpuctrl Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation Cpuctrl Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRL Messages EM-1590 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation Cpuctrl Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation Cpuctrl Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation Cpuctrl Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation Cpuctrl Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Reason: [chars] Explanation Cpuctrl Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRLLIB Messages EM-1591 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRL-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Reason: [chars] Explanation Cpuctrl Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-HW_DETECTED_SPURIOUS_ERROR_PORT HW error interrupt valid on invalid port ([dec]) interrupt_id equals [hex] Explanation The cpuctrl driver HW error interrupt handler was invoked and found a port with invalid isn error registers. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRL-7-SPURIOUS_ECCPAR_INTS_THROTTLED Cpuctrl HW detected spurious ECC/PAR interrupts ([dec]). Throttled interrupt. Explanation A spruriously high level of ECC/PAR interrupts were detected. The interrupt is throttled to reduce CPU usage. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CPUCTRLLIB Messages Error Message %PLATFORM-CPUCTRLLIB-3-DETECTED_CDMA_PORT0 CDMA to port 0 channel equals [dec], queue equals [dec] ([chars]). ASIC address [[hex],[hex]] Explanation The cpuctrl driver detected an attempt to DMA to port 0. The request was discarded and not performed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRLLIB Messages EM-1592 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRLLIB-3-DETECTED_EGRESSQ_QUEUE0_PDMA TX PDMA to EgressQ queue 0, port equals [dec], queue equals [dec] ([chars]). Buffer Header: [hex]. Initial packet data(hex): [chars] Explanation The cpuctrl driver detected an attempt to DMA a packet to egressq queue 0. The packet was discarded and not sent. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-DETECTED_ERROR_PDMA [chars], [dec], port equals [dec] ([chars]), queue equals [dec] ([chars]) Explanation The cpuctrl driver detected an error during packet DMA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-DETECTED_ERROR_PDMA [chars], [dec], port equals [dec], queue equals [dec] Explanation The cpuctrl driver detected an error during packet DMA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_CDMA HW set the error bit in a CDMA descriptor CDMA engine equals [dec], queue equals [dec] ([chars]), index equals [dec] error reg_lo equals [hex], error_reg_hi equals [hex] Explanation CDMA ended in error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRLLIB Messages EM-1593 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_CDMA HW set the error bit in a CDMA descriptor CDMA engine equals [dec], queue equals [dec], index equals [dec] error reg_lo equals [hex], error_reg_hi equals [hex] Explanation CDMA ended in error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_RX_PDMA HW set the error bit in a RX PDMA descriptor port equals [dec] ([chars]), queue equals [dec] ([chars]), index equals [dec] Explanation The cpuctrl driver detected a buffer marked with an error, possibly a CRC check. The buffer is discarded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_RX_PDMA HW set the error bit in a RX PDMA descriptor port equals [dec], queue equals [dec], index equals [dec] Explanation The cpuctrl driver detected a buffer marked with an error, possibly a CRC check. The buffer is discarded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-INT_WARNING Excess Spurious interrupt on device [chars] Explanation The cpuctrllib ASIC Interrupt wrapper has detected that an ASIC driver has not cleared its interrupts at the source for 1000 consecutive times. This is possibly an error in the Driver ISR, that does not process and clear all possible interrupts, or malfunctioning HW. The Interrupt is disabled to prevent the ISR from hogging the CPU. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRLLIB Messages EM-1594 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRLLIB-3-INT_WARNING Excess Spurious interrupt on device [chars] Explanation The cpuctrllib ASIC Interrupt wrapper has detected that an ASIC driver has not cleared its interrupts at the source for 1000 consecutive times. This is possibly an error in the Driver ISR, that does not process and clear all possible interrupts, or malfunctioning HW. The Interrupt is disabled to prevent the ISR from hogging the CPU. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-PCI_CONFIGURATION_ERROR Incorrect PCI configuration: [chars]: [dec] Explanation Incorrect PCI configuration or a problem with the hardware prevents CPUCTRL from accessing the forwarding ASICs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-PCI_CONFIGURATION_ERROR Incorrect PCI configuration: [chars]: [dec] Explanation Incorrect PCI configuration or a problem with the hardware prevents CPUCTRL from accessing the forwarding ASICs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-3-UNRECOVERED_PIO_ERROR Restarting cpuctrl client [dec] on port [dec] for devid [dec] on unrecovered PIO error notification Explanation A PIO error was detected and the responsible client was notified but did not mark the error as recovered. Restarting the client. Recommended Action No action is required. Platform Messages CPUCTRLLIB Messages EM-1595 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRLLIB-3-UNRECOVERED_PIO_ERROR Restarting cpuctrl client [dec] ([chars]) on port [dec] for devid [dec] ([chars]) on unrecovered PIO error notification Explanation A PIO error was detected and the responsible client was notified but did not mark the error as recovered. Restarting the client. Recommended Action No action is required. Error Message %PLATFORM-CPUCTRLLIB-4-PORT_INIT_FAILURE Port [dec] ([chars]) could not clear Link errors during init link_error_reg equals [hex], crc_reg equals [hex] Explanation Port will not operate reliably Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-4-PORT_INIT_FAILURE Port [dec] could not clear Link errors during init link_error_reg equals [hex], crc_reg equals [hex] Explanation Port will not operate reliably Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-4-PORT_NOT_PRESENT Attempt to access Port [dec] which was not discovered Device ID_reg equals [hex], devid equals [hex] Explanation Port will not operate reliably Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CPUCTRLLIB Messages EM-1596 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRLLIB-4-PORT_REFRAME_SYNC_FAILURE Port [dec] ([chars]) would not sync on reframe attempt Explanation Port will not operate reliably Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-4-PORT_REFRAME_SYNC_FAILURE Port [dec] would not sync on reframe attempt Explanation Port will not operate reliably Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-4-PORT_REINIT_FAILURE Port [dec] Device chipid mismatch during reframe id_reg read after reframe equals [hex], id_reg during HW discovery equals [hex] Explanation Port will not operate reliably Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-4-PORT_REINIT_FAILURE Port [dec] ([chars]) Device chipid mismatch during reframe id_reg read after reframe equals [hex], id_reg during HW discovery equals [hex] Explanation Port will not operate reliably Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CROSSBAR Messages EM-1597 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CPUCTRLLIB-6-NO_BUF_TO_REPLACE RX PDMA Ring out of buf, Port [dec], Q [dec], cur_ind equals [dec], tx_ind equals [dec], retry [dec] Explanation CPUCTRL RX PDMA ring could not replace the buffers. possible low buffer condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CPUCTRLLIB-6-NO_BUF_TO_REPLACE RX PDMA Ring out of buf, Port [dec] ([chars]), Q [dec] ([chars]), cur_ind equals [dec], tx_ind equals [dec], retry [dec] Explanation CPUCTRL RX PDMA ring could not replace the buffers. possible low buffer condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CROSSBAR Messages Error Message %PLATFORM-CROSSBAR-2-SERDES_ERROR Crossbar driver serdes error Explanation Crossbar driver detected a serdes error. Recommended Action This error is a momentary error. If this error persists for a period of 60 seconds after all the cards are in IOS-XR RUN state using the ’show platform’ command, please attempt to correct the error by reloading the card by issuing the command: ’hw-module loc reload’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CROSSBAR-3-IN_MEM_ERROR Crossbar driver input memory error Explanation Crossbar driver detected a input memory error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages CSAR Messages EM-1598 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CROSSBAR-3-OUT_MEM_ERROR Crossbar driver output memory error Explanation Crossbar driver detected an output memory error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CROSSBAR-3-XBAR_TIMEOUT_ERROR Crossbar driver detects crossbar timeout error Explanation Crossbar driver detected an crossbar timeout error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. CSAR Messages Error Message %PLATFORM-CSAR-3-ERROR ERROR [chars] Explanation A generic error has occured. Normal operation is not affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CSAR-3-SLOT_SHUTDOWN Fabric disconnected from slot [dec], card shut down Explanation There are unrecoverable errors while transmitting to the reported slot. The slot has been disconnected from the switching fabric and the card in the slot is marked for shut down. Recommended Action Try moving the card in the reported slot to another slot. If this error follows the card, the card is bad. If the card works in another slot, there could be a hardware problem with the switch fabric cards (CSC and SFC.) Contact your technical support representative in all cases. Platform Messages CSAR Messages EM-1599 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-CSAR-3-UCAST_STUCK Unicast fabric transmissions to slot [dec] are stuck Explanation This error indicates a (possibly temporary) problem in the switch fabric path between the route processor card reporting error and the card in the reported slot. Usual cause is a bad card in the reported slot. The particular card may be shut down when this error is reported. Recommended Action Wait several minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about unicast fabric transmissions to other slots. If transmissions to a single slot are stuck it indicates a hardware problem in that slot. Either the card in that slot is bad or the fabric interface to the slot is bad. Try moving the card in the reported slot to another slot. If this error follows the card, the card is bad. If the card works in another slot, there could be a hardware problem with the switch fabric cards (CSC and SFC.) If there are reports for several slots, it is more likely that the switch fabric cards have a fault. Contact your technical support representative in all cases. Error Message %PLATFORM-CSAR-4-DEBUG_FAIL Debug registration failed. Explanation An internal registration call returned an error. Debug commands for the CSAR device may not be effective. Normal operation is not affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-CSAR-4-MCAST_STUCK Multicast fabric transmissions are stuck Explanation This error indicates a (possibly temporary) problem in the interface between the route processor card reporting error and the switch fabric. Recommended Action Wait several minutes for corrective action to occur. Ignore repeats of this error while corrective action is taking place. Look for error reports about unicast fabric transmissions and take action as recommended for unicast errors. If this message repeats and there is no unicast error reported, then copy the error message exactly as it appears on the console and report it to your technical support representative. Error Message %PLATFORM-CSAR-4-UNKNOWN_INTF Unknown Fabric Interface with slot [dec] and port [dec] Explanation An internal call for fabric initialization received unexpected slot/port information. Normal operation is not affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages DIAGS Messages EM-1600 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DIAGS Messages Error Message %PLATFORM-DIAGS-3-BOOTFLASH_CORRUPTED BOOTFLASH integrity check failed, Explanation Some FPD image in bootflash is corrupted or missing. Each FPD has 2 images stored in bootfalsh, 1 is field upgradable version, that is the ’B’ version; the other is the backup version, which is the ’A’ version. If a B version FPD image has gone bad, it can be recovered by following the recommended_action. If one A version has gone bad, have the board replaced. Recommended Action Use the following command to find out which FPD image is bad/missing: ’show log | inc PFM | inc FLASH’; If it is the B version (the upgradable version), then reprogram the image using the upgrade command: ’admin’ ’upgrade hw fpd fpga-selection force location node-failed’ If any A version is bad, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-EXCESSIVE_ECC_SBE_ERROR Excessive ECC Single-bit errors Explanation The number of single-bit ECC errors has crossed the error threshold. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-FAB_MCAST_SC0_FAILED Fabric multicast loopback (SC0) failure count crossed threshold. Explanation A problem is detected by loopback test to the first Crossbar chip (chip#0) on this RSP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-FAB_MCAST_SC1_FAILED Fabric multicast loopback (SC1) failure count crossed threshold. Explanation A problem is detected by loopback test to the second Crossbar chip (chip#1) on this RSP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DIAGS Messages EM-1601 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DIAGS-3-FAB_UNICAST_FAILED Fabric unicast loopback failure count crossed threshold. Explanation A problem is detected by loopback test to the Crossbar chips on this RSP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-INVALID_DEVICE_ID Device identity readback value is incorrect Explanation Device identity readback value is incorrect Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-LC_EOBC_FAILED_BOTH_RSP LC lost EOBC heartbeat to both RSPs. Explanation This line card has lost EOBC heartbeat to both RSPs Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-LC_EOBC_FAILED_RSP0 EOBC Heartbeat failure count for RSP0 crossed threshold. Explanation This line card has lost EOBC heartbeat to RSP0. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-LC_EOBC_FAILED_RSP1 EOBC Heartbeat failure count for RSP1 crossed threshold. Explanation This line card has lost EOBC heartbeat to RSP1. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DIAGS Messages EM-1602 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DIAGS-3-LC_EOBC_FAILED_STBY_RSP LC lost EOBC heartbeat to the Standby RSP. Explanation This line card has lost EOBC heartbeat to the standby RSP. Recommended Action If this happens during system booting and switchover or when the standby RSP is not in ’IOS XR RUN’ state, this message can be safely ignored. Otherwise, If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-LC_EOBC_NO_RSP_UP No RSP is up, LC EOBC heartbeat skipped. [chars] Explanation This line card found there is no RSP present in the system. Recommended Action This condition should not last long, the line card should reset. No action is required. Error Message %PLATFORM-DIAGS-3-LC_EOBC_SEND_FAILED Failed to send a heartbeat to RSP [chars] Explanation This line card has failed to transmit a heartbeat to a RSP over EOBC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-LC_NP_LOOPBACK_FAILED NP loopback failure count crossed threshold, [chars] Explanation This line card has detected a problem with the packet punt and injection path between this line card CPU and some network processor(s), and the consecutive failure count has reached or crossed the failure threshold. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DIAGS Messages EM-1603 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DIAGS-3-PUNT_FABRIC_DATA_PATH_FAILED System punt, fabric and data path failure count crossed threshold, [chars] Explanation A problem is detected on the system punt, fabric or data path between this RSP CPU to one or more of the network processor(s) on some line card(s). Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-SCRATCH_TEST_ERROR Device scratch register test has failed Explanation The CPU at the failed location has failed to access the named device scratch register. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-SRSP_ACTIVE_EOBC_FAILED Heartbeat failed over active EOBC, [chars] Explanation Standby RSP has detected an error with the active eobc link between this standby RSP and one or more line card)(s) Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-SRSP_ACTIVE_EOBC_MCAST_FAILED Failed to broadcast heartbeat over active EOBC. Explanation Standby RSP failed to transmit heartbeat to all nodes via active EOBC links. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DISCOVERY Messages EM-1604 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DIAGS-3-SRSP_STANDBY_EOBC_FAILED Heartbeat failed over Standby EOBC, [chars] Explanation Standby RSP has detected an error with the standby eobc link between this standby RSP and one or more line card)(s) Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DIAGS-3-SRSP_STANDBY_EOBC_MCAST_FAILED Failed to broadcast heartbeat over standby EOBC. Explanation Standby RSP failed to transmit heartbeat to all nodes via standby EOBC links. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. DISCOVERY Messages Error Message %PLATFORM-DISCOVERY-0-ERR ASIC-ERR: [chars] Explanation System Controller asic detected a critical error that will bring the node down. A reason text will be supplied. Recommended Action The board will reset and reboot after encountering this error. Check if the board comes up fine after the reboot. If the board does not reboot, try to reload the board manually using CLI. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-0-ERR ASIC-ERR: [chars] Explanation System Controller asic detected a critical error that will bring the node down. A reason text will be supplied. Recommended Action The board will reset and reboot after encountering this error. Check if the board comes up fine after the reboot. If the board does not reboot, try to reload the board manually using CLI. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DISCOVERY Messages EM-1605 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-3-ERR_KD_MMAP Failed to mmap to Kernel dumper information in syspage, error: [chars]. Explanation Failed to mmap to Kernel dumper information in syspages. Recommended Action This is a critical error which will cause process to restart for error recovery. Collect the syslog or console log. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-3-ERR_SET_REBOOT_CAUSE Failed to set reboot cause into syspage, error: [chars]. Explanation The failure on setting reboot cause to syspage before performing Kernel Dump. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-3-RAM_ECC_2BIT ASIC-ERR: RAM error #[dec]: Name equals [chars] #[dec]: Description equals [chars] Explanation Two or more bit ECC error (Uncorrectable) found in a RAM Access. Recommended Action This is a critical error which will cause board-reset. Check if the board comes up fine after reload. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-3-RAM_ECC_2BIT ASIC-ERR: RAM error #[dec]: Name equals [chars] #[dec]: Description equals [chars] Explanation Two or more bit ECC error (Uncorrectable) found in a RAM Access. Recommended Action This is a critical error which will cause board-reset. Check if the board comes up fine after reload. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DISCOVERY Messages EM-1606 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-4-CPU_LATCH ASIC-ERR: CPU error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info latched and follows) Explanation Errors observed on the system controller CPU module. A reason text will be supplied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-CPU_LATCH ASIC-ERR: CPU error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info latched and follows) Explanation Errors observed on the system controller CPU module. A reason text will be supplied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-CPU_NOLATCH ASIC-ERR: CPU error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info lost) Explanation Errors observed on the system controller CPU module for which information may be lost due to other errors. A reason text will be supplied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-CPU_NOLATCH ASIC-ERR: CPU error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info lost) Explanation Errors observed on the system controller CPU module for which information may be lost due to other errors. A reason text will be supplied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DISCOVERY Messages EM-1607 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-4-DEV_LATCH ASIC-ERR: DEV error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info latched and follows) Explanation Errors seen on the device bus. A reason text will be supplied. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-DEV_LATCH ASIC-ERR: DEV error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info latched and follows) Explanation Errors seen on the device bus. A reason text will be supplied. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-DEV_NOLATCH ASIC-ERR: DEV error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info lost) Explanation Errors seen on the device bus for which information was lost due to other errors or some other condition. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-DEV_NOLATCH ASIC-ERR: DEV error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info lost) Explanation Errors seen on the device bus for which information was lost due to other errors or some other condition. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DISCOVERY Messages EM-1608 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-4-PCI_LATCH ASIC-ERR: PCI[dec] error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info latched and follows) Explanation Error was observed on the system PCI bus. Error description is provided. Recommended Action Check if there are any asic errors or asic drivers restarts observed around this error. Check if process ’pci_bus_mgr’ is up and runnning. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-PCI_LATCH ASIC-ERR: PCI[dec] error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info latched and follows) Explanation Error was observed on the system PCI bus. Error description is provided. Recommended Action Check if there are any asic errors or asic drivers restarts observed around this error. Check if process ’pci_bus_mgr’ is up and runnning. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-PCI_NOLATCH ASIC-ERR: PCI[dec] error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info lost) Explanation Error was observed on the system PCI bus for which detailed infromation was lost due to more errors or some other reason. Recommended Action Check if there are any asic errors or asic drivers restarts observed around this error. Check if process ’pci_bus_mgr’ is up and runnning. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-PCI_NOLATCH ASIC-ERR: PCI[dec] error #[dec]: Name equals [chars] #[dec]: Description equals [chars] (info lost) Explanation Error was observed on the system PCI bus for which detailed infromation was lost due to more errors or some other reason. Recommended Action Check if there are any asic errors or asic drivers restarts observed around this error. Check if process ’pci_bus_mgr’ is up and runnning. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DISCOVERY Messages EM-1609 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-4-RAM_ECC_1BIT_THRESH ASIC-ERR: RAM error #[dec]: Name equals [chars] #[dec]: Description equals [chars] Explanation Threshhold reached for single bit ECC (Corrected) errors. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-RAM_ECC_1BIT_THRESH ASIC-ERR: RAM error #[dec]: Name equals [chars] #[dec]: Description equals [chars] Explanation Threshhold reached for single bit ECC (Corrected) errors. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-SRAM_PARITY ASIC-ERR: SRAM error #[dec]: Description equals [chars] Explanation Parity Error detected in SRAM. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-4-SRAM_PARITY ASIC-ERR: SRAM error #[dec]: Description equals [chars] Explanation Parity Error detected in SRAM. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-7-ASMP_ERR_REGS ASIC-ERR: Addr High [hex] Addr Low [hex] Err Attribute [hex], Cause [hex], Command [hex] Explanation Details about the error observed on the PCI bus with Atlantis system controller. Recommended Action No action is required. Platform Messages DISCOVERY Messages EM-1610 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-7-ASMP_ERR_REGS ASIC-ERR: Addr High [hex] Addr Low [hex] Err Attribute [hex], Cause [hex], Command [hex] Explanation Details about the error observed on the PCI bus with Atlantis system controller. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-ASMP_PCI_DETAILS ASIC-ERR: PCI[dec] error #[dec]: Command: [chars], Error Address: [hex] [hex], Error Attribute: [hex] Explanation Details about the error observed on the PCI bus with Atlantis system controller. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-ASMP_PCI_DETAILS ASIC-ERR: PCI[dec] error #[dec]: Command: [chars], Error Address: [hex] [hex], Error Attribute: [hex] Explanation Details about the error observed on the PCI bus with Atlantis system controller. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-CPU_DETAILS ASIC-ERR: CPU error #[dec]: Error Address: [hex], Address Parity Bits: [hex], Error Data: [hex] [hex], Data Parity Bits: [hex] [hex] Explanation Details about the error seen in CPU module. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-CPU_DETAILS ASIC-ERR: CPU error #[dec]: Error Address: [hex], Address Parity Bits: [hex], Error Data: [hex] [hex], Data Parity Bits: [hex] [hex] Explanation Details about the error seen in CPU module. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-DEV_DETAILS ASIC-ERR: DEV error #[dec]: Error Address: [hex] Explanation Details on the device bus error. Recommended Action No action is required. Platform Messages DISCOVERY Messages EM-1611 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-7-DEV_DETAILS ASIC-ERR: DEV error #[dec]: Error Address: [hex] Explanation Details on the device bus error. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-INFO ASIC-ERR: [chars], [dec] Explanation Information message from Discovery driver on software error condition. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-7-INFO ASIC-ERR: [chars], [dec] Explanation Information message from Discovery driver on software error condition. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DISCOVERY-7-PCI_DETAILS ASIC-ERR: PCI[dec] error #[dec]: Command: [chars], Byte Enables: [hex] [hex], Error Address: [hex] [hex], Error Data: [hex] [hex], Parity Bits: [hex] [hex] Explanation Details about the error observed on the PCI bus. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-PCI_DETAILS ASIC-ERR: PCI[dec] error #[dec]: Command: [chars], Byte Enables: [hex] [hex], Error Address: [hex] [hex], Error Data: [hex] [hex], Parity Bits: [hex] [hex] Explanation Details about the error observed on the PCI bus. Recommended Action No action is required. Platform Messages DRP_PAIRING_CLIENT Messages EM-1612 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DISCOVERY-7-RAM_DETAILS ASIC-ERR: RAM error #[dec]: Error Address: [hex], Error Data: [hex] [hex], Recorded ECC Bits: [hex], Calculated ECC Bits: [hex] Explanation Details about the ECC error happenned before. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-RAM_DETAILS ASIC-ERR: RAM error #[dec]: Error Address: [hex], Error Data: [hex] [hex], Recorded ECC Bits: [hex], Calculated ECC Bits: [hex] Explanation Details about the ECC error happenned before. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-SRAM_DETAILS ASIC-ERR: RAM error #[dec]: Error Address: [hex] [hex], Error Data: [hex] [hex], Parity Bits: [hex] Explanation Details on SRAM parity error. Recommended Action No action is required. Error Message %PLATFORM-DISCOVERY-7-SRAM_DETAILS ASIC-ERR: RAM error #[dec]: Error Address: [hex] [hex], Error Data: [hex] [hex], Parity Bits: [hex] Explanation Details on SRAM parity error. Recommended Action No action is required. DRP_PAIRING_CLIENT Messages Error Message %PLATFORM-DRP_PAIRING_CLIENT-7-ERR_DLL_INIT [chars], reason: [chars] Explanation This message indicates that during dra_pairing dll attach, either debugging or ltrace services cannot be initialized. Recommended Action No action is required. Platform Messages DRP_PAIRING Messages EM-1613 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DRP_PAIRING_CLIENT-7-ERR_DLL_INIT [chars], reason: [chars] Explanation This message indicates that during dra_pairing dll attach, either debugging or ltrace services cannot be initialized. Recommended Action No action is required. Error Message %PLATFORM-DRP_PAIRING_CLIENT-7-ERR_DLL_INIT [chars], reason: [chars] Explanation This message indicates that during dra_pairing dll attach, either debugging or ltrace services cannot be initialized. Recommended Action No action is required. DRP_PAIRING Messages Error Message %PLATFORM-DRP_PAIRING-6-NON_DRP_NODE WARNING: A node with unknown type or a non DRP node [chars] is used for drp pairing configuration Explanation DRP_PAIRING process will output this informational message during drp pairing configuration commit time only if one or both of the node(s) used to form the drp pair is not a DRP node. Please note that if the node is not in IOX-RUN state, it’s node type will not be determined. Recommended Action No action is required. Error Message %PLATFORM-DRP_PAIRING-6-NON_DRP_NODE WARNING: A node with unknown type or a non DRP node [chars] is used for drp pairing configuration Explanation DRP_PAIRING process will output this informational message during drp pairing configuration commit time only if one or both of the node(s) used to form the drp pair is not a DRP node. Please note that if the node is not in IOX-RUN state, it’s node type will not be determined. Recommended Action No action is required. Error Message %PLATFORM-DRP_PAIRING-6-NON_DRP_NODE WARNING: A node with unknown type or a non DRP node [chars] is used for drp pairing configuration Explanation DRP_PAIRING process will output this informational message during drp pairing configuration commit time only if one or both of the node(s) used to form the drp pair is not a DRP node. Please note that if the node is not in IOX-RUN state, it’s node type will not be determined. Recommended Action No action is required. Platform Messages DRP_PAIRING Messages EM-1614 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DRP_PAIRING-6-NOT_SUPPORTED DRP pairing is not supported on CRS-4-CH Explanation Because CRS-DRP is not supported in CRS-1 Series 4 Slots Line Card system, therefore, drp pairing configuration will be disabled also. Recommended Action No action is required. Error Message %PLATFORM-DRP_PAIRING-6-NOT_SUPPORTED DRP pairing is not supported on CRS-4-CH Explanation Because CRS-DRP is not supported in CRS-1 Series 4 Slots Line Card system, therefore, drp pairing configuration will be disabled also. Recommended Action No action is required. Error Message %PLATFORM-DRP_PAIRING-6-NOT_SUPPORTED DRP pairing is not supported on CRS-4-CH Explanation Because CRS-DRP is not supported in CRS-1 Series 4 Slots Line Card system, therefore, drp pairing configuration will be disabled also. Recommended Action No action is required. Error Message %PLATFORM-DRP_PAIRING-7-ERR_CERR_REG Failed to register with CERR Handler. [chars] Explanation -- Recommended Action ’*NONE*’ Error Message %PLATFORM-DRP_PAIRING-7-ERR_DSC_NODEID Unable to determine the dSC nodeid Explanation -- Recommended Action ’*NONE*’ Error Message %PLATFORM-DRP_PAIRING-7-ERR_EVM_CREATE Event manager create failed. [chars] Explanation -- Recommended Action ’*NONE*’ Platform Messages DRP_PAIRING Messages EM-1615 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DRP_PAIRING-7-ERR_GET_MY_NODEID Failed to get my own nodeid. [chars] Explanation -- Recommended Action ’*NONE*’ Error Message %PLATFORM-DRP_PAIRING-7-ERR_PROC_BLOCK [chars] Explanation -- Recommended Action ’*NONE*’ Error Message %PLATFORM-DRP_PAIRING-7-ERR_SERVER_INIT Unable to initialize drp_pairing server. [chars] Explanation -- Recommended Action ’*NONE*’ Error Message %PLATFORM-DRP_PAIRING-7-ERR_SYSDB_ACCESS SysDB operation failed. [chars] Explanation -- Recommended Action ’*NONE*’ Error Message %PLATFORM-DRP_PAIRING-7-ERR_THREAD_CREATE Unable to create a thread. [chars] Explanation -- Recommended Action ’*NONE*’Platform Messages DSC Messages EM-1616 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DSC Messages Error Message %PLATFORM-DSC-1-ERR_LOST_ALL_FABRIC_RACKS Lost Connection to all Fabric Racks Explanation This node has lost connectivity with all fabric racks before the fabric planes came up. This could be a control ethernet problem or the fabrics have reloaded. Recommended Action Check if fabric chassis are up. If up, check control-ethernet connectivity between this chassis and Fabric chassis. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_DSC_INIT [chars] - error : [chars] , exiting... Explanation The dsc process failed in initialization. This indicates that there was a software error during initialization. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Verify that the dsc process is up and running by executing the following command at the CLI of the active RP: ’show process dsc’ If it is still non-operational, restart the driver by executing the following command at the CLI of the active RP: ’process restart dsc’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_DSC_INIT [chars] - error : [chars] , exiting... Explanation The dsc process failed in initialization. This indicates that there was a software error during initialization. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Verify that the dsc process is up and running by executing the following command at the CLI of the active RP: ’show process dsc’ If it is still non-operational, restart the driver by executing the following command at the CLI of the active RP: ’process restart dsc’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_INPUT_PRIORITY [chars] - nodeid : [hex] Explanation Priority given for the node is not applicable. Recommended Action Verify the priority given for this node and enter the correct priority. No action is required. Platform Messages DSC Messages EM-1617 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSC-3-ERR_INTERNAL_SW [chars] - error : [chars], exiting... Explanation An internal software error occured as indicated in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Verify that the dsc process is up and running by executing the following command at the CLI of the active RP: ’show process dsc’ If it is still non-operational, restart the driver by executing the following command at the CLI of the active RP: ’process restart dsc’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_LTRACE_INIT Could not initialize [chars] trace buffer, error [hex] ([chars]) Explanation ltrace initialization failed Recommended Action If continuous, contact tech-support Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_MEM_ALLOC Failed to allocate [dec] bytes, exiting... Explanation The dsc process could not allocate memory. This indicates some problem with the system wide memory. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Verify that the dsc process is up and running by executing the following command at the CLI of the active RP: ’show process dsc’ If it is still non-operational, restart the driver by executing the following command at the CLI of the active RP: ’process restart dsc’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-DSC-3-ERR_MEM_ALLOC Failed to allocate [dec] bytes, exiting... Explanation The dsc process could not allocate memory. This indicates some problem with the system wide memory. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. Verify that the dsc process is up and running by executing the following command at the CLI of the active RP: ’show process dsc’ If it is still non-operational, restart the driver by executing the following command at the CLI of the active RP: ’process restart dsc’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Platform Messages DSC Messages EM-1618 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSC-3-ERR_NULL_SERIAL_ID WARNING ! WARNING ! Received request with zeroed serial number. Assigning rack num [dec] and allowing it to pass, till CSCeg63482 is fixed. If this is multi-chassis, please upgrade ALL RP/SC ROMMONs in this setup to 1.22 ! Explanation Once ROMMON 1.22 is rolled out, all multi-chassis testbeds should upgrade to it to avoid problems of more than one RP getting the same rack number assigned. This msg warns the operator that an RP was detected that had older ROMMON and should be upgraded ASAP. Recommended Action Upgrade the ROMMON to ver 1.32 or more Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_RACK_DOWN Lost connectivity with rack [chars] Explanation This indicates that either the rack is powerdown/shutdown or there is some problem with control ethernet cables or switches between the racks. Recommended Action If the rack is not powerdown or shutdown by the operator, then check the control ethernet connectivity between racks. (Check if the cables are okay and also if the switch is operating normally). Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_SYSDB_CONNECT [chars] - error: [chars] Explanation The dsc process could not open connection with sysdb. Hence the show commands will fail. However, the system will continue to function normally. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSC-3-ERR_TRANSPORT Primary transport connection not ok to node [hex], alternate transport connectivity ok Explanation CRS: This indicates that there is a problem with control ethernet cables or switches to that node. C12k: This indicates that there is a problem with MBUS communication to that node. Recommended Action CRS: Check the control ethernet connectivity to the node. (Check if the cables are okay and also if the switch is operating normally). C12K: If the error persists for a long time, please check the MBUS communication to the node. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DSC Messages EM-1619 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSC-4-WARNING_RACK_NUM ROMMON RACK_NUM ( equals [dec]) set inconsistent. Explanation ROMMON RACK_NUM variable setting is different from the node_id rack field setting. Recommended Action Set ROMMON RACK_NUM to proper rack number per chassis rack field Error Message %PLATFORM-DSC-5-NOTICE_RACK_NUM ROMMON RACK_NUM set to 0. Explanation ROMMON RACK_NUM variable set to 0. Recommended Action No action is required. Error Message %PLATFORM-DSC-6-INFO_I_AM_DSC Setting myself as DSC Explanation Informational message notifying current DSC in system Recommended Action No action is required. Error Message %PLATFORM-DSC-7-ERR_RACK_DELETE [chars]. rack equals [dec], [chars] Explanation An internal software error occured and this rack could not be removed. Recommended Action No action is required. Error Message %PLATFORM-DSC-7-ERR_RACK_OIR Config cleanup failed following rack [dec] removal - [chars]. error: [chars] Explanation Not able to save configuration for this rack. Recommended Action Examine chassis based on above error msg. Error Message %PLATFORM-DSC-7-ERR_RACK_OIR_TIMEOUT No Response received from configuration manager server. Explanation No response received from configuration manager server. Recommended Action No action is required. Platform Messages DSCMEDIA Messages EM-1620 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSC-7-ERR_STORE_REBOOT_INFO Could not store reboot information for node [hex], [chars] Explanation Chassis APIs that write to non volatile memory failed. Recommended Action No action is required. DSCMEDIA Messages Error Message %PLATFORM-DSCMEDIA-2-ERR_WAIT_REDUNDANCY Waiting for result of active/standby arbitration...keep trying Explanation The redundancy information is needed as an input for the DSC election. Only active cards may become DSC. The information is still unavailable at this time. The DSC election is on hold, waiting for the information to become available. This will prevent proper system operation. Recommended Action If this message happens repeatitively, it indicates a problem, likely in the active/standby arbitration module. Collect information using ’show redundancy’. Error Message %PLATFORM-DSCMEDIA-2-FATAL DSC media fatal error: [chars] Explanation The dsc media dll encountered aa fatal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-ERR_CCTL [chars]; rc equals [chars] Explanation DSC could not read back plane EEPROM. This might affect the booting up of the standby. If the standby does not boot then the work around is to set the rack number to backplane eeprom association using the following cli. (admin-config)#dsc serial serial-id rack rack-num Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DSCMEDIA Messages EM-1621 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSCMEDIA-3-ERR_CCTL [chars]; rc equals [chars] Explanation DSC could not read back plane EEPROM. This might affect the booting up of the standby. If the standby does not boot then the work around is to set the rack number to backplane eeprom association using the following cli. (admin-config)#dsc serial serial-id rack rack-num Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-ERR_EVM [chars] ; rc equals [chars] Explanation DSC Media DLL has encounered the annunciated Event Manager error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-ERR_EVM [chars] ; rc equals [chars] Explanation DSC Media DLL has encounered the annunciated Event Manager error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-ERR_NODEID [chars]; rc equals [chars] Explanation DSC Media DLL failed to get the nodeid. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DSCMEDIA Messages EM-1622 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSCMEDIA-3-ERR_NODEID [chars]; rc equals [chars] Explanation DSC Media DLL failed to get the nodeid. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-ERR_TRANSPORT [chars] Explanation DSC Media DLL has encounered the annunciated transport error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-ERR_TRANSPORT [chars] Explanation DSC Media DLL has encounered the annunciated transport error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-ERROR Error from dsc media dll: [chars] Explanation The dsc media dll encountered an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DSCMEDIA Messages EM-1623 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSCMEDIA-3-ERROR2 Error from dsc media dll: [chars], errno equals [dec] ([chars]) Explanation The dsc media dll encountered an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-READ_PERSIST Unable to [chars] when parsing persistent file [chars]: [chars] ([chars]) Explanation The dsc process attempted to read dcs election information from non-volatile storage, but encountered a problem. This may cause the wrong RP card to get elected as DSC. Recommended Action Verify nvram: filesystem integrity. If this is a persistent problem then: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-3-WRITE_PERSIST Unable to [chars] when writing persistent file [chars]: [chars] ([chars]) Explanation The dsc process attempted to store dcs election information to non-volatile storage, but encountered a problem. This may cause the wrong RP card to get elected as DSC on the next chassis cold boot. Recommended Action Make sure there is free space in local NVRAM. If this is a persistent problem then: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_LOCK [chars] ; rc equals [chars] Explanation DSC media DLL encountered an error while locking a mutex. The operation related to the resource may be affected while the system continues to run normally. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DSCMEDIA Messages EM-1624 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_LOCK [chars] ; rc equals [chars] Explanation DSC media DLL encountered an error while locking a mutex. The operation related to the resource may be affected while the system continues to run normally. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_UNLOCK [chars]; rc equals [chars] Explanation DSC media DLL encountered an error while un-locking a mutex. The operation related to the resource may be affected while the system continues to run normally. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_UNLOCK [chars]; rc equals [chars] Explanation DSC media DLL encountered an error while un-locking a mutex. The operation related to the resource may be affected while the system continues to run normally. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-4-FETCH Unable to [chars] [chars] when fetching initial copy from DSC: [chars] ([chars]) Explanation The process is unable to get an initial copy of the dsc info file from the dsc card. This may cause the wrong RP card to get elected as DSC on the next chassis cold boot. Recommended Action Restarting the dsc process (proc restart dsc) will cause it to retry the operation and normally recover from this condition. If the issue persists: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages DSCMEDIA Messages EM-1625 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSCMEDIA-4-LISTEN Unable to listen for multicast messages: [chars] ([chars]) Explanation The process is unable to register to receive multicast messages. This means that the card will not be able to update local non-volatile data with the latest dsc election information coming from remote nodes. This may cause the wrong RP card to get elected as DSC on the next chassis cold boot. Recommended Action Restarting the dsc process will cause it to re-register to receive dsc persisted updates. If the issue persists: Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-4-NO_CSC_SN Could not read Serial Numbers of the Fabric Cards slot 16 & 17; errno equals [dec] ([chars]) Explanation Serial Numbers of the Fabric Cards (slots 16 and 17) are used to help determine chassis nativity for the Logical Routers feature. Chassis nativity is part of the algorithm to ensure that on a cold boot, the right RP is elected as the DSC and provides Logical Router boundaries to other RP cards. The lack of CSC serial numbers may cause the wrong RP to be elected DSC when RP cards are shuffled from one chassis to another and a cold boot is performed. Recommended Action Ensure that Fabric CSC cards are properly inserted in the chassis. Error Message %PLATFORM-DSCMEDIA-4-WARNING Warning from dsc media dll: [chars] Explanation The dsc media dll encountered an internal software warning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-DSCMEDIA-4-WARNING2 Warning from dsc media dll: [chars], errno equals [dec] ([chars]) Explanation The dsc media dll encountered an internal software warning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages EIO Messages EM-1626 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-DSCMEDIA-6-DSC_ELECTED This node is now [chars] Explanation A new dSC has been elected. Recommended Action No action is required. EIO Messages Error Message %PLATFORM-EIO-4-ERR_LWM_SEND EIO library failed to send message; rc equals [chars], exiting... Explanation The EIO Library encountered LWM error, therefore failed to send pulse. The System Manager process (sysmgr) will automatically respawn the annunciated process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_ECM [chars]; rc equals [chars], exiting... Explanation The EIO Library encountered ECM error, therefore failed to send pulse. The System Manager process (sysmgr) will automatically respawn the annunciated process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_ECM [chars]; rc equals [chars], exiting... Explanation The EIO Library encountered ECM error, therefore failed to send pulse. The System Manager process (sysmgr) will automatically respawn the annunciated process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages EIO Messages EM-1627 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-EIO-7-ERR_EDM_INIT [chars]; rc equals [chars] Explanation The EIO library was unable to register with sysdb as an EDM. The System should still continue to function as normal, with the exception that the ’show’ commands for EIO will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_EDM_INIT [chars]; rc equals [chars] Explanation The EIO library was unable to register with sysdb as an EDM. The System should still continue to function as normal, with the exception that the ’show’ commands for EIO will not be available. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_LINK_TRAINING [chars]; [chars] Explanation The Chip-to-Chip connecting link encountered the annunciated link training error. This link connects the two adjacent ASIC and its required to be in trained state for the ASIC’s to commuincate control and data reliably over this channel. In general this is a recoverable error as the ASIC driver’s will re-train the link on seeing this error. Recommended Action Use the following CLI to make sure the link is properly trained. - show controller driver-name eio links all loc If this problem is seen consistently, Run the field diags on the board. If it is possible to isolate the trigger point for this failure, collect all the necessary info (condition) that caused the error. Reload the MSC to avoid inconsistent behavior of the system If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_LINK_TRAINING [chars]; [chars] Explanation The Chip-to-Chip connecting link encountered the annunciated link training error. This link connects the two adjacent ASIC and its required to be in trained state for the ASIC’s to commuincate control and data reliably over this channel. In general this is a recoverable error as the ASIC driver’s will re-train the link on seeing this error. Recommended Action Use the following CLI to make sure the link is properly trained. - show controller driver-name eio links all loc If this problem is seen consistently, Run the field diags on the board. If it is possible to isolate the trigger point for this failure, collect all the necessary info (condition) that caused the error. Reload the MSC to avoid inconsistent behavior of the system If the Platform Messages EIO Messages EM-1628 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_LWM_SEND EIO library failed to send message; rc equals [chars], exiting... Explanation The EIO Library encountered LWM error, therefore failed to send pulse. The System Manager process (sysmgr) will automatically respawn the annunciated process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger MSC reload. After a certain number of MSC reloads, the shelf manager will permanently shutdown the MSC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_MEM_ALLOC EIO library failed to allocate [dec] bytes Explanation The EIO library was unable to allocate memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-EIO-7-ERR_MEM_ALLOC EIO library failed to allocate [dec] bytes Explanation The EIO library was unable to allocate memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-EIO-7-ERR_REGISTER_GET [chars]; rc equals [chars] Explanation The EIO library encountered the annunciated register access error. This could result in inconsistent behavior of the device/system. Recommended Action Run diags on the board. If it is possible to isolate the trigger point for the read failure, collect all the necessary info (condition) that caused the error. Reload the MSC to avoid inconsistent behavior of the system because of this read failure. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages ENVMON_MON Messages EM-1629 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-EIO-7-ERR_REGISTER_GET [chars]; rc equals [chars] Explanation The EIO library encountered the annunciated register access error. This could result in inconsistent behavior of the device/system. Recommended Action Run diags on the board. If it is possible to isolate the trigger point for the read failure, collect all the necessary info (condition) that caused the error. Reload the MSC to avoid inconsistent behavior of the system because of this read failure. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_REGISTER_SET [chars]; rc equals [chars] Explanation The EIO library encountered the annunciated register access error. This could result in inconsistent behavior of the device/system. Recommended Action Run diags on the board. If it is possible to isolate the trigger point for this failure, collect all the necessary info (condition) that caused the error. Reload the MSC to avoid inconsistent behavior of the system because of this failure. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-EIO-7-ERR_REGISTER_SET [chars]; rc equals [chars] Explanation The EIO library encountered the annunciated register access error. This could result in inconsistent behavior of the device/system. Recommended Action Run diags on the board. If it is possible to isolate the trigger point for this failure, collect all the necessary info (condition) that caused the error. Reload the MSC to avoid inconsistent behavior of the system because of this failure. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ENVMON_MON Messages Error Message %PLATFORM-ENVMON_MON-4-CLEAR_TEMPERATURE_READ_FAIL Envmon process is able to read temperature from various nodes, setting fan speed as per ambient temperature Explanation The envmon_mon process which has previously not been able to read the temperature from various nodes, is now able to read the temperature from atleast one node. Subsequently, the fan speed will be adjusted as per the mean_temp calculation. Recommended Action No action is required. Platform Messages ENVMON_MON Messages EM-1630 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON_MON-4-SET_TEMPERATURE_READ_FAIL Envmon process has not been able to read temperature from various nodes for past 7 minutes, setting fan speed to maximum to prevent chassis from heating up Explanation The envmon_mon process has not been able to read the temperature from various nodes for the last 5 iterations. This is most likely due to a communications error with remote nodes. Due to this, envmon_mon has no visibility into whether the chassis is being cooled properly or not. So the fans are being set to maximum speed to cover for any potential thermal issues during this time. Once the temperatures are readable, the fan speed will automatically be adjusted as per the ambient temperature. Recommended Action Check the communication with the remote nodes. Check if ’show environment temperatures’ from admin and exec mode yield any output. If not, please contact support team for further debug and assistance. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ENVMON_MON-4-TEMPERATURE_READ_FAIL Envmon process has been [chars] to read temperature from various nodes Explanation Two possibilities to this message 1) The envmon_mon process has been unable to read the temperature from various nodes for the last 5 iterations. This is most likely due to a communications error with remote nodes. Due to this, envmon_mon has no visibility into whether the chassis is being cooled properly or not. So the fans are being set to maximum speed to cover for any potential thermal issues during this time. Once the temperatures are readable, the fan speed will automatically be adjusted as per the ambient temperature. Setting fan speed to maximum to prevent chassis from heating up. 2) The envmon_mon process which has previously not been able to read the temperature from various nodes, is now able to read the temperature from atleast one node. Subsequently, the fan speed will be adjusted as per the mean_temp calculation. Setting fan speed as per ambient temperature. Recommended Action Check the communication with the remote nodes. Check if ’show environment temperatures’ from admin and exec mode yield any output. If not, please contact support team for further debug and assistance. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. No action is required if the envmon process is able to read telperature.Platform Messages ENVMON Messages EM-1631 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ENVMON Messages Error Message %PLATFORM-ENVMON-0-CARD_OVERTEMP_SHUTDOWN Slot [chars] temperature [dec].[dec]C at or above STT [dec].[dec]C Explanation Card temperature has risen over shutdown threshold. Card shutdown commencing. Recommended Action Verify the failure, use show env to help. If the failure does not alleviate, call your technical support representative for repair or replacement. Error Message %PLATFORM-ENVMON-0-CHASSIS_OVERTEMP_SHUTDOWN Chassis ambient temperature [dec].[dec]C at or over shutdown T3 threshold [dec].[dec]C Explanation Chassis ambient temperature has risen at or over T3 threshold. Entire chassis shutdown commencing. Recommended Action Call your technical support representative. Error Message %PLATFORM-ENVMON-1-CANTSHUT Environmental Monitor was unable to shutdown slot [dec]: [chars] Explanation Envmon attempted to shutdown the specified slot due to severely out-of-range conditions, but was unable to do so. The request to sysldr to shut the card, failed. Recommended Action Attempt to resolve the problem, referring to system log or the show env command outputs. If operation permits, remove and insert the card, or power down the entire router. If the problem is not resolved, call your technical support representative for assistance. Error Message %PLATFORM-ENVMON-1-SHUTDOWN Environmental Monitor initiated shutdown on slot [dec] Explanation An environmental sensor has remained in a dangerous operating range, and sysldr is requested to shutdown card to avoid possible damage. Recommended Action Attempt to resolve the problem, referring to system log or the show env command outputs. If operation permits, remove and insert the card, or power down the entire router. If the problem is not resolved, call your technical support representative for assistance. Platform Messages ENVMON Messages EM-1632 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-1-SPA_CANTSHUT Environmental Monitor was unable to shutdown slot [dec] bay [dec]: [chars] Explanation Envmon attempted to shutdown the specified spa due to severely out-of-range conditions, but was unable to do so. Recommended Action Attempt to resolve the problem, referring to system log or the show env command outputs. If operation permits, remove and insert the spa, or power down the line card having the spa. If the problem is not resolved, call your technical support representative for assistance. Error Message %PLATFORM-ENVMON-1-SPA_SHUTDOWN Environmental Monitor initiated shutdown on slot [dec] bay [dec] Explanation An environmental sensor on the spa has remained in a critical operating range, and is being shutdown to avoid possible damage. Recommended Action Attempt to resolve the problem, referring to system log or the show env command outputs. If operation permits, remove and insert the spa, or power down the line card having the spa. If the problem is not resolved, call your technical support representative for assistance. Error Message %PLATFORM-ENVMON-2-ADDITIVE_POWER_OVERBUDGET Power consumption has exceeded additive supply mode limit by [dec]W; results unpredictable Explanation The power calculated in use by the chassis exceeds that available by the powershelf. This condition could result in an outage of the chassis if action is not immediately taken. Recommended Action Remove some linecards to reduce power consumption, or install a higher capacity powershelf. Error Message %PLATFORM-ENVMON-2-CARD_OVERTEMP Slot [chars] temperature [dec].[dec]C at or above rising T2 threshold [dec].[dec]C Explanation Card temperature has risen at or over critical threshold. Recommended Action Verify the failure, use show env to help. If the failure does not alleviate, call your technical support representative for repair or replacement. Platform Messages ENVMON Messages EM-1633 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-2-CARD_OVERTEMP_CLEAR Slot [chars] temperature [dec].[dec]C returned below falling T1 threshold [dec].[dec]C Explanation Card temperature has returned to operating range. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-CHASSIS_OVERTEMP Chassis ambient temperature [dec].[dec]C at or above rising T2 threshold [dec].[dec]C Explanation Chassis ambient temperature is over critical threshold. Ambient temperature is the average of the temperature inlet sensor for all plugged in cards in the chassis. Recommended Action Verify the failure, use show env to help. Verify the fans have increased to help bring down the temperature. Entire chassis will shutdown at or above T3 threshold. If the failure does not alleviate, call your technical support representative for assistance. Error Message %PLATFORM-ENVMON-2-CHASSIS_OVERTEMP_CLEAR Chassis ambient temperature [dec].[dec]C returned below falling T1 threshold [dec].[dec]C Explanation Chassis ambient temperature has returned to operating range. Ambient temperature is the average of the temperature inlet sensor for all plugged in cards in the chassis. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-ENV_CONDITION Outstanding environmental condition [chars] in the chassis Explanation One or more environmental conditions exits in the chassis. If left unattended, they can result in loss of service or physical equipment damage. Recommended Action Use ’show environment’ command and other system messages to determine the nature of the failure and take corrective action. Error Message %PLATFORM-ENVMON-2-ENV_CONDITION An environmental condition on slot [dec] [chars] Explanation Two possibilities to this message: 1) One or more environmental conditions exist on the specified slot; 2) All environmental conditions on the specified slot have cleared. If env conditions exist and are left untended, they could result in loss of service or even hardware damage. Recommended Action Using the ’show environment’ command and other associate system messages, determine the nature of the failure and take corrective action, including replacement of faulty hardware. No action is required if the env condition is cleared. Platform Messages ENVMON Messages EM-1634 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-2-ENV_POWER_FAILURE The environmental condition on slot [dec] is because of power failure Explanation Powershelf failure environmental conditions exist on the specified slot. If left untended, they could result in loss of service or even hardware damage. Recommended Action Using the ’show environment power-shelf’ command and other associate system messages, determine the nature of the failure and take corrective action, including replacement of faulty hardware. Error Message %PLATFORM-ENVMON-2-ENV_POWER_FAILURE_CLEAR The environmental condition (Power Failure) on slot [dec] is cleared Explanation Power failure environmental conditions on the specified slot have cleared. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-ENV_POWER_FAULT The environmental condition on slot [dec] is because of power fault Explanation Powershelf fault environmental conditions exist on the specified slot. If left untended, they could result in loss of service or even hardware damage. Recommended Action Using the ’show environment power-shelf’ command and other associate system messages, determine the nature of the failure and take corrective action, including replacement of faulty hardware. Error Message %PLATFORM-ENVMON-2-ENV_POWER_FAULT_CLEAR The environmental condition (Power Fault) on slot [dec] is cleared Explanation Power fault environmental conditions on the specified slot have cleared. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-ENV_SLOT_FORCE_CLEAR The environmental condition on slot [dec] has cleared because the slot is no longer monitorable Explanation All environmental conditions on the specified slot have cleared due to the fact that the card was either removed from the slot or was powered down. Recommended Action None required. Platform Messages ENVMON Messages EM-1635 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-2-ENV_SPA_FORCE_CLEAR The environmental condition on slot [dec] bay [dec] has cleared because the SPA is no longer monitorable Explanation All environmental conditions on the specified spa have cleared due to the fact that the spa was either removed from the card or was shut down. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-FAN The fan array ([chars]) has reached [chars] level. Explanation The fan array specified has reached a warning or critical level and is approaching or approached a condition that is outside the acceptable range. Recommended Action Verify the failure and call your technical support representative for repair or replacement. Error Message %PLATFORM-ENVMON-2-FAN_CLEAR Fan failure cleared on slot [chars], fan [dec], RPM [dec] Explanation The indicated fan has measured RPM returning to operating level. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-FAN_CLEAR The fan array ([chars]) has returned to a normal level. Explanation The fan sensor/array has returned to a level that is within the acceptable range. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-FAN_FAIL Fan failure on slot [chars], fan [dec], RPM [dec] Explanation The indicated fan has measured RPM below operating level. Recommended Action Verify the failure, use show env to help. If the failure does not alleviate, call your technical support representative for repair or replacement. Error Message %PLATFORM-ENVMON-2-FANTRAY_CLEAR Fantray failure cleared on slot [chars] Explanation All fans on indicated fantray returned RPMs to operating level. Recommended Action None required. Platform Messages ENVMON Messages EM-1636 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-2-FANTRAY_FAIL Fantray failure on slot [chars] Explanation One or more fans on indicated fantray measured RPM below operating level. Remaining fans in operation on this fantray running at full speed. Recommended Action Verify the failure, use show env to help. If the failure does not alleviate, call your technical support representative for repair or replacement. Error Message %PLATFORM-ENVMON-2-OVERTEMP [chars] temperature has reached [chars] level Explanation The temperature sensor specified has reached a warning or critical level and is approaching or approached a condition that is outside the acceptable range. Recommended Action Attempt to resolve the temperature problem. Check all unit doors are in place and closed. Check fans are operating. Remove affected cards, check how hot they are and allow to cool and reinsert. Operation of over-temperature equipment is not recommended due to equipment damage. If problem not resolved by above steps, power unit off and call your technical support representative for assistance. Error Message %PLATFORM-ENVMON-2-OVERTEMP_CLEAR [chars] temperature has returned to a normal level Explanation The temperature sensor specified has returned to a level that is within the acceptable range. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-POWER_BUDGET_OK Power consumption is back within [chars] supply mode limits Explanation The power calculated in use by the chassis has returned to a value that is within the power supplied by the powershelf. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-POWERSUPPLY_CURRENT [chars] current has reached [chars] level at [dec] A (scan# equals [unsigned int]) Explanation The current supply specified has reached a critical level and is now out of specification. Recommended Action Verify the failure and call your technical support representative for repair or replacement. Platform Messages ENVMON Messages EM-1637 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-2-POWERSUPPLY_CURRENT_CLEAR [chars] current has returned to a normal level at [dec] A (scan# equals [unsigned int]) Explanation The voltage supply specified has returned to a level that is within the acceptable range. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-POWERSUPPLY_NONOP [chars] is Non-Operational Explanation The power supply specified has become non-operational. Recommended Action Verify the failure and call your technical support representative for repair or replacement. Error Message %PLATFORM-ENVMON-2-POWERSUPPLY_NONOP_CLEAR [chars] has become operational Explanation The power supply specified has returned to an operational state. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-POWERSUPPLY_VOLTAGE [chars] voltage has reached [chars] level at [dec] V (scan# [unsigned int]) Explanation The voltage supply specified has reached a critical level and is now out of specification. Recommended Action Verify the failure and call your technical support representative for repair or replacement. Error Message %PLATFORM-ENVMON-2-POWERSUPPLY_VOLTAGE_CLEAR [chars] voltage has returned to a normal level at [dec] V (scan# equals [unsigned int]) Explanation The voltage supply specified has returned to a level that is within the acceptable range. Recommended Action None required. Platform Messages ENVMON Messages EM-1638 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-2-REDUNDANT_POWER_OVERBUDGET Power consumption has exceeded redundant supply mode limit by [dec]W; power redundancy lost Explanation The power calculated in use by the chassis exceeds that for which power supply redundancy is available. The chassis now function in additive mode. Recommended Action Remove some linecards to reduce power consumption, or install a higher capacity powershelf to regain power supply redundancy. Error Message %PLATFORM-ENVMON-2-TEMP [chars] temperature has reached [chars] level at [dec](C) Explanation The temperature sensor specified has reached a warning or critical level and is approaching or approached a condition that is outside the acceptable range. Recommended Action Attempt to resolve the temperature problem. Check all unit doors are in place and closed. Check fans are operating. Remove affected cards, check how hot they are and allow to cool and reinsert. Operation of over-temperature equipment is not recommended due to equipment damage. If problem not resolved by above steps, power unit off and call your technical support representative for assistance. Error Message %PLATFORM-ENVMON-2-TEMP_CLEAR [chars] temperature has returned to a normal level at [dec](C) Explanation The temperature sensor specified has returned to a level that is within the acceptable range. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-VOLT_ALARM_SHUTDOWN Voltage sensor [chars] contains value [dec] which is out side of +-10% valid range. Card will be shutdown! Explanation Indicates that a voltage sensor contains value that is out side of expected +-10% range. The card will be shutdown to prevent damage to other components Recommended Action Replace the hardware Error Message %PLATFORM-ENVMON-2-VOLTAGE [chars] voltage has reached [chars] level at [dec] mV Explanation The voltage supply specified has reached a critical level and is now out of specification. Recommended Action Verify the failure and call your technical support representative for repair or replacement. Platform Messages ENVMON Messages EM-1639 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-2-VOLTAGE_CLEAR [chars] voltage has returned to a normal level at [dec] mV Explanation The voltage supply specified has returned to a level that is within the acceptable range. Recommended Action None required. Error Message %PLATFORM-ENVMON-2-VOLTAGE_SUPPLY_FAILED Voltage [chars] equals [dec] not within thresholds Explanation Software periodically reads voltages on fabric cards. If the voltage read is out side of +-10% valid range, this message will be displayed. Recommended Action Replace the hardware Error Message %PLATFORM-ENVMON-3-ASSUME_OLD_E5 slot:[dec] Cannot determine if E5 [chars] supports 12V rail. Assuming legacy E5 card. Explanation The envmon component needs to to know the E5’s hardware type and power controller firmware version in order to determine if the card supports the new daughterboard 12V SPA voltage rail. However, we could not determine one of these components, and so the software is taking the conservative stance of assuming that the E5 does not support the 12V rail. This error should always be preceeded by another envmon E5 related error about the hardware or firmware check failing. Recommended Action *SUPPORT* Error Message %PLATFORM-ENVMON-3-ERR_CARD_UNSUPPORTED Card type [dec] in slot [dec] is not supported by environmental monitoring. The card will not be monitored Explanation The card inserted in the specified slot cannot be monitored. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ENVMON-3-ERR_E5_NOSUPPORT Card type [dec] in slot [dec] needs hardware rework and is not supported by environmental monitoring. The card will not be monitored Explanation The E5 card inserted in the specified slot cannot be monitored since it needs hardware rework. Recommended Action Rework the card. Platform Messages ENVMON Messages EM-1640 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-3-ERR_MARGIN_MODE_UNKNOWN Unknown margin code [hex] Explanation An unknown margin mode was received by the erroring function. Consequently it did not know what to do and has aborted the current action. Recommended Action Reattempt the last action, to see if you can proceed. Even if you can proceed, be sure to have a defect logged to resolve the issue. Error Message %PLATFORM-ENVMON-3-ERR_SLOT_INVALID [chars]: Invalid slot [dec] Explanation Invalid slot number. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ENVMON-3-ERROR_EXIT Envmon process exiting in [chars].[dec], error code [chars] Explanation The Envmon process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process envmon location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ENVMON-3-ERROR_READ_AC Failed mbus read when determining AC/DC Explanation An attempt to read from MBus to determine whether the chassis is AC or DC powered failed. This will result in the supply type reporting as the default of AC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages ENVMON Messages EM-1641 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-3-FANTRAY_ALARM Fantray alarm on slot [chars] Explanation One or more fans on indicated fantray operating at below or above 30% of the set RPM. Remaining fans in operation on this fantray running at full speed. Recommended Action Verify the failure, use show env to help. If the failure does not alleviate, call your technical support representative for repair or replacement. Error Message %PLATFORM-ENVMON-3-FANTRAY_ALARM_CLEAR Fantray alarm cleared on slot [chars] Explanation All fans on indicated fantray operating at the set RPM. Recommended Action None required. Error Message %PLATFORM-ENVMON-3-NON_COMPLIANT_PS Power Supply [chars] is non Cisco compliant, powering off. Explanation Should a non-Cisco power supply be installed into the Cisco QQ chassis, upon detection as non-compliant, IT WILL BE SHUTDOWN. Please note that using non-Cisco power supplies MAY RESULT IN COMPLETE CHASSIS SHUTDOWN due to insufficient power Recommended Action Insert Cisco power supply Error Message %PLATFORM-ENVMON-3-NON_COMPLIANT_PS Power Supply [chars] is non Cisco compliant, powering off. Explanation Should a non-Cisco power supply be installed into the Cisco QQ chassis, upon detection as non-compliant, IT WILL BE SHUTDOWN. Please note that using non-Cisco power supplies MAY RESULT IN COMPLETE CHASSIS SHUTDOWN due to insufficient power Recommended Action Insert Cisco power supply Error Message %PLATFORM-ENVMON-3-OPERATION_FAIL Failed in [chars].[dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This may be a serious failure, however process may continue functioning as expected (or successfully retry) despite the failure. Recommended Action No action is required. Platform Messages ENVMON Messages EM-1642 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-3-UNEXPECTED_PRP_TYPE Unexpected PRP type [hex] in slot [dec]. Assuming PRP-2 Explanation The envmon component received an unexpected PRP type. Recommended Action *SUPPORT* Error Message %PLATFORM-ENVMON-3-UNKNOWN_E5_FW slot:[dec] Cannot determine E5 power controller firmware version. errno equals [hex]:[chars] Explanation The envmon component could not determine the E5’s power controller FW version. Recommended Action *SUPPORT* Error Message %PLATFORM-ENVMON-3-UNKNOWN_E5_HW_TYPE slot:[dec] Cannot determine E5 hardware type. Explanation The envmon component could not determine the E5 type. Recommended Action *SUPPORT* Error Message %PLATFORM-ENVMON-3-UNKNOWN_PEM Unknown PEM[dec] of type [chars]%s, chassis type [dec] Explanation The envmon component could not determine the type of Power Entry Module. This will result in this PEM reporting as a 0W PEM and the power calculations will be inaccurate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ENVMON-3-UNKNOWN_PRP_TYPE Cannot determine PRP type in slot [dec], assuming PRP-2. Explanation The envmon component could not determine the PRP type. The envmon component will treat this PRP as if it was a PRP-2. If this is really a PRP-1 then the show environmental voltage command will list two extra sensors: PLIM_V7_HDD_5V and PLIM_V6_1.5V, and these sensors will have incorrect voltage and margin states, because they do not really exist. Moreover, the PRP1’s PLIM_V4_1.6V volt sensor will be instead listed as PLIM_V4_1.3V. There is no negative impact to the card. Recommended Action *SUPPORT* Platform Messages ENVMON Messages EM-1643 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-4-ALARM [chars] alarm [chars] by [chars] Explanation Two possibilities to this message 1) An alarm has occured. If this is a PEM INPUT1 or INPUT2 failure alarm, then it means that low voltage (40V +/- 1V) or no voltage is present on the input. Due to limitations in the hardware, the ’show environment power’ CLI command is inaccurate at that low voltage level and may show 0V and 0A for the readings, even though the input voltage is non-zero. In such a condition, a high amperage may also be present. Please measure the voltage/current on all failed PEMs with an oHm meter before performing any maintenance on the power supplies. 2) A previously occured alarm has been cleared. If this is ’power shelf circuit breaker error’ alarm, there might be an internal wiring failure. The power shelf circuit breaker trip wire might be touching the chassis or ground. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-4-CLEAR_ALARM [chars] alarm cleared for [chars] Explanation A previously occured alarm has been cleared. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-4-OLD_E5_FW slot:[dec] E5 has downrev power controller firmware. Explanation The envmon component has detected that the E5 in the specified slot has HW capability to support margining and monitoring of the Daughterboard’s 12V SPA rail, but the FW does not. The minimum power controller firmware needed is 0.95. Recommended Action Upgrade the E5’s power controller firmware. Error Message %PLATFORM-ENVMON-4-SET_ALARM [chars] alarm generated by [chars] Explanation An alarm has occured. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-5-ERR_MBUS_EEPROM slot [dec]: Unable to read mbus eeprom contents for PCA Explanation For displaying notification of mbus nonresponsiveness to get eeprom contents. Recommended Action This indicates that mbus request to get eeprom contents for envmon command has timed out. Platform Messages ENVMON Messages EM-1644 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-6-BLWR_LIFECYCLE_RESET Resetting the blower life cycle weekly count for slot [dec] after 5 year of expiry Explanation The blower life cycle weekly count is supported for 5 years. After 5 year expiry restart the life cycle count. Recommended Action None requried Error Message %PLATFORM-ENVMON-6-FAN_INSERT Fan blower inserted into slot [dec] Explanation The fan blower module specified was detected as inserted. Recommended Action None requried Error Message %PLATFORM-ENVMON-6-FAN_REMOVE Fan blower removed from slot [dec] Explanation The fan blower module specified was detected as removed. Recommended Action None requried Error Message %PLATFORM-ENVMON-6-LOW_FAN_SPEED_WARNING [chars] is spinning slow - speed is [dec]RPM (register value equals [hex]) Explanation Informational msg indicating that the fan is spinning very slow. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-6-LOW_FAN_SPEED_WARNING [chars] is spinning slow - speed is [dec]RPM (register value equals [hex]) Explanation Informational msg indicating that the fan is spinning very slow. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-6-PEM_INSERT [chars] inserted into slot [dec] Explanation The power entry module specified was detected as inserted. Recommended Action None requried Platform Messages ENVMON Messages EM-1645 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-6-PEM_REMOVE [chars] removed from slot [dec] Explanation The power entry module specified was detected as removed. Recommended Action None requried Error Message %PLATFORM-ENVMON-6-PS_SHUTDOWN_ERROR Unable to power off non compliant Power Supply [chars] Explanation Indicates that a non Cisco compliant power supply was detected. The attemp to shutdown this power supply has failed for number of tries. Recommended Action Insert Cisco power supply Error Message %PLATFORM-ENVMON-6-PS_SHUTDOWN_ERROR Unable to power off non compliant Power Supply [chars] Explanation Indicates that a non Cisco compliant power supply was detected. The attemp to shutdown this power supply has failed for number of tries. Recommended Action Insert Cisco power supply Error Message %PLATFORM-ENVMON-6-SEND_PULSE_FAIL Failed to send pulse to shelfmgr to notify [chars] Explanation Failure to send pulse to shelfmgr to notify the particular alarm condition. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-6-SEND_PULSE_FAIL Failed to send pulse to shelfmgr to notify [chars] Explanation Failure to send pulse to shelfmgr to notify the particular alarm condition. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-BAG_DECODE_FAILED Bag decode on [chars] failed. Error: [chars] Explanation Could not decode bag Recommended Action None Platform Messages ENVMON Messages EM-1646 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-7-CACHE_TOO_SMALL Cache size ([dec]) is to small for sensor id ([dec]) from SPA in slot:[dec] bay:[dec] Explanation This is a coding defect caught by sanity checks. The envmon subsystem maintains a short term cache for a SPA’s voltage margin values. However, the specified SPA is using sensor ids that are too large for our cache. Consequently we will not be able to store or report the voltage margin value for these offending sensors. Recommended Action *SUPPORT* Error Message %PLATFORM-ENVMON-7-ERR_ASSERT Assertion failure due to [chars] Explanation A fatal internal software error has occurred. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_CHKPT Checkpointing error, [chars] : [chars] Explanation Envmon encountered an error in data checkpointing. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_CHKPT_CREATE Could not create checkpoint entry (key [hex]): [chars] Explanation Envmon encountered an error in data checkpointing. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_CHKPT_DELETE Could not delete checkpoint entry (objid [hex]): [chars] Explanation Envmon encountered an error in data checkpointing. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_CHKPT_ITERATE [chars]: [chars] Explanation Envmon encountered an error in data checkpointing. Recommended Action No action is required. Platform Messages ENVMON Messages EM-1647 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-7-ERR_CHKPT_RESTORE A corrupted checkpoint was detected: key equals [hex], datakey equals [hex]. Entry deleted. Explanation Envmon encountered an error in data checkpointing. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_CHKPT_SAVE Could not save checkpoint entry (key [hex], objid [hex]): [chars] Explanation Envmon encountered an error in data checkpointing. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_DEBUG_REG Debug registration failed ([chars]). Explanation An internal registration call returned an error. Debug commands for the LIB device may not be effective. Normal operation is not affected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ENVMON-7-ERR_DSC_CONNECT Could not contact the dSC: [chars] Explanation Environmental monitoring couldn’t contact the dSC Recommended Action None. Error Message %PLATFORM-ENVMON-7-ERR_DSC_GET Could not determine relationship to dSC: [chars] Explanation Environmental monitoring couldn’t determine if it is running on the dSC or not. Recommended Action None. Error Message %PLATFORM-ENVMON-7-ERR_EDM_INIT Error initializing envmon EDM ([chars]): [chars] Explanation An error occurred while setting up the envmon EDM. Recommended Action No action is required. Platform Messages ENVMON Messages EM-1648 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-7-ERR_EDM_MISSING Unknown error code [hex] Explanation One of the look up routines for the ENV_EDM_ERRS_E enumeration received an unexpected error code. Most likely caused by a new enumerated type being added but the table was not updated, or the look up routines are being passed a value that really isn’t a ENV_EDM_ERRS_E value. Recommended Action None. This is not so bad. These look up routines are suppose to make it easier to debug envmon problems this really has no customer impact, and is only going to make it more troublesome for engineers. Error Message %PLATFORM-ENVMON-7-ERR_EVM_ASYNC_ATTACH Event Manager’s event_async_attach function failed. Error: [chars] Explanation Could not attach an event_handler to handle async messages. Recommended Action None. Environmental Monitoring process will restart automatically Error Message %PLATFORM-ENVMON-7-ERR_EVM_CREATE Event Manager create failed. Error: [chars] Explanation The Event Manager could not be created. Recommended Action None. Environmental Monitoring process will restart automatically Error Message %PLATFORM-ENVMON-7-ERR_INTERNAL [chars]: [chars] Explanation Miscellaneous software error. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_LWM_RECEIVE LWM Message Receive failed. Error: [chars] Explanation The Light-Weight Messaging msg_recieve function failed. Recommended Action None. Environmental Monitoring process will restart automatically Error Message %PLATFORM-ENVMON-7-ERR_LWM_REPLY LWM Message Reply failed. Error: [chars] Explanation The Light-Weight Messaging msg_reply function failed. Recommended Action None. Environmental Monitoring process will restart automatically Platform Messages ENVMON Messages EM-1649 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-7-ERR_MBUS_CEC [chars]: Error reading mbus cec register [hex] on slot [dec] bay [dec]. Status:[hex], Errno:[hex], ErrStr:’[chars]’ Explanation An error occurred reading an MBus CEC register. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_MBUS_READREG [chars]: Error reading mbus register [hex] on slot [dec]: [chars] Explanation An error occurred reading an MBus register. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_MBUS_RECEIVE [chars]: Error receiving MBus message for slot [dec], type [dec]: [chars] Explanation An error occurred reading an MBus register. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_NODEID_CREATE nodeid_create for slot [dec] failed. Error: [chars] Explanation Platform function return error on invocation Recommended Action Ensure the Platform Library is available. Error Message %PLATFORM-ENVMON-7-ERR_PTHREAD [chars]: pthread manipulation error: [chars] Explanation A proccess thread call failed. Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERR_SLOT_EXTRACT [chars] nodeid_extract_fields for nodeid [dec] failed. Error: [chars] Explanation Platform function return error on invocation Recommended Action Ensure the Platform Library is available. Platform Messages ENVMON Messages EM-1650 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-7-ERR_SYSDB_BIND SysDB bind to [chars] failed. Error: [chars] Explanation Could not bind to SysDB Recommended Action Ensure SysDB is available on the system. Error Message %PLATFORM-ENVMON-7-ERR_SYSDB_REG_NOTIFY SysDB register for notification on [chars] failed. Error: [chars] Explanation Could not register for notification in Sysdb Recommended Action None. Environmental Monitoring process will restart automatically Error Message %PLATFORM-ENVMON-7-ERR_SYSDB_REG_VERIF [chars]:[dec] SysDB register configuration verifiers failed. Error: [chars] Explanation Could not register for configuration verification in Sysdb Recommended Action None. Environmental Monitoring process will restart automatically Error Message %PLATFORM-ENVMON-7-ERR_THREAD_CREATE Could not create thread. Error: [chars] Explanation A thread could not be created. Recommended Action None. Environmental Monitoring process will restart automatically Error Message %PLATFORM-ENVMON-7-ERR_TRAP_SEND Error generating Envmon trap notification [chars]: [chars] Explanation An error occurred while generating trap notification to SNMP Recommended Action No action is required. Error Message %PLATFORM-ENVMON-7-ERROR Error, [chars] Explanation Envmon encountered an software error. Recommended Action No action is required. Platform Messages ENVMON Messages EM-1651 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ENVMON-7-EVENT_BLOCK_FAILED Event Manager could not block. Error: [chars] Explanation Could not block on receiving events from sysdb via event manager Recommended Action None. Environmental Monitoring process will restart automatically Error Message %PLATFORM-ENVMON-7-NOT_ON_DSC Environmental monitoring will only run on the dSC Explanation Environmental monitoring only runs on the dSC Recommended Action None. Error Message %PLATFORM-ENVMON-7-OP_DBG Debug [chars]. ([dec],[dec],[dec],[dec],[dec]): error code [chars] Explanation The particular operation mentioned in the message dump data due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ENVMON-7-OPERATION_DEBUG Debug [chars]. ([dec],[dec],[dec]): error code [chars] Explanation The particular operation mentioned in the message provide data due to some failure reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ENVMON-7-SYSMGR_PROC_READY_FAILED System Manager’s proccess ready failed. Error: [chars] Explanation A sysmgr process ready API failed. Recommended Action None.Platform Messages ETH_SRVR Messages EM-1652 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ETH_SRVR Messages Error Message %PLATFORM-ETH_SRVR-3-TX_STALLED Self test detected that control ethernet transmit functionality has stalled. Restarting to recover. Explanation Ethernet server is performing a periodic self test to ensure that transmit has not stalled for any reason. This error msg means that the test failed and transmit has stalled. Eth server will correct the condition by restarting itself and operator needs to do nothing. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-3-TX_STALLED Self test detected that control ethernet transmit functionality has stalled. Restarting to recover. Explanation Ethernet server is performing a periodic self test to ensure that transmit has not stalled for any reason. This error msg means that the test failed and transmit has stalled. Eth server will correct the condition by restarting itself and operator needs to do nothing. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-3-TX_STALLED Self test detected that control ethernet transmit functionality has stalled. Restarting to recover. Explanation Ethernet server is performing a periodic self test to ensure that transmit has not stalled for any reason. This error msg means that the test failed and transmit has stalled. Eth server will correct the condition by restarting itself and operator needs to do nothing. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Platform Messages ETH_SRVR Messages EM-1653 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ETH_SRVR-3-UNKNOWN_FORUS_PAK ethernet driver received an unknown for us packet. Cmd equals [dec] Explanation Ethernet driver received an unknown for us packet. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-3-UNKNOWN_FORUS_PAK ethernet driver received an unknown for us packet. Cmd equals [dec] Explanation Ethernet driver received an unknown for us packet. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-3-UNKNOWN_FORUS_PAK ethernet driver received an unknown for us packet. Cmd equals [dec] Explanation Ethernet driver received an unknown for us packet. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-4-INIT_ERR [chars], error equals [dec] ([chars]) Explanation An error occurred during initialization from which eth server cannot recover. The process will restart on its own to attempt a recovery. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of Platform Messages ETH_SRVR Messages EM-1654 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-4-INIT_ERR [chars], error equals [dec] ([chars]) Explanation An error occurred during initialization from which eth server cannot recover. The process will restart on its own to attempt a recovery. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-4-INIT_ERR [chars], error equals [dec] ([chars]) Explanation An error occurred during initialization from which eth server cannot recover. The process will restart on its own to attempt a recovery. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-4-POISON_PILL_FORUS_PAK ethernet driver received a poison pill for us packet. Cmd equals [dec] Explanation Ethernet driver received a poison pill for us packet. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Platform Messages ETH_SRVR Messages EM-1655 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ETH_SRVR-4-queue_err [chars], buffer equals [pointer] Explanation Application tried to handle a buffer not part of queue. Use the CLI ’show controllers backplane ethernet trace buffstat location node*’ to determine if there is a queue leak. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet trace location node command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet trace location node output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-7-ERR_FSM RECV_FSM: Type: [chars] Fragments: [dec] src: [chars] dest [chars] size: [dec] [chars] Explanation A bad or incomplete frame was received on the node given in the msg. If the messages are not persistent the condition is harmless and no action is required. If the messages are constantly seen, contact tech support with the output of the given command. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet location loc in msg detail command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet location loc in msg detail output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-7-ERR_FSM RECV_FSM: Type: [chars] Fragments: [dec] src: [chars] dest [chars] size: [dec] [chars] Explanation A bad or incomplete frame was received on the node given in the msg. If the messages are not persistent the condition is harmless and no action is required. If the messages are constantly seen, contact tech support with the output of the given command. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet location loc in msg detail command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet location loc in msg detail output, call your Cisco technical support representative and provide the representative with the gathered information.’ Platform Messages ETHER_CTRL_DLL Messages EM-1656 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ETH_SRVR-7-ERR_FSM RECV_FSM: Type: [chars] Fragments: [dec] src: [chars] dest [chars] size: [dec] [chars] Explanation A bad or incomplete frame was received on the node given in the msg. If the messages are not persistent the condition is harmless and no action is required. If the messages are constantly seen, contact tech support with the output of the given command. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show controllers backplane ethernet location loc in msg detail command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show controllers backplane ethernet location loc in msg detail output, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ETH_SRVR-7-INCORRECT_PAK Packet corruption detected in eth_server transmit complete Explanation Ethernet driver got a corrupted packet in its transmit complete, possibly because its client (EES) has zeroed out the packet contents before eth_server is done with the packet. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log. Issue the show buffer-manager region all context, SH_CMD show buffer-manager region all context, dumpcore running jid/process name of eth_server, ingressq, fabricq_mgr, fsdb_server, fsdb_aserver, sfe_driver & fgid_server command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show buffer-manager region all context, SH_CMD show buffer-manager region all context, dumpcore running jid/process name of eth_server, ingressq, fabricq_mgr, fsdb_server, fsdb_aserver, sfe_driver & fgid_server output, call your Cisco technical support representative and provide the representative with the gathered information.’ ETHER_CTRL_DLL Messages Error Message %PLATFORM-ETHER_CTRL_DLL-3-CONNECTION_OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Platform Messages ETHER_CTRL Messages EM-1657 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ETHER_CTRL_DLL-3-MSG_OPERATION_FAIL Failed to [chars], port [dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. ETHER_CTRL Messages Error Message %PLATFORM-ETHER_CTRL-3-ERROR_EXIT Exiting because [chars], error code [chars] Explanation The Ether-Ctrl process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ether-ctrl location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-ETHER_CTRL-3-IF_OPERATION_FAIL [chars], port [dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ETHER_CTRL-3-MGMT_IF_FAIL [chars], port [dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Platform Messages ETHER_CTRL Messages EM-1658 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ETHER_CTRL-3-MUTEX_OPERATION_FAIL [chars], [dec] error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ETHER_CTRL-3-OPERATION_FAIL [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ETHER_CTRL-3-PORT_INDEX_FAIL Port index ([dec]) is out of range, error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ETHER_CTRL-3-UNKNOWN_CODE Unknown code ([dec]) is out of range at [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ETHER_CTRL-4-COUNTER_OVFL [chars], port [dec], counter number [dec] Explanation The particular scenario mentioned in the message was detected for an unknown reason. This is not a critical failure, the process can continue functioning as expected despite the event. Recommended Action Debug message only. No action is required. Platform Messages FABARBITER Messages EM-1659 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ETHER_CTRL-4-XCVR_WARNING [chars] for port ([dec]) is [chars] and disabled Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-ETHER_CTRL-7-INFO [chars] Explanation The particular operation mentioned in the message occured due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. FABARBITER Messages Error Message %PLATFORM-FABARBITER-2-BKR_ERROR Crossbar fabric arbiter driver bkr module error Explanation Crossbar fabric arbiter driver detected a bkr module error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABARBITER-2-BKT_ERROR Crossbar fabric arbiter driver bkt module error Explanation Crossbar fabric arbiter driver detected a bkt module error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FABARBITER Messages EM-1660 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABARBITER-2-CARB_CRM_ERROR Crossbar fabric arbiter driver carb crm error Explanation Crossbar fabric arbiter driver detected a carb crm error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABARBITER-2-CARB_ENQDEQ_ERROR Crossbar fabric arbiter driver carb enqdeq error Explanation Crossbar fabric arbiter driver detected a carb enqdeq error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABARBITER-2-CARB_FIL_ERROR Crossbar fabric arbiter driver carb filter error Explanation Crossbar fabric arbiter driver detected a carb filter error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABARBITER-2-CPU_ACCESS_ERROR Crossbar fabric arbiter driver acess non-exist address location error Explanation Crossbar fabric arbiter driver detected an access non-exist address location error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABARBITER-2-CPU_PERR_ERROR Crossbar fabric arbiter driver cpu parity error Explanation Crossbar fabric arbiter driver detected a parity error from the CPU Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FABIO Messages EM-1661 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABARBITER-2-CPU_PROTOCOL_ERROR Crossbar fabric arbiter driver protocol error Explanation Crossbar fabric arbiter driver detected a protocol error from the CPU Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABARBITER-2-SERDES_ERROR Crossbar fabric arbiter driver serdes error Explanation Crossbar fabric arbiter driver detected a serdes error Recommended Action The error is a momentary error. If this error persists for a period of 60 seconds, please attempt to correct the error by reloading the card using the command: hw-module location reload FABIO Messages Error Message %PLATFORM-FABIO-3-ERR_INGQ_CREATE [chars], pri equals [dec], dir equals [dec], failed[[chars]] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABIO-3-ERR_INGRESS [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FABIO Messages EM-1662 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABIO-3-ERR_INIT [chars], with code([dec]) [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABIO-3-ERR_MEM_ALLOC [chars], for size [dec]. Explanation Failed to allocate memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABIO-3-ERR_Q_LOOKUP qad_q_lookup failed, i equals [dec], dir equals [chars], failed[[chars]] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABIO-3-ERR_QUEUE_FOUND Found unexepected QAD queue [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FABIO-7-ERR_DUPLICATE_STREAMID [chars], stream id [dec] existed Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FABRIC_CTRL Messages EM-1663 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABIO-7-ERR_SEND_PKT [chars], [dec], [dec], rc is [dec] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FABRIC_CTRL Messages Error Message %PLATFORM-FABRIC_CTRL-2-ACTIVE_RP Encountered error when waiting for the active/standby role of the RP. rc equals [hex] Explanation This message indicates that the fabric control process encounter an error when waiting for the active RP notification. Process exits with error. This is either a system resource issue or a software bug. Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-2-CARD_STATE [chars], [hex] Explanation This message indicates that the software tries to set the state of an unknown card. Software is in a bad state. Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Platform Messages FABRIC_CTRL Messages EM-1664 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABRIC_CTRL-2-CHKPT_INIT_FAILED Fabric control failed to initialize for data checkpointing, errno equals [hex] Explanation This message indicates that the fabric control process encountered a problem when trying to initialize data checkpointing. Process will abort. Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Check if system memory is adequate. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-2-CHKPT_REGISTRATION_FAILED Fabric control failed to register for data checkpointing, errno equals [hex] Explanation This message indicates that the fabric control process encountered a problem when trying to registering data for checkpointing. Process will abort. Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Check if system memory is adequate. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-2-ERR_MEM_ALLOC No memory avaliable for [chars] Explanation This message indicates that the system did not have enough memory available. [chars] is the operation for which there was insufficient memory. System is in an unstable state. Recommended Action Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical Platform Messages FABRIC_CTRL Messages EM-1665 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-2-ERR_MEM_ALLOC [chars] Explanation This message indicates that the system did not have enough memory available. [chars] is the operation for which there was insufficient memory. System may be in an unstable state. Recommended Action Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs Error Message %PLATFORM-FABRIC_CTRL-2-ERR_MEM_ALLOC [chars] Explanation This message indicates that the system did not have enough memory available. [chars] is the operation for which there was insufficient memory. System may be in an unstable state. Recommended Action Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs Error Message %PLATFORM-FABRIC_CTRL-2-ERR_REPORT [chars] Explanation This message indicates that an error detected in the fabric hardware as described in [char] Recommended Action Follow the instruction on the error message. If it is a suspected hardware failure, reseat the hardware. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Platform Messages FABRIC_CTRL Messages EM-1666 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABRIC_CTRL-2-EVENT_LOOP Process event loop exited due to unknown errors. Abort Explanation This message indicates that the fabric control process encounter an error in its event dispatcher. Process aborts. This is either a system resource issue or a software bug Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Check if system memory is adequate. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-2-FAILED_SYNCH Slot [dec] does not see fabric clock from [chars] Explanation This message indicates that the card on slot int failed to synchronize clocks with the Master clock. If this condition persists, Slot int is unusable. Recommended Action Check the MBUS agent ROM version of the fabric cards and the card on slot int are up-to-date. Check the fabric loader version on slot int is up-to-date. Check the temperature of the fabric cards. Reseat the card on slot int and all the fabric cards. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Error Message %PLATFORM-FABRIC_CTRL-2-FAILED_TO_RESET_FC Failed to reset fabric card, slot equals [dec] in software Explanation A fabric card failed to reset. This message indicates that the software failed to reset the fabric card on slot int. Slot int is marked as malfunction and is shutdown. Recommended Action Check the MBUS agent ROM version of the fabric cards are up-to-date. Check the temperature of the fabric cards. Reseat the primary CSC card. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Platform Messages FABRIC_CTRL Messages EM-1667 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SEND_CONFIG Failed to send new fabric configuration to slot [dec] after [dec] retries Explanation This message indicates that the linecard on slot int failed to receive the latest fabric configuration data it needs to connect to the fabric. slot int is disconnected from the fabric and is unusable. Recommended Action Reseat the linecard on slot int. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Error Message %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SEND_SLOT_BW Failed sending slot bandwidth info to slot [dec] after [dec] retries Explanation This message indicates that the linecard on slot int failed to receive the latest slot bandwidth data it needs to operate. slot int is disconnected from the fabric and is unusable. Recommended Action Reseat the linecard on slot int. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Error Message %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SYNC_RP Failed to sync RP (slot equals [dec]) to [chars] (slot equals [dec]) Explanation This message indicates that the RP on slot int failed to synchronize its clock with the Master clock. The RP on slot int is unusable if this condition presists. If RP on slot int is the primary RP, then the router is unusable. Recommended Action Check the MBUS agent ROM version of the fabric cards and the RP on slot int are up-to-date. Check the temperature of the fabric cards. Reseat the RP on slot int and all the fabric cards. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Error Message %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SYNC_RP_TO_CSCS Could not synch primary RP (slot equals [dec]) to both CSC1 and CSC0 Explanation This message indicates that the primary RP failed to synchronize its clock with either CSC. If problem persists, router is unusable. Recommended Action Check the MBUS agent ROM version of the fabric cards and the RP on slot int are up-to-date. Check the temperature of the fabric cards. Reseat the RP on slot int and all the fabric cards. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Platform Messages FABRIC_CTRL Messages EM-1668 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SYNC_TO_SELF Failed to sync [chars] (slot [dec]) to itself Explanation This message indicates that the primary CSC failed to synchronize its clock with itself. If problem persists, router is unusable. Recommended Action Check the MBUS agent ROM version of the fabric cards are up-to-date. Reseat the primary CSC card. Check the temperature of the fabric cards. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative. Error Message %PLATFORM-FABRIC_CTRL-2-MBUS_ERROR Unable to send MBUS msg. Error equals [dec] ([chars]) Explanation This message indicates that an error occurred when the card tries to communicate with remote on fabric and chassis management via MBUS. Chassis, LCs and fabric is in a bad state. Recommended Action Verify the MBUS agent ROM version is up-to-date. Reseat the card with the error. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-2-NOTIFY_BW_CHG_ERROR new chassis bandwidth, [dec], cannot be sent to clients. Error: [chars] Explanation This message indicates that chassis bandwidth has changed but fabric control cannot send the info to its clients. Router may be in an unstable state. Recommended Action Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Platform Messages FABRIC_CTRL Messages EM-1669 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABRIC_CTRL-2-PROCESS_INIT Encountered critical problem in initialization of [chars] Explanation This message indicates that the system cannot initialize some critical parts of the fabric software. [chars] are the critical parts that failed. Fabric control process is aborted. Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Check if system memory is adequate. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-3-CARD_ID_FPGA_VERSION_MISMATCH Fabric Card type [hex] has an unsupported FPGA version. Card will be shutdown Explanation This message indicates that fabric card has a wrong or unsupported version of FPGA. Software cannot monitor the fabric card and it is shutdown. Recommended Action Verify the fabric card and chassis is supported by the software. Ensure the fabric card is inserted to the chassis correctly. Provide the ’show diag’ info and contact your Cisco technical support representative. Error Message %PLATFORM-FABRIC_CTRL-3-MBUS [chars], errno equals [hex], [chars] Explanation This message indicates that an error occurred when RP tries to communicate with remote on fabric and chassis management via MBUS. If problem persists, chassis, LCs and fabric is in a bad state. Recommended Action Verify the MBUS agent ROM version is up-to-date. Try to restart fctl and mbus process to see if problem persists: ’process restart fctl’ and ’process restart mbus’. If this is a newly inserted card, try to reseat the card. If problem persists, copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Platform Messages FABRIC_CTRL Messages EM-1670 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABRIC_CTRL-3-MIB_INIT_ERROR [chars] Explanation Unable to initialize the debugging facility of fabric MIB. Other fabric MIB capabilities are not disturbed. Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Check if system memory is adequate. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-3-RESTORE_DATA Encountered error restoring checkpointed data Explanation This message indicates that the system cannot restore checkpointed data of the fabric software. Router may be in an unstable state Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Check if system memory is adequate. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-3-THREAD_CREATE Unable to create thread to detect card insertion/removal for register [dec] : rc equals [hex], [chars] Explanation This message indicates that software encountered an error when creating a thread to detect lincard insertion and removal. Linecards, fabric cards, and RP insertion and removal may not be handled correctly. Recommended Action Try to restart fctl process to see if problem persists ’process restart fctl’. Check if system memory is adequate. Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, Platform Messages FABRIC_CTRL Messages EM-1671 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-3-UNKNOWN_CHASSIS The chassis type is not known from reading the backplane Explanation This message indicates that the software installed on the system does not recognize the chassis type. The Backplane Server has not provided the chassis model. Software cannot monitor the chassis and will abort. Recommended Action Remove all the RPs from the backplane of the chassis except the active RP. Reload the active RP. Insert the other RPs into the chassis after the active RP is booted up in IOS-XR RUN state. If problem persists, copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Error Message %PLATFORM-FABRIC_CTRL-3-UNKNOWN_MSG Unknown msg from slot [dec] with msg type [hex] Explanation This message indicates that the fabric control process received an unknown msg. The message is ignored. Recommended Action Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/pcgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Platform Messages FABRIC_CTRL Messages EM-1672 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FABRIC_CTRL-3-UNSUPPORTED_CHASSIS Chassis type [dec] not supported Explanation This message indicates that the software installed on the system does not recognize the chassis type. Software cannot monitor the chassis fabric. Fabric cards are shutdown. Recommended Action Verify the fabric card and chassis is supported by the software. Reseat the all the fabric cards. If reseating the hardware does not fix the error condition, contact your Cisco technical support representative Error Message %PLATFORM-FABRIC_CTRL-4-MCAST_PRI_CFG multicast-priority config has no effect on this chassis type Explanation This message indicates that hw-module fabric multicast-priority was configured but this configuration has no effect on this chassis. It only applies to non-Sphere 124xx chassis. The chassis type is an internal type value. Recommended Action Customer may wish to deconfigure hw-module fabric multicast-priority, but it is not necesary since this command has no effect on this chassis. Error Message %PLATFORM-FABRIC_CTRL-5-FABRIC_CARD_OIR_INSERTED Fabric card [chars] inserted in slot [dec] Explanation This message indicates that a fabric card on slot int is inserted into the chassis. The fabric control software takes care of its insertion automatically. The chassis fabric and card’s Fabric Interface ASIC are re-configured accordingly. Recommended Action No action required. Error Message %PLATFORM-FABRIC_CTRL-5-FABRIC_CARD_OIR_REMOVED Fabric card [chars] removed from slot [dec] Explanation This message indicates that a fabric card on slot int is removed from the chassis. The fabric control software takes care of its removal automatically. The chassis fabric and card’s Fabric Interface ASIC are re-configured accordingly. Recommended Action No action required.Platform Messages FAN Messages EM-1673 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FAN Messages Error Message %PLATFORM-FAN-0-OVERCURRENT ClkCtrl detected an overcurrent condition on Fan [chars] Explanation ClkCtrl detected an overcurrent condition on Fan Recommended Action Please replace the fan. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FAULT_MGR Messages Error Message %PLATFORM-FAULT_MGR-3-INIT_ERROR Process Initialization Failed: ([chars]%s) Explanation The fault-mgr process failed to initialize. This process controls all ASIC resets on all LC’s for either internal ASIC problems or larger system issues (ie, fabric control). %s - indicates the reason for the failure. There are 3 types of possible failures, these include: - Checkpointing initialization/creation/restore - Server initialization - Client initialization %s - is the decoded error reason Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process fault_mgr location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart fault_mgr location 0/x/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FAULT_MGR-3-MSG_ERROR ERROR while ([chars]%s) Explanation This ios_msg can be used for all kinds of error %s - indicates where the error occured %s - why the error occured Recommended Action Execute ’show process fault_mgr location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart fault_mgr location 0/x/cpu0’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages FAULT Messages EM-1674 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FAULT Messages Error Message %PLATFORM-FAULT-2-LC_RESET Reset LC [dec]: Reason - [chars] Explanation PRP Platform Manager process received an mbus message from the LC fault-mgr process saying the LC will be reloaded. The platform-mgr process is only reporting this message, via mbus, for the LC fault-mgr process - as some HW devices have failed and the slow-path will be down. %d - is the LC that will be reloaded. %s - Contains the reason for the LC reload. Recommended Action The linecard in question will be automatically reloaded to recover. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FAULT-3-LC_DEVICE LC [dec]: Reset Device - [chars] Explanation PRP Platform Manager process received an mbus message from the LC fault-mgr process saying HW devices will be reset. The platform-mgr process is only reporting this message, via mbus, for the LC fault-mgr process - as HW devices are being reset and the slow-path will be down. There will be traffic loss on the LC. %d - is the LC with the faulty device. %s - is the Device and Instance of the fault being addressed. Recommended Action The linecard in question will have the appropriate HW device reset to recover from the HW issue. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FCA Messages Error Message %PLATFORM-FCA-2-CPT_DEV_VERSION_ERROR PHY controller driver version is not compatible with the hardware version. [chars] Explanation PHY controller driver version is not compatible with PHY controller hardware version. Recommended Action Upgrade the PHY controller CPLD image using the FPD procedure, followed by reloading the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1675 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-CPT_PAR_ERROR PHY controller driver detected parity errors Explanation PHY controller driver detected a parity error. Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-CRRS_DEV_VERSION_ERROR Port controller version is not compatible with the hardware version. [chars] Explanation Port controller driver version is not compatible with the hardware version. Recommended Action Upgrade the Port controller FPGA image using the FPD procedure, followed by reloading the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-CRRS_PAR_ERROR Port controller driver detected parity errors Explanation Port controller driver detected a parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-CT2_DEV_VERSION_ERROR Port controller driver version is not compatible with the hardware version. [chars] Explanation Port controller driver version is not compatible with the hardware version. Recommended Action Upgrade the Port controller FPGA image using the FPD procedure followed by reloading the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1676 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-CT2_PAR_ERROR Port controller driver detected parity errors Explanation Port controller driver detected a parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-LB_DEV_VERSION_ERROR PHY controller driver version is not compatible with the hardware version. [chars] Explanation PHY controller driver version is not compatible with the hardware version. Recommended Action Upgrade the PHY controller CPLD image followed by reloading the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-LBO_PAR_ERROR PHY controller driver detected parity errors Explanation PHY controller driver detected a parity error. Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_I2C_PHY_ACK_ERROR SFP I2C PHY Ack error Explanation Port controller driver detected I2C access error on PHY SFP port. Recommended Action Ensure that the SFP plugged in is supported. If not, replace the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1677 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_I2C_PHY_TM_ERROR I2C PHY operation got either aborted/failed Explanation Port controller driver detected I2C timeout error on PHY SFP port. Recommended Action Ensure that the SFP plugged in is supported. If not, replace the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_0 Port controller driver detected a TX fault on the SFP port 0 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_1 Port controller driver detected a TX fault on the SFP port 1 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_10 Port controller driver detected a TX fault on the SFP port 10 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1678 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_11 Port controller driver detected a TX fault on the SFP port 11 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_12 Port controller driver detected a TX fault on the SFP port 12 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_13 Port controller driver detected a TX fault on the SFP port 13 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_14 Port controller driver detected a TX fault on the SFP port 14 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1679 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_15 Port controller driver detected a TX fault on the SFP port 15 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_16 Port controller driver detected a TX fault on the SFP port 16 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_17 Port controller driver detected a TX fault on the SFP port 17 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_18 Port controller driver detected a TX fault on the SFP port 18 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1680 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_19 Port controller driver detected a TX fault on the SFP port 19 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_2 Port controller driver detected a TX fault on the SFP port 2 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_20 Port controller driver detected a TX fault on the SFP port 20 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_21 Port controller driver detected a TX fault on the SFP port 21 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1681 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_22 Port controller driver detected a TX fault on the SFP port 22 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_23 Port controller driver detected a TX fault on the SFP port 23 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_24 Port controller driver detected a TX fault on the SFP port 24 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_25 Port controller driver detected a TX fault on the SFP port 25 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1682 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_26 Port controller driver detected a TX fault on the SFP port 26 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_27 Port controller driver detected a TX fault on the SFP port 27 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_28 Port controller driver detected a TX fault on the SFP port 28 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_29 Port controller driver detected a TX fault on the SFP port 29 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1683 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_3 Port controller driver detected a TX fault on the SFP port 3 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, do SFP OIRs a few times. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_30 Port controller driver detected a TX fault on the SFP port 30 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_31 Port controller driver detected a TX fault on the SFP port 31 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_32 Port controller driver detected a TX fault on the SFP port 32 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1684 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_33 Port controller driver detected a TX fault on the SFP port 33 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_34 Port controller driver detected a TX fault on the SFP port 34 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_35 Port controller driver detected a TX fault on the SFP port 35 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_36 Port controller driver detected a TX fault on the SFP port 36 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1685 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_37 Port controller driver detected a TX fault on the SFP port 37 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_38 Port controller driver detected a TX fault on the SFP port 38 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_39 Port controller driver detected a TX fault on the SFP port 39 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_4 Port controller driver detected a TX fault on the SFP port 4 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1686 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_5 Port controller driver detected a TX fault on the SFP port 5 Explanation Port controller driver detected a TX fault on the SFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_6 Port controller driver detected a TX fault on the SFP port 6 Explanation Port controller driver detected a TX fault on the SFP port 6. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_7 Port controller driver detected a TX fault on the SFP port 7 Explanation Port controller driver detected a TX fault on the SFP port 7. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port 7 interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_8 Port controller driver detected a TX fault on the SFP port 8 Explanation Port controller driver detected a TX fault on the SFP port 8. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port 8 interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1687 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_9 Port controller driver detected a TX fault on the SFP port 9 Explanation Port controller driver detected a TX fault on the SFP port 9. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port 9 interface. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-XFP_I2C_ERROR Port controller driver detected I2C access error on XFP port Explanation Port controller driver detected I2C access error on XFP port. Recommended Action Ensure that the XFP plugged in is supported. If not, please replace the XFP. If the problem persists, please OIR the XFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_0 XFP Link TX fault error on port 0 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIR. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_1 XFP Link TX fault error on port 1 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIRs. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FCA Messages EM-1688 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_2 XFP Link TX fault error on port 2 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIR. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_3 XFP Link TX fault error on port 3 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIR. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_4 XFP Link TX fault error on port 4 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIR. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_5 XFP Link TX fault error on port 5 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIR. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_6 XFP Link TX fault error on port 6 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIR. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FDIAGS Messages EM-1689 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_7 XFP Link TX fault error on port 7 Explanation Port controller driver detected a TX fault on the XFP port. Recommended Action In config mode, do a ’shut’ and ’no shut’ on port interface. Do XFP OIR. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-3-SFP_I2C_ACK_ERROR Port controller driver detected I2C access error on SFP port Explanation Port controller driver detected I2C access error on SFP port. Recommended Action Ensure that the SFP plugged-in is supported. If not, please replace the SFP. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FCA-3-SFP_I2C_TM_ERROR Port controller driver detected I2C timeout error on SFP port Explanation Port controller driver detected I2C timeout error on SFP port. Recommended Action Ensure that the SFP plugged in is supported. If not, please replace the SFP. If the problem persists, please OIR the SFP. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FDIAGS Messages Error Message %PLATFORM-FDIAGS-3-BAD_EE_READ failure reading EEPROM ([chars]) values during Field Diag EEPROM update: EEPROM not updated Explanation After completing Field Diags, the EEPROM update was requested, but there was a read failure during the process. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1690 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-BAD_EE_WRITE failure writing EEPROM @ offset of [hex] during Field Diag EEPROM update: This byte not updated Explanation After completing Field Diags, the EEPROM update was requested, but there was a write failure during the process. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-BAD_F_DIAG_KILL Unable to kill this existing Field Diag process: rc from kill was [dec] Explanation Could not kill that job ID for Field Diags Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-BUFFER_TOO_SMALL The [chars] buffer is too small - need [dec]; have [dec]. Explanation The current IOS-XR field diagnostics command failed because the software found that an internally configured buffer was not large enough. Recommended Action This is an internal software error. Please contact Cisco’s support organization to report this problem. Please collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-CANNOT_GET_JID Cannot determin Job ID for Field Diags process Explanation Error getting JID Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1691 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-CANT_SEND_MBUS_MSG_F cannot send mbus messages: errno [dec]: [chars]() Explanation Unable to complete sending mbus error message Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-FAB_MBUS_NOT_READY Fabric card MBUS Ram Agent not loaded prior to beginning Field Diags Fabric tests Explanation After launching Fabric Field Diagnostics, the fabric card appear not have MBUS Ram Agent loaded within the appropriate time. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Investigate why MBUS Ram agent is not successfully downloaded on the fabric card. Error Message %PLATFORM-FDIAGS-3-FABRIC_NOT_DISCONNECTED Problems occurred while trying to disconnect slot [dec] from the fabric. RC equals [hex] Explanation Field diagnostics encountered a failure while trying to restore the fabric for the slot that was just tested. Field diagnostics uses a FCTL API to disconnect the slot under test from the fabric when it is done. This API failed, returning the specified return value. Recommended Action This is a software error, please contact Cisco support to report this problem. Please collect syslogs, verbose run log, show diags detail and show controller output. If the slot eventually transitions to the IOS XR RUN state, then no further actions are needed. The system cleaned itself up. However, if the slot remains in the FDIAGS FAIL state (because field diagnostics failed) or stays in the FDIAG PASS state (because the user specified the ’wait’ parameter). Then you need to reload the slot to complete the fabric clearing process. Error Message %PLATFORM-FDIAGS-3-FABRIC_NOT_RESTORED Problems occurred while trying to clear the fabric. Explanation Field diagnostics encountered a failure while trying to restore the fabric for the slot that was just tested. Other software errors should have been logged before this to provide details about what failed. Recommended Action This is a software error, please contact Cisco support to report this problem. Please collect syslogs, verbose run log, show diags detail and show controller output. Platform Messages FDIAGS Messages EM-1692 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-FAILED_SYSMGR_FORK Failed to fork Field Diags process: [chars] Explanation Call to fork process for Field Diags failed for given reason Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-FILE_READ_JID_BAD Cannot read jid data from file Explanation Could not read that job ID for Field Diags from the file Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IDLE_CELL_GEN_ADDR [chars]() could not determine the idle cell generation address. Explanation Field diagnostics was not able to determine the idle cell generation address for the router’s fabric. Recommended Action This is a software error, please contact Cisco support to report this problem. Please collect syslogs, verbose run log, show diags detail and show controller output. Error Message %PLATFORM-FDIAGS-3-IF_BAD_HALT_OPEN Unable to open Field Diags halt request file [chars]: [chars] Explanation Error opening halt request file. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1693 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-IF_BAD_HALT_WRITE Unable to write Field Diags halt request to file [chars]: [chars] Explanation Error writing HALT request file Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IF_BAD_JID_OPEN Unable to open Field Diags state file [chars]: [chars] Explanation Error opening JID file Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IF_BAD_JID_READ Unable to read Field Diags state from file [chars]: [chars] Explanation Error reading JID file Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IF_BAD_JID_WRITE Unable to write Field Diags state to file [chars]: [chars] Explanation Error writing JID file Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1694 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-IF_FAIL_CONN_SYSLDR_F could not connect to LWM [chars] in [chars]() Explanation Failed to Connect to sysloader initially Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IF_FAIL_SEND_SYSLDR_F could not send LWM in [chars]() Explanation Failed to Connect to sysloader initially Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IF_FAIL_SYSLDR_DISCONNECT_F could not LWM disconnect from [chars] in [chars]() Explanation Failed to Connect to sysloader initially Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IF_FAIL_UUT_LAUNCH UUT launch failed ([chars]). Exiting. Explanation Failed to Connect to sysloader initially Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1695 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-IF_INACTIVITY_TIMEOUT No response from UUT in ~[dec] minutes ([dec] seconds). exiting Explanation No communication from the UUT in a while. UUT likely became inoperable. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-IF_NON_EXISTANT_JID_OPEN Unable to open Field Diags state file [chars]: [chars] Explanation Error opening JID file Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-ILLEGAL_FSM_STATE internal (FSM) state change ILLEGAL: was [chars], attempted [dec] Explanation Bad internal state change Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-INVALID_FABRIC 40G fabric is not supported on 12x04 chassis Explanation Field diagnostics has been asked to do a 40G operation on a 12x04 chassis, which is not a supported fabric chassis combination. Field diagnostics is proceeding with the action as if this where not a 40G fabric. Recommended Action This is a software error, please contact Cisco support to report this problem. Please collect syslogs, verbose run log, show diags detail and show controller output. Platform Messages FDIAGS Messages EM-1696 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-INVALID_SLOT [chars]() encountered an invalid slot ([dec]) Explanation Field diagnostics validated a slot value before using it and found that it was invalid. Consequently this event was raised. Other field diagnostics errors will be raised to further explain the impact of this problem. Recommended Action This is a software error, please contact Cisco support to report this problem. Please collect syslogs, verbose run log, show diags detail and show controller output. Error Message %PLATFORM-FDIAGS-3-MALFORMED_INSTALL_PATH [chars]. Failing path is ([chars]) Explanation The field diagnostics proxy on the standby RP has received an install path from the install infrastructure, but it is not formatted as expected. Consequently field diagnostics is not able to execute on the standby RP. Recommended Action Internal error: Contact Cisco’s TAC. Collect screen output from the active and standby consoles, syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-MS_NODE_ID_CREATE_FAIL_F Could create nodeid for slot [dec]: [chars] in [chars]() Explanation Failed to create a node identifier. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-MS_PRI_CLK_READ misc svcs: [chars]: could not read primary clock Explanation Failed to read Primary Clock from fctl Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1697 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-MS_READ_REG_FAIL Failed to read register [hex] from slot [dec]. Errval equals [hex]. Explanation Failed to read a slot-specific register via an mbus-access Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-MS_UNDEF_MS_MSG misc svcs: [chars]: Undefined MBUS_MISC_SVCS message received: Ignored: msg [hex] Explanation Misc services server received an unrecognized message Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-MS_WRITE_REG_FAIL Failed to write [hex] to register [hex] on slot [dec]. Errval equals [hex]. Explanation Failed to write a slot-specific register via an mbus-access Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-MS_XBAR_MAP misc svcs: [chars]: could not read xbar map Explanation Failed to read xbar map from fctl Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1698 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-NO_PRIMARY_CSC Cannot determine which CSC is the primary. RC:[dec]-[dec] Explanation Field diagnostics needs to know which CSC is the primary before it can run on the fabric cards. However, it was not able to determine which CSC was the primary. The field diagnostics run stops. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-NO_TIME_OF_DAY no time of day Explanation Time of Day unavailable internally Recommended Action Time of day (calendar) may not be initialized. Set using the appropriate CLI and options. Error Message %PLATFORM-FDIAGS-3-NODE_ID_EXTRACTION_FAILED Failed to extract node id from var: line [dec] Explanation One of the calls to a node ID extraction function returned an error Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-NON_UUT_IN_STATE Unexpected message received during UUT_ON state: sub-msg [hex] from slot [dec] Explanation Field Diags was not expecting this type of message at this time. If this problem persists and diags does not complete, Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1699 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-PROBLEM_WITH_FDIAG_REQUEST Failed to validate field diagnostic request. Unexpected return code: [dec] Explanation There is some problem with field diagnostic software since a function has returned an unexpected value. Internal error: Contact Cisco’s TAC. This error could be a software problem. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-PROG_REG_FAIL Failed [chars] write [hex] to register [hex] on slot/broadcast group [dec]. Errval equals [hex] Explanation Failed to write a value to the register in the specified slot or broadcast group. Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-RESTORE_DEFAULT_RAM_AGENT FAILURE re-loading default mbus ram agent Explanation This card requires a special version of mbus Ram Agent for compatibility with diags for C2W requests for SPA communication Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-RP_FILE_PATH Unable to obtain file path for RP field diagnostics image. Fail code: [hex] Explanation The field diagnostics proxy on the standby RP was not able to determine the file path for the RP’s field diagnostics binary. An infrastructure function failed, returning the fail code displayed. Consequently, field diagnostics is not able to execute on the standby RP. Recommended Action Internal error: Contact Cisco’s TAC. Collect screen output from the active and standby consoles, syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1700 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-RP_INSTALL_PATH Unable to obtain install path for RP field diagnostics image. Fail code: [hex] Explanation The field diagnostics proxy on the standby RP was not able to determine the install path for the RP’s field diagnostics binary. An infrastructure function failed, returning the fail code displayed. Consequently, field diagnostics is not able to execute on the standby RP. Recommended Action Internal error: Contact Cisco’s TAC. Collect screen output from the active and standby consoles, syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-SPA_ID_FAIL Unable to identify SPA’s inserted in slot [dec] Explanation The field diags processs was unable to determine which SPAs where inserted in the SIP. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-SPA_UNSUPPORTED_INSTANCE Requested instance ([dec]) (bay) not supported by this UUT (min equals [dec], max equals [dec]) Explanation Spa bay requested not supported Recommended Action Select a spa bay in within the appropriate range Error Message %PLATFORM-FDIAGS-3-SPCL_RAM_AGENTDL_FAILED Download of LC Ram Agent diag_mbus_ram.ucode failed Explanation Download of diag_mbus_ram.ucode failed Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1701 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-SYSDB_BIND_FAILURE Cannot connect to the system data base. Field diagnostics cannot be run. Explanation Cannot bind to path /admin/oper/instmgr-edm/gl in the system data base. This path is used to get the current setting of the config-register on the standby RP. Internal error: Contact Cisco’s TAC. This error could be a software problem. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-SYSLDR_RESULT_CODE_OUT_OF_BOUNDS Result code from sysloader ([dec]) exceeds list of known messages Explanation Coding violation: Sysldr code returns unexpected cause. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-SYSTEM_ERR_NO_CONTINUE Sysldr reporting error - Field Diags will not commence testing Explanation Sysldr reporting error - time to quit Field Diags Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-T_O_D_CONVERT_ERR time of day conversion error Explanation Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Internal Time Of Day conversion error Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1702 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-3-UNRECOGNIZED_CARD Card type ([dec]) is NOT recognized Explanation This card type is not recognized in this version Recommended Action If available, upgrade to a more recent version of the diags component. Error Message %PLATFORM-FDIAGS-3-UNSUPP_CARD Card type not supported Explanation This card type is not supported in this version Recommended Action if available, upgrade to a more recent version of the diags component. Error Message %PLATFORM-FDIAGS-3-VARIABLE_GET Unable to get variable ’[chars]’. Fail code: [hex] Explanation The field diagnostics proxy on the standby RP was not able to obtain the specified environment variable. Consequently it was not able to adjust the environment to run the field diagnostics application on the standby RP. Recommended Action Internal error: Contact Cisco’s TAC. Collect screen output from the active and standby consoles, syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-3-VARIABLE_SET Unable to set variable ’[chars]’. Fail code: [hex] Explanation The field diagnostics proxy on the standby RP was not able to modify the specified environment variable. Consequently it was not able to adjust the environment to run the field diagnostics application on the standby RP. Recommended Action Internal error: Contact Cisco’s TAC. Collect screen output from the active and standby consoles, syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-4-BOOT_ALREADY_SET BOOT variable is already set. Explanation The field diagnostics proxy on the standby RP was attempting to modify the standby’s environment variables in order to run the field diagnostics binary. However, it found that the BOOT variable was already set. This is unexpected, but should not be harmful. The application continued with its attempt to load and run the field diagnostics application on the standby RP. Recommended Action If the warning continuously appears when running field diagnostics on the standby RP, or if the standby RP fails to load and launch the field diagnostics application then contact Cisco’s TAC. Collect screen output from the active and standby consoles, syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1703 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-4-ERROR_AFTER_RESULTS_REPORT Unexpected return value from reporting results to sysldr: [chars] Explanation Resulting response from sysldr after reporting final results indicates a non-happy sysldr. Reason in string from sysldr Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-4-SYSDB_ITEM_GET_FAILURE There is a problem with the standby RP state. Field diagnostics cannot be run Explanation The standby RP does not respond to a configuration query from the active RP. The system data base (sysdb) get of the tuple /admin/oper/instmgr-edm/gl/config-register has failed for the standby RP. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Check the current state of the standby RP using the ’show platform’ command. Error Message %PLATFORM-FDIAGS-4-UNEXP_MSV_SUB_MSG Unexpected Misc Services message subtype [dec] received from slot [dec] Explanation An unexpected MBUS_FDIAG MISC Services message was received from UUT. Possibly a mal-formed or unfinished software enhancement. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-4-UNEXP_SUB_MSG Unexpected message subtype [dec] received from slot [dec] Explanation An unexpected MBUS_FDIAG message was received from UUT. Possibly a mal-formed or unfinished software enhancement. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1704 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-4-UNSUPPORTED_RP_HW_CONFIG Field diagnostics cannot be run on [chars]. Explanation IOS-XR Field diagnostics is not currently supported on the specified RP configuration. Recommended Action This is a warning. This is not a defect. The user attempted to execute IOS-XR field diagnostics on an unsupported RP configuration. Error Message %PLATFORM-FDIAGS-4-WRONG_CONFIG_REG_VAL WARNING: Field diagnostics cannot be run with the current config-register setting Explanation The router must be configured to auto boot the standby RP from disk if the user wants to run field diagnostics on the standby RP. The config-register setting may have been changed manually to the wrong setting by the user. Recommended Action Configure the router to disk boot the standby RP. Both the BOOT variable and CONFREG variable must be set correctly. The present settings can be displayed using the ’show variables boot’ command when in ADMIN mode. If the BOOT variable appears to be correct then the CONFREG can be set to the correct value (0x102) by issuing the ’config-register 0x102’ command in ADMIN mode. Error Message %PLATFORM-FDIAGS-5-CLEANED_DANGLING_JID_FILE Deleted orphaned Field Diags jid file Explanation A file from a previous instance of Field Diags was left. We have now deleted it. Recommended Action No action required Error Message %PLATFORM-FDIAGS-5-DIAG_ONLY_SUPPORT_IN_IOX_RUNNING_STATE Field Diagnostics can only be invoked when PRP is in IOX Running state. Explanation The field diagnostics can only be invoked when the PRP is in IOX Running state. Recommended Action Not applicable, informational message only Error Message %PLATFORM-FDIAGS-5-DL_DONE Field Diags download completed on slot [dec]. Status: [chars] Explanation This is a notice field diags has been downloaded to the specified slot. The next step is that field diags will start running on the specified slot. Recommended Action Nothing. This is a notice that field diags been downloaded to the specified slot. This is only done when a user manually runs field diags from the CLI. Platform Messages FDIAGS Messages EM-1705 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-5-DL_START Field Diags downloading to slot [dec] Explanation This is a notice that field diags has started to download to the specified slot. Recommended Action Nothing. This is a notice that field diags has started to download to the specified slot. This is only done when a user manually runs field diags from the CLI. Error Message %PLATFORM-FDIAGS-5-DONE Field Diags completed for slot [dec] Explanation This is a notice that field diags has completed on the specified slot. This is the last field diags related message for this slot. Recommended Action Nothing. This is a notice that field diags has stopped on the specified slot. If field diags passed the slot will automatically reload IOS, if if failed, the card will remain offline until it is manually reset by the user. Error Message %PLATFORM-FDIAGS-5-HALT_REQUESTED A halt request is present: Shutting down Field Diags process (FSM) Explanation FSM has detected that a halt is to be initiated Recommended Action nothing. Error Message %PLATFORM-FDIAGS-5-IF_LONGEST_TIME_MSG Longest time inactivity ([dec] secs)(~[dec] minutes) just after [[chars]] Explanation The longest time difference message preceding this Recommended Action none - informational only Error Message %PLATFORM-FDIAGS-5-IF_NO_CONSOLE Can not open /dev/console to write, fdiag quits Explanation Cannot open console for output. Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Platform Messages FDIAGS Messages EM-1706 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-5-IF_TERMINATED_F_DIAGS_OK Successfully terminated Field Diags (jid equals [dec], Field Diags state file [chars]) Explanation Success in terminating Field Diags instance on a particular slot Recommended Action None - Action performed successfully. Error Message %PLATFORM-FDIAGS-5-IF_TOTAL_TEST_TIME Total Test Time: ~[dec] minutes ([dec] seconds) Explanation Ho long this set of tests ran for Recommended Action none - informational only Error Message %PLATFORM-FDIAGS-5-LC_TYPE_DEFAULT_RAM_AGENT Now restoring default ram agent ([chars]) Explanation This card had the diags ram agent loaded for the test, but will now restore the system one Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-5-LC_TYPE_REQUIRES_SPCL_RAM_AGENT Linecard type requires diags_mbus_ram.ucode - downloading Explanation This card requires a special version of mbus Ram Agent for compatibility with diags for C2W requests for SPA communication Internal error: Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. Error Message %PLATFORM-FDIAGS-5-START Field Diags starting on slot [dec] Explanation This is a notice that a user has started field diags on the specified slot. Recommended Action Nothing. This is a notice that field diags was started on the specified slot. Consequently, this slot will be taken offline as the field diags image is downloaded to and run on the slot. Platform Messages FDIAGS Messages EM-1707 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-5-SYSLDR_FINISH_HANDOFF Sysldr notified of completion: params sl:[dec] wait:[hex] diag_stats:[hex] roe_flag:[hex] Explanation Just finishing diag command and telling sysldr to handle finished diags state on the same slot Recommended Action nothing Error Message %PLATFORM-FDIAGS-6-COMPLETE Field Diags COMPLETE on UUT ([chars]) [chars], card type [dec], [chars] s/n [chars] Explanation Field diagnostics has completed, where the message identifies the final status, the card’s numeric and string type as well as its serial number. Recommended Action None. This is an informational message to log the completion status of field diagnostics. Error Message %PLATFORM-FDIAGS-6-OUT [chars] Explanation Non error-specific redirected output from diag process to syslog. This may be test names, progress messages, or failure information generated by the UUT. Recommended Action No action Error Message %PLATFORM-FDIAGS-6-RESULT Field Diags COMPLETE on UUT ([chars]) [chars] card type [dec] [[chars]] s/n [chars] Explanation Field Diagnostics final results Recommended Action No action Error Message %PLATFORM-FDIAGS-6-UUT_OUT UUT [chars]: [chars] Explanation Text output from UUT (Cisco use only) Non error-specific redirected output from diag process to syslog. This may be test names, progress messages, or failure information generated by the UUT. Recommended Action No action Platform Messages FFQ Messages EM-1708 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FDIAGS-6-UUT_OUT_I UUT (init) [chars]: [chars] Explanation Text output from UUT during init state (Cisco use only) Non error-specific redirected output from diag process to syslog. This may be test names, progress messages, or failure information generated by the UUT. Recommended Action No action Error Message %PLATFORM-FDIAGS-7-FORCE_INTO_FSM Forcing into FSM mode, even though sysldr load UUT returned error Explanation Internal use - ignoring sysldr error, continuing to Field Diags FSM Recommended Action nothing Error Message %PLATFORM-FDIAGS-7-NON_HELLO_MSG During Init state, unexpected mbus sub-message [hex] received from slot [dec] Explanation Field Diags was not expecting this type of message at this time. If this problem persists and diags does not complete, Contact Cisco’s TAC. This error could be a software problem or could be related to failing hardware. Please report this to TAC along with other supportive log information to determine the best course of action for this UUT. Recommended Action Internal error: Contact Cisco’s TAC. Collect syslogs, verbose run log and show diags detail. FFQ Messages Error Message %PLATFORM-FFQ-0-SW_INIT_ERR A software error occurred in the FromFab driver component during initialization: [chars] Explanation The fabricq_prp_driver process which controls the FromFab driver on the route processor has failed to initalize and cannot recover automatically. This is a software fault. The FromFab driver controls the hardware that receives data from the fabric. It runs in the fabricq_prp_driver process. An unrecoverable failure of the fabricq_prp_driver process may prevent this route processor card from communicating with other cards on the chassis. %s indicates the type failure Recommended Action Restart the fabricq_prp_driver process with the following command: ’process restart fabricq_prp_driver’ If the error message appears again, then: if a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0 ’ where x is the slot of route processor that generated the error. if no redundant RP is configured you will need to reboot the router by issuing the reload Platform Messages FFQ Messages EM-1709 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-CORRUPT_PKT Corrupted packet, start_offset [hex], length [unsigned int], slot [unsigned int] Explanation This message indicates that a buffer was received from the fabric with a corrupted buffer header. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-CORRUPT_PTR Assembler packet pointer corrupt: pkt [hex], dgram [hex], oq [hex] Explanation This message indicates that the reassembly buffer pointer used by assembler is incorrect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-FATAL ffq: fatal error encountered, reason equals [chars] Explanation ffq manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-FATAL_2 ffq: fatal error encountered, reason equals [chars], errno equals [dec] Explanation ffq encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FFQ Messages EM-1710 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FFQ-3-GEN_INFO ffq: general information,[chars] Explanation The FFQ’s informational message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-INFO ffq: service degrading error, reason equals [chars] Explanation The ffq encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-MALLOC_FAILED FFQ: queue [dec] alloc [dec] bytes error for ptr [hex] of max [hex] Explanation FFQ encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-FFQ-3-MEM_ERR No memory available for Assembler queues in [chars] Explanation This message indicates that Assembler driver is not able to allocate memory for the Queues and other use. This usually indicates a memory problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-NOBUF No buffers available for Assembler error [unsigned int] Explanation This message indicates that there are too many messages coming from the GSR Line Card. There are no more buffers on the RP to handle these messages. Try shutting down debugs on Line Card or reloading it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FFQ Messages EM-1711 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FFQ-3-NOT_YET_IMPLEMENTED ffq: this function [chars] is not yet implemented Explanation FFQ, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-PAK_FREE_ERR The fabric driver failed to return a buffer to the free list from: [chars] Explanation The fabric driver has failed to return a packet buffer received from the fabric to the free list. If this error keeps recurring it could result in the depletion of buffer for packet received on the route processor from the fabric. %s is the entity processing the packet. Recommended Action If this error occurs again copy the system messages exactly as they appear, call your Cisco technical support representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-PAK_INVALID Invalid packet type [dec] Explanation FFQ has received an invalid packet type from the fabric. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-RATEI No timer interval for [chars] Explanation An internal data structure was missing a field. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-RATEW No timer wheel for [chars] Explanation An internal data structure was missing a field. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages FIB_DBG Messages EM-1712 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FFQ-3-TMR Call to [chars] failed, cerrno equals [hex] Explanation The library call failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-3-USAGE ffq: invalid option [chars] passed to ffq server Explanation Startup option supplied to FFQ is not valid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-FFQ-4-PAK_INVALID Invalid packet type received from fabric on route processor: [dec] Explanation FFQ has received an invalid packet type from the fabric. This error will not affect the functionality or stability of the system. %d packet type received Recommended Action If this error occurs continuously call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FIB_DBG Messages Error Message %PLATFORM-FIB_DBG-3-ERR_INFO_VERBOSE [chars] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Encouter internal error during platform FIB debug initialization. Report to your technical support representative. Error Message %PLATFORM-FIB_DBG-3-ERR_INFO_VERBOSE [chars] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Encouter internal error during platform FIB debug initialization. Report to your technical support representative. Platform Messages FIB_IDB_LIB Messages EM-1713 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FIB_DBG-3-ERR_INFO_VERBOSE [chars] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Encouter internal error during platform FIB debug initialization. Report to your technical support representative. FIB_IDB_LIB Messages Error Message %PLATFORM-FIB_IDB_LIB-3-ERR_STR [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transcient or persistent. Report to your technical support representative. Error Message %PLATFORM-FIB_IDB_LIB-3-ERR_STR [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transcient or persistent. Report to your technical support representative. Error Message %PLATFORM-FIB_IDB_LIB-3-ERR_STR [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transcient or persistent. Report to your technical support representative. Error Message %PLATFORM-FIB_IDB_LIB-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transcient or persistent. Report to your technical support representative. Platform Messages FIB_LTRACE Messages EM-1714 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-FIB_IDB_LIB-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transcient or persistent. Report to your technical support representative. Error Message %PLATFORM-FIB_IDB_LIB-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transcient or persistent. Report to your technical support representative. FIB_LTRACE Messages Error Message %PLATFORM-FIB_LTRACE-3-ERR_INFO_VERBOSE [chars] [dec] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Encouter internal error during platform FIB ltrace initialization. Report to your technical support representative. Error Message %PLATFORM-FIB_LTRACE-3-ERR_INFO_VERBOSE [chars] [dec] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Encouter internal error during platform FIB ltrace initialization. Report to your technical support representative. Error Message %PLATFORM-FIB_LTRACE-3-ERR_INFO_VERBOSE [chars] [dec] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Encouter internal error during platform FIB ltrace initialization. Report to your technical support representative.Platform Messages FPD_BURNER Messages EM-1715 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FPD_BURNER Messages Error Message %PLATFORM-FPD_BURNER-3-BAD_ARG Bad command option: [chars] [chars] Explanation Bad coammand option. Recommended Action No action is required.. Error Message %PLATFORM-FPD_BURNER-3-FILE_OP_ERR [chars]: [chars] in function [chars] at line [dec] Explanation Error occured with file operations. Recommended Action No action is required.. Error Message %PLATFORM-FPD_BURNER-3-NO_MEM Failed in allocating memory in function [chars] at line [dec] Explanation No enough memory. Recommended Action No action is required.. Error Message %PLATFORM-FPD_BURNER-5-progress [chars] [chars] Explanation Output progress to RP console. Recommended Action No action is required.. Error Message %PLATFORM-FPD_BURNER-5-version [chars] version [dec].[dec] is not supported for this board. Explanation Invalid FPD version to RP console. Recommended Action No action is required..Platform Messages G_PLIM_QOS Messages EM-1716 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 G_PLIM_QOS Messages Error Message %PLATFORM-G_PLIM_QOS-2-EVENT_BLOCK An error occurred while handling an event: [chars] Explanation The event handling function returned an error which could not be handled Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-G_PLIM_QOS-2-THREAD_CREATE_FAILED Could not create a thread - [chars] Explanation pthread_create function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-G_PLIM_QOS-3-ERROR [chars] Explanation An error occured prior to debug service initialization Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-G_PLIM_QOS-3-MALLOC_FAILED Could not allocate memory : [chars] Explanation Call to malloc() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages GSR_FIB_STATS_API Messages EM-1717 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GSR_FIB_STATS_API Messages Error Message %PLATFORM-GSR_FIB_STATS_API-3-ERROR [chars], error [dec] ([chars]) Explanation Failed to perform the action specified in the error message. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ GSR_IPV4_EA Messages Error Message %PLATFORM-GSR_IPV4_EA-3-ERROR [chars], error [chars] Explanation This is an error message in the c12000 platform specific code software to indicate anomolies that are not FATAL. This error is most likely caused by a temporary situation, so is unlikely to re-occur. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. GSR_IPv6_EA Messages Error Message %PLATFORM-GSR_IPv6_EA-3-ERROR [chars], error [chars] Explanation This is an error message in the c12000 platform specific code software to indicate anomolies that are not FATAL. This error is most likely caused by a temporary situation, so is unlikely to re-occur. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages GSR_lc_exmem Messages EM-1718 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GSR_lc_exmem Messages Error Message %PLATFORM-GSR_lc_exmem-1-RES_ERROR System run out of [chars], no pages left Explanation A error occurred in GSR external memory manager resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PLATFORM-GSR_lc_exmem-3-ERROR exmem: error encountered, reason equals [chars] Explanation The LC external memory manager could not complete proper operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_lc_exmem-3-FATAL exmem: fatal error encountered, reason equals [chars] Explanation The LC external memory manager could not complete proper operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_lc_exmem-4-exception [chars] Explanation A SW exception of unexpected condition or an out of resources (memory, HW profiles, etc) situation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages GSR_LC_PM Messages EM-1719 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GSR_LC_PM Messages Error Message %PLATFORM-GSR_LC_PM-2-FAULT_LC LC Reset: Reason - [chars] Explanation Platform manager client API received an error from one of the linecard software driver processes that crashed due to a software problem and the LC must be reloaded. The platform-mgr process controls linecard resets for the software driver processes. If a linecard software driver crashes due to a software problem, it can get into a very bad and may be unrecoverable. This action is taken to reload the linecard immediately. %s - Contains the process and reason for the linecard reload. Recommended Action The linecard will be automatically reloaded to recover. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_LC_PM-2-FAULT_LC LC Reset: Reason - [chars] Explanation Platform manager Error Handling recieved an error from one of the LC devices. The LC MUST be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_LC_PM-3-CONN_ERR Process connection failed: ([chars]%s) Explanation The linecard platform-mgr process failed to connect its process to the route processor processes during process initialization. The platform-mgr process runs on the linecard and handles interface information between the route processor and the linecard hardware drivers. It also stores all local linecard information for every interface configured on the linecard. If the platform-mgr fails to connect, no linecard interfaces can be created or deleted. The platform-mgr show commands will also not be available. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action The System Manager process (sysmgr) may not automatically respawn this process upon failure if processes get out of sync. Otherwise the process should be restarted. Execute ’show process gsr_pm location 0/x/cpu0’ to verify that the process is up and running and has been restarted. If it is still non-operational, or has not been automatically restarted, try doing ’process restart gsr_pm location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages GSR_LC_PM Messages EM-1720 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-GSR_LC_PM-3-ENGINE_PORT gsr_lc_pm: [chars] [hex] Explanation gsr_lc_pm encountered an error and is not able to recover from the error. A reason text will be supplied. call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_LC_PM-3-FATAL GSR_LC_PM: Fatal Error, reason equals [chars] Explanation Platform manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_LC_PM-3-FATAL_2 gsr_lc_pm: fatal error encountered, reason equals [chars], errno equals [dec] Explanation gsr_lc_pm encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_LC_PM-3-INIT_ERR Process initialization failed: ([chars]%s) Explanation The linecard platform-mgr process failed to initialize. The platform-mgr process runs on the linecard and handles interface information between the route processor and the linecard hardware drivers. It also stores all local linecard information for every interface configured on the linecard. If the platform-mgr fails to initialize, no linecard interfaces can be created or deleted. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process gsr_pm location 0/x/cpu0’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart gsr_pm location 0/x/cpu0’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages GSR_LIB Messages EM-1721 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GSR_LIB Messages Error Message %PLATFORM-GSR_LIB-3-CONN_ERR Event manager failure: ([chars]%s) Explanation An error occurred in the system data-base (SysDB) event manager GSR platform library DLL. This DLL controls thread creation, deletion and connections between all other processes and DLL’s. If there is a failure in this DLL, a connection will be lost somewhere on the system and failures will occur. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action The DLL will attempt to recover itself, but if it cannot, the card will probably have to be reloaded as messages will have been lost and the system may be in a bad state. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_LIB-3-ERROR [chars] ([chars]) Explanation For displaying error conditions with traceback and an error string. Recommended Action No action is required. Error Message %PLATFORM-GSR_LIB-3-LR_ERR Logical router failure: ([chars]%s) Explanation An error occurred during a card state change. This DLL controls the node information during a card state change for logical routers. If there is a failure here, the logical router will lose its nodeid information and will get out of sync with the system. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action The DLL will attempt to recover itself, but if it cannot, the card will need to be reloaded as the system will be in a bad state. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. GSR_MPLS_EA Messages Error Message %PLATFORM-GSR_MPLS_EA-3-ERROR [chars], error [chars] Explanation Failed to perform the action specified in the error message. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Platform Messages GSR_PRP_PM Messages EM-1722 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GSR_PRP_PM Messages Error Message %PLATFORM-GSR_PRP_PM-2-CRIT_DEVICE Critical severity error: Device: [chars] Explanation PRP Platform Manager process received a critical severity hardware error from one of the PRP hardware devices. In the case of the ASIC drivers, PRP-PM receives error reports from the drivers and takes action based on its knowledge of the required ASIC reset sequence. If error reports exceed a threshold then a PRP fail-over is initiated by PRP-PM. A traffic loss on the PRP will occur and an PRP failover may occur to recover. %s - is the Device of the fault being addressed. Recommended Action The HW device with fault, and appropriate surrounding hw devices, will be reset to recover from the HW issue. The PRP may also request an RP failover to recover. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_PRP_PM-3-HIGH_DEVICE High severity error: Device: [chars] Explanation PRP Platform Manager process received a high severity hardware error from one of the PRP hardware devices. In the case of the ASIC drivers, PRP-PM receives error reports from the drivers and takes action based on its knowledge of the required ASIC reset sequence. If error reports exceed a threshold then a PRP fail-over is initiated by PRP-PM. A slight traffic loss on the PRP will occur. %s - is the Device of the fault being addressed. Recommended Action The HW device with fault, and appropriate surrounding hw devices, will be reset to recover from the HW issue. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_PRP_PM-3-INIT_ERR Process initialization failed: ([chars]%s) Explanation The PRP platform-mgr process failed to initialize. The PRP Platform Manager process provides fault management services for ASIC drivers and PRP fail-over initiation for Fabric Control (FCTL) If the platform-mgr fails to initialize, the system will be unable to recover due to an asic fault or PRP failover. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process gsr_prp_pm’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart gsr_prp_pm’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages GSR_TUNNEL_EA Messages EM-1723 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-GSR_PRP_PM-3-LOW_DEVICE Low severity error: Device: [chars] Explanation PRP Platform Manager process received a low severity hardware error from one of the PRP hardware devices. In the case of the ASIC drivers, PRP-PM receives error reports from the drivers and takes action based on its knowledge of the required ASIC reset sequence. %s - is the Device of the fault being addressed. Recommended Action This process is just counting the hardware errors as the asic driver will recover itself, there will be no impact to the system. GSR_TUNNEL_EA Messages Error Message %PLATFORM-GSR_TUNNEL_EA-3-ERROR [chars], error [chars] Explanation This is an error message in the c12000 platform specific code software to indicate anomolies that are not FATAL. This error is most likely caused by a temporary situation, so is unlikely to re-occur. %s - indicates the reason for the failure. %s - is the decoded error reason. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_TUNNEL_EA-3-ERROR_PARAM [chars], param1 equals [unsigned int], param2 equals [unsigned int] Explanation This is an error message in the c12000 platform specific code software to indicate some problem with the code. %s - indicates the reason for the failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-GSR_TUNNEL_EA-3-ERROR2 [chars] Explanation This is an error message in the c12000 platform specific code software to indicate some problem with the code. %s - indicates the reason for the failure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages GT_I2C Messages EM-1724 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 GT_I2C Messages Error Message %PLATFORM-GT_I2C-3-BACKPLANE Detected i2c bus hang with Backplane EEPROM Explanation As shown in the message. Recommended Action None. Device was power-cycled to recover from the hang. Error Message %PLATFORM-GT_I2C-3-DRV_ERR [chars] Explanation Error detected when starting the i2c driver Recommended Action None. Driver will exit and restart automatically. Error Message %PLATFORM-GT_I2C-3-LOWER_FANTRAY Detected i2c bus hang with lower fantray Explanation As shown in the message. Recommended Action Physical OIR of lower fan tray required to recover from this hang. Error Message %PLATFORM-GT_I2C-3-ONBOARD Detected i2c bus hang with onboard device Explanation As shown in the message. Recommended Action SC Switchover can be performed to recover. To switchover, issue ’redundancy switchover location Active SC’. Error Message %PLATFORM-GT_I2C-3-REWORK_AND_UPGRADE_REQUIRED Detected old PLD version equals [hex] on this board. Please upgrade the PLD to atleast [hex], and check for i2c rework Explanation Detected that the board has old PLD version. Because of this, we will not be able to detect or correct an i2c bus hang. Recommended Action Please upgrade PLD and check i2c rework ASAP on this board. Platform Messages HBAGENT Messages EM-1725 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-GT_I2C-3-UNRECOVERABLE_BUS_HANG Detected i2c bus hang from which sw is unable to recover. Explanation As shown in the message. Recommended Action Physically OIR the RP board which is having the problem. Error Message %PLATFORM-GT_I2C-3-UPPER_FANTRAY Detected i2c bus hang with upper fantray Explanation As shown in the message. Recommended Action Physical OIR of upper fan tray required to recover from this hang. Error Message %PLATFORM-GT_I2C-7-BUS_HANG Detected i2c bus hang, attempting to unhang the bus...... Explanation Detected i2c bus hang. Recommended Action Please capture show gt-i2c trace location active-rp and show gt-i2c trace location standby-rp. Error Message %PLATFORM-GT_I2C-7-BUS_UNHANG_SUCCESS Successfully unhung the i2c bus Explanation As shown in the message. Recommended Action Physically OIR the RP board which is having the problem. HBAGENT Messages Error Message %PLATFORM-HBAGENT-2-FATAL Fatal error: [chars] [chars], exiting Explanation Fatal internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages HBAGENT Messages EM-1726 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HBAGENT-2-FATAL Fatal error: [chars] [chars], exiting Explanation Fatal internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-2-NODE_RELOAD Reload notification received. Reloading in [dec] secs Explanation Message indicating that the node has received a reload notification and the node is going to reload soon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-2-NODE_RELOAD Reload notification received. Reloading in [dec] secs Explanation Message indicating that the node has received a reload notification and the node is going to reload soon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-3-API_FAILURE [chars], error: [chars] Explanation An infrastructure component has returned an error to the MBI infrastructure, so it may not be able to continue with the current operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages HBAGENT Messages EM-1727 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HBAGENT-3-API_FAILURE [chars], error: [chars] Explanation An infrastructure component has returned an error to the MBI infrastructure, so it may not be able to continue with the current operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-3-THREAD_CREATE Failed to create a thread for [chars]: [chars] Explanation This may be a problem with lack of resources. The MBI infrastructure will be unable to carry out all of its expected functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-3-THREAD_CREATE Failed to create a thread for [chars]: [chars] Explanation This may be a problem with lack of resources. The MBI infrastructure will be unable to carry out all of its expected functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-4-ATTACH_RECONNECT_HANDLER Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages: [chars] Explanation Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages HBAGENT Messages EM-1728 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HBAGENT-4-ATTACH_RECONNECT_HANDLER Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages [chars] Explanation Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-4-INIT_LTRACE Failed to initialize hbagent tracing: ([dec] : [chars]) Explanation The process will continue with it’s business, however, cause of why hbagent was not able to initialize tracing should be tracked down. As result of this error, hbagent will not have any tracings. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-4-INIT_LTRACE Failed to initialize hbagent tracing: ([dec] : [chars]) Explanation The process will continue with it’s business, however, cause of why hbagent was not able to initialize tracing should be tracked down. As result of this error, hbagent will not have any tracings. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-4-SET_HEARTBEAT_PRIORITY Unable to set the heartbeat pulse through ethernet server to high priority. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages HBAGENT Messages EM-1729 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HBAGENT-4-SET_HEARTBEAT_PRIORITY Unable to set the heartbeat pulse through ethernet server to high priority. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-4-SET_THREAD_PRIORITY Unable to set the thread priority to high. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-4-SET_THREAD_PRIORITY Unable to set the thread priority to high. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HBAGENT-7-RELOAD_NOTIFICATION_TEST Received a test reload notification, ignore. Explanation The node received a test reload notification just to check functionality. The notification is ignored. Recommended Action No action is required. Platform Messages HD Messages EM-1730 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HBAGENT-7-RELOAD_NOTIFICATION_TEST Received a test reload notification, ignore. Explanation The node received a test reload notification just to check functionality. The notification is ignored. Recommended Action No action is required. HD Messages Error Message %PLATFORM-HD-2-DEV_HARDDISK_DEVICE_ERR Hard disk device error Explanation Hard disk encountered media errors Recommended Action This error is a momentary error and software should be able to correct it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HD-3-DEV_HARDDISK_RESTART Hard disk restarted Explanation Hard disk restart is taking excess time. Recommended Action Please attempt to restart the hd_drv process using command: ’process restart hd_drv’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HFR_IP_EA Messages Error Message %PLATFORM-HFR_IP_EA-3-CRITICAL HFR IP-EA: Critical error: [chars] Explanation HFR IP-EA, Critical error Recommended Action *SUPPORT* Platform Messages HFR_IP_EA Messages EM-1731 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_IP_EA-3-CRITICAL HFR IP-EA: Critical error: [chars] Explanation HFR IP-EA, Critical error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IP_EA-3-ERROR1 HFR IP-EA: Error: [chars] [dec] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IP_EA-3-ERROR1 HFR IP-EA: Error: [chars] [dec] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IP_EA-3-ERROR2 HFR IP-EA: Error: [chars] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IP_EA-3-ERROR2 HFR IP-EA: Error: [chars] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IP_EA-5-DEBUG HFR IP-EA: Debug info: [chars] Explanation HFR IP-EA, Debug information Recommended Action *SUPPORT* Platform Messages HFR_IPV6_EA Messages EM-1732 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_IP_EA-5-DEBUG HFR IP-EA: Debug info: [chars] Explanation HFR IP-EA, Debug information Recommended Action *SUPPORT* HFR_IPV6_EA Messages Error Message %PLATFORM-HFR_IPV6_EA-3-CRITICAL HFR IP-EA: Critical error: [chars] Explanation HFR IP-EA, Critical error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-3-CRITICAL HFR IP-EA: Critical error: [chars] Explanation HFR IP-EA, Critical error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-3-CRITICAL HFR IP-EA: Critical error: [chars] Explanation HFR IP-EA, Critical error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-3-ERROR1 HFR IP-EA: Error: [chars] [dec] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-3-ERROR1 HFR IP-EA: Error: [chars] [dec] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Platform Messages HFR_IPV6_EA Messages EM-1733 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_IPV6_EA-3-ERROR1 HFR IP-EA: Error: [chars] [dec] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-3-ERROR2 HFR IP-EA: Error: [chars] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-3-ERROR2 HFR IP-EA: Error: [chars] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-3-ERROR2 HFR IP-EA: Error: [chars] Explanation HFR IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-5-DEBUG HFR IP-EA: Debug info: [chars] Explanation HFR IP-EA, Debug information Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_IPV6_EA-5-DEBUG HFR IP-EA: Debug info: [chars] Explanation HFR IP-EA, Debug information Recommended Action *SUPPORT* Platform Messages HFR_L2FIB_METRO_SHOW Messages EM-1734 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_IPV6_EA-5-DEBUG HFR IP-EA: Debug info: [chars] Explanation HFR IP-EA, Debug information Recommended Action *SUPPORT* HFR_L2FIB_METRO_SHOW Messages Error Message %PLATFORM-HFR_L2FIB_METRO_SHOW-3-ERROR HFR_L2FIB_METRO_SHOW: [chars] , [chars] Explanation HFR_L2FIB_METRO_SHOW encountered an error Recommended Action Please enable ’debug im api errors’, ’debug sysdb access ...’ and capture the output. Error Message %PLATFORM-HFR_L2FIB_METRO_SHOW-7-USAGE hfr_l2fib_metro_show: invalid option passed to hfr_l2fib_metro_show command. [chars] Explanation Startup option supplied to HFR_L2FIB_METRO_SHOW is not valid. Recommended Action Please re-enter the correct option as described in the usage message ’Usage: hfr_l2fib_metro_show [-N node name]’ Example: sh controllers hfr int Ten0/2/0/0 loc 0/2/cpu0, or run hfr_l2fib_metro_show -N 33 HFR_LCPM_SHOW Messages Error Message %PLATFORM-HFR_LCPM_SHOW-3-ERROR HFR_PM_SHOW: [chars] , [chars] Explanation HFR_PM_SHOW encountered an error Recommended Action Please enable ’debug im api errors’, ’debug sysdb access ...’ and capture the output. Error Message %PLATFORM-HFR_LCPM_SHOW-3-ERROR HFR_PM_SHOW: [chars] , [chars] Explanation HFR_PM_SHOW encountered an error Recommended Action Please enable ’debug im api errors’, ’debug sysdb access ...’ and capture the output. Platform Messages HFR_MPLS_EA Messages EM-1735 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_LCPM_SHOW-7-USAGE hfr_pm_show: invalid option passed to hfr_pm_show command. [chars] Explanation Startup option supplied to HFR_PM_SHOW is not valid. Recommended Action Please re-enter the correct option as described in the usage message ’Usage: hfr_pm_show [-I intf name] | [-N node name]’ Example: sh controllers hfr int Ten0/2/0/0 loc 0/2/cpu0, or run hfr_lcpm_show -I TenGigE0_2_0_0 -N 33 Error Message %PLATFORM-HFR_LCPM_SHOW-7-USAGE hfr_pm_show: invalid option passed to hfr_pm_show command. [chars] Explanation Startup option supplied to HFR_PM_SHOW is not valid. Recommended Action Please re-enter the correct option as described in the usage message ’Usage: hfr_pm_show [-I intf name] | [-N node name]’ Example: sh controllers hfr int Ten0/2/0/0 loc 0/2/cpu0, or run hfr_lcpm_show -I TenGigE0_2_0_0 -N 33 HFR_MPLS_EA Messages Error Message %PLATFORM-HFR_MPLS_EA-3-ERR PLATFORM MPLS-EA: [chars] Explanation CRS-1 MPLS-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_MPLS_EA-3-ERR PLATFORM MPLS-EA: [chars] Explanation CRS-1 MPLS-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_MPLS_EA-3-ERRSTR PLATFORM MPLS-EA: [chars] Error: [chars]([dec]) Explanation CRS-1 MPLS-EA, error Recommended Action *SUPPORT* Platform Messages HFR_PM_TEST Messages EM-1736 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_MPLS_EA-3-ERRSTR PLATFORM MPLS-EA: [chars] Error: [chars]([dec]) Explanation CRS-1 MPLS-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_MPLS_EA-6-INFO PLATFORM MPLS-EA: [chars]: [chars] Explanation CRS-1 MPLS-EA, Debug information Recommended Action *SUPPORT* Error Message %PLATFORM-HFR_MPLS_EA-6-INFO PLATFORM MPLS-EA: [chars]: [chars] Explanation CRS-1 MPLS-EA, Debug information Recommended Action *SUPPORT* HFR_PM_TEST Messages Error Message %PLATFORM-HFR_PM_TEST-3-ERROR hfr_pm_test: fatal error encountered, reason equals [chars] Explanation hfr_pm test encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action This is just test software which the customer does not get. so there is np actiom required. Error Message %PLATFORM-HFR_PM_TEST-3-ERROR hfr_pm_test: fatal error encountered, reason equals [chars] Explanation hfr_pm test encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action This is just test software which the customer does not get. so there is np actiom required. Platform Messages HFR_PM Messages EM-1737 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_PM_TEST-3-ERROR_2 hfr_pm_test: fatal error encountered, reason equals [chars], errno equals [dec] Explanation hfr_pm_test encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action This is just test software which the customer does not get. Error Message %PLATFORM-HFR_PM_TEST-3-ERROR_2 hfr_pm_test: fatal error encountered, reason equals [chars], errno equals [dec] Explanation hfr_pm_test encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action This is just test software which the customer does not get. HFR_PM Messages Error Message %PLATFORM-HFR_PM-3-BAD_PMLIB_SERVER_CONTEXT [chars], svr_ctx equals 0x[pointer], expected_ctx equals 0x[pointer] Explanation The Platform Manager detected a software error where the received library server context does not match the expected value. Recommended Action No action is required as the software has rejected the transaction request. Please collect the error message, traceback and ’show log’ Error Message %PLATFORM-HFR_PM-3-ERR_FAULT_FROM_DEVICE Device [chars] #[dec] has a fault equals [chars]. Resetting Explanation The specified device has a fault that affects the card functionality. The card node will be reset and ideally the problem will not happen again when it comes back up. Recommended Action If the node keeps on resetting itself then please collect ’show log’ output and contact customer support to diagnose the problem. Platform Messages HFR_PM Messages EM-1738 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_PM-3-ERR_FAULT_SENT Cannot send [chars] #[dec] fault equals [chars] to shelf mgr. Resetting Explanation The specified device has a fault that affects the card functionality. Communication with the Shelf Manager could not be established to send fault information, so the card node will be reset and ideally the problem will not happen again when it comes back up. Recommended Action If the node keeps on resetting itself then please collect ’show log’ output and contact customer support to diagnose the problem. Error Message %PLATFORM-HFR_PM-3-ERROR hfr_pm: error encountered, reason equals [chars], errno equals [dec] Explanation hfr_pm encountered a fatal error and is not able to recover from the error. A text reason and error number will be supplied to describe the error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Error Message %PLATFORM-HFR_PM-3-ERROR hfr_pm: error encountered, reason equals [chars], errno equals [dec] Explanation hfr_pm encountered a fatal error and is not able to recover from the error. A text reason and error number will be supplied to describe the error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Error Message %PLATFORM-HFR_PM-3-ERROR_INIT hfr_pm: error encountered, reason equals [chars] Explanation Platform Manager encountered an initialization error A reason text will be supplied to describe the error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Platform Messages HFR_PM Messages EM-1739 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_PM-3-ERROR_INIT hfr_pm: error encountered, reason equals [chars] Explanation Platform Manager encountered an initialization error A reason text will be supplied to describe the error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Error Message %PLATFORM-HFR_PM-3-MALLOC_FAILED fatal memory allocation error for [dec] bytes Explanation Platform Manager encountered a fatal memory allocation error Recommended Action Please collect ’show memory summary location R/S/I’ to see how much memory is left on that location/node. Error Message %PLATFORM-HFR_PM-3-MALLOC_FAILED fatal memory allocation error for [dec] bytes Explanation Platform Manager encountered a fatal memory allocation error Recommended Action Please collect ’show memory summary location R/S/I’ to see how much memory is left on that location/node. Error Message %PLATFORM-HFR_PM-4-WARNING Platform Manager warning: [chars] Explanation The Platform Manager encountered an provisioning warning. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ Error Message %PLATFORM-HFR_PM-4-WARNING Platform Manager warning: [chars] Explanation The Platform Manager encountered an internal software warning. The software will reattempt to fix the cause of this warning. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ Platform Messages HFR_PM Messages EM-1740 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_PM-4-WARNING Platform Manager warning: [chars] Explanation The Platform Manager encountered an internal software warning. The software will reattempt to fix the cause of this warning. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ Error Message %PLATFORM-HFR_PM-4-WARNING Platform Manager warning: [chars] Explanation The Platform Manager encountered an provisioning warning. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ Error Message %PLATFORM-HFR_PM-7-ERROR Platform Manager error, reason equals [chars], errno equals [dec] Explanation The Platform Manager encountered an internal software error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Error Message %PLATFORM-HFR_PM-7-ERROR Platform Manager error, reason equals [chars], errno equals [dec] Explanation The Platform Manager encountered an internal software error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Error Message %PLATFORM-HFR_PM-7-ERROR_INIT Platform Manager error, reason equals [chars] Explanation The Platform Manager encountered an internal software initialization error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Platform Messages HSR_ES_CLI Messages EM-1741 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HFR_PM-7-ERROR_INIT Platform Manager error, reason equals [chars] Explanation The Platform Manager encountered an internal software initialization error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. HSR_ES_CLI Messages Error Message %PLATFORM-HSR_ES_CLI-3-CAPS_LOAD_FAILED Sponge caps load failed, sponge_caps equals [dec], rc equals [dec] ([chars]) Explanation Failed to load capsulation DLL Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HSR_ES_CLI-3-ERR [chars], rc equals [dec] ([chars]) Explanation Generic error. A string explaining the error condition, an error code and a string description of the error are printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HSR_ES_CLI-3-FATAL Fatal error encountered, reason equals [chars] Explanation HSR ES client encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages HSR_ES_CLI Messages EM-1742 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-HSR_ES_CLI-3-FATAL_2 Fatal error encountered, reason equals [chars], errno equals [dec] Explanation HSR ES client a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HSR_ES_CLI-3-FATAL_3 Fatal error encountered, reason equals [chars], errno equals [dec] ([chars]) Explanation HSR ES client a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed along with string descrioption of the error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HSR_ES_CLI-3-UNK_MSG_CODE Connecting to pakman, [chars], msg_code equals [dec] Explanation Unknwn message code send by Pakman server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-HSR_ES_CLI-6-INFO [chars] Explanation Prints an informational statement Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages I2C Messages EM-1743 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 I2C Messages Error Message %PLATFORM-I2C-2-VOLT_ALARM_SHUTDOWN Voltage sensor [chars] contains value [dec] which is out side of +-10% valid range. Card will be shutdown! Explanation If voltage validation failed, the card will be power down by Shelfmgr. Recommended Action Replace the hardware Error Message %PLATFORM-I2C-2-VOLTAGE_SUPPLY_FAILED Voltage [chars] equals [dec] not within thresholds Explanation As soon as power is asserted on S2/Jacket cards, s/w will read voltage sensors on the host board. If for any reason reading voltages failed or voltage read are not within +-10% range, then this message will be displayed. It will also list which device and value read. Recommended Action Please collect following traces and try to recover by reloading the S2/Jacket card. Error Message %PLATFORM-I2C-3-BP_EN_ERROR Error while setting PLD resgister to enable/disable access to backplane: unable to [chars] mastership Explanation Error while trying to grab or release the lock. Recommended Action No action is required. Error Message %PLATFORM-I2C-3-EMPTY_BIT_NOT_CLEARED_ERROR I2C server process restarting due to unrecoverable EMPTY Bit Not Cleared errors Explanation I2C operation failed because the EMPTY bit is still set after multiple retries. I2C server process will automatically restart to recover from this error condition. Recommended Action No action is required. Error Message %PLATFORM-I2C-3-ERR_INIT i2c server process exiting, reason: [chars] Explanation The i2c server process cannot continue due to error condition mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Platform Messages I2C Messages EM-1744 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-I2C-3-LC_BAD_VRM_INFO LC power-up failed because - [chars] on [chars] is bad - as indicated by power good registers Explanation None Recommended Action Replace the bad part for LC to work. Error Message %PLATFORM-I2C-3-LC_POWER_FAIL LC power-up failed because - [chars] - as indicated by power status registers Explanation None Recommended Action Replace the bad part for LC to work. Error Message %PLATFORM-I2C-6-LC_POWER_FAIL LC power-up failed because - [chars] - as indicated by power status registers Explanation None Recommended Action Replace the bad part for LC to work. Error Message %PLATFORM-I2C-6-VOLTAGE_VALIDATED Voltages on [chars] are within valid ranges Explanation voltage validation succeeded Recommended Action No action is required. Error Message %PLATFORM-I2C-7-BOARD_POWERUP_FAIL Board not powered up (DC_DC_en not asserted) after max timeout of [dec] seconds Explanation None Recommended Action Check why the board is not yet powered. Error Message %PLATFORM-I2C-7-BOARD_POWERUP_FAIL Board not powered up (DC_DC_en not asserted) after max timeout of [dec] seconds Explanation None Recommended Action Check why the board is not yet powered. Platform Messages I2C Messages EM-1745 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-I2C-7-BOARD_POWERUP_NOT_HAPPENED Board not powered up (DC_DC_en not asserted) after [dec] seconds, resending pulse to shelfmgr to powerup this board Explanation None Recommended Action Check why the board is not yet powered. Error Message %PLATFORM-I2C-7-BOARD_POWERUP_NOT_HAPPENED Board not powered up (DC_DC_en not asserted) after [dec] seconds, resending pulse to shelfmgr to powerup this board Explanation None Recommended Action Check why the board is not yet powered. Error Message %PLATFORM-I2C-7-LC_BAD_VRM_INFO LC power-up failed because - [chars] on [chars] is bad - as indicated by power good registers Explanation None Recommended Action Replace the bad part for LC to work. Error Message %PLATFORM-I2C-7-LC_POWERUP_CHECK_FAIL Unable to check LC power status registers because [chars] Explanation None Recommended Action Manually check why the board is not yet powered. Error Message %PLATFORM-I2C-7-LC_POWERUP_CHECK_FAIL Unable to check LC power status registers because [chars] Explanation None Recommended Action Manually check why the board is not yet powered. Error Message %PLATFORM-I2C-7-SEND_PULSE_FAIL Failed to send pulse because [chars] failed Explanation None Recommended Action Check the path of file specified for download Platform Messages INTCTRL Messages EM-1746 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-I2C-7-SEND_PULSE_FAIL Failed to send pulse because [chars] failed Explanation None Recommended Action Check the path of file specified for download INTCTRL Messages Error Message %PLATFORM-INTCTRL-2-BLG_RDY_ERROR Interrupt controller driver fab arbiter ready error Explanation Interrupt controller driver detected a fab arbiter ready error (ack not received). Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-BLG_RX_PAR_ERROR Interrupt controller driver crossbar fabric arbiter receive parity error Explanation Crossbar fabric arbiter reported to Interrupt controller that the data it received had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-BLG_TX_PAR_ERROR Interrupt controller driver crossbar fabric arbiter transmit parity error Explanation Interrupt controller FPGA reported that data it received from crossbar fabric arbiter had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages INTCTRL Messages EM-1747 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INTCTRL-2-CLKCTRL_DACK_ERROR Interrupt controller driver Timing and CPI controller data ack error Explanation Interrupt controller driver detected an data ack error from Timing and CPI controller FPGA Recommended Action Please try to correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-CLKCTRL_RX_PAR_ERROR Interrupt controller driver Timing and CPI controller parity error on receive interface Explanation Timing and CPI controller FPGA reported that the data it received had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-CLKCTRL_TX_PAR_ERROR Interrupt controller driver Timing and CPI controller parity error on transmit interface Explanation Interrupt controller FPGA reported that data it received from Timing and CPI controller FPGA had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-CPU_PRT_A_ERROR Interrupt controller driver cpu address parity error Explanation Interrupt controller driver detected an address parity error from the cpu Recommended Action Please try to correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages INTCTRL Messages EM-1748 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INTCTRL-2-CPU_PRT_D_ERROR Interrupt controller driver cpu data parity error Explanation Interrupt controller driver detected a data parity error from the cpu Recommended Action Please try to correct the problem by reloading the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-DEV_VERSION_ERROR Interrupt controller driver version is not compatible with the hardware version. [chars] Explanation Interrupt controller driver version is not compatible with the hardware version. Recommended Action Upgrade the Interrupt controller FPGA image using FPD procedure. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-OCT_RDY_ERROR Interrupt controller driver crossbar fabric interface ready error Explanation Interrupt controller driver detected a crossbar fabric interface ready error (ack not received). Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-OCT_RX_PAR_ERROR Interrupt controller driver octopus receive parity error Explanation Crossbar fabric interface reported to interrupt controller that the data it received had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages INTCTRL Messages EM-1749 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INTCTRL-2-OCT_TX_PAR_ERROR Interrupt controller driver crossbar fabric interface transmit parity error Explanation Interrupt controller FPGA reported that data it received from crossbar fabric interface had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-PUNT_RDY_ERROR Interrupt controller driver PUNT ready error Explanation Interrupt controller driver detected a PUNT ready error (ack not received). Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-PUNT_RX_PAR_ERROR Interrupt controller driver PUNT receive parity error Explanation PUNT FPGA reported to Interrupt controller that the data it received had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-PUNT_TX_PAR_ERROR Interrupt controller driver PUNT transmit parity error Explanation Interrupt controller FPGA reported that data it received from crossbar fabric arbiter had parity error Recommended Action Please correct the problem by reloading the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages INTEG_SWITCH Messages EM-1750 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INTCTRL-2-THERM_ALARM_ERROR Interrupt controller driver Thermal Alarm Explanation Interrupt controller driver detected a thermal error. Recommended Action Ensure the fans are working and the board is not overheated. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INTCTRL-2-THERM_OVERT_ERROR Interrupt controller driver Thermal Over Temperature Explanation Interrupt controller driver detected a thermal over temperature Recommended Action Ensure the fans are working & the board is not overheated. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. INTEG_SWITCH Messages Error Message %PLATFORM-INTEG_SWITCH-2-LINK_SHUT_DOWN Inter-rack switch port [dec] state changed to ADMIN_DOWN Explanation The inter-rack switch port was administratively shut down. Recommended Action No action is required. Error Message %PLATFORM-INTEG_SWITCH-2-STACKING_LINK_DOWN Broadcom 5690 stacking link down Explanation The driver was unable to successfully initialise the stacking link Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages INV_AGENT Messages EM-1751 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 INV_AGENT Messages Error Message %PLATFORM-INV_AGENT-3-ERROR_EXIT Exiting because [chars], error code [chars] Explanation The process exited due to the reason mentioned in the message. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-INV_AGENT-3-OPT_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-INV_AGENT-6-IF_OIRIN SFP/XFP OIR: [chars] port_num: [dec] is inserted, state: [dec] Explanation SFP or XFP enity is inserted into the line card inv_agent collects the port data whenever it is presented. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-INV_AGENT-6-IF_OIROUT SFP/XFP OIR: [chars] port_num: [dec] is removed, state: [dec] Explanation SFP or XFP enity is removed from the line card inv_agent removes the port data ehne Recommended Action Debug message only. No action is required. Error Message %PLATFORM-INV_AGENT-7-INFO [chars] Explanation The particular operation mentioned in the message occured due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required.Platform Messages INV Messages EM-1752 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 INV Messages Error Message %PLATFORM-INV-6- OIR: Node [chars] inserted Explanation -- Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INV-6-CF_OIRIN Compact Flash is inserted on Node: [chars] Explanation Compact Flash entity is inserted into the RSP invmgr_agent collects the CF data whenever it is inserted. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-INV-6-CF_OIROUT Compact Flash is removed on Node: [chars] Explanation Compact Flash entity is removed from the RSP invmgr_agent deletes the CF data whenever it is removed. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-INV-6-NODE_STATE_CHANGE Node: [chars], state: [chars] Explanation Inventory Manager output this informational message whenever there is a card state change. This message will indicate the current card state. Recommended Action No action is required. Error Message %PLATFORM-INV-6-NODE_STATE_CHANGE Node: [chars], state: [chars] Explanation Inventory Manager output this informational message whenever there is a card state change. This message will indicate the current card state. Recommended Action No action is required. Platform Messages INV Messages EM-1753 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INV-6-NODE_STATE_CHANGE Node: [chars], state: [chars] Explanation Inventory Manager output this informational message whenever there is a card state change. This message will indicate the current card state. Recommended Action No action is required. Error Message %PLATFORM-INV-6-OIRIN OIR: Card [chars] inserted Explanation Entity specified in the messages is inserted into the chassis and inventory manager is updated. This message is used by CWI/CTM to determine when the entity-related information (read from the EEPROM) is available in inventory database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INV-6-OIRIN OIR: Node [chars] inserted Explanation Entity specified in the messages is inserted into the chassis and inventory manager is updated. This message is used by CWI/CTM to determine when the entity-related information (read from the EEPROM) is available in inventory database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INV-6-OIRIN OIR: Node [chars] inserted Explanation Entity specified in the messages is inserted into the chassis and inventory manager is updated. This message is used by CWI/CTM to determine when the entity-related information (read from the EEPROM) is available in inventory database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages INV Messages EM-1754 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INV-7-ERR [chars] Explanation Failure in Inventory Manager resulting in error condition Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR [chars] Explanation Failure in Inventory Manager resulting in error condition Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR [chars] Explanation Failure in Inventory Manager resulting in error condition Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_DLL [chars], reason: [chars] Explanation Failure in Inventory Manager dllmain function call Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_DLL [chars], reason: [chars] Explanation Failure in Inventory Manager dllmain function call Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_DLL [chars], reason: [chars] Explanation Failure in Inventory Manager dllmain function call Recommended Action No action is required. Platform Messages INV Messages EM-1755 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INV-7-ERR_EDM_CREATE Unable to register for invmgr edm event notification Explanation Failure in Inventory Manager event creation Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_EDM_CREATE Unable to register for invmgr edm event notification Explanation Failure in Inventory Manager event creation Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_EDM_CREATE Unable to register for invmgr edm event notification Explanation Failure in Inventory Manager event creation Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_EDM_OPEN Unable to start invmgr edm communication channel Explanation Failure in Inventory Manager event connect open Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_EDM_OPEN Unable to start invmgr edm communication channel Explanation Failure in Inventory Manager event connect open Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_EDM_OPEN Unable to start invmgr edm communication channel Explanation Failure in Inventory Manager event connect open Recommended Action No action is required. Platform Messages INV Messages EM-1756 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INV-7-ERR_MEM_ALLOC Unable to allocate memory Explanation Failure in Inventory Manager memory allocation error occurred Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_MEM_ALLOC Unable to allocate memory Explanation Failure in Inventory Manager memory allocation error occurred Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_MEM_ALLOC Unable to allocate memory Explanation Failure in Inventory Manager memory allocation error occurred Recommended Action No action is required. Error Message %PLATFORM-INV-7-ERR_RACK_CREATE Inventory Creation of RACK failed. Explanation The RACK entry is a must in inventory management Recommended Action None. Inventory Manager process will restart automatically Error Message %PLATFORM-INV-7-ERR_RACK_CREATE Inventory Creation of RACK failed. Explanation The RACK entry is a must in inventory management Recommended Action None. Inventory Manager process will restart automatically Error Message %PLATFORM-INV-7-ERR_RACK_CREATE Inventory Creation of RACK failed. Explanation The RACK entry is a must in inventory management Recommended Action None. Inventory Manager process will restart automatically Platform Messages INVMGR Messages EM-1757 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INV-7-SYSDB_ERR [chars], reason: [chars] Explanation Sysdb api call failed Recommended Action No action is required. Error Message %PLATFORM-INV-7-SYSDB_ERR [chars], reason: [chars] Explanation Sysdb api call failed Recommended Action No action is required. Error Message %PLATFORM-INV-7-SYSDB_ERR [chars], reason: [chars] Explanation Sysdb api call failed Recommended Action No action is required. INVMGR Messages Error Message %PLATFORM-INVMGR-2-ERR_SYSDB_REG_NOTIFY SysDB registration for notification on [chars] failed. Error - [chars] Explanation This message indicates that registration for notification failed for the tuple specified. %s - tuple %s - indicates the internal error message Recommended Action System manager will automatically respawn this process, up to a fixed number of times, when this error is encountered to recover. Execute ’show process invmgr location 0/x/cpu0’ to verify that the process is up and running. If it is non-operational, do ’process restart invmgr location 0/x/cpu0’ to manually restart it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INVMGR-3-ERR_EEPROM_READ EEPROM/NVRAM read failed. Error - [chars], [dec] Explanation EEPROM/NVRAM read failed for a chassis, card, or SPA. Inventory information would be incomplete. This would affect information provided to CLI ’show inventory’, inventory schema, and the entity related MIBs. %s - indicates the internal error string %d - indicates the internal error code Recommended Action Check the card/chassis/SPA. Platform Messages INVMGR Messages EM-1758 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INVMGR-3-ERR_INIT Initialization failed. [chars]. [chars] Explanation This message indicates that process invmgr failed to initialize and exited. Inventory information would not be available. This would affect CLI ’show inventory’, inventory schema, and the entity related MIBs. Some reasons are: 1) System manager process ready notification failed 2) Error waiting for secondary RP to go active 3) Internal API error %s - indicates the internal message. %s - indicates the internal error reason. Recommended Action System manager will automatically respawn this process, up to a fixed number of times, when this error is encountered to recover. Execute ’show process invmgr location 0/x/cpu0’ to verify that the process is up and running. If it is non-operational, do ’process restart invmgr location 0/x/cpu0’ to manually restart it. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INVMGR-3-ERR_MEM_ALLOC [chars], slot [dec] Explanation This message indicates memory allocation failure. Inventory information for the specified slot would be incomplete. This would affect information provided to CLI ’show inventory’, inventory schema, and the entity related MIBs for the specified slot. %s indicates the internal data structure that failed allocation for. Recommended Action Reduce other system activity to ease memory demands and restart process invmgr via CLI ’process restart invmgr’ to recover. If conditions warrant and minimum memory requirements not met, upgrade to a larger memory configuration. Error Message %PLATFORM-INVMGR-3-ERR_NODEID_CREATE Node ID of slot [dec]. Error - [chars] Explanation This message indicates a failure in creating the node ID of the specified slot. Inventory information for the specified slot would be incomplete. This would affect information provided to CLI ’show inventory’, inventory schema, and the entity related MIBs for the specified slot. %s - indicates the internal error reason. Recommended Action Try restarting the invmgr process via CLI ’process restart invmgr’ to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages INVMGR Messages EM-1759 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INVMGR-3-ERR_OBJECT_CREATE Slot [dec]. Error - [chars] Explanation This message indicates a failure in creating the object for the specified slot. The entry is not added to the inventory. %s - indicates an internal message Recommended Action Issue may be due to lack of memory in the system. If memory shortage is the cause, reduce other system activity to ease memory demands and restart process invmgr via CLI ’process restart invmgr’ to recover. If conditions warrant and minimum memory requirements not met, upgrade to a larger memory configuration. Error Message %PLATFORM-INVMGR-3-ERR_SENSOR_CREATE Slot [dec] sensor [dec] object create failed Explanation This message indicates a failure in creating the sensor object for the specified slot and sensor. The sensor entry is not added to the inventory. Recommended Action Issue may be due to lack of memory in the system. If memory shortage is the cause, reduce other system activity to ease memory demands and restart process invmgr via CLI ’process restart invmgr’ to recover. If conditions warrant and minimum memory requirements not met, upgrade to a larger memory configuration. Error Message %PLATFORM-INVMGR-3-ERR_SYSDB_BIND SysDB bind to [chars] failed. Error - [chars] Explanation This message indicates bind to the specified path failed. Inventory information would be incomplete. This would affect information provided to CLI ’show inventory’, inventory schema, and the entity related MIBs. %s - indicates the internal error reason. Recommended Action Try restarting the invmgr process via CLI ’process restart invmgr’ to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INVMGR-5-OIRIN OIR: Node [chars] inserted Explanation Entity specified in the messages is inserted into the chassis and inventory manager is updated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages INVMGR Messages EM-1760 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INVMGR-5-OIROUT OIR: Node [chars] removed Explanation Entity specified in the messages is removed from the chassis. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INVMGR-6-NODE_STATE_CHANGE Node: [chars], state: [chars] Explanation This message indicates the node state (eg. IOS XR RUN, MBI_RUNNING). A node being a card, SPA, etc. %s - indicates the node/location in rack/slot/instance format %s - indicates the state Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-INVMGR-7-ERR_API [chars] failed for slot [dec] Explanation The sensor entry will not be added in inventory Recommended Action Check the memory on the system Error Message %PLATFORM-INVMGR-7-ERR_NODEID Extract fields from node ID [dec] failed. Error - [chars] Explanation This message indicates a failure in extracting fields from the node ID. Inventory information for the specified node ID, if valid, would be incomplete. This would affect information provided to CLI ’show inventory’, inventory schema, and the entity related MIBs for the specified node. %s - indicates the internal error. Recommended Action Try restarting the invmgr process via CLI ’process restart invmgr’ to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages IPCLC Messages EM-1761 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-INVMGR-7-FAIL [chars] Explanation This message indicates a failure in inventory manager. This is an internal debug message. %s - indicates the failure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPCLC Messages Error Message %PLATFORM-IPCLC-3-EVENT Event ([unsigned int]) [chars] error Explanation Command/event processing operational errors. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PLATFORM-IPCLC-3-EVENTSYS Event ([unsigned int]) system call [chars] error (cause: [chars]) Explanation IPC kernel system call errors. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PLATFORM-IPCLC-3-INTRLVL LC interrupt level IPC event, [chars] Explanation LC interrupt level, IPC event processing errors. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PLATFORM-IPCLC-3-MSGERR [chars] ([dec]) Explanation The line card IPC cannot register with the route processor. It cannot exchange messages route processor. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Platform Messages IPCP_SRVR Messages EM-1762 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-IPCLC-3-OP [chars] Explanation Command/event processing operation errors. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PLATFORM-IPCLC-3-REPLY Reply (to cmd [unsigned int]) [chars] error Explanation Command/event processing operational errors. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %PLATFORM-IPCLC-3-REPLYSYS Reply (to cmd [unsigned int]) system call [chars] error (cause: [chars]) Explanation Reply-to-RP-command operation errors. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. IPCP_SRVR Messages Error Message %PLATFORM-IPCP_SRVR-3-SW_INIT_ERROR IPCP Server process initialization failed - [chars]: [chars] Explanation A fatal software error encountered during IPCP Server process initialization. The specific error and cause are appended to the error message. Process will be terminated. Node can’t function properly and will be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-IPCP_SRVR-6-IPCP_SERVER_RESTARTED_NODE_REBOOTING IPCP has been restarted. Node [chars] is going down for reboot. Explanation IPCP server has been restarted. The node will be reloaded. This is not an error. Recommended Action No action is required.Platform Messages IPMCAST Messages EM-1763 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPMCAST Messages Error Message %PLATFORM-IPMCAST-5-ERR [chars] [chars] equals [hex] Explanation Errors in processing IP multicast packet Recommended Action Copy the error message exactly as it appears on the console, and report it to your technical support representative. LAMPTEST Messages Error Message %PLATFORM-LAMPTEST-6-ABORTED Lamp test aborted. [chars] Explanation Lamp Test has been aborted due to an internal error. Recommended Action No action is required. Error Message %PLATFORM-LAMPTEST-6-COMPLETE Lamp test is now complete. Explanation Test of all system LEDs has now finished. Recommended Action No action is required. Error Message %PLATFORM-LAMPTEST-6-INITIATED Lamp test has been initiated. Explanation Test of all system LEDs is now in progress. Recommended Action No action is required. Error Message %PLATFORM-LAMPTEST-6-REJECTED Lamp Test attempt rejected because a lamp test is already in progress. Explanation Lamp Test cannot be executed because another lamp test operation is already in progress. Recommended Action No action is required.Platform Messages LBJR Messages EM-1764 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LBJR Messages Error Message %PLATFORM-LBJR-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation LBJR Driver encountered a fatal error and is not able to recover. The supplied text string will explain the reason. Call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LBJR-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation LBJR encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LBJR-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the lbjr_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LBJR-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation LBJR Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages LBJR Messages EM-1765 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-LBJR-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation LBJR Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LBJR-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in LBJR Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LBJR-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation LBJR Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LBJR-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation lbjr LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages LC_CPUCTRL Messages EM-1766 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LC_CPUCTRL Messages Error Message %PLATFORM-LC_CPUCTRL-0-NO_RSP_ACT_ERROR LC CPU controller driver detected no active RSP in the system Explanation LC CPU controller driver detected no active RSP in the system. Recommended Action If there are no RSPs present or if both RSPs are undergoing a reload, then this is an expected message. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LC_CPUCTRL-0-NO_RSP_PRESENT_ERROR LC CPU controller driver has detected no RSP in the system Explanation LC is unable to detect any RSPs in the chassis. Recommended Action If there indeed is no RSP present in the chassis, then this is an expected message. If RSP is plugged in and powered on, and if this message appears, then contact support team. Error Message %PLATFORM-LC_CPUCTRL-2-ACT_ARB_ERROR LC CPU controller driver detected inconsistency in active arbiter signals Explanation LC CPU controller driver detected inconsistency between raw and decoded active arbiter signals. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LC_CPUCTRL-2-ACT_RSP_ERROR LC CPU controller driver detected inconsistency in active RSP signal Explanation LC CPU controller driver detected inconsistency between raw and decoded active RSP signals. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages LC_CPUCTRL Messages EM-1767 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-LC_CPUCTRL-2-BOARD_REV_ERROR LC CPU controller driver detected board revision mismatch Explanation LC CPU controller driver version is not compatible with the current Board. Recommended Action Reset the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LC_CPUCTRL-2-BOARD_REV_PAR_ERROR LC CPU controller driver detected board revision parity error Explanation LC CPU controller driver detected a board revision parity error. Recommended Action Reset the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LC_CPUCTRL-2-DEV_VERSION_ERROR LC CPU controller driver version is not compatible with the hardware version. [chars] Explanation LC CPU controller driver version is not compatable with the hardware version. Recommended Action Upgrade the CPU controller FPGA image using FPD procedure followed by reloading of the board using command ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LC_CPUCTRL-2-NO_ARB_ACT_ERROR LC CPU controller driver detected no active fabric in the system. Explanation LC CPU controller driver detected no active arbiter in the system. Recommended Action If there are no RSPs present or if both RSPs are undergoing a reload, then this is an expected message. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages libpcmcia_ide Messages EM-1768 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-LC_CPUCTRL-2-NO_FAB_ACT_ERROR LC CPU controller driver no active fabric in the system Explanation LC CPU controller driver detected no active fabric in the system. Recommended Action If there are no RSPs present or if both RSPs are undergoing a reload, then this is an expected message. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LC_CPUCTRL-2-RSP_PAR_ERROR LC CPU controller driver detected fabric parity from RSP Explanation LC CPU controller driver detected fabric parity from RSP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-LC_CPUCTRL-2-TX_RX_PAR_ERROR LC CPU controller driver detected Tx/Rx parity error Explanation LC CPU controller driver detected a parity error on Tx/Rx Recommended Action Reset the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. libpcmcia_ide Messages Error Message %PLATFORM-libpcmcia_ide-1-CARD_UNAVAILABLE [chars]: Can not access flash device Explanation Probably the flash card has been removed. Recommended Action Reinsert the flash card. Platform Messages libpcmcia_linux Messages EM-1769 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-libpcmcia_ide-5-CARD_SWAPPED [chars]: The flash card has been swapped (OIR) Explanation The pcmcia flash card has been pulled out from its slot and re-inserted with a same or different card Recommended Action No action is required. Error Message %PLATFORM-libpcmcia_ide-5-SYSCALL [chars]: system call [chars] failed. rc equals [dec] Explanation An internal Event Manager Create operation failed Recommended Action No action is required. libpcmcia_linux Messages Error Message %PLATFORM-libpcmcia_linux-7-CHILD_SPAWN pcmciad child [chars] died. Being restarted Explanation pcmciad spawns filesystem process and cardmgrd. One of them died and hence being restarted Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-libpcmcia_linux-7-FUNCTION_FAILED [chars]() failed: [chars] Explanation The function specified failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-libpcmcia_linux-7-MALLOC_FAILED Malloc failed: [chars] Explanation Low in memory Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages libpcmcia_linux Messages EM-1770 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-libpcmcia_linux-7-NO_SPAWN_PARAM pcmciad spawn of process [dec] failed, since no information available Explanation pcmciad stores the pids of its children in /tmp. For some reason the file might have got corrupted Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-libpcmcia_linux-7-OPEN_FAILED Open of file [chars] failed: [chars] Explanation Open of file failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-libpcmcia_linux-7-SLEEPON_LOCK_FAILED sleepon_lock failed: [chars] Explanation deadlock error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-libpcmcia_linux-7-SPAWN_FAILED pcmciad spawn of process [chars] failed Explanation pcmciad spawns filesystem process and cardmgrd. One of them died and its respawn failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages LIC_UDI Messages EM-1771 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LIC_UDI Messages Error Message %PLATFORM-LIC_UDI-3-ACQUIRE_FAILURE UDI information for the chassis could not be retrieved. Explanation dSC re-election is required to determine licensing udi data. In order to select which RP will become the dSC, insert only the RPs that will be part of the Owner Logical Router (maximum of 2 RPs). Once these RPs are fully booted, you may insert other RPs as required and assign them to manage logical routers. At this point, chassis mastership has been determined and subsequent power-cycle of the chassis will support multiple RPs with no problem. Recommended Action Eject RPs that are unused or not in the Owner Logical Router. Ensure there are no more than 2 RPs inserted. Reload the RPs. Wait for console prompt. Insert other RP cards and load them as required. Error Message %PLATFORM-LIC_UDI-3-DATA_ACCURACY_UNKNOWN UDI information for the chassis has been derived and may not be accurate. Explanation To ensure accurate UDI data, dSC re-election is recommended. In order to select which RP will become the dSC, insert only the RPs that will be part of the Owner Logical Router (maximum of 2 RPs). Once these RPs are fully booted, you may insert other RPs as required and assign them to manage logical routers. At this point, chassis mastership has been determined and subsequent power-cycle of the chassis will support multiple RPs with no problem. Recommended Action Eject RPs that are unused or not in the Owner Logical Router. Ensure there are no more than 2 RPs inserted. Reload the RPs. Wait for console prompt. Insert other RP cards and load them as required. Error Message %PLATFORM-LIC_UDI-7-ERR_EVM_CREATE Could not create event manager for udi process. Error: [chars] Explanation A event manager create failed. Recommended Action No action is required. Error Message %PLATFORM-LIC_UDI-7-ERR_INTERNAL [chars]: [chars] Explanation Miscellaneous software error. Recommended Action No action is required. Platform Messages MACE Messages EM-1772 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-LIC_UDI-7-ERR_MALLOC Malloc for -[dec] bytes failed Explanation Memory allocation failed. Recommended Action No action is required. Error Message %PLATFORM-LIC_UDI-7-ERR_SYSDB_REG_NOTIF Sysdb registration for notification on path -[chars] failed Explanation Application failed to register for notification Recommended Action No action is required. MACE Messages Error Message %PLATFORM-MACE-2-ERR [chars] - [dec]: [chars] Explanation Error in MACE operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-MACE-2-ERR_RC [chars] - [dec]: [chars] (rc equals [hex]) Explanation Error in MACE operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. MANSDORF Messages Error Message %PLATFORM-MANSDORF-2-CRITICAL_ERROR Error: [chars] [hex] Explanation The message is used to report MANSDORF critical errors. Recommended Action Contact support. Platform Messages MBI_HELLO Messages EM-1773 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MANSDORF-3-GENERIC_ERROR Error: [chars] [hex] Explanation The message is used to report MANSDORF generic errors. Recommended Action Contact support. Error Message %PLATFORM-MANSDORF-6-GENERIC_INFO Info: [chars] Explanation The message is used to report MANS generic info. Recommended Action Contact support. MBI_HELLO Messages Error Message %PLATFORM-MBI_HELLO-2-ESERVER_DOWN [chars] Explanation The card could not send HB Reply because the EOBC server connection is down. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-2-FATAL Fatal error: [chars] [chars], exiting Explanation Fatal internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-2-FATAL Fatal error: [chars] [chars], exiting Explanation Fatal internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1774 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-2-FATAL Fatal error: [chars] [chars], exiting Explanation Fatal internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-2-HEADLESS_RSP_TIMER_INIT_FAILED [chars]: errno: [chars] Explanation The card could not set up its timer to detect the Headless RSP condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-2-NODE_RELOAD Reload notification received. Reloading in [dec] secs Explanation Message indicating that the node has received a reload notification and the node is going to reload soon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-2-NODE_RELOAD Reload notification received. Reloading card in [dec] secs Explanation Message indicating that the mbi-hello on the card has received a reload notification from sysldr for powering off the card and the card is going to reload soon. Card state is MBI_RUNNING Recommended Action Sysldr log needs to be looked into to investigate on the node reload cause. As, sysldr requests to reload the card for various reasons. Platform Messages MBI_HELLO Messages EM-1775 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-2-NODE_RELOAD Reload notification received. Reloading in [dec] secs Explanation Message indicating that the node has received a reload notification and the node is going to reload soon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-2-NODE_RELOAD Reload notification received. Reloading in [dec] secs Explanation Message indicating that the node has received a reload notification and the node is going to reload soon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-2-NODE_RELOAD_NOW Node delay time over, reloading now Explanation Message indicating that the node has received a reload notification from the sysldr and the node is going to reload as the delay is over. This message is logged after the delay over since the NODE_RELOAD message is logged. Recommended Action Sysldr log needs to be looked into to investigate on the node reload cause. As, sysldr requests to reload the card for various reasons. Error Message %PLATFORM-MBI_HELLO-3-API_FAILURE Unable to [chars], error: [chars] Explanation An infrastructure component has returned an error to the MBI infrastructure, so it may not be able to continue with the current operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1776 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-API_FAILURE Unable to [chars], error: [chars] Explanation An infrastructure component has returned an error to the MBI infrastructure, so it may not be able to continue with the current operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-API_FAILURE Unable to [chars], error: [chars] Explanation An infrastructure component has returned an error to the MBI infrastructure, so it may not be able to continue with the current operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-CLOCK_FAIL Clock operation failed ([chars]): [chars] Explanation A clock operation failed. This should have only cosmetic effect on the MBI infrastructure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-CLOCK_FAIL Clock operation failed ([chars]): [chars] Explanation A clock operation failed. This should have only cosmetic effect on the MBI infrastructure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-CLOCK_FAIL Clock operation failed ([chars]): [chars] Explanation A clock operation failed. This should have only cosmetic effect on the MBI infrastructure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1777 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-CORRUPTED_HB_REQ_MSG Invalid hb seq number received: [dec] Explanation ’The HB Req message that was sent has an invalid seq number in it.’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-ERR_SHMEM_ALLOC Failed to allocate shared memory. Error: [chars] Explanation mbi-hello is not able to allocate shared memory to share information with other processes. Recommended Action This indicates a low memory condition. Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Error Message %PLATFORM-MBI_HELLO-3-ERROR [chars] ([chars]) Explanation Error in mbi-hello processing The error reason is described in the message log itself. Recommended Action NONE Error Message %PLATFORM-MBI_HELLO-3-ETHSERVER_CONNECT The MBI infrastructure was unable to connect to the Ethernet Server error: [chars]. Explanation A communication problem occurred between the MBI client and Ethernet server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-ETHSERVER_CONNECT The MBI infrastructure was unable to connect to the Ethernet Server error: [chars]. Explanation A communication problem occurred between the MBI client and Ethernet server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1778 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-ETHSERVER_CONNECT The MBI infrastructure was unable to connect to the Ethernet Server error: [chars]. Explanation A communication problem occurred between the MBI client and Ethernet server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-ETHSERVER_WRITE The MBI infrastructure was unable to send a message to the Ethernet Server, error: [chars]. Explanation A communication problem occurred between the MBI client and Ethernet server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-ETHSERVER_WRITE The MBI infrastructure was unable to send a message to the Ethernet Server, error: [chars]. Explanation A communication problem occurred between the MBI client and Ethernet server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-ETHSERVER_WRITE The MBI infrastructure was unable to send a message to the Ethernet Server, error: [chars]. Explanation A communication problem occurred between the MBI client and Ethernet server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1779 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-INIT_ERR [chars] ([chars]) Explanation Something failed in the initialization. The process will exit as an attempt to recover. Recommended Action Collect the traces using the command ’show tech shelf’ in admin mode. Notify your customer support representative. Error Message %PLATFORM-MBI_HELLO-3-MALLOC_FAIL Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-MBI_HELLO-3-MALLOC_FAIL Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-MBI_HELLO-3-MALLOC_FAIL Failed to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-MBI_HELLO-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1780 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-REQUEST_NETMGR_MOUNTPOINT_FAIL Failed to request netmgr mountpoint Explanation Failed to request netmgr mountpoint. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-REQUEST_NETMGR_MOUNTPOINT_FAIL Failed to request netmgr mountpoint Explanation Failed to request netmgr mountpoint. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1781 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-REQUEST_NETMGR_MOUNTPOINT_FAIL Failed to request netmgr mountpoint Explanation Failed to request netmgr mountpoint. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1782 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-THREAD_CREATE Failed to create a thread for [chars]: [chars] Explanation This may be a problem with lack of resources. The MBI infrastructure will be unable to carry out all of its expected functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-THREAD_CREATE Failed to create a thread for [chars]: [chars] Explanation This may be a problem with lack of resources. The MBI infrastructure will be unable to carry out all of its expected functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-THREAD_CREATE Failed to create a thread for [chars]: [chars] Explanation This may be a problem with lack of resources. The MBI infrastructure will be unable to carry out all of its expected functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-TIMER_TIMEOUT Timer timed out from server : [chars] Explanation Timer timed out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1783 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-3-TIMER_TIMEOUT Timer timed out from server : [chars] Explanation Timer timed out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-3-TIMER_TIMEOUT Timer timed out from server : [chars] Explanation Timer timed out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-ATTACH_RECONNECT_HANDLER Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages: [chars] Explanation Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-ATTACH_RECONNECT_HANDLER Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages: [chars] Explanation Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1784 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-4-ATTACH_RECONNECT_HANDLER Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages: [chars] Explanation Failed to attach a reconnect handler to ethernet server coid. If ethernet server restarts, heartbeat agent may not be able to receive/write messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-INIT_LTRACE Failed to initialize mbi_hello tracing: ([dec] : [chars]) Explanation The process will continue with it’s business, however, cause of why mbi-hello was not able to initialize tracing should be tracked down. As result of this error, mbi-hello will not have any tracings. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-INIT_LTRACE Failed to initialize mbi_hello tracing: ([dec] : [chars]) Explanation The process will continue with it’s business, however, cause of why mbi-hello was not able to initialize tracing should be tracked down. As result of this error, mbi-hello will not have any tracings. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-INIT_LTRACE Failed to initialize mbi_hello tracing: ([dec] : [chars]) Explanation The process will continue with it’s business, however, cause of why mbi-hello was not able to initialize tracing should be tracked down. As result of this error, mbi-hello will not have any tracings. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1785 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-4-SET_HEARTBEAT_PRIORITY Unable to set the heartbeat pulse through ethernet server to high priority. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-SET_HEARTBEAT_PRIORITY Unable to set the heartbeat pulse through ethernet server to high priority. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-SET_HEARTBEAT_PRIORITY Unable to set the heartbeat pulse through ethernet server to high priority. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-SET_THREAD_PRIORITY Unable to set the thread priority to high. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_HELLO Messages EM-1786 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-4-SET_THREAD_PRIORITY Unable to set the thread priority to high. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-4-SET_THREAD_PRIORITY Unable to set the thread priority to high. Proceeding with normal priority: [chars] Explanation Unable to set the heartbeat pulse of this node to high priority. Proceeding with default priority, however in a high CPU consumption, this node’s heartbeat pulse may get lost, causing this node to get reloaded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_HELLO-6-LTRACE_INIT_ERR Failed to initialize ltrace buffer in [chars]. Error: [chars] Explanation Ltrace buffer will not be available. Debuggability will be reduced because of lacking of ltrace buffer. Recommended Action This indicates a low memory condition. Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Error Message %PLATFORM-MBI_HELLO-7-ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes of memory Explanation The debug ping to mbi-hello process could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Platform Messages MBI_HELLO Messages EM-1787 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-7-ERR_MSG_SEND The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-MBI_HELLO-7-ERR_NETMGR_MOUNTPOINT_REQUEST Failed to request QNX net manager mountpoint Explanation Failed to request netmgr mountpoint. The debug ping to mbi-hello process could not be accomplished. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-MBI_HELLO-7-ERR_SERVER_CONNECT The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not set up. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-MBI_HELLO-7-HBAGENT_EXISTS Mbi-hello was restarted, but detected that hbagent is up and functioning already. Proceeding with passive mode Explanation Mbi-hello process was restarted. However, it detected that the hbagent process is already functioning. Hence mbi-hello is going into passive mode by design. Recommended Action No action is required. Error Message %PLATFORM-MBI_HELLO-7-HBAGENT_EXISTS Mbi-hello was restarted, but detected that hbagent is up and functioning already. Proceeding with passive mode Explanation Mbi-hello process was restarted. However, it detected that the hbagent process is already functioning. Hence mbi-hello is going into passive mode by design. Recommended Action No action is required. Platform Messages MBI_HELLO Messages EM-1788 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-7-HBAGENT_EXISTS Mbi-hello was restarted, but detected that hbagent is up and functioning already. Proceeding with passive mode Explanation Mbi-hello process was restarted. However, it detected that the hbagent process is already functioning. Hence mbi-hello is going into passive mode by design. Recommended Action No action is required. Error Message %PLATFORM-MBI_HELLO-7-INFO_CREATE_SUCCESS MBI-Hello: Successful creation of [chars]. Attempt number [dec] Explanation Successful creation of mbi-hello LWM channel for communication. Recommended Action NONE Error Message %PLATFORM-MBI_HELLO-7-RELOAD_NOTIFICATION_TEST Received a test reload notification, ignore. Explanation The node received a test reload notification just to check functionality. The notification is ignored. Recommended Action No action is required. Error Message %PLATFORM-MBI_HELLO-7-RELOAD_NOTIFICATION_TEST Received a test reload notification, ignore. Explanation The node received a test reload notification just to check functionality. The notification is ignored. Recommended Action No action is required. Error Message %PLATFORM-MBI_HELLO-7-RELOAD_NOTIFICATION_TEST Received a test reload notification, ignore. Explanation The node received a test reload notification just to check functionality. The notification is ignored. Recommended Action No action is required. Platform Messages MBI_LIB_ACCESS Messages EM-1789 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_HELLO-7-TIMER_TIMEOUT The MBI infrastructure timer timed out from server : [chars] Explanation Timer timed out between the MBI client and server, perhaps because the communications infrastructure is not set up. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-MBI_HELLO-7-WARNING [chars] Explanation Error in thread creation for mbi-hello process. The error reason is described in the message log itself. Recommended Action NONE MBI_LIB_ACCESS Messages Error Message %PLATFORM-MBI_LIB_ACCESS-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB_ACCESS-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_LIB_ACCESS Messages EM-1790 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_LIB_ACCESS-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB_ACCESS-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB_ACCESS-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB_ACCESS-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_LIB Messages EM-1791 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_LIB_ACCESS-7-ERR_MSG_SEND The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-MBI_LIB_ACCESS-7-ERR_SERVER_CONNECT The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not set up. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. MBI_LIB Messages Error Message %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_LIB Messages EM-1792 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL The MBI infrastructure was unable to send a message to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBI_LIB Messages EM-1793 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL The MBI infrastructure was unable to connect to the MBI Hello server, error: [chars]. Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not yet up. The MBI operation in progress will not be carried out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB-4-CLOCK_FAIL The MBI infrastructure was unable to determine the time, error: [chars] Explanation The infrastructure is behaving incorrectly. This will not affect the operation of the MBI infrastructure, but messages and logs may not contain timestamps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBI_LIB-4-CLOCK_FAIL The MBI infrastructure was unable to determine the time, error: [chars] Explanation The infrastructure is behaving incorrectly. This will not affect the operation of the MBI infrastructure, but messages and logs may not contain timestamps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1794 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBI_LIB-4-CLOCK_FAIL The MBI infrastructure was unable to determine the time, error: [chars] Explanation The infrastructure is behaving incorrectly. This will not affect the operation of the MBI infrastructure, but messages and logs may not contain timestamps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MBIMGR Messages Error Message %PLATFORM-MBIMGR-3-COPY_MBI_FILE_NAME_FAIL [chars]The MBI infrastructure was unable to copy the MBI file name, error: [chars]. Explanation The MBI file name is possibly too large or invalid. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-COPY_MBI_FILE_NAME_FAIL [chars]The MBI infrastructure was unable to copy the MBI file name, error: [chars]. Explanation The MBI file name is possibly too large or invalid. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-COPY_MBI_FILE_NAME_FAIL [chars]The MBI infrastructure was unable to copy the MBI file name, error: [chars]. Explanation The MBI file name is possibly too large or invalid. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1795 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-DEFAULT_MBI_FAIL [chars]The MBI infrastructure failed to obtain the default MBI for card class [hex], error: [chars]. Explanation The default MBI is either unknown or missing. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-DEFAULT_MBI_FAIL [chars]The MBI infrastructure failed to obtain the default MBI for card class [hex], error: [chars]. Explanation The default MBI is either unknown or missing. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-DEFAULT_MBI_FAIL [chars]The MBI infrastructure failed to obtain the default MBI for card class [hex], error: [chars]. Explanation The default MBI is either unknown or missing. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-FAILED_TO_CALCULATE_MD5 [chars]Failed to calculate MD5 value from path ([chars]): [chars] Explanation Either the path is invalid, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1796 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-FAILED_TO_CALCULATE_MD5 [chars]Failed to calculate MD5 value from path ([chars]): [chars] Explanation Either the path is invalid, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-FAILED_TO_CALCULATE_MD5 [chars]Failed to calculate MD5 value from path ([chars]): [chars] Explanation Either the path is invalid, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-FAILED_TO_COMPARE_MD5 [chars]The MBI infrastructure failed to compare MD5 values between the boot request MBI ([chars]) and the MBI stored in dSC ([chars]), error: [chars]. Using the MBI ([chars]) from dSC. Explanation Either the MD5 values are invalid, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-FAILED_TO_COMPARE_MD5 [chars]The MBI infrastructure failed to compare MD5 values between the boot request MBI ([chars]) and the MBI stored in dSC ([chars]), error: [chars]. Using the MBI ([chars]) from dSC. Explanation Either the MD5 values are invalid, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1797 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-FAILED_TO_COMPARE_MD5 [chars]The MBI infrastructure failed to compare MD5 values between the boot request MBI ([chars]) and the MBI stored in dSC ([chars]), error: [chars]. Using the MBI ([chars]) from dSC. Explanation Either the MD5 values are invalid, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-IGNORING_MBI [chars]The MBI infrastructure detected an abnormality with the MBI passed ([chars]). Ignoring this MBI. Error: [chars]. Explanation The MBI passed was not in the expected form. The MBI infrastructure will ignore this MBI and most likely new MBI will be downloaded from dSC as result. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-IGNORING_MBI [chars]The MBI infrastructure detected an abnormality with the MBI passed ([chars]). Ignoring this MBI. Error: [chars]. Explanation The MBI passed was not in the expected form. The MBI infrastructure will ignore this MBI and most likely new MBI will be downloaded from dSC as result. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-IGNORING_MBI [chars]The MBI infrastructure detected an abnormality with the MBI passed ([chars]). Ignoring this MBI. Error: [chars]. Explanation The MBI passed was not in the expected form. The MBI infrastructure will ignore this MBI and most likely new MBI will be downloaded from dSC as result. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1798 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-INVALID_ARG [chars]An invalid argument was passed to the MBI infrastructure. Explanation An internal error has occurred in an application that has caused it to pass invalid data to the MBI infrastructure. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-INVALID_ARG [chars]An invalid argument was passed to the MBI infrastructure. Explanation An internal error has occurred in an application that has caused it to pass invalid data to the MBI infrastructure. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-INVALID_ARG [chars]An invalid argument was passed to the MBI infrastructure. Explanation An internal error has occurred in an application that has caused it to pass invalid data to the MBI infrastructure. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-MALLOC_FAIL [chars]Unable to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Platform Messages MBIMGR Messages EM-1799 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-MALLOC_FAIL [chars]Unable to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-MBIMGR-3-MALLOC_FAIL [chars]Unable to allocate [unsigned int] bytes of memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-MBIMGR-3-NODEID_EXTRACT_FAIL [chars]The infrastructure failed to extract the R/S/I elements of node [dec] for for the MBI infrastructure, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_EXTRACT_FAIL [chars]The infrastructure failed to extract the R/S/I elements of node [dec] for for the MBI infrastructure, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1800 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-NODEID_EXTRACT_FAIL [chars]The infrastructure failed to extract the R/S/I elements of node [dec] for for the MBI infrastructure, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_FAIL [chars]The infrastructure failed to inform the MBI infrastructure of the location where it is running, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_FAIL [chars]The infrastructure failed to inform the MBI infrastructure of the location where it is running, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_FAIL [chars]The infrastructure failed to inform the MBI infrastructure of the location where it is running, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1801 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-NODEID_TO_IP_ADDR_FAIL [chars]The infrastructure was unable to return the IP address of a node ([dec]) to the MBI infrastructure, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_TO_IP_ADDR_FAIL [chars]The infrastructure was unable to return the IP address of a node ([dec]) to the MBI infrastructure, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_TO_IP_ADDR_FAIL [chars]The infrastructure was unable to return the IP address of a node ([dec]) to the MBI infrastructure, error: [chars]. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_TO_STR_EXTERNAL_FAIL The infrastructure was unable to create an external representation of a location ([dec]) for the MBI, error: [chars]. Error messages from the MBI infrastructure will not contain the prefix-string that represents the remote location being processed. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1802 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-NODEID_TO_STR_EXTERNAL_FAIL The infrastructure was unable to create an external representation of a location ([dec]) for the MBI, error: [chars]. Error messages from the MBI infrastructure will not contain the prefix-string that represents the remote location being processed. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NODEID_TO_STR_EXTERNAL_FAIL The infrastructure was unable to create an external representation of a location ([dec]) for the MBI, error: [chars]. Error messages from the MBI infrastructure will not contain the prefix-string that represents the remote location being processed. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NULL_PTR Unexpected NULL pointer passed to the MBI infrastructure by a client Explanation An internal error has occurred in an application that has caused it to pass invalid data to the MBI infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-NULL_PTR Unexpected NULL pointer passed to the MBI infrastructure by a client Explanation An internal error has occurred in an application that has caused it to pass invalid data to the MBI infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1803 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-NULL_PTR Unexpected NULL pointer passed to the MBI infrastructure by a client Explanation An internal error has occurred in an application that has caused it to pass invalid data to the MBI infrastructure. The current request or operation may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-TFTP_INFO_FAIL [chars]The MBI infrastructure failed to populate the TFTP information, error: [chars]. Explanation The TFTP information is unavailable. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-TFTP_INFO_FAIL [chars]The MBI infrastructure failed to populate the TFTP information, error: [chars]. Explanation The TFTP information is unavailable. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-TFTP_INFO_FAIL [chars]The MBI infrastructure failed to populate the TFTP information, error: [chars]. Explanation The TFTP information is unavailable. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1804 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-3-UNKNOWN_BOARDTYPE [chars]An unknown boardtype ([dec]) was passed to the MBI infrastructure. Explanation Either an invalid boardtype is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-UNKNOWN_BOARDTYPE [chars]An unknown boardtype ([dec]) was passed to the MBI infrastructure. Explanation Either an invalid boardtype is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-3-UNKNOWN_BOARDTYPE [chars]An unknown boardtype ([dec]) was passed to the MBI infrastructure. Explanation Either an invalid boardtype is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-4-REMOTE_NODEID_MSG_STR_CREATE_FAIL The MBI infrastructure failed to create a message string for a remote location ([dec]), error: [chars]. Error messages from the MBI infrastructure will not contain the prefix-string that represents the remote location being processed. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages MBIMGR Messages EM-1805 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-4-REMOTE_NODEID_MSG_STR_CREATE_FAIL The MBI infrastructure failed to create a message string for a remote location ([dec]), error: [chars]. Error messages from the MBI infrastructure will not contain the prefix-string that represents the remote location being processed. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-4-REMOTE_NODEID_MSG_STR_CREATE_FAIL The MBI infrastructure failed to create a message string for a remote location ([dec]), error: [chars]. Error messages from the MBI infrastructure will not contain the prefix-string that represents the remote location being processed. Explanation Either an invalid location is being queried, or the infrastructure is behaving incorrectly. The MBI operation in progress may not be carried out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-6-MBIVSN_DIGIT_INFO MBIMGR: [chars] ([dec]) Explanation MBI Mgr general info Recommended Action No action is required. Error Message %PLATFORM-MBIMGR-6-MBIVSN_DIGIT_INFO MBIMGR: [chars] ([dec]) Explanation MBI Mgr general info Recommended Action No action is required. Error Message %PLATFORM-MBIMGR-6-MBIVSN_DIGIT_INFO MBIMGR: [chars] ([dec]) Explanation MBI Mgr general info Recommended Action No action is required. Platform Messages MBIMGR Messages EM-1806 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-6-MBIVSN_STR_INFO MBIMGR: [chars] ([chars]) Explanation MBI Mgr general info Recommended Action No action is required. Error Message %PLATFORM-MBIMGR-6-MBIVSN_STR_INFO MBIMGR: [chars] ([chars]) Explanation MBI Mgr general info Recommended Action No action is required. Error Message %PLATFORM-MBIMGR-6-MBIVSN_STR_INFO MBIMGR: [chars] ([chars]) Explanation MBI Mgr general info Recommended Action No action is required. Error Message %PLATFORM-MBIMGR-7-IMAGE_VALIDATED [chars]: MBI [chars] validated Explanation A message to indicate which MBI was validated for which location. Recommended Action No action is required. Error Message %PLATFORM-MBIMGR-7-IMAGE_VALIDATED [chars]: MBI [chars] validated Explanation A message to indicate which MBI was validated for which location. Recommended Action No action is required. Error Message %PLATFORM-MBIMGR-7-IMAGE_VALIDATED [chars]: MBI [chars] validated Explanation A message to indicate which MBI was validated for which location. Recommended Action No action is required. Platform Messages MBUS Messages EM-1807 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBIMGR-7-INVALID_MBIVSN [chars]Invalid MBI spec passed in ([chars]): [chars] Explanation A problem was found in the MBI spec that was passed in. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-7-INVALID_MBIVSN [chars]Invalid MBI spec passed in ([chars]): [chars] Explanation A problem was found in the MBI spec that was passed in. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MBIMGR-7-INVALID_MBIVSN [chars]Invalid MBI spec passed in ([chars]): [chars] Explanation A problem was found in the MBI spec that was passed in. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MBUS Messages Error Message %PLATFORM-MBUS-4-SVC_AGENT_ROM_DOWN_REV slot [dec]: mbus rom agent is down-rev (V[dec].[dec]), suggest upgrade to current (V[dec].[dec]). Use the upgrade mbus CLI in admin mode. Explanation The version of Mbus agent ROM on slot is not current. %d - is the slot number of the card in question. %d - is the major version of the agent currently in ROM %d - is the minor version of the agent currently in ROM %d - is the major version of the agent that is recommeneded %d - is the minor version of the agent that is recommeneded Recommended Action Upgrade the rom agent on the car in the specified slot. In admin mode issue the following command upgrade mbus location 0/slot/cpu0 where slot is the number of the slot shown in the warning message Platform Messages MBUS Messages EM-1808 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBUS-7-API_DEBUG [chars] ([hex]) Explanation mbus debugging information. %s debug or software error message %X error returns code in hexdecimal format. Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-API_DOWNLOAD_FAIL_STATUS download failed ([chars]). Explanation mbus debug info %s - a string containing the slot number. Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-API_FILE_OPERATION_FAILED Failed to perform [chars] on file [chars]. Explanation mbus debug information %s - operation performed on file (e.g. open, close). %s - filename. Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-API_INFO [chars] Explanation mbus debug information %s - debug message Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-API_INFO_DUMP [chars] Explanation Displaying mbus debug information. %s - information message to be displayed Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-API_INVALID_SLOT invalid slot [dec]. Explanation mbus debug information %d - slot number Recommended Action No action is required. Platform Messages MBUS Messages EM-1809 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBUS-7-API_NULL_PARAMETER unexpected null pointer passed to function. Explanation mbus debug information Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-ATTACH_DEBUG [chars] Explanation mbus debugging information. %s - debug message Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-ATTACH_ERR [chars] ([hex]) Explanation mbus debug info %s - attach error information. %X - error return code Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-ATTACH_INFO_DUMP [chars] Explanation mbus debug info %s - attach statistics Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-CLIENT_FAILURE [chars] Explanation mbus debug information %s - describes the function that failed Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-MSG_INFO_DUMP [chars] Explanation mbus debug information. %s - is the information being displayed for debug purposes Recommended Action No action is required. Platform Messages MBUS Messages EM-1810 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBUS-7-MSG_INFO_DUMP [chars] Explanation mbus debug information. %s - is the information being displayed for debug purposes Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-SVC_AGENT_CHECK_FAILED mbus: local agent check failed ([chars]). Explanation mbus debug information %s - is a string outlining the action that the system will take to attempt to recover (e.g. forcing RAM download). Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-SVC_DEBUG [chars] ([hex]) Explanation mbus debug information. %s - is the debug message Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-SVC_EOF_UNEXPECTED mbus: EOF unexpected on file [chars]. Explanation mbus debug information. %s - is the file name in question. Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-SVC_FILE_OPERATION_FAILED mbus: Failed to perform [chars] on file [chars]. Explanation mbus debug information. %s - indicates the type of file operations (e.g. open, close) %s - is the file name in question. Recommended Action No action is required. Error Message %PLATFORM-MBUS-7-SVC_INFO_DUMP [chars] Explanation mbus debug information. %s - is the information being displayed for debug purposes Recommended Action No action is required. Platform Messages MCE Messages EM-1811 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-MBUS-7-SVC_INVALID_STREAM mbus: invalid stream [dec]. Explanation mbus debug information %d - is the stream identifier. Recommended Action No action is required. MCE Messages Error Message %PLATFORM-MCE-2-L2CACHE_ERR L2 CACHE ERROR Explanation The message is displayed whenever there is a L2 cache error in CPU. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MDIO Messages Error Message %PLATFORM-MDIO-3-ERROR_EXIT MDIO process exiting because [chars], error code [chars] Explanation The MDIO process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ether-ctrl location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MDIO-7-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required.Platform Messages MLAN Messages EM-1812 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MLAN Messages Error Message %PLATFORM-MLAN-3-DRIVER_ERROR Failed to [chars] for port [dec], error [chars]. Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-MLAN-3-OPERATION_ERROR Failed to [chars], port [dec], error [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-MLAN-6-DRIVER_INFO [chars], for port [dec]. Status/Value is [dec]. Explanation The particular operation mentioned in the message gave a informative message. This is not a failure. Recommended Action No action is required. Error Message %PLATFORM-MLAN-6-OPERATION_INFO [chars], for port [dec]. Status/Value is [dec]. Explanation The particular operation mentioned in the message gave an informative message. This is not a failure. Recommended Action No action is required. Error Message %PLATFORM-MLAN-7-OPERATION_TRACE [chars] traceback for port [dec]. Explanation The particular operation mentioned in the message gave a trace message. This is not a failure. Recommended Action No action is required.Platform Messages MPC8641 Messages EM-1813 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MPC8641 Messages Error Message %PLATFORM-MPC8641-3-PCI_ERROR Controller [dec]: [chars] Explanation There are some PCI errors reported as shown. Those errors are non-fatal. %d - the PCIe controller id %s - indicates the reason for the failure. Recommended Action If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MPC8641-3-PCI_FATAL Controller [dec]: [chars] Explanation MPC8641 PCI Controller encounters a fatal error. %d - MPC8641 PCI Controller id. %s - is the error reason. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-MPC8641-3-PCI_SW_ERR [chars] failed ([chars]) Explanation There are S/W errors to setup the interrupt handling for MPC8641’s PCI controller’s interrupts. Recommended Action If a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0’ where x is the slot of route processor that generated the error. If no redundant RP is configured, you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages MSM Messages EM-1814 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MSM Messages Error Message %PLATFORM-MSM-3-ERR [chars], [chars], err equals [hex] Explanation Failure in Multishelf Manager. Recommended Action No action is required. Error Message %PLATFORM-MSM-3-ERR [chars], [chars], err equals [hex] Explanation Failure in Multishelf Manager. Recommended Action No action is required. NETIO_LC Messages Error Message %PLATFORM-NETIO_LC-3-FAB [chars]: [chars] Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NETIO_LC-3-FAB_ERR [chars]: [chars] (type [dec]) Explanation An unexpected error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NETIO_LC-7-FAB_SEND [chars]: Transmitting Fabric packet (size equals [dec]) Explanation debugging msg Recommended Action NONEPlatform Messages NFEA_HW_PROG Messages EM-1815 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 NFEA_HW_PROG Messages Error Message %PLATFORM-NFEA_HW_PROG-5-MAX_LIMIT Exceeding max [chars] Explanation This message indicates that the configuration is exceeding the maximum Sampling Rate of 4 or the maximum Flow Sampler limit of 16 in a given direction. Recommended Action To configure new sampling rate or new Sampler info, unconfigure the existing Sampler info / Sampling rate and configure with the new one. Error Message %PLATFORM-NFEA_HW_PROG-6-INFO_MSG [chars] Explanation Netflow punt rate is more than policer rate, it informs the user when such an event occurs Recommended Action Reduce netflow sampling rate. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NFEA_HW_PROG-7-ERR_MSG [chars] Explanation During initialization, an internal error occurred in Netflow which involves exiting the process. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NFEA_HW_PROG-7-ERR_MSG [chars] Explanation During initialization, an internal error occurred in Netflow which involves exiting the process. Recommended Action When this issue happens, it will trigger an automatic restart. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages NP Messages EM-1816 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 NP Messages Error Message %PLATFORM-NP-0-CENTRAL_CLUSTER_PARITY Central cluster parity interrupt. Indicates an internal SRAM problem in the TOPModify/PEX/General block, NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action This error can be corrected by reloading the LC using the command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-FATAL_INT_CASE fatal interrupt case and unable to handle, chip equals [dec], memId equals [dec] Explanation Unable to handle the interrupt. Too many errors. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-HW_DOUBLE_ECC_ERROR NP DOUBLE ECC ERROR, NP equals [dec], memId equals [dec], subMemId equals [hex] Explanation NP detects double ECC ERROR and reported through interrupts Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-INIT_ERR [chars] Explanation Network Processor Initialization encountered a critical error that renders the system unusable. Recommended Action Check if the board comes up fine after the LC reboot. If the board does not recover - it will need to be replaced. Platform Messages NP Messages EM-1817 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-NP-0-MATRIX_CLUSTER_PARITY Matrix cluster parity interrupt. Indicates an internal SRAM problem in the Shared block. NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action This error can be corrected by reloading the LC using the command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-NP_INIT_FAILURE Persistent Initialization Failure. Explanation NP Persistent Initialization failure Indicates a problem with the Network processor on the LineCard. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-PARSE_CLUSTER_PARITY TopParse cluster parity interrupt. Indicates an interanl SRAM problem in the TopParse. NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action This error can be corrected by reloading the LC using the command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-PEX_PARITY Pex parity error Explanation A parity error interrupt at data phase of the PEX WR transaction Recommended Action This error can be corrected by reloading the LC using the command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages NP Messages EM-1818 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-NP-0-RESOLVE_CLUSTER_PARITY TOPresolve cluster parity interrupt. Indicates an internal SRAM problem in the TOPResolve block, NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action This error can be corrected by reloading the LC using the command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-SEARCH_CLUSTER_PARITY TOPsearch I cluster parity interrupt. Indicates an interanl SRAM problem in the TOPsearch I block, NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action This error can be corrected by reloading the LC using the command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-TCAM_FATAL_INT_CASE tcam fatal interrupt case and unable to handle, chip equals [dec] Explanation Unable to handle the interrupt. too many tcam parity errors. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-TCAM_WRITE_PARITY_ERROR TCAM write parity error. chip equals [dec] Explanation A parity error interrupt Recommended Action This error can be corrected by reloading the LC using the command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages NP Messages EM-1819 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-NP-0-TM_CNTL_CLUSTER_PARITY TM control memory cluster parity interrupt. Indicates an internal SRAM problem in TM control memory, NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-TMA_CLUSTER_PARITY TMa cluster parity interrupt. Indicates an internal SRAM problem in TMa cluster, NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-TMB_CLUSTER_PARITY TMb cluster parity interrupt. Indicates an internal SRAM problem in TMb cluster, NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-0-TMC_CLUSTER_PARITY TMc cluster parity interrupt. Indicates an internal SRAM problem in TMc cluster, NP equals [dec] memId equals [dec], mask equals [hex], PMask equals [hex] SRAMLine equals [dec] Rec equals [dec] Rewr equals [dec] Explanation A parity error interrupt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages NP Messages EM-1820 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-NP-3-BIQ_EMPTY The buffers used by all TMs (TMa+TMb+TMc) exceeds the configured threshold Explanation NP detects BIQ_EMPTY and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-EG_FBU_POOL_EMPTY The side B (TMb+TMc) Frame buffers pool is empty Explanation NP detects EG_FBU_POOL_EMPTY and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-FBU3_LOW_RESOURCE The FBU3 low resource interrupt Explanation NP detects FBU3_LOW_RESOURCE and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-HOST_SLAVE_QUEUE_FULL The buffers used by frames destined for Host PCI exceeds the configured threshold Explanation NP detects HOST_SLAVE_QUEUE_FULL and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages NP Messages EM-1821 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-NP-3-HW_OQ_FULL OQ structure is full. System cannot write additional OQ entries into the queue Explanation NP detects OQ_FULL and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-HW_RX_RFD_EMPTY The number of buffers in the Rx Pointer Table reaches zero Explanation NP detects RX_RFD_EMPTY and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-HW_SINGLE_ECC_ERROR NP SINGLE ECC ERROR, NP equals [dec], memId equals [dec], subMemId equals [hex] Explanation NP detects single ECC ERROR and reported through interrupts Recommended Action Transient alarm. HW has already corrected the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-HW_TFD_FULL TFD structure is full. System cannot write additional TFD entries into the queue Explanation NP detects OQ_FULL and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages NP Messages EM-1822 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-NP-3-HW_TX_RFD_EMPTY The number of buffers in the Tx Pointer Table reaches zero Explanation NP detects TX_RFD_EMPTY and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-ING_FBU_POOL_EMPTY The TMa frame buffers pool is empty Explanation NP detects ING_FBU_POOL_EMPTY and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-3-OOR [chars] Explanation Network Processor Provisioning experienced an Out-of-resource condition that could not be reported back to provisioning agent for recovery/back-off Loss of configuration and data could occur. Recommended Action Loss of configuration and data could occur. Revisit recent provisioning or route-update events to see if router resources have been exceeded. Error Message %PLATFORM-NP-3-TMA_FULL The buffers used by destination TMa exceeds the configured threshold Explanation NP detects TMA_FULL and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages OBFL Messages EM-1823 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-NP-3-TMB_FULL The buffers used by destination Side B (TMb+TMc) exceeds the configured threshold Explanation NP detects TMB_FULL and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-NP-4-FAULT [chars] Explanation Network Processor Experienced a Fault condition that has been self-recovered from. If this condition persists or occurs frequently, line card is deemed unhealthy. Recommended Action None. Error Message %PLATFORM-NP-6-HOST_SLAVE_QUEUE_NOT_EMPTY The TMa destination host slave queue not empty Explanation NP detects HOST_SLAVE_QUEUE_NOT_EMPTY and reported through interrupts Recommended Action No specific actions needed. The software should be able to recover from this error. OBFL Messages Error Message %PLATFORM-OBFL-3-ERR [chars]: [chars] Explanation Internal software failure. Recommended Action No action is required. obfl Messages Error Message %PLATFORM-obfl-3-ERR [chars]: [chars] Explanation Internal software failure. Recommended Action No action is required.Platform Messages OBFL Messages EM-1824 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OBFL Messages Error Message %PLATFORM-OBFL-3-ERR_CREATE [chars] Explanation Failure to create an OBFL record. This may indicate a problem with the bootflash. Recommended Action Make sure that the bootflash is formatted. obfl Messages Error Message %PLATFORM-obfl-3-ERR_CREATE [chars] Explanation Failure to create an OBFL record. This may indicate a problem with the bootflash. Recommended Action Make sure that the bootflash is formatted. OBFL Messages Error Message %PLATFORM-OBFL-3-ERR_GET [chars]: [chars] Explanation Failure to get the data to write the OBFL. Recommended Action No action is required. obfl Messages Error Message %PLATFORM-obfl-3-ERR_GET [chars]: [chars] Explanation Failure to get the data to write the OBFL. Recommended Action No action is required.Platform Messages OBFL Messages EM-1825 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OBFL Messages Error Message %PLATFORM-OBFL-3-ERR_INIT [chars]: [chars], exiting... Explanation The process failed to initialize properly. This indicates that there was a software error during initialization. Recommended Action No action is required. obfl Messages Error Message %PLATFORM-obfl-3-ERR_INIT [chars]: [chars], exiting... Explanation The process failed to initialize properly. This indicates that there was a software error during initialization. Recommended Action No action is required. OBFL Messages Error Message %PLATFORM-OBFL-3-ERR_INIT_NO_EXIT [chars]: [chars] Explanation The process failed to initialize properly. This indicates that there was a software error during initialization. Recommended Action No action is required. Error Message %PLATFORM-OBFL-3-ERR_WRITE [chars]: [chars] Explanation Failure to write the OBFL. Recommended Action No action is required.Platform Messages obfl Messages EM-1826 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 obfl Messages Error Message %PLATFORM-obfl-3-ERR_WRITE [chars]: [chars] Explanation Failure to write the OBFL. Recommended Action No action is required. Error Message %PLATFORM-obfl-7-ERR_EVM_CREATE Could not create event manager for obfl process. Error: [chars] Explanation A event manager crreate failed. Recommended Action None. obfl controller process will restart automatically Error Message %PLATFORM-obfl-7-ERR_INTERNAL [chars]: [chars] Explanation Miscellaneous software error. Recommended Action No action is required. Error Message %PLATFORM-obfl-7-ERR_MALLOC Malloc for -[dec] bytes failed Explanation Memory allocation failed. Recommended Action No action is required. Error Message %PLATFORM-obfl-7-ERR_SYSDB_REG_NOTIF Sysdb registration for notification on path -[chars] failed Explanation Application faile to register for notification Recommended Action No action is required. Error Message %PLATFORM-obfl-7-ERR_THREAD_CREATE Could not create thread. Error: [chars] Explanation A thread could not be created. Recommended Action None. obfl controller process will restart automatically Platform Messages OIRD Messages EM-1827 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-obfl-7-ERROR Error, [chars] Explanation Envmon encountered a software error. Recommended Action No action is required. Error Message %PLATFORM-obfl-7-TRACE_INTERNAL [chars]: [chars] Explanation software trace. Recommended Action No action is required. OIRD Messages Error Message %PLATFORM-OIRD-5-OIRIN OIR: Node [chars] inserted Explanation Detected a card is inserted into the chassis. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-5-OIRIN OIR: Node [chars] inserted Explanation Detected a card is inserted into the chassis. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-5-OIROUT OIR: Node [chars] removed Explanation Detected a card is removed from the chassis. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages OIRD Messages EM-1828 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-OIRD-5-OIROUT OIR: Node [chars] removed Explanation Detected a card is removed from the chassis. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-ASYNC_ATTACH_FAIL Failed to attach handler for async events: [chars] Explanation Failed to attach handler for async events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-ASYNC_ATTACH_FAIL Failed to attach handler for async events: [chars] Explanation Failed to attach handler for async events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-ASYNC_MSG_ERROR Received unexpected message: [dec] Explanation Received unexpected async message type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-OIRD-7-ASYNC_MSG_ERROR Received unexpected message: [dec] Explanation Received unexpected async message type. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Platform Messages OIRD Messages EM-1829 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-OIRD-7-CHKPT_FAIL Failed to perform checkpoint services: [chars] Explanation Failed to perform checkpoint service functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-CHKPT_FAIL Failed to perform checkpoint services: [chars] Explanation Failed to perform checkpoint service functions. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-EVM_CREATE_FAIL Failed to create event manager: [chars] Explanation Failed to create event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-EVM_CREATE_FAIL Failed to create event manager: [chars] Explanation Failed to create event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-MMAP_FAIL Failed to map OIR registers to process space Explanation Failed to mmap OIR registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages OIRD Messages EM-1830 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-OIRD-7-MMAP_FAIL Failed to map OIR registers to process space Explanation Failed to mmap OIR registers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-MSG_ATTACH_FAIL Failed to attach handler for sync events: [chars] Explanation Failed to attach handler for sync events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-MSG_ATTACH_FAIL Failed to attach handler for sync events: [chars] Explanation Failed to attach handler for sync events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-MSG_CHAN_CONN_FAIL Failed to connect to message channel: [chars] Explanation Failed to attach handler for sync messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-MSG_CHAN_CONN_FAIL Failed to connect to message channel: [chars] Explanation Failed to attach handler for sync messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages OIRD Messages EM-1831 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-OIRD-7-MSG_ERROR Received unexpected message : [chars] Explanation Received unexpected message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-OIRD-7-MSG_ERROR Received unexpected message : [chars] Explanation Received unexpected message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-OIRD-7-THREAD_CREATE_FAIL Failed to create thread [chars] Explanation Failed to create threads. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-THREAD_CREATE_FAIL Failed to create thread [chars] Explanation Failed to create threads. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-TIMER_CREATE_FAIL Failed to create timer: [chars] Explanation Failed to create timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages OIRD Messages EM-1832 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-OIRD-7-TIMER_CREATE_FAIL Failed to create timer: [chars] Explanation Failed to create timer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-TIMER_INIT_FAIL Failed to init timer events: [chars] Explanation Failed to init timer events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-TIMER_INIT_FAIL Failed to init timer events: [chars] Explanation Failed to init timer events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-OIRD-7-UNEXPECTED Unexpected: [chars]: [chars] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %PLATFORM-OIRD-7-UNEXPECTED Unexpected: [chars]: [chars] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required.Platform Messages PCIER Messages EM-1833 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PCIER Messages Error Message %PLATFORM-PCIER-2-PCIE_1_ROOT_ERROR PCIE Root Complex 1 error detected. Explanation A PCIE error detected in Root Complex 1 Recommended Action Please correct the problem by reloading the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PCIER-2-PCIE_2_ROOT_ERROR PCIE Root Complex 2 error detected. Explanation A PCIE error detected in Root Complex 2 Recommended Action Please correct the problem by reloading the board. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PCIMGR Messages Error Message %PLATFORM-PCIMGR-2-SW_FATAL_ERROR fatal s/w error encountered - [chars], [chars], line [dec] Explanation An unrecoverable fatal s/w error was encountered, which resulted in process restart. The exact cause is appended to the error msg. Contact support with this information. Recommended Action Reload the board. *SUPPORT* Error Message %PLATFORM-PCIMGR-3-MUTEX_LOCK_ERROR [chars]() line[dec]: pci bus manager mutex lock error Explanation The mutex lock for accessing register returned error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PCMCIA Messages EM-1834 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PCIMGR-3-MUTEX_UNLOCK_ERROR [chars]() line[dec]: pci bus manager mutex unlock error Explanation The mutex unlock for register operation returned error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PCIMGR-3-REG_PM_ERROR [chars]() line[dec]: pci bus manager failed register to platform mgr Explanation The function call to pm_fault_register_device returned fail Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PCMCIA Messages Error Message %PLATFORM-PCMCIA-3-PCI_DEV_ATTACH_ERROR PCMCIA driver failed to attach to the pci device Explanation can not get pci device info from PCI bus mgr Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PCMCIA-3-PCI_SVR_ATTACH_ERROR Can’t locate PCI server Explanation PCMCIA driver can not attach to PCI bus mgr Recommended Action ’OIR PC Card’ Error Message %PLATFORM-PCMCIA-7-MEM_MAP_ERROR PCMCIA driver failed mapping io/mem addr space Explanation mem/io mapping form pcmcia driver failed Recommended Action ’Check PC card insertion, format, or unsupported type’ Platform Messages PCMCIAD Messages EM-1835 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PCMCIA-7-REG_PM_ERROR PCMCIA driver failed regist to platform mgr Explanation The function call to pm_fault_register_device returned fail Recommended Action ’Check PCMCIAD process’ PCMCIAD Messages Error Message %PLATFORM-PCMCIAD-7-FUNCTION_FAILED [chars]() failed: [chars] Explanation The function specified failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PCMCIAD-7-KILL_FAILED kill to pid [dec] failed: [chars] Explanation Probably the process being killed has already exited Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PCMCIAD-7-MSGSEND_FAILED MsgSendPulse operation failed: [chars] Explanation Failed to send pulse to resmgr thread to handle SIGCHLD Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PCMCIAD-7-RESTART Pcmciad died and has come back up. Killing its old children Explanation pcmciad died and had come back up. It is killing children spawned by old pcmciad so that it can respawn new ones. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PCTL Messages EM-1836 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PCMCIAD-7-SIGNAL_OP_FAILED Signal operation [chars] failed: [chars] Explanation Singal masking or handler installation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PCMCIAD-7-UNLINK_FAILED unlink of file [chars] failed: [chars] Explanation Should not happen. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PCTL Messages Error Message %PLATFORM-PCTL-3-gsp_msg_failed Failure to notify node state when [chars]: [chars] Explanation The internal communication channel among pctl threads is broken. Recommended Action Must restart the process. Error Message %PLATFORM-PCTL-3-gsp_msg_failed Failure to notify node state when [chars]: [chars] Explanation The internal communication channel among pctl threads is broken. Recommended Action Must restart the process. Error Message %PLATFORM-PCTL-3-gsp_msg_failed Failure to notify node state when [chars]: [chars] Explanation The internal communication channel among pctl threads is broken. Recommended Action Must restart the process.Platform Messages PEX8111 Messages EM-1837 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PEX8111 Messages Error Message %PLATFORM-PEX8111-1-EXIT_INIT Initialization error, Exiting. Reason: [[hex]]:[chars] Explanation The message can be displayed whenever there is a driver initialization error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8111-2-DEVICE_INTERNAL_ERROR PCIE device internal error Explanation There was an internal failure reported by the PCIE device Recommended Action This error is a momentary error and software should be able to correct it. If this error persisted for a period of 60 seconds, please perform the following actions: 1. Please check for read/write access to the attached compact flash or eUSB device by creation a temporary file. 2. If the problem still exists, please reload the board using the following command: ’reload location ’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8111-2-TRANSACTION_TIMEOUT PCIE transaction timeout Explanation PCIE transaction timeout Recommended Action This error is a momentary error and software should be able to correct it. If this error persisted for a period of 60 seconds, please perform the following actions: 1. Please check for read/write access to the attached compact flash or eUSB device by creation a temporary file. 2. If the problem still exists, please reload the board using the following command: ’reload location ’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8111-2-UNSUPPORTED_REQUEST PCIE unsupported request Explanation PCIE device reported an unsupported request Recommended Action This error is a momentary error and software should be able to correct it. If this error persisted for a period of 60 seconds, please perform the following actions: 1. Please check for read/write access to the attached compact flash or eUSB device by creation a temporary file. 2. If the problem still exists, please reload the board using the following command: ’reload location ’ If Platform Messages PEX8508 Messages EM-1838 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8111-2-WARN_INIT Initialization error, Warning. Reason: [chars] Explanation The message can be displayed whenever there is a driver initialization error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8111-3-INTR_MASKED PCIE interrupts masked due to large errors Explanation PCIE interrupts masked due to large errors Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PEX8508 Messages Error Message %PLATFORM-PEX8508-1-EXIT_INIT Initialization error, Exiting. Reason: [[hex]]:[chars] Explanation The message can be displayed whenever there is a driver initialization error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8508-2-BIST_FAIL PCIE device internal BIST error Explanation There was a failure in Built-in self test of PCIE device Recommended Action Please reload the board using the following command: ’reload location ’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PEX8508 Messages EM-1839 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PEX8508-2-HW_STRAP_ERROR PCIE device hardware strap error Explanation PCIE device hardware strap error Recommended Action Please reload the board using the following command: ’reload location ’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8508-2-LINK_TRAIN_FAIL PCIE link train failure Explanation PCIE link train failure Recommended Action Please reload the board using the following command: ’reload location ’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8508-2-UNCORR_ECC_ERROR PCIE device uncorrectable ECC error Explanation PCIE device uncorrectable ECC error Recommended Action This error is a momentary error and software should be able to correct it. No action is required. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8508-2-WARN_INIT Initialization error, Warning. Reason: [chars] Explanation The message can be displayed whenever there is a driver initialization error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEX8508-3-CORR_ECC_ERROR PCIE device correctable ECC error Explanation PCIE device correctable ECC error Recommended Action This error is a momentary error and software should be able to correct it. No action is required. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PEXRC Messages EM-1840 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PEX8508-3-INTR_MASKED PCIE interrupts masked due to large errors Explanation PCIE interrupts masked due to large errors Recommended Action This error is a momentary error and software should be able to correct it. No action is required. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PEXRC Messages Error Message %PLATFORM-PEXRC-1-EXIT_INIT Initialization error, Exiting. Reason: [[hex]]:[chars] Explanation The message can be displayed whenever there is a driver initialization error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PEXRC-2-WARN_INIT Initialization error, Warning. Reason: [chars] Explanation The message can be displayed whenever there is a driver initialization error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PFM Messages Error Message %PLATFORM-PFM-0-CARD_RESET_REQ [chars] Explanation Platform Fault Manager Node is performing a card reset based on recovery action defined in the Application Fault Condition Database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PFM Messages EM-1841 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PFM-0-GRACEFUL_CARD_RESET_TIMED_OUT [chars] Explanation The Grace Card Shutdown/Reset request with the sysmgr timed out. Attempts to perform a non-grace node reboot instead. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-2-LIB_LC_RESET LC Reset: Reason - [chars] Explanation Platform Fault Manager DLL received a fatal error from one of the LC devices. The LC MUST be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-APPL_COND_RESYNC_MISMATCH ProcName: [chars], ProcessId: [dec], Dev Name: [chars] ([hex]), condName: [chars] ([dec]) is not raised after resync Explanation Platform Fault Manager Node detected a db inconsistency when performing a resync with an application. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-APPL_DEV_RESYNC_MISMATCH ProcName: [chars], ProcessId: [dec], Dev Name: [chars] ([hex]) is not registered after resync Explanation Platform Fault Manager Node detected a db inconsistency when performing a resync with an application. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PFM Messages EM-1842 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PFM-3-APPL_RESYNC_MISMATCH ProcName: [chars], ProcessId: [dec] is not registered after resync Explanation Platform Fault Manager Node detected a db inconsistency when performing a resync with an application. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-CARD_RESET_NOT_ALLOWED Not allowed for an Error sev fault: [chars] Explanation Platform Fault Manager Node detects an invalid Reset action defined in the Application Fault Condition Database. An fault of severity Error is not allowed to perform a card reset recovery action. Recommended Action -- Error Message %PLATFORM-PFM-3-CHIP_RESET_NOT_ALLOWED Not allowed for an Error sev fault: [chars] Explanation Platform Fault Manager Node detects an invalid Reset action defined in the Application Fault Condition Database. An fault of severity Error is not allowed to perform a chip reset recovery action. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-CHIP_RESET_NOT_SUPPORTED Not Supported: [chars] Explanation Platform Fault Manager Node detects an invalid Reset action defined in the Application Fault Condition Database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PFM Messages EM-1843 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PFM-3-DB_INT_ERR DB internal error, reason equals [chars] Explanation Platform Fault Manager NFM encountered an error due to internal software issue and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-INV_FAULT_SEVERITY Invalid Fault Severity: [chars] Explanation Platform Fault Manager Node detects an invalid fault severity defined in the Application Fault Condition Database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-LIB_INT_ERR Lib internal error, reason equals [chars] Explanation Platform Fault Manager DLL encountered an error due to internal software issue and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-LIB_NOMEM_ERR Lib no more memory Explanation Platform Fault Manager DLL was unable to add a new fault condition due to lack of memory. This condition will cause the DLL to exit. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PFM Messages EM-1844 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PFM-3-LIB_SENT_FAIL PFM Library can’t sent any fault condition to NFM, reason equals [chars] Explanation Platform Fault Manager DLL encountered an error due to internal software issue and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-NFM_INT_ERR PFM Node internal error, reason equals [chars] Explanation Platform Fault Manager Node encountered an error due to internal software issue and is able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-NODE_INT_ERR PFM Node internal error, reason equals [chars] Explanation Platform Fault Manager Node encountered an error due to internal software issue and is able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-3-NODE_INT_SLOW_REP_ERR PFM Node internal error, reason equals [chars] Explanation Platform Fault Manager Node encountered an error due to internal software issue and is able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PLAT_FIB_HAL Messages EM-1845 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PFM-3-UNK_RECOVERY_ACTION Unknown Recovery action: [dec], [chars] Explanation Platform Fault Manager Node detects an invalid Reset action defined in the Application Fault Condition Database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-6-FAULT_SUPPRESSED_EVT_INFO [chars] Explanation Useful general info logged by the Platform Fault Manager that can used to establish a sequence of events that occurred in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PFM-6-NODE_INFO PFM Node Information: [chars] Explanation Useful general info logged by the Platform Fault Manager that can used to establish a sequence of events that occurred in the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLAT_FIB_HAL Messages Error Message %PLATFORM-PLAT_FIB_HAL-3-ERR_DETAIL [chars] [hex], [chars] [dec], [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB_HAL Messages EM-1846 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_HAL-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_HAL-3-ERR_INFO_HEX [chars] [hex] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_HAL-3-ERR_INFO_RT [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_HAL-3-ERR_STR [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_HAL-3-ERR_STR_RT [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB_MPLS Messages EM-1847 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_HAL-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_HAL-3-ERROR_RT [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_HAL-6-INFO [chars] Explanation PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. PLAT_FIB_MPLS Messages Error Message %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL [chars] Explanation PLATFORM FIB, Critical error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL [chars] Explanation PLATFORM FIB, Critical error Recommended Action *SUPPORT* Platform Messages PLAT_FIB_MPLS Messages EM-1848 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL [chars] Explanation PLATFORM FIB, Critical error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL_INFO [chars] [dec] Explanation PLATFORM FIB, Critical error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL_INFO [chars] [dec] Explanation PLATFORM FIB, Critical error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL_INFO [chars] [dec] Explanation PLATFORM FIB, Critical error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_DETAIL [chars] [hex], [chars] [dec], [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_DETAIL [chars] [hex], [chars] [dec], [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB_MPLS Messages EM-1849 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_DETAIL [chars] [hex], [chars] [dec], [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Platform Messages PLAT_FIB_MPLS Messages EM-1850 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO_HEX [chars] [hex] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO_HEX [chars] [hex] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO_HEX [chars] [hex] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB_MPLS Messages EM-1851 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR [chars] [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR [chars] [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR [chars] [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR [chars] [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR [chars] [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR [chars] [chars]([dec]) Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Platform Messages PLAT_FIB_MPLS Messages EM-1852 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB_MPLS-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action *SUPPORT* Platform Messages PLAT_FIB_MPLS Messages EM-1853 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_MPLS-3-SHMEM Shared memory [chars], window: [dec] [hex] [chars] Explanation PLATFORM FIB, Shared memory errors Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-SHMEM Shared memory [chars], window: [dec] [hex] [chars] Explanation PLATFORM FIB, Shared memory errors Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-3-SHMEM Shared memory [chars], window: [dec] [hex] [chars] Explanation PLATFORM FIB, Shared memory errors Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-4-WARNING [chars] Explanation PLATFORM FIB, Warning Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-4-WARNING [chars] Explanation PLATFORM FIB, Warning Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-4-WARNING [chars] Explanation PLATFORM FIB, Warning Recommended Action *SUPPORT* Platform Messages PLAT_FIB_MPLS Messages EM-1854 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_MPLS-4-WARNING_INFO [chars] [dec] Explanation PLATFORM FIB, Warning information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-4-WARNING_INFO [chars] [dec] Explanation PLATFORM FIB, Warning information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-4-WARNING_INFO [chars] [dec] Explanation PLATFORM FIB, Warning information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-6-INFO [chars] Explanation PLATFORM FIB, Information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-6-INFO [chars] Explanation PLATFORM FIB, Information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_MPLS-6-INFO [chars] Explanation PLATFORM FIB, Information Recommended Action *SUPPORT*Platform Messages PLAT_FIB_RP Messages EM-1855 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLAT_FIB_RP Messages Error Message %PLATFORM-PLAT_FIB_RP-3-ERR_INFO PLATFORM-FIB-RP: Error - [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_RP-3-ERR_INFO PLATFORM-FIB-RP: Error - [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_RP-3-ERR_INFO PLATFORM-FIB-RP: Error - [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_RP-3-ERR_INFO_VERBOSE PLATFORM-FIB-RP: Error - [chars] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_RP-3-ERR_INFO_VERBOSE PLATFORM-FIB-RP: Error - [chars] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_RP-3-ERR_INFO_VERBOSE PLATFORM-FIB-RP: Error - [chars] [chars] [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action *SUPPORT* Platform Messages PLAT_FIB Messages EM-1856 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB_RP-3-ERROR PLATFORM-FIB-RP: Error - [chars] Explanation PLATFORM FIB, error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_RP-3-ERROR PLATFORM-FIB-RP: Error - [chars] Explanation PLATFORM FIB, error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_FIB_RP-3-ERROR PLATFORM-FIB-RP: Error - [chars] Explanation PLATFORM FIB, error Recommended Action *SUPPORT* PLAT_FIB Messages Error Message %PLATFORM-PLAT_FIB-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB Messages EM-1857 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB-3-ERR_INFO [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_INFO_RT [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_INFO_RT [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_INFO_RT [chars] [dec] Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_STR [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB Messages EM-1858 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB-3-ERR_STR [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_STR [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_STR_RT [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_STR_RT [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERR_STR_RT [chars]: [chars] ([unsigned int]) Explanation PLATFORM FIB, error information Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB Messages EM-1859 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERROR [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERROR_RT [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-3-ERROR_RT [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Platform Messages PLAT_FIB Messages EM-1860 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB-3-ERROR_RT [chars] Explanation PLATFORM FIB, error Recommended Action Please collect the console log, FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ). Also notice if the error message is transient or persistent. Report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-4-WARNING_RT [chars] Explanation PLATFORM FIB, warning Recommended Action If the warning message is persistent, please collect the console log, running-config (show running-config), FIB traces (show cef trace loc ), FIB platform trace (show cef platform trace all loc ), and report to your technical support representative. Error Message %PLATFORM-PLAT_FIB-6-COMM_INFO [chars] [hex] Explanation PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. Error Message %PLATFORM-PLAT_FIB-6-FRR_INFO [chars] [hex] Explanation IP FRR PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. Error Message %PLATFORM-PLAT_FIB-6-FRR_INFO [chars] [hex] Explanation IP FRR PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. Error Message %PLATFORM-PLAT_FIB-6-FRR_INFO [chars] [hex] Explanation IP FRR PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. Platform Messages PLAT_L2FIB_ATOM Messages EM-1861 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_FIB-6-INFO [chars] Explanation PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. Error Message %PLATFORM-PLAT_FIB-6-INFO [chars] Explanation PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. Error Message %PLATFORM-PLAT_FIB-6-INFO [chars] Explanation PLATFORM FIB, Information Recommended Action The message is just for information. No action is needed. PLAT_L2FIB_ATOM Messages Error Message %PLATFORM-PLAT_L2FIB_ATOM-3-DEBUG_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_ATOM-3-INIT_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] Explanation Failed to initialize the ATOM module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_ATOM-3-LTRACE_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB_ATOM Messages EM-1862 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB_ATOM-7-DEBUG_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_ATOM-7-DEBUG_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_ATOM-7-INIT_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] Explanation Failed to initialize the ATOM module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_ATOM-7-INIT_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] Explanation Failed to initialize the ATOM module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_ATOM-7-LTRACE_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_ATOM-7-LTRACE_ERROR PLATFORM-L2FIB-ATOM: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB ATOM component. Recommended Action None, platform software will correct itself if this happens.Platform Messages PLAT_L2FIB_BRIDGING Messages EM-1863 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLAT_L2FIB_BRIDGING Messages Error Message %PLATFORM-PLAT_L2FIB_BRIDGING-7-BRIDGE_ERROR PLATFORM-L2FIB-BRIDGING: Error - [chars] [dec] [dec] Explanation Failed to delete bridge in the platform L2FIB BRIDGING component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_BRIDGING-7-DEBUG_ERROR PLATFORM-L2FIB-BRIDGING: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB BRIDGING component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_BRIDGING-7-HW_INIT_ERROR PLATFORM-L2FIB-BRIDGING: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the Platform LC Hardware in L2FIB BRIDGING component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_BRIDGING-7-INIT_ERROR PLATFORM-L2FIB-BRIDGING: Error - [chars] Explanation Failed to initialize the Bridging module in the platform L2FIB BRIDGING component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_BRIDGING-7-LTRACE_ERROR PLATFORM-L2FIB-BRIDGING: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB BRIDGING component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB_COMMON Messages EM-1864 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB_BRIDGING-7-PFI_ERROR PLATFORM-L2FIB-BRIDGING: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the PFI-IFH module in the platform L2FIB BRIDGING component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_BRIDGING-7-TCAM_ERROR PLATFORM-L2FIB-BRIDGING: Error - [chars] [chars] [chars] [dec] Explanation Failure in MAC tcam region management in Platform LC L2FIB BRIDGING component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2FIB_COMMON Messages Error Message %PLATFORM-PLAT_L2FIB_COMMON-7-HW_INIT_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to create the Platform LC Hardware in L2FIB component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2FIB_DEBUG Messages Error Message %PLATFORM-PLAT_L2FIB_DEBUG-3-REGISTER_FAILED PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_DEBUG-7-REGISTER_FAILED PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB_LOCSW Messages EM-1865 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB_DEBUG-7-REGISTER_FAILED PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2FIB_LOCSW Messages Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-DEBUG_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-DEBUG_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-DEBUG_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-INIT_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] Explanation Failed to initialize the LOCSW module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB_LOCSW Messages EM-1866 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-INIT_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] Explanation Failed to initialize the LOCSW module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-INIT_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] Explanation Failed to initialize the LOCSW module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-LTRACE_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-LTRACE_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-LTRACE_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-PFI_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the PFI-IFH module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB_LTRACE Messages EM-1867 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-PFI_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the PFI-IFH module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_LOCSW-7-PFI_ERROR PLATFORM-L2FIB-LOCSW: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the PFI-IFH module in the platform L2FIB LOCSW component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2FIB_LTRACE Messages Error Message %PLATFORM-PLAT_L2FIB_LTRACE-3-ERR_INFO_VERBOSE PLATFORM-L2FIB: Ltrace Error - [chars] [dec] [chars] [chars] [dec] Explanation PLATFORM L2FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_L2FIB_LTRACE-7-ERR_INFO_VERBOSE PLATFORM-L2FIB: Ltrace Error - [chars] [dec] [chars] [chars] [dec] Explanation PLATFORM L2FIB, error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_L2FIB_LTRACE-7-ERR_INFO_VERBOSE PLATFORM-L2FIB: Ltrace Error - [chars] [dec] [chars] [chars] [dec] Explanation PLATFORM L2FIB, error information Recommended Action *SUPPORT*Platform Messages PLAT_L2FIB_METRO Messages EM-1868 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLAT_L2FIB_METRO Messages Error Message %PLATFORM-PLAT_L2FIB_METRO-2-QINQ_INIT_ERROR [chars] (error: [chars]). L2FIB Metro L3QinQ initialization failed! Explanation L2FIB Metro L3QinQ failed to initialize correctly. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_METRO-3-BRIDGE_QINQ_ERROR PLATFORM-L2FIB: L2QINQ AC FOR BRIDGE NOT SUPPORTED - [chars] Explanation VPLS/Bridging configuration with L2 QinQ/QinAny ACs not supported. Recommended Action None. Error Message %PLATFORM-PLAT_L2FIB_METRO-3-QINQ_TCAM_WRITE_ERROR PLATFORM-L2FIB: L3 QINQ ERROR - [chars] (error: [chars]) Explanation L2FIB Metro L3 QinQ entries programming in TCAM failed. Recommended Action Collect L2FIB debugs/traces and report to crs-l2vpn-dev team. Error Message %PLATFORM-PLAT_L2FIB_METRO-7-HW_INIT_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [dec] Explanation Failed to initialize the Platform LC Hardware in L2FIB component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2FIB_RP Messages Error Message %PLATFORM-PLAT_L2FIB_RP-3-DEBUG_ERROR PLATFORM-L2FIB-RP: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB (D)RP component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB Messages EM-1869 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB_RP-3-DEBUG_ERROR PLATFORM-L2FIB-RP: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB (D)RP component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_RP-3-DEBUG_ERROR PLATFORM-L2FIB-RP: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB (D)RP component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_RP-7-INIT_ERROR PLATFORM-L2FIB-RP: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the module in the platform L2FIB (D)RP component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB_RP-7-LTRACE_ERROR PLATFORM-L2FIB-RP: Error - [chars] [dec] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB (D)RP component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2FIB Messages Error Message %PLATFORM-PLAT_L2FIB-3-CERR_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the cerrno module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB Messages EM-1870 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB-3-DEBUG_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-3-HW_INIT_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the Platform LC Hardware in L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-3-LTRACE_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-CERR_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the cerrno module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-CERR_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the cerrno module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-DEBUG_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2FIB Messages EM-1871 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB-7-DEBUG_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-HW_INIT_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the Platform LC Hardware in L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-HW_INIT_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the Platform LC Hardware in L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-LTRACE_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-LTRACE_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2FIB-7-NHOP_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [hex] [hex] [hex] [hex] Explanation Received NHOP MODIFY to change rx/tx TLU address in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2VPN_DEBUG Messages EM-1872 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2FIB-7-PFI_ERROR PLATFORM-L2FIB: Error - [chars] [chars] [dec] Explanation Failed to register with PFI infra in the platform L2FIB component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2VPN_DEBUG Messages Error Message %PLATFORM-PLAT_L2VPN_DEBUG-7-REGISTER_FAILED PLATFORM-L2VPN: Error - [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2VPN component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2VPN_FGID Messages Error Message %PLATFORM-PLAT_L2VPN_FGID-3-ALLOC_ERROR PLATFORM-L2VPN: Error - [chars] [dec] [chars] [dec] Explanation Failed to allocate FGID for bridge broadcast doamin. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-3-DEBUG_ERROR PLATFORM-L2VPN: Error - [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2VPN component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-3-DEBUG_ERROR PLATFORM-L2VPN: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the debugging module in the platform L2VPN component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2VPN_FGID Messages EM-1873 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2VPN_FGID-3-MEM_ERROR PLATFORM-L2VPN: Error - [chars] [dec] Explanation Failed to allocate memory from heap. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-3-MEM_ERROR PLATFORM-L2VPN: Error - [chars] [dec] Explanation Failed to allocate memory from heap. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-3-REMARK_ERROR PLATFORM-L2VPN: Error - [chars] [dec] Explanation Failed to remark FGID Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-3-TIMER_ERROR PLATFORM-L2VPN: Error - [chars] [dec] Explanation Failed to start retry timer. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-3-TIMER_ERROR PLATFORM-L2VPN: Error - [chars] [dec] Explanation Failed to start realloc timer. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-7-INIT_ERROR PLATFORM-L2VPN: Error - [chars] [chars] [dec] Explanation Failed to initialize the module in the platform L2VPN component. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_L2VPN_LTRACE Messages EM-1874 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2VPN_FGID-7-INIT_ERROR PLATFORM-L2VPN: Error - [chars] [chars] [dec] Explanation Failed to initialize the module in the platform L2VPN component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-7-LTRACE_ERROR PLATFORM-L2VPN: Error - [chars] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2VPN component. Recommended Action None, platform software will correct itself if this happens. Error Message %PLATFORM-PLAT_L2VPN_FGID-7-LTRACE_ERROR PLATFORM-L2VPN: Error - [chars] [chars] [chars] [dec] Explanation Failed to initialize the ltrace module in the platform L2VPN component. Recommended Action None, platform software will correct itself if this happens. PLAT_L2VPN_LTRACE Messages Error Message %PLATFORM-PLAT_L2VPN_LTRACE-7-ERR_INFO_VERBOSE PLATFORM-L2VPN: Ltrace Error - [chars] [chars] [chars] [dec] Explanation PLATFORM L2VPN, error information Recommended Action *SUPPORT* PLAT_L2VPN Messages Error Message %PLATFORM-PLAT_L2VPN-3-RSI_ERROR PLATFORM-L2VPN: Error - [chars] [dec] [dec] Explanation Failed to extract nodeid to rsi value. Recommended Action None, platform software will correct itself if this happens. Platform Messages PLAT_V6FIB_RP Messages EM-1875 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_L2VPN-3-RSI_ERROR PLATFORM-L2VPN: Error - [chars] [dec] [dec] Explanation Failed to extract nodeid to rsi value. Recommended Action None, platform software will correct itself if this happens. PLAT_V6FIB_RP Messages Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO PLATFORM-FIB-IPV6: [chars] [dec] Explanation Platform IPv6 FIB, Error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO PLATFORM-FIB-IPV6: [chars] [dec] Explanation Platform IPv6 FIB, Error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO PLATFORM-FIB-IPV6: [chars] [dec] Explanation Platform IPv6 FIB, Error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO_VERBOSE PLATFORM-FIB-IPV6: [chars] [chars] [chars] [dec] Explanation Platform IPv6 FIB, Error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO_VERBOSE PLATFORM-FIB-IPV6: [chars] [chars] [chars] [dec] Explanation Platform IPv6 FIB, Error information Recommended Action *SUPPORT* Platform Messages PLATFORM_HFR_LIB Messages EM-1876 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO_VERBOSE PLATFORM-FIB-IPV6: [chars] [chars] [chars] [dec] Explanation Platform IPv6 FIB, Error information Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERROR PLATFORM-FIB-IPV6: [chars] Explanation Platform IPv6 FIB, Error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERROR PLATFORM-FIB-IPV6: [chars] Explanation Platform IPv6 FIB, Error Recommended Action *SUPPORT* Error Message %PLATFORM-PLAT_V6FIB_RP-3-ERROR PLATFORM-FIB-IPV6: [chars] Explanation Platform IPv6 FIB, Error Recommended Action *SUPPORT* PLATFORM_HFR_LIB Messages Error Message %PLATFORM-PLATFORM_HFR_LIB-7-AM_I_SC_ERROR Failed to detect hardware board type. Reason: [chars]. Explanation The platform library service call to find the hardware module type has failed. The calling application handles it appropriately. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PLIM_16P_OC48 Messages EM-1877 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLATFORM_HFR_LIB-7-AM_I_SC_ERROR Failed to detect hardware board type. Reason: [chars]. Explanation The platform library service call to find the hardware module type has failed. The calling application handles it appropriately. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLATFORM_HFR_LIB-7-ERR_GET_BOARD_TYPE Failed to detect hardware board type. Reason: [chars]. Explanation The platform library service call to find the hardware module type has failed. The calling application handles it appropriately. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLATFORM_HFR_LIB-7-ERR_GET_CARD_TYPE Failed to detect Node [chars] card type. Reason: [chars]. Explanation The platform library service call to find the remote node card type has failed. The calling application handles it appropriately. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLIM_16P_OC48 Messages Error Message %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_CLEAR No Framer/RAC devices are generating excessive interrupts Explanation The previously reported excessive interrupts condition has been cleared. Interrupt rate limiting has been disabled. Recommended Action none Platform Messages PLIM_16P_OC48 Messages EM-1878 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_CLEAR No Framer/RAC devices are generating excessive interrupts Explanation The previously reported excessive interrupts condition has been cleared. Interrupt rate limiting has been disabled. Recommended Action none Error Message %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_DISABLE Excessive interrupts from the [chars] device of port [hex] Explanation The specified device is generating excessive interrupts. This message indicates that we are rate limiting the interrupt coming from this device. This indicates a potential HW issue, traffic forwarding (protection switching) may be impacted. Recommended Action Check the fiber or the peer connection. If the problem persist after checking fiber and peer router, please contact support. Error Message %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_DISABLE Excessive interrupts from the [chars] device of port [hex] Explanation The specified device is generating excessive interrupts. This message indicates that we are rate limiting the interrupt coming from this device. This indicates a potential HW issue, traffic forwarding (protection switching) may be impacted. Recommended Action Check the fiber or the peer connection. If the problem persist after checking fiber and peer router, please contact support. Error Message %PLATFORM-PLIM_16P_OC48-3-GENERIC_ERROR Error: [chars] [chars] [hex] Explanation The messagen is used to report generic errors. Recommended Action Contact support. Error Message %PLATFORM-PLIM_16P_OC48-6-GENERIC_INFO Info: [chars] [chars] [hex] Explanation The messagen is used to report generic errors. Recommended Action Contact support. Platform Messages PLIM_IPC Messages EM-1879 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_16P_OC48-6-OIM_OIR Optic Interface Module [chars] for port [dec] Explanation The Optic Interface Module (OIM) for the specified port has either been inserted or removed. Recommended Action No action is required. Error Message %PLATFORM-PLIM_16P_OC48-6-OIM_OIR Optic Interface Module [chars] for port [dec] Explanation The Optic Interface Module (OIM) for the specified port has either been inserted or removed. Recommended Action No action is required. PLIM_IPC Messages Error Message %PLATFORM-PLIM_IPC-3-API_ERROR [chars]: [hex], [chars] Explanation An error occurred in plim ipc api module which could involve failure to transport ipc messages between host and intelligent PLIM. Features configured may not work. %x - indicates where/what error occurred %s - why the error occurred Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_IPC-3-ERROR [chars]: [hex], [chars] Explanation An error occurred in plim ipc module which could involve failure to transport ipc messages between host and intelligent PLIM. %x - indicates where/what error occurred %s - why the error occurred Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PLIM_SERVICES Messages EM-1880 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_IPC-3-INIT_ERROR [chars]: [hex], [chars] Explanation An error occurred in PLIM IPC module during initialization which will restart the process in order to recover. %x - indicates where/what error occurred %s - why the error occurred Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_IPC-6-INFO [chars]: [hex], [chars] Explanation An event occurred in plim ipc module which could involve state of PLIM or PPC. %x, %s - indicates where/what event occurred Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PLIM_SERVICES Messages Error Message %PLATFORM-PLIM_SERVICES-2-BPARAMS_ERROR [chars] [hex] Explanation An error in boot parameters reception occurred in Services PLIM. Cause of the error will be mentioned in the message displayed. This error blocks Application Launch on Services PLIM. Recommended Action Do warm reload of Services PLIM MSC. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-2-CRITICAL_TILE_ERROR Info: [chars] [chars] [hex] Explanation The message is used to report generic errors. Recommended Action Contact support. Platform Messages PLIM_SERVICES Messages EM-1881 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_SERVICES-2-ERR_EVM_EVENT_BLOCK [chars] [hex] Explanation An error occurred in the event loop. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-2-ERR_MEM_ALLOC [chars] [hex] Explanation The requested operation could not be accomplished because of a low memory condition. This error could impact Linux/Application image download and Launch, Services PLIM IPC (Inter Process Communication) etc. Recommended Action Reduce other system activity to ease memory demands, then restart the process. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-PLIM_SERVICES-2-ERR_PLIM_SERVICES_INIT [chars] [hex] Explanation An error occurred in initialization of PLIM Services driver. If this occurred during process startup or RP Switchover, then the process may be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-2-FLASH_ERROR [chars] [hex] Explanation An error occurred in READ/WRITE to flash memory. Exact Cause of the error will be mentioned in the message displayed. This error will block Application image launch Recommended Action Do cold reboot of Services PLIM MSC. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-2-HEARTBEAT_ERROR [chars] [hex] Explanation Heartbeat failure notification from octeons was received by the Services PLIM driver or a critical error occured in the thread monitoring heartbeat from octeons. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PLIM_SERVICES Messages EM-1882 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_SERVICES-2-IMG_DLOAD_ERROR [chars] [hex] Explanation An error occurred in downloading Linux/Application image. Cause of the error will be mentioned in the message displayed. This error prevents Services PLIM from coming up to its full functional Active state. Recommended Action Do cold reboot of Services PLIM MSC. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-2-IMG_LAUNCH_ERROR [chars] [hex] Explanation An error occurred in launching Linux/Application image. Cause of the error will be mentioned in the message displayed. This error prevents Services PLIM from coming up to its full functional Active state. Recommended Action Do cold reboot of Services PLIM MSC If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-2-MANS_FPGA_ERROR [chars] [hex] Explanation An error occurred in read/write access of a mans fpga device register. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-2-MANS_INIT_ERROR [chars] [hex] Explanation An error occurred in MANS initialization. This means that MANS is currently in Factory mode and this will cause the Services PLIM driver initialization to get blocked. Recommended Action Upgrade MANS with Field FPGA image If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PLIM_SERVICES Messages EM-1883 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_SERVICES-2-UART_ERROR [chars] [hex] Explanation An error occurred in UART READ/WRITE access to octeon memory. Exact Cause of the error will be mentioned in the message displayed. This error causes Linux/Application image download and launch to fail. Recommended Action Do cold reboot of Services PLIM MSC. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-3-ERR_EDM_INIT [chars] [hex] Explanation Initialization of the EDM server failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-3-ERR_UBOOT_UPGRADE [chars] [hex] Explanation An error occurred in fpd upgrade of uboot image.. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-3-GENERIC_ERROR Error: [chars] [chars] [hex] Explanation The message is used to report generic errors. Recommended Action Contact support. Error Message %PLATFORM-PLIM_SERVICES-3-GENERIC_TILE_ERROR Error: [chars] [chars] [hex] Explanation The message is used to report generic errors. Recommended Action Contact support. Platform Messages PLIM_SERVICES Messages EM-1884 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_SERVICES-3-MANS_GASPP_ERROR [chars] [hex] Explanation An error occurred in MANS GASPP register access. Cause of the error will be mentioned in the message displayed. This error means that communication between Services PLIM and MSC could be affected. Recommended Action Do warm reload of the Services PLIM MSC. If the issue persists do a cold reboot of the same. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLIM_SERVICES-6-COLD_RESTART Info: [chars] Explanation The message is used to report cold reboot of Services PLIM. Recommended Action *NONE* Error Message %PLATFORM-PLIM_SERVICES-6-GENERIC_INFO Info: [chars] [chars] [hex] Explanation The message is used to report generic errors. Recommended Action Contact support. Error Message %PLATFORM-PLIM_SERVICES-6-GENERIC_TILE_INFO Info: [chars] [chars] [hex] Explanation The message is used to report generic errors. Recommended Action Contact support. Error Message %PLATFORM-PLIM_SERVICES-7-GENERIC_ERROR [chars] [hex] Explanation A generic error occurred in Services PLIM driver. Cause of the error will be mentioned in the message displayed. Recommended Action No action is required. Error Message %PLATFORM-PLIM_SERVICES-7-GENERIC_INFO Info: [chars] Explanation The message is used to report generic info about Services PLIM driver. Recommended Action *NONE* Platform Messages PLU Messages EM-1885 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLIM_SERVICES-7-GENERIC_TILE_ERROR [chars] [hex] Explanation A generic error occurred in Tile Manager. Cause of the error will be mentioned in the message displayed. Recommended Action No action is required. Error Message %PLATFORM-PLIM_SERVICES-7-GENERIC_TILE_INFO Info: [chars] Explanation The message is used to report generic info regarding tile Finite state machine. Recommended Action *NONE* Error Message %PLATFORM-PLIM_SERVICES-7-MANS_GASPP_INFO Info: [chars] Explanation The message is used to report info regarding MANS gaspp register access Recommended Action *NONE* PLU Messages Error Message %PLATFORM-PLU-4-ERR_CORRECTED Hardware Table [dec] consistency restored Explanation Errors have been corrected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLU-4-ERR_CORRECTED Hardware Table [dec] consistency restored Explanation Errors have been corrected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PLU Messages EM-1886 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLU-4-ERR_NOTIFY Hardware Table [dec] may be inconsistent. Attempting correction every [dec] seconds Explanation Errors were encountered trying to program hardware tables, forwarding on some entries may be affected, periodic error correction will be attempted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLU-4-ERR_NOTIFY Hardware Table [dec] may be inconsistent. Attempting correction every [dec] seconds Explanation Errors were encountered trying to program hardware tables, forwarding on some entries may be affected, periodic error correction will be attempted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLU-6-BKT_COMPACTED Hardware Table [dec] memory failures corrected with compaction Explanation A particular table had persistent memory failures due to heavily fragmented memory. As a last resort we attempted an aggressive memory recovery technique which succeeded. This is an informational message. Recommended Action No action is required because the memory failures were auto-corrected. Error Message %PLATFORM-PLU-6-BKT_COMPACTED Hardware Table [dec] memory failures corrected with compaction Explanation A particular table had persistent memory failures due to heavily fragmented memory. As a last resort we attempted an aggressive memory recovery technique which succeeded. This is an informational message. Recommended Action No action is required because the memory failures were auto-corrected.Platform Messages PLUTLU Messages EM-1887 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PLUTLU Messages Error Message %PLATFORM-PLUTLU-3-INIT_FAILED [chars] Explanation An error was encountered while initialising the PLU/TLU memory manager Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLUTLU-3-INIT_FAILED_PROC [chars]: [chars] Explanation An error was encountered while initialising the PLU/TLU memory manager Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLUTLU-4-ERR_RESTART_FAILED Failed to restart forwarding on metro Explanation An error was encountered while trying to restart forwarding on metro Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLUTLU-4-ERR_RESTART_FAILED Failed to restart forwarding on metro Explanation An error was encountered while trying to restart forwarding on metro Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLUTLU-4-LTRACE_INIT_FAILED Failed to initialise ltrace buffers Explanation An error was encountered while initialising the PLU/TLU memory manager This is a non-fatal error for PLU/TLU manager caused by system instability or memory issues Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PM_OS Messages EM-1888 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PLUTLU-4-LTRACE_INIT_FAILED Failed to initialise ltrace buffers Explanation An error was encountered while initialising the PLU/TLU memory manager This is a non-fatal error for PLU/TLU manager caused by system instability or memory issues Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLUTLU-4-REPL_MODE_FAILED Failed to modify replication mode Explanation An error was encountered while trying to modify replication mode on metro Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PLUTLU-4-REPL_MODE_FAILED Failed to modify replication mode Explanation An error was encountered while trying to modify replication mode on metro Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PM_OS Messages Error Message %PLATFORM-PM_OS-2-SHM_OPEN Failed to open shared memory shm_base_address equals [hex], shm_size equals [hex], sizeof(pm_shmwin_header_st) equals [hex], pm_shm_header equals [hex] pm_shmwin_id equals [hex] Forwarding may be impacted on this linecard. Explanation Failed to open platform’s shared memory Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PM_OS Messages EM-1889 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PM_OS-2-SHM_PLATFORM_INFO Failed to get the platform information GSR_PM_SHMEM_NAME equals [hex],shm_base_address equals [hex], shm_size equals [hex] Forwarding may be impacted on this linecard. Explanation Failed to get platform information for the shared memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PM_OS-2-SHM_READY_WORD Failed to verify PM Shared Memory Ready Magic Word pm_shm_header equals [hex], pm_shm_header-magic_word equals [hex] PM_SHM_READY_MAGIC_WORD equals [hex] Forwarding may be impacted on this interface. Explanation Failed to verify that PM’s shared memory is ready to be used. PM checks the validity by comparing the MAGIC READY Word that should be initialized in shared memory prior to using it. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PM_OS-2-UIDB_SHM_OPEN Failed to open shared memory for uidb2ifh service returning error [chars] Forwarding may be impacted on this linecard. Explanation Failed to open shared memory for uidb to ifh service. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PM_OS-3-ALLOC_DEFAULT_TBL Failed to allocate default table Explanation default table could not be allocated enough memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PORT_CFG Messages EM-1890 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PM_OS-3-ALLOC_LBL_TBL Failed to allocate lbl table for hash table [hex]. Explanation lbl table for given hash table could not be allocated enough memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PM_OS-3-PIC_ARRAY Failed to get PIC array for [chars] context, using PFI context ([hex]) and interface handle ([hex]). PFI returned error ([chars]) Forwarding may be impacted on this interface. Explanation Failed to get PIC information from PFI that is required for forwarding packets from the specified interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. PORT_CFG Messages Error Message %PLATFORM-PORT_CFG-3-INIT failed to initialize [chars]: [chars] Explanation A submodule was unable to initialze due to the specified error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PORT_CFG-3-INIT failed to initialize [chars]: [chars] Explanation A submodule was unable to initialze due to the specified error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages POWERMGR Messages EM-1891 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 POWERMGR Messages Error Message %PLATFORM-POWERMGR-0-ENQUEUE Cannot enqueue event [chars] for device [dec] Explanation Power Manager internal failure occurred; possible low memory condition. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-0-ENQUEUE_ZONE Cannot enqueue event [chars] for zone [dec] Explanation Power Manager internal failure occurred; possible low memory condition. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-2-AC_DC_FAILURE Powershelf AC/DC detection failed,status code [dec] Explanation The AC/DC detection of powershelf failed due to wrong value read from EEPROM or read from wrong location of EEPROM. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-2-CANNOT_TALK No alarmcard/busboard module available to communicate w/ PEM[dec] Explanation No alarmcard or busboard module was found available to talk to the PEMs. This might occur if the MBus agent associated with that module became temporarily unavailable. As such, this error message should only be a cause for concern if it appears repeatedly, over a period of minutes. If it appears just once, it indicates a transient condition, and may be safely ignored. Lastly, note that if this message is seen during chassis bootup, the problem is far more serious, as during that time, the path to the PEMs is assumed stable. In this case, powershelf discovery may fail, and as a result, some linecards may be left in unpowered state. he powershelf does not have adequate capacity to drive the entire chassis. A power system upgrade is recommended; otherwise, please power down cards until there is sufficient power for the load. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Platform Messages POWERMGR Messages EM-1892 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-2-INITFAIL Resource allocation error encountered during startup Explanation Power Manager subsystem failed during startup; lack of resources. Recommended Action PowerMgr log needs to be looked into to investigate on the init failure Error Message %PLATFORM-POWERMGR-2-INITMEMFAIL Memory allocation error encountered during startup Explanation Power Manager subsystem failed during startup; lack of resources. Recommended Action PowerMgr log needs to be looked into to investigate on the init failure Error Message %PLATFORM-POWERMGR-2-INVALID_COND Invalid condition detected in function [chars] at line [dec] Explanation A disallowed condition internal to the Power Manager has been detected. Recommended Action PowerMgr log needs to be looked into to investigate on the invalid condition Error Message %PLATFORM-POWERMGR-2-LOW_POWER Not enough power to bringup card in slot [dec] Explanation Customer should upgrade chassis power or reduce the power load by removing some linecards. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-2-NO_PATH Alarmcard/busboard module not ready to communicate w/ PEM Explanation Alarmcard or busboard module was found to be resetting or still running from ROM. This message is seen during chassis bootup. In this case, test chassis is assummed and all Linecards will bootup as default power is asseumed. However note that power manager would still display errors and envmon module would also display powershelf related errors Recommended Action PowerMgr log needs to be looked into to investigate on the failure Platform Messages POWERMGR Messages EM-1893 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-2-OVERBUDGET Power consumption has exceeded supply[chars] by [dec]W; results unpredictable Explanation The power calculated in use by the chassis exceeds that available by the powershelf. This condition could result in an outage of the chassis if action is not immediately taken. Recommended Action Remove some linecards to reduce power consumption, or install a higher capacity powershelf Error Message %PLATFORM-POWERMGR-2-POWER_INSUFFICIENT Chassis power requirements exceed capacity by [dec]W [chars] Explanation The powershelf does not have adequate capacity to drive the entire chassis. A power system upgrade is recommended; otherwise, please power down cards until there is sufficient power for the load. Recommended Action Customer should upgrade chassis power or reduce the power load on this chassis by removing linecards. Error Message %PLATFORM-POWERMGR-2-TIMEOUT Timed out waiting for power-up decision for slot [dec] Explanation Power Manager internal failure occurred. Recommended Action PowerMgr log needs to be looked into to investigate on the timeout Error Message %PLATFORM-POWERMGR-3-BAD_DATA Failed to get pem equals [dec] data, error status equals [chars] Explanation Failed to get good data from Pacific pems Recommended Action No action is required. Error Message %PLATFORM-POWERMGR-3-BAD_PEC Consequtive 5 pec check failures on pem equals [dec] Explanation Invalid data returned by Pacific Power supplies can be checked via validating the PEC returned as the last byte of a read request vis-a-vis the PEC that is computed from the incoming data Recommended Action No action is required. Platform Messages POWERMGR Messages EM-1894 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-3-CANNOT_RESERVE Powershelf capacity insufficient to reserve power for card in slot [dec] Explanation The powershelf does not have enough capacity to reserve power for the linecard in the specified slot. It will be left unpowered as a result. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-3-ERROR [chars] Explanation For displaying power manager debugging information with an errno. Recommended Action No action is required. Error Message %PLATFORM-POWERMGR-3-IMPRECISE Power usage for card in slot [dec] unknown; assuming [dec] watts max Explanation An entry in the power table could not be found for the card specified. To allow chassis bringup to progress, default values are being used as specified. Note that this error should only occur during development when a new cardtype is being introduced, but its power data has yet to be entered. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-3-INTERIM Warning: Interim power entry value being used for cardtype [hex] Explanation An entry in the power table has been flagged as interim, meaning it is a placeholder used during development while the final power consumption is being determined. This issue will occur only during development of new linecards or power-supplies, and the errmsg exists only to aid developers. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-3-INVALID_COMBINATION Invalid PEM combination in [chars]; Found [dec] pems, recommended atleast [dec] pems Explanation Power Manager has detected less than minimum number of Pacific Pems. Recommended Action power manager cli needs to be looked into to investigate on the invalid condition. Platform Messages POWERMGR Messages EM-1895 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-3-NODEID_CREATE_ERROR Could not create nodeid for slot [dec] error equals [chars]. Explanation Slot number is probably not known Recommended Action No action is required. Error Message %PLATFORM-POWERMGR-3-NOTFOUND No power entry found for cardtype [hex] Explanation An entry in the power table could not be found for the entity specified. This issue will occur only during development of new linecards or power-supplies, and the errmsg exists only to aid developers. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-3-ROM_ERROR_STATUS Unable to get Mbus ROM status from SYSDB. Error equals [chars] Explanation Unable to get the Mbus ROM status from Sysdb. Recommended Action No action is required. Error Message %PLATFORM-POWERMGR-3-STILL_POWERED Cannot poweroff card in slot [dec]; manual removal required Explanation The card in the specifed slot could not be powered off as part of putting it into a low-power state. As a result, it is unusable, but still contributing to the power consumed in the chassis. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-3-SYSDB_BIND_ERROR PM: Unable to sysdb_bind :[chars] Explanation SYSDB Bind failed Recommended Action No action is required. Platform Messages POWERMGR Messages EM-1896 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-3-SYSDB_SET_ERROR Failed to create sysdb tuple [chars] for slot [dec]. error equals [chars] Explanation SYSDB Set or Create failed for that item Recommended Action No action is required. Error Message %PLATFORM-POWERMGR-3-UNKNOWN_PEM Unable to determine characteristics of PEM[dec]; skipping Explanation The characteristics of the power supply installed in the specified slot could not be determined. This supply is being skipped, and discovery of the rest of the powershelf will continue. If no supplies can be found, a failsafe type will be used to allow the chassis to come up to a point at which debugging of the problem is possible. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-3-UNKNOWN_PEMS Unable to detect installed power supplies; using failsafe assumptions Explanation The installed power supplies (i.e., PEMs) could not be detected. To allow the chassis to come up, a set of conservative assumptions have been used for calculating power availability and consumption. Some linecards may be left in an unpowered state as a result. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-3-UNKNOWN_SHELF Unable to determine powershelf type; using failsafe assumptions Explanation The powershelf type could not be determined during bootup. To allow the chassis to come up, a set of conservative assumptions have been used for calculating power availability and consumption. Some linecards may be left in an unpowered state as a result. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-4-INVALID_SCALE Power scale factor ’[dec]’ out of range; ignoring Explanation TheSYSDB Config variable used to dictate the scale factor for utilizing something other than worst-case power consumption values is out of the allowable range. Recommended Action PowerMgr log needs to be looked into to investigate on the invalid condition Platform Messages POWERMGR Messages EM-1897 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-4-PEM_DOWN PEM[dec] has powered down Explanation The power supply specified has powered down. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-4-PRIO_SLOT_EMPTY Attempting to reserve power for empty slot [dec] Explanation The configuration includes a power priority reservation for a slot that does not have a linecard installed within it. Power will not be set aside for this slot, and the command should be removed from the config. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-4-TEST_CHASSIS Test chassis detected; using default powershelf configuration Explanation The type of chassis model was detected as being a test chassis, which does not have many of the resources the Power Manager uses to communicate with the PEMs. Thus, the type of powershelf, as well as type and number of PEMs installed will default to a predefined value, intended to allow the chassis to function unimpeded. Recommended Action This message is informational only, and should never be seen by the customer. Error Message %PLATFORM-POWERMGR-4-UNPOWERED PEM[dec] inserted but unpowered Explanation The power supply specified has been installed in the chassis but is unpowered, most likely because of an unconnected power cord. Recommended Action Check the power cord and if installed correctly, remove and reinstall the PEM. If the error persists, contact customer support Error Message %PLATFORM-POWERMGR-5-EVENT_ERROR Spurious QUEUE_EVENT, dequeueing NULL pointer Explanation Power Manager main event loop encountered internal error. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Platform Messages POWERMGR Messages EM-1898 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-5-INVALID_EVENT Unexpected event [dec]; ignoring Explanation Power Manager internal failure occurred; possible low memory condition. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-5-MIXED_PEMS Mixing legacy and intelligent PEMs is not recommended Explanation Both legacy as well as the higher-wattage intelligent PEMs have been detected in the chassis at the same time. While this is a supported configuration, it is not recommended, as it may result in the legacy PEM eclipsing the intelligent PEM by reducing the overall powershelf wattage to that of the former, when running in redundant mode. The formal recommendation is to have both PEMs be of the same type. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-5-PEM_UP PEM[dec] powered up successfully, supplying [dec] watts Explanation The power supply specified has successfully powered up. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-5-REMOVED PEM[dec] removed Explanation The power supply specified has been removed from the chassis. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-5-UNKNOWN_TYPE Unable to determine type of PEM[dec]; using failsafe assumptions Explanation The type of the power supply installed in the specified slot could not be determined. To allow the chassis to come up, it will be categorized as the failsafe type, which allows it to be assumed providing modest power to the chassis. Note that the wattage provided by a failsafe supply may be less than that which the supply is actually providing. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Platform Messages POWERMGR Messages EM-1899 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-6-BUDGET_OK Chassis power consumption is back within limits[chars] Explanation The power calculated in use by the chassis has returned to a valid that is within the power supplied by the powershelf. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-6-CARD_OVERRIDE Overriding power consumption for card in slot [dec]; now [dec] watts Explanation Power consumed for the card in the specified slot has been overridden with a value from the config Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-6-DEBUG [chars][dec] Explanation power manager debugging information. Recommended Action No action is required. Error Message %PLATFORM-POWERMGR-6-INFO [chars] Explanation For displaying power manager’s informational events. Recommended Action No action is required. Error Message %PLATFORM-POWERMGR-6-INSERTED PEM[dec] inserted, supplying [dec] watts Explanation The power supply specified has been installed in the chassis and is now active Recommended Action PowerMgr log needs to be looked into to investigate on the failure Error Message %PLATFORM-POWERMGR-6-PEM_OVERRIDE Overriding PEM[dec] rating; now [dec] watts Explanation Supply power for the PEM specified has been overridden with a value from the config. Recommended Action PowerMgr log needs to be looked into to investigate on the failure Platform Messages PRP_HW Messages EM-1900 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-POWERMGR-6-ZONE_OVERRIDE Number of zones being forcibly set to [dec] Explanation The number of power zones for the chassis has been overidden with a value from the config. Recommended Action PowerMgr log needs to be looked into to investigate on the failure PRP_HW Messages Error Message %PLATFORM-PRP_HW-3-INIT_ERROR Performance route processor initialization failed: ([chars]%s) Explanation Performance Route Processor (PRP) drivers failed to initialize. The effect is that PRP will not function. %s - indicates the reason for the failure. %s - is the error reason. Recommended Action The System Manager process (sysmgr) will not respawn this process. Try to reload the PRP first. If it does not recover, power recycle the router. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PRP3_FABIO Messages Error Message %PLATFORM-PRP3_FABIO-3-ERR_INGRESS [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PRP3_FABIO-3-ERR_INIT [chars], with code([dec]) [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PRP3_SLR_FABIO Messages EM-1901 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PRP3_FABIO-3-ERR_MEM_ALLOC [chars], for size [dec]. Explanation Failed to allocate memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PRP3_FABIO-7-ERR_DUPLICATE_STREAMID [chars], stream id [dec] existed Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PRP3_FABIO-7-ERR_SEND_PKT [chars], [dec], [dec], rc is [dec] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PRP3_SLR_FABIO Messages Error Message %PLATFORM-PRP3_SLR_FABIO-3-ERR_INGRESS [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PRP3_SLR_FABIO-3-ERR_INIT [chars], with code([dec]) [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PSARB Messages EM-1902 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PRP3_SLR_FABIO-3-ERR_MEM_ALLOC [chars], for size [dec]. Explanation Failed to allocate memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PRP3_SLR_FABIO-7-ERR_DUPLICATE_STREAMID [chars], stream id [dec] existed Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PRP3_SLR_FABIO-7-ERR_SEND_PKT [chars], [dec], [dec], rc is [dec] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PSARB Messages Error Message %PLATFORM-PSARB-1-WRONG_SLOT Rebooting RP in slot [dec] because it conflicts with an already operational RP in slot [dec]. Explanation Card pairing requires primary/standby cards in specific slots and active RP’s need to be in seperate LR’s. Adjacency is defined by RP pairing rules (e.g. 0-1, 2-3, 4-5, 6-7). If it’s intended to use the conflicting RP as a standby partner, please move the RP adjacent to the active. Or, if the RP is meant to be used in another logical router, please ensure it is assigned to the other LR. %d - indicates the wrong slot number the RP is inserted %d - indicates the slot number of the operational RP Recommended Action Move standby RP card to correct slot in chassis, or assign to distinct LR. Platform Messages PSARB Messages EM-1903 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PSARB-2-MSG_HEARTBEAT_LOST Slot [dec] heartbeat lost Explanation The active RP has lost the heartbeat of the indicated slot. This error happens after a certain number of messages are lost between the active and the indicated card. %d - indicates the slot number of the card experiencing the problem. Recommended Action The system will automatically reset the card. If this error repeatedly occurs, try to shut down the card by configuring ’hw-module location slot shutdown’ in admin mode. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PSARB-3-INIT_ERR Process initialization failed: ([chars]%s) Explanation The psarb process failed to initialize. This process is responsible for providing a high level of availability on the GSR router by having a pair of active and standby RPs in the system. When an active RP fails, another RP can take over the functionality of the failed RP. %s - indicates the reason for the failure. %s - the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PSARB-3-LR_INFO_FAILURE Failed to get LR info after [dec] seconds rc equals [hex], Retrying... Explanation PSarb needs LR map and the dSC information before it can proceed with active standby arbitration. The LR information is acquired by connecting to the LRd on the dSC. This error message indicates, the connection to LRd did not succeed, either because the LRd process does not exist or the dSC selection has still not taken place. The system will retry indefinetely to get the LR information and log this message periodically to alert the user of the prevailing condition. Recommended Action No action is required. This is an informational message. The software will simply take the safest approach of retrying, given the fault that the RP is experiencing. Error Message %PLATFORM-PSARB-3-STANDBY_READY_QUERY_FAILURE Failed to get standby RP (slot [dec]) ready status. Error Num [dec] Explanation When Primary Standby arbitration heartbeat messages are missing from active RP, arbitration module on standby RP will attempt to takeover as active. In order to takeover as active role, standby RP needs to know if it is ready to takeover. Ready means all applications required for Platform Messages PSARB Messages EM-1904 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 standby RP to takeover as active are up and running. A query to system manager is sent to know the ready status of the standby RP. If this query fails, arbitration module on standby RP takes action of taking over as active RP. Recommended Action No action is required. The software will simply take the default approach of failing over. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PSARB-3-TWO_PRIMARY_DETECTED Two primary RPs detected (message from slot [dec]) Explanation There appear to be two PRIMARY RP’s in the system. This is due to messaging error when the other RP didn’t receive the BID message. %d indicates the primary slot number displaying the message Recommended Action The two primary RPs will be automatically reset. Error Message %PLATFORM-PSARB-4-CONFLICT_WITH_DSC Rebooting RP because an active dSC in slot [dec] is detected. Explanation At any given time, there should be one active dSC in the system. In the event that the active RP detects another active dSC in the system, the RP should reboot itself to recover the condition. This event is expected when creating or deleting SDR configuration. %d - indicates the slot number of the active dSC Recommended Action Collect the output of all event logs and error messages as they appeared on the console before the card in question was reloaded. To provide the status of the process, issue the ’show process psarb’ command and collect the debug information by enabling ’debug psarb’. Also collect psarb lstrace log. Collect ’show redundancy driver trace’. Error Message %PLATFORM-PSARB-4-PARTNER_NOT_IN_LR This node’s partner (slot [dec]) is in a different LR. The standby node will be reset. Explanation Adjacent RPs must be in the same LR unless if they are both to be booted with an RP image. It is, however, permissable to boot a DRP in one of these slots. Adjacency is defined by RP pairing rules (e.g. 0-1, 2-3, 4-5, 6-7). %d - indicates the slot number of the partner RP Recommended Action Do not boot RP images in adjacent slots when they are in different LRs. Adjacency is defined by RP pairing rules (e.g. 0-1, 2-3, 4-5, 6-7). Platform Messages PSARB Messages EM-1905 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PSARB-4-SPURIOUS_COUNTDOWN Slot [dec] (internal flavor [dec]) is actually not from RP family. Reset cancelled Explanation The arbitration module watches the health of other RP cards in the system and reloads them if heartbeats are missed. In this case, we were about to reload a card but a final check revealed that the card was not of family RP, so we avoided the reload. This is a safety check to catch an abnormal condition. No problem will result from this type of error. Recommended Action None Error Message %PLATFORM-PSARB-5-IOS_RP_DETECTED Detected an RP in slot [dec] is running IOS. Configured it as IOS non-participant. Explanation PSARB sends an mbus message to all RP running IOS on the chassis, to configure the RP as an IOS non-participant router, therefore, does not interfere with IOX running on this RP. %d - indicates the slot number of the RP that is running IOS on the chassis Recommended Action Power up the RP that is running IOS with an IOX image. If not, shut down the RP using ’hw-module location slot shutdown’ in admin mode. Error Message %PLATFORM-PSARB-6-DEBUG_REMINDER Reminder: psarb debug mode is still enabled...Disable using run psarbcmd Explanation This message reminds the user that a debug mode is enabled and must eventually be disabled. Recommended Action None Error Message %PLATFORM-PSARB-6-FORCE_DOWN Slot [dec] still not in dump mode, forcing it down Explanation The specified RP stopped responding, but we did not receive any message indicating that the card is in DUMP mode. Looks like it is still in IOX mode and could potentially try to take over. So, force it to go down. Recommended Action No action is required. This is an informational message. The software is simply taking the safest approach, given the fault that the specified RP experienced. Error Message %PLATFORM-PSARB-6-GO_ACTIVE Card is going active. Explanation When an RP initially boots up, it can take the active role if no other active RP is present. Also a failure on active or a force switch over could cause the standby RP to change state to active. This message is displayed when the PRP card is going active. Recommended Action This is an informational message only. Platform Messages PSARB Messages EM-1906 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PSARB-6-GO_STANDBY Card is going standby. Explanation When an RP initially boots up, it can take the standby role if an active RP is present. Also a failure on active or a force switch over causes the active RP to change state to standby. This message is displayed when the RP card is going standby. Recommended Action This is an informational message only. Error Message %PLATFORM-PSARB-6-IGNORE_TO Now ignoring countdown timeouts Explanation This message confirms the user selected debug mode Recommended Action None Error Message %PLATFORM-PSARB-6-IGNORING_ACTIVE_TIMEOUT Timeout waiting for active RP heartbeats, but not taking over because of configured debug mode Explanation The active RP is no longer sending heartbeats, but we don’t take over becaused of the configured debug mode. Recommended Action None Error Message %PLATFORM-PSARB-6-IGNORING_CARD_TIMEOUT Timeout waiting for heartbeats from slot [dec], but ignoring because of configured debug mode Explanation The specified slot is no longer sending heartbeats, but we don’t take any action given the configured debug mode. Recommended Action None Error Message %PLATFORM-PSARB-6-MBUS_RX_FAILURE MBUS receive failure detected on standby slot [dec], node gracefully rebooting self Explanation The specified Standby RP is experiencing receive failures on its MBUS and instead of causing a failover and becoming Primary, it is gracefully rebooting itself to maintain proper health of the system. Recommended Action No action is required. This is an informational message. The software is simply taking the safest approach, given the fault that the standby RP experienced. Platform Messages PSARB Messages EM-1907 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PSARB-6-NOISY Resume sending MBUS heartbeats to other cards Explanation This message confirms the user selected debug mode Recommended Action None Error Message %PLATFORM-PSARB-6-NORMAL_TO Now using normal timeouts Explanation This message confirms the user selected debug mode Recommended Action None Error Message %PLATFORM-PSARB-6-PARTNER_TAKEOVER Two primary RPs detected: myself (slot [dec]) and message from slot [dec] Explanation There appear to be two PRIMARY RP’s in the system. ex-act suicide and the partner takes over. %d indicates the primary and partner slot numbers displaying the message Recommended Action ex-act RP will be automatically reset. Error Message %PLATFORM-PSARB-6-QUIET Now now longer sending MBUS heartbeats to other cards Explanation This message confirms the user selected debug mode Recommended Action None Error Message %PLATFORM-PSARB-6-REDCON_NOT_REGISTERED Redcon not registered with psarb for notification rebooting self slot [dec] Explanation Redundancy controller process is not registered for arbitration state notification, this can leave the system in unstable state. The node is rebooting self to correct this situation. Recommended Action No action is required. This is an informational message. The software will simply take the safest approach, given the fault that the RP is experiencing. Error Message %PLATFORM-PSARB-6-RESUME Resuming countdowns Explanation This message confirms the user selected debug mode Recommended Action None Platform Messages PSARB Messages EM-1908 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PSARB-6-ROLE_LOCKED (slot [dec]) failover prevented - card role is locked Explanation The role of this card has been locked - failover was prevented. %d - indicates the slot number of the PRP which it’s role is locked Recommended Action No action is required. Error Message %PLATFORM-PSARB-6-RX_FROM_PARTNER_FAILURE Receive failures from partner slot [dec] detected on slot [dec] Explanation The specified RP is experiencing receive failures from its partner on its MBUS. Recommended Action No action is required. This is an informational message. The software will simply take the safest approach, given the fault that the RP is experiencing. Depending on the arbitration role of the RP, a reload of the RP or a FO is imminent. Error Message %PLATFORM-PSARB-6-SELF_SEND_FAILURE Self send failure detected on slot [dec] Explanation The specified RP is experiencing self send failures on its MBUS. Recommended Action No action is required. This is an informational message. The software will simply take the safest approach, given the fault that the RP is experiencing. Depending on the arbitration role of the RP, a reload of the RP or a FO is imminent. Error Message %PLATFORM-PSARB-6-STANDBY_NOT_READY (slot [dec]) failover prevented - standby RP is not ready. Explanation Standby RP is not ready to takeover as active RP. Ready state means all applications required for standby RP to takeover as active are up and running. In this case, the operation of standby RP taking over as active is prevented. Recommended Action No action is required. Error Message %PLATFORM-PSARB-6-SUSPEND Turning off our countdowns Explanation This message confirms the user selected debug mode Recommended Action None Platform Messages PSARBLC Messages EM-1909 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PSARB-6-TAKE_OVER Take over message received from partner, transition to primary Explanation The specified RP received a take over message from its partner, indicating that the card should transition to Primary role. Recommended Action No action is required. This is an informational message. The software is simply taking the safest approach, given the fault that the partner RP experienced. PSARBLC Messages Error Message %PLATFORM-PSARBLC-3-INIT_ERR Process initialization failed: ([chars]%s) Explanation The psarb-lc process failed to initialize. This process is responsible for monitoring the arbitration messages between the primary and standby RPs and determining which slot contains the primary RP. %s - indicates the reason for the failure. %s - the decoded error reason. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PSARBLC-3-SELF_RESET_DLRSC_DOWN Resetting myself ([dec]), as DLRSC ([dec]) is not present anymore in my LR. Explanation PSARB knows when a DLRSC (primary RP) in its LR is down and there is no backup DLRSC (secondary RP). PSARB then needs to reset itself as the LR is headless. Recommended Action Bringup the DLRSC that has gone down in this LR. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. PUNT_SWITCH Messages Error Message %PLATFORM-PUNT_SWITCH-2-REG_ACCESS_FAIL Register access failure on Punt switch Explanation Register access failure on Punt Switch. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PUNT_SWITCH Messages EM-1910 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_0 LINK FAIL-0 Explanation PUNT link has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_1 LINK FAIL-1 Explanation Punt link failed Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_2 LINK FAIL-2 Explanation PUNT link has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_3 LINK FAIL-3 Explanation Punt link failed Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_4 LINK FAIL-4 Explanation PUNT link has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PUNT_SWITCH Messages EM-1911 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_5 LINK FAIL-5 Explanation Punt link failed Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_6 LINK FAIL-6 Explanation PUNT link has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_7 LINK FAIL-7 Explanation Punt link failed Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_8 LINK FAIL-8 Explanation PUNT link has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_9 LINK FAIL-9 Explanation Punt link failed Recommended Action Please correct the error by performing card reload using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages PUNT Messages EM-1912 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PUNT Messages Error Message %PLATFORM-PUNT-2-CPU_RGMII_RX_LINK_FAIL_0 CPU RGMII RX LINK FAIL-0 Explanation CPU RGMII TX or PUNT RX has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. Please verify that the FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT-2-CPU_RGMII_RX_LINK_FAIL_1 CPU RGMII RX LINK FAIL-1 Explanation 125Mhz clock has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. Please verify that the FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT-2-DDR_IF_FAIL DDR interface failed Explanation Punt DDR interface has failed. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. Please verify that the FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT-2-DRIVER_FATAL Puntpath process [chars]. Explanation The particular operation mentioned in the message failed due to some reason. This is a critical failure. Driver cannot operate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PUNT Messages EM-1913 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PUNT-2-OPERATION_FATAL Puntpath process [chars]. Explanation The particular operation mentioned in the message failed due to some reason. This is a critical failure. Driver cannot operate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT-2-REG_ACCESS_FAIL Register access failure on Punt Explanation Register access failure on Punt FPGA. Recommended Action Please correct the error by performing card reload using command: ’reload location ’. Please verify that the FPGA is loaded properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-PUNT-3-DRIVER_ERROR [chars] for punt[dec], value [hex], error [dec]. Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-PUNT-3-OPERATION_ERROR [chars] punt[dec], value [hex], error [dec]. Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-PUNT-3-PLL_NOT_LOCKED PLL inside the FPGA device is not locked Explanation PLL inside the FPGA device is not locked. Recommended Action The software should be able to recover from this error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages PWR_SUPPLY Messages EM-1914 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-PUNT-6-DRIVER_INFO [chars] for punt[dec] is [hex]. Explanation The particular operation mentioned in the message gave a informative message. This is not a failure. Recommended Action No action is required. Error Message %PLATFORM-PUNT-6-OPERATION_INFO [chars] for punt[dec] is [hex]. Explanation The particular operation mentioned in the message gave a informative message. This is not a failure. Recommended Action No action is required. PWR_SUPPLY Messages Error Message %PLATFORM-PWR_SUPPLY-0-FAULT ClkCtrl detected power supply power module failure [chars] Explanation ClkCtrl has detected a power supply module has failed Recommended Action Please replace the failed power module. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. REDDRV Messages Error Message %PLATFORM-REDDRV-0-ARBITRATION_LOCK_UNAVAILABLE Lock Unavailable. Possible Reason: Other RP trying to boot up in Normal mode. Explanation Failed to grab lock in DR mode as the lock is unavailable. Possible reason: Other RP booted up in Normal mode and permanantly grabbed the lock. Recommended Action Make sure that if one RP is running as DR, the other RP is not booted up in Normal mode. Both RPs should be running either in Dual mode or in Normal mode. Platform Messages REDDRV Messages EM-1915 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-2-MSG_LOCAL_NODE_DEAD_RELOAD_MYSELF This DRP’s other CPU node went down. Reload myself. Explanation When a CPU in DRP goes down, the other CPU should go down as well. Recommended Action None; this CPU will reset along with other CPU Error Message %PLATFORM-REDDRV-2-MSG_PRIMARY_GLARE primary-primary glare (primary msg from node [hex]) Explanation There appear to be two PRIMARY RP’s in the system Recommended Action None; the node which has arbitrated for the least time will be reset. Error Message %PLATFORM-REDDRV-2-MSG_PRIMARY_GLARE primary-primary glare (primary msg from node [hex]) Explanation There appear to be two PRIMARY RP’s in the system Recommended Action None; the node which has arbitrated for the least time will be reset. Error Message %PLATFORM-REDDRV-3-ERR_INTERNAL_SW [chars]; [chars] Explanation The sc_reddrv encountered the annunciated SW error. The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times the error is encountered, to recover. If the problem continues, sysmgr will trigger node reload. After a certain number of node reloads, the shelf manager will permanently shutdown the node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-3-ERR_PEER_NOT_ISOLATED Peer node [chars] failed to isolate after crash, nodeid equals [hex] Explanation The Peer RP/SC is not isolated after node crash. The crash node will be reset automatically Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages REDDRV Messages EM-1916 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-3-ERR_SET_REBOOT_CAUSE Failed to set reboot cause into syspage, error: [chars] Explanation The failure on setting reboot cause to syspage before performing Kernel Dump. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-3-ERROR_EXIT reddrv process exiting because [chars], error code [chars] Explanation The DRP redundancy driver process exited for the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered inorder to recover. Execute ’show process reddrv location ’ to verify that the process is up and running after the restart. If it is still non-operational, try doing from the admin mode ’process restart reddrv location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-3-ERROR_EXIT reddrv process exiting because [chars], error code [chars] Explanation The DRP redundancy driver process exited for the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process up to a fixed number of times when this error is encountered inorder to recover. Execute ’show process reddrv location ’ to verify that the process is up and running after the restart. If it is still non-operational, try doing from the admin mode ’process restart reddrv location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-3-ROLE_LOCKED (node [hex]) failover prevented - card role is locked Explanation The role of this card has been locked - failover was prevented. Recommended Action A failover was initiated, but could not complete because the card role is locked. Please capture the output of ’show reddrv trace’ and ’show drp-reddrv trace’. Platform Messages REDDRV Messages EM-1917 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-3-ROLE_LOCKED (node [hex]) failover prevented - card role is locked Explanation The role of this card has been locked - failover was prevented. Recommended Action A failover was initiated, but could not complete because the card role is locked. Please capture the output of ’show reddrv trace’ and ’show drp-reddrv trace’. Error Message %PLATFORM-REDDRV-3-SWITCHOVER_SUPPORT_FAIL Failed to [chars], error code [chars]. [chars] will not be notified of switchover. Explanation The particular operation mentioned in the message has failed. As a result, the mentioned driver on the card that puts this message will not be notified of failover of RP. Recommended Action Restart the mentioned driver on the card that puts this message. Error Message %PLATFORM-REDDRV-4-CRITERIA_CONFLICT Detected conflicting criteria comparision: [chars] Explanation Detected conflicting criteria. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-4-CRITERIA_CONFLICT Detected conflicting criteria comparision: [chars] Explanation Detected conflicting criteria. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-4-CRITERIA_CONFLICT Detected conflicting criteria comparision: [chars] Explanation Detected conflicting criteria. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages REDDRV Messages EM-1918 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-4-FILE_OPEN Failed to open log file for redundancy driver: [chars] Explanation Failed to open log file for redundancy driver. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-4-FILE_OPEN Failed to open log file for redundancy driver: [chars] Explanation Failed to open log file for redundancy driver. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-4-FILE_OPEN Failed to open log file for redundancy driver: [chars] Explanation Failed to open log file for redundancy driver. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-4-HARDWARE_ERROR Detected Hardware error: [chars]. Explanation Detected hardware error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-4-HARDWARE_ERROR Detected Hardware error: [chars]. Explanation Detected hardware error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages REDDRV Messages EM-1919 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-4-HARDWARE_ERROR Detected Hardware error: [chars]. Explanation Detected hardware error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-4-WD_EXPIRED Failed to punch the watchdog on time [dec] seconds [dec] nanosecs Explanation Failed to punch the watchdog timer within one second. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-4-WD_EXPIRED Failed to punch the watchdog on time [dec] seconds [dec] nanosecs Explanation Failed to punch the watchdog timer within one second. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-4-WD_EXPIRED Failed to punch the watchdog on time [dec] seconds [dec] nanosecs Explanation Failed to punch the watchdog timer within one second. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-5-GO_ACTIVE Card is becoming active. Explanation Card is becoming active. Recommended Action No action required, just informational message. Platform Messages REDDRV Messages EM-1920 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-5-GO_ACTIVE Card is becoming active. Explanation Card is becoming active. Recommended Action No action required, just informational message. Error Message %PLATFORM-REDDRV-5-GO_BID Card is going to bid state. Explanation Card is going to bid state. Recommended Action No action required, just informational message. Error Message %PLATFORM-REDDRV-5-GO_BID Card is going to bid state. Explanation Card is going to bid state. Recommended Action No action required, just informational message. Error Message %PLATFORM-REDDRV-5-GO_STANDBY Card is becoming standby. Explanation Card is becoming standby. Recommended Action No action required, just informational message. Error Message %PLATFORM-REDDRV-5-GO_STANDBY Card is becoming standby. Explanation Card is becoming standby. Recommended Action No action required, just informational message. Error Message %PLATFORM-REDDRV-5-MSG_PARTNER_NODE_DEAD_START_FAILOVER Active DRP’s CPU node went down. Perform Failover as I’m standby now. Explanation When a CPU in active DRP goes down, the standby CPU should failover as active. Recommended Action None; this CPU will failover to active state Platform Messages REDDRV Messages EM-1921 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-6-DELIVER_POISON_PILL Active sends poision pill packet to peer node [chars] Explanation Active reddrv issued a poison pill packet to reset peer RP or SC Recommended Action No action needed. This is to ensure peer RP/SC to drop out from active role Error Message %PLATFORM-REDDRV-6-DELIVER_POISON_PILL Active sends poision pill packet to peer node [chars] Explanation Active reddrv issued a poison pill packet to reset peer RP or SC Recommended Action No action needed. This is to ensure peer RP/SC to drop out from active role Error Message %PLATFORM-REDDRV-6-RESET_SELF No active RP detected for [dec] seconds; resetting this node Explanation The node on which reddrv is running, resets itself on loss of heartbeat from the RP. Recommended Action Check the RP in the system. If present, check the connectivity between RP and the node that went down. Error Message %PLATFORM-REDDRV-6-RESET_SELF No active RP detected for [dec] seconds; resetting this node Explanation The node on which reddrv is running, resets itself on loss of heartbeat from the RP. Recommended Action Check the RP in the system. If present, check the connectivity between RP and the node that went down. Error Message %PLATFORM-REDDRV-6-RESET_STANDBY Active [chars] reset standby peer node [chars] Explanation Issue hardware reset to peer standby RP or SC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Platform Messages REDDRV Messages EM-1922 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-6-RESET_STANDBY Active [chars] reset standby peer node [chars] Explanation Issue hardware reset to peer standby RP or SC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-6-RESET_STANDBY Active [chars] reset standby peer node [chars] Explanation Issue hardware reset to peer standby RP or SC. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-ASYNC_SEND Failed to send async message to redcon : [chars] Explanation Failed to send async message to redcon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-ASYNC_SEND Failed to send async message to redcon : [chars] Explanation Failed to send async message to redcon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-ASYNC_SEND Failed to send async message to redcon : [chars] Explanation Failed to send async message to redcon. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Platform Messages REDDRV Messages EM-1923 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-ERROR [chars] : [chars] Explanation A general failure occured while executing a resource function. The message contains info about the cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of Redundancy Driver. Error Message %PLATFORM-REDDRV-7-ERROR [chars] : [chars] Explanation A general failure occured while executing a resource function. The message contains info about the cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of Redundancy Driver. Error Message %PLATFORM-REDDRV-7-ERROR [chars] : [chars] Explanation A general failure occured while executing a resource function. The message contains info about the cause of the failure and possibly anticipated actions/effects. Recommended Action Verify continued correct operation of Redundancy Driver. Error Message %PLATFORM-REDDRV-7-KDUMPER_MESSAGE [chars] Explanation Reddrv has received kernel dumper message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-KDUMPER_MESSAGE [chars] Explanation Reddrv has received kernel dumper message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Platform Messages REDDRV Messages EM-1924 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-KDUMPER_MESSAGE [chars] Explanation Reddrv has received kernel dumper message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MESSAGE_RETRY_ERROR Exhausted message retry count of messge type: [chars] Explanation Received unexpected async error message code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MESSAGE_RETRY_ERROR Exhausted message retry count of messge type: [chars] Explanation Received unexpected async error message code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MESSAGE_RETRY_ERROR Exhausted message retry count of messge type: [chars] Explanation Received unexpected async error message code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MISS_ACK_COUNT Missed heart beat acknowledge from standby Explanation Received unexpected async error message code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Platform Messages REDDRV Messages EM-1925 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-MISS_ACK_COUNT Missed heart beat acknowledge from standby Explanation Received unexpected async error message code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MISS_ACK_COUNT Missed heart beat acknowledge from standby Explanation Received unexpected async error message code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MSG_ERROR Received unexpected message of type: [dec] Explanation Received unexpected message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MSG_ERROR Received unexpected message of type: [dec] Explanation Received unexpected message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-MSG_ERROR Received unexpected message of type: [dec] Explanation Received unexpected message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Platform Messages REDDRV Messages EM-1926 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-MSG_INVALID_MSGLEN reddrv_msg_handler got [dec] expected [dec] Explanation reddrv_msg_handler received a message of unexpected size Recommended Action No action required, software will take corrective action on its own. Error Message %PLATFORM-REDDRV-7-MSG_INVALID_MSGLEN reddrv_msg_handler got [dec] expected [dec] Explanation reddrv_msg_handler received a message of unexpected size Recommended Action No action required, software will take corrective action on its own. Error Message %PLATFORM-REDDRV-7-NODE_ERROR [chars] : [chars] : [chars] Explanation Reddrv had problem to broadcast dead node name notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-NODE_ERROR [chars] : [chars] : [chars] Explanation Reddrv had problem to broadcast dead node name notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Error Message %PLATFORM-REDDRV-7-NODE_ERROR [chars] : [chars] : [chars] Explanation Reddrv had problem to broadcast dead node name notification. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. equals Platform Messages REDDRV Messages EM-1927 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-NODE_RESET Resetting node [chars] for correct active/standby arbitration Explanation The arbitration state machine needs to be able to reset failed nodes, or other nodes on the same card as a failed node, in order to ensure correct behavior of the state machine and no mixed-role cards. Recommended Action No action required, just informational message. Error Message %PLATFORM-REDDRV-7-NODE_RESET Resetting node [chars] for correct active/standby arbitration Explanation The arbitration state machine needs to be able to reset failed nodes, or other nodes on the same card as a failed node, in order to ensure correct behavior of the state machine and no mixed-role cards. Recommended Action No action required, just informational message. Error Message %PLATFORM-REDDRV-7-NODE_RESET_FAILED Reset of node [chars] failed with error [chars] - correct active/standby arbitration may not occur in this case Explanation The arbitration state machine needs to be able to reset failed nodes, or other nodes on the same card as a failed node, in order to ensure correct behavior of the state machine and no mixed-role cards. If this fails, then arbitration may not occur correctly. Recommended Action Please collect output of ’show redundancy trace’, ’show logging’ and ’show ltrace shelfmgr’. Error Message %PLATFORM-REDDRV-7-NODE_RESET_FAILED Reset of node [chars] failed with error [chars] - correct active/standby arbitration may not occur in this case Explanation The arbitration state machine needs to be able to reset failed nodes, or other nodes on the same card as a failed node, in order to ensure correct behavior of the state machine and no mixed-role cards. If this fails, then arbitration may not occur correctly. Recommended Action Please collect output of ’show redundancy trace’, ’show logging’ and ’show ltrace shelfmgr’. Platform Messages REDDRV Messages EM-1928 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-REDDRV-7-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-REDDRV-7-REDCON_REREGISTER Recon registration invoked more than once Explanation The reddrv_redcon_register function was called multiple times Recommended Action No action required, software will automatically take corrective action. Error Message %PLATFORM-REDDRV-7-REDCON_REREGISTER Recon registration invoked more than once Explanation The reddrv_redcon_register function was called multiple times Recommended Action No action required, software will automatically take corrective action. Error Message %PLATFORM-REDDRV-7-ROLE_CHANGE Detected role change to [chars] state due to [chars] Explanation Detected role change signal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages REDDRV Messages EM-1929 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-ROLE_CHANGE Detected role change to [chars] state due to [chars] Explanation Detected role change signal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-7-ROLE_CHANGE Detected role change to [chars] state due to [chars] Explanation Detected role change signal. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-7-SHMEM Failed to [chars] share memory region: [chars] Explanation Failed to create, open or size share memory region. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-7-SHMEM Failed to [chars] share memory region: [chars] Explanation Failed to create, open or size share memory region. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-7-SHMEM Failed to [chars] share memory region: [chars] Explanation Failed to create, open or size share memory region. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages REDDRV Messages EM-1930 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-SW_ROLE_ERROR Detected software role error my_role: [dec] other_role: [dec] Explanation Detected software role error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-7-SW_ROLE_ERROR Detected software role error my_role: [dec] other_role: [dec] Explanation Detected software role error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-7-SW_ROLE_ERROR Detected software role error my_role: [dec] other_role: [dec] Explanation Detected software role error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-REDDRV-7-UNEXPECTED Unexpected: [chars]: [chars] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Error Message %PLATFORM-REDDRV-7-UNEXPECTED Unexpected: [chars]: [chars] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. Platform Messages REEP Messages EM-1931 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REDDRV-7-UNEXPECTED Unexpected: [chars]: [chars] Explanation An unexpected condition encountered. This is not necessarily an error, but may help with debugging other problems elsewhere! Recommended Action Collect system log information. No action is required. REEP Messages Error Message %PLATFORM-REEP-3-ERROR_OPENING_ETHERNET_CONNECTION Failed to open connection to control ethernet server. Err equals [chars] Explanation The control ethernet transport connection has been lost due to which send/receive for this process over the control ethernet will not work. This impacts standby RP booting. Recommended Action If this message is seen persistently, please capture output of ’show process eth_server’ and ’show controllers backplane ethernet trace’. Error Message %PLATFORM-REEP-3-ERROR_OPENING_ETHERNET_CONNECTION Failed to open connection to control ethernet server. Err equals [chars] Explanation The control ethernet transport connection has been lost due to which send/receive for this process over the control ethernet will not work. This impacts standby RP booting. Recommended Action If this message is seen persistently, please capture output of ’show process eth_server’ and ’show controllers backplane ethernet trace’. Error Message %PLATFORM-REEP-3-GET_BOARD_TYPE_FAILED Platform call to determine boardtype failed Explanation This is indicative of some very fundamental problem in the the system. Some very basic system initialization has failed. Recommended Action Check the board which had the failure. Error Message %PLATFORM-REEP-3-GET_BOARD_TYPE_FAILED Platform call to determine boardtype failed Explanation This is indicative of some very fundamental problem in the the system. Some very basic system initialization has failed. Recommended Action Check the board which had the failure. Platform Messages REEP Messages EM-1932 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REEP-3-I2C_BKPLANE_READ_FAILED I2C access to read backplane EEPROM failed Explanation This is indicative of some very fundamental problem in the the system. I2C access to the backplane not working could be due to an I2C hang. Recommended Action Gather all the console logs and the i2c trace. Error Message %PLATFORM-REEP-3-I2C_BKPLANE_READ_FAILED I2C access to read backplane EEPROM failed Explanation This is indicative of some very fundamental problem in the the system. I2C access to the backplane not working could be due to an I2C hang. Recommended Action Gather all the console logs and the i2c trace. Error Message %PLATFORM-REEP-3-I2C_SERVER_CONNECT_FAILED Failed to connect to I2C server Explanation I2C service is currently unavailable. Recommended Action If this condition persists, it will preclude the standby route processor card in that chassis from coming up. So if it is seen persistently, please check the status of the i2c_server process on the active RP. Error Message %PLATFORM-REEP-3-I2C_SERVER_CONNECT_FAILED Failed to connect to I2C server Explanation I2C service is currently unavailable. Recommended Action If this condition persists, it will preclude the standby route processor card in that chassis from coming up. So if it is seen persistently, please check the status of the i2c_server process on the active RP. Error Message %PLATFORM-REEP-7-REPLY_SEND_FAILED Failed to send reply. Err equals [dec] Explanation Failed to send reply to client ROMMON. Recommended Action Transient occurrence of this message is possible. If this message is seen persistently, and either an MSC, DRP or standby RP is not booting, it is because the control network connectivity service on this node is malfunctioning. Platform Messages ROM_UPGRADE_LIB Messages EM-1933 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-REEP-7-REPLY_SEND_FAILED Failed to send reply. Err equals [dec] Explanation Failed to send reply to client ROMMON. Recommended Action Transient occurrence of this message is possible. If this message is seen persistently, and either an MSC, DRP or standby RP is not booting, it is because the control network connectivity service on this node is malfunctioning. ROM_UPGRADE_LIB Messages Error Message %PLATFORM-ROM_UPGRADE_LIB-7-ERROR [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %PLATFORM-ROM_UPGRADE_LIB-7-ERROR [chars] Explanation -- Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ ROMMON_BURNER Messages Error Message %PLATFORM-ROMMON_BURNER-3-BAD_ARG Bad command option: [chars] [chars] Explanation Bad coammand option. Recommended Action No action is required.. Error Message %PLATFORM-ROMMON_BURNER-3-BAD_ARG Bad command option: [chars] [chars] Explanation Bad coammand option. Recommended Action No action is required.. Platform Messages ROMMON_BURNER Messages EM-1934 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ROMMON_BURNER-3-FILE_OP_ERR [chars]: [chars] in function [chars] at line [dec] Explanation Error occured with file operations. Recommended Action No action is required.. Error Message %PLATFORM-ROMMON_BURNER-3-FILE_OP_ERR [chars]: [chars] in function [chars] at line [dec] Explanation Error occured with file operations. Recommended Action No action is required.. Error Message %PLATFORM-ROMMON_BURNER-3-NO_MEM Failed in allocating memory in function [chars] at line [dec] Explanation No enough memory. Recommended Action No action is required.. Error Message %PLATFORM-ROMMON_BURNER-3-NO_MEM Failed in allocating memory in function [chars] at line [dec] Explanation No enough memory. Recommended Action No action is required.. Error Message %PLATFORM-ROMMON_BURNER-5-progress [chars] [chars] Explanation Output progress to RP console. Recommended Action No action is required.. Error Message %PLATFORM-ROMMON_BURNER-5-progress [chars] [chars] Explanation Output progress to RP console. Recommended Action No action is required.. Platform Messages RSP_CPUCTRL Messages EM-1935 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-ROMMON_BURNER-5-version ROMMON version [dec].[dec] is not supported for this board. Explanation Invalid ROMMON version to RP console. Recommended Action No action is required.. Error Message %PLATFORM-ROMMON_BURNER-5-version ROMMON version [dec].[dec] is not supported for this board. Explanation Invalid ROMMON version to RP console. Recommended Action No action is required.. RSP_CPUCTRL Messages Error Message %PLATFORM-RSP_CPUCTRL-0-BOARD_SEATING_ERROR CPI self to LC status incorrect Explanation No RSP is detected in the system by the LC. Most likely bad board. Recommended Action The problem can be corrected by reseating the board a few times. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-RSP_CPUCTRL-2-DEV_VERSION_ERROR RSP CPU controller driver version is not compatible with the hardware version. [chars] Explanation RSP CPU controller driver version is not compatable with the hardware version. Recommended Action If a redundant RSP card has been configured force a failover with the following command in admin mode ’redundancy switchover’. Upgrade the RSP CPU controller CPLD image on the RSP that reported this problem, followed by reload of that RSP. Platform Messages RWMGR Messages EM-1936 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-RSP_CPUCTRL-2-PCB_VERSION_ERROR RSP CPU controller driver PCB version error Explanation RSP CPU controller driver version is not compatible with the current Board. Recommended Action Please try to correct the problem by reloading the board using command: ’reload location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-RSP_CPUCTRL-2-PEER_PAR_ERROR CPU controller driver detected peer parity error Explanation RSP CPU controller driver detected peer RSP parity error. Recommended Action If the redundant RSP is reporting this error, force a failover with the following command in admin mode ’redundancy switchover’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-RSP_CPUCTRL-2-SLOTID_PAR_ERROR RSP CPU controller driver detected a slot id parity error Explanation RSP CPU controller has detected slot id parity. This could be possible if RSP is not seated properly. Recommended Action Check to see if the RSP is seated properly. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RWMGR Messages Error Message %PLATFORM-RWMGR-0-INIT_RETRY_SUCCEEDED RwString Manager succeeded in initializing the [chars] module upon retry. Explanation An error was previously encountered while initializing one of modules of the rwmgr server. However, the initialization was retried and succeeded. Recommended Action No action is required. Platform Messages RWMGR Messages EM-1937 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-RWMGR-2-INIT_FAILURE Failed to initialze RwString Manager: [chars] Explanation This syslog is printed when RwString Manager or its clients fail to initialize necessary data structures and memories. If the error originates from the system call the error message is also printed. Recommended Action Based on the system error message the user can tell what went wrong. More likely than not, the user has to restart the system. If the problem persists he or she has to contact Cisco customer support team. Error Message %PLATFORM-RWMGR-2-MALLOC_FAILURE Failed to allocate memory: [chars] Explanation An explanation is provided in the syslog. Recommended Action A user should be able to tell what went wrong and take actions accordingly. For instance, if the system runs out of memory then more memory needs to be installed. Error Message %PLATFORM-RWMGR-4-INIT_ERROR RwString Manager was unable to initialize the [chars] module. Error: ’[chars]’. [chars]. Explanation An error was encountered while initializing one of the modules of configuration manager server. The failure of this module initialization is not critical to configuration manager to be completely operational. Recommended Action Provide the message details to Cisco Support personal. Error Message %PLATFORM-RWMGR-4-TRACE [chars] Error:[chars] Explanation This is a non-fatal error and can happen when router is low on memory. It should not affect the functioning of the router, but trace messages may not be logged. Recommended Action None. Error Message %PLATFORM-RWMGR-7-INTERNAL [chars] Explanation An unexpected internal error occurred in the rwmgr subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages SC Messages EM-1938 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SC Messages Error Message %PLATFORM-SC-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation SANTACRUZ Driver encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SC-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation SC encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SC-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the sc_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SC-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation SC Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SCC Messages EM-1939 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SC-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation SC Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SC-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in SC Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SC-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation SC Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SC-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation sc LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SCC Messages Error Message %PLATFORM-SCC-2-BAD_ID_HW Failed Identification Test in [chars] [[dec]/[dec]] The module in [chars] in this router may not be a genuine Cisco product. Cisco warranties and support programs only apply to genuine Cisco products. If Cisco determines that your insertion of non-Cisco SPA cards or other modules into a Cisco Platform Messages SERVICE_AGENT Messages EM-1940 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 product is the cause of a support issue, Cisco may deny support under your warranty or under a Cisco support program such as SmartNet. Explanation ’Hardware in the specified location could not be identified as a genuine Cisco product’ Recommended Action ’Contact TAC’ Error Message %PLATFORM-SCC-2-FAILED_ID_HW Failed Identification Test in [chars] [[dec]/[dec]] Explanation ’There was a problem while identifying Hardware in the specified location.’ Recommended Action ’Contact TAC’ Error Message %PLATFORM-SCC-2-PROTO_HW Module ([chars]) is a registered proto-type for Cisco Lab use only, and not certified for live network operation. Explanation ’Hardware in the specified location is a proto-type module that came from a Cisco Lab’ Recommended Action ’Contact TAC’ SERVICE_AGENT Messages Error Message %PLATFORM-SERVICE_AGENT-2-ERR_EVM_EVENT_BLOCK [chars] Explanation An error occurred in the event loop. It may be possible to rectify it by restarting the process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SERVICE_AGENT-3-DEBUG_ERROR [chars]: [chars] Explanation Encountered an error in debug module. This error should not impact the major functionality of the module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SFP Messages EM-1941 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SERVICE_AGENT-3-DLL_ERROR Failed to [chars] [chars] DLL: [chars] Explanation An error occurred while trying to open or initialize a DLL. The process will be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SERVICE_AGENT-3-INIT_CRITICAL_ERROR [chars]: [chars]: [hex] Explanation A critical error occured during the initialization of Service Agent process which involves exiting the process. The Service Agent will restart and unless the same error occurs on the next attempt the Service Agent will function normally. If the error is persistent, it indicates the system error or HW error which needs further investigation. The cause of the error will be mentioned in the message displayed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SERVICE_AGENT-3-LTRACE_ERROR Error encountered tracing for [chars]: [chars] Explanation Encountered an error in tracing module. This error should not impact the major functionality of the module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SFP Messages Error Message %PLATFORM-SFP-2-DEV_SFP_COMPLIANCE_ERROR Module compliance error Explanation A compliance error was detected during SFP initialization. A compliance error is due to checksum error, EEPROM CRC error, vendor data error, or decryption error. The SFP is the pluggable optics on the line cards. SFP initialization may happen when linecard boots up, SFP OIR and line card process restart. The optics will not be enabled if an SFP compliance error is detected. Recommended Action Verify that the device is properly inserted. If the issue persists then copy the error message exactly as it appears, and report it to your technical support representative. If possible, also provide the output of the commands ’show controller i/f phy’ and ’show controller i/f internal’ Platform Messages SHELFMGR_HAL Messages EM-1942 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SFP-2-DEV_SFP_SUPPORTED_ERROR Module supported error Explanation A supported error was detected during SFP initialization. A support error is reported when the SFP type can not be determined or it is not supported on the platform. The SFP is the pluggable optics on the line cards. SFP initialization may happen when linecard boots up, SFP OIR and line card process restart. The optics will not be enabled if an SFP supported error is detected. Recommended Action Verify that the device is properly inserted. If the issue persists then copy the error message exactly as it appears, and report it to your technical support representative. If possible, also provide the output of the commands ’show controller i/f phy’ and ’show controller i/f internal’ Error Message %PLATFORM-SFP-3-DEV_SFP_PID_NOT_SUPPORTED Module PID error Explanation A PID not supported error was detected during SFP initialization. A PID not supported error is reported when either the PID can not be read or it not supported on the platform. The SFP is the pluggable optics on the line cards. SFP initialization may happen when linecard boots up, SFP OIR and line card process restart. Traffic will not be impacted by this error. Recommended Action Verify that the device is properly inserted. If the issue persists then copy the error message exactly as it appears, and report it to your technical support representative. If possible, also provide the output of the commands ’show controller i/f phy’ and ’show controller i/f internal’ SHELFMGR_HAL Messages Error Message %PLATFORM-SHELFMGR_HAL-0-SHELF_SHUTDOWN Full shelf powerdown initiated. Explanation In response to extreme environmental conditions, all line cards in the shelf will be powered down. This is intended to prevent hardware damage. Physical replacement of the RSP card will be required to recover from this state. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-2-CBC_OFFLINE [chars] CBC processor is offline. Explanation The node CAN Bus Controller is currently offline. Operations such as environmental monitoring, hardware power control and card reset may be impaired. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR_HAL Messages EM-1943 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR_HAL-2-CPI_NO_PEER_VALIDATION Failed to validate Peer RSP removal. Peer slot: [dec] Explanation Lance client API failure. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-2-CPI_PEER_FAIL Peer card CPI inconsistancy detected. Peer slot: [dec] Explanation Peer card CPI inconsistancy can be observed during an OIR of the active RSP. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-2-CPI_SELF_FAIL CPI of the local card detected Explanation Tempo Client API failure Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-3-CANNOT_REARM_HB_REQ_SEND_TIMER Can not schedule timer to generate HB Requests. This will cause the remote card to reset. rc equals [hex], [chars] Explanation ’Heartbeat requests can not generated when this timer can not reschedule.’ Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-3-CHASSIS_TYPE_GET_ERR Can not retrieve Chassis Type info: rc equals [hex] ([chars]) Explanation API Call to cctl_get_chassis_type() failed. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-3-INV_MAX_SLOT_ERR Max Slot out of range detected. Bad max value: [dec] Explanation The API call to vkg_slot_get_info() returns an out of range value. Recommended Action No action is required. Platform Messages SHELFMGR_HAL Messages EM-1944 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR_HAL-3-INV_NODEID Invalid nodeID detected: [hex], rc equals [hex] ([chars]) Explanation API Call to nodeid_extract_fields() failed. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-6-BOOT_REQ_RECEIVED Boot Request from [chars], RomMon Version: [dec].[dec] Explanation Log the Boot Request Rommon Version Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-6-CARD_POWERCYCLE Shelfmgr Card Power Cycle Initiated, [chars] Explanation The Shelf Manager component has requested power restart on a line card or secondary RSP. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-6-CARD_POWERDOWN Shelfmgr Card Powerdown Initiated, [chars] Explanation The Shelf Manager component has requested power disable on a line card or secondary RSP. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-6-CARD_POWERUP Shelfmgr Card Powerup Initiated, [chars] Explanation The Shelf Manager component has requested powerup on a line card or secondary RSP. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-6-CARD_SHUTDOWN Shelfmgr Card Shutdown, [chars], [chars] Explanation The Shelf Manager component has initiated a shutdown of a line card or standby RSP. Recommended Action No action is required. Platform Messages SHELFMGR_HAL Messages EM-1945 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR_HAL-6-COLD_BOOT Cold system bootup on [chars] Explanation In recovery from a system restart, a powercycle has been initiated on this slot. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-6-HEARTBEAT_ALERT [chars] heartbeat, non-responsive for [dec] seconds. (Threshold: [dec] seconds), Send/Rcv Seq#: [dec]/[dec] Explanation Periodic sanity heartbeat messages from the line card have not been received. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-6-HEARTBEAT_FAIL [chars] heartbeat, non-responsive for [dec] seconds. (Threshold: [dec] seconds), Send/Rcv Seq#: [dec]/[dec] Explanation Periodic sanity heartbeat messages from the line card have not been received. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-7-BOOT_REQ_FAILED Invalid Boot Request from [chars] rejected. [chars] Explanation An invalid request to initiate MBI download has been recieved. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-7-CAN_CARD_INVALID Invalid card type [dec] from slot [dec] CBC Explanation CAN Client API failure Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-7-CAN_FAIL Can API: [chars] Explanation CAN Client API failure Recommended Action No action is required. Platform Messages SHELFMGR Messages EM-1946 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR_HAL-7-CAN_INFO Can API: slot [dec] [chars] event. Explanation CAN Client API info Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-7-CPI_GET_FAIL CPI status retrieval failed Explanation Tempo Client API failure Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR_HAL-7-TEMPO_INIT_FAILED Tempo API Init Failed Explanation Tempo Client API Init failure Recommended Action No action is required. SHELFMGR Messages Error Message %PLATFORM-SHELFMGR-0-CD_IN_RESET_STATE Card Bringup: Reboot card to keep Node: [hex][[chars]] in the IN-RESET state, Reset Code: [dec] Explanation This message indicates that this node was parked in the in-reset state due to the reason specified. Recommended Action Use hw-module loc loc reload command to release card from IN-RESET state. Error Message %PLATFORM-SHELFMGR-0-CHASSIS_SHUTDOWN CRITICAL: CHASSIS SHUTDOWN initiated due to [chars] Explanation Chassis is shutting down due to reason mentioned. Recommended Action Examine chassis based on above message. If chassis shutdown is due to low voltage on both power shelves, then please examine the battery and replace if necessary. Note that in all cases of shutdown, the chassis needs to be manually power cycled, or the RPs physically OIR’d so as to boot the chassis again. Platform Messages SHELFMGR Messages EM-1947 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-0-CHASSIS_SHUTDOWN CRITICAL: CHASSIS SHUTDOWN initiated due to [chars] Explanation Chassis is shutting down due to reason mentioned. Recommended Action Examine chassis based on above message. If chassis shutdown is due to low voltage on both power shelves, then please examine the battery and replace if necessary. Note that in all cases of shutdown, the chassis needs to be manually power cycled, or the RPs physically OIR’d so as to boot the chassis again. Error Message %PLATFORM-SHELFMGR-0-CHASSIS_SHUTDOWN CHASSIS SHUTDOWN initiated due to [chars] Explanation Chassis is shutting down due to reason mentioned. Recommended Action Examine chassis based on above message. Error Message %PLATFORM-SHELFMGR-0-MAX_RESET_BRINGDOWN Cannot boot node [chars] due to multiple resets, putting into IN_RESET state Explanation This message indicates that the node has reached maximum number of resets allowed, therefore, it is brought down to IN_RESET state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-1-ALL_FANTRAYS_REMOVED Critical Alarm: Alarm [chars] because [chars] Explanation Two possibilities to this message 1) An alarm has occured. Software has detected that all fan trays have been removed from the chassisbut, but gives user 45 seconds to insert another tray. If no action is taken within 45 seconds, the chassis will be shut down. 2) A previously occured alarm has been cleared. Software has detected that all fan trays were removed which would have shut down the system. But one fan tray was put back within 45 seconds, thus removing the need to shut down the system. Recommended Action Two possibilities to this message. 1) An alarm has occured : Insert a fan tray within 45 seconds. 2) A previously occured alarm has been cleared : *None* Platform Messages SHELFMGR Messages EM-1948 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-1-BOTH_FC_REMOVED Alarm [chars] because [chars] Explanation Two possibilities to this message 1) An alarm has occured. Software has detected that both fan controller cards have been removed from the chassis but, but gives user 45 seconds to insert atleast one of them back into the chassis. If no action is taken within 45 seconds, the chassis will be shut down. 2) A previously occured alarm has been cleared. Software has detected that both fan controller cards were removed which would have shut down the system. But one fan controller was put back within 45 seconds, thus removing the need to shut down the system. Recommended Action Two possibilities to this message. 1) An alarm has occured : Insert a fan controller card within 45 seconds. 2) A previously occured alarm has been cleared : *None* Error Message %PLATFORM-SHELFMGR-1-CLEAR_ALL_FANTRAYS_REMOVED Atleast one tray has been inserted within 45 seconds (of removing all trays), so the chassis will not be shut down Explanation Software has detected that all fan trays were removed which would have shut down the system. But one fan tray was put back within 45 seconds, thus removing the need to shut down the system. Recommended Action *None* Error Message %PLATFORM-SHELFMGR-1-CLEAR_ALL_FANTRAYS_REMOVED Atleast one tray has been inserted within 45 seconds (of removing all trays), so the chassis will not be shut down Explanation Software has detected that all fan trays were removed which would have shut down the system. But one fan tray was put back within 45 seconds, thus removing the need to shut down the system. Recommended Action *None* Error Message %PLATFORM-SHELFMGR-1-CLEAR_BOTH_FC_REMOVED Atleast one fan controller card has been inserted within 45 seconds (of removing both fan controller cards), so the chassis will not be shut down Explanation Software has detected that both fan controller cards were removed which would have shut down the system. But one fan controller was put back within 45 seconds, thus removing the need to shut down the system. Recommended Action *None* Platform Messages SHELFMGR Messages EM-1949 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-1-PARTIAL_CHASSIS_SHUTDOWN_POWERUP [chars] linecards and fabric cards due to low voltage warning [chars] from power shelves Explanation Received message from environment monitor that the voltage is low on the power shelves. So we are shutting down linecards and fabric cards to prevent damage to these boards. Recommended Action Examine chassis and replace battery or power-shelf. Error Message %PLATFORM-SHELFMGR-1-SET_ALL_FANTRAYS_REMOVED Critical Alarm: All fan trays have been removed from the chassis. If at least one tray is not inserted within 45 seconds, the chassis will be shutdown Explanation Software has detected that all fan trays have been removed from the chassisbut, but gives user 45 seconds to insert another tray. If no action is taken within 45 seconds, the chassis will be shut down. Recommended Action Insert a fan tray within 45 seconds. Error Message %PLATFORM-SHELFMGR-1-SET_ALL_FANTRAYS_REMOVED Critical Alarm: All fan trays have been removed from the chassis. If at least one tray is not inserted within 45 seconds, the chassis will be shutdown Explanation Software has detected that all fan trays have been removed from the chassisbut, but gives user 45 seconds to insert another tray. If no action is taken within 45 seconds, the chassis will be shut down. Recommended Action Insert a fan tray within 45 seconds. Error Message %PLATFORM-SHELFMGR-1-SET_BOTH_FC_REMOVED Both fan controller cards have been shutdown or removed from the chassis. If at least one fan controller card is not inserted within 45 seconds, the chassis will be shutdown Explanation Software has detected that both fan controller cards have been removed from the chassis but, but gives user 45 seconds to insert atleast one of them back into the chassis. If no action is taken within 45 seconds, the chassis will be shut down. Recommended Action Insert a fan controller card within 45 seconds. Platform Messages SHELFMGR Messages EM-1950 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED Shutdown node [chars] since CRS-DRP is not supported on CRS-4-CH Explanation This message indicates that the node is being shutdown because it is not supported on the CRS-4 platform. Recommended Action Remove the unsupported board and replace it with supported hardware. Error Message %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED Shutdown node [chars] since CRS-DRP is not supported on CRS-4-CH Explanation This message indicates that the node is being shutdown because it is not supported on the CRS-4 platform. Recommended Action Remove the unsupported board and replace it with supported hardware. Error Message %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED Shutdown node [chars] since CRS-DRP is not supported on CRS-4-CH Explanation This message indicates that the node is being shutdown because it is not supported on the CRS-4 platform. Recommended Action Remove the unsupported board and replace it with supported hardware. Error Message %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED_ONSLOT Shutdown node [chars] since CRS-[chars] is not supported on CRS-[chars]’s slot [dec] Explanation This message indicates that the node is being shutdown because it is not supported on the specified CRS platform. Recommended Action Remove the unsupported board and replace it with supported hardware. Error Message %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED_ONSLOT Shutdown node [chars] since CRS-[chars] is not supported on CRS-[chars]’s slot [dec] Explanation This message indicates that the node is being shutdown because it is not supported on the specified CRS platform. Recommended Action Remove the unsupported board and replace it with supported hardware. Platform Messages SHELFMGR Messages EM-1951 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-CHECKPT_MEM_RESTORE_FAILED Error restoring the Shelfmgr Checkpointed memory, rc equals [hex]([chars]) Explanation The Shelfmgr failed to restore its checkpoint memory on a process restart or transition from stby to act. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-CHKPT_MEM_OUT_OF_RANGE Attempting to restore unknown Shelfmgr Chkpt Memory Explanation The Shelfmgr encountered unexpected checkpoint memory Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-CHKPT_MEM_RESTORE_ERR Can not restore checkpoint for the HB Monitor DB for nodeid: [hex], slot: [dec], RecIndex: [dec], rc equals [hex] ([chars]) Explanation Shelfmgr API call to update the HB Monitor database failed. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-EMPTY_SERIAL_FAIL_BOOT Received boot request from a RP with an empty rack serial number, which indicates an attempt to boot a RP with ROMMON v1.19x as the standby. Boot request is being failed ! Refer to customer documentation for configuring a boot override Explanation Shelfmgr is failing a boot request because the serial number string in the boot request is empty. This happens if a RP with ROMMON 1.19x or older is sending a boot request. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Error Message %PLATFORM-SHELFMGR-3-EMPTY_SERIAL_FAIL_BOOT Received boot request from a RP with an empty rack serial number, which indicates an attempt to boot a RP with ROMMON v1.19x as the standby. Boot request is being failed ! Refer to customer documentation for configuring a boot override Explanation Shelfmgr is failing a boot request because the serial number string in the boot request is empty. This happens if a RP with ROMMON 1.19x or older is sending a boot request. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Platform Messages SHELFMGR Messages EM-1952 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-EMPTY_SERIAL_FAIL_BOOT Received boot request from a RP with an empty rack serial number, which indicates an attempt to boot a RP with ROMMON v1.19x as the standby. Boot request is being failed ! Refer to customer documentation for configuring a boot override Explanation Shelfmgr is failing a boot request because the serial number string in the boot request is empty. This happens if a RP with ROMMON 1.19x or older is sending a boot request. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Error Message %PLATFORM-SHELFMGR-3-FAILED_LOAD Node [chars] fails to load IOS XR image, request to reset ... Explanation This message indicates that the node failed to load the IOS XR image for maximum number of retries and will be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FAILED_LOAD Node [chars] fails to load IOS XR image, request to reset ... Explanation This message indicates that the node failed to load the IOS XR image for maximum number of retries and will be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FAILED_LOAD Node [chars] fails to load IOS XR image, request to reset ... Explanation This message indicates that the node failed to load the IOS XR image for maximum number of retries and will be reset. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1953 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-FAILEDPOWERUP Unable to power up slot [chars], request to reset. reason: [chars] Explanation This message indicates the board in named slot failed to power up. The node will be reloaded automatically. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FAILEDPOWERUP Unable to power up slot [chars], request to reset. reason: [chars] Explanation This message indicates the board in named slot failed to power up. The node will be reloaded automatically. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FAILEDPOWERUP Unable to power up slot [chars], request to reset. reason: [chars] Explanation This message indicates the board in named slot failed to power up. The node will be reloaded automatically. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FSMTIMEOUT_RESET Node [chars] is reset due to failed bootup Explanation This message indicates that the node is not able to boot up Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1954 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-FSMTIMEOUT_RESET Node [chars] is reset due to failed bootup. Node state was: [dec] Timeout ID: [dec] Explanation This message indicates that the node is not able to boot up Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FSMTIMEOUTA_RESET Node [chars] is reset because of failure to send boot request within [dec] seconds Explanation This message indicates that the node is not able to boot up. This is because the timer A has expired on this node before any boot request was recieved by shelfmgr from this node, after the node has reached the ROMMON state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FSMTIMEOUTB_RESET Node [chars] is reset because no mbi-hello heartbeat has been received within [dec] seconds. Explanation This message indicates that the node is not able to boot up. This is because no mbi-hello heartbeat has been recieved by shelfmgr within the time specified by timer B. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-FSMTIMEOUTD_RESET Node [chars] is reset because no XR-hello has been received within [dec] seconds Explanation This message indicates that the node is not able to boot up. If an XR-hello is not recieved within a specified time limit, then the node will go to ENA-FAILURE. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1955 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-FSMTIMEOUTMDR_RESET Node [chars] is reset because no MDR-mbi-hello has been received within [dec] seconds Explanation This message indicates that the node is not able to boot up after a warm reload. If an MDR-mbi-hello is not recieved within a specified time limit, then the node will go to ENA-FAILURE. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-INRESET_ALARM Power off node [chars] due to multiple critical alarms, putting into IN_RESET state Explanation This message indicates that the node has being brought down to IN_RESET state due to multiple critical alarms. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-INRESET_ALARM Power off node [chars] due to multiple critical alarms, putting into IN_RESET state Explanation This message indicates that the node has being brought down to IN_RESET state due to multiple critical alarms. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-INRESET_ALARM Power off node [chars] due to multiple critial alarms, putting into IN_RESET state Explanation This message indicates that the node has being brought down to IN_RESET state due to multiple critical alarms. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1956 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-INRESET_BRINGDOWN Cannot boot node [chars] due to multiple resets, putting into IN_RESET state Explanation This message indicates that the node has reached maximum number of resets allowed, therefore, it is brought down to IN_RESET state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-INRESET_BRINGDOWN Cannot boot node [chars] due to multiple resets, putting into IN_RESET state Explanation This message indicates that the node has reached maximum number of resets allowed, therefore, it is brought down to IN_RESET state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-INRESET_INV_CARD_TYPE Boot request from node [chars] contains invalid board type, This board is being shutdown, moved to the IN_RESET state Explanation This message indicates that the board type cannot be recognized, therefore, the node will not be able to boot up. This usually caused by an invalid eeprom content. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-INV_NODEID_EVT_IGNORE ERR: Can not retrieve my node: rc equals [hex] ([chars]), Bringdown Req [dec] not process for NodeID: [hex], State: [dec] Explanation API Call to nodeid_extract_fields() failed. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-INV_NODEID_IN_CHKPT_MEMORY Can not decode nodeID: [hex], RecIndex: [dec], rc equals [hex] ([chars]) Explanation API Call to nodeid_extract_fields() failed. Recommended Action No action is required. Platform Messages SHELFMGR Messages EM-1957 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-NODE_CPU_RESET Node [chars] CPU reset detected. Explanation This message indicates that the Shelfmgr detected the CPU of the specified node has reset. The specified node will attempt software reload. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-NODE_DB_CREATE_ERR Unexpected Node DB creation error, Node: [chars][[hex]], evt not processed: [chars][[dec]] Explanation This message indicates that there was an unexexpected error within the shelfmgr database where the Node Db was not found, or could be created. This causes the shelfmgr not processed the event that it just received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-NODE_KDUMP Node [chars]’s kernel started to dump Explanation This message indicates that the node’s kernel is dumped to local harddisk or RP’s harddisk. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-NODE_RESET_ALARM Node [chars] in critical alarms, request to reset ... Explanation This message indicates that the Shelf Manager or Platform Manager encountered a critical alarm for the node specified. It will attempt to reset the board which sends the alarm. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1958 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-NODE_RESET_ALARM Node [chars] in critical alarms, request to reset ... Explanation This message indicates that the Shelf Manager or Platform Manager encountered a critical alarm for the node specified. It will attempt to reset the board which sends the alarm. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-NODE_RESET_ALARM Node [chars] in critical alarms, request to reset ... Explanation This message indicates that the Shelf Manager or Platform Manager encountered a critical alarm for the node specified. It will attempt to reset the board which sends the alarm. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-NODE_RESET_BRINGDOWN Reset node [chars] due to heartbeat loss Explanation This message indicates that the node is being reset because it failed to detect heartbeat pulses. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-NODE_RESET_BRINGDOWN Reset node [chars] due to heartbeat loss Explanation This message indicates that the node is being reset because it failed to detect heartbeat pulses. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1959 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-NODE_RESET_BRINGDOWN Reset node [chars] due to heartbeat loss Explanation This message indicates that the node is being reset because it failed to detect heartbeat pulses. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-PARTIAL_INSERTED_CARD Warning: Partially inserted card [chars] due to absences in OIR detection and heart beat counter has reached its limit: [dec] Explanation This message indicates that the Shelf Manager, If receive 100 consecutive heart beats from a card, and our OIRd info still says this card NOT_PRESENT, then the card is probably only partially inserted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-POWERDOWN_RESET Node [chars] is powered off due to admin power off request Explanation This message indicates that the node will be reset because user has administratively ’power disable’ or ’no power disable’ the node. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-POWERDOWN_RESET Node [chars] is powered off due to admin power off request Explanation This message indicates that the node will be reset because user has administratively ’power disable’ or ’no power disable’ the node. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-POWERDOWN_RESET Node [chars] is powered off due to admin power off request Explanation This message indicates that the node will be reset because user has administratively ’power disable’ or ’no power disable’ the node. Recommended Action No action is required. Platform Messages SHELFMGR Messages EM-1960 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-POWERRELOAD_RESET Node [chars] is reset through power off, then power on Explanation This message indicates that the node is being reloaded because of a critical environmental alarm. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-POWERRELOAD_RESET Node [chars] is reset through power off, then power on Explanation This message indicates that the node is being reloaded because of a critical environmental alarm. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-POWERRELOAD_RESET Node [chars] is reset through power off, then power on Explanation This message indicates that the node is being reloaded because of a critical environmental alarm. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-RP_SHUTDOWN RP SHUTDOWN INITIATED due to thermal alarms Explanation RP is shutting down due to reason mentioned. Recommended Action If there is a standby RP in the router, failover will automatically occur. Otherwise, chassis will be brought down and a manual reboot will be neccessary. Error Message %PLATFORM-SHELFMGR-3-RP_SHUTDOWN RP SHUTDOWN INITIATED due to thermal alarms Explanation RP is shutting down due to reason mentioned. Recommended Action If there is a standby RP in the router, failover will automatically occur. Otherwise, chassis will be brought down and a manual reboot will be neccessary. Platform Messages SHELFMGR Messages EM-1961 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-RP_SHUTDOWN RP SHUTDOWN INITIATED due to thermal alarms Explanation RP is shutting down due to reason mentioned. Recommended Action If there is a standby RP in the router, failover will automatically occur. Otherwise, chassis will be brought down and a manual reboot will be neccessary. Error Message %PLATFORM-SHELFMGR-3-SHUTDOWN Node [chars] is shutdown due to a critical alarm Explanation This message indicates that the node will be brought down because a critical environmental alarm occured. Recommended Action Check air-flow, fan trays, and make sure that chassis is well-cooled. Manually boot up the node once the chassis has been checked. Error Message %PLATFORM-SHELFMGR-3-SHUTDOWN Node [chars] is shutdown due to a critical alarm Explanation This message indicates that the node will be brought down because a critical environmental alarm occured. Recommended Action Check air-flow, fan trays, and make sure that chassis is well-cooled. Manually boot up the node once the chassis has been checked. Error Message %PLATFORM-SHELFMGR-3-SHUTDOWN Node [chars] is shutdown due to a critical alarm Explanation This message indicates that the node will be brought down because a critical environmental alarm occured. Recommended Action Check air-flow, fan trays, and make sure that chassis is well-cooled. Manually boot up the node once the chassis has been checked. Error Message %PLATFORM-SHELFMGR-3-SHUTDOWN_RESET Node [chars] is reset due to admin shut/no shut request Explanation This message indicates that the node will be reset because user has administratively ’shutdown’ or ’no shutdown’ the node. Recommended Action No action is required. Platform Messages SHELFMGR Messages EM-1962 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-SHUTDOWN_RESET Node [chars] is reset due to admin shut/no shut request Explanation This message indicates that the node will be reset because user has administratively ’shutdown’ or ’no shutdown’ the node. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-SHUTDOWN_RESET Node [chars] is reset due to admin shut/no shut request Explanation This message indicates that the node will be reset because user has administratively ’shutdown’ or ’no shutdown’ the node. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-3-STATE_MSG_DELAY Excessive node state message transmit time detected. [chars] Seq: [dec], Queue Delay: [dec] sec, Transmit Delay: [dec] sec Explanation The system has detected a possible performance issue causing a delay in shelf management operations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-UNEXPECTED_EXIT Warning: [chars] exits, exit reason is [chars]([hex]) Explanation This message indicates that the Shelf Manager or Platform Manager encountered a critical system(OS) error. It will exit right away. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1963 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-UNEXPECTED_EXIT Warning: [chars] exits, exit reason is [chars]([hex]) Explanation This message indicates that the Shelf Manager or Platform Manager encountered a critical system(OS) error. It will exit right away. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-UNKNOWN_BOARD Boot request from node [chars] contains invalid board type, This board is being shutdown Explanation This message indicates that the board type cannot be recognized, therefore, the node will not be able to boot up. This usually caused by an invalid eeprom content. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-UNKNOWN_BOARD Boot request from node [chars] contains invalid board type, This board is being shutdown Explanation This message indicates that the board type cannot be recognized, therefore, the node will not be able to boot up. This usually caused by an invalid eeprom content. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHELFMGR-3-UNKNOWN_BOARD Boot request from node [chars] contains invalid board type, This board is being shutdown Explanation This message indicates that the board type cannot be recognized, therefore, the node will not be able to boot up. This usually caused by an invalid eeprom content. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SHELFMGR Messages EM-1964 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-3-UNKNOWN_SLOT Detected an unknown slot: [dec] Explanation When deciding whether the slot belongs to the RP or not (in dual mode), an unknown slot (number) was detected’ Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-4-CMDLINE_BOOT_OVERRIDE_ENABLED Command line boot override to permit RPs with ROMMON 1.19x to boot as the standby has been enabled Explanation This is a warning message to indicate that using ’-o override’ option while booting the image, the operator will override the default IOS XR behavior which blocks the RP with ROMMON version v1.19x from coming up as the standby. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Error Message %PLATFORM-SHELFMGR-4-CMDLINE_BOOT_OVERRIDE_ENABLED Command line boot override to permit RPs with ROMMON 1.19x to boot as the standby has been enabled Explanation This is a warning message to indicate that using ’-o override’ option while booting the image, the operator will override the default IOS XR behavior which blocks the RP with ROMMON version v1.19x from coming up as the standby. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Error Message %PLATFORM-SHELFMGR-4-CMDLINE_BOOT_OVERRIDE_ENABLED Command line boot override to permit RPs with ROMMON 1.19x to boot as the standby has been enabled Explanation This is a warning message to indicate that using ’-o override’ option while booting the image, the operator will override the default IOS XR behavior which blocks the RP with ROMMON version v1.19x from coming up as the standby. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Error Message %PLATFORM-SHELFMGR-4-EMPTY_SERIAL_BOOT_OVERRIDE WARNING !!! WARNING !!! Received boot request from a RP with an empty rack serial number. Permitting RP to boot due to [chars] override. Please upgrade RP ROMMON to latest recommended version Explanation This informational message informs the user that the Shelfmgr discovered an empty serial number due to an older ROMMON format, but it will allow the RP to boot because the operator had configured to override the restriction of disallow booting a RP with empty serial number. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Platform Messages SHELFMGR Messages EM-1965 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-4-EMPTY_SERIAL_BOOT_OVERRIDE WARNING !!! WARNING !!! Received boot request from a RP with an empty rack serial number. Permitting RP to boot due to [chars] override. Please upgrade RP ROMMON to latest recommended version Explanation This informational message informs the user that the Shelfmgr discovered an empty serial number due to an older ROMMON format, but it will allow the RP to boot because the operator had configured to override the restriction of disallow booting a RP with empty serial number. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Error Message %PLATFORM-SHELFMGR-4-EMPTY_SERIAL_BOOT_OVERRIDE WARNING !!! WARNING !!! Received boot request from a RP with an empty rack serial number. Permitting RP to boot due to [chars] override. Please upgrade RP ROMMON to latest recommended version Explanation This informational message informs the user that the Shelfmgr discovered an empty serial number due to an older ROMMON format, but it will allow the RP to boot because the operator had configured to override the restriction of disallow booting a RP with empty serial number. Recommended Action Please upgrade the booting RP to the latest recommended ROMMON. Error Message %PLATFORM-SHELFMGR-4-SHUTDOWN_REQUEST process [chars] running on [chars] requested node [chars] be shutdown. reason: [[chars]] Explanation The reason should be supplied in the IOS msg itself, but basically this msg means that shelfmgr is shutting down a node because a process specifically requested it. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-4-WARM_RLD_FAILED Receive [chars] from [chars], while waiting for MBI_HELLO_WARM Explanation Card seems to have been cold reloaded after an attempt to warm reload the card. Recommended Action Capture the shelfmgr log and use the ’show shelfmgr trace’ CLI in admin-mode to fetch debug information. Also capture sysmgr_nv.log from LC. Error Message %PLATFORM-SHELFMGR-4-WARM_RLD_FAILED Receive [chars] from [chars], while waiting for MBI_HELLO_WARM Explanation Card seems to have been cold reloaded after an attempt to warm reload the card. Recommended Action Capture the shelfmgr log and use the ’show shelfmgr trace’ CLI in admin-mode to fetch debug information. Also capture sysmgr_nv.log from LC. Platform Messages SHELFMGR Messages EM-1966 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-4-WARM_RLD_FAILED Receive [chars] from [chars], while waiting for MBI_HELLO_WARM Explanation Card seems to have been cold reloaded after an attempt to warm reload the card. Recommended Action Capture the shelfmgr log and use the ’show shelfmgr trace’ CLI in admin-mode to fetch debug information. Also capture sysmgr_nv.log from LC. Error Message %PLATFORM-SHELFMGR-6-ABORT Shelfmgr Software Error: [chars] Explanation An unexpected software event has caused the shelfmgr process to restart. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-BOOTREQ_MAX BOOT_REQUEST count limit reached on slot: [chars] Explanation If the node sends the maximum number of boot requests without actually being booted, it will be powercycled Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NO_PLIM Can not power on node [chars] due to absence of PLIM Explanation This message informs the user that the linecard will not be powered on because there is no PLIM inserted. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NO_PLIM Can not power on node [chars] due to absence of PLIM Explanation This message informs the user that the linecard will not be powered on because there is no PLIM inserted. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NO_PLIM Can not power on node [chars] due to absence of PLIM Explanation This message informs the user that the linecard will not be powered on because there is no PLIM inserted. Recommended Action No action is required. Platform Messages SHELFMGR Messages EM-1967 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-6-NODE_DISCOVERY Node State Discovery complete Explanation Shelf Manager node discovery complete. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NODE_NORESET Node [chars] is in NMON state, Cancel reset request Explanation This message indicates that the reset request caused by a critical alarm or heartbeat loss will not take effect because the node is being put in NMON state. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NODE_NORESET Node [chars] is in NMON state, Cancel reset request Explanation This message indicates that the reset request caused by a critical alarm or heartbeat loss will not take effect because the node is being put in NMON state. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NODE_NORESET Node [chars] is in NMON state, Cancel reset request Explanation This message indicates that the reset request caused by a critical alarm or heartbeat loss will not take effect because the node is being put in NMON state. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NODE_STATE_CHANGE [chars] card type:[dec] nstate:[chars] Explanation Card state transition occurred. Recommended Action No action is required. Platform Messages SHELFMGR Messages EM-1968 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-6-NOREASON_RESET Node [chars] is reset due to UNKNOWN reason Explanation This message indicates that the node has been reset but the cause is unknown. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NOREASON_RESET Node [chars] is reset due to UNKNOWN reason Explanation This message indicates that the node has been reset but the cause is unknown. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-NOREASON_RESET Node [chars] is reset due to UNKNOWN reason [[dec]] Explanation This message indicates that the node has been reset but the cause is unknown. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-SYSTEM_COLD_START System cold start detected. Resetting Line Cards. Explanation The system is recovering either from a cold restart situation or a state where no valid shelf controller cards were available. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-USER_RESET Node [chars] is reset due to user reload request Explanation This message indicates that the node will be reset because user has requested to reload the node. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-USER_RESET Node [chars] is reset due to user reload request Explanation This message indicates that the node will be reset because user has requested to reload the node. Recommended Action No action is required. Platform Messages SHELFMGR Messages EM-1969 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-6-USER_RESET Node [chars] is reset due to user reload request Explanation This message indicates that the node will be reset because user has requested to reload the node. Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-6-WARM_RLD_JUMP Receive MBI_HELLO_ENA from [chars] at [WARM-RLD], status jumped to IOX-RUN Explanation Card comes up without MBI_HELLO or MBI_HELLO_WARM, need to check warm-reload is really done successfully. Recommended Action Initiate ’show warm-reload detail location loc’ and check Successful Attempts variables. If one of them is not zero, warm-reload is succeeded. Else, capture the shelfmgr log and use the ’show shelfmgr trace’ CLI in admin-mode to fetch debug information. Also capture sysmgr.log and sysmgr_nv.log from LC. Error Message %PLATFORM-SHELFMGR-6-WARM_RLD_JUMP Receive MBI_HELLO_ENA from [chars] at [WARM-RLD], status jumped to IOX-RUN Explanation Card comes up without MBI_HELLO or MBI_HELLO_WARM, need to check warm-reload is really done successfully. Recommended Action Initiate ’show warm-reload detail location loc’ and check Successful Attempts variables. If one of them is not zero, warm-reload is succeeded. Else, capture the shelfmgr log and use the ’show shelfmgr trace’ CLI in admin-mode to fetch debug information. Also capture sysmgr.log and sysmgr_nv.log from LC. Error Message %PLATFORM-SHELFMGR-6-WARM_RLD_JUMP Receive MBI_HELLO_ENA from [chars] at [WARM-RLD], status jumped to IOX-RUN Explanation Card comes up without MBI_HELLO or MBI_HELLO_WARM, need to check warm-reload is really done successfully. Recommended Action Initiate ’show warm-reload detail location loc’ and check Successful Attempts variables. If one of them is not zero, warm-reload is succeeded. Else, capture the shelfmgr log and use the ’show shelfmgr trace’ CLI in admin-mode to fetch debug information. Also capture sysmgr.log and sysmgr_nv.log from LC. Platform Messages SHELFMGR Messages EM-1970 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SHELFMGR-7-WARM_RLD_FO Receive MBI_HELLO_WARM from [chars] at [Present], LC seems to be under warm-reload Explanation Card seems warm reloaded successfully Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-7-WARM_RLD_FO Receive MBI_HELLO_WARM from [chars] at [Present], LC seems to be under warm-reload Explanation Card seems warm reloaded successfully Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-7-WARM_RLD_FO Receive MBI_HELLO_WARM from [chars] at [Present], LC seems to be under warm-reload Explanation Card seems warm reloaded successfully Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-7-WARM_RLD_OK Receive MBI_HELLO_WARM from [chars], new processes are coming up Explanation Card seems warm reloaded successfully Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-7-WARM_RLD_OK Receive MBI_HELLO_WARM from [chars], new processes are coming up Explanation Card seems warm reloaded successfully Recommended Action No action is required. Error Message %PLATFORM-SHELFMGR-7-WARM_RLD_OK Receive MBI_HELLO_WARM from [chars], new processes are coming up Explanation Card seems warm reloaded successfully Recommended Action No action is required.Platform Messages SHOW_VERSION_CMD Messages EM-1971 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SHOW_VERSION_CMD Messages Error Message %PLATFORM-SHOW_VERSION_CMD-7-IFMGR_BIND A Version Manager CLI command was unable to bind to the interface infrastructure, due to error [chars]. Explanation A Version Manager CLI command was unable to bind to the interface infrastructuree from which it obtains information. The command will not contain all expected information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SHOW_VERSION_CMD-7-SYSDB_BIND A Version Manager CLI command was unable to bind to the system database, due to error [chars]. Explanation A Version Manager CLI command was unable to bind to the system database from which it obtains information. The command will not contain all expected information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SIMMUX_QAD_SERVER Messages Error Message %PLATFORM-SIMMUX_QAD_SERVER-3-ERR_DLL_INIT Dll Initialization for [chars] failed. Reason: [chars] Explanation SIMMUX Qad Server tried to load a dll but it encountered an error. QAD queues will not be functional. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_QAD_SERVER-3-ERR_INIT [chars], with code([dec]) [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SIMMUX_QAD_SERVER Messages EM-1972 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SIMMUX_QAD_SERVER-3-ERR_INIT_QUEUE Cannot find QAD queue ’[chars]’ for [chars]. Explanation The SIMMUX QAD server cannot find the named QAD queue. System will not be functional if this happens. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_QAD_SERVER-3-PCI_CONFIGURATION Incorrect PCI configuration: [chars]: [dec] Explanation Incorrect PCI configuration or a problem with the hardware prevents Simmux from accessing the simulated mux device(s) Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_QAD_SERVER-4-ERR_PACKET_DROP_BAD_PKT Unexpected source for QAD queue packet. Source rack: [dec] slot: [dec] app: [dec] Explanation SIMMUX QAD server is having problems processing a packet after retrying a few times. The packet will be dropped. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_QAD_SERVER-4-ERR_PACKET_DROP_QAD Unable to send packet to QAD queue [dec]. Reason: [chars] Explanation SIMMUX QAD server is having problems processing a packet after retrying a few times. The packet will be dropped. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SIMMUX_SERVER Messages EM-1973 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SIMMUX_QAD_SERVER-4-ERR_PACKET_DROP_SEND Unable to send packet to fabric queue. Reason: [chars] Explanation SIMMUX QAD server is having problems processing a packet after retrying a few times. The packet will be dropped. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_QAD_SERVER-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation SIMMUX Server Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_QAD_SERVER-7-ERR_PACKET_SEND Error sending packet to [chars] (retry [dec]) with code([dec]) : [chars] Explanation Internal Error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SIMMUX_SERVER Messages Error Message %PLATFORM-SIMMUX_SERVER-3-ERR_INIT [chars], Reason: [chars]. Exiting. Explanation The SIMMUX server encountered a fatal error and is not able to recover from the error. A reason text will be supplied; please provide this text when calling Cisco support. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SIMMUX_SERVER Messages EM-1974 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SIMMUX_SERVER-3-ERR_SHM_SIZE Size of shm must be less than 0x0080000. It is [hex] Explanation SIMMUX Server shared memory segment is larger than allowed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_SERVER-3-FAULT_REPORT_FAILURE Cannot report CRITICAL fault ([chars]) to PM fault manager Explanation SIMMUX Server attempted to report a critical fault and was unable to log the message with the fault manager. The message text is supplied. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_SERVER-3-PCI_CONFIGURATION Incorrect PCI configuration: [chars]: [dec] Explanation Incorrect PCI configuration or a problem with the hardware prevents Simmux from accessing the simulated mux device(s) Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_SERVER-7-ERR_BAG_REG Bag register failed for rules. Reason: [chars] Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SIMMUX_SERVER Messages EM-1975 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SIMMUX_SERVER-7-ERR_DLL_INIT Dll Initialization for [chars] failed. Reason: [chars] Explanation SIMMUX Server tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_SERVER-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation SIMMUX Server Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_SERVER-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation SIMMUX Server Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SIMMUX_SERVER-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation SIMMUX Server Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SPA_JBI Messages EM-1976 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SIMMUX_SERVER-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Reason: [chars] Explanation SIMMUX Server Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SPA_JBI Messages Error Message %PLATFORM-SPA_JBI-3-ERROR JBI-Err: [chars] Explanation This is an error message from the altera JTAG player, it indicates that something has gone wrong with FPGA programming. Recommended Action File a DDTS Error Message %PLATFORM-SPA_JBI-6-INFO JBI-Info: [chars] Explanation This is an informational message from the altera JTAG player Recommended Action *RECUR* Error Message %PLATFORM-SPA_JBI-7-DEBUG JBI-Debug: [chars] Explanation This is a debuging message from the altera JTAG player Recommended Action *NONE* SPENET Messages Error Message %PLATFORM-SPENET-7-ERR_DEBUG [chars] Explanation Internal error while receiving a packet over the control network on to the service processor. Error is harmless if only one or two are seen. If seen in a persistent manner, call support. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Platform Messages SPMCE Messages EM-1977 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SPENET-7-ERR_DEBUG [chars] Explanation Internal error while receiving a packet over the control network on to the service processor. Error is harmless if only one or two are seen. If seen in a persistent manner, call support. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ SPMCE Messages Error Message %PLATFORM-SPMCE-0-ECC_REBOOT Excessive [chars] errors in last hour: [dec]. Node reboot scheduled Explanation Large numbers of single bit ECC errors have been detected on the sp node in the past hour. The node will be rebooted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SPMCE-3-ERR_KD_MMAP [chars]: Failed to mmap to Kernel dumper information in syspage, error: [chars]. Explanation Failed to mmap to Kernel dumper information in syspages. Recommended Action This is a critical error which will cause process to restart for error recovery. Collect the syslog or console log. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SPMCE-3-ERR_SET_REBOOT_CAUSE [chars]: Failed to set reboot cause into syspage, error: [chars]. Explanation The failure on setting reboot cause to syspage before performing Kernel Dump. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SPWD Messages EM-1978 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SPMCE-6-HOURLY_COUNTS Hourly summary of ECC errors : single bit ECC errors: [dec] Explanation If SBE errors are detected, the IOS message prints the number of SBEs seen in the last hour. Recommended Action Contact support if this message is seen more than once a day. SPWD Messages Error Message %PLATFORM-SPWD-0-ECC_REBOOT Excessive [chars] errors in last hour: [dec]. Node reboot scheduled Explanation Large numbers of single or mulitple bit ECC errors have been detected on the sp node in the past hour. The node will be rebooted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SPWD-0-MACHINE_CHECK_REBOOT Excessive machine checks in last hour: [dec]. Node reboot scheduled Explanation The sp cpu has received an excessive number of machine check exceptions. The node will be rebooted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SPWD-0-MISSED_WATCHDOG_REBOOT Multiple watchdog misses in last hour: [dec]. Node reboot scheduled Explanation The sp cpu has failed to service the hardware watchdog timer multiple times in the last hour. The node will be rebooted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages SQUID_LOADER Messages EM-1979 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SPWD-4-MACHINE_CHECK Current counts: machine checks: [dec], single bit ECC [dec], multibit ECC [dec], missed watchdogs: [dec]. Cumulative counts: machine checks: [dec], single bit ECC [dec], multibit ECC: [dec], watchdogs: [dec] Explanation The sp cpu has received a machine check exception. This can be due because the software has failed to service the watchdog timer, or because of excessive ECC errors. Recommended Action Examine the error counts for indications as to the cause of the machine check. Excessive machine checks will cause the sp to reset. Error Message %PLATFORM-SPWD-6-HOURLY_COUNTS Hourly summary of watchdog counts: watchdog misses: [dec], single bit ECC errors: [dec], multiple bit ECC errors: [dec], machine check count: [dec]. Explanation If the watchdog process detects a missed watchdog, single or multiple bit ecc error, or a machine check exception in the last hour, this message and a summary of error counts is printed. Recommended Action Contact support if this message is seen more than once a day. SQUID_LOADER Messages Error Message %PLATFORM-SQUID_LOADER-5-progress [chars] [chars] Explanation Output progress to RP console. Recommended Action No action is required.. STP_SHIM Messages Error Message %PLATFORM-STP_SHIM-6-LINK_STATE_CHANGE Spanning Tree Port [chars] state changed to [chars] Explanation Spanning Tree Port’s state change indication. Recommended Action No action is required. Platform Messages STP_SHIM Messages EM-1980 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-STP_SHIM-6-LINK_STATE_CHANGE Spanning Tree Port [chars] state changed to [chars] Explanation Spanning Tree Port’s state change indication. Recommended Action No action is required. Error Message %PLATFORM-STP_SHIM-6-LOGGING_DEVICE [chars] will be used for storing control ethernet logs. Current logs are under [chars] directory and older logs are under [chars] directory. Explanation This is an informational message to indicate the location of for bcm.log, stp.log and stp_shim.log are. Recommended Action Do nothing Error Message %PLATFORM-STP_SHIM-6-LOGGING_DEVICE [chars] will be used for storing control ethernet logs. Current logs are under [chars] directory and older logs are under [chars] directory. Explanation This is an informational message to indicate the location of for bcm.log, stp.log and stp_shim.log are. Recommended Action Do nothing Error Message %PLATFORM-STP_SHIM-7-COPY_FAILED Copying of log file to [chars] failed. err equals [dec], status equals [dec]. Restarting to recover. Explanation This is an informational message to indicate that copying a log file to the storage device indicated has failed. This could be because the device was being formatted. The process will restart to recover. Recommended Action Do nothing Error Message %PLATFORM-STP_SHIM-7-COPY_FAILED Copying of log file to [chars] failed. err equals [dec], status equals [dec]. Restarting to recover. Explanation This is an informational message to indicate that copying a log file to the storage device indicated has failed. This could be because the device was being formatted. The process will restart to recover. Recommended Action Do nothing Platform Messages STP_SHIM Messages EM-1981 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-STP_SHIM-7-DRV_ERR [chars], [dec] Explanation Error condition from switch driver which may affect spanning tree operation on control ethernet. Normally spanning tree can tolerate a few of these errors as long as the driver comes back to a good state. Large number of these messages can indicate bad health of control-ethernet. Recommended Action Check if the switch driver process ’bcm_process’ is up and running. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-STP_SHIM-7-DRV_ERR [chars], [dec] Explanation Error condition from switch driver which may affect spanning tree operation on control ethernet. Normally spanning tree can tolerate a few of these errors as long as the driver comes back to a good state. Large number of these messages can indicate bad health of control-ethernet. Recommended Action Check if the switch driver process ’bcm_process’ is up and running. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-STP_SHIM-7-NO_STORAGE_DEVICE_FOUND Copying of log files to persistent storage is suspended because no persistent storage device (harddisk/PCMCIA disk) found Explanation The service that copies /tmp/bcm.log and /tmp/stp.log to persistent storage, did not find any of harddisk, disk0, disk1 or bootflash available Recommended Action See if any of harddisk, disk0, disk1 or bootflash are accessible on the RP. If they are accessible, restart bcm_logger. Error Message %PLATFORM-STP_SHIM-7-NO_STORAGE_DEVICE_FOUND Copying of log files to persistent storage is suspended because no persistent storage device (harddisk/PCMCIA disk) found Explanation The service that copies /tmp/bcm.log and /tmp/stp.log to persistent storage, did not find any of harddisk, disk0, disk1 or bootflash available Recommended Action See if any of harddisk, disk0, disk1 or bootflash are accessible on the RP. If they are accessible, restart bcm_logger.Platform Messages SYSLDR_LC Messages EM-1982 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SYSLDR_LC Messages Error Message %PLATFORM-SYSLDR_LC-2-NODE_RELOAD Reload notification received. Reloading in [dec] secs Explanation Message indicating that the kAA on the card has received a reload notification from sysldr for powering off the card and the card is going to reload soon. card state is IOX_RUNNING Recommended Action Sysldr log needs to be looked into to investigate on the node reload cause. As, sysldr requests to reload the card for various reasons. Error Message %PLATFORM-SYSLDR_LC-2-NODE_RELOAD_NOW Calling reboot ([chars]) Explanation Message indicating that the node has received a reload notification and the node is going to reload soon. This message is logged after the delay over since the NODE_RELOAD message is logged. Recommended Action Sysldr log needs to be looked into to investigate on the node reload cause. As, sysldr requests to reload the card for various reasons. Error Message %PLATFORM-SYSLDR_LC-3-FATAL [chars] Explanation A fatal error was encountered, and the program exited. Error in thread creation for mbi-hello process. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR_LC-6-LTRACE_INIT_ERR Failed to initialize ltrace buffer in [chars]. Error: [chars] Explanation Ltrace buffer will not be available. Debuggability will be reduced because of lacking of ltrace buffer. Recommended Action This indicates a low memory condition. Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Error Message %PLATFORM-SYSLDR_LC-7-ERR_MSG_SEND msg_send failed to server : [chars] Explanation Call failed to send message to MBI-Hello LWM server. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Platform Messages SYSLDR_RP Messages EM-1983 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR_LC-7-ERR_SERVER_CONNECT Failed to connect to server : [chars] Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not set up. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-SYSLDR_LC-7-TIMER_TIMEOUT Timer timed out from server : [chars] Explanation Timer timed out between the MBI client and server, perhaps because the communications infrastructure is not set up. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-SYSLDR_LC-7-TIMER_TIMEOUT_MDR Timeout is ignored due to Warm Reload Explanation Ping request is not received from RP. It’s not normal but expected under Warm Reload situation. Only when Warm Relad fails, please collect information. Recommended Action If Warm Reload fails, please collect admin show sysldr warm-reload Error Message %PLATFORM-SYSLDR_LC-7-WARNING [chars] Explanation KAA process failed to collect the Fabric ping diagnostic date. Recommended Action No action is required. SYSLDR_RP Messages Error Message %PLATFORM-SYSLDR_RP-1-NODE_RELOAD_NOW Calling reboot ([chars]) Explanation Message indicating that the PRP has received a reload notification and it is going to be reloaded soon. This message is logged after the delay over since the NODE_RELOAD message is logged. Recommended Action Sysldr log needs to be looked into to investigate on the node reload cause. As, sysldr requests to reload the card for various reasons. Platform Messages SYSLDR_RP Messages EM-1984 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR_RP-2-NODE_RELOAD Reload notification received. Reloading in [dec] secs Explanation Message indicating that the mbi-hello on the standby PRP has received a reload notification from sysldr for powering off the card and the card is going to reload soon. The card is in MBI-RUNNING state. Recommended Action Sysldr log needs to be looked into to investigate on the node reload cause. As, sysldr requests to reload the card for various reasons. Error Message %PLATFORM-SYSLDR_RP-6-LTRACE_INIT_ERR Failed to initialize ltrace buffer in [chars]. Error: [chars] Explanation Ltrace buffer will not be available. Debuggability will be reduced because of lacking of ltrace buffer. Recommended Action This indicates a low memory condition. Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Error Message %PLATFORM-SYSLDR_RP-7-ERR_MSG_SEND msg_send failed to server : [chars] Explanation A communication problem occurred between the MBI client and server. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-SYSLDR_RP-7-ERR_SERVER_CONNECT Failed to connect to MBI ping server : [chars] Explanation A communication problem occurred between the MBI client and server, perhaps because the communications infrastructure is not set up. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-SYSLDR_RP-7-FATAL [chars] Explanation A fatal error was encountered, for mbi-hello process on standby RP and the program exited. Recommended Action No action is required. Platform Messages SYSLDR Messages EM-1985 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR_RP-7-TIMER_TIMEOUT Timer timed out from MBI ping server : [chars] Explanation Timer timed out between the MBI client and server, perhaps because the communications infrastructure is not set up. The MBI operation in progress will not be carried out. Recommended Action The debug ping to mbi-hello process, should be retried using lwm_ping on the K-shell of the card. Error Message %PLATFORM-SYSLDR_RP-7-WARNING [chars] Explanation Unexpected low severity problem. Recommended Action No action is required. SYSLDR Messages Error Message %PLATFORM-SYSLDR-1-PING_FAILURE slot [dec]: ping failure using the fabric connection, last sequence# tx equals [unsigned int], rx equals [unsigned int] Explanation Fabric ping is failed for the specified card. The card was OK for a while, but then failed to reply to fabric pings. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-1-PING_FAILURE_BOOT slot [dec]: timeout waiting for initial ping using the fabric connection, last tx sequence# equals [unsigned int] Explanation Following boot, the card never succeeded in replying to fabric pings. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-1-SELF_PING_DISABLED Failed self-ping for a sustained period. Local connection to fabric must be down. auto-reset disabled by user config, so no action will be taken. Explanation Self fabric ping has failed, which indicates a problem a local problem sending or receiving from the fabric. Gather the logs. Also issue the ’show tech shelf’ command in admin mode and collect the resulting file. Call your Cisco technical support representative and provide the representative with the gathered information. Recommended Action No action is required. Platform Messages SYSLDR Messages EM-1986 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-1-SELF_PING_FAILURE slot [dec]: self ping failure using the fabric connection, last sequence# tx equals [unsigned int], rx equals [unsigned int] Explanation Self fabric ping is failed for the active RP. The chassis will be reloaded with non redundant RP chassis or the failover will happen with the redundant RP chassis. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-1-SELF_PING_FAILURE_BOOT slot [dec]: timeout waiting for initial self ping using the fabric connection, last tx sequence# equals [unsigned int] Explanation The card never succeeded in sending fabric pings to itself. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-2-CRITICAL slot[dec]: [chars] Explanation sysldr encountered an critical error condition. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-2-FABRIC_DOWN slot [dec]: fabric connection is down. Reloading. Explanation Fabric ping failure for the card, which was in IOX-RUNNING state. Card network is non-responsiveness. Recommended Action This indicates a problem in qnet communication. A user can try ’hardware-module slot’ once to retry loading of the card, for reconnection of the fabric ping. Error Message %PLATFORM-SYSLDR-2-MBI_FABRIC_DOWN slot [dec]: fabric connection to MBI is down. Reloading. Explanation Fabric ping failure for the card, which was in MBI-RUNNING state. Recommended Action This indicates a problem in MBI communication. A user can try ’hardware-module slot’ once to retry loading of the card, for reconnection of the fabric ping. Platform Messages SYSLDR Messages EM-1987 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-2-MBI_NOLOAD slot [dec]: MBI cannot load IOX, retrying by reloading Explanation It is inability of MBI to boot a node’s full image. Recommended Action This indicates a problem in communication or installation. Tech support should be contacted. Several attempts will be made to retry the image loading, and then the card will be put in the ’reset’ state after too many failures. Error Message %PLATFORM-SYSLDR-3-BANDWIDTH_SHUTDOWN Fabric bandwidth change: Shutting down card in slot [dec] Explanation Loss or OIR of one or more fabric cards has led to the card being shut down Recommended Action Inspect the SFC and CSC cards. Error Message %PLATFORM-SYSLDR-3-ENVMON_SHUTDOWN Shutting down card in slot [dec], ordered by Envmon. Explanation Volatile shutdown was ordered by Envmon because environmental problems (with temperature, voltage, power etc) were detected. Recommended Action Investigate the problems reported by Envmon and correct them. After they are corrected, reload the LC using the ’hardware-module reload’ command. Error Message %PLATFORM-SYSLDR-3-ERROR slot[dec]: [chars], errno equals [dec] Explanation For displaying sysldr debugging information with an errno. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-3-ERROR2 [chars] ([chars]) Explanation For displaying sysldr debugging information with error string. Recommended Action No action is required. Platform Messages SYSLDR Messages EM-1988 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-3-FABRIC_DOWN_WARN slot [dec]: fabric connection down. Please investigate the cause Explanation The card network is non-responsiveness and the fabric ping is failed. The card is not reloaded because of ’service sysldr fabric-ping warn’ configuration. This indicates a problem in qnet communicaton. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-3-FIELD_DIAG_ERROR slot equals [dec], [chars]: [chars] Explanation Field diagnostic binary image download errors. Recommended Action Initiate the diagnostic again using the ’admin diag’ CLI and capture the sysldr log. Error Message %PLATFORM-SYSLDR-3-FW_NOTFOUND Unable to locate mbus firmware file Explanation mbus firmware (aka ’ucode’) file cannot be found Recommended Action Obtain sysldr-rp software upgrade. Error Message %PLATFORM-SYSLDR-3-HARD_FAILURE Hardware error on slot [dec] - stopping Explanation Card is shutdown due to persistent hardware errors. Recommended Action Notify your customer support representative. Error Message %PLATFORM-SYSLDR-3-LOW_LC_MEM slot [dec]: [dec]M present, min [dec]M, [chars]LC not loaded Explanation For indicating insufficient LC CPU (ie. dram) memory Recommended Action Upgrade the amount of CPU (dram) memory on the LC. Platform Messages SYSLDR Messages EM-1989 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-3-MALFUNCTION_SHUTDOWN Shutting down card in slot [dec], card is malfunctioning. Explanation Volatile shutdown was ordered by FCTL because card is malfunctioning. Recommended Action Investigate the reason for malfunctioning and correct the problem. After they problem is corrected, reload the LC using the ’hardware-module reload’ command. Error Message %PLATFORM-SYSLDR-3-MANY_RESTARTS slot [dec]: too many reload attempts - stopping Explanation For indicating too many restarts problem. Recommended Action Ensure that the affected LC is supported. If so, this indicates a problem, and tech support should be contacted. A user could try ’hardware-module slot’ once to retry loading of the LC. Error Message %PLATFORM-SYSLDR-3-MBUS_PING_WARN slot [dec]: CPU not responding, last sequence# [dec], please investigate the cause. Explanation For displaying notification of LC software non-responsiveness. The slot is not reloaded because of the ’service sysldr mbus-ping warn’ configuration. Recommended Action This indicates a problem in communication w/ the card’s CPU via MBUS. A user can try ’hardware-module slot’ once to retry loading of the card. Error Message %PLATFORM-SYSLDR-3-NOT_RESPONDING slot [dec]: [chars] CPU not responding, last sequence# [dec], reloading Explanation For displaying notification of card software non-responsiveness. Recommended Action This indicates a problem in communication w/ the card’s CPU via MBUS. A user can try ’hardware-module slot’ once to retry loading of the card. Error Message %PLATFORM-SYSLDR-3-SHUTDOWN Shutting down card in slot [dec], shutdown configured. Explanation Shutdown was configured using the ’hw-module shut’ command. Recommended Action Ensure the shutdown was expected. Platform Messages SYSLDR Messages EM-1990 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-3-TOO_LARGE slot [dec]: LC image too large, not loading Explanation For displaying notification of LC image being to large to download. Recommended Action Obtain a properly built image set. Error Message %PLATFORM-SYSLDR-3-UNKNOWN_MOD slot equals [dec] mod equals [dec] [chars] Explanation an unexpected moudle in LC sent the reply to sysldr. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-3-UNPOWER Powering Off card in slot [dec], power-down configured. Explanation power off was configured using the ’hw-module power disable’ command. Recommended Action Ensure the power off was expected. Error Message %PLATFORM-SYSLDR-3-VOL_SHUTDOWN Shutting down card in slot [dec], ordered by Envmon/FCTL/PSARB Explanation Card is shut down by Envmon or FCTL or Psarb. It is Volatile shutdown. Please use ’hardware-module reload ..’ to bring the card back. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-3-WARM_RLD_NOT_INITIATED slot[dec]: warm reload not initiated by sysmgr ([chars]) Explanation The card WARM reload request to sysmgr returned an error Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-4-DOWN_REV slot [dec]: [chars] is down-rev (V[dec].[dec]), suggest upgrade to (V[dec].[dec]), [chars] Explanation For displaying down-rev notification. Recommended Action Ensure that upgrade instructions are followed properly Platform Messages SYSLDR Messages EM-1991 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-4-ERR [chars] ([chars]) Explanation For displaying sysldr debugging information with an errno string. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-4-MBUS_FW slot [dec]: unsupported mbus fw v[dec].[dec] found, replacing ... Explanation Found an unsupported mbus firmware version running. Recommended Action No action required. To prevent, do not run IOS images prior. Error Message %PLATFORM-SYSLDR-4-MBUS_IN_ROM slot [dec]: mbus agent in ROM, downloading RAM mbus fw v[dec].[dec] ... Explanation Make sure to keep mbus agent running from RAM fw image Recommended Action No action required. To prevent, do not run IOS images prior. Error Message %PLATFORM-SYSLDR-4-NO_AUTO_RESET slot [dec]: card failed, auto-reset disabled, needs ’hardware-module location r/s/i reload’ Explanation Warning a user that a card has failed while they have disabled auto-reset. Recommended Action If auto-reset disable was not intended, it should be unconfigured. ’hardware-module reload’ will get a card out of the terminal UNMONITORED state. Error Message %PLATFORM-SYSLDR-4-NO_RELOAD_SIM_OIR slot [dec]: LC failed, simulated OIR has been requested - LC is now admin-down Explanation Warning a user that a card has failed while they have turned on ’simulated-OIR’ Recommended Action If similated OIR was not intended, it should be unset. ’hardware-module reload’ will get a card out of the ADMIN-DOWN state that this triggers. Error Message %PLATFORM-SYSLDR-4-SPA_WARNING slot[dec]: [chars] Explanation Unexpected low severity problem. Recommended Action No action is required. Platform Messages SYSLDR Messages EM-1992 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-4-UNSUPPORTED slot [dec]: LC type currently unsupported Explanation For displaying notification of software non-support. Recommended Action Ensure that the affected LC is supported. If so, this indicates a problem, and tech support should be contacted. A user could try ’hardware-module slot’ once to retry loading of the LC. Error Message %PLATFORM-SYSLDR-4-WARM_RLD_FAILED Receive DOWNLOAD_SUCCESS from slot [dec], while waiting for DOWNLOAD_SUCCESS_WARM Explanation Card seems to have been cold reloaded after an attempt to warm reload the card. Recommended Action Capture the sysldr log and use the ’show sysldr trace warm-reload’ CLI in admin-mode to fetch debug information. Also capture sysmgr_nv.log from LC. Error Message %PLATFORM-SYSLDR-4-WARN_LC_MEM slot [dec]: [dec]M present, recommend [dec]M memory Explanation For indicating possibly insufficient LC CPU (ie. dram) memory Recommended Action Upgrade the amount of CPU (dram) memory on the LC. Error Message %PLATFORM-SYSLDR-4-WARN2 [chars] Explanation Unexpected low severity problem. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-5-BANDWIDTH Fabric bandwidth change: [chars] Explanation Failure/recovery/OIR of one or more SFC’s or CSC’s Recommended Action Verify that the desired fabric bandwidth is being used. Error Message %PLATFORM-SYSLDR-5-BANDWIDTH_RESTART Fabric bandwidth change: Restarting card in slot [dec] Explanation Restoration or OIR of fabric bandwidth has allowed a card to be restarted Recommended Action Celebrate. Platform Messages SYSLDR Messages EM-1993 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-5-DRP_DISABLED DRP in slot [dec] is now disabled, reloading Explanation The RP is going to bring down from IOX running state because keep alive message ping is not received to sysldr. Recommended Action Ensure that the disabling of this DRP was expected. Error Message %PLATFORM-SYSLDR-5-JOIN Joined slot [dec] - already running IOX-LC Explanation LC join notification because of sysldr restarted. Recommended Action Ensure that the *sysldr* restart was expected. Error Message %PLATFORM-SYSLDR-5-LC_ENABLED LC in slot [dec] is now running IOX Explanation For displaying health and readiness of LC Recommended Action Ensure that the (implied) LC restart was expected. Error Message %PLATFORM-SYSLDR-5-MBUS_EEPROM slot [dec]: Unable to get mbus eeprom contents Explanation For displaying notification of mbus nonresponsiveness to get eeprom contents. Recommended Action This indicates that mbus request to get eeprom contents for show diag command has timed out. Retry the command again. Error Message %PLATFORM-SYSLDR-5-MON_DRP Now monitoring DRP in slot [dec] - running IOX-DRP Explanation For displaying notification of discovered DRP. Recommended Action Ensure that the existence of the external DRP was expected. Error Message %PLATFORM-SYSLDR-5-MON_RP Now monitoring RP in slot [dec] - running IOX-RP Explanation For displaying notification of discovered RP. Recommended Action Ensure that the existence of the external RP was expected. Platform Messages SYSLDR Messages EM-1994 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-5-OIRIN OIR: Node [chars] inserted Explanation Entity specified in the messages is inserted into the chassis. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-5-OIROUT OIR: Node [chars] removed Explanation Entity specified in the messages is removed from the chassis. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-5-RESTART Restarted slot [dec] - now running IOX-LC Explanation For displaying LC restart notification. Recommended Action Ensure that the LC restart was expected. Error Message %PLATFORM-SYSLDR-5-RESTART_REQ Accepted restart request for slot [dec]. [chars] Explanation For displaying LC restart requests. Recommended Action Ensure that the *sysldr* restart request was expected. Error Message %PLATFORM-SYSLDR-5-RP_DISABLED RP in slot [dec] is now disabled, reloading Explanation The RP is going to bring down from IOX running state because keep alive message ping is not received to sysldr. Recommended Action Ensure that the disabling of this RP was expected. Error Message %PLATFORM-SYSLDR-5-RP_ENABLED RP in slot [dec] is now running IOX Explanation For displaying health and readiness of RP Recommended Action None Platform Messages SYSLDR Messages EM-1995 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-6-AUX_CARDS_INFO slot[dec]: [chars] Explanation For displaying sysldr informational events. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-6-CANJAMRST slot [dec]: non-zero CAN jam reset counter Explanation The non-volatile MBUS CAN jam reset counter is incremented when the MBUS agent detects a CAM jam condition and hard-resets itself in an attempt to recover. It is an idication thet there might be a faulty MBUS module somewhere in the system, not necesarily on this particular card. Recommended Action Use the show diags details command to read the EEPROM contents and report this to your technical support representative. Error Message %PLATFORM-SYSLDR-6-CARD_KDUMPER Card ungraceful reboot detected in slot [dec]. Explanation For displaying health and readiness of a card Recommended Action Ensure that the card restart was expected. Error Message %PLATFORM-SYSLDR-6-CARD_REBOOT Card graceful reboot detected in slot [dec]. Explanation The specified slot is graceful rebooting Recommended Action Ensure that the card restart was expected. Error Message %PLATFORM-SYSLDR-6-DEBUG slot[dec]: [chars] Explanation sysldr debugging information. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-6-INFO [chars] Explanation For displaying sysldr’s informational events. Recommended Action No action is required. Platform Messages SYSLDR Messages EM-1996 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-6-LTRACE_INIT_ERR Failed to initialize ltrace buffer in [chars]. Error: [chars] Explanation Ltrace buffer will not be available. Debuggability will be reduced because of lacking of ltrace buffer. Recommended Action This indicates a low memory condition. Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Error Message %PLATFORM-SYSLDR-6-WARM_RLD_REJECTED Presently unsupported card WARM reload condition: [chars] Explanation The card WARM reload is presently unsupported in the specified condition Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-7-DEBUG_INIT_EVENT_FAILED [chars]: debug_init_event([chars]) failed error [chars] Explanation Failed to switch ON debug event on sysldr server side. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-7-DEBUG_REGISTER_FAILED [chars]: debug register failed error [chars] Explanation Failed to register debug events on sysldr server side. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-7-ERR_MEM_ALLOC Insufficient memory. Explanation Unable to allocate more heap memory. Recommended Action Make sure the application/process memory usage or leak. Error Message %PLATFORM-SYSLDR-7-ERR_SYSDB_CONNECTION Connection to sysdb path ’[chars]’ failed: ’[chars]’. Explanation Unable to maintain connection to a critical sysdb path. Recommended Action No action is required. Platform Messages SYSLDR Messages EM-1997 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-7-ERR_SYSDB_DELETE slot [dec]: sysdb_item_delete failed for item ’[chars]’ in file equals [chars], line equals [dec] ([chars] [hex]) Explanation Unable to delete a sysdb item. Recommended Action ’No action is required.’ Error Message %PLATFORM-SYSLDR-7-ERR_SYSDB_GET slot [dec]: sysdb_item_get failed for item ’[chars]’ in file equals [chars], line equals [dec] ([chars] [hex]) Explanation Unable to set a sysdb item. Recommended Action ’No action is required.’ Error Message %PLATFORM-SYSLDR-7-ERR_SYSDB_NOTIFY Notification for changes to sysdb bindpoint ’[chars]’, tuple ’[chars]’ failed: ’[chars]’. Explanation Unable to receive notifications of changes to a critical sysdb tuple. Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-7-ERR_SYSDB_SET slot [dec]: sysdb_item_set failed for item ’[chars]’ in file equals [chars], line equals [dec] ([chars] [hex]) Explanation Unable to set a sysdb item. Recommended Action ’No action is required.’ Error Message %PLATFORM-SYSLDR-7-FATAL [chars], error equals [dec] Explanation Error in thread/event manager creation for sysldr process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-SYSLDR-7-INTERNAL_ERROR Internal Error. File [chars], line [dec]: [chars]. Explanation Serious internal logic or data error. Recommended Action ’No action is required.’ Platform Messages TEMPO Messages EM-1998 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-SYSLDR-7-WARM_RLD_OK Receive DOWNLOAD_SUCCESS_WARM from slot [dec], new processes are coming up Explanation Card seems warm reloaded successfully Recommended Action No action is required. Error Message %PLATFORM-SYSLDR-7-WARNING slot[dec]: [chars] Explanation For displaying sysldr debugging information. Recommended Action No action is required. TEMPO Messages Error Message %PLATFORM-TEMPO-3-ERR_INIT Initialization Error: [chars] Reason: [chars]. Exiting. Explanation TEMPO Driver encountered a fatal error and is not able to recover. The supplied text string will explain the reason. Call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TEMPO-3-ERR_MEM_ALLOC Error Allocating [dec] bytes of memory Explanation TEMPO encountered a fatal memory allocation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TEMPO-5-ERR_CONT Continuing execution: [chars]: Caused by [chars] Explanation This message indicates an error occurred beyond which execution of the tempo_driver may continue, attempting to effect recovery or work-around internally, minimizing loss of information/functionality. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages TEMPO Messages EM-1999 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TEMPO-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation TEMPO Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TEMPO-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation TEMPO Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TEMPO-7-ERR_EXIT Exit on error: [chars]: Caused by [chars] Explanation An error occurred in TEMPO Driver which requires exiting (and, hence, restarting) the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TEMPO-7-ERR_LWM_EVENT_BLOCK LWM Event Manager event block failed. Reason: [chars] Explanation TEMPO Event Manager event block error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TEMPO-7-ERR_LWM_REPLY An error occurred during LWM message reply. Reason: [chars] Explanation tempo LWM reply error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages TFQ Messages EM-2000 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 TFQ Messages Error Message %PLATFORM-TFQ-0-SW_INIT_ERR A software error occurred in the ToFab driver component during initialization: [chars] Explanation The fabricq_prp_driver process which controls the ToFab driver on the route processor has failed to initalize and cannot recover automatically. This is a software fault. The ToFab driver controls the hardware that transmits data to the fabric. It runs in the fabricq_prp_driver process. An unrecoverable failure of the fabricq_prp_driver process may prevent this route processor card from communicating with other cards on the chassis. %s indicates the type failure Recommended Action Restart the fabricq_prp_driver process with the following command: ’process restart fabricq_prp_driver’ If the error message appears again, then: if a redundant route processor card has been configured: 1 - force a failover with the following command in admin mode: ’redundancy switchover’ 2 - reload the route processor card that failed with the following command in admin mode: ’reload location RP/0/x/CPU0 ’ where x is the slot of route processor that generated the error. if no redundant RP is configured you will need to reboot the router by issuing the reload command. If the error recurs call your Cisco technical support representative and provide the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-BAD_ALIGN TFQ: bad memory alignment on ptr [hex] of bytes [dec] Explanation TFQ encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-TFQ-3-BUFHDR_INVALID Buffer header invalid, length [unsigned int] start offset [unsigned int] Explanation This message indicates that a packet was attempted to be sent over the fabric but the buffer header was invalid. This usually indicates a software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages TFQ Messages EM-2001 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TFQ-3-DESCQ_FULL Chopper desc queue [dec] full - pri [unsigned int] enq [unsigned int] deq [unsigned int] blog [unsigned int] mask [hex] Explanation This message indicates that too many messages are being sent to the chopper. There is no more room in the chopper descriptor queue to send new packets. This is a temporary condition that should get cleared or the FIA registers on both PRP and LC need investigation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-ERR_MEM_ALLOC Could not complete operation due to lack of memory: Purpose for memory [chars] Explanation The system is running out of memory and was not able to allocate sufficient memory to carry out a management operation. %s indicates what the memory was intended for. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-TFQ-3-FATAL tfq: fatal error encountered, reason equals [chars] Explanation tfq manager encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-FATAL_2 tfq: fatal error encountered, reason equals [chars], Error: [dec], Function: [chars] Explanation tfq encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages TFQ Messages EM-2002 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TFQ-3-GEN_INFO tfq: general information,[chars] Explanation The TFQ’s informational message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-INFO tfq: service degrading error, reason equals [chars] Explanation The tfq encountered an error that would lead to degraded service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-MALLOC_DESC_FAILED TFQ: slot [dec] alloc [dec] bytes error on ptr [hex] of max [hex] Explanation TFQ encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-TFQ-3-MALLOC_FAILED TFQ: memory alloc [dec] bytes error on ptr [hex] of max [hex] Explanation TFQ encountered a fatal memory allocation error Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %PLATFORM-TFQ-3-MEM_ERR No memory available for Chopper queues in [chars] Explanation This message indicates that Chopper driver is not able to allocate memory for the Queues and other use. This usually indicates a memory problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages TFQ Messages EM-2003 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TFQ-3-MSGTOOBIG Particle size too large [unsigned int] Explanation This message indicates that a packet was attempted to be sent over the fabric but was too large to be sent. This usually indicates a software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-MSGTOOBIG Packet [unsigned int] too large: size [unsigned int], status [unsigned int] Explanation An application attempted to send a packet larger than the hardware can handle from the route processor to another card. This usually indicates a software error. packet %u is the packet or buffer handle size %u is the packet or buffer size status %u is the buffer status flags Recommended Action de If this error occurs rarely it will not impact service and can be ignored. If it occurs frequently, contact your Cisco support representative and provide the data that has been gathered. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-NODEID_INVALID Node Id invalid, rc:[dec] node:[hex] stream:[dec] paktype:[dec] Explanation This message indicates that a packet was attempted to be sent over the fabric but the node id was invalid. This usually indicates a software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-NOT_YET_IMPLEMENTED tfq: this function [chars] is not yet implemented Explanation TFQ, a function was not implemented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages TFQ Messages EM-2004 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TFQ-3-PAK_DUPLICATE_ERR Failed to duplicate packet sent to the chopper old:[hex] new:[hex] loc:[dec] Explanation This message indicates that there was failure in the case where the Chopper driver had to duplicate a packet. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-PAK_FREE_ERR The toFab driver failed to return a buffer to the free list. Details: [chars] Explanation The fabric driver has failed to return a packet buffer to the free list. If this error keeps recurring it could result in the depletion of buffer for packets sent from the route processor to the fabric. %s is the entity processing the packet. Recommended Action If this error occurs again copy the system messages exactly as they appear, call your Cisco technical support representative. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-PAK_INVALID Invalid packet sent to the chopper [hex] Explanation This message indicates that an invalid packet was sent to the Chopper driver. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-PAK_INVALID Invalid packet sent to the fabric driver. Packet [hex] Explanation This message indicates that an invalid packet was sent to the driver handling packets to be sent from the router processor card to other cards in the chassis. The packet will be dropped and the system should recover from the error. %x packet handle. Recommended Action If this error occurs rarely it should not impact service and can be ignored. If it occurs frequently, contact your Cisco support representative and provide the data that has been gathered. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages TFQ Messages EM-2005 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TFQ-3-PAK_LEGACY TFQ: packet type [dec] Explanation TFQ is using a legacy packet type Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-QUEUE_BLOCKED PRP To Fabric Queue pri:[dec] slot:[dec] is blocked, report fault to sysldr Explanation The PRP to fabric queue of the particular priority and slot is blocked. This means packets that go that slot of that priority will fail. In addition, at least one of the multicast queues (high or low priority) is blocked as well. This likely means the particular slot is failing to accept packets and will cause backpressure on the PRP to fabric queue. Because of hardware design, if a multicast packet includes the one faulty slot then it will be stuck in the tofab multicast queue, and subsequent multicast packets will be stuck even if they do not include the faulty slot in their slotmask. Having the unicast queue blocked is somewhat allowable, but having the multicast queue blocked is not acceptable. This error message is raised when both unicast and multicast are blocked. In order to alleviate this problem, the fault is sent to sysldr, for sylsdr to decide to reload the slot. It is very likely that the problem slot was not accepting packets. priority:%d is either 0-low priority or 1-high priority slot:%d is the slot that is back pressuring to the PRP Recommended Action The slot should be reloaded to correct the problem, if not done already by sysldr. Copy the error message exactly as it appears and report it to your Cisco technical representative together with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-3-USAGE tfq: invalid option [chars] passed to tfq server Explanation Startup option supplied to TFQ is not valid. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-4-NODEID_INVALID Node identifier is invalid, rc:[dec] node Id [unsigned int] stream:[dec] flags:[unsigned int] Explanation A packet destined for a remote card was received by the fabric driver. The destination node in the packet header could not be decoded by the ToFab component of the fabric driver on the route processor. This is a software error and the packet will be dropped. rc:%d is the return code of Platform Messages TIMESYNC_CLIENT Messages EM-2006 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 the function that parsed the node. node Id %u is the node identifier received by the driver which failed to parse stream:%d is the message stream over which the packet was sent to the driver. flags %u are flags used by packet manager to identify the packet. Recommended Action This error does not affect the performance or functionality of the system. No intervention is required. The packets in question will be dropped. Copy the error message exactly as it appears and report it to your Cisco technical representative together with the gathered information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TFQ-5-UNEXPECTED_PKT Unexpected packet has been received by ToFab driver. Type: [dec] Explanation An unexpected packet type was sent to the ToFab driver This will not impact functionality or performance. It is being reported for informational purposes only. Type: %d is the type of the packet that the driver rejected. Recommended Action No intervention is required. A log of these messages together with the gathered data should be kept for future reference by your Cisco technical representative. TIMESYNC_CLIENT Messages Error Message %PLATFORM-TIMESYNC_CLIENT-4-ERR_CONNECT_ARB failed to connect to the active/standby arbitration process, ([chars]) Explanation The c12000 arbitration process could not be contacted. This process provides the active/standby state information required to decide whether the local time should be aligned to the chassis system time. This problem may cause the system error messages reported by the specified card to be offset in time, or being displayed without a timestamp. Recommended Action The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_client’ or ’process restart psarb-lc’ could clear the problem. Platform Messages TIMESYNC_CLIENT Messages EM-2007 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TIMESYNC_CLIENT-4-ERR_GET_ARB_STATE unable to get the active/standby arbitration state, ([chars]) Explanation Unable to get the active/standby state from the arbitration process. This process provides the active/standby state information required to decide whether the local time should be aligned to the chassis system time. This problem may cause the system error messages reported by the specified card to be offset in time, or being displayed without a timestamp. Recommended Action This could indicate an internal software error. The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_client’ or ’process restart psarb-lc’ could clear the problem. Error Message %PLATFORM-TIMESYNC_CLIENT-4-ERR_GET_TIME failed to get system time, ([chars]) Explanation An attempt to read the local time has failed. This can prevent local time to be reported as a response to the ’show clock sync’ command. It can also prevent alignment of the local time to the chassis system time broadcasted by the dsc. This may cause the system error messages reported by the specified card to be offset in time, or being displayed without a timestamp. Recommended Action The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_client’ could clear the problem. Error Message %PLATFORM-TIMESYNC_CLIENT-4-ERR_INIT_DSC Failed to learn if we are running on the DSC ([chars]) Explanation This process needs to know if it runs on the DSC or standby DSC. An error occured while trying to get the information from the DSC process. The process will voluntary exit, and should get automatically restarted. Recommended Action This could indicate an internal software error. The problem has only minor system impact, and will not affect traffic. The timestamp associated with the system messages originating from this card may show a time offset compared to other cards. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_client’ or ’process restart dsc’ could clear the problem. Platform Messages TIMESYNC_CLIENT Messages EM-2008 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TIMESYNC_CLIENT-4-ERR_READ_MBUS failed to read a message from MBUS, ([chars]) Explanation A failure was encountered when receiving a message from the MBUS driver. MBUS is the communication service over which chassis system time is broadcasted. This problem may cause the system error messages reported by the specified card to be offset in time, or being displayed without a timestamp. Recommended Action The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Error Message %PLATFORM-TIMESYNC_CLIENT-4-ERR_SET_TIME failed to set system time, ([chars]) Explanation An attempt to set the local time has failed. This problem will prevent alignment of the local time to the chassis system time broadcasted by the dsc. This may cause the system error messages reported by the specified card to be offset in time, or being displayed without a timestamp. Recommended Action The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_client’ could clear the problem. Error Message %PLATFORM-TIMESYNC_CLIENT-4-ERR_WRITE_MBUS failed to write a message to MBUS, ([chars]) Explanation A failure was encountered when sending a message to the MBUS driver. MBUS is the communication service over which chassis system time is exchanged. This problem will cause the local time to be missing in the ’show clock sync’ response. Recommended Action The problem has no system impact, and will not affect traffic. The problem could be transient and caused by an internal process restart. Retry the ’show clock sync’ command and see if the problem goes away. If this message repeats every time the ’show clock sync’ command is entered, report the failure to a service representative. Error Message %PLATFORM-TIMESYNC_CLIENT-6-TIME_SET Local clock is set to [chars] Explanation Local clock is set by timesync client. Recommended Action If this message shows up frequently, that means the clock on this node can’t be synced properly with active RP via NTP. Likely the clock has problem to keep the time properly. The clock should be checked.Platform Messages TIMESYNC Messages EM-2009 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 TIMESYNC Messages Error Message %PLATFORM-TIMESYNC-4-ERR_CONNECT_ARB failed to connect to the active/standby arbitration process, ([chars]) Explanation The c12000 arbitration process could not be contacted. This process provides the active/standby state information required to decide whether the local time should be broadcasted over MBUS communication to other cards. This problem may cause other cards in the chassis to have an unaligned time base, and may cause system error messages reported by the other cards to appear offset in time, or to be displayed without a timestamp. Recommended Action The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_server’ is safe and could clear the problem. Error Message %PLATFORM-TIMESYNC-4-ERR_GET_ARB_STATE unable to get the active/standby arbitration state, ([chars]) Explanation Unable to get the active/standby state from the arbitration process. This process provides the active/standby state information required to decide whether the local time should be broadcasted over MBUS communication to other cards. This problem may cause other cards in the chassis to have an unaligned time base, and may cause system error messages reported by the other cards to appear offset in time, or to be displayed without a timestamp. Recommended Action This could indicate an internal software error. The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_server’ is safe and could clear the problem. Error Message %PLATFORM-TIMESYNC-4-ERR_GET_TIME failed to get system time, ([chars]) Explanation An attempt to read the local time has failed. This can prevent local time from being broadcasted to other cards in the chassis. This problem may cause other cards in the chassis to have an unaligned time base, and may cause system error messages reported by the other cards to appear offset in time, or to be displayed without a timestamp. Recommended Action The problem has only minor system impact, and will not affect traffic. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_server’ is safe and could clear the problem. Platform Messages TLU Messages EM-2010 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TIMESYNC-4-ERR_WRITE_MBUS failed to write a message to MBUS, ([chars]) Explanation A failure was encountered when sending a message to the MBUS driver. MBUS is the communication service over which chassis system time is exchanged. This problem may cause other cards in the chassis to have an unaligned time base, and may cause system error messages reported by the other cards to appear offset in time, or to be displayed without a timestamp. Recommended Action The problem has minor system impact, and will not affect traffic. The problem could be transient and caused by an internal process restart. The system will retry and normally recover from such a transient error. However, if this message repeats continuously, report the failure to a service representative. Doing a ’process restart timesync_server’ is safe and could clear the problem. Error Message %PLATFORM-TIMESYNC-5-ERR_GET_LR_INFO failed to get Logical Router information, still trying...([chars]) Explanation Logical Router information is required to know if the local time should be broadcasted to other cards in the system. The process failed to get the Logical Router information within what is considered a normal period. This problem may cause other cards in the chassis to have an unaligned time base, and may cause system error messages reported by the other cards to appear offset in time, or to be displayed without a timestamp. Recommended Action The problem has minor system impact, and will not affect traffic. The problem could be transient and caused by a slower-than-expected boot phase. The system will retry forever and should normally recover from such an error. After 5 minutes, if ’show clock sync’ shows that all cards are time-aligned, then the system recovered. If not, doing a ’process restart timesync_server’ is safe and could clear the problem. If the problem persists, report the failure to a service representative. TLU Messages Error Message %PLATFORM-TLU-4-ADDR_VALIDATE_FAILED Invalid entry address T-[dec] chan:[dec] Addr:[hex] cerr: [dec] Explanation An error was encountered while function tlu_addr_validate return error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Platform Messages TOPMGR Messages EM-2011 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 TOPMGR Messages Error Message %PLATFORM-TOPMGR-2-INIT_FAILURE Failed to initialze Topology Manager: [chars] Explanation This syslog is printed when Topology Manager or its clients fail to initialize necessary data structures and memories. If the error originates from the system call the error message is also printed. Recommended Action Based on the system error message the user can tell what went wrong. More likely than not, the user has to restart the system. If the problem persists he or she has to contact Cisco customer support team. Error Message %PLATFORM-TOPMGR-2-MALLOC_FAILURE Failed to allocate memory: [chars] Explanation An explanation is provided in the syslog. Recommended Action A user should be able to tell what went wrong and take actions accordingly. For instance, if the system runs out of memory then more memory needs to be installed. Error Message %PLATFORM-TOPMGR-3-CHILD_NOTFOUND Child interface not found: ifhandle equals [unsigned int] Explanation Although a reference to a child interface is found in the parent interface, the child interface cannot be found via the search routine. Either the child interface failed to be added in the first place or the reference was not cleared when the child was deleted. Recommended Action Examine the trace buffers and pay attention to all the insert and delete operations. TSEC Messages Error Message %PLATFORM-TSEC-2-DRIVER_FATAL [chars] for tsec[dec], value [hex], error [dec]. Explanation The particular operation mentioned in the message failed due to some reason. This is a critical failure. Driver cannot operate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages TSEC Messages EM-2012 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TSEC-3-DRIVER_ERROR [chars] for tsec[dec], value [hex], error [dec]. Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-TSEC-3-DRIVER_ERROR_BUFALIGN [chars] for tsec[dec], hwq [hex], count [dec]. Explanation The particular operation mentioned in the message failed due to some reason. This is a critical failure. Driver cannot operate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-TSEC-3-OPERATION_ERROR [chars] tsec[dec], value [hex], error [dec] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-TSEC-6-DRIVER_INFO [chars] for tsec[dec] is [hex]. Explanation The particular operation mentioned in the message gave an informative message. This is not a failure. Recommended Action No action is required. Error Message %PLATFORM-TSEC-6-DRIVER_INFO_1REG tsec[dec] [chars]([hex]) equals [hex] Explanation The particular operation mentioned in the message gave an informative message. This is not a failure. Recommended Action No action is required. Platform Messages UPGRADE_FPD Messages EM-2013 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-TSEC-6-DRIVER_INFO_2REG tsec[dec] [chars]([hex]) equals [hex], [chars]([hex]) equals [hex] Explanation The particular operation mentioned in the message gave an informative message. This is not a failure. Recommended Action No action is required. Error Message %PLATFORM-TSEC-6-OPERATION_INFO [chars] for tsec[dec] is [hex]. Explanation The particular operation mentioned in the message gave an informative message. This is not a failure. Recommended Action No action is required. UPGRADE_FPD Messages Error Message %PLATFORM-UPGRADE_FPD-2-FATAL [chars] Explanation A fatal error was encountered, and the program exited. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-UPGRADE_FPD-3-ASYNC_ATTACH Failed to attach async message handler : [chars] Explanation Failed to attach async message handler Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages UPGRADE_FPD Messages EM-2014 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE_FPD-3-CHAN_CREATE Failed to create upgrade-fpd channel : [chars] Explanation Failed to create lc_fpd_upgrade (driver) channel using event_manager_create. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-UPGRADE_FPD-3-ERROR [chars] Explanation An error was encountered Recommended Action Collect fpd trace and contact tech support. Error Message %PLATFORM-UPGRADE_FPD-3-EVT_BLOCK Event block failed : [chars] Explanation Failed to block event Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-UPGRADE_FPD-3-FAILED Failed to update FPD : [chars] [chars] Explanation The update operation for the specified FPD has failed. Recommended Action Retry the operation to update the image. If the retry operation fails, copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://www.cisco.com/cgi-bin/Support/Bugtool/launch_bugtool.pl. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://www.cisco.com/cgi-bin/front.x/case_tools/caseOpen.pl, or contact your Cisco technical support representative and provide the representative with the information you have gathered. Attach the following information to your case in nonzipped, plain-text (.txt) format: the output of the show logging and show tech-support commands and your pertinent troubleshooting logs. Platform Messages UPGRADE_FPD Messages EM-2015 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE_FPD-3-MSG_REPLY Msg reply failed : [chars] Explanation Failed to send message reply Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-UPGRADE_FPD-3-SYNC_ATTACH Failed to attach sync message handler : [chars] Explanation Failed to attach sync message handler Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-UPGRADE_FPD-4-DOWN_REV [chars] [chars] instance [dec] is down-rev (V[dec].[dec]), upgrade to (V[dec].[dec]). Use the upgrade hw-module fpd CLI in admin mode. Explanation For displaying down-rev notification. Recommended Action tech support should be contacted for upgrade instructions Error Message %PLATFORM-UPGRADE_FPD-4-ROMMONA_DOWN_REV [chars] [chars] instance [dec] is down-rev (V[dec].[dec]), upgrade to (V[dec].[dec]). Please consult TAC or Firmware Upgrade documentation before proceeding to upgrade rommonA. Explanation For displaying down-rev notification. Recommended Action tech support should be contacted for upgrade instructions Error Message %PLATFORM-UPGRADE_FPD-4-UP_REV [chars] [chars] instance [dec] is severely up-rev (V[dec].[dec]), downgrade to (V[dec].[dec]). Use the upgrade hw-module fpd CLI in admin mode. Explanation For displaying severely up-rev notification. Recommended Action tech support should be contacted for downgrade instructions Platform Messages UPGRADE_FPD Messages EM-2016 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE_FPD-4-WARNING [chars] Explanation display warning messages Recommended Action No action is required. Error Message %PLATFORM-UPGRADE_FPD-6-PASSED Successfully [chars] [chars] subtype image for [chars] on location [chars] Explanation It indicates that a FPD has been upgraded or downgraded successfully. The current image version and the upgraded image version are displayed. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE_FPD-6-START Starting to [chars] [chars] subtype image from [dec].[dec] to [dec].[dec] for [chars] on location [chars] Explanation It indicates that a FPD image upgrade or downgrade has started. The current image version and the upgraded image version are displayed. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE_FPD-6-STATUS [chars] Explanation It indicates the status of FPD upgrade like start, in-progress, end. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE_FPD-6-STATUS_LOC [chars] [chars] Explanation It indicates the status of FPD upgrade on a particular location. Recommended Action No action is required.Platform Messages UPGRADE Messages EM-2017 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 UPGRADE Messages Error Message %PLATFORM-UPGRADE-3-FL_SIZE Overflow in fabric-loader upgrade. New fabric-loader size equals [dec] available size equals [dec] Explanation When upgrading the new fabric-loader, if the size of the new fabric-loader is greater than the avilable size overflow error is reported. Recommended Action Check the new fabric-loader size. Error Message %PLATFORM-UPGRADE-3-IMAGE_UNAVAIL Unable to find upgrade image for this cardtype within IOX Explanation The upgrade was unable to complete because the image to burn into flash could not be located within IOX. Recommended Action Collect information for Routing Processor type and contact Tech Support. Error Message %PLATFORM-UPGRADE-3-INVALID_IMAGETYPE Invalid image type specified in upgrade message ([dec]) Explanation The message used to initiate the upgrade contained an image type that was invalid. Recommended Action Collect information for Routing Processor type and contact Tech Support. Error Message %PLATFORM-UPGRADE-3-INVALID_MSGTYPE Invalid message type specified in upgrade message ([dec]) Explanation The message used to initiate the upgrade contained a message type that was invalid. Recommended Action Collect information for Routing Processor type and contact Tech Support. Error Message %PLATFORM-UPGRADE-3-NEW_ROM_SIZE Overflow in ROM monitor upgrade. New ROM monitor size equals [dec] available size equals [dec] Explanation When upgrading the new rommon, if the size of the new rommon is greater than the available size overflow error is reported. Recommended Action Check the new ROMMON size. Platform Messages UPGRADE Messages EM-2018 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE-3-NEW_ROM_SIZE Overflow in ROM monitor upgrade. New ROM monitor size equals [dec] available size equals [dec] Explanation When upgrading the new rommon, if the size of the new rommon is greater than the available size overflow error is reported. Recommended Action Check the new ROMMON size. Error Message %PLATFORM-UPGRADE-3-RP_WARNING [chars] Explanation When upgrading the new rommon, RP’s rommon will be corrupted if the user reload the RP. So, The user must not reload RP when its rommon is being upgraded. If RP’s rommon is corrupted, it needs to be RMAd. Recommended Action The user must not reload RP when it’s rommon is being upgraded. Error Message %PLATFORM-UPGRADE-3-SETUP_FAILURE Unable to properly set up upgrade infrastructure. Internal error Explanation The upgrade was unable to complete because the type of the card did not fall into the expected set of possibilities. This is likely due to an internal programming error. Recommended Action Collect information for Routing Processor type and contact Tech Support. Error Message %PLATFORM-UPGRADE-3-VERSION_MISSING Unable to complete upgrade. Cannot determine version info (rc equals [dec]) Explanation The upgrade was unable to complete because the version of either the current ROMMON image or the version of the image to be used for the upgrade could not be determined. Recommended Action Collect information for Routing Processor type and contact Tech Support. Error Message %PLATFORM-UPGRADE-7-ERASE_SECTORS Erase sectors fail for [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because failed to erase sectors. Recommended Action The upgrade commands needs to be retried on RP. Platform Messages UPGRADE Messages EM-2019 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE-7-ERASE_SECTORS Erase sectors fail for [chars] Explanation The upgrade of the ROMMON failed because failed to erase sectors. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-ERR_BUF_READ Failed to read file [chars] Explanation The upgrade of the ROMMON failed because failed to read the file buffer. It will not affect the existing service on the card. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-ERR_BUF_READ Failed to read file [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because of a file read system call failed. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-ERR_CHAN_CREATE Failed to create upgrade ROM channel : [chars] Explanation Failed to create upgrade ROM channel using event manager. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-ERR_DEBUG_INIT Debug initialization failed Explanation Initialization of the debug event failed during ROMMON upgrade. This can be observed when the debug is enabled. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE-7-ERR_DEBUG_REG Debug registration failed : [chars] Explanation debug registration call failed during ROMMON upgrade. This can be observed when the debug is enabled. Recommended Action No action is required. Platform Messages UPGRADE Messages EM-2020 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE-7-ERR_EVENT_MGR [chars] : [chars] Explanation Generic failure of any event manager API. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-UPGRADE-7-ERR_FILE_OPEN Failed to open file [chars] : [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because of a system call fails to open the relevant file. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-ERR_FILE_OPEN Failed to open file [chars] : [chars] Explanation The upgrade of the ROMMON failed because failed to open the image file. It will not affect the existing service on the card. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-ERR_LWM_REPLY Failed to send reply message : [chars] Explanation KAA process failed to reply back to sysldr client on the upgrade results using LWM. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-ERR_MEM_ALLOC Failed to allocate memory Explanation This indicates a low memory condition. The upgrade of the specfied component would fail. Recommended Action Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Platform Messages UPGRADE Messages EM-2021 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE-7-ERR_MEM_ALLOC Failed to allocate memory Explanation This indicates a low memory condition. The upgrade of the specfied component would fail. Recommended Action Memory on the box must be running low - are there services that can be stopped, or can more memory be added? Error Message %PLATFORM-UPGRADE-7-FLASH_DEVICE Flash device unsupported. RP ROMMON upgrade aborting Explanation The flash type discovered does not match the list of supported devices. Recommended Action Collect information for Routing Processor type. Error Message %PLATFORM-UPGRADE-7-FLASH_DEVICE Flash Device is not AM29LV800B - Linecard upgrade won’t continue Explanation The current driver only supports AM29LV800B flash device. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE-7-GET_SLOT Failed to get slot number Explanation The platform library call to retrieve the slot information failed. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE-7-MMAP Failed to map device address : [chars] Explanation A system call failed to map the device physical address. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-MMAP Failed to map device address : [chars] Explanation A system call failed to map the device physical address. Recommended Action The upgrade commands needs to be retried on RP. Platform Messages UPGRADE Messages EM-2022 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE-7-MUNMAP Failed to unmap mapped object : [chars] Explanation A system call failed to un-map the device physical address. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE-7-MUNMAP Failed to unmap mapped object : [chars] Explanation A system call failed to un-map the device physical address. Recommended Action No action is required. Error Message %PLATFORM-UPGRADE-7-PROGRAM_FLASH Programming flash fail for [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because failed in programming flash. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-PROGRAM_FLASH Programming flash fail for [chars] Explanation The upgrade of the ROMMON failed because failed to erase sectors. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-PROGRAM_FLASH_HEADER Programming flash header fail for [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because failed in programming flash header. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-STAT Failed to access file [chars] : [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because of file download statistic system call failure. Recommended Action The upgrade commands needs to be retried on RP. Platform Messages UPGRADE Messages EM-2023 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-UPGRADE-7-STAT Failed to access file [chars] : [chars] Explanation The upgrade of the ROMMON failed because failed to get file stat. It will not affect the existing service on the card. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-STATUS_SEND Failed to send status Explanation The KAA process failed to send the upgrade status to the client, sysldr. Recommended Action The sysldr log needs to be refered for the explanation. The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-VERIFY_FLASH Verify flash fail for [chars] Explanation The upgrade of the ROMMON failed because failed to verify FLASH. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-VERIFY_FLASH Verify flash fail for [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because failed to verify flash. Recommended Action The upgrade commands needs to be retried on RP. Error Message %PLATFORM-UPGRADE-7-VERIFY_FLASH_HEADER Verify flash header fail for [chars] Explanation The upgrade of the specfied component (ROMMON/Fabric-loader) failed because failed to verify flash header. Recommended Action The upgrade commands needs to be retried on RP.Platform Messages USB Messages EM-2024 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 USB Messages Error Message %PLATFORM-USB-2-DEV_CTRL_TIMEOUT USB Controller transaction taking longer than 5 seconds Explanation Controller transaction is taking excess time. Recommended Action The USB controller requires immediate service. Please attempt to restart the hd_drv process using command: ’process restart umass-enum’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-USB-2-DEV_EUSB0_TIMEOUT The internal usb device 0, transaction taking longer than 5 seconds Explanation USB device 0 transaction is taking excess time. Recommended Action The USB device 0 requires immediate service. Please attempt to restart the hd_drv process using command: ’process restart umass-enum’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-USB-2-DEV_EUSB1_TIMEOUT The internal usb device 1, transaction taking longer than 5 seconds Explanation USB device 1 transaction is taking excess time. Recommended Action The USB device 1 requires immediate service. Please attempt to restart the hd_drv process using command: ’process restart umass-enum’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-USB-2-DEV_HUB_TIMEOUT Hub transaction taking longer than 5 seconds Explanation USB Hub transaction is taking excess time. Recommended Action The USB hub requires immediate service. Please attempt to restart the hd_drv process using command: ’process restart umass-enum’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages VCDMA Messages EM-2025 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-USB-2-DEVICE_TIMEOUT USB:DEV equals [hex]:EPT equals [hex]:QH equals [hex]:TD equals [hex]:ELAPSED equals [dec]s:START equals [chars] Explanation An USB operation is taking too long. If the device refers to an internal device, the board needs immediate attention. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-USB-3-DEV_COMPACTFLASH_TIMEOUT CompactFlash transaction taking longer than 5 seconds Explanation Compact Flash transaction is taking excess time. Recommended Action The external compact flash device is not working correctly. Re-insert or replace with another device. VCDMA Messages Error Message %PLATFORM-VCDMA-7-ERR_BAG_REG Bag register failed for rules. Reason: [chars] Explanation EDM Bags are used to share information between components using sysdb. This Error indicates that bag registration failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-VCDMA-7-ERR_DLL_INIT Dll Initialization for [chars] failed. Reason: [chars] Explanation Cpuctrl driver tried to register for a dll but it encountered an error. The driver might lose some of its functionality. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages VKG_AMCC2035 Messages EM-2026 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-VCDMA-7-ERR_EVM_CREATE Event Manager create failed for [chars]. Reason: [chars] Explanation Cpuctrl Event Manager create error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-VCDMA-7-ERR_EVM_NOTIFY Event Manager notify failed for [chars]. Reason: [chars] Explanation Cpuctrl Event Manager notify error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %PLATFORM-VCDMA-7-ERR_SYSDB_EDM_REG Sysdb Register EDM failed. Reason: [chars] Explanation Cpuctrl Sysdb Register EDM error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VKG_AMCC2035 Messages Error Message %PLATFORM-VKG_AMCC2035-3-ERROR_EXIT Exiting because [chars], error code [chars] Explanation The Ether-Ctrl process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ether-ctrl location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages VKG_BCM8705 Messages EM-2027 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-VKG_AMCC2035-3-IF_OPERATION_FAIL [chars], port [dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-VKG_AMCC2035-3-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-VKG_AMCC2035-7-INFO [chars] [chars] Explanation The particular operation mentioned in the message occured due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. VKG_BCM8705 Messages Error Message %PLATFORM-VKG_BCM8705-3-ERROR_EXIT Exiting because [chars], error code [chars] Explanation The Ether-Ctrl process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ether-ctrl location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages VKG_IP_EA Messages EM-2028 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-VKG_BCM8705-3-IF_OPERATION_FAIL [chars], port [dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-VKG_BCM8705-3-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-VKG_BCM8705-7-INFO [chars] [chars] Explanation The particular operation mentioned in the message occured due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. VKG_IP_EA Messages Error Message %PLATFORM-VKG_IP_EA-3-CRITICAL VKG IP-EA: Critical error: [chars] Explanation VKG IP-EA, Critical error Recommended Action *SUPPORT* Error Message %PLATFORM-VKG_IP_EA-3-ERROR1 VKG IP-EA: Error: [chars] [dec] Explanation VKG IP-EA, error Recommended Action *SUPPORT* Platform Messages VKG_LCPM_SHOW Messages EM-2029 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-VKG_IP_EA-3-ERROR2 VKG IP-EA: Error: [chars] Explanation VKG IP-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-VKG_IP_EA-5-DEBUG VKG IP-EA: Debug info: [chars] Explanation VKG IP-EA, Debug information Recommended Action *SUPPORT* VKG_LCPM_SHOW Messages Error Message %PLATFORM-VKG_LCPM_SHOW-3-ERROR VKG_LCPM_SHOW: [chars] , [chars] Explanation VKG_LCPM_SHOW encountered an error Recommended Action Please enable ’debug im api errors’, ’debug sysdb access ...’ and capture the output. Error Message %PLATFORM-VKG_LCPM_SHOW-7-USAGE vkg_pm_show: invalid option passed to vkg_pm_show command. [chars] Explanation Startup option supplied to VKG_LCPM_SHOW is not valid. Recommended Action Please re-enter the correct option as described in the usage message ’Usage: vkg_pm_show [-I intf name] | [-N node name]’ Example: sh controllers vkgpm int Ten0/2/0/0 loc 0/2/cpu0, or run vkg_lcpm_show -I TenGigE0_2_0_0 -N 33 VKG_MPLS_EA Messages Error Message %PLATFORM-VKG_MPLS_EA-3-ERR PLATFORM MPLS-EA: [chars] Explanation VKG MPLS-EA, error Recommended Action *SUPPORT* Platform Messages VKG_PM_TEST Messages EM-2030 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-VKG_MPLS_EA-3-ERRSTR PLATFORM MPLS-EA: [chars] Error: [chars]([dec]) Explanation VKG MPLS-EA, error Recommended Action *SUPPORT* Error Message %PLATFORM-VKG_MPLS_EA-6-INFO PLATFORM MPLS-EA: [chars]: [chars] Explanation VKG MPLS-EA, Debug information Recommended Action *SUPPORT* VKG_PM_TEST Messages Error Message %PLATFORM-VKG_PM_TEST-3-ERROR vkg_pm_test: fatal error encountered, reason equals [chars] Explanation vkg_pm test encountered a fatal error and is not able recover from the error. A reason text will be supplied call support with this text. Recommended Action This is just test software which the customer does not get. so there is np actiom required. Error Message %PLATFORM-VKG_PM_TEST-3-ERROR_2 vkg_pm_test: fatal error encountered, reason equals [chars], errno equals [dec] Explanation vkg_pm_test encountered a fatal error and is not able to recover from the error. A reason text will be supplied call support with this text. An integer errno will also be printed. Recommended Action This is just test software which the customer does not get.Platform Messages VKG_PM Messages EM-2031 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 VKG_PM Messages Error Message %PLATFORM-VKG_PM-3-ERROR vkg_pm: error encountered, reason equals [chars], errno equals [dec] Explanation vkg_pm encountered a fatal error and is not able to recover from the error. A text reason and error number will be supplied to describe the error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Error Message %PLATFORM-VKG_PM-3-ERROR_INIT vkg_pm: error encountered, reason equals [chars] Explanation Platform Manager encountered an initialization error A reason text will be supplied to describe the error. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ output, and ’show memory summary location r/s/i from that location. Error Message %PLATFORM-VKG_PM-4-WARNING Platform Manager warning: [chars] Explanation The Platform Manager encountered an provisioning warning. Recommended Action No action is required as the software should be able to recover from this error. Please collect ’show log location r/s/i’ VKG_SERDES Messages Error Message %PLATFORM-VKG_SERDES-3-ERROR_EXIT Exiting because [chars], error code [chars] Explanation The Ether-Ctrl process exited due to the reason mentioned in the message. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process ether-ctrl location ’ to verify that the process is up and running. If it is still non-operational, try doing from the admin mode ’process restart envmon location ’. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Platform Messages WD_PLATFORM_SP Messages EM-2032 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-VKG_SERDES-3-IF_OPERATION_FAIL [chars], port [dec], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-VKG_SERDES-3-MUTEX_OPERATION_FAIL [chars], [dec] error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-VKG_SERDES-3-OPERATION_FAIL Failed to [chars], error code [chars] Explanation The particular operation mentioned in the message failed due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. Error Message %PLATFORM-VKG_SERDES-7-INFO [chars] [chars] Explanation The particular operation mentioned in the message occured due to some reason. This is not a critical failure, the process can continue functioning as expected despite the failure. Recommended Action Debug message only. No action is required. WD_PLATFORM_SP Messages Error Message %PLATFORM-WD_PLATFORM_SP-2-FAILED_TO_TICK HW Watchdog: instance: [dec], tid: [dec] failed to tick, curr tick count: [dec], tick_owner: [dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Platform Messages WD_PLATFORM_SP Messages EM-2033 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-WD_PLATFORM_SP-2-INTERNAL_ERROR HW Watchdog: detected an internal error, [chars]:[dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM_SP-3-INVALID_TICK_CALL HW Watchdog: invalid ticker thread tid: [dec], not registered Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM_SP-3-SRP_STATE_CHANGE_REG_FAILED HW Watchdog: registration for sysmgr srp state change notification failed, rc: [dec], [chars] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM_SP-4-INVALID_TICKER HW Watchdog: invalid ticker thread added, CPU: [dec], tid: [dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM_SP-4-WATCHDOG_STATE HW Watchdog: disabled on this node. Explanation The driver software has detected that the watchdog is disabled on the node. Disabling the watchdog is not a recommended as it can lead to unrecoverable node halts. Recommended Action Determine the reason for the watchdog being disabled. This could be due to incorrect ROMMON env var WD_WATCHDOG_MODEsetting. If this is set intentionally then no further action is required. Otherwise, please check with TAC. Error Message %PLATFORM-WD_PLATFORM_SP-6-SRP_READY_STATE HW Watchdog: [chars], [chars] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC.Platform Messages WD_PLATFORM Messages EM-2034 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 WD_PLATFORM Messages Error Message %PLATFORM-WD_PLATFORM-2-FAILED_TO_TICK HW Watchdog: instance: [dec], tid: [dec] failed to tick, curr tick count: [dec], tick_owner: [dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-2-FAILED_TO_TICK HW Watchdog: instance: [dec], tid: [dec] failed to tick, curr failed tick count: [dec], tick_owner: [dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-2-INTERNAL_ERROR HW Watchdog: detected an internal error, [chars] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-2-INTERNAL_ERROR HW Watchdog: detected an internal error, [chars]:[dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-3-INVALID_TICK_CALL HW Watchdog: invalid ticker thread tid: [dec], not registered Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Platform Messages WD_PLATFORM Messages EM-2035 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-WD_PLATFORM-3-INVALID_TICK_CALL HW Watchdog: invalid ticker thread tid: [dec], not registered Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-3-SRP_STATE_CHANGE_REG_FAILED HW Watchdog: registration for sysmgr srp state change notification failed, rc: [dec], [chars] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-3-SRP_STATE_CHANGE_REG_FAILED HW Watchdog: registration for sysmgr srp state change notification failed, rc: [dec], [chars] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-4-INVALID_TICKER HW Watchdog: invalid ticker thread added, CPU: [dec], tid: [dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Error Message %PLATFORM-WD_PLATFORM-4-INVALID_TICKER HW Watchdog: invalid ticker thread added, CPU: [dec], tid: [dec] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. Platform Messages XCVR Messages EM-2036 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-WD_PLATFORM-4-WATCHDOG_STATE HW Watchdog: disabled on this node. Explanation The driver software has detected that the watchdog is disabled on the node. Disabling the watchdog is not a recommended as it can lead to unrecoverable node halts. Recommended Action Determine the reason for the watchdog being disabled. This could be due to incorrect ROMMON env var WD_WATCHDOG_MODEsetting. If this is set intentionally then no further action is required. Otherwise, please check with TAC. Error Message %PLATFORM-WD_PLATFORM-4-WATCHDOG_STATE HW Watchdog: disabled on this node. Explanation The driver software has detected that the watchdog is disabled on the node. Disabling the watchdog is not a recommended as it can lead to unrecoverable node halts. Recommended Action Determine the reason for the watchdog being disabled. This could be due to incorrect ROMMON env var WD_WATCHDOG_MODEsetting. If this is set intentionally then no further action is required. Otherwise, please check with TAC. Error Message %PLATFORM-WD_PLATFORM-6-SRP_READY_STATE HW Watchdog: [chars], [chars] Explanation Some kind of internal fault has occurred. Recommended Action please check with TAC. XCVR Messages Error Message %PLATFORM-XCVR-3-ERROR XCVR-Err: [chars] Explanation This is an error message from the XCVR, it indicates that something has gone wrong internally in the XCVR. Recommended Action File a DDTS Error Message %PLATFORM-XCVR-3-FAILURE XCVR-FAILURE: [chars] Explanation This is a failure message from the XCVR Recommended Action *RECUR* Platform Messages XCVR Messages EM-2037 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %PLATFORM-XCVR-6-ENABLE Transceiver(slot:[dec]/bay:[dec]/port:[dec]) ENABLED Explanation This is an informational message from the XCVR Recommended Action *RECUR* Error Message %PLATFORM-XCVR-6-INFO XCVR-Info: [chars] Explanation This is an informational message from the XCVR Recommended Action *RECUR* Error Message %PLATFORM-XCVR-6-OIR XCVR-OIR: [chars] Explanation This is an informational message from the XCVR Recommended Action *RECUR* Error Message %PLATFORM-XCVR-6-REMOVAL Transceiver(slot:[dec]/bay:[dec]/port:[dec]) REMOVED Explanation This is an informational message from the XCVR Recommended Action *RECUR* Error Message %PLATFORM-XCVR-7-TRACE XCVR-Trace: [chars] Explanation This is a debuging message from the XCVR Recommended Action *NONE*Platform Messages XFP Messages EM-2038 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 XFP Messages Error Message %PLATFORM-XFP-2-DEV_XFP_COMPLIANCE_ERROR Module compliance error Explanation A compliance error was detected during XFP initialization. A compliance error is due to checksum error, EEPROM CRC error, vendor data error, or decryption error. The XFP is the pluggable optics on the line cards. XFP initialization may happen when linecard boots up, XFP OIR and line card process restart. The optics will not be enabled if an XFP compliance error is detected. Recommended Action Verify that the device is properly inserted. If the issue persists then copy the error message exactly as it appears, and report it to your technical support representative. If possible, also provide the output of the commands ’show controller i/f phy’ and ’show controller i/f internal’ Error Message %PLATFORM-XFP-2-DEV_XFP_SUPPORTED_ERROR Module supported error Explanation A supported error was detected during XFP initialization. A support error is reported when the XFP type can not be determined or it is not supported on the platform. The XFP is the pluggable optics on the line cards. XFP initialization may happen when linecard boots up, XFP OIR and line card process restart. The optics will not be enabled if an XFP supported error is detected. Recommended Action Verify that the device is properly inserted. If the issue persists then copy the error message exactly as it appears, and report it to your technical support representative. If possible, also provide the output of the commands ’show controller i/f phy’ and ’show controller i/f internal’ Error Message %PLATFORM-XFP-3-DEV_XFP_PID_NOT_SUPPORTED Module PID error Explanation A PID not supported error was detected during XFP initialization. A PID not support error is reported when either the PID can not be read it not supported on the platform. The XFP is the pluggable optics on the line cards. XFP initialization may happen when linecard boots up, XFP OIR and line card process restart. Traffic will not be impacted by this error. Recommended Action Verify that the device is properly inserted. If the issue persists then copy the error message exactly as it appears, and report it to your technical support representative. If possible, also provide the output of the commands ’show controller i/f phy’ and ’show controller i/f internal’EM-2039 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Quality of Service (QoS) Messages This section contains all Quality of Service related System Error Messages. The following facility codes are represented in this module: EFCM Messages Error Message %QOS-EFCM-3-ERROR EFCM-Err: [chars] Explanation This is an error message from the EFCM, it indicates that something has gone wrong internally in the EFCM. Recommended Action File a DDTS Error Message %QOS-EFCM-6-INFO EFCM-Info: [chars] Explanation This is an informational message from the EFCM Recommended Action *RECUR* Error Message %QOS-EFCM-7-DEBUG EFCM-Debug: [chars] Explanation This is a debuging message from the EFCM Recommended Action *NONE*Quality of Service (QoS) Messages QOS_EA_TEST Messages EM-2040 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 QOS_EA_TEST Messages Error Message %QOS-QOS_EA_TEST-3-ERROR QoS EA error [chars]: [chars] Explanation The QoS EA process encountered the specified error Recommended Action None Error Message %QOS-QOS_EA_TEST-3-ERROR QoS EA test error ocured at function [chars]: [chars] Explanation The QoS EA test process encountered the specified error Recommended Action None QOS_EA_VERIFY Messages Error Message %QOS-QOS_EA_VERIFY-6-ERROR QoS EA verify policy failed, error [chars]: [chars] Explanation The QoS EA policy verification encountered the specified error Recommended Action Correct the qos policy QOS_FIFO Messages Error Message %QOS-QOS_FIFO-7-DEBUG_INIT_ERROR An error occurred during debug initialization. Error: [chars] Explanation The QoS FIFO dll encountered a problem while initializingg the debug facility. This is not a fatal error. QoS FIFO will continue to execute properly, but will not be able to use the debugging facility. Recommended Action NoneQuality of Service (QoS) Messages QOS_MA Messages EM-2041 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 QOS_MA Messages Error Message %QOS-QOS_MA-3-CAPS_INFO_ADD QoS MA caps add failed: caps: [unsigned int], proto: [unsigned int], ifhandle: [hex], service_policy: [chars], error: [chars] Explanation The QoS MA process encountered the specified error while trying to add the caps. Recommended Action None Error Message %QOS-QOS_MA-3-CAPS_REMOVE QoS MA caps remove failed: caps: [unsigned int], proto: [unsigned int], ifhandle: [hex], error: [chars] Explanation The QoS MA process encountered the specified error while trying to remove the caps. Recommended Action None Error Message %QOS-QOS_MA-3-DPC_REM QoS MA DPC (delete) failed: ifhandle: [hex], caps: [unsigned int], error: [chars] Explanation The QoS MA process encountered the specified error while trying to send a critical operation to the EA. Recommended Action None Error Message %QOS-QOS_MA-3-OP_FAIL [chars] Error [hex]:[chars] Explanation A critial operation attempted by QoS MA has failed. It may affect the proper functioning of QoS features. Recommended Action None. Error Message %QOS-QOS_MA-7-FABQOS_SEND_FAILED The switch-fabric service policy ’[chars]’ was not accepted correctly by the EA. Error: [chars] Explanation The QoS MA process encountered the specified error upon startup or restart. The EA did not process the FABQOS policy correctly. Recommended Action None Quality of Service (QoS) Messages QOS_TXM Messages EM-2042 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS_MA-7-INIT QoS MA initialisation failed in function [chars]: [chars] Explanation The QoS MA process encountered the specified error while initializing the specified facility. If this error occurs, the sysmgr process will restart the QoS MA process. Recommended Action None Error Message %QOS-QOS_MA-7-INVALID_CAPS_STATUS The service policy ’[chars]’ on ’[chars]’, ’[chars]’ is in inconsistent state. Please remove and reconfigure the service policy. Explanation The QoS MA process encountered the specified error in the ’apply’ phase. The incorrect caps type is present in the QOS MA DB. This could be the result of an incorrect operation in the’verify’ phase. Recommended Action None Error Message %QOS-QOS_MA-7-INVALID_ERROR_ARRAY_STATUS The dpc error array ’[hex]’ and caps error array ’[hex]’ have invalid codes at the same index ’[dec]’. Explanation An internal error was encountered while processing QoS configuration. Recommended Action None QOS_TXM Messages Error Message %QOS-QOS_TXM-7-DEBUG_INIT_ERROR A error occurred during debug initialization, err: [chars] Explanation The QOS TXM process encountered an error while initializing the debug facility. This is not a fatal error. QOS TXM will continue to execute properly, but will not be able to use the debugging facility. Recommended Action None Quality of Service (QoS) Messages QOS Messages EM-2043 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS_TXM-7-UNINITIALISE_ERROR An error occurred in initialization sequence for iface: [chars] Explanation The QOS TXM process encountered an error in its initialsation sequence. This is a serious error. QOS TXM functioning correctly is not guranteed depending upon the exact problem in initialisation sequence Recommended Action None QOS Messages Error Message %QOS-QOS-2-MALLOC_FAIL Memory alloc error [chars] [chars] Explanation The router cannot allocate more memory. Recommended Action It may be necessary to free some memory by exiting a program. Error Message %QOS-QOS-3-BW_BUNDLE_ABSOLUTE Absolute values cannot be used for policies configured on Bundle interfaces. Use percentage values instead Explanation If the policy is applied on the bundle interface, the policer/shaper values must be configured in percentages. Recommended Action Reconfigure policy to use percentage values instead of absolute values. Error Message %QOS-QOS-3-BW_SUM_EXCEEDS_100_PC Sum of bandwidth allocated to all classes exceeds 100 percent. Allocated BW : [dec] percent Explanation Allocated bandiwdth total including the default class can not exceed beyond 100%. Recommended Action Reconfigure policy to assign appropriate bandiwdth guarantees. Error Message %QOS-QOS-3-CONNECT_FAIL Server connection failed - [chars]. Error code - [chars] Explanation Connection to some server failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Quality of Service (QoS) Messages QOS Messages EM-2044 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-3-DEBUG_FAIL Error occurred while registering for debugging services Explanation Error occurred while waiting for an event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %QOS-QOS-3-DEF_CLASS_BW_EXCEED_99_PC Sum of bandwidth allocated to non-default classes exceeds 99 percent. Allocated BW : [dec] percent Explanation Allocated bandiwdth total can not exceed beyond 99% as 1% has to be reserved for the default class. Recommended Action Reconfigure policy to assign appropriate bandiwdth guarantees. Error Message %QOS-QOS-3-EA_IIR_ATTACH_FAILURE Error encountered during QoS programming for bundle member [chars] (ifh: [hex]) of bundle CH[hex], direction: [chars], error: [chars] Explanation A member was added to the bundle or it was added earlier and link came up now. This triggers update event and an error is encountered in QoS EA process while handling update event for the bundle member. Recommended Action If its scaled config exhausting h/w resources, try reducing number of targets for QoS policies. Error Message %QOS-QOS-3-EA_IM_CAPS_RESYNC_FAILURE Error encountered during caps resync with IM for interface: [chars] (ifh: [hex]), direction: [chars], error: [chars] Explanation QoS EA encountered an error during resync of QoS capsulations with IM. Recommended Action Try removing the QoS policy on the interface for which this error message is printed from configuration, and then reattach the policy to the interface. Quality of Service (QoS) Messages QOS Messages EM-2045 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-3-EA_ROLLBACK_FAILURE_DURING_MODIFY Error encountered during rollback of policy modification on interface: [chars] (ifh: [hex]), direction: [chars], error: [chars] Explanation QoS EA encountered an error when modifying the policy on an interface, upon which a rollback was attempted on this interface to restore the old policy. There was an error encountered during this rollback too, due to which neither the old policy nor the new policy is applied in hardware for this interface. Recommended Action Try removing the QoS policy on the interface for which this error message is printed from configuration, and then reattach the policy to the interface. Error Message %QOS-QOS-3-EVM_CREATE_FAIL Failed to create event manager Explanation Failed to create event manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %QOS-QOS-3-FABQOS_BWR_UNSUPPORTED With [chars] classes, BWR percent [chars] is not supported in a [chars] class Explanation With HP and BE classes only, only BWR 100 is allowed. With HP, AF and BE classes, BWR 100 is not supported in any Low Priority class. BWR 0 is not supported in any Low Priority class. Recommended Action Reconfigure policy to configure BWR less than 100% and greater than 0% Error Message %QOS-QOS-3-MAX_CLASS_EXCEEDED_FOR_FABQOS Policy exceeds number of classes allowed for FabQoS Explanation Fabric QoS policy can only have a maximum of 3 classes. If the number of classes is more than 3, policy map is rejected. Recommended Action Reconfigure policy map to adjust number of classes Error Message %QOS-QOS-3-ONLY_PRI_OR_BW_REM_PERCENT_ALLOWED Can not configure anything other than priority or bandwidth remaining percent for a fabqos policy Explanation Only priority and bandwidth remaining percent commands are supported for FabQoS policy. Recommended Action Reconfigure policy to use these two commands. Quality of Service (QoS) Messages QOS Messages EM-2046 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-3-OVER_SUBSCRIPTION_OF_MIN_BW_GAURANTEES There is oversubscription of minimum bandwidth guarantees, taking HP bandwidth into account. Bandwidth guarantees may not be met for this policy. Allocated BW : [dec] percent Explanation With high priority class configured and the bandwidth guarantee for the HP taken into account, the interface may have been oversubscribed. This could cause some packets from the class that has bandwidth guarantee configured to be dropped. Recommended Action Reconfigure policy to achieve optimal bandwidth guarantee results. Error Message %QOS-QOS-3-QFIFO_DEBUG_NETIO_INIT_FAIL Failed to Initialize debug netion - [chars] Error : [chars] Explanation Debug initialization failed for NetIO. Debugs may not be printed. Recommended Action Try restarting qos_ma_ea process. Error Message %QOS-QOS-3-UNSUPPORTED_CONFIG_ON_PARENT_CLASS Un-supported configuration on a parent class of a hierarchical policy Explanation WRED and Queue-Limit configuration in a parent class of a hierarchical policy is not supported if the parent class necessitates the creation of a new group or port Recommended Action Remove invalid ’random-detect’ OR ’queue-limit’ statements from the policymap Error Message %QOS-QOS-3-UNSUPPORTED_IP_OR_MPLS_MATCH_CONFIG match on ip or mpls packet fields is not supported on a policy attached to layer2 interface Explanation Matching on layer3 packet fields such as dscp, prec, exp on a service policy attached to an Access Circuit is not supported. Packets received and transmitted on an AC are considered layer2 packets, packet headers beyond L2 are not parsed in the hardware Recommended Action Remove match statements that match on layer3 fields of a packet in the classmaps used by the service policy Error Message %QOS-QOS-3-UNSUPPORTED_L2_MATCH_CONFIG match on mac address is not supported on a policy attached to layer3 interface Explanation Matching on source or destination mac address on a policy attached to layer-3 interfaces such as routed vlan or POS interfaces is not supported Recommended Action Remove invalid match statements in the classmaps used by the service policy Quality of Service (QoS) Messages QOS Messages EM-2047 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-3-UNSUPPORTED_MAC_ADDR_MATCH_CONFIG match on src/dst mac is not supported on output/input l2 service policy Explanation Matching on mac address in an l2 service policy is supported with the following constraints: Match on source mac address is supported only on input l2 service policy Match on destination mac address is supported only on output l2 service policy Recommended Action Remove unsupported match statements in the classmaps used by the service policy Error Message %QOS-QOS-3-UNSUPPORTED_MARKING_CONFIG Invalid marking configuration in service policy attached to layer2 interface Explanation On service policy attached to an AC, marking of certain fields is not supported. The following marking configurations are invalid: Ingress/Egress: ip dscp, ip precedence, mpls exp topmost Egress: mpls exp imposition, qos-group, discard-class Recommended Action Remove invalid ’set’ statements from the policymap Error Message %QOS-QOS-3-UNSUPPORTED_MATCH_COS_CONFIG match cos command is not supported on layer-3 interface egress policies. Invalid Configuration. Explanation ’match cos’ command is not supported on service policy applied to layer-3 interfaces since layer2 encapsulations are removed before packets are sent to egress. Recommended Action Remove invalid ’match cos’ command from class-map Error Message %QOS-QOS-3-UNSUPPORTED_MIN_BW_CONFIG Bandwidth command is not supported on the ingress side. Invalid Configuration. Explanation Bandwidth command is not supported on ingress policies. Instead, configure ’bandwidth remaining’ to assign weights for the different queues. Recommended Action Configure policy without ’bandwidth’ on the ingress. Error Message %QOS-QOS-3-UNSUPPORTED_MULTIPLE_POLICER_ACTIONS multiple set commands in a policer action are not supported Explanation Only one set command is allowed on each of conform, exceed and violate actions of a policer. Recommended Action Remove multiple set commands on policer conform/exceed/violate action Quality of Service (QoS) Messages QOS Messages EM-2048 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-3-UNSUPPORTED_POLICER_MARKING_CONFIG Invalid policer marking configuration in service policy attached to layer2 interface Explanation On service policy attached to an AC, policer marking of certain fields is not supported. The following policer marking configurations are invalid: Ingress/Egress: ip dscp, ip precedence, mpls exp topmost Egress: mpls exp imposition Recommended Action Remove invalid ’police’ statements from the policymap Error Message %QOS-QOS-3-UNSUPPORTED_POLICER_MARKING_L2_COS_CONFIG Invalid policer marking configuration in service policy attached to layer3 interface Explanation On service policy attached to a layer-3 interface, policer marking of layer-2 CoS field is not supported. Recommended Action Remove ’set cos’ action on ’police’ command from the policymap Error Message %QOS-QOS-3-UNSUPPORTED_POLICER_RATE Unsupported policer value used in policymap : [dec] kbps. It must be less than 16 Gbps Explanation Configured policer value can not be more than 16Gbps. Policy map is rejected. Recommended Action Reconfigure policy map to configure appropriate policer value. Error Message %QOS-QOS-3-UNSUPPORTED_Q_LIMIT_CONFIG In order to configure queue-limit for a class, atleast one feature that allocates a separate queue for that class needs to be configured. Explanation If queue-limit command for a class is configured, then that class requires a separate queue (due to h/w implementation). Since the user has not configured any feature for this class that allocates a separate queue for that class, the user is not allowed to configure queue-limit for that class. Recommended Action Configure policy with a feature which allocates a separate queue. Error Message %QOS-QOS-3-UNSUPPORTED_WRED_CONFIG Invalid wred profile type in service policy attached to layer2 interface Explanation On service policy attached to an AC, valid wred profile types are layer2_cos discard-class and default Recommended Action Remove invalid ’random-detect’ statements from the policymap Quality of Service (QoS) Messages QOS Messages EM-2049 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-3-WAIT_ERR Error occurred while waiting for an event Explanation Error occurred while waiting for an event. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %QOS-QOS-3-WRONG_QUANTAS_SPECIFIED Bandwidth remaining should only be specified in multiples of 5 Explanation Bandwidth remaining commnad has a limitation where the percentages can only be specified in multiples of 5. If not, policy map is rejected. Recommended Action Reconfigure policy to configure quantas in multiples of 5 Error Message %QOS-QOS-4-ERR_EVM_EVENT_BLOCK Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process has exited and restarted. Recommended Action No action is required. Process will be automatically restarted. If not recovered, it is a fatal condition If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Error Message %QOS-QOS-4-ERR_EVM_EVENT_BLOCK Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process has exited and restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %QOS-QOS-4-PARENT_HAS_NO_QUEUEING_CONFIG Queueing configuration for all child classes ignored since parent class [chars] has no queueing configuration Explanation Since parent class has no queueing configuration, the queueing configuration in all its child classes will be ignored and the classes will be assigned to default queue. Recommended Action Configure some queueing command like ’shape average percent 100’ in parent class. Quality of Service (QoS) Messages QOS Messages EM-2050 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-4-Q_LIMIT_BELOW_MIN Configured value of queue-limit [dec] has been increased to the minimum permissible value of [dec] bytes Explanation Queue limit must be set to atleast max MTU size of 9216 bytes. Therefore, if configured queue limit is below max MTU size, it will be automatically increased to the minimum permissible value. Recommended Action Configure queue limit to be atleast the minimum permissible value displayed in the syslog message. Error Message %QOS-QOS-4-Q_THRESHOLD_EXCEEDS_MAX [chars] Explanation Ingress and egress queuing asics support a maximum packet buffering capacity of 1 Gbytes. Therefore queue-limit or RED thresholds of greater than 1 Gbytes (1073741824 bytes) cannot be configured and will be automatically set to the maximum permissible value. Recommended Action Please re-evaluate the value of queue-limit and/or RED thresholds since it is unlikely that such a high value is necessary. Error Message %QOS-QOS-4-WRED_THRESH_MORE_THAN_QUEUE_LIMIT Min or max threshold for one or more RED profiles of class [chars] is greater than queue limit ([dec] bytes) Explanation Since min or max threshold is greater than queue limit, RED will not take effect or partially take effect for one or more RED profiles of this class. Recommended Action Set RED min and max threshold to be below queue limit. Error Message %QOS-QOS-5-PARENT_HAS_NO_BW_MIN_CONFIGURED Child class bandwidth minimum is reduced to zero due no minimum bandwidth guarantee in parent Explanation Bandwidth command in a child class requires similar command in the parent class. Otherwise minimum bandwidth guaranteed for child class would be zero Recommended Action Reconfigure policy to assign bandwidth guarantee in the parent class before the gaurantee is given to the child class. Error Message %QOS-QOS-6-EA_DEBUG_INIT_FAIL Failed to initialise debug infra within QoS EA. Error: [chars] Explanation Debug initialization failed within EA. Debugs may not be printed Recommended Action Try restarting QoS EA process Quality of Service (QoS) Messages QOS Messages EM-2051 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-6-EA_LTRACE_INIT_FAIL Failed to initialise ltrace infra within QoS EA. Error [chars] Explanation Ltrace initialization failed within EA. Ltraces may not be printed Recommended Action Try restarting QoS EA process Error Message %QOS-QOS-6-EA_MIPC_NTFN_ACK_FAILURE Error encountered while trying to ACK to an MIPC event notification [unsigned int]. Error [chars] Explanation QoS EA encountered an error while ACKing to an MIPC event Recommended Action Try restarting QoS EA process Error Message %QOS-QOS-6-EA_MIPC_NTFN_HNDLR_FAILURE Failed to process MIPC notification [unsigned int] within QoS EA. Error [chars] Explanation QoS EA encountered an error while processing an MIPC event notification Recommended Action Try restarting QoS EA and/or HFR Platform Manager process Error Message %QOS-QOS-6-MIN_BW_IGNORED_ON_SUBIF Minimum bandwidth configuration ignored in a non-hierarchical policy applied on a sub-interface Explanation Since non-hierarchical policy has been applied on a sub-interface, minimum bandwidth configuration will be ignored for all classes in this policy. Recommended Action Reconfigure policy such that it is a hierarchical policy with class-default as the only parent class and the original non-hierarchical policy as the child policy. Then configure minimum bandwidth in parent class-default. Error Message %QOS-QOS-6-NETIO_SET_PAK_SHAPEQ_FAIL Failed to set packet shape Q to [dec]. Dropping packet. Error: [chars] Explanation Could not set the outgoing queue associated with this packet. As a consequence the packet is being dropped. During normal operation of the system, an occasional (very in-frequent) packet drop in the slow-path is tolerable. Recommended Action No action is required. Quality of Service (QoS) Messages QOS Messages EM-2052 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-6-QFIFO_DEBUG_NETIO_INIT_FAIL Failed to initialise debug infra within the qfifo node on the netio chain. Error: [chars] Explanation Debug initialization failed within the qfifo node on the NetIO chain. Debugs may not be printed. Recommended Action Try restarting netio process Error Message %QOS-QOS-7-CONNECT_FAIL Server connection failed - [chars]. Error code - [chars] Explanation Connection to IMP server failed during process init. Recommended Action No action is required. Process will be automatically restarted. If not recovered, it is a fatal condition. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Error Message %QOS-QOS-7-CONNECT_FAIL Server connection failed - [chars]. Error code - [chars] Explanation Connection to IMP server failed during process init. This could be because QoS EA is - Unable to bind to the IMP server, - Unable to map context to connection ID, - Unable to register callback handler, or - Unable to initialise event handler for connect/ disconnect events The above situations would lead to an inability of QoS EA to process CAPS from MA (via IM/IMP infrastructure), and to a potential disconnect between the hardware/software views of the configured qos policies on the system. Recommended Action No action is required. Process will be automatically restarted. If not recovered, it is a fatal condition If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Error Message %QOS-QOS-7-ERR_EVM_CREATE Failed to create event manager Explanation Failed to create event manager. Recommended Action No action is required. Process will be automatically restarted. If not recovered, it is a fatal condition. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Quality of Service (QoS) Messages QOSEA Messages EM-2053 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOS-7-ERR_EVM_CREATE Failed to setup event manager Explanation Failed to setup event manager. Recommended Action No action is required. Process will be automatically restarted. If not recovered, it is a fatal condition If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *REDUCE* Error Message %QOS-QOS-7-NETIO_SET_PAK_SHAPEQ_FAIL Failed to set packet shape Q - [chars] Error : [chars] Explanation Could not set the queue where this packet is supposed to be queued. As a consequence the packet is being dropped. Recommended Action Try removing the policy and reapplying it. QOSEA Messages Error Message %QOS-QOSEA-3-BWCHG_ERROR QOSEAERR: update bandwidth for ifh [hex] with [dec] [chars] [chars] [chars] Explanation This is an error message from the QoS EA bandwidth changeProcess, it indicates that something has gone wrong internally in the QoS EA during bandwidth change. Recommended Action File a DDTS Error Message %QOS-QOSEA-3-ERROR QoSEA-Err: [chars] Explanation This is an error message from the QoS EA Process, it indicates that something has gone wrong internally in the QoS EA. Recommended Action File a DDTS Error Message %QOS-QOSEA-3-EXIT_ERROR QoSEA-Err: [chars] [chars] Explanation This is an error message from the QoS EA Process, it indicates that something has gone wrong internally in the QoS EA. Recommended Action File a DDTS Quality of Service (QoS) Messages QOSEA Messages EM-2054 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOSEA-3-IMATTR_ERROR QOSEAERR: im_attr_get bandwidth [chars] [hex] Error: [chars] Explanation This is an error message from the QoS EA bandwidth changeProcess, it indicates that something has gone wrong internally in the QoS EA during bandwidth attribute get. Recommended Action File a DDTS Error Message %QOS-QOSEA-3-MSG_CHAN Could not create Msg chan: [chars] error: [chars] Explanation The QoS EA could not create the necessary message channel due to the given error Recommended Action *DDTS* Error Message %QOS-QOSEA-3-MSG_HANDLER_ERR An error occurred in the [chars] message handler Explanation An error occurred during message handling in the indicated message handler Recommended Action File a DDTS Error Message %QOS-QOSEA-3-POLICY_ERROR QoSEA-Err: class:[chars], [chars] Explanation This is an error message from the QoS EA Process, it indicates that something has gone wrong while trying to configure a service policy. Recommended Action *NONE* Error Message %QOS-QOSEA-3-ROLLBACK_ERROR QoSEA-Rollback-Err: [chars] Explanation This is an error message from the QoS EA Process, it indicates that rollback failed in the QoS EA. Recommended Action Pls analyse the resource availability in the LC. Remove and add the qos policy-map for the interface. Error Message %QOS-QOSEA-3-UNHANDLED_MSG The QoS EA received an unhandled message Explanation The QoS EA received a message that it was unable to handle’ Recommended Action *DDTS* Quality of Service (QoS) Messages QOSEA Messages EM-2055 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOSEA-3-UNKNOWN_MSG An unknown message was dispatched to the [chars] message handler: Msg: [hex] Explanation An incoming message was demuxed to the incorrect message handler Recommended Action File a DDTS Error Message %QOS-QOSEA-4-WARN QoSEA-Warn: [chars] Explanation This is a warning message from the QoS EA Process Recommended Action *RECUR* Error Message %QOS-QOSEA-5-NOTICE QoSEA-Notice: [chars] Explanation This is a notice message from the QoS EA Process Recommended Action *NONE* Error Message %QOS-QOSEA-6-BWCHG_LOG QOSEA: updated bandwidth for ifh [hex] with [dec] [chars] [chars] Explanation This is an informational message from the QoS EA Process, it indicates that bandwidth change happened for an interface. Recommended Action *NONE* Error Message %QOS-QOSEA-6-INFO QoSEA-Info: [chars] Explanation This is an informational message from the QoS EA Process Recommended Action *RECUR* Error Message %QOS-QOSEA-6-MSG_ASYNC An Asynchronous message was received Explanation The QoS EA received an asynchronous message. Recommended Action *NONE* Quality of Service (QoS) Messages QOSRM_DLL Messages EM-2056 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOSEA-6-POLICY_INFO QoSEA-Info: class:[chars], [chars] Explanation This is an informational message from the QoS EA Process. It indicates that something can not be configure in service policy. Recommended Action *NONE* Error Message %QOS-QOSEA-7-DEBUG QoSEA-Debug: [chars] Explanation This is a debuging message from the QoS EA Process Recommended Action *NONE* QOSRM_DLL Messages Error Message %QOS-QOSRM_DLL-3-ERROR QoSRM-DLL-Err: [chars] Explanation This is an error message from the QoS RM DLL, it indicates that something has gone wrong internally in the QoS RM dll. Recommended Action File a DDTS Error Message %QOS-QOSRM_DLL-3-MSG_CHAN Could not create Msg chan: [chars] error: [chars] Explanation The QoS RM dll could not create the necessary message channel due to the given error Recommended Action *DDTS* Error Message %QOS-QOSRM_DLL-3-MSG_HANDLER_ERR An error ([chars]) occurred in the [chars] message handler,Msg:[hex] Explanation An error occurred during message handling in the indicated message handler Recommended Action File a DDTS Error Message %QOS-QOSRM_DLL-3-UNHANDLED_MSG The QoS RM dll received an unhandled message Explanation The QoS RM dll received a message that it was unable to handle’ Recommended Action *DDTS* Quality of Service (QoS) Messages QOSRM_DLL Messages EM-2057 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOSRM_DLL-3-UNKNOWN_MSG An unknown message was dispatched to the [chars] message handler: Msg: [hex] Explanation An incoming message was demuxed to the incorrect message handler Recommended Action File a DDTS Error Message %QOS-QOSRM_DLL-3-UNKNOWN_QTYPE Unknown Q-Type in message: [hex] Explanation The QoS RM dll received a message, but was unable to determine which resource the message was intended for because the Q-Type field was incorrect. Recommended Action File a DDTS Error Message %QOS-QOSRM_DLL-4-WARN QoSRM-DLL-Warn: [chars] Explanation This is a warning message from the QoS RM DLL Recommended Action *RECUR* Error Message %QOS-QOSRM_DLL-6-INFO QoSRM-DLL-Info: [chars] Explanation This is an informational message from the QoS RM DLL Recommended Action *RECUR* Error Message %QOS-QOSRM_DLL-6-MSG_ASYNC An Asynchronous message was received Explanation The QoS RM dll received an asynchronous message. Recommended Action *NONE* Error Message %QOS-QOSRM_DLL-7-DEBUG QoSRM-DLL-Debug: [chars] Explanation This is a debuging message from the QoS RM DLL Recommended Action *NONE*Quality of Service (QoS) Messages QOSRM Messages EM-2058 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 QOSRM Messages Error Message %QOS-QOSRM-3-ERROR QoSRM-Err: [chars] Explanation This is an error message from the QoS RM Process, it indicates that something has gone wrong internally in the QoS RM. Recommended Action File a DDTS Error Message %QOS-QOSRM-3-MSG_CHAN Could not create Msg chan: [chars] error: [chars] Explanation The QoS RM could not create the necessary message channel due to the given error Recommended Action *DDTS* Error Message %QOS-QOSRM-3-MSG_HANDLER_ERR Event: [chars] occurred in the [chars] message handler, Msg:[hex] Explanation An error occurred during message handling in the indicated message handler Recommended Action File a DDTS Error Message %QOS-QOSRM-3-UNHANDLED_MSG The QoS RM received an unhandled message Explanation The QoS RM received a message that it was unable to handle’ Recommended Action *DDTS* Error Message %QOS-QOSRM-3-UNKNOWN_MSG An unknown message was dispatched to the [chars] message handler: Msg: [hex] Explanation An incoming message was demuxed to the incorrect message handler Recommended Action File a DDTS Quality of Service (QoS) Messages QOSRM Messages EM-2059 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %QOS-QOSRM-3-UNKNOWN_QTYPE Unknown Q-Type in message: [hex] Explanation The QoS RM received a message, but was unable to determine which resource the message was intended for because the Q-Type field was incorrect. Recommended Action File a DDTS Error Message %QOS-QOSRM-4-WARN QoSRM-Warn: [chars] Explanation This is a warning message from the QoS RM Process Recommended Action *RECUR* Error Message %QOS-QOSRM-6-INFO QoSRM-Info: [chars] Explanation This is an informational message from the QoS RM Process Recommended Action *RECUR* Error Message %QOS-QOSRM-6-MSG_ASYNC An Asynchronous message was received Explanation The QoS RM received an asynchronous message. Recommended Action *NONE* Error Message %QOS-QOSRM-7-DEBUG QoSRM-Debug: [chars] Explanation This is a debuging message from the QoS RM Process Recommended Action *NONE*Quality of Service (QoS) Messages QOSRM Messages EM-2060 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-2061 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Routing Messages This section contains all routing related System Error Messages, such as MPLS, OSPF, BGP, Multicast, MRIB, RIB, and so forth. AIB Messages Error Message %ROUTING-AIB-1-EVENTBLOCK event_block returned early : [chars] (errno equals [dec]) Explanation An unexpected or erroneous return while waiting for events. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AIB-3-EXTRA_UNLOCK Adjacency consumer (Job ID: [unsigned int]) attempted extra unlock on adjacency [hex] (interface handle:[hex],protocol:[unsigned int]) Explanation An unexpected unlock is attempted by adjacency consumer Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages AIB Messages EM-2062 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AIB-4-INDEX_REG_FAIL AIB process cannot register with the platform specific DLL (return equals [dec]) Explanation The AIB process cannot register with the platform specific adjacency index DLL. The adjacency database will not be created. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AIB-4-INDEX_VERSION_FAIL AIB process has detected a version mismatch between itself and the platform DLL (DLL version is [dec], AIB expected [dec]) Explanation The AIB process has detected that the platform specific adjacency indexing DLL has reported a version number that does not match the AIB process version number. Due to this inconsistency, the AIB cannot continue and the system will not be able to process any adjacency information. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AIB-4-LTRACE_ERROR Failed to open trace file: [chars] Explanation The AIB process was unable to open the trace buffer for automatic tracing (show trace adjacency may not work). Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AIB-4-RADIXINIT_FAIL AIB failed to initialize the interface db radix tree ([chars]) Explanation Initialization of the radix tree could not be accomplished because of a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages AUTORP_CRP Messages EM-2063 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AIB-4-SHM_FAIL AIB Shared memory error: [chars] [chars] Explanation The AIB process received an error while trying to initialize the shared memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AIB-4-SYSTEM_FAIL [chars] [chars] (errno equals [dec]) Explanation There was a system call failure resulting in a failure to provide a system service as indicated in the message text. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. AUTORP_CRP Messages Error Message %ROUTING-AUTORP_CRP-3-BAG_RELATED_ERROR Bag related error: [chars] Explanation The Candidate RP had trouble wth Bags. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-EDM_ACCESS_ERROR Sysdb EDM related error: [chars], [chars] Explanation The Candidate RP had trouble accessing SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages AUTORP_CRP Messages EM-2064 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AUTORP_CRP-3-EVENT_CONN_MGR_ERROR Event connection manager error : [chars], [chars] Explanation Failed to open connection to Connection Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-EVENT_MGR_CREATE_FAILED Failed to create an event manager Explanation A problem occurred when a call to event_manager_create() was made. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-GEN_ERROR Error : [chars] failed - [chars] Explanation General Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-IM_RELATED_ERROR A call to [chars] returned [chars] Explanation A problem occurred when a call to IM was made. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-INIT_FAILED Initialization failed : [chars] Explanation autorp_candidate_rp failed to initialize successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages AUTORP_CRP Messages EM-2065 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AUTORP_CRP-3-IPARM_RELATED_FAILURE A call to [chars] returned [chars] Explanation A problem occurred when a call to one of the IPARM APIs was made. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-MALLOC_FAILED malloc() failed : failed to allocate memory to receive messages Explanation A call to malloc() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-SOCKET_ERROR Socket Error : [chars] : [chars] Explanation Socket Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-SYSDB_ACCESS_ERROR Sysdb related error: [chars], [chars] Explanation The Candidate RP had trouble accessing SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-SYSDB_REGISTRATION_FAILED Sysdb registration error: [chars] Explanation The Candidate RP had trouble registering as a notifier with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages AUTORP_MAP Messages EM-2066 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AUTORP_CRP-3-TIMER_ERROR Timer Error : [chars] Explanation Timer Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_CRP-3-TUPLE_ERROR Tuple operation error : [chars] Explanation Tuple operation failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. AUTORP_MAP Messages Error Message %ROUTING-AUTORP_MAP-3-BAG_RELATED_ERROR Bag related error: [chars] Explanation The Mapping Agent had trouble wth Bags. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-DEBUG_ERROR Debug error : [chars] Explanation Debug Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-EDM_ACCESS_ERROR Sysdb EDM related error: [chars], [chars] Explanation The Mapping Agent had trouble accessing SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages AUTORP_MAP Messages EM-2067 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AUTORP_MAP-3-EVENT_CONN_MGR_ERROR Event connection manager error: [chars], [chars] Explanation Failed to open connection to Connection Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-EVENT_MGR_CREATE_FAILED A call to event_manager_create() failed Explanation A problem occurred while calling the event_manager_create() API. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-IM_RELATED_ERROR The function [chars] returned error : [chars] Explanation Failed some IM related operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-INIT_FAILED Initialization failed : [chars] Explanation autorp_mapping_agent failed to initialize successfully. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-INIT_FAILED_ERR ’[chars]’ initialization failed : [chars] Explanation autorp_mapping_agent failed to initialize successfully Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages AUTORP_MAP Messages EM-2068 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AUTORP_MAP-3-IPARM_RELATED_FAILURE A call to [chars] returned [chars] Explanation A problem occurred when a call to one of the IPARM APIs was made. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-MALLOC_FAILED malloc() failed : failed to allocate memory to receive messages Explanation A call to malloc() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-OOR_LIMIT Cache maximum reached: [dec], new group range not added Explanation OOR Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-RTREE_ERROR RTree error : [chars] Explanation Timer Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-SOCKET_ERROR Socket Error : [chars] : [chars] Explanation Socket Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages AUTORP_MAP Messages EM-2069 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-AUTORP_MAP-3-SYSDB_ACCESS_ERROR Sysdb related error: [chars], [chars] Explanation The Mapping Agent had trouble accessing SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-SYSDB_REGISTRATION_FAILED Sysdb registration error: [chars] Explanation The Mapping Agent had trouble registering as a notifier/edm with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-TIMER_ERROR Timer Error : [chars] Explanation Timer Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-AUTORP_MAP-3-TUPLE_ERROR Tuple operation error : [chars] Explanation Tuple operation failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages BGP_VRF Messages EM-2070 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 BGP_VRF Messages Error Message %ROUTING-BGP_VRF-3-DUPLICATE_ID Failed to store [chars] ID [hex] for VRF [chars]. Explanation A ID has been received from RSI that duplicates an existing VRF or table ID. As a result, the new ID has been ignored, and subsequent operation for that VRF will be incorrect. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP_VRF-3-INIT Initialization failed ([chars]%s) Explanation An error occurred while initializing the BGP VRF module. The BPM process will be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP_VRF-3-NOTIFY Failed to apply configuration change for: [chars] ([chars]). Explanation A notification of a configuration change could not be applied, leaving the internal data structures inconsistent with the configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP_VRF-3-RD_APPLY Failed to apply RD configuration change for [chars]. System may now be in an inconsistent state. Explanation The RD value for the VRF failed to be set, leaving the internal data structures inconsistent with the configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2071 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP_VRF-3-RD_PUBLISH Failed to publish RD configuration: [chars]. System may now be in an inconsistent state. Explanation The RD value for a VRF or set of VRFs failed to be published. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BGP Messages Error Message %ROUTING-BGP-2-ADDROUTE Failed to add net [chars] to the BGP table Explanation An error occurred whilst trying to insert a net to the BGP table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-2-BRIB_API_SYNC bRIB API detected loss of sync: invalid [chars] [hex] at [hex] Explanation The data stream between the bRIB and a speaker was corrupted and the receiving process could not interpret the received message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-2-ERR_EVM_EVENT_BLOCK Error in event loop for [chars] thread: [chars] Explanation An error occurred in the event loop. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2072 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-2-ERR_FILE_ATTACH Failed to do [chars] event file attach - [chars] Explanation An error occurred when bgp try to do event file attach. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-2-ERR_MEM_ALLOC Failed to allocate memory for [chars] Explanation The requested operation could not be accomplished because of a low memory condition. BGP may not operate correctly until the process is restarted. Recommended Action Reduce other system activity to ease memory demands, then restart the process. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-BGP-2-ERR_THREAD_DEADLOCK Deadlock detected (thread [unsigned int]): holding: [chars] Explanation BGP detected a lock being held when all locks should have been released. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-2-FATAL_WRAPPER Fatal error: A call to [chars] failed unexpectedly: [chars] Explanation A function call failed unexpectedly - this is probably a system problem Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-2-TRIGGER_FO Triggering switch-over to keep NSR up, Failure reason: [chars] Explanation If nsr switch-over knob is on, active bgp will trigger the switch over in case of tcp failure or bgp failure if nsr is ready and install is not in process. Recommended Action This msg is info only. Analysis should be done if switch-over is not expected. Routing Messages BGP Messages EM-2073 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-AF_LIB_FILE_ERROR Failed to read Address Family data file: [chars] [chars] Explanation ’File/Directory open operation failed, or the data in the file was corrupt’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-AF_LIB_FILE_WRONG_INFO Failed to read Address Family data file [chars]: [chars] on line [unsigned int] Explanation ’The data in the Address Family data file was corrupt’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ALREADY_DONE Cannot [chars]%s: already done Explanation An operation could not be performed because it had already been completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ATTRKEY_BAD Failed to [chars] RIB due to an invalid attribute key number ([hex]) Explanation There is a problem with the attribute key generation routine. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ATTRKEY_CHKPT Failed to checkpoint attribute key Explanation The chkpt library failed to checkpoint the attribute key number. Normal operation of BGP (standalone) or bRIB (distributed) is not impacted unless the process is restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2074 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-ATTRKEY_OVERFLOW Failed to generate a new attribute key for the incoming UPDATE Explanation This is an extremely rare case where the attribute key overflow protection mechanism fails. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-BAD_REFCNT Bad reference count value ([unsigned int]) for [chars] ([pointer]) Explanation ’This indicates a internal data structure inconsistency’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-BPM_AS_INIT As-num is not set yet in bpm and can not apply other config Explanation Should not attempt to publish anything untill AS number is set. Recommended Action This warnning will show up for possible out of order sysdb notification Error Message %ROUTING-BGP-3-BPM_INIT Initialization failed ([chars]%s) Explanation An error occurred while initializing the BGP process manager. If this occurred during process startup or RP Switchover, then the process may be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-BPM_PROCESS_START Failed to start [chars] process (ID: [unsigned int]): [chars] Explanation The BPM failed to start the process in the error message. As a result, the process will not be running. Recommended Action Check that the process is not already running using the ’show process bgp location all’ or ’show process brib location all’ command as appropriate. If the process is not running, attempt to start it using the ’process restart’ command. If other error messages are seen Routing Messages BGP Messages EM-2075 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 along with this one, or when attempting to manually start the process, please consult the documentation for those errors and attempt to rectify them. If problems persist, copy this error message and any others exactly as they appear on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-BPM_PROCESS_STOP Failed to stop [chars] process (ID: [unsigned int]): [chars] Explanation An error occurred when trying to stop the process specified in the error message. As a result, the process may still be running, which could adversely affect the operation of other processes. Recommended Action Check whether the process is still running using the ’show process bgp location all’ or ’show process brib location all’ command as appropriate. If the process is running, kill it using the ’process kill’ command. If problems persist, copy this error message and any subsequent ones exactly as they appear on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-BPM_SWITCH_MODE Failed to switch to [chars] mode: [chars] ([chars]) Explanation An error occurred when switching between standalone and distributed mode. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-BRIB_INIT Initialization failed ([chars]%s) Explanation An error occurred while initializing the BGP RIB. If this occured during process startup or RP Switchover, then the process may be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-BUF_TOO_SHORT A string buffer was too short during a string print operation (string [chars] truncated) Explanation Whilst trying to format a string, the buffer passed in was too short and the string was truncated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2076 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-COMM_DECODE_RDINFO [chars] [unsigned int] [unsigned int] Explanation Standby BGP received invalid Route Distinguisher information from Active BGP. *SUPPORT* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-CONFIG_DEL Notify delete of [chars] failed with warning: [chars], no further action necessary. Explanation A speaker or the bRIB failed to process the removal of some configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-CONFIG_FALLOVER Apply for fast-external-fallover failed: [chars] Explanation A speaker failed to process a configuration change for ’fast-external-fallover’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-CONFIG_SET Notify for [chars] failed with error: [chars], system may now be in an inconsistent state. Explanation A speaker or the bRIB failed to process a configuration change. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-CREATE_REGS Create Registration failed: intfhandle ([unsigned int]) for interface [chars] Explanation ’Create and Delete Registration Failed for the named interface’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2077 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-DEBUG_CONFIG Failed to apply debug configuration: [chars] Explanation An error occurred whilst applying the debug configuration Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-DELPATH Attempted to delete path from empty net [chars] Explanation An attempt was made to delete a path from a net with a path count of 0 Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-DLL_ERROR Failed to [chars] [chars] DLL: [chars] Explanation An error occurred whilst trying to open or initialize a DLL. The process will be restarted if this error occurs during process startup. Recommended Action If the process has been restarted and the problem recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-EDM_INIT_FAILED EDM server initialization failed: [chars]: [chars] Explanation Initialization of the EDM server failed. The process will be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ERR_ALM_API ALM/LSD API: [chars] - [chars] failed Explanation An ALM/LSD API returned an error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2078 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-ERR_ALM_ONE_LABEL Unable to allocate label: [chars] - net [chars] tableid [hex] request type [dec] fpi_err:[hex] Explanation The ALM/LSD API was unable to allocate a requested label. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ERR_GENERAL [chars] Explanation A non-fatal fault occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-EXTCOMM Failed to create extended community: [chars] Explanation The import table list associated with an extended community set could not be created. This can occur if there is insufficient memory to allocate the import table list, or the number of importing tables exceeds the hard coded limit on the number of tables that a route may be imported into. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-EXTCOMM_ADD Failed to add one or more [chars] extended community for table [chars] prefix [chars] Explanation While attaching extended communities to the path attribute we reached the maximum extended community limit and as a result we failed to add one or more extended community to the path attribute. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2079 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-GWCTX_CREATE Failed to [chars] for Gateway Context (VRF [chars], Gateway address-family [chars]) Explanation A software error has occurred whilst trying to initialize gateway context database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-HA_INIT Initialization failed ([chars]%s) Explanation High Availabality initialization failed. If this occured during process startup or RP Switchover, then the process may be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-IFACE_LOOKUP Interface lookup for [chars] Failed: [chars] Explanation Interface manager failed to lookup nexthop interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-IM_DMZLINK_BW Failed to register for DMZ link bandwidth change for neighbor [chars]: [chars] Explanation BGP failed to register with interface manager for DMZ link bandwidth change notifiction for a given neighbor Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-IMPORT_INIT Initialization failed ([chars]%s) Explanation An error occurred while initializing the import thread. If this occurred during process startup, then the process may be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2080 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-INIT_GET_VALUE Failed to obtain [chars] during initialization: [chars] Explanation An error occurred when retrieving a required value during initialization. As a result the BGP process can not initialize. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-INITSYNC_FAILED [chars] Explanation The number of prefixes synced by active doesn’t match the expected count. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-INITSYNC_PFX_MISMATCH [chars] Explanation The number of prefixes synced by active doesn’t match the expected count. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-INSUFMEM Failed to allocate memory for [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-BGP-3-INTERNAL_ERROR Internal error ([chars]) Explanation A non-fatal fault occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2081 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-INVAL_REDUNDANCY_ROLE Initialization failed ([chars]%s) Explanation An invalid Redundancy Role was delivered to BGP. If this occured during process startup or RP Switchover, then the process may be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-IO_INIT Initialization failed: [chars] [chars] ([chars]) Explanation An error occurred while initializing the IO thread in speaker process. The process will be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-IO_INITSYNC_SESSION_FAILED [chars] - for session, retry Explanation A problem occurred in TCP init sync. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-LABEL_INIT Initialization of BGP/LABEL failed ([chars]:[chars]) Explanation An error occurred whilst initialising the LABEL thread. This could be caused by failure to allocate resources or by errors when calling the MPLS label manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-LOCK_RECURSIVE Attempt to recursively lock net [pointer] (lock: [hex]) Explanation A software error has occurred whilst trying to lock a network entry in the BGP Table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2082 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-MALFORM_UPDATE received a malformed UPDATE from [chars], attr code [dec], action [chars] Explanation This message indicates that the UPDATE message contains one or more malformed attributes. Depending on the nature and severity of the error, one of the following actions has been taken: reset the session, or discard the attribute, or treat the UPDATE as withdraw. Recommended Action The last malformed UPDATE is available in ’show bgp neighbor’, and it should be decoded and analyzed. Error Message %ROUTING-BGP-3-MAX_IMPORT No. of importing VRFs exceeds max ([unsigned int]), limited to [unsigned int] tables: (Err: [chars]) Explanation There is a hard coded limit on the number of tables that a route may be imported into. This limit has been exceeded, so the route may not be present in some of the importing tables. The limit is such that this message should not be seen under normal operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-MAX_VALUE_EXCEEDED The value of [chars] ([unsigned int]) exceeds the maximum value: [unsigned int] Explanation The value of an internally computed variable has exceeded the maximum value Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-MIB_INIT Initialization failed ([chars]%s) Explanation An error occurred while initializing the BGP MIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2083 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-NBR_NSR_DISABLED NSR disabled on neighbor [chars] due to [chars] Explanation NSR has been disabled on the neighbor temporarily due to transport issues. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-NEGCOUNTER Negative path or bestpath counter for peer [chars] Explanation The counter value for accepted prefixes is wrong and less than zero Recommended Action The counter can be corrected by resetting the session. However, the only behavior affected by an incorrect counter is enforcement of the ’max-prefix’ command. Error Message %ROUTING-BGP-3-NH_LOCK_RECURSIVE Attempt to recursively lock nexthop [pointer] (lock: [hex], vrf: [chars], afi: [chars]) Explanation A software error has occurred whilst trying to lock a nexthop entry in the BGP nexthop Table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-NH_UNLOCK_ERR Failed to unlock nexthop node [pointer] (nh ’[chars]’, lock [hex], vrf ’[chars]’, afi ’[chars]’, cnt [unsigned int], ln [unsigned int]) Explanation A software error has occurred whilst trying to unlock an entry in the BGP nexthop Table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-NOMEM_RESET Failed to allocate memory for [chars], resetting neighbor Explanation The requested operation could not be accomplished because of a low memory condition. One or more neighbor sessions have been reset to free some memory. Recommended Action In the problem recurs, reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages BGP Messages EM-2084 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-NOMSGCHUNK Failed to allocate [unsigned int] bytes from the memory pool for message of type [unsigned int] Explanation A request was made to allocate a message size for which there was no memory pool large enough. This may indicate a software error in the calculation of the requested size. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-NOPAK_CONN Failed to clean up packet manger connection [chars] Explanation A connection to the packet manager could not be established. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ORA_INSTBUILD Failed to build [chars]: [chars] ([chars]) Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ORA_ORABUILD Failed to build ORA[chars]: [chars] ([chars]) Explanation There was an internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-ORA_RUN Could not apply policy operation [chars] to attribute [chars] because [chars] Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2085 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-OVERCOUNTER [chars] counter overflow Explanation A counter with maximum value was incremented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-PENDING_MSG_ERR [chars] pending [chars] msg [chars] the pending msg list Explanation A problem occurred while adding/removing pending msg. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-QAD_FAILURE QAD failure - [chars] Explanation BGP detected an error condition in QAD. String should contain more info. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-QAD_SEND_ERR QAD send err [chars] - BGP will reintialize NSR Explanation An error occured to send msg to the QAD queue - this trigger nsr resynchronization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-QAD_TIMEOUT QAD timeout - BGP will reintialize NSR Explanation A message is dropped in the QAD queue - this trigger nsr resynchronization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2086 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-RD_CREATE Failed to [chars] for RD [chars], address-family [chars] Explanation A software error has occurred whilst trying to initialize RD node inside BGP Table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-RD_LOCK_RECURSIVE Attempt to recursively lock rdinfo [pointer] (lock: [hex]) Explanation A software error has occurred whilst trying to lock a network entry in the BGP Table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-RD_UNLOCK_ERR Failed to unlock RD node [pointer] (lock: [hex]) Explanation A software error has occurred whilst trying to unlock an entry in the BGP RD Table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-REDIST_FAIL Failed to register with the RIB for redistribution of [chars] [chars] [chars] routes: [chars] Explanation A RIB client library call for redistribution of routes failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2087 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-RIB_CONN_FAIL Failed to open connection to the RIB for address family [unsigned int]: [chars] Explanation The connection to the RIB could not be established and a retry timer could not be started Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-RIB_FAIL Failed to [chars] for [chars] while calling the RIB instance [unsigned int]: [chars] Explanation A RIB library call failed unexpectedly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-RIB_INIT Initialization failed ([chars]%s) Explanation An error occurred while initializing the BGP RIB thread. The process will be restarted if this error occurs during process startup. Recommended Action If the process has been restarted and the problem recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-RIB_INIT_FAIL Initialization to RIB failed for [chars]: [chars] Explanation An error occurred whilst initialising the RIB for a new address family. This could be caused by failure to allocate resources or by errors when calling the Table Resource Manager or the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-RIB_RETRY_FAIL RIB route retry failure: [chars] for [chars] Explanation Some routes were not successfully installed in the RIB. Consequently, an attempt was made to save these routes to retry later. However, an error was encountered during the save attempt. Recommended Action Issue a ’clear route address family sub-address family’ to cause BGP routes to be reinstalled in the RIB. If this does not work, issue a soft or hard reset to all peers. Routing Messages BGP Messages EM-2088 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-RIB_TABLE_FAIL Failed to [chars] for [chars], RIB table [hex] Explanation An error was encountered during some operation for the specified address family and RIB table. This could be due either to a lack of resources or a software problem. Recommended Action Issue a ’clear route address family sub-address family’ to cause BGP routes to be reinstalled in the RIB. If this does not work, issue a soft or hard reset to all peers. Error Message %ROUTING-BGP-3-SCAN_INIT Scanner library initialization failed ([chars]%s) Explanation An error occurred while initializing the scanner library. The process will be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-SPKR_INIT Initialization failed ([chars]%s) Explanation An error occurred while initializing the BGP speaker process. If this occurred during process startup or RP Switchover, then the process may be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-TABLE_CREATE Failed to create table context for the vrf [chars] afi/safi [dec]/[dec]: [chars] Explanation An error occurred when creating the table context for the shown vrf name, afi, safi. As a result table can’t be activated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-TBLATTR_VERSION Unable to propagate table attribute versions for [chars] : [chars] Explanation An internal error was encountered. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2089 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-TIMER_PARENT_CHANGE failed for neighbor [chars], [chars] Explanation There was an error in IOS-XR managed timer library API. *SUPPORT* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-UNDERCOUNTER [chars] counter underflow Explanation A counter with zero value was decremented. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-UNKNOWN_MEMSTATE BGP received a notification about an unknown memory state ([unsigned int]) Explanation BGP received a low memory notification from wdsysmon for an unknown memory state, ie not NORMAL, MINOR, SEVERE or CRITICAL. As a result, no action was taken. Recommended Action Check the memory on the node, and if it is low, take manual action to release memory, eg by resetting some BGP neighbors (using the ’clear bgp’ command). Error Message %ROUTING-BGP-3-UNLOCK_ERR Failed to unlock net [pointer] (lock: [hex]) Explanation A software error has occurred whilst trying to unlock a network entry in the BGP Table database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-3-VRF_CREATE Failed to create VRF context for the vrf [chars] : [chars] Explanation An error occurred when creating the vrf context for the shown vrf name. As a result VRF can’t be enabled. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2090 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-3-VRF_DELETE VRF [chars] still has undeleted table afi/safi [dec]/[dec]. Table will be deleted. Explanation An error occurred while deleting the VRF. An address-family table under the VRF is still not deleted. Ideally all the tables under the VRF should be deleted first before VRF is deleted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-ATTRKEY_INCONSISTENT BGP detected an inconsistency in attribute key generation. Will correct the problem by renumbering all attributes Explanation The attribute key generation routine has gone beyond the checkpointed value. This is a rare condition to occur as the key generation algorithm is very simple. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-BFD_INVALID_NBR Attempt to register BFD session on invalid neighbor: [chars] Explanation Internal error indicating that an attempt has been made to create a BFD session for a neighbor type that is not supported by BFD. Recommended Action The BFD session for the neighbor in the log will not be created. If a BFD session for this neighbor is not required, no further action is needed. To re-attempt creation of a BFD session for this neighbor, remove and re-add the bfd fast-detect configuration for the neighbor. Error Message %ROUTING-BGP-4-CAP_4BYTEAS Capability 4-byte-as suppress misconfigured for neighbor [chars] Explanation Possible misconfiguration with ’capability 4-byte-as suppress’. This configuration can be inherited from either a neighbor-group or a session-group by a neighbor whose remote-as is a 4-byte as number. Suppress should be off for such neighbor. Recommended Action Check the bgp configuration. Remove the ’capability 4-byte-as suppress’ configuration or disable it to prevent getting inherited from the neighbor-group or a session-group Routing Messages BGP Messages EM-2091 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-4-DESTROY_CHUNK Chunk pool [chars] is no longer in use but cannot be destroyed Explanation ’BGP has resized its bit fields, so the old bit field chunks should be ’ ’destroyable. Nonetheless, BGP is unable to destroy the old chunk and, ’ ’hence, cannot release unwanted memory.’ Recommended Action This error will not cause any erroneous behavior, hence no further action is needed to rectify the situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-ENCODE_NET_OVERRUN Encoding [chars] has overrun the msg buffer (writen size [unsigned int], max size [unsigned int]) Explanation Encodeing the net has overrun the msg buffer. It may corrupt some memory. Recommended Action This warnning will showup for possible memory overrun. Error Message %ROUTING-BGP-4-INCONSISTENT Detected inconsistent config state: [chars] Explanation The internal state representing the configuration was invalid, but has now been fixed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-LOCK_ORDER Locking order violation (thread [unsigned int]): [chars] gained while holding: [chars] Explanation BGP detected a violation of lock ordering requirements Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-LOCK_RELEASE Lock released without being held (thread [unsigned int]): [chars] gained [unsigned int], released [unsigned int] Explanation BGP detected a lock being released when it was not held. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2092 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-4-MAXPFXEXCEED No. of [chars] prefixes received from [chars]: [unsigned int] exceed limit [unsigned int] Explanation Number of prefixes received from a neighbor for a given address family has exceeded the limit configured with the ’max-prefix’ command. Recommended Action Check the prefixes received from the neighbor and verify whether the limit should be increased, or the neighbor is sending more prefixes than expected. Error Message %ROUTING-BGP-4-MISSING_SUBGRP Detected missing neighbor AF sub-grp. Correcting: [chars] Explanation BGP detected that a Neighbor AF did not correctly belong to an update sub-group. BGP attempted to correct this error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-POLICY_COMMUNITY_OVERFLOW Community overflow from policy application Explanation Policy tried to add more communities than a BGP route can hold. Recommended Action Find the affected neighbor with ’show bgp community truncated’. Modify policy on the affected neighbor to delete unnecessary communities. Error Message %ROUTING-BGP-4-POLICY_EBGP [chars] operations in [chars] [chars] policy [chars] will be ignored for external neighbor/update-group [chars] Explanation A policy attached to an eBGP neighbor performs operations that are illegal for eBGP routes, such as modifying the local-preference. Recommended Action Modify the policy to avoid the prohibited operations. Error Message %ROUTING-BGP-4-POLICY_IBGP [chars] operations in [chars] [chars] policy [chars] will be ignored for internal neighbor/update-group [chars] Explanation A policy attached to an iBGP neighbor performs operations that are illegal for iBGP routes, such as modifying the AS-path or MED. Recommended Action Modify the policy to avoid the prohibited operations. Routing Messages BGP Messages EM-2093 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-4-POLICY_NHOP_WRONGAFI The policy ’[chars]’ attempted to set a next-hop on [chars] with an unsuitable address type. The next-hop will not be modified. Explanation The specified route-policy (or a policy applied by that policy) is configured - perhaps on a neighbor or for redistribution - and it is attempting to set the next-hop of the specified route to an address that doesn’t match the address-family of the route. For example, it might be setting an IPv6 next-hop on an IPv4 route. Since this does not make any sense, the attempt will be ignored, and the next-hop will not be changed. (Note that this message is rate-limited, so it will not appear for every single route that is affected). Use the command ’show rpl policy name attachpoints’ to determine where this policy is in use. Use the command ’show rpl policy name uses policies’ to determine which other policies this policy applies (since the relevant ’set next-hop’ may be in one of these policies). Recommended Action Modify the policy so that it sets a next-hop that matches the type of route it is modifying. Error Message %ROUTING-BGP-4-POTENTIAL_DEADLOCK Potential for deadlock detected: Locks: [chars] Explanation BGP detected the potential for a deadlock to occur. The process will be restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-RIB_REG_FAIL Failed to register BGP protocol with RIB for [chars]: [chars] (error code: [hex]) Explanation An error was encountered during the RIB registration operation for the specified BGP table. This could be due either to a lack of resources on the router or a software problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-4-SAME_RD_SET Ignored import policy set operation for same RD import on [chars] path received from [chars] Explanation The import policy must not perform set operations on paths, received from a PE neighbor, whose RD is the same as the RD for the importing VRF. The set operation has been ignored. Recommended Action Modify the import policy so that it does not perform the set operation, or use globally unique RDs for VRFs. Routing Messages BGP Messages EM-2094 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-4-SPKR_RUNNING BGP AS number has changed from [chars] to [chars] - bgp (speaker) process will be restarted. Explanation The bpm process was terminated improperly and the speaker process did not receive the notification to terminate. A new bpm process has started with a different AS number due to a new bgp configuration while the speaker process is still running with the previous AS number. Recommended Action The speaker will be restarted to handle this error. No further corrective action is necessary. However, please contact your Cisco technical support representative to report this error. Error Message %ROUTING-BGP-4-UNKNOWN_ACL Unknown ACL action: [unsigned int] Explanation BGP received an unknown action (permit/deny/etc) from the ACL library Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-5-ADJCHANGE neighbor [chars] [chars] Explanation A BGP neighbor has either come up or gone down. This message appears only if the bgp log neighbor changes command is configured for the BGP process. Recommended Action This informational message normally appears as routers and BGP neighbors go up or down. However, unexpected neighbor loss might indicate high error rates or high packet loss in the network and should be investigated. Error Message %ROUTING-BGP-5-BPM_ROUTER_ID No router ID available. Cannot connect to neighbors (retry in [unsigned int] seconds) Explanation IPARM returned no valid router ID. This is due to lack of a global router ID or a loopback interface. Recommended Action Try one of the following: 1) Set up a BGP router ID via the ‘bgp router-id’ command in the ‘router bgp’ configuration mode, or 2) Set up a global router ID via the ‘router-id’ command in the global configuration mode, or 3) Set up a loopback interface with an IPv4 address. Error Message %ROUTING-BGP-5-IO_INITSYNC_FAILED [chars] - set id [hex] Explanation A problem occurred in TCP sync, retry TCP sync. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages BGP Messages EM-2095 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-5-LOWMEM_RESET neighbor [chars] reset due to SEVERE low memory condition - use ’clear bgp [chars]’ to re-enable Explanation A SEVERE low memory condition has been encountered on the node where the BGP process is running, and so to free some memory, BGP has reset a neighbor. BGP will continue to reset neighbors periodically until the low memory condition abates. The neighbors which are reset will be shut down until a ’clear bgp’ command is used to bring them back up. They will not come up automatically when the low memory condition abates - this is to prevent the node oscillating between memory states. Recommended Action Free some memory on the system or correct the condition causing the low memory problem, and then use the ’clear bgp address’ command to re-enable the neighbors that have been shut down. The ’show bgp all all summary’ command can be used to easily see which neighbors are affected. Error Message %ROUTING-BGP-5-LOWMEM_SHUTDOWN BGP is shutting down due to [chars] low memory condition - use ’process restart bgp location node’ to restart Explanation BGP received a notification that CRITICAL low memory state has been entered, or that SEVERE low memory state has been entered while BGP is in READ-ONLY mode, and consequently it has shut itself down in order to free memory. Recommended Action Check the memory on the node, and take steps to free memory or to correct the condition which caused the low memory state. Then restart the process using the ’process restart bgp location node’ command. Error Message %ROUTING-BGP-5-MAXPFX No. of [chars] prefixes received from [chars] has reached [unsigned int], max [unsigned int] Explanation Number of prefixes received from a neighbor for a given address family has reached the warning level configured with the ’max-prefix’ command. Recommended Action Check the prefixes received from the neighbor and verify whether the limit should be increased, or the neighbor is sending more prefixes than expected. Error Message %ROUTING-BGP-5-NSR_STATE_CHANGE Changed state to [chars] Explanation BGP changed its global NSR state. Recommended Action This informational message appears when BGP changes its global NSR state. Routing Messages BGP Messages EM-2096 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-5-POLICY_RESET Policy configuration change on neighbor [chars] requires HARD reset (clear bgp [chars]) to take effect. Explanation Automatic soft reset on policy change is not possible as the neighbor does not support ROUTE_REFRESH and ’soft-reconfiguration inbound’ is not configured. Recommended Action Manually clear affected peer at earliest convenience, in order for policy change to take effect. Error Message %ROUTING-BGP-5-STANDBY neighbor [chars] [chars] Explanation A BGP neighbor has gone down on standby This message appears only if the bgp log neighbor changes command is configured for the BGP process. Recommended Action This informational message normally appears as routers and BGP neighbors go down on standby if nsr is enabled and neighbor goes down because of session flap or the replicated session on standby get torn down Error Message %ROUTING-BGP-5-TBLATTR_UNLOCK_MISMATCH_TBLCTX Wrong table context ([chars], [pointer]) is passed in for table attr [pointer] unlock - correct table context [chars] ([pointer]) Explanation A warning was encountered during some operation for tblattr for a table context. The table context passed in is not same as the table context under which the tblattr is created. Normally this message will not cause any issue. In rarely case it might. The message is added for debug purpose only to help the DE to find such cases. Recommended Action Please include the output of the following commands: - show logging - show dll jobid bgp jobid - get bgp running core file. - show bgp trace Error Message %ROUTING-BGP-6-NBR_NOPOLICY No [chars] [chars] policy is configured for eBGP neighbor [chars]. No [chars] prefixes will be [chars] the neighbor until [chars] policy is configured. Explanation No routing policy has been configured for the specified eBGP neighbor in the given direction (inbound or outbound) for the address family named. To avoid unintended routing effects, no prefixes will be accepted in that direction until some policy is configured. ’Policy’ can be a route-policy, or (for inbound policy) it can be a prefix list. Recommended Action Configure a route-policy for the neighbor in the given direction. If the desired behavior is to accept/send all routes, the route-policy should contain the single statement ’pass’. If the desired behavior is not to accept/send any routes, the route-policy should contain the single statement ’drop’. Routing Messages C12000_IPV4_MRIB Messages EM-2097 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-BGP-6-NSR_RESTART NSR has been restarted - [chars] Explanation BGP has restarted NSR due to the reason shown. There is no impact on forwarding. Recommended Action This message is info only. Error Message %ROUTING-BGP-6-WARNING_WRAPPER Warning: A call to [chars] failed unexpectedly: [chars] Explanation A function call failed unexpectedly - this is probably a system problem Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-BGP-7-BPM_CHKPT Failed to checkpoint allocation of [chars]([chars]) to speaker [unsigned int] Explanation The BPM failed to record the allocation in the checkpoint table. This could cause operational problems if the BPM is later restarted. Recommended Action No further action is necessary unless the BPM restarts. In that case, if problems are seen it may be necessary to deconfigure BGP completely and then reconfigure it. C12000_IPV4_MRIB Messages Error Message %ROUTING-C12000_IPV4_MRIB-3-INIT_ERROR Process initialization failed: ([chars]%s) Explanation MRIB (multicast routing information base) failed to initialize. MRIB is the central routing information base for multicast components. It provides coordination among all multicast routing components and forwarding. The effect is that multicast forwarding will not function. %s - indicates the reason for the failure. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process mrib’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart mrib’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages C12K_MCAST Messages EM-2098 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 C12K_MCAST Messages Error Message %ROUTING-C12K_MCAST-3-CLEANUP_WARN [chars] - [chars] ([hex]) Explanation ’A software exception occurred during the cleanup of the c12000 ’ ’multicast library.’ Recommended Action *SUPPORT* Error Message %ROUTING-C12K_MCAST-3-ERROR [chars] - [chars] Explanation ’A software exception occurred in c12000 multicast library’ Recommended Action *SUPPORT* Error Message %ROUTING-C12K_MCAST-3-INIT_WARN [chars] - [chars] ([hex]) Explanation ’A software exception occurred during the initialization of the c12000 ’ ’multicast library.’ Recommended Action *SUPPORT* Error Message %ROUTING-C12K_MCAST-4-ANOMALY [chars] Explanation ’A software exception occurred in c12000 multicast library’ Recommended Action *SUPPORT* CLNS Messages Error Message %ROUTING-CLNS-2-LC_INPUT Unexpected packet num [unsigned int] received on the LC Explanation CLNS on the LC doesnot process any packet. It will ignore any packets it receives on the LC. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2099 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-ASYNC_ATTACH Failed to setup ingress packet handler for NetIO: [chars] Explanation CLNS encounted errors when initializing its connection with NetIO. Recommended Action CLNS will restart and try to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-BUNDLE_FSV_REGISTER_FAIL CLNS failed to register with packet process for bundle FSV area: [chars] Explanation CLNS failed to register with packet manager for FSV area. It only affects the algorithm used to pick a bundle member. If no bundles are configured for ISIS - this error can be ignored. Recommended Action If the error was seen when a packet process is restarting, then restarting NetIO will help recover from it {or} b If the error is seen in normal conditions it indicates that packet process for some reason is not able to handle the FSV registration request. Please collect the following information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. show tech-support pfi all show process packet location show process netio location show logging Error Message %ROUTING-CLNS-3-CONFIG_INIT Cannot initialize CLNS configuration: [chars] Explanation CLNS could not initialize its configuration mechanism, and all future CLNS configuration will fail. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-CONN_OPEN Failed to open connection for [chars]: [chars] Explanation CLNS encounted errors when opening its connection with the process mentioned in the message. CLNS will reattempt the connection by restarting. Recommended Action CLNS will restart and try to recover. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2100 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-DETACH Socket closing on interface [chars] failed: [chars] Explanation The socket cannot remove an interface when closing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-DLL_REGISTER Registration for ’[chars]’ failed: [chars] Explanation Some internal initializations fail miserably! Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-EDM_CLIENT Error during operation ’[chars]’: [chars] Explanation CLNS EDN client (usually a show command) failled to perform certain operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-EDM_ENCODE_FAILED Bad encoding failed for [chars]: [chars] Explanation CLNS failed encode a bag for EDM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-EDM_INIT Operation ’[chars]’ during EDM initialization failed: [chars] Explanation CLNS show command failed to initialyze the EDM server. ’show’ command will likely fail, although CLNS should be able to operate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2101 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-ERR_DEBUG_PACKET_INIT CLNS NetIO packet debugging failed to initialize. Explanation CLNS failed to initialize packet debugging functions. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-ERR_DEBUG_RETRIES_EXCEEDED Stopping CLNS debug initialization attempts after [unsigned int] tries Explanation CLNS tried to initialize packet debugging functions but was unable to succeed even after a number of attempts. No more attempts will be made. Recommended Action No action is required. Error Message %ROUTING-CLNS-3-ERR_DROP_PKT [chars]. Dropping packet Explanation CLNS encountered an internal error while trying to process a packet (usually for output). As a result CLNS dropped the packet. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-ERR_INTERFACE_DATA CLNS was unable to resolve an interface while installing cap/decap chain. Explanation CLNS was unable to look up local interface information. As a result the system may not be able to send/receive ISIS packets over this interface. This may be due to problems with either CLNS or the forwarding infrastructure. Recommended Action Restarting the CLNS process may clear the error condition. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2102 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-ERR_MEDIA_REGISTER CLNS failed to register media callback with netio: [chars]([dec]) Explanation CLNS failed to register for media callback with netio during initialization. As a result, CLNS will not be able to add its caps and wont receive or send packets. It’s an internal error. Recommended Action Restarting CLNS and/or Netio may clear the error condition. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-ERR_NETIO_ENCAP_CALLBACK CLNS netio encap callback for media caps: [chars]([dec]) failed [chars]([dec]) Explanation CLNS failed to setup encap callback with this particular media or base capsulation. As a result CLNS will not be able to receive CLNS packets on this caps on any interface on this node. Recommended Action Restarting CLNS and/or Netio may clear the error condition. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-ERR_NETIO_SET_MAPPING CLNS netio set mapping for media caps: [chars]([dec]) failed [chars]([dec]) Explanation CLNS failed to setup mapping with this particular media or base capsulation. As a result CLNS will not be able to receive CLNS packets on this caps on any interface on this node. Recommended Action Restarting CLNS and/or Netio may clear the error condition. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-ERR_PARTNER_LOOKUP CLNS-NetIO partner lookup failed Explanation NetIO was unable to initialize the CLNS partner process. As a result the system will not be able to send/receive ISIS packets over interfaces on this line card. Recommended Action Restarting CLNS and/or NetIO may clear the error condition. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2103 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-ERROR_INIT Cannot register CLNS error codes: [chars] Explanation CLNS could not initialize its error code. CLNS will work, but error messages won’t be user friendly! Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-ETHERENCAP Incorrect MAC address length [dec] Explanation The MAC address length provided for the ethernet encapsulation is wrong. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-EVENT_CONN_CREATE_FAIL Error creating ’[chars]’ connection: [chars] Explanation CLNS failed to create a connection to an essential service during initialization. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-EVENT_CONN_NOTIFY_FAIL Error registering for critical events on ’[chars]’ connection: [chars] Explanation During initialization, CLNS failed to register for essential notifications regarding the state of the connection for the specified service. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2104 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-EVM_INIT Error while initializing the [chars]: [chars] Explanation An operation failed during the initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-GET_TRAFFIC Cannot get traffic information: [chars] Explanation CLNS show command failed to get the required information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-HSSD_REGISTER_FAIL CLNS failed to register for an HSSD area: [chars] Explanation CLNS failed to register for an HSSD area. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-INTERFACE Operation ’[chars]’ on CLNS interface [chars] failed: [chars] Explanation CLNS could not initialize its interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-L2INFO_LEN [chars] length is [dec], should be [dec] Explanation The length of the L2 data received is not what it should be. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2105 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-LPTS_ADD_BINDING Couldn’t add clns binding to lpts port arbitrator, error equals [chars] Explanation The clns process was unable to add a binding to LPTS. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-LPTS_DELETE_BINDING Couldn’t delete CLNS binding from Port Arbitrator, result equals [chars] Explanation The clns process was unable to delete a binding from LPTS. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-LPTS_SETOPT Cannot set the LPTS option ’[chars]’: [chars] Explanation An operation failed during LPTS option setting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-PAK Packet operation ’[chars]’ failed: [chars] Explanation An operation failed during packet handling. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-PAK_READ Failed to read data from packet area: [chars] Explanation The clns process was unable to read the input packet. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2106 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-SEND_ASYNC CLNS was unable to wake itself up([dec]) for reading pending packets: [chars] Explanation CLNS is unable to wake up itself to read the pending ingress packets from NetIO. ISIS will not be able to receive these pending packets from CLNS. Recommended Action Restarting CLNS might help. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-SOCK_INIT Socket initialisation task ’[chars]’ failed: [chars] Explanation An operation failed during socket initialisation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-SOCK_SET_NAME Internal socket error on packet reception: [chars] Explanation An operation failed during packet reception. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-SOCKET_PARSE_PATH error encountered when parsing path: [chars] Explanation CLNS was unable to extract the xipc & job id from the socket path. This might cause communication problems between ISIS and CLNS. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-SOCKET_RESMGR_ATTACH Failed to setup the clns socket as a resource manager: [chars] Explanation The clns process failed to advertise itself to the system as a resource manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2107 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-3-STATSD_INIT Cannot connect to the stats server: [chars] Explanation An operation failed during the Stats Server Connection opening. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-STATSD_REGISTER Cannot [chars] with the stats server for interface CH[hex] ([hex]) Explanation An operation failed during the Stats Server Interface registration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-THREAD_CREATE Error starting thread for [chars] processing : [chars] Explanation CLNS failed to create the thread for the operation mentioned in the message. CLNS will try to recover by restarting. Recommended Action CLNS will try to recover by restarting. If it recovers no further action is needed. This error is not expected and very rare. It is usually seen when system resources like memory are very low. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-3-TIMESTAMP Operation ’[chars]’ failed during packet timestamping: [hex] ([chars]) Explanation An operation failed during timestamp processing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2108 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-4-BASE_CAPS_LU_FAIL IM base capsulation lookup for interface CH[hex] ([hex]) failed: [hex], ’[chars]’ Explanation The Interface Manager returned an unexpected error when CLNS attempted to lookup an interface’s base capsulation type. This may be a resource problem but is probably an internal error. Recommended Action Consider restarting the CLNS and/or Interface Manager processes. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-DEBUG_REGISTER_FAIL Failed to register with the debugging subsystem: [hex], ’[chars]’ Explanation CLNS failed to register with the debugging subsystem. If this message has been generated then CLNS debugging may not be available. This may be a system resource problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-ERR_CONN_SETRETRY Error setting the linear retry period for ’[chars]’: ’[chars]’ Explanation CLNS failed to set the linear retry period for connecting to sysdb. We set the retry period in order to avoid immediate reconnection attempt from clns to sysdb server when the latter restarts. This prevents clns from blocking on sysdb and cause any traffic drop. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-ERR_IDB_LOOKUP_DROP_PKT [chars]: Netio IDB not found for interface CH[hex] ([hex]), packet 0x[pointer] dropped Explanation CLNS was unable to find the NetIO IDB for the interface handle in the message. If this is seen during NetIO restart, it could be transient condition that should recover once NetIO is back up with all the IDBs in steady state. If this is seen in steady state, the ISIS adjacency on this interface could be affected. *RECUR* Recommended Action If this message is seen during NetIO restarts and the message is seen only at that time, no further action is needed. If this message is seen during steady state more than once with the ISIS adjancency on this interface being affected, restarting netio process or improxy process might help in redownloading the IDBs to netio. Routing Messages CLNS Messages EM-2109 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-4-GET_MCASTADDR_ERR Failed to get MAC address(im_attr_macaddr_get) for [chars]: [chars] Explanation The process failed to get MAC address from the interface. This can be caused by a faulty hardware. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-IM_CRE_REG_FAIL CLNS interface registration failed for base cap type [chars]: [chars] Explanation CLNS process failed to register an interface with the Interface Manager. This is an internal error. It requires a restart of process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-IM_SERV_BIND_FAIL Failed to bind to the Interface Manager: [dec] Explanation CLNS failed to bind to the Interface Manager control plane. It’s an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-IM_SIGEVENT_FAIL IM control handler setup failed: [chars] Explanation CLNS failed to establish signal event in the Interface Manager control plane. It’s an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2110 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-4-MAC_SIZE_ERR Incorrect MAC address size for [chars] (returned: [dec], expected: [dec]) Explanation MAC address size does not match IEEEBYTES (6 bytes). This can be caused by a faulty hardware. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-NETIO_OUTPUT_FAIL Failed to send packet 0x[pointer] to NetIO on interface CH[hex] ([hex]): [chars] Explanation CLNS was not able to send a packet to NetIO. This could be because of communication problems between CLNS and NetIO. Recommended Action If this message is seen during transient conditions, for example when NetIO is restarting either because of install operation OR because NetIO crashed then it is not harmful unless you see ISIS adjacencies dropping. If it is seen under steady state conditions OR If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-PAK_FROM_ISIS_FAIL Failed to process packet 0x[pointer] from ISIS: [chars] [chars] Explanation CLNS was not able to process a packet from ISIS successfully and hence dropped the packet. Recommended Action This message could be seen under low packet memory conditions and should recover once packet memory becomes available to CLNS. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-PAK_FROM_NETIO_FAIL Failed to process packet 0x[pointer] from NetIO: [chars]:[chars] Explanation CLNS was not able to process a packet from NetIO successfully and hence dropped the packet. Recommended Action This message could be seen under low packet memory conditions and should recover once packet memory becomes available to CLNS. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages CLNS Messages EM-2111 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-4-SEND_HELLO_PDU_TO_ISIS_FAIL Failed to send Hello PDU(0x[pointer]) type [chars] ([hex]) from interface CH[hex]([hex]) to ISIS instance [chars]: [chars] Explanation CLNS was not able to send a hello class PDU to ISIS. This could be because of communication problems between CLNS and ISIS. Recommended Action If this message is seen during transient conditions, for example when ISIS is restarting either because of install operation OR because ISIS crashed then it is not harmful. If the error message says out of memory, it is because of the queue between CLNS and ISIS being FULL which could either be because traffic rate is very high or ISIS might not be reading the packets. If it is seen under steady state conditions OR adjacency flaps are seen on this interface OR If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-SEND_PDU_TO_ISIS_FAIL Failed to send PDU(0x[pointer]) type [chars] ([hex]) from interface CH[hex]([hex]) to ISIS instance [chars]: [chars] Explanation CLNS was not able to send non-Hello class PDU to ISIS. This could be because of communication problems between CLNS and ISIS. Recommended Action If this message is seen during transient conditions, for example when ISIS is restarting either because of install operation OR because ISIS crashed then it is not harmful. If the error message says out of memory, it is because of the queue between CLNS and ISIS being FULL which could either be because traffic rate is very high or ISIS might not be reading the packets. If it is seen under steady state conditions OR If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-TRACE_INIT_FAIL Failed to init debug tracing support : [chars] Explanation CLNS failed to init with the ltrace subsystem. This affects the debuggability of the component. CLNS will attempt to restart to recover from the situtation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-4-UNKNOWN_MEDIA Unknown media ([dec]) on interface CH[hex] ([hex]) Explanation The specified interface media is not supported by CLNS. This means that IS-IS and other CLNS protocols cannot run over the specified interface. This is an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. As a workaround consider using a different encapsulation for the interface. Routing Messages CLNS Messages EM-2112 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-7-CAPS_ADD_FAIL Failed to add CLNS encapsulation to interface CH[hex] ([hex]): [chars] Explanation CLNS failed to add caps to its encapsulation chain. It’s an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-7-CONN_PAK_AREA_FAIL CLNS failed to connect to packet area Explanation CLNS failed to connect to packet subsystem during initialization. As a result, CLNS will not be able to receive or send packets. It’s an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-7-DEBUG_THREAD_CREATE Error starting thread for debug registration: [dec] Explanation CLNS failed to create the thread for debug registration and to handle debug events. Thus, causing unavailability of debugs. But CLNS should continue with the normal functionality, so the process should not exit even if this thread is not created. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-CLNS-7-ERR_L2_HASH CLNS failed to initialize the L2 hash function: [chars] Explanation CLNS failed to initialize the L2 hash function. It’s an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages DAD Messages EM-2113 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-CLNS-7-ERR_STACKMEM Could not alloca [dec] bytes Explanation CLNS failed to allocate stack memory space. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-CLNS-7-IM_ATTR_REG_FAIL Failed to register for notification of MAC address: [chars] Explanation An error was discovered during the Interface Manager MAC address registration. It requires a restart of process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. DAD Messages Error Message %ROUTING-DAD-3-ERR_EVM_ASYNC_ATTACH Unable to listen for events because: [chars] Explanation A failure occured while trying to setup the event listen structure for package un-installs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-DAD-3-ERR_SYSDB_BIND Sysdb bind operation failed because: [chars] Explanation The bind operation has failed for the above reason. This is something that should not occur under normal operations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages DAD Messages EM-2114 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-DAD-3-ERR_SYSDB_DELETE Sysdb delete operation failed because: [chars] Explanation The DAD library attempts to delete the old protocol information before writing out the new information. This delete operation failed for the above reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-DAD-3-ERR_SYSDB_SET The writing of sysdb information failed because: [chars] Explanation The DAD library encountered an error while writing out the policy information for the above reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-DAD-3-ERR_SYSMGR_PROC_AVAILABLE Unable to declare proc available because: [chars] Explanation A failure occured while trying to tell sysmgr that we are available for availability. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-DAD-3-ERR_SYSMGR_PROC_CLEANUP Unable to listen for cleanup notices because: [chars] Explanation A failure occured while trying to ask sysmgr for cleanup events for package un-installs. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages EIGRP_POLICY Messages EM-2115 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-DAD-3-ERR_SYSMGR_PROC_READY Unable to declare proc ready because: [chars] Explanation A failure occured while trying to tell sysmgr that we are ready for processing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-DAD-7-SETUP Invalid setup at [chars]@[dec]: [chars] Explanation There was something illegal about the setup operations that where performed. This should be a straight coding error that will fail everytime and should be cleaned up before releasing the code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EIGRP_POLICY Messages Error Message %ROUTING-EIGRP_POLICY-3-ORA_INSTBUILD Failed to build [chars]: [chars] ([chars]) Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP_POLICY-3-ORA_ORABUILD Failed to build ORA[chars]: [chars] ([chars]) Explanation There was an internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages EIGRP Messages EM-2116 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-EIGRP_POLICY-3-ORA_RUN Could not apply policy operation [chars] to attribute [chars] because [chars] Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EIGRP Messages Error Message %ROUTING-EIGRP-2-ERR_MEM_ALLOC [chars] [dec]: Could not allocate memory for [chars] Explanation There is not enough memory available for the EIGRP process. Recommended Action This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-EIGRP-3-ANCHORCOUNT [chars] [dec]: Anchor count negative Explanation Internal error in the flow control module in EIGRP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-3-BADCOUNT Invalid path count for route [chars], [dec] successors, [dec] paths Explanation A bad reference count has been detected while adding a path for a prefix. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages EIGRP Messages EM-2117 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-EIGRP-3-INTERNAL [chars] [dec]: [chars] Explanation An internal error occured in EIGRP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-3-MULTIFLOW Flow control error, [chars], on [chars] Explanation Error in the flow control algorithm in EIGRP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-3-NOBUFFER No buffers available for [unsigned int] byte packet Explanation EIGRP could not allocate a packet buffer to transmitting a packet. Recommended Action The number of packet buffers available for transmitting EIGRP packets is low. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %ROUTING-EIGRP-3-PAK_WRITE Failed to construct packet to send on [chars]. [chars] Explanation Error in constructing a packet, to be transmitted by EIGRP. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-3-PEERSEXIST [dec] peers exist on [chars] Explanation One or more peers exist on an interface which is being deleted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages EIGRP Messages EM-2118 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-EIGRP-3-PFXLIMIT [chars] [dec]: [chars] prefix limit reached Explanation ’Number of prefixes for eigrp has reached the configured ’ ’or default limit.’ Recommended Action ’Use ’show ip eigrp accounting’ for details on the source ’ ’of the prefixes and take corrective measures.’ Error Message %ROUTING-EIGRP-3-RDBLEFT Interface removed, but route [chars], nexthop [chars] ([chars]), origin [chars], has path Explanation Routes exist over an interface being deactivated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-3-REFCOUNT Negative refcount in packet descriptor 0x[pointer] Explanation Internal reference count error in EIGRP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-3-SIA Route [chars] stuck-in-active state in instance [dec]. Cleaning up Explanation Neighborship was reset to the specified peer, due to a prefix being in stuck-in-active state. Recommended Action Verify that there are no packet drops between the neighbors and the state of the EIGRP prefix in the neighbor. Clear the eigrp neighbor. If the CPU utilization by EIGRP remains high, restart the EIGRP process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-3-UNKTIMER Unknown timer type [dec] expiration Explanation Unknown timer encountered in EIGRP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages EIGRP Messages EM-2119 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-EIGRP-4-ERR_SOCKET Error [chars]setting [chars] option in [chars] Explanation EIGRP was unable to set the specified socket option on the specified interface or VRF. Recommended Action If the message persists, remove and readd the affected interface or VRF and if the problem still persists, restart EIGRP process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-EIGRP-4-PFXLIMITTHR [chars] [dec]: [chars] threshold prefix level reached Explanation ’Number of prefixes in the topology database has reached ’ ’the configured or default threshold level.’ Recommended Action ’Take preventive action by identifying the source of ’ ’the prefixes. Use ’show ip eigrp accounting’ ’ ’for details.’ Error Message %ROUTING-EIGRP-4-WARNING [chars] Explanation There is a subnet mismatch between eigrp neighbors. Recommended Action Verify the primary IPv4 address on both ends of the specified interface. Error Message %ROUTING-EIGRP-5-NBRCHANGE [chars] [dec]: Neighbor [chars] ([chars]) is [chars]: [chars] Explanation An EIGRP neighbor has gone UP or DOWN. Recommended Action No action is required. Error Message %ROUTING-EIGRP-6-EVENT [chars], [chars] Explanation An EIGRP event logged into the trace buffer. Recommended Action No action is required. Routing Messages EVENT Messages EM-2120 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-EIGRP-6-PAK_SEND Failed to send packet on [chars]. [chars] Explanation Failed to send a packet from EIGRP. Recommended Action This can happen if other processes involved in packet forwarding are restarting. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EVENT Messages Error Message %ROUTING-EVENT-3-ERR_MEM_ALLOC No memory, [chars]: [chars] Explanation Allocation of the specified resource failed because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. FIB_ForUs Messages Error Message %ROUTING-FIB_ForUs-3-LIB_DEBUG_INIT The ForUs client library debug failed to initialize, event: [chars], error: [chars] Explanation Initialization of debugging in the ForUs client library failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. FIB Messages Error Message %ROUTING-FIB-1-FIBALLOC [chars]: [chars] Explanation The CEF system could not allocate the data structures needed to initialize a new forwarding table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2121 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-1-FIBTBLINIT CEF table creation failure, id:[dec] [chars] Explanation An internal software error occurred that prevented the creation of a new forwarding table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-BGP_ATTR_INSERT_DROP Attribute [hex] insert failed [hex], [chars]. Explanation FIB is dropping this attribute due to error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-IFH_RECYCLE_CLEANUP_EXT_FAIL IFH-RECYCLE: Quarantined idb extension(0x[pointer])(proto [chars]) for interface [hex] not cleaned up - flags - [hex], ref-count - [dec], nh count - [dec], glean nhinfo 0x[pointer]. Detailed info dump at - [chars] Explanation FIB tried to cleanup an idb on detecting ifhandle recycle to a new interface. However, that failed for some reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-INIT FIB initialization failure: [chars] [chars] Explanation FIB initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2122 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-2-INVALID_MSG FIB thread [chars] received an invalid message: [chars] [unsigned int] Explanation FIB thread got an invalid message so it is exiting Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-NOMEM_ROUTEDROP_ADDMODIFY Dropping add/modify route [chars]/[unsigned int] msg due to low memory. Explanation FIB is not adding or modifying this route due to a low memory condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-NOMEM_ROUTEDROP_DEL Dropping delete route [chars]/[unsigned int] msg due to low memory. Explanation FIB is not deleting this route due to a low memory condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-NOMEMINFO_ROUTEDROP Dropping route [chars]/[unsigned int] due to no knowlege of memory available. err [hex], [chars]. Explanation FIB is dropping this route because it is unable to find the memory available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-NOMEMINFO_SHMERR Dropping routes due to no knowlege of memory available. err [hex], [chars]. Explanation FIB is dropping this route because it is unable to find the memory available. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2123 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-2-OOR CEF has run out of [chars] resource memory. No more route updates will be handled by the CEF. Please delete routes, and then clear the cef on this node to resume normal operation Explanation The fib_mgr process on the node has detected an out of resource condition for the indicated resource. Normal operation cannot resume until routes are deleted and customer does a clear cef on the node. Recommended Action Run show cef resource command and check which resource(s) are running low on memory. Significant routes will have to be deleted followed by a clear cef on the affected node to resume normal cef operation. Error Message %ROUTING-FIB-2-OOR_TBL CEF has run out of table resource memory. This table [hex] could not be created. Please check the memory on the card and then recreate/reconfigure the table when enough memory is available Explanation The fib_mgr process on the node has detected an out of resource condition for the indicated resource. Normal operation cannot resume until routes/tables are deleted and customer does a recreate of the table. Recommended Action Run show cef resource command and check which resource(s) are running low on memory. Significant routes/tables will have to be deleted followed by a reconfiguration of the table. Error Message %ROUTING-FIB-2-PROTO_INIT FIB [chars] protocol initialization failure: [chars] [chars] ([unsigned int]) Explanation FIB initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-ROUTEDROP_UPD Dropping route update to [chars]/[unsigned int] path [dec] interface [hex] Explanation FIB is not processing this route update due to internal error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2124 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-2-SHMRESET resetting shared memory for [chars] Explanation FIB Mgr has crashed repeatedly that exceeds threshold, resetting the shared memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-STATE FIB startup state [chars] failure: [chars] [unsigned int] Explanation FIB initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-2-THREAD_INIT FIB thread [chars] initialization failure: [chars] [chars] ([unsigned int]) Explanation FIB initialization failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-ADD CEF : fail to add route for [chars] [unsigned int] Explanation CEF fails to add a prefix entry. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-ADJ_INIT FIB initialization with the AIB failed [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from working with AIB. Recommended Action Try restarting the fib process to see if the route gets programmed again. LC OIR can be tried as well. Routing Messages FIB Messages EM-2125 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-ATTRIBUTE Attribute operation failed during [chars]: for [chars] ([dec], [chars]) Explanation An internal software error occurred that prevented the FIB from working with attributes. Recommended Action Try restarting the fib process to see if the problem goes away. Error Message %ROUTING-FIB-3-BCDL BCDL failed during [chars] for group [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from working properly with BCDL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-BCDL BCDL failed during [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from working properly with BCDL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-CFGREG Config registration error: [chars] [chars] Explanation An internal software error ocurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.* Error Message %ROUTING-FIB-3-CLIENT CEF CLIENT: [chars] [chars] Explanation CEF client internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2126 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-CLIENT_ERROR [chars] [chars] Explanation A FIB client behaved erroneously or there was an unexpected state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-DEFAULT_ROUTE_CREATE_FAIL Default rolute creation failed [chars] Explanation A route update was skipped because of an internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-DELETE CEF : fail to delete route for [chars] [unsigned int] Explanation CEF fails to delete a prefix entry. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-DUMMY_ZERO_ERR Error while attempting to restore dummy real zero: [hex] [chars] Explanation Cannot restore the dummy real zero route to its original state Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-DUMMY_ZERO_REMOVE Removing ing dummy real zero because of error: [hex] [chars] Explanation Forced to delete because cannot restore the dummy real zero because of error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2127 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-FIBGTRIEINIT Gtrie initialization default value failed, [chars] [chars] Explanation An internal software error occurred that prevented the FIB subsystem from starting Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-GEN_ERR FIB internal error: [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-GTRIE GTRIE failed during [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from working with the tries. Recommended Action Try restarting the fib process to see if the problem goes away. Error Message %ROUTING-FIB-3-GTRIE_DEL Gtrie delete failed, [chars]/[unsigned int] (Err: [hex], [chars]) Explanation An internal software error occurred that prevented the FIB subsystem from removing a route Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-IDB IDB operation for ifh:[hex] failed during [chars]: ([dec], [chars]) Explanation An internal software error occurred for an IDB action. Recommended Action Try restarting the fib process to see if the problem goes away. Routing Messages FIB Messages EM-2128 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-INIT_GR_EXIT_TOUT Timed-out on graceful exit for init failure, exiting ungracefully Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-INTERNAL_ERR An internal processing error/illegal state detected Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-LCL_ATTRIB_MAX_REACHED Local attribute index database max([dec]) reached Explanation The local attribute index database on the LC has reached its max. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-LEAF_DEPEND_CLEANUP_ERR LEAF-DEL-ERR: All dependents of leaf [pointer] did not unlink, leaf-ref-count:[dec] first-dep:[pointer] Explanation This is an unexpecetd state where after leaf deletion, leaf still has some dependent paths pointing to it. This could prevent the leaf from getting freed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-MALLOC_FAILED Heap memory allocation failed from - ’[chars]’ Explanation FIB couldn’t allocate memory for some internal processing. It might be in consistent state. Recommended Action Check memory utilization on the card the error came for and take appropriate steps to reduce it. Routing Messages FIB Messages EM-2129 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-NOMEM Malloc Failure, [chars] Explanation An internal software error ocurred. CEF switching disabled on this slot. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-NOTABLE Failed to find CEF forwarding table [chars] Explanation An internal software error ocurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-PD_FAIL [chars] Explanation This is a catch all PD errors. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-PFI_FIB_IFTYPE_MISMATCH Mismatch in interface type [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-PFI_IFINFO CEF : [chars] ifh:[hex], if:CH[hex] Explanation CEF fails to connect or get information from pfi_ifh server, Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2130 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-PLATF_UPD_FAIL Platform upd failed: Obj equals [chars][ptr equals [pointer],refc equals [hex],flags equals [hex]] Action equals [chars] Proto equals [chars]. Cerr equals [chars] Explanation This is a catch all Platform update errors during development phase. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-RCC CEF : rt_check_send_msg failed: [chars] Explanation CEF fails to send rcc error messages, Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-RCC_NO_TABLE route check to the fib failed table [hex], protocol [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from completing the route check. Recommended Action Try restarting the fib process to see if the route gets programmed again. LC OIR or clear route * can be tried as well. Error Message %ROUTING-FIB-3-RCC_TABLE RCC failed finding [chars] table Explanation The Route Consistency Checker failed finding specified table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-RECURSIVE_LOOP [chars] Explanation This is to catch recursive loops. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2131 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-RETRY retry module failed [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from retrying a failed operation. Recommended Action Try restarting the fib process to see if the route gets programmed again. LC OIR or clear route * can be tried as well. Error Message %ROUTING-FIB-3-ROUTE route update for [chars] (table [hex]) to the fib failed [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from working with route updates. Recommended Action Try restarting the fib process to see if the route gets programmed again. LC OIR or clear route * can be tried as well. Error Message %ROUTING-FIB-3-ROUTE_GEN [chars]: [chars] Explanation An internal software error occurred during route handling. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-RPCINIT Unable to initialize CEF RCP handler: [chars] program [dec] version [dec] protocol [dec] Explanation The CEF system could not initialize an RPC server and therefore cannot handle show and clear commands from the parser. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-SERVER CEF SERVER: [chars] [hex] Explanation CEF server internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2132 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-SERVER_CERR CEF SERVER: [chars] [chars] Explanation CEF server internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-SHM shared memory failed during [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from working properly with shared memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-SHMEM Shared memory failure: error code [dec], [chars] Explanation An internal error ocurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-TABLE table operation failed during [chars]: [chars] Explanation An internal software error occurred that prevented the FIB from working with multiple tables. Recommended Action Try restarting the fib process to see if the problem goes away. Error Message %ROUTING-FIB-3-TE_CREATE_ERR TE-CREATE-ERROR: [chars] Explanation An error occurred during TE programming Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2133 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-3-TE_DESTROY_ERR TE-DESTROY-ERROR: [chars] Explanation A te-tunnel created with DOWN backup was destroyed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-THREAD Thread processing error: [chars] Explanation An internal software error ocurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-3-TIMER Timer module failed [chars]: [chars] Explanation An internal software error occurred that prevented the FIB handling timers. Recommended Action Try restarting the fib process to see if the route gets programmed again. LC OIR or clear route * can be tried as well. Error Message %ROUTING-FIB-4-FIBIDB Missing cef idb for ifh:[hex], CH[hex], during [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-FIBIDB_LOOKUP_FAIL FIB idb lookup failed ifh [hex], if:CH[hex] [chars]: [hex], [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2134 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-4-HA [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-IM_CONN fail to connect to IM [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-INIT IP CEF initialization failure: [chars] Explanation Initialization of CEF failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-LTRACE_ERR Failed to open trace file: [chars] Explanation The FIB process was unable to open the trace buffer for automatic tracing (show trace cef may not work). Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-PFI_IFH_CONN fail to connect to PFI_IFH [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FIB Messages EM-2135 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-4-PFI_IFH_CONN fail to connect to PFI_IFH [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-PFI_IFH_LOOKUP fail to lookup information in PFI_IFH [chars] for ifh [hex] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-PULSE_HNDLR FIB received unidentifiable pulse: proto [unsigned int], opc [unsigned int], [chars] Explanation FIB received a pulse that could not be identified. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-4-RADIXINIT Error initializing IP CEF radix tree Explanation Initialization of the radix tree could not be accomplished because of a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-FIB-4-RSRC_LOW CEF running low on [chars] resource memory. CEF will now begin resource constrained forwarding. Only route deletes will be handled in this state, which may result in mismatch between RIB/CEF. Traffic loss on certain prefixes can be expected. The CEF will automatically resume normal operation, once the resource utilization returns to normal level Explanation The fib_mgr process has detected that average utilization for specified resource has risen above a predefined high watermark value, and has enterred resource contrained forwarding mode. In this mode, the cef will only handle route deletes which may potentially freeup some Routing Messages FIB Messages EM-2136 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 memory. Due to this operational mode, the CEF/RIB will be out of sync. Once routes are deleted and resource utilization level drops to acceptable levels again, cef will come out of this operational mode and resume normal operation. Recommended Action Run show cef resource command and check which resource(s) are running low on memory. Any action that reduces number of routes for this protocol (results in route delete events to free up resources below predefined level) will eventually result in the cef returning to normal operation after few seconds. Error Message %ROUTING-FIB-4-WARNING FIB internal error [chars]: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-FIB-5-ROUTE_UPDATE_DROP [chars] Explanation An internal software error occurred and FIB had to throw away a route update Recommended Action Try restarting the fib process to see if the problem goes away. Error Message %ROUTING-FIB-6-DEBUG_REG IPV4-FIB: Debug registration failed: [chars] Explanation Debug message registration failed Recommended Action No action is required. Error Message %ROUTING-FIB-6-DEPEND_UNBIND_FAILURE Unbind for object type [chars] failed from parent type [chars] - no unbind handler found Explanation FIB internal APIs need/expect an unbind handler, which wasn’t found. This can lead to FIB not cleaning up state on interface delete events. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages FWD_HA Messages EM-2137 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-FIB-6-HARD_RESET [chars] Explanation FIB is restarting with a reset of it’s shared memory to possibly recover from an unrecoverable state Recommended Action None Error Message %ROUTING-FIB-6-RSRC_OK CEF resource state has returned to normal. CEF has exited resource constrained operation and normal forwarding has been restored Explanation The fib_mgr process had previously detected that the hardware,software resources required for cef operation were running low, and had enterred resource constrained forwarding. Now resources have been restored and cef has resumed normal operation. Recommended Action None. FWD_HA Messages Error Message %ROUTING-FWD_HA-4-PROCESS_RESTART [chars] restart_count equals [dec] mode equals [dec] ([chars]) Explanation The process is being restarted either because we failed to initialize or we finished resetting shared memory and we are starting fresh. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HFR_IPV4_MRIB Messages Error Message %ROUTING-HFR_IPV4_MRIB-3-CHKPT_ERR Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages HFR_IPV4_MRIB Messages EM-2138 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-HFR_IPV4_MRIB-3-CHKPT_ERR Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_ADD_ERR Failed to add LC [dec] into FGID [dec]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_ADD_ERR Failed to add LC [dec] into FGID [dec]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_BATCH_ADD_ERR Failed to add batch of LCs into FGIDs: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_BATCH_REMOVE_ERR Failed to remove batch of LCs from FGIDs: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages HFR_IPV4_MRIB Messages EM-2139 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_ERR Failed to [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_ERR Failed to [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_REMOVE_ERR Failed to remove LC [dec] from FGID [dec]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FGID_REMOVE_ERR Failed to remove LC [dec] from FGID [dec]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-FILE_OPEN_ERR Failed to open a file [chars] to dump the [chars] database Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages HFR_IPV4_MRIB Messages EM-2140 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-HFR_IPV4_MRIB-3-IFH_ERR Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-IFH_ERR Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-IM_NAME_ERR im_interface_name error in function [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-IM_NAME_ERR im_interface_name error in function [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-INIT_ERR Failed to [chars] Explanation Init error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages HFR_IPV4_MRIB Messages EM-2141 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-HFR_IPV4_MRIB-3-INTERNAL_ERR Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-INTERNAL_ERR Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-INVALID_FGID_ERR Failed to [chars] : invalid fgid value [hex] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-INVALID_FGID_ERR Failed to [chars] : invalid fgid value [hex] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-MEM_ERR Failed to [chars] for [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IGMP_MTRACE Messages EM-2142 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-HFR_IPV4_MRIB-3-MEM_ERR Failed to [chars] for [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-PERF_ERR Failed to [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-HFR_IPV4_MRIB-3-PERF_ERR Failed to [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IGMP_MTRACE Messages Error Message %ROUTING-IGMP_MTRACE-3-EVENT_ERROR Event error: [chars] in [chars] Explanation Event error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IGMP_MTRACE-3-INIT_ERROR Init error: [chars] Explanation Initialisation error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IGPTE_LIB Messages EM-2143 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IGMP_MTRACE-3-MEMORY_ERROR Memory error: [chars] in [chars] Explanation Memory error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IGMP_MTRACE-3-MSG_ERROR msg error: [chars] in [chars] Explanation Messaging error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IGMP_MTRACE-3-SOCKET_ERROR Socket error: [chars] in [chars] : [chars] Explanation Socket error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IGPTE_LIB Messages Error Message %ROUTING-IGPTE_LIB-3-ERR_BAG_REGISTER Error registering igpte-lib [chars] bags: [hex], ’[chars]’ Explanation IGP failed to register its bag files with the bag library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IGPTE_LIB Messages EM-2144 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IGPTE_LIB-3-ERR_DBG_REGISTER Error registering for IGP debug events: [hex], ’[chars]’ Explanation IGP failed to register with the debug module for printing messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IGPTE_LIB-3-ERR_SYSDB_BIND Failed to bind to SysDB: error [hex] ([chars]) Explanation An error occurrred when accessing the system database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The process must be restarted before it can function correctly. Error Message %ROUTING-IGPTE_LIB-3-ERR_SYSDB_REG_NOTIFY Failed to register for [chars] notifications: error [hex] ([chars]) Explanation An error occurrred when accessing the system database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The process must be restarted before it can function correctly. Error Message %ROUTING-IGPTE_LIB-3-ERR_SYSDB_UNREG_NOTIFY Failed to unregister for [chars] notifications: error [hex] ([chars]) Explanation An error occurrred when accessing the system database Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The process must be restarted before it can function correctly. Error Message %ROUTING-IGPTE_LIB-4-CLIENT_ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Routing Messages IGPTE_LIB Messages EM-2145 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IGPTE_LIB-4-DATA_QUEUE_FULL message queue is full. Cannot accept more element. Explanation Data queue is full and it cannot accept more element. It could be a result of memory limitation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Error Message %ROUTING-IGPTE_LIB-4-ERR_MEM_ALLOC Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. This could be because the topology is too large for the memory installed in the router. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Error Message %ROUTING-IGPTE_LIB-4-INVALID_TLV Data ([dec]) is too big or small([dec]) Explanation Failed to send data due to the limitation of the buffer size. This is an internal error. It requires to reduce the number of interfaces. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Error Message %ROUTING-IGPTE_LIB-4-SERVER_ERR_CLINFO_HOLD Error in saving client’s message channel information Explanation IGP failed to save its client’s message channel information. This could be a result of channel down or resource allocation failure. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Error Message %ROUTING-IGPTE_LIB-4-SERVER_ERR_CLINFO_UNHOLD Error in releasing client’s message channel information Explanation IGP failed to release its client’s message channel information. This could be a result of channel down already. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration..Routing Messages IP_STATIC_BFD_SESSMGR Messages EM-2146 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IP_STATIC_BFD_SESSMGR Messages Error Message %ROUTING-IP_STATIC_BFD_SESSMGR-4-UNSUPPORTED_INTERFACE : [chars] Explanation The nexthop is resolved over an unsupported BFD interface. Recommended Action Pick different nexthop to create the BFD session. IP_STATIC Messages Error Message %ROUTING-IP_STATIC-3-IDB_DELETE Failed to delete idb for interface [chars] from ’[chars]’ thread Explanation The static routing process failed unexpectedly to delete an interface descriptor block from the idb WAVL tree. Recommended Action *SUPPORT* Error Message %ROUTING-IP_STATIC-3-INTERNAL [chars]: [chars] Explanation The static routing process has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-ITAL_EVENT Error processing [chars] event for [chars] from ITAL, table [hex] : [chars] Explanation A static routing process failed unexpectedly when processing an IP address change event. This may lead to spurious or missing connected and local routes in the routing table. Recommended Action *RECUR* Routing Messages IP_STATIC Messages EM-2147 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IP_STATIC-3-ITAL_INTERFACE_CREATE Error handling create event for interface [chars]: [chars] Explanation The static routing process failed to correctly handle a create event for an interface which it was tracking. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-ITAL_TDB_REGISTER_FAILED A static routing process failed function ip_static_ital_vrf_register for table [chars]: [chars] Explanation A static routing process failed to register a table with ITAL. This may lead to routes associcated with a the failed to be added in the routing table. Recommended Action *RECUR* Error Message %ROUTING-IP_STATIC-3-NHDB_DELETE Failed to delete nhdb for next-hop [chars] for table [hex] Explanation The static routing process failed unexpectedly to delete an next-hop descriptor block from the nhdb AVL tree. Recommended Action *SUPPORT* Error Message %ROUTING-IP_STATIC-3-PATH_BP_DELETE Failed to delete backpointer to path [chars]/[unsigned int] from [chars] [chars] Explanation The static routing process failed unexpectedly to delete a path from an interface or next-hop descriptor block’s path backpointer list. Recommended Action *SUPPORT* Error Message %ROUTING-IP_STATIC-3-RIB_BATCH [chars]: Failed to send RIB batch buffer re-populating RIB for table [hex]: [chars] Explanation The static routing process failed unexpectedly to update RIB with a batch of updates. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IP_STATIC Messages EM-2148 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IP_STATIC-3-RIB_CLEAR_PREFIX Error re-installing route after a clear table event for prefix [chars]/[unsigned int] in table [hex]: [chars] Explanation There was an error re-installing a route in the RIB after receiving a ’clear prefix’ event. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-RIB_CLEAR_TABLE Error re-installing routes after a clear table event for table [hex]: [chars] Explanation There was an error re-installing routes in the RIB after receiving a ’clear table’ event. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-RIB_CLEAR_UNKNOWN_PREFIX Received a clear event for unknown prefix [chars]/[unsigned int] in table [hex] Explanation The static routing process received a clear event from RIB for a prefix which it was not tracking. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-RIB_CLEAR_UNKNOWN_TABLE Received a clear event for unknown table [hex] (Prefix [chars]) Explanation The static routing process received a clear event from RIB for a table which it was not tracking. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IP_STATIC Messages EM-2149 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IP_STATIC-3-RIB_ECMP Failed to update RIB after ECMP recalculation for table [hex], prefix [chars]/[unsigned int]: [chars] Explanation The static routing process failed unexpectedly to update RIB after an ECMP recalculation. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-RIB_FETCH Error fetching event from RIB: [chars] Explanation The static routing process failed unexpectedly to fetch a notification event from RIB. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-RIB_FULL Failed to update RIB during full topology download for table [hex], prefix [chars]/[unsigned int]: [chars] Explanation The static routing process failed unexpectedly to update RIB after RIB restarted. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-RIB_INTERFACE Failed to update RIB for table [hex], prefix [chars]/[unsigned int], after receiving interface state event for [chars]: [chars] Explanation The static routing process failed unexpectedly to update RIB after an interface state change event. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IP_STATIC Messages EM-2150 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IP_STATIC-3-RIB_NEXTHOP Failed to update RIB for table [hex], prefix [chars]/[unsigned int] after receiving next-hop resolution event for [chars]: [chars] Explanation The static routing process failed unexpectedly to update RIB after a next-hop resolution event. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-RIB_NEXTHOP_REGISTER Failed to register next-hop notification with RIB for table [hex], prefix [chars]: [chars] Explanation The static routing process failed unexpectedly to register a next-hop resolution event. Future state change events on the next-hop may cause further messages to be generated by the static process. Recommended Action *SUPPORT* Error Message %ROUTING-IP_STATIC-3-RIB_NEXTHOP_UNREGISTER Failed to unregister next-hop notification with RIB for table [hex], prefix [chars]: [chars] Explanation The static routing process failed unexpectedly to unregister a next-hop resolution event. Future state change events on the next-hop may cause further messages to be generated by the static process. Recommended Action *SUPPORT* Error Message %ROUTING-IP_STATIC-3-RIB_TOO_MANY_PATHS Prefix [chars]/[dec]: Maximum path count exceeded. Please remove (next-hop [chars], interface [chars]) from the running configuration. Explanation The maximum allowed number of next-hop paths for a single destination prefix has been exceeded. One or more paths have not been installed in the RIB, and should be removed from the running configuration. Recommended Action Excess next-hop paths should be removed from the running configuration. Routing Messages IP_STATIC Messages EM-2151 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IP_STATIC-3-SHUTDOWN Process is shutting down: [chars] Explanation The static routing process has performed a graceful shutdown and will be restarted. Recommended Action Check to make sure the process has restarted. If not, restart manually Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-3-TDB_DELETE Failed to delete tdb for table [hex]’ Explanation The static routing process failed unexpectedly to delete a table descriptor block from the tdb AVL tree. Recommended Action *SUPPORT* Error Message %ROUTING-IP_STATIC-3-TDB_REGISTER_FAILED A static routing process failed function ip_rib_protocol_register for table [hex]: [chars] Explanation A static routing process failed to register a table with RIB. This may lead to routes associcated with a the failed to be added in the routing table. Recommended Action *RECUR* Error Message %ROUTING-IP_STATIC-3-UPDATE_COMPLETE Failed to send ’update complete’ notification to RIB for table [hex]: [chars] Explanation The static routing process unexpectedly failed an attempt to signal to the RIB that the given table is now in sync Recommended Action Check the routing table to see whether any static routes are missing, and whether the protocol is in sync. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IP_STATIC-6-CONFIG_MAXIMUM_CHANGE The maximum number of configurations for static routes has been changed from [unsigned int] to [unsigned int] Explanation The maximum number of static route configurations which may be entered has been changed. Recommended Action Refer to the configuration guidelines for the maximum allowed limit for static routes Routing Messages IPMC_GTRIE_DEBUG Messages EM-2152 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IP_STATIC-6-NHDB_LOCAL The next-hop [chars] for table [hex] is a local route. The static route(s) that has the matching next-hop will not be installed. Explanation The nexthop of a static route is a local route. This is an invalid configuration. Recommended Action *SUPPORT* Error Message %ROUTING-IP_STATIC-7-ITAL_INTERFACE_EVENT Received a [chars] event for unknown interface [chars] Explanation The static routing process received a change notification event from ITAL for an interface which it was not tracking. Recommended Action Check the routing table to see whether any static routes are missing. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPMC_GTRIE_DEBUG Messages Error Message %ROUTING-IPMC_GTRIE_DEBUG-3-ERR [chars] Explanation This is a catch all error message. It usually means an uncorrectible problem Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPMC_GTRIE_DEBUG-3-INIT_ERR [chars] [dec] [chars] [dec] [chars] Explanation Internal error. GTRIE debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPMC_GTRIE_DEFAULT Messages EM-2153 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPMC_GTRIE_DEBUG-6-TERM_ERR [chars] [dec] [chars] [dec] [chars] Explanation Internal non-serious error. GTRIE debug library termination failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPMC_GTRIE_DEFAULT Messages Error Message %ROUTING-IPMC_GTRIE_DEFAULT-2-FATAL [chars] Explanation Internal error. Usually sever problems such as failing to free memory Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPMC_GTRIE_DEFAULT-3-INIT_ERR [chars] Explanation Error while initializing Gtrie. Initialization failed and aborted Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPMC_GTRIE_DEFAULT-4-INIT_WARN [chars] Explanation Error while initializing Gtrie. Initialization will continue Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPMC_GTRIE_DEFAULT-4-WARN [chars] Explanation Internal error. A significant event but we can still continue Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages IPV4_ADJ Messages EM-2154 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPV4_ADJ Messages Error Message %ROUTING-IPV4_ADJ-3-ADD_DB_MALLOC_FAIL Malloc Failure in trying to add adj for [chars] Explanation An internal software error ocurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_ADJ-3-ENT_UPDATE Update for ifh:[hex], if:CH[hex], [chars] skipped. Reason: either no fib or netio IDB Explanation The layer 2 adjacency could not be installed for the interface. This might cause problems in forwarding traffic to this interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_ADJ-3-L2_LOADHASH_FAIL Could not register ipv4 l2 loadhash function with AIB. Error equals [chars] Explanation Call to register IPv4 l2 loadhash function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_ADJ-3-NO_FIBIDB IP-ADJ: No fibidb Explanation Adding an adjacency to the adjacency database failed. Reason for this failure is no fib IDB Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2155 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_ADJ-4-ADD_DB Update for ifh:[hex], if:CH[hex], [chars] failed. Unable to update database Explanation The layer 2 adjacency could not be installed for the interface. This might cause problems in forwarding traffic to this interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_ADJ-4-LARGE_MAC IP-ADJ([chars]): macaddr change out of bounds Explanation Extra large MAC change Recommended Action No action is required. Error Message %ROUTING-IPV4_ADJ-6-DEBUG_REG ipv4_adj: Debug registration failed: [chars] Explanation Debug message registration failed Recommended Action No action is required. Error Message %ROUTING-IPV4_ADJ-7-INV_MSG_CODE Unknown aib message opcode [dec] Explanation The event manager passed an unknown message code Recommended Action No action is required. IPV4_IGMP Messages Error Message %ROUTING-IPV4_IGMP-3-ARM_UPDATE_ERR Interface [chars][[hex]] has vrf [chars] vrf_id [hex] set, New vrf [chars] vrf_id [hex] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2156 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_IGMP-3-CHUNK_ERR Failed to create chunk for [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-CONTEXT_REG_ERR [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-EDM_INIT ERROR : [chars] - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-GROUP_ADD_ERR [chars]Fail to add [chars] into group database Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-GROUP_ERR [chars]Group [chars] failed: [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2157 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_IGMP-3-GROUP_FIND_ERR Fail to find [chars] in group database Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_ADD_ERR [chars]Fail to add [chars] into database Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_FREE_ERR [chars]Fail to free [chars] from database: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_HANDLE_MISMATCH_ERR [chars]Interface [chars][[hex]][stale [chars]] handle mishmatch, handle in IM update [hex] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_INIT_ERR [chars] - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2158 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_IGMP-3-IDB_LOST_GROUPS_ERR [chars]Local joined groups on [chars] will be lost Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_PRESENT_ERR [chars]Interface [chars][[hex]] is still present in vrf [chars]. check_idb [chars][[hex]] loc [dec] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_STATE_MONITOR_ERR [chars]Fail to monitor interface state of [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_VERIFY_ERR [chars]Interface [chars](context [chars]) doesn’t belong to context [chars], please clear config error Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IDB_VERIFY1_ERR [chars]Interface [chars] has configured under context [chars] already Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2159 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_IGMP-3-IM_BATCH_STATE_ERR [chars]Invalid state for IM state registration batch on [chars] ([chars]) Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-IM_BULK_ERR Failed to [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-INIT_ERR [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-JOIN_IN_SSM_RANGE [chars]%s [chars] in SSM range. Join operation postponed Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-LTRACE_ERR Failed to [chars]: [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2160 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_IGMP-3-MRIB_CONN_ERR MRIB connection error - [chars] in [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-NET_ERR [chars]%s : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-SOCK_ERR [chars]%s : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-SYSDB_BIND_ERR Sysdb Bind error for [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-SYSDB_BSCAN_ERR [chars]Sysdb backend scan failed for [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2161 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_IGMP-3-SYSDB_INIT ERROR : [chars] - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-SYSDB_REG_ERR Sysdb Registration error : [chars] for [chars] [[chars]] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-WDSYSMON_EVENT_ERROR Received an invalid event from WDSysmon Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-3-WDSYSMON_REGISTER_ERROR [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-4-OOM_STATE_THROTTLE Received [chars] memory depletion warning, stop creating new igmp state Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_IGMP Messages EM-2162 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_IGMP-4-OOM_STATE_UNTHROTTLE Node memory back to normal, new igmp states will be created Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-4-OOR_WARN [chars]%s: [dec] Explanation Maximum number of group accepted, either per interface or globally. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-6-ACCESS_GROUP_INFO [chars]ACL applied, removed [chars] from [chars] Explanation ACL applied to interface on which denied groups join previosly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_IGMP-6-IPARMS_UPDATE_ERR Dropping iparms update: type [chars] for [chars] [[hex]] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages IPV4_MCAST_CHKPT Messages EM-2163 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPV4_MCAST_CHKPT Messages Error Message %ROUTING-IPV4_MCAST_CHKPT-3-ERR Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV4_MCAST_NETIO_DEBUG Messages Error Message %ROUTING-IPV4_MCAST_NETIO_DEBUG-3-INIT_ERR [chars] [dec] [chars] [dec] [chars] Explanation Internal error. Multicast NetIO debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MCAST_NETIO_DEBUG-6-TERM_ERR [chars] [dec] [chars] [dec] [chars] Explanation Internal non-serious error. Mcast netio debug library termination failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV4_MFWD_HFR Messages Error Message %ROUTING-IPV4_MFWD_HFR-5-ERR_SYSDB_INIT [chars] : [chars] Explanation The MFWD-HFR library encountered internal error during Sysdb init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD_HFR Messages EM-2164 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD_HFR-5-ERR_SYSDB_INIT [chars] : [chars] Explanation The MFWD-HFR library encountered internal error during Sysdb init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD_HFR-7-ERR_BAG_REGISTRY Couldn’t register bags : [chars] Explanation The MFWD-HFR library encountered internal error during sysdb/edm init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD_HFR-7-ERR_BAG_REGISTRY Couldn’t register bags : [chars] Explanation The MFWD-HFR library encountered internal error during sysdb/edm init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD_HFR-7-ERR_EDM_REGISTER Couldn’t register edm : [chars] Explanation The MFWD-HFR library encountered internal error during EDM init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD_HFR-7-ERR_EDM_REGISTER Couldn’t register edm : [chars] Explanation The MFWD-HFR library encountered internal error during EDM init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD_VKG Messages EM-2165 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD_HFR-7-ERR_GEN [chars] failed : [chars] Explanation MFWD-HFR library encountered error during setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD_HFR-7-ERR_GEN [chars] failed : [chars] Explanation MFWD-HFR library encountered error during setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV4_MFWD_VKG Messages Error Message %ROUTING-IPV4_MFWD_VKG-5-ERR_SYSDB_INIT [chars] : [chars] Explanation The MFWD-VIKING library encountered internal error during Sysdb init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD_VKG-7-ERR_BAG_REGISTRY Couldn’t register bags : [chars] Explanation The MFWD-VIKING library encountered internal error during sysdb/edm init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2166 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD_VKG-7-ERR_EDM_REGISTER Couldn’t register edm : [chars] Explanation The MFWD-VIKING library encountered internal error during EDM init setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD_VKG-7-ERR_GEN [chars] failed : [chars] Explanation MFWD-VIKING library encountered error during setup. The init setup will be retried for finite number of retries. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV4_MFWD Messages Error Message %ROUTING-IPV4_MFWD-3-ADJ_CREATE [chars] [chars] : [chars] Explanation Internal error: Cannot create the adjacency for a particular interface. Will retry for few times Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-BOUNDARY_FAIL [chars] [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2167 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR [chars] Explanation These are unexpected errors Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_AIB_FINT [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_AIB_MAP Failed to map AIB table: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_AIB_ZERO_ALL [chars]: [chars] Explanation We were not able to set all cached adjacencies to zero when we got ELIBBAD from AIB Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_DEBUG_INIT_EVENT Failed to initialize and chain together the debug event discriptors : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2168 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR_DEBUG_REG Sysdb registration for debug config failed : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_ASYNC_ATTACH [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_CREATE Event connection create for [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_NOTIFY Event connection notify for [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_OPEN Event connection open for [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2169 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_SETRETRY Event connection setretry for [chars] failed: [chars] Explanation Error while setting event connection setretry. This will cause ipv4_mfwd_partner and ipv6_mfwd_partner processes to exit. When process exists, sysmgr will automatically respawn the process for some number of times. If it still fails, process remains in the exit state. This will impact multicast forwading. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_CREATE Cannot create event manager : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_INIT_EVENT [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_TIMER_ATTACH [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_EVM_TIMER_LEAF_NEW [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2170 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR_IDB_INIT Cannot intitialize IDB library : [chars] Explanation Failed while initializing IDB library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_IFH Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_IFH_BIND Failed to initialize pfi ifh connection: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_IFH_INIT Failed to initialize IFH server : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_IFH_UNBIND Failed to [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2171 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR_IM_CNTL_SVR_BIND Failed to initialize im control server connection: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_IMC_CAPS_DATAPATH_CONTROL im_caps_datapath_control error for [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_MEM_ALLOC [chars] Explanation These are unexpected errors Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_MEM_ALLOC_ARM_IDB failed to allocate mem for arm idb ifhandle [hex] Explanation The requested operation could not be accomplished because of a low memory condition. ipv4/ipv6_mfwd_partner may not operate correctly until the process is restarted. This will impact multicast forwarding. Recommended Action Reduce other system activity to ease memory demands, then restart the process. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-IPV4_MFWD-3-ERR_MLIB_INIT [chars] [chars] Explanation Failed while initializing multicast library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2172 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR_MRIB_INIT Failed to initialize MRIB connection : [chars] failed : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_NSF_INIT Failed to initialize Multicast NSF : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_PAK_CLIENT_CONN Failed to initialize packet connection: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SHMWIN [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BAG_DECODE Error in bag decoding : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2173 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BAG_FREE_INDIRECTIONS Error in bag free : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BAG_REG Couldn’t register bags : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BSCAN SysDB operation [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_DATALIST_FREE Error in datalist free : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_DATALIST_NEXT Error in datalist next : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2174 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_EDM_FNS_INIT SysDB operation [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_EDM_REG SysDB operation [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_REG_NOTIFY SysDB operation [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-ERR_SYSDB_REG_VERIFY SysDB operation [chars] failed: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-EXIT Unexpected exit Explanation Internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2175 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-GEN_ERR [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-GROUP_ERR [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-HA [chars]: [chars] Explanation error while doing an HA operation (e.g. starting frequent restart monitor) Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-IARM_ERR [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-IDB_FAIL [chars] operation failed on [chars] [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2176 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-IM_LOOKUP_FAILED IM lookup failed for [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-INSTALL [chars] : [chars] Explanation Error while performing upgrade/downgrade/install operation Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-LRD_ERR [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-MAX_CONN_RETRY Cannot connect to [chars] using event conn Mgr after [dec] retries: [chars] Explanation Reached the maximum number of retries to connect to server using event conn Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-MAX_DISABLE_RETRY Failed to disable multicast after [dec] retries: [chars] Explanation Reached the maximum number of retries to disable multicast Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2177 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-3-MAX_ENABLE_RETRY Failed to enable multicast [dec] retries: [chars] Explanation Reached the maximum number of retries to enable multicast and Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-TABLE_OPERATION_FAIL [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-TABLE_OPERATION_FAIL_GLACIAL [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-TRANSACTION_PENDING_FLAG [chars] : [chars] Explanation Failed to clear, set, or get transaction pending flag. That can only happen if the APIs to do that are called before shared mem window is opened, or if thereis a bug Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-3-TTL_CFG_FAIL [chars] [chars]: [chars] Explanation Failed to apply a TTL threshold config. The operation will be retried. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2178 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-4-ADJ_CREATE_RETRY [chars] [chars] : [chars]. Retrying Explanation Internal error: Cannot create the adjacency for a particular interface. Will retry for few times Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-CLEAN_ALL_FAIL [chars] [chars] Explanation Failure while doing all reource cleanup Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-ERR_AIB_UPDATE Failed to [chars] AIB for interface [chars] : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-ERR_LTRACE_INIT [chars] [chars] Explanation Error ocured while enabling mcast Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-ERR_MRIB_INIT_RETRY Failed to initialize MRIB connection in [chars]. Retrying later: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2179 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-4-ERR_MRIB_SEND_RESPONSE_RETRY Failed to post signal to MRIB in [dec] retries. Reseting connection: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-ERR_RETRY_INIT [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-ERR_RETRY_TRANS_INIT [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-ERR_RETRY_TRANS_REG [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-ERR_RETRY_TRANS_SPEC_INIT [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2180 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-4-FROM_MRIB_UPDATE MFIB couldn’t process update from MRIB : [chars] - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-FROM_MRIB_UPDATE_GLACIAL MFIB couldn’t process update from MRIB : [chars] - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-SVD_ERR [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-TERMINATE [chars] [chars] Explanation Error ocured while disabling mcast Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-4-TO_MRIB_MDT_UPDATE MFIB couldn’t post MDT upd to MRIB: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2181 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-4-TO_MRIB_UPDATE MFIB couldn’t post update to MRIB: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-CLEAN_ALL [chars] [chars] Explanation Information regarding all resource cleanup Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-ERR_SHMWIN_MUTEX [chars] : [chars] Explanation NetIO or Mfwd terminated while holding shared mem mutex. Recovery action will be taken Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-IP_ADDR_RETRY [chars] [chars] Explanation APplying one or more IP address configs may have failed. We will retry them. This is a not a problem unless it keeps showing up continuously. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-MCAST_DISABLED [chars] [chars] Explanation Most likely mfwd restarted and while it was down mcast was disabled. The other possibility is that mfwd retsarted while disabling mcast. In either case, when mfwd comes up, it will find that mcast is already disabled. Hence it will log this message and exit normally Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2182 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-5-MFIB_RESET [chars] : [chars] Explanation Got notification that the the MFIB has been reset. Will clear MFIB and restart Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-MRIB_UPDATE_RETRY [chars] [chars] Explanation Processing one or more updates may have failed. We will retry them. This is a not a problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-PER_PREFIX [chars] [chars] Explanation Error while enabling/disabling per route accounting for a route Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-PER_PREFIX_GLACIAL [chars] [chars] Explanation Error while enabling/disabling per route accounting for a route Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-ROUTE_UPDATE_FAIL [chars] Restarting to recover. Explanation Was not able to commit at least one route after retrying for the maximum number of times. In this case, mfwd will restart in an attempt to recover. This is not an error. It just indicates that mfwd is restarting to recover from possible stale route problem. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MFWD Messages EM-2183 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MFWD-5-TABLE_PER_PREFIX Cannot [chars] per prefix accounting for table [chars]. [chars] [chars] Explanation Error while enabling/disabling per route accounting in a table Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-TABLE_PER_PREFIX_GLACIAL Cannot [chars] per prefix accounting for table [chars]. [chars] [chars] Explanation Error while enabling/disabling per route accounting in a table Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-TABLE_ROUTE_RATE Cannot [chars] rate for routes for table [chars]. [chars] [chars] Explanation Error while enabling/disabling per route rate in a table Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-TABLE_ROUTE_RATE_GLACIAL Cannot [chars] rate for routes for table [chars]. [chars] [chars] Explanation Error while enabling/disabling per route rate in a table Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MFWD-5-UPGRADE_AFFECT_TRAFFIC [chars] [chars] Explanation Most likely some one tried to upgrade/downgrade mfwd while we’re not connected to NetIO. In this case, teh upgrade will wipe out all MFIB and traffic will be disrupted Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages IPV4_MLIB_DEBUG Messages EM-2184 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPV4_MLIB_DEBUG Messages Error Message %ROUTING-IPV4_MLIB_DEBUG-3-ERR [chars] Explanation This is a catch all error message. It usually means an uncorrectible problem Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB_DEBUG-3-INIT_ERR [chars] [dec] [chars] [dec] [chars] Explanation Internal error. MLIB debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB_DEBUG-6-TERM_ERR [chars] [dec] [chars] [dec] [chars] Explanation Internal non-serious error. MLIB debug library termination failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV4_MLIB Messages Error Message %ROUTING-IPV4_MLIB-3-DATAPATH_CONTROL im_caps_datapath_control error in function [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_MLIB Messages EM-2185 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MLIB-3-DELETE_FAIL Delete Failed for ([chars] [chars]/[dec]) from [chars] table [chars] Explanation Internal error. Deleting an entry from ingress or egress failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB-3-EVENT_CONN_MGR Cannot open event connection manager: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB-3-EVENT_MGR Cannot create event manager: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB-3-SHMWIN_ERR [chars] [chars]: [chars] Explanation Error while doing shmwin operation Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB-3-STATE_ERR [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2186 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_MLIB-5-PER_PREFIX [chars] [chars] Explanation Error while enabling/disabling per route accounting for a route Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB-5-PER_PREFIX_GLACIAL [chars] [chars] Explanation Error while enabling/disabling per route accounting for a route Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB-5-SVD [chars] Explanation Error while enabling/disabling per route accounting in a table Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_MLIB-5-TABLE_PER_PREFIX Cannot [chars] per prefix accounting for table [chars]. [chars] [chars] Explanation Error while enabling/disabling per route accounting in a table Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV4_PIM Messages Error Message %ROUTING-IPV4_PIM-3-ACL_APPLY_ERR Failed to apply ACL for [chars] - [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2187 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ACL_GETLIST_ERR Cant get ACL for RP config [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ACTIVE_GRANGE_ERR [chars]Invalid state - active grange in mrib [chars]/[dec] RP - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-BGP_ENS_ERROR PIM BGP communication [chars], [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-CONTEXT_CREATE Failed to create PIM context for vrf [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-CONTEXT_INIT [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2188 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-CONTEXT_REGISTRATION Ital init failed [dec] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_CHKPT_REGISTER [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_CHUNK_CREATE [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_DEBUG_REGISTER [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_ASYNC_ATTACH [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2189 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_ASYNC_SEND Error sending async message to [chars] thread during [chars] with pulse code [dec]: error equals [dec]([chars]) Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_CREATE [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_EVM_HANDLER [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_NOTIFY [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_OPEN [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2190 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_SETRETRY [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_EVENT_INIT [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_EVM_MESSAGE_ATTACH [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_IM_BATCH_STATE [chars]Invalid state for IM state registration batch on [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_IM_BULK Failed to [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2191 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ERR_IM_CAPS_ADD Interface Manager error - [chars] [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_IM_CAPS_DATAPATH_CONTROL Interface Manager error - [chars] [chars] : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_IM_INTERFACE_CREATE [chars]Interface Manager error - [chars] [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_IM_INTERFACE_DELETE [chars]Interface Manager error - [chars] [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_INIT [chars]%s : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2192 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ERR_LIST [chars]List error : [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_LTRACE_INIT ltrace_init failed for ’[chars]’: [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_MAX_PATH [chars]RIB max path exceeded for [chars], total paths: [dec], reset to maximum Explanation A software error has occurred while trying to read out the checkpointed rpf data. PIM rpf info may be incorrect Recommended Action Check show pim rpf output for correctness Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_MEM_ALLOC [chars]for [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_MGD_TIMER_GET_ROOT [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2193 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ERR_MGD_TIMER_NEW [chars]%s : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_MRIB_BIND [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_MRIB_CONN MRIB connection error - [chars] : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_MRIB_UNBIND [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_NSF_INIT [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2194 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ERR_PAK_CLIENT_CONN [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_SYSDB_BAG_DECODE Error in bag decoding : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_SYSDB_BAG_FREE_INDIRECTIONS Error in bag free : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_SYSDB_DATALIST_FREE Error in datalist free : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_SYSDB_DATALIST_NEXT Error in datalist next : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2195 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-ERR_SYSMGR_READY [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_SYSMGR_REGISTER [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_WDSYSMON_EVENT Received an invalid event from WDSysmon Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-ERR_WDSYSMON_REGISTER [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-GEN_ERR [chars]Error - [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2196 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-IDB_HANDLE_MISMATCH_ERR Interface handle mismatch, handle in IM update [chars]:[hex], handle in PIM [chars]:[hex] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-IDB_INIT [chars]%s : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-IDB_VRF_BIND [chars]Interface [chars] belongs to context [chars]. Please clear the config error Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-INTF_FWD_REF_ERR [chars]Interface Forward Reference Store error - [chars]: [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-INVALID_MHOST_DEFAULT [chars]Interface [chars] should not be configured as mhost default Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2197 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-MDR_INIT [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-MULTICAST_IGP_MTR [chars] [chars] multicast topology incorrect sysdb deletes received, refcount [dec] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-MULTICAST_INTACT [chars]%s multicast intact incorrect sysdb deletes received, refcount [dec] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-NET_ERR [chars]%s : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-OOR_COUNTER_ERR [chars]OOR [chars] counter has turned negative: [dec] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2198 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-3-PROTOCOL_ERR [chars]%s - [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-RP_INIT [chars]%s : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-3-SRC_UPDATE_ERR Error in [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-CFG_WARNING [chars]%s Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-ITAL_CREATE_WARN ITAL create notification for table with pending cleanup old vrf_id [hex], table_id [hex] : route count [dec] : new vrf_id [hex] table_id [hex] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2199 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-4-MIB_GROUP_TREE_ERR [chars]Failed to [chars] [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-MYADDR_DB_ERR [chars]Failed operation: [chars] for [chars] - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-OOM_STATE_THROTTLE Received [chars] memory depletion warning, stop creating new pim state Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-OOM_STATE_UNTHROTTLE Node memory back to normal, new pim states will be created Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-OOR_REGISTER_OK [chars]The number of PIM Register states ([unsigned int]) is now below the maximum. Normal PIM Register handling will resume. Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2200 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-4-OOR_REGISTER_THRESHOLD_WARN [chars]The threshold number of PIM Register states ([unsigned int]) has been reached. Register state creation will soon be throttled. Configure a higher maximum or take steps to reduce Register state. Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-OOR_REGISTER_WARN [chars]The maximum number of PIM Register states ([unsigned int]) has been reached. Register state creation will be throttled. Configure a higher maximum or take steps to reduce Register state. Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-OOR_ROUTES_OK [chars]The number of PIM routes ([unsigned int]) and route-interfaces ([unsigned int]) are now below the maximum. Normal PIM route handling will resume. Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-OOR_ROUTES_THRESHOLD_WARN [chars]The threshold number of PIM routes ([unsigned int]) or route-interfaces ([unsigned int]) has been reached. Route creation will soon be throttled. Configure a higher maximum or take steps to reduce multicast state. Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4_PIM Messages EM-2201 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-4-OOR_ROUTES_WARN [chars]The maximum number of PIM routes ([unsigned int]) or route-interfaces ([unsigned int]) has been reached. Route creation will be throttled. Configure a higher maximum or take steps to reduce multicast state. Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-4-RANGE_INIT [chars]%s in [chars] : [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4_PIM-5-INTCHG [chars]PIM interface [chars] [chars] Explanation PIM interface state change message. Recommended Action No action is required. Error Message %ROUTING-IPV4_PIM-5-INVALID_JP [chars]PIM invalid (*, [chars]) J/P message from [chars] with RP address [chars] Explanation PIM invalid J/P notification. Recommended Action No action is required. Error Message %ROUTING-IPV4_PIM-5-INVALID_REGISTER [chars]PIM invalid register message from [chars] for group [chars] RP address [chars], [chars] Explanation PIM invalid register message notification. Recommended Action No action is required. Routing Messages IPV4MC_STATIC Messages EM-2202 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4_PIM-5-NBRCHG [chars]PIM neighbor [chars] [chars] on [chars] [chars] Explanation PIM neighbor state change message. Recommended Action No action is required. Error Message %ROUTING-IPV4_PIM-5-RP_MAPPING_CHG [chars]PIM [chars] for [chars]/[dec] RP [chars] proto [chars] Explanation PIM RP mapping change notificaiton. Recommended Action No action is required. IPV4MC_STATIC Messages Error Message %ROUTING-IPV4MC_STATIC-7-ERR_CERR_V [dec] [chars] [chars] Explanation Internal error. Cannot Register with CERR_V subsystem Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_CERR_V [dec] [chars] [chars] Explanation Internal error. Cannot Register with CERR_V subsystem Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_DEBUG_INIT [chars] [dec] [chars] Explanation Internal error. Static Mcast debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4MC_STATIC Messages EM-2203 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4MC_STATIC-7-ERR_DEBUG_INIT [chars] [dec] [chars] Explanation Internal error. Static Mcast debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_EVENT_INIT Cannot Initialize sigevent structure: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_EVENT_INIT Cannot Initialize sigevent structure: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_EVM_CREATE Event Manager creation Failed: [chars] Explanation Internal error. Failed while creating event manager Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_EVM_CREATE Event Manager creation Failed: [chars] Explanation Internal error. Failed while creating event manager Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4MC_STATIC Messages EM-2204 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4MC_STATIC-7-ERR_IDB_INIT Cannot initialize IDB list: [chars] Explanation Internal error. Cannot create initialize IDB list Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_IDB_INIT Cannot initialize IDB list: [chars] Explanation Internal error. Cannot create initialize IDB list Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_INTF Error [chars] [chars] Explanation Internal error. Error while doing IM or IDB stuff Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_INTF Error [chars] [chars] Explanation Internal error. Error while doing IM or IDB stuff Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_MRIB [chars]: [chars] Explanation Internal error. Error while doing MRIB API Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4MC_STATIC Messages EM-2205 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4MC_STATIC-7-ERR_MRIB [chars]: [chars] Explanation Internal error. Error while doing MRIB API Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_ROUTE [dec]: [chars] ([chars],[chars]/[dec]) Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_ROUTE [dec]: [chars] ([chars],[chars]/[dec]) Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_ASYNC_CODE Cannot obtain pulse code for the timer: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_ASYNC_CODE Cannot obtain pulse code for the timer: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV4MC_STATIC Messages EM-2206 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_CREATE_LEAF Cannot create timer leaf: [chars] Explanation Internal error. Cannot create manageed timer leaf Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_CREATE_LEAF Cannot create timer leaf: [chars] Explanation Internal error. Cannot create manageed timer leaf Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_INIT Cannot create managed timer: [chars] Explanation Internal error. Cannot create manageed timer Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_INIT Cannot create managed timer: [chars] Explanation Internal error. Cannot create manageed timer Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TOPOLOGY_INIT Cannot create static topology Explanation Internal error. Cannot create manageed timer leaf Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages IPV6_FIB Messages EM-2207 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-IPV4MC_STATIC-7-ERR_TOPOLOGY_INIT Cannot create static topology Explanation Internal error. Cannot create manageed timer leaf Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPV6_FIB Messages Error Message %ROUTING-IPV6_FIB-2-RIBREJECT Rejecting RIB Update for [chars]/[dec] status [dec] Explanation Rejected a route update from the RIB. Recommended Action Try repopulating the missing route. If not recovered, it will lead to forwarding inconsistencies. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. *SUPPORT* Error Message %ROUTING-IPV6_FIB-7-PFIFAIL PFI-IFH Server Error for [hex] status equals ([dec]) Explanation Cannot talk to the PFI-IFH process Recommended Action Informational message. PFI-IFH process does not have the information about the interface-handle at this very moment Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ISIS_IP_ORA Messages Error Message %ROUTING-ISIS_IP_ORA-3-INSTBUILD Failed to build policy operation ’[chars]’ for attribute ’[chars]’.[chars]%s ([hex]) Explanation There was an internal error in the routing policy library and as a result routing policy may not be applied correctly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages ISIS Messages EM-2208 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ISIS Messages Error Message %ROUTING-ISIS-3-BFD_SESSION_CREATE_FAIL Can’t create BFD session to [chars]: [chars] ([hex]) Explanation IS-IS failed to create a session with the BFD server. Creation will be reattempted on the next received IIH. Depending on the neighbor’s support of BFD this may cause adjacencies to go down. Recommended Action This failure may due to lack of resources. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the failure is not due to a lack of resources seek support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-DBG_INIT_FAILED IS-IS failed to initialize its debug resources and will abort Explanation IS-IS failed to initialize one of its debug services. The process cannot continue without its debug services and so will have aborted, but should have been restarted rapidly afterwards. This message will have been preceded by another one providing more precise details of the failure. The problem may be due to low memory resources and the detail of the preceding error message provides an indication of whether this is the case. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %ROUTING-ISIS-3-ERR_ATOMIC_RING_OP Error [chars]: [chars]: ’[chars]’, [hex] Explanation An unexpected error occurred whilst performing an atomic ring operation. This may be due to resource starvation or an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2209 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_BAD_SOCKET_ADDR_LENGTH Bad socket address length ([unsigned int], should be [unsigned int] or [unsigned int]) in packet 0x[pointer] Explanation A packet which IS-IS has received from its network socket contains a socket address with an invalid length. This is an internal error which indicates that the packet has been corrupted after being received by the local router but before being received by IS-IS. The problematic packet has been dropped. If this is an occassional problem then IS-IS should be able to continue operating normally when the packet is resent. If the message recurs, then IS-IS may start to operate incorrectly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-3-ERR_BAG_ENCODE Failed to encode data for [chars] for external data manager (Reason: [chars]) Explanation A process has requested information through SysDB, probably as the result of executing a show command. An attempt to encode data for this has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_BAG_REGISTER Failed to register bag structures with bag server (Reason: [chars]) Explanation The process could not register the data structures used by IS-IS statistics and management agents. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_CLOCKTIME Error retrieving or setting the time of the [chars] clock: [chars] ([hex]) Explanation An unexpected error occurred whilst retrieving the time of a System Clock. This may be due to resource starvation or an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2210 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_CONFIG_TO_TE Error during communication of [chars] information to TE processes: [chars] Explanation IS-IS was unable to inform the TE processes of its configuration or basic operational state. Recommended Action Restart the IS-IS process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_DLIST_ADD Failed to add an entry to an external data manager data list for [chars] (Reason: [chars]) Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_DLIST_CREATE Failed to create external data manager data list for [chars] (Reason: [chars]) Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the datalist to be returned has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_DLIST_SET_MORE_FLAG Failed to set the ’more data’ flag on a returned [chars] data list: error [hex] ([chars]) Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to set the ’more data’ flag to an external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2211 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_EDM_FNS_INIT [chars] management function initialization failed: [hex], ’[chars]’ Explanation The IS-IS process failed to initialize the handler functions for external data management. As a result, show and clear commands will not function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_EDM_REGISTER [chars] SysDB registration failed: [hex], ’[chars]’ Explanation The process could not register with SysDB for management of the data used by IS-IS statistics and management agents. As a result, show and clear commands will not function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_GET_JOB_ID Failed system manager call to get IS-IS job_id: [hex], ’[chars]’ Explanation IS-IS failed on a call to system manager to get its job_id. It’s an internal fatal error. IS-IS process will abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-3-ERR_GET_NODE_STATE Failed system manager call to get the node state information: [hex], ’[chars]’ Explanation IS-IS failed on a call to system manager to get the node related state information. It’s an internal fatal error. IS-IS process will abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Routing Messages ISIS Messages EM-2212 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_GET_TUPLE Failed system manager call to retrieve the process tag name: [hex], ’[chars]’ Explanation IS-IS failed on a call to system manager to retrieve its tag name during process initialization. It’s an internal fatal error. IS-IS process will abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-3-ERR_IFINDEX Error [chars]: ’[chars]’, [hex] Explanation An unexpected error occurred whilst performing an SNMP ifindex operation. This may be due to resource starvation or an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_LIST_ADD Failed to add an entry to an external data manager list for [chars] (Reason: [chars]) Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_LIST_CREATE Failed to create external data manager list for [chars] (Reason: [chars]) Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the list to be returned has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2213 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_LOCKING_FAIL Unexpected error ’[chars]’ trying to [chars] the [chars] Explanation An unxpected error occurred whilst trying to lock or unlock an IS-IS resource. This implies an internal programming error. Recommended Action Consider restarting the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_LTRACE_BUFFER Error [chars] trace buffer ’[chars]’: [chars] ([hex]) Explanation An unexpected error occurred whilst accessing a tracing buffer. This may be due to resource starvation or an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_MEMPOOL_CREATE Failed to create the [chars] Explanation IS-IS failed to create a memory pool. IS-IS cannot operate without this resource and will abort. The most likely cause is a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart IS-IS. *RECUR* Error Message %ROUTING-ISIS-3-ERR_NODE_STATE_CHANGE Failed to register with system manager to get node state change notification: [hex], ’[chars]’ Explanation IS-IS failed on a call to system manager to register to get node state change notification. It’s an internal fatal error. IS-IS process will abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Routing Messages ISIS Messages EM-2214 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_PAK_CLIENT_ACCESS Error [chars] a packet buffer (0x[pointer]): [chars] Explanation IS-IS encountered an error whilst accessing a packet buffer. The relevant packet has been ignored. The message describes the nature of the error. If the problem is transient then IS-IS will recover. The error may be due to a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Consider restarting IS-IS. Error Message %ROUTING-ISIS-3-ERR_PAK_CLIENT_CONN Error [chars] the managed connection to the packet server: [chars] ([dec]) Explanation IS-IS encountered an error whilst trying to set up a managed connection to the Packet Server. This is a serious error as IS-IS requires Packet I/O services to be able to form adjacencies, and the IS-IS process will shut itself down in response. This may be due to a low memory condition but is more likely to be a programming error. The error string and error code provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %ROUTING-ISIS-3-ERR_PAK_CLIENT_GET_BUFFER Error obtaining a packet buffer of length [unsigned int] Explanation IS-IS encountered an error whilst attempting to acquire a packet buffer to use to send a packet. The relevant packet has been dropped. The problem may be due to resource starvation. IS-IS will recover when sufficient resources become available. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %ROUTING-ISIS-3-ERR_PROC_AVAILABLE Failed system manager call to indicate that IS-IS has completed initialization: [hex], ’[chars]’ Explanation IS-IS failed on a call to system manager to indicate that it has completed all its initialization and is now completely online. It’s an internal fatal error. IS-IS process will abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Routing Messages ISIS Messages EM-2215 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_PROC_READY Failed system manager call to indicate that IS-IS is ready: [hex], ’[chars]’ Explanation IS-IS failed on a call to system manager to indicate that it’s ready to proceed. It’s an internal fatal error. IS-IS process will abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-3-ERR_RECV_BAD_TE_MSG Received [chars] in the [chars] message from TE Explanation The process has received a TE message with invalid contents. As a result, the TE message is ignored and TE tunnel may not come up. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_RECV_PAK Error receiving packet: [chars] Explanation An internal error has occurred receiving the packet. This is most likely due to some failure in a system service or a limited resource being exhausted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_RIB_BATCH_BUFFER Unexpected error [chars] batch of [chars] RIB updates ([dec]) Explanation IS-IS encountered an unexpected error whilst defining a batch of updates to be sent to the RIB. This is an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2216 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_RIB_PATH Unexpected error installing a path to [chars] in the [chars] RIB ([dec]) Explanation IS-IS was unable to install a path to the specified network in the the specified RIB because the RIB rejected the request. This is an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_SEND_PAK Error sending IS-IS packet: [chars] Explanation The process encountered an error while sending the IS-IS packet. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_SYSDB_ACCESS Error [chars] [chars] SysDB item ([chars]): [hex], ’[chars]’ Explanation An unexpected error occurred whilst accessing the specified SysDB item. This may be due to resource starvation or an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. The IS-IS process must be restarted before it can function correctly. Error Message %ROUTING-ISIS-3-ERR_SYSDB_APPLY_BATCH Error in SysDB batch: [chars]: [chars] ([hex]) Explanation An unexpected error occurred whilst checking for more SysDB batches after receiving request to shutdown the process. This may be due to resource starvation or an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. The IS-IS process must be restarted before it can function correctly. Routing Messages ISIS Messages EM-2217 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_SYSDB_CONNECT [chars] SysDB connection could not be established at the path [chars]: [hex], ’[chars]’ Explanation IS-IS failed to bind to SysDB while opening a connection to it. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The IS-IS process must be restarted before it can function correctly. Error Message %ROUTING-ISIS-3-ERR_SYSDB_DATALIST Error [chars] SysDB datalist containing [chars]: [chars] ([hex]) Explanation An unexpected error occurred whilst listing the contents of a directory in SysDB. This may be due to resource starvation or an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. The IS-IS process must be restarted before it can function correctly. Error Message %ROUTING-ISIS-3-ERR_SYSDB_REG_NOTIFY Failed to register for SysDB notifications on path [chars] ([chars]) Explanation IS-IS failed to register for notification of changes on the displayed SysDB path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The IS-IS process must be restarted before it can function correctly. Error Message %ROUTING-ISIS-3-ERR_SYSDB_REG_VERIFY Failed to [chars] ([chars]) Explanation IS-IS failed to register for verification of changes to its configuration data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The IS-IS process must be restarted before it can function correctly. Routing Messages ISIS Messages EM-2218 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_SYSDB_STRING_CODING Error [chars] a ’[chars]’ string: [hex], ’[chars]’ Explanation IS-IS failed to encode or decode a string using the SysDB encoding. Aa result IS-IS will not be able to complete the operation it was performing which it encountered the error. The message describes the string which was being encoded or decoded and this should indicate the nature of the operation which was being performed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %ROUTING-ISIS-3-ERR_TAG_NAME Error retrieving process tag name: [hex], ’[chars]’ Explanation An IS-IS process failed to retrieve its process tag name during process initialization. This is a fatal error and the IS-IS process will abort. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-3-ERR_THREAD_CREATE Error starting [chars] thread: [dec] Explanation IS-IS failed to create a thread essential to its operation. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-ERR_THREAD_KEY_CREATE Error creating ’[chars]’ registry for thread specific value: [chars] Explanation IS-IS failed to create a key to store thread specific values such as the name of a thread. This may be due to a low memory condition but is most likely to be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR* Routing Messages ISIS Messages EM-2219 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-ERR_THREAD_ONCE Error performing a once per thread lifetime operation to initialize [chars]: [chars] Explanation IS-IS failed to initialize the specified resource. This is an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-3-ERR_THREAD_SET_SPECIFIC Error associating [chars] with thread: [chars] Explanation IS-IS failed to associated the specified per-thread resource with the thread. This may be due to a low memory condition but is most likely to be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR* Error Message %ROUTING-ISIS-3-ERR_VRFN_FNS_INIT [chars] verification function initialization failed: [hex], ’[chars]’ Explanation The IS-IS process failed to initialize the handler functions for verification of changes to its configuration data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The IS-IS process must be restarted before it can function correctly. Error Message %ROUTING-ISIS-3-EVENT_CONN_CREATE_FAIL Error creating ’[chars]’ connection: [chars] Explanation IS-IS failed to create a connection to an essential service during initialization. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2220 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-EVQ_DEQUEUE_FAIL Failed to remove [chars] from the [chars] queue: [hex], ’[chars]’ Explanation An unexpected error occurred whilst removing the specified object from the specified queue. Recommended Action Consider restarting the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-EVQ_ENQUEUE_FAIL Failed to enqueue [chars] on the [chars] queue: [hex], ’[chars]’ Explanation An unexpected error occurred while enqueueing the specified object on the specified queue. Recommended Action This failure is most probably due to limited memory. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-ISIS-3-EVQ_SIZE_FAIL Failed to retrieve the size of the [chars] queue: [hex], ’[chars]’ Explanation An unexpected error occurred whilst retrieving the size of the specified queue. As a result IS-IS’s internal state may be inconsistent. This indicates an internal programming error. Recommended Action Consider restarting the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-3-IM_CB_REG_FAIL Failed to register handler for IM [chars] events: [hex], ’[chars]’ Explanation IS-IS failed to register a handler for IM events relating to the specified protocol. This may be due to a low-memory condition but may also be due to internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR*. Routing Messages ISIS Messages EM-2221 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-IM_CONN_TO_COID_FAIL Unexpected error retrieving connection ID from IMD connection context: [hex], ’[chars]’ Explanation IS-IS failed to retrieve a connection ID from the IMD connection context. This may be due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR*. Error Message %ROUTING-ISIS-3-INTF_SET_ADD_FAIL Failed to add [chars] to the set of [chars]: [hex], ’[chars]’ Explanation An unexpected error occurred whilst trying to add an interface to the specified collection of interfaces. This is most likely to be due to a low memory condition, but may be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-3-IPV6_LAS Error [chars] IPv6 local address consumer service: [hex], ’[chars]’ Explanation An unexpected error occurred whilst IS-IS was using the IPv6 Local Address Consumer Service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-PDU_INSUFFICIENT_SPACE Unable to [chars] due to insufficient space in outgoing PDU Explanation The process was unable to add information to an outgoing PDU. This is most likely an MTU issue. Recommended Action Check the MTUs for the interfaces over which IS-IS is running. Error Message %ROUTING-ISIS-3-RSI_C_API_FAIL RSI [chars] failure, [hex], ’[chars]’ Explanation The IS-IS process failed to initialize the RSI service for the specified error reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2222 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-3-RSI_C_LIB_INIT RSI init failure, [hex], ’[chars]’ Explanation The IS-IS process failed to initialize the RSI service for the specified error reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-TIMESTAMP Operation ’[chars]’ failed during packet timestamping: [hex] ([chars]) Explanation An operation failed during timestamp processing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-3-TRIGGER Operation ’[chars]’ failed during log trigger processing : [chars] Explanation An operation failed during log trigger processing. This is not critical and IS-IS functionality should be unaffected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-AREALOST Too many IS-IS areas--cannot route to area [chars] Explanation Too many IS-IS areas--cannot route to area AREA-ADDRESS. This system has exceeded the limit of three learned area addresses. The largest address AREA-ADDRESS has been dropped from the list of active areas. Recommended Action Reduce the number of area addresses in the routing area. Error Message %ROUTING-ISIS-4-BFD_BIND_FAIL Attempt to connect to the BFD server failed: [chars] ([hex]) Explanation IS-IS failed to connect to the BFD server. The connection will be retried. Recommended Action This failure may be due to lack of resources. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Routing Messages ISIS Messages EM-2223 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-BFD_CREATE_FAIL Attempt to create [dec] BFD session[chars] failed: [chars] ([hex]) Explanation IS-IS failed to create one or more sessions with the BFD server. The connection to the server will be reset in an attempt to recover from the error. Recommended Action This failure may due to lack of resources. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the failure is not due to a lack of resources seek support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-BFD_DELETE_FAIL Attempt to delete [dec] BFD session[chars] failed: [chars] ([hex]) Explanation IS-IS failed to delete one or more sessions with the BFD server. The connection to the server will be reset in an attempt to recover from the error. Recommended Action This failure may due to lack of resources. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the failure is not due to a lack of resources seek support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-BFD_DELETE_UNCONFIG_FAIL Attempt to admin shutdown [unsigned int] BFD session[chars] as a result of deconfiguration failed: [chars] ([hex]) Explanation IS-IS failed to admin shutdown one or more sessions with the BFD server. The connection to the server will be reset in an attempt to recover from the error. Recommended Action This failure may due to lack of resources. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If the failure is not due to a lack of resources seek support. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-BFD_SESSION_NOT_FOUND Failed to locate BFD session over [chars] to [chars] for an adjacency. Explanation IS-IS failed to locate a BFD session for a given adjacency. If necessary IS-IS will reconnect to the server to correct. Recommended Action None. Routing Messages ISIS Messages EM-2224 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-CERR_REG_FAIL [chars] Explanation This system was unable to register the CERR DLL. This is probably due to a faulty installation. Recommended Action Be sure the libisis_error.dll is properly installed. Error Message %ROUTING-ISIS-4-DBG_REGISTER_FAILED Error registering for IS-IS debug events: [hex], ’[chars]’ Explanation IS-IS failed to register with the debug module for printing messages. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-DUPLICATE_MT_CAPABILITY Level [unsigned int] LSP [chars] contains multiple ([unsigned int]) MT capability items for [chars].[chars]%s Explanation The specified LSP contains multiple items advertising the same MT capability. This is an indication that the router which owns the LSP has generated its LSP incorrectly. If the MT capability items contain conflicting overload state then the message indicates this and IOS-XR determines that the router which issued the LSP is overloaded. If the MT capability items contain conflicting attached state then the message indicates this and IOS-XR determines that the router which issued the LSP is not attached. Recommended Action Identify the source of the offending packet and correct it. Error Message %ROUTING-ISIS-4-DUPSYSTEM Possible duplicate system ID [chars] detected Explanation The router with the system ID SYSTEM-ID has transmitted too many LSPs in brief period of time, which could indicate constant LSP reflooding caused by a duplicate system ID. Recommended Action Check the configuration of other routers in the area for duplicate IDs. Routing Messages ISIS Messages EM-2225 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_ACL Unexpected error whilst [chars] [chars] ACL [chars]: [hex], ’[chars]’ Explanation IS-IS encountered the specified unexpected error whilst performing the specified operation on the specified access-list. As a result IS-IS’s operation will not correctly reflect the contents of the ACL. This may be due to a low-memory condition but may also be due to internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR*. Error Message %ROUTING-ISIS-4-ERR_ADVMASK Error adding IS-IS to advertising mask of [chars] ([chars]): [hex], ’[chars]’ Explanation IS-IS failed to add itself to the advertising mask for the specified route and topology, that route corresponding to a connected route on an interface over which IS-IS is running. This means that any protocols which redistribute IS-IS into themselves will not receive the specified route. The problem is most likely to be caused by a failure by ipv4-io or ipv6-io to install the route at all, although it could also be due to low memory conditions. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %ROUTING-ISIS-4-ERR_BAD_CIRC_TYPE Bad circuit type ([dec]) from [chars] Explanation Bad circuit type (CIRCUIT-TYPE) from SOURCE_IF. This system received an IS-IS hello with a header reporting an invalid circuit type of CIRCUIT-TYPE. This is the result of a mal-formed packet rather than a configuration error. The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_BAD_HDR_LENGTH The packet header length [unsigned int] is invalid for a(n) [chars], (should be [unsigned int]) from [chars] Explanation The packet header length (HDRLEN) is invalid for a(n) PDUTYPE, (should be EXPECTED) from SOURCE_IF This system received a PDUTYPE packet from SOURCE_IF claiming a header length of ACTUAL, rather than EXPECTED. The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Routing Messages ISIS Messages EM-2226 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_BAD_ID_LENGTH Bad system ID length ([unsigned int], should be 0 or [unsigned int]) from [chars] Explanation Bad system ID length (ID-LENGTH, should be 0 or EXPECTED-LENGTH) from SOURCE_IF. This system received a pdu reporting an invalid system ID length of ID-LENGTH. This system only accepts values of 0 and 6 (both indicate 6). The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_BAD_MAX_AREA_ADDR Bad max area addresses ([dec], should be 0 or [dec]) from [chars] Explanation Bad max area addresses (MAX-AREA-ADDRESSES, should be 0 or EXPECTED-MAX) from SNPA (INTERFACE-NAME). This system received a pdu reporting an invalid number of configurable area addresses. This system only accepts values of 0 and 3 (both indicate 3). The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_BAD_PAK_LENGTH The length ([unsigned int]) reported in the packet buffer is greater than the maximum packet length that IS-IS can receive ([unsigned int]) Explanation IS-IS has received a packet which is larger than its internal buffers can handle. The packet has been ignored. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Consider reducing the relevant interface’s MTU. Error Message %ROUTING-ISIS-4-ERR_BAD_PDU_FORMAT [chars] received from [chars] contains a format error: [chars] Explanation IS-IS has received a PDU containing a format error. This indicates that the system which built the PDU is not conforming to the protocol specification. In most cases this is the neighbor, but in the case of LSPs it is the system which generated the LSP. The message contains the type of the PDU, the interface it was received over (and, in the case of a LAN interface, the SNPA), and a description of the format error. IS-IS will not use any of the information contained in this PDU. In the case of an LSP, IS-IS will not flood the LSP to neighbors. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Routing Messages ISIS Messages EM-2227 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_BAD_PDU_LENGTH The length ([unsigned int]) reported in the [chars] header is greater than the packet length ([unsigned int]) from [chars] Explanation The length (PDU_LENGTH) reported in the PDUTYPE header is greater than packet length (PKTLEN) from SOURCE_IF This system received an IS-IS packet that was LENGTH bytes long, which is shorter than the required header length for a PDUTYPE packet. The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_BAD_PDU_VERSION The PDU version reported in the IS-IS header is invalid ([unsigned int], should be [unsigned int]) from [chars] Explanation The PDU version reported in the IS-IS header is invalid (VERSION, should be EXPECTED) from SNPA (INTERFACE-NAME) This system received a protocol packet bearing an invalid VERSION in the header. The router originating the packet is either placing the wrong protocol version number in the packet, or else it is running an incompatible version of the IS-IS protocol. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_BAD_VERSION Bad protocol version ([dec], should be [dec]) from [chars] Explanation Bad protocol version (VERSION, should be EXPECTED-VERSION) from SOURCE_IF. This system received a pdu with an invalid protocol version of VERSION instead of EXPECTED-VERSION. The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_BGP_CONVERGE Overload bit not set due to failure in registering for BGP convergence: [hex], ’[chars]’ Explanation IS-IS is configured to set the overload bit in its LSPs upon startup and to wait for BGP to converge before resetting the overload bit, but an error has occurred whilst registering for notification of BGP convergence. As a result, the overload bit will not have been set upon startup. This may be due to a low-memory condition but may also be due to internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Routing Messages ISIS Messages EM-2228 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_BGP_UNREG_NOTIFY Error unregistering for BGP convergence notification: [hex], ’[chars]’ Explanation IS-IS failed to unregister for notification of BGP convergence. The error will not affect IS-IS operation but does indicate unexpected system behavior. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-ERR_EVM_ATT_FAIL Failed to register a handler for ’[chars]’ messages: [chars] Explanation IS-IS failed to register a handler for the specified class of event. This is an initialization error and implies that IS-IS will not be able to operate correctly. The IS-IS process must be restarted in order to recover. The cause may be a resource starvation problem but is most likely to be an internal programming error. The error message should give more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-ERR_EVM_CBACK_ATT_FAIL Failed to register a [chars] callback handler: [chars] Explanation IS-IS failed to register a callback handler due to the error. This is an initialization error and implies that the function in IS-IS will not be able to operate correctly. The IS-IS process must be restarted in order to recover. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-ERR_EVM_CRE_FAIL Failed to create [chars] Event Manager: [chars] Explanation IS-IS failed to create an Event Manager to receive events in the specified thread. This is most likely to be caused by a resource starvation problem, but may also be due to an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Routing Messages ISIS Messages EM-2229 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_EVM_SEND_FAIL Failed to send ’[chars]’ to ’[chars]’: [chars] Explanation IS-IS failed to send the specified message. The cause may be a resource starvation problem but is most likely to be an internal programming error. The error message should give more details. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-ERR_GET_RESPAWN_COUNT Failed system manager call to fetch respawn, assuming respawned: [hex], ’[chars]’ Explanation A call to system manager to obtain the process respawn count failed. This is a recoverable error, and the count will be assumed to be 1. Recommended Action No action is required.. Error Message %ROUTING-ISIS-4-ERR_IPFRR_CONFIG_INCONSISTENT In the topology [chars] interface [chars] has inconsistent level for IPFRR. IPFFR is supported on single-level circuit only Explanation IPFRR is supported on single-level circuit only. Recommended Action Check both is-type and circuit-type configurations. Change the configuration to single-level circuit. Error Message %ROUTING-ISIS-4-ERR_LSP_DB_CORRUPT L[unsigned int] LSP database checksum verification failed for LSP [chars]. IS-IS will restart itself Explanation A corrupt LSP was found during a periodic check of the sanity of the specified level’s LSP database. When it encounters this condition the IS-IS process restarts itself to recover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-ERR_LSP_INPUT_Q_OVERFLOW LSP input queue overflow: [unsigned int] total drops; [unsigned int] LSP drops, [unsigned int] SNP drops Explanation An incoming LSP or SNP pdu was dropped because the input queue was full Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages ISIS Messages EM-2230 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_MEMPOOL_NOMEM Failed to allocate [unsigned int] bytes from ’[chars]’ Explanation IS-IS failed to allocate memory from the specified pool. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-ISIS-4-ERR_MIN_PDU_LENGTH The length ([unsigned int]) described in the [chars] header is smaller than the minimum ([unsigned int]) from [chars] Explanation The length (PDU_LENGTH) described in the PDUTYPE header is smaller than the minimum (MINLEN) from SOURCE_IF This system received an IS-IS packet that was LENGTH bytes long, which is shorter than the required header length for a PDUTYPE packet. The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_MIN_PKT_LENGTH The length ([unsigned int]) of the [chars] received from [chars] is smaller than the minimum ([unsigned int]) Explanation The length (PKTLEN) of the PDUTYPE received from the interface SOURCE is smaller than the minimum (MINLEN) This system received an IS-IS packet that was LENGTH bytes long, which is shorter than the required header length for a PDUTYPE packet. The packet has been ignored. Recommended Action Identify the source of the offending packet and correct it. If the message recurs ’debug isis packet-errors detail’ may be used to provide a dump of the problematic PDU. Error Message %ROUTING-ISIS-4-ERR_MSG_CHAN_GLOBAL Error changing a local message channel setting to [chars]: [chars] ([dec]) Explanation IS-IS failed to convert a local connection channel to a global connection channel. This could be the result of a problem with the channel. Recommended Action Restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2231 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_MSG_GET_SCOID Error retrieving client’s connection ID to the [chars] channel: [chars] ([dec]) Explanation IS-IS failed to retrieve its local connection ID for a client attached to the specified channel. This is an internal programming error. Recommended Action Restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-ERR_MSG_REPLY Error replying to the client [chars]: [chars] ([dec]) Explanation IS-IS failed to reply to its client through message channel. This could be a result of channel down or resource allocation failure. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-ERR_PCL Unexpected error whilst [chars]: [hex], ’[chars]’ Explanation IS-IS encountered an unexpected error whilst performing the specified using the Route Policy client library. As a result information may be omitted from the local system’s LSPs. This may be due to a low-memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR*. Error Message %ROUTING-ISIS-4-ERR_REG_SHUTDOWN_NOTIFY Failed system manager call to register for shutdown notification: [hex], ’[chars]’ Explanation A call to system manager to register for shutdown notification failed. This is a recoverable error in that shutdown actions are not critical. Recommended Action No action is required.. Error Message %ROUTING-ISIS-4-ERR_RIB Unexpected error whilst [chars] the [chars] RIB: [hex], ’[chars]’ Explanation IS-IS encountered an unexpected error whilst performing the specified RIB operation. This may be a resource starvation problem but is most likely to be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the IS-IS process. *RECUR* Routing Messages ISIS Messages EM-2232 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_RIB_BATCH_SEND Unexpected error sending a batch of [chars] RIB updates ([dec]) Explanation IS-IS encountered an unexpected error whilst sending a batch of RIB updates to the RIB. This may be a resource starvation problem, or a problem with IS-IS’s connection to the RIB, or an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-ERR_RIB_CONN_SETRETRY Error setting the RIB linear retry period: [hex] ’[chars]’ Explanation IS-IS failed to set the linear retry period for connecting to the RIB. This error will not affect IS-IS operation but does indicate an unexpected result. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-ERR_RIB_LIB Unexpected error whilst [chars]: [hex], ’[chars]’ Explanation IS-IS encountered an unexpected error whilst performing the specified operation using the RIB client library. This may be a resource starvation problem but is most likely to be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-ERR_RIB_PATH_NOMEM Insufficient memory whilst installing a path to [chars] in the [chars] RIB Explanation IS-IS was unable to install a path to the specified network in the RIB because the RIB encountered a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages ISIS Messages EM-2233 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_SHOW_PROTO_REG Error registering show protocol information: [hex], ’[chars]’ Explanation IS-IS failed to register for notification of changes on the displayed SysDB path. The error will not affect IS-IS operation but does indicate unexpected system behavior. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-ERR_SYSDB_DISCONNECT Error disconnecting [chars] SysDB connection: [hex], ’[chars]’ Explanation IS-IS failed to disconnect from SysDB. The error will not affect IS-IS operation but does indicate that a programming error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-ERR_SYSDB_UNREG_NOTIFY Error unregistering for SysDB notification: [hex], ’[chars]’ Explanation IS-IS failed to unregister for notification of changes on the displayed SysDB path. The error will not affect IS-IS operation but does indicate unexpected system behavior. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-ERR_THREAD_DESTROY Error destroying [chars] thread: [dec] Explanation IS-IS failed to destroy a thread. This is an internal error. If the error occurred whilst unconfiguring IS-IS then it may be necessary to forcefully terminate the IS-IS process. If the error occurred during normal operation then it may be necessary to restart the IS-IS process to recover. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2234 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ERR_THREAD_SET_NAME Error setting name of thread [dec] to [chars]: [chars] ([hex]) Explanation An unexpected error occurred whilst setting a thread name. This may be due to resource starvation or an internal programming error. This is not a fatal error as the name is only used for debugging and error messages. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR* Error Message %ROUTING-ISIS-4-ERR_WDSYSMON_MEM_STATE Unexpected error whilst [chars] for memory state changes: [chars] ([hex]) Explanation IS-IS encountered an error whilst registering or deregistering with WDSysMon for notifications of changes to the router’s memory state. If the error occurs during registration (i.e. when the IS-IS process is initializing) then it will abort and the system may recover automatically when the IS-IS process is restarted. If the error occurs during deregistration (i.e. when the IS-IS process is shutting down) then it is harmless and may be ignored. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-4-EVENT_BOOL_FAIL Error [chars] the ’[chars]’ trigger: [hex], ’[chars]’ Explanation IS-IS encountered an unexpected error using one of the infrastructure libraries. This may be due to a low memory condition but is more likely to be a programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR*. Error Message %ROUTING-ISIS-4-EVENT_CONN_ERROR_FAIL Error resetting ’[chars]’ connection: [chars] Explanation After detecting an error with the connection to the specified service, IS-IS failed to reset that connection. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2235 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-EVENT_CONN_EVM_HANDLER_FAIL Error registering for data events on ’[chars]’ connection: [chars] Explanation During initialization, IS-IS failed to register for input or output notifications for the specified service. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-EVENT_CONN_GET_FD_FAIL Error retrieving the Connection ID from the ’[chars]’ connection: [chars] Explanation IS-IS failed to retrieve the file descriptor associated with the specified service. This is an internal error. Recommended Action Consider restarting the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-EVENT_CONN_NOTIFY_FAIL Error registering for critical events on ’[chars]’ connection: [chars] Explanation During initialization, IS-IS failed to register for essential notifications regarding the state of the connection for the specified service. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-EVENT_CONN_OPEN_FAIL Error opening ’[chars]’ connection: [chars] Explanation IS-IS failed to open a connection to an essential service during initialization. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2236 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-EVQ_CRE_FAIL Failed to create the [chars] event queue: [hex], ’[chars]’ Explanation An unexpected error occured whilst creating an event queue during process initialization. This may be a system resource problem. As a result IS-IS will be unable to operate correctly. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR* Error Message %ROUTING-ISIS-4-EXTRA_AREA_ADDRESSES Area address TLV length [dec] contains more than ISIS_MAX_AREA_ADDRESSES from [chars] ([chars]). Explanation Area address TLV length TLV_LENGTH contains more than ISIS_MAX_AREA_ADDRESSES from SNPA_STRING (INTERFACE_NAME). This system recieved a hello or LSP containing more than the maximum number of area addresses. The additional addresses have been ignored. Recommended Action Identify the source of the offending packet and correct it. Error Message %ROUTING-ISIS-4-IDB_CHKPT_CLEANUP Unexpected objid [hex] for [chars] (CSCek33169) collect log and tech-support Explanation This is not critical and IS-IS functionality should be unaffected. A non-null OBJID for INTERFACE-NAME was encountered. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-IIH_TOO_MANY_IF_ADDRESSES [chars] has more [chars] interface addresses than can fit into a single TLV (255 bytes). Outgoing IIHs can only include the first [unsigned int] addresses. Explanation The specified interface has more addresses than can be fitted into a single TLV (255 bytes). RFC 1195 specifies that each IIH may contain at most one IPv4 Interface Address TLV, i.e. 63 IPv4 addresses. Thus if there are more than 63 IPv4 addresses configured on the interface then only 63 addresses are included in the IIH. If the interface has a primary address it is always included first. The secondary addresses are added in their natural numerical order until there is no more space. If there is an IS on the LAN which does not share a subnet with any of the advertised addresses then it will not be able to form an adjacency with this IS. This problem should not apply to IPv6 as each interface should have a single link local address. Recommended Action Reduce the number of addresses configured on the interface so that they can all fit within a single TLV. Routing Messages ISIS Messages EM-2237 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-IM_ATTR_INIT Error initializing the IM attribute library: [hex] ’[chars]’’ Explanation IS-IS failed to initialize the IM attribute library. This error will prevent IS-IS from normal operations. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR*. Error Message %ROUTING-ISIS-4-IM_CAPS_UNKNOWN IM notification received for an unknown and unexpected capsulation number: [unsigned int] Explanation IS-IS has received an IM message referring to a capsulation number that IS-IS does not recognized and is not able to handle. This is an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-IM_CB_NAME_TRUNC Interface Manager context name ’[chars]’ length exceeds string length limit of [dec]; truncated to ’[chars]’ Explanation The length of the context string used to register for Interface Manager callbacks exceeded internal limits and was truncated. If truncation results in registration contexts no longer being unique, this could cause problems with event registrations. Recommended Action This should not happen. The condition represents an internal error. Error Message %ROUTING-ISIS-4-INTF_ADDR_CHG_REG Error during registration for interface IP address changes: [chars] Explanation IS-IS failed to register for notification of interface IP address changes. This is may be due to lack of resources or an internal error (the error message will indicate which). It requires a restart of the process for recovery. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages ISIS Messages EM-2238 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-INTF_ATTR_FAIL Failure while [chars] on [chars]: [hex] ’[chars]’’ Explanation A call to the IM attribute library failed. This can be caused by faulty hardware, or it may indicate an interface resource is currently unavailable. Recovery may require a restart of the IS-IS process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INTF_CKTNUM_ALLOC_FAIL Failed to allocate circuit ID to interface [chars]: all [dec] IDs already in use Explanation IS-IS failed to allocate a circuit ID to the specified LAN interface. Recommended Action Reduce the number of LAN interfaces over which IS-IS is running. Error Message %ROUTING-ISIS-4-INTF_CLNS_CLIENT_INIT Failed to initialize CLNS interface registery: [chars] Explanation IS-IS failed to initialize its interface registration process wth CLNS It requires a restart of process for recovery. Recommended Action Restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INTF_CLNS_MAC_ADDR_NOTIFY Failed to notify CLNS of a MAC address change on interface [chars]: [chars] Explanation IS-IS failed to notify the CLNS protocol stack of MAC address changes to the specified interface. It requires a restart of process for recovery. Recommended Action Restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2239 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-INTF_CLNS_NOTIFY Failed to add the CLNS stack on interface [chars]: [chars] Explanation IS-IS failed to add the CLNS protocol stack on the specified interface. It requires a restart of process for recovery. Recommended Action Restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INTF_CLNS_REMOVE_CAP Failed to remove the CLNS stack on interface [chars]: [chars] Explanation IS-IS failed to remove the CLNS protocol stack on the specified interface. Recommended Action None. Error Message %ROUTING-ISIS-4-INTF_CONFIG_ERROR Interface [chars] is already configured Explanation This is a duplicate configuration received for the same interface. Most likely the previous cleanup (commit replace) or removal of ISIS config was not successful (CSCsy26037/CSCsv89872). ISIS may be in unstable state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Consider restarting the IS-IS process. Error Message %ROUTING-ISIS-4-INTF_FIND_FAIL Failed to lookup Interface Handle for interface [chars]: [hex] ’[chars]’ Explanation An unexpected error occurred looking up an interface handle from an interface name. This may be due to a low memory condition but is most likely to be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR* Routing Messages ISIS Messages EM-2240 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-INTF_FWS_INIT Error during initialization of forward-referenced interface store: [chars] Explanation IS-IS failed to initialize its storage for forward-referenced interfaces. This is may be due to lack of resources or an internal error (the error message will indicate which). It requires a restart of the process for recovery. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-ISIS-4-INTF_IM_REG_FAIL Error registering for [chars] [chars] changes on interface [chars]: [hex], ’[chars]’ Explanation IS-IS failed to register for notification of the specified changes on the specified interface and protocol. This may be an internal programming error, but is most likely to be a resource starvation problem. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider disabling and reenabling the interface within IS-IS configuration, or restarting the IS-IS process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-4-INTF_INACTIVE_AF Unexpected [chars] [chars] notification on [chars] Explanation The specified event was unexpected because the address family is not active on that interface. The operation of IS-IS is not affected by this message and it may safely be ignored. The message is due to an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-4-INTF_IP_ARM_BATCH_UPDATE_FAIL Error [chars] for [chars] address changes on interface [chars]: [hex], ’[chars]’ Explanation IS-IS failed to register with IP-ARM for notification of the address changes on the specified interface and address family. This may be an internal commuincation error, but is most likely to be a resource starvation problem. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider disabling and reenabling the interface within IS-IS configuration, or restarting the IS-IS process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Routing Messages ISIS Messages EM-2241 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-INTF_LAS_FAIL Failed [chars] [chars] link local addresses on [chars]: [hex], ’[chars]’ Explanation An unexpected error occurred whilst accessing the link-local address details for the specified interface. As a result IS-IS will not be able to use the specified address-family on the specified interface. This could be due to a low memory condition or an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-INTF_MAC_SIZE_ERR Incorrect MAC address size for [chars] (returned: [dec], expected: [dec]) Explanation The MAC address size returned for the specified interface does not match the expected size (6 bytes). This can be caused by a faulty hardware. Recommended Action Restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INTF_MCAST_JOIN_FAIL Error joining [chars] multicast group on [chars]: [chars] Explanation IS-IS was unable to join the specified multicast group on the specified interface. Recommended Action Restart the affected interface and, if the problem recurs, the IS-IS process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INTF_MCAST_SIZE_ERR The multicast address is too large for [chars] (supplied: [dec], maximum: [dec]) Explanation The multicast address requested for the specified interface is larger than the maximum permissible size. This requires restarting the IS-IS process. Recommended Action Restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2242 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-INTF_MTU_REDUCED IS-IS MTU value of [unsigned int] on [chars] adjusted to [unsigned int] to accommodate fabric MTU Explanation The IS-IS MTU was adjusted to accommodate the fabric MTU of the system. This new MTU may be smaller than the actual MTU allowable by the physical interface. Recommended Action Check any MTU configuration for the interface to ensure that this is not a configuration error. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INTF_MTU_TOO_SMALL CLNS MTU value of [unsigned int] on [chars] is too small. Minimum acceptable value is [unsigned int] Explanation The MTU for CLNS on the specified interface is too small to allow IS-IS to send packets over that interface. This may be due to a configuration error or an internal error. Recommended Action Check any MTU configuration for the interface to ensure that this is not a configuration error. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INTF_NAME_FAIL Failed to lookup an interface name from its handle ([hex]): [hex], ’[chars]’ Explanation An unexpected error occurred looking up an interface’s name from it’s handle. The error code should provide an indication of what the problem is. The most likely explanation is that the interface with the specified handle no longer exists although the message may be caused by low memory conditions or an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR* Error Message %ROUTING-ISIS-4-INTF_NSF_MEDIA_MISMATCH Media class mismatch between checkpoint table ([chars]) and reality ([chars]) on interface [chars] Explanation IS-IS has detected a mismatch between the media class (i.e. Point to Point vs. LAN) of an interface as determined by IS-IS’s checkpoint state and IM. As a result the interface will not participate in the NSF restart. This is an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2243 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-INTF_STORE_FAIL Error [chars] [chars] [chars] internal [chars] store: [hex], [chars] Explanation IS-IS was unable to perform the specified operation on the specified interface. This is most likely to be a resource starvation problem, but may be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR* Error Message %ROUTING-ISIS-4-INTF_UNKNOWN_MEDIA Unknown or unsupported interface media type ([chars]) on [chars] Explanation This interface media is not supported by IS-IS. An IS-IS process restart is required for recovery. Recommended Action Check the interface media name in the configuration and restart the IS-IS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-INVALID_LSP_LIFETIME L[unsigned int] LSP [chars] sn [hex] cs [hex] has invalid remaining life time [unsigned int], max allowed - [unsigned int] Explanation IS-IS received invalid value for the remaining LSP life time using the timer library. IS-IS will handle this gracefully by limiting the value to maximum allowed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-IP_ARM_ADDR_INFO_FAIL Failed to [chars] for [chars] address information: [hex], ’[chars]’ Explanation IS-IS has encountered an error whilst manipulating a set of interface IP addresses. This may be a resource starvation problem or an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Routing Messages ISIS Messages EM-2244 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ITEMSIZE add_item_entry called with size [dec]: errant entry was not added to the LSP Explanation add_item_entry called with size SIZE. An internal error occurred while this system was trying to construct its LSPs. The errant entry was not added to the LSP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-KEY_DEACTIVATE_FAIL Failure to deactivate Key Chain [chars]: ’[chars]’’ Explanation A call to the Key Chain library failed. This may indicate an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-LINK_TO_SELF Level [unsigned int] LSP [chars] contains a link advertsisement to itself ([chars] MT ID). This link will be ignored in subsequent route calculations. Explanation The specified LSP contains a link advertisement to itself and this link has been ignored. There is no possible impact to routing as the link would not be used by other routers in their calculations. This message is however indicative of a problem in the router which issued the LSP as it should not have advertised such a link. Recommended Action Identify the source of the offending packet and correct it. Error Message %ROUTING-ISIS-4-LSPCKSUM Bad L[dec] LSP [chars] checksum [hex] received on [chars], length [dec], should be [hex], bad count [dec] Explanation Bad L-# LSP LSP-ID checksum ACTUAL-CKSUM received on INTERFACE-NAME, length PDU-LENGTH should be EXPECTED-CKSUM, bad count CKSUM-ERROR-COUNT. This system received a level L-# LSP with a wrong checksum. If the IS-IS configuration option ’isis-ignore-cksum-errors’ is set, the packet has been ignored. Otherwise it has been handled according to the specification. Recommended Action No action is required. Routing Messages ISIS Messages EM-2245 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-LSPFULL L[unsigned int] LSP filled to capacity, dropping routes Explanation L-LEVEL LSP filled to capacity, dropping routes. This system cannot originate any more routes or adjacencies because it cannot build any more LSP fragments in which to advertise them. Recommended Action This is usually caused by a misconfiguration, such as redistributing a large number of routes into IS-IS. Reduce the number of routes being redistributed into IS-IS to correct the problem. Error Message %ROUTING-ISIS-4-LSPTOOBIG L[dec] LSP [chars] size [dec] bigger than interface [chars] MTU [dec], LSP dropped Explanation L-LEVEL LSP LSP-ID size LSP-LENGTH bigger than interface INTERFACE-NAME MTU INTERFACE-MTR, LSP dropped. This system was unable to flood an LSP out INTERFACE-NAME because the interface MTU was too small. The LSP has not been transmitted on the interface. Recommended Action Configure the routing area and the interfaces with a consistent MTU. Error Message %ROUTING-ISIS-4-MARTIAN Level [unsigned int] LSP [chars] contains an [chars] prefix advertsisement to the invalid prefix [chars]. This prefix will be ignored in subsequent route calculations. Explanation The specified LSP contains a prefix advertisement to an invalid martian prefix and the prefix has been ignored. As the prefix is invalid there should be no impact to routing as no traffic should be destined to the prefix. This message is however indicative of a problem in the router which issued the LSP as it should not have advertised such a prefix. Recommended Action Identify the source of the offending packet and correct it. Error Message %ROUTING-ISIS-4-MAX_REDIST_PREFIXES Topology [chars] level [unsigned int] is [chars]exceeding the maximum number of redistributed prefixes Explanation This configuration is redistibuting more than the allowable number of prefixes into an IS-IS topology. IS-IS will not advertise some of these routes. This is to prevent inadvertant redistribution of the Internet via IS-IS. Recommended Action Consider reconfiguring route redistribution into the IS-IS process. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Routing Messages ISIS Messages EM-2246 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-MEM_ALLOC_FAIL Failed to allocate [unsigned int] bytes for ’[chars]’ Explanation The process failed to allocate memory for the specified resource. This could be because the IS-IS topology is too large for the memory installed in the router. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-ISIS-4-MGD_TIMER_FAIL Error [chars] the [chars] [chars] timer: [chars] Explanation IS-IS encountered an unexpected error using the Managed Timer library. This is most likely to be due to a low memory condition but may also be an internal programming error. The error message should provide more information about the cause. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS process. *RECUR*. Error Message %ROUTING-ISIS-4-NSF_CHKPT_ACCESS_FAIL Failed to [chars] checkpoint record(s) [chars] [chars] table: [hex], ’[chars]’ Explanation An unexpected error occurred whilst IS-IS was accessing entries in the specified checkpoint table. If this error occurs during an NSF Cisco restart then that NSF restart may be aborted in favour of a traditional restart. If this error occurs during normal operation then the relevant checkpoint table may not be correct, and a subsequent NSF restart may not succeed. If however the error does not recur then the checkpoint tables should synchronize. The error may be caused by a low memory condition or through programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %ROUTING-ISIS-4-NSF_CHKPT_INIT NSF checkpoint init failure, [hex], ’[chars]’ Explanation The IS-IS process failed to initialize the checkpoint service for the specified error reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2247 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-NSF_CHKPT_TABLE_FAIL Failed to [chars] [chars] checkpoint table: [hex], ’[chars]’ Explanation An unexpected error occurred whilst IS-IS was accessing the specified checkpoint table. If this error occurs during an NSF Cisco restart then that NSF restart may be aborted in favour of a traditional restart. If this error occurs during normal operation then the relevant checkpoint table may not be correct, and a subsequent NSF restart may not succeed. The error may be caused by a low memory condition or through programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. *RECUR*. Error Message %ROUTING-ISIS-4-NSF_CREATE_FAIL Failed to create L[unsigned int] NSF adjacency to [chars] ([chars]) ([chars]) Explanation TBD. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-NSF_TE_TUNNEL_RESTORE_FAIL Failed to restore L[unsigned int] TE tunnel ([hex]) to [chars] ([chars]) ([hex], [chars]) Explanation An unexpected error occured whilst recreating TE tunnel from the checkpointed information. NSF may abort. Recommended Action Restart the ISIS process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-OSI_SOKT_FAIL Socket operation ’[chars]’ failed: [chars] Explanation Failed to perform a socket operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2248 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-P2P_CONFIG_MISMATCH L[unsigned int] [chars] configuration on P2P interface [chars] will not be used Explanation Any level specific configuration on a P2P interface is ignored. The configuration may be accepted but not used if the interface type is unknown or changed later to point-to-point. Recommended Action Configure the same parameter without using any level extension. Error Message %ROUTING-ISIS-4-REDIST_FAIL Error [chars] for redistribution of routes from [chars] [chars] into IS-IS Explanation The RIB returned an unexpected error when IS-IS attempted to (de)register for the redistribution of routes in the specified topology and owned by the specified protocol. If this is a registration error then routes from the specified protocol may not be advertised in IS-IS’s system LSPs. If this is a deregistration error then IS-IS may receive unnecessary redistribution updates from the RIB but the system LSPs will be correctly generated. The problem may be caused by a low memory condition but is most likely to be an internal programming error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Consider restarting the IS-IS and/or the RIB processes. *RECUR*. Error Message %ROUTING-ISIS-4-RSI_C_REGISTRATION_FAIL Attempt to register for a VRF failed: [chars] ([hex]) Explanation IS-IS failed to register for notification of changes to a VRF. Recommended Action This failure may be due to lack of resources. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Error Message %ROUTING-ISIS-4-SEQNUM_WRAP Sequence number wrapped in LSP [chars]. Explanation An LSP originated by this system has had its sequence number wrap around to 0. The IS-IS specification states that this system should shutdown for 20 minutes waiting for the LSP to age out before resuming routing. Recommended Action This condition can only occur if a network has been operational for several years, or if a network has been misconfigured for a long time. Disable the IS-IS routing process for max-lsp-lifetime and then restart it to clear the problem. Alternative approaches include changing the SYSTEM-ID or, if this occurred with a pseudo-node LSP, lowering the priority of the interface. Routing Messages ISIS Messages EM-2249 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-SETSOCKOPT_FAIL Error setting the value of the ’[chars]’ IS-IS network socket option to ’[chars]’ (length [unsigned int]): [chars] Explanation IS-IS encountered an error whilst configuring the socket it uses for network I/O. As a result the socket is unuseable and IS-IS cannot perform I/O. IS-IS will attempt to recover by closing the current socket and schedule an attempt to reconnect. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Consider restarting the IS-IS process. Error Message %ROUTING-ISIS-4-SHOW_NOMEM Internal memory allocation failure, display incomplete Explanation The requested display output may be incomplete due to an internal memory allocation problem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-SHUTDOWN Process is shutting down ([chars]): [chars] Explanation IS-IS has encountered a problem which means that is no longer able to continue and so it is shutting down. The message includes a brief description of the problem but will also have been preceded by another message providing a more detailed description of the problem. There are several types of reason why IS-IS may have to shutdown which include a fatal error during process initialization, a fatal problem with a critical service during normal operation, and a roll-over of one of the local system’s LSP’s sequence numbers. The message also describes whether or not IS-IS has automatically been restarted. Recommended Action Follow the instructions associated with the preceding message. If an automatic restart has been scheduled, then IS-IS may recover automatically. If a manual restart is required, then ’process start isis’ is required to recover. Error Message %ROUTING-ISIS-4-SNPTOOBIG L[dec] SNP size [dec] too big for interface [chars] MTU [dec], trimmed to interface MTU Explanation L-LEVEL SNP size SNP-LENGTH bigger than interface INTERFACE-NAME MTU INTERFACE-MTR, trimmed to interface MTU This system was unable to flood an SNP out INTERFACE-NAME because the LSP MTU setting is too big for the interface MTU. The SNP packet size was trimmed to fit the interface MTU. Recommended Action Configure the LSP MTU to a size that will fit within the interface MTU. Routing Messages ISIS Messages EM-2250 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-THREAD_SPURIOUS_PULSE Received a spurious pulse in thread [chars] (pulse value: [hex]) Explanation IS-IS Recevied a spurious (unexpected) pulse value and will ignore it. Recommended Action No action is required. Error Message %ROUTING-ISIS-4-TIMESTAMP_FAIL Error recording a timestamp ([dec]) Explanation An unexpected error occurred whilst recording a timestamp. This implies an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-4-UNKNOWN_ADDRESS_FAMILY Unknown address family [unsigned int] Explanation IS-IS has encountered an unrecognized address family ID. This is an internal programming error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-4-WD_METRIC_NOT_CONF In the topology [chars] [chars] has a wide metric of [unsigned int] but level L[unsigned int] is configured to generate narrow metrics. Maximum narrow value [unsigned int] is used instead Explanation The specified interface and topology has been configured with a metric value that requires metric-style wide to be configured for the relevant level. Recommended Action Configure metric-style wide for the topology and area. Routing Messages ISIS Messages EM-2251 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-4-ZERO_COST_LINK Level [unsigned int] LSP [chars] contains an invalid link advertsisement to [chars] ([chars] MT ID) with a metric of 0. This link will be ignored in subsequent route calculations. Explanation The specified LSP contains a link advertisement with an invalid metric of 0. Zero cost links have the potential to break the SPF algorithm and are not permitted by the IS-IS specification (ISO 10589 version 2) and so the IOS-XR router will ignore the link in any subsequent route calculations. As a result traffic which should be routed via the affected routers may be dropped or enter a routing loop. Recommended Action Identify the source of the offending packet and correct it. Error Message %ROUTING-ISIS-4-ZEROHOLDTIME IIH zero holdtime from [chars] Explanation IS-IS has received an IIH containing a zero holdtime from a neighbor with which no adjacency currently exists. The IIH has been discarded. The message indicates the interface and, in the case of a LAN interface, the SNPA from which the IIH was received. Recommended Action No action is required. Error Message %ROUTING-ISIS-5-ADJCHANGE Adjacency to [chars] ([chars]) ([chars]) [chars], [chars] Explanation Adjacency to SYSTEM-ID (INTERFACE-NAME) Up|Down, REASON. The adjacency to the system with SYSTEM-ID has gone up or down due to REASON. Recommended Action No action is required. Error Message %ROUTING-ISIS-5-AUTH_COMPUTE_FAILED Key Chain digest computation for [chars] failed due to [chars] Explanation The process encountered an error when computing the authentication digest. This may be due to misconfiguration on the local or remote system. It is possible that no currently valid keys are available. Recommended Action Check the password and authentication configurations on the local system. Error Message %ROUTING-ISIS-5-AUTH_FAILURE_DROP Dropped [chars] from [chars] due to [chars] Explanation The process encountered an error when authenticating an incoming PDU and dropped the PDU. This may be due to misconfiguration on the local or remote system. Recommended Action Check the password configuration on the local and remote systems. Routing Messages ISIS Messages EM-2252 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-5-AUTH_VERIFY_FAILED Key Chain digest verification for incoming [chars] failed due to [chars] Explanation The process encountered an error when verifying the authentication digest. This may be due to misconfiguration on the local or remote system. It is possible that no currently valid keys are available or the remote system is using an invalid authentication key. Recommended Action Check the password and authentication configurations on the local system. Error Message %ROUTING-ISIS-6-ADJNSF [chars] L[unsigned int]: Neighbor [chars] [chars] Explanation The adjacency on the INTERFACE-NAME and LEVEL with the system SYSTEM-ID STARTED responding or STOPPED responding during the NSF-restart of the SYSTEM-ID. Recommended Action No action is required. Error Message %ROUTING-ISIS-6-ATOMIC_RING_FULL [chars] queue is full. Explanation The atomic ring for the indicated queue is full. Recommended Action If the situation persists investigae whether there is resource starvation occurring. Error Message %ROUTING-ISIS-6-DBG_UNKNOWN_TRACEPOINT_NAME Unknown debug filter tracepoint name [chars] Explanation An unknown tracepoint name requested for a debug filter. Recommended Action No action is required. Error Message %ROUTING-ISIS-6-ERR_DUPID Duplicate System ID [chars] already used by [chars] detected in IIH received on [chars] Explanation IS-IS has received an IIH from a router claiming to have the same System ID as either the local system or another station on a LAN interface. The message indicates the interface and, in the case of a LAN interface, the SNPA from which the IIH was received. It also indicates whether we ourselves use this system ID, or the SNPA of the other station using the system ID. Recommended Action Duplicate system IDs are usually the result of misconfiguration or a bridging loop in the network. Configure each router with a unique system ID, and ensure that there are no bridging loops in the network. Routing Messages ISIS Messages EM-2253 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-6-EVENT_CONN_DESTROY_FAIL Error destroying ’[chars]’ connection: [chars] Explanation During process termination IS-IS failed to destroy a connection to a service provided by another process. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-6-EVENT_ERR Event handler error [dec] Explanation Event handler error ERRNO. This system encountered an error ERRNO trying to get an event from the event handler. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-6-EVQ_DESTROY_FAIL Failed to destroy the [chars] event queue [hex]: [hex], ’[chars]’ Explanation An unexpected error occured whilst destroying an event queue. This is an internal programming error, but will not affect protocol operation as it occurred whilst IS-IS was destroying resources which are no longer required. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.. Error Message %ROUTING-ISIS-6-FAIL_ADJADD Failed to create adjacency for [chars] ([chars]): [chars] Explanation Failed to create adjacency to the displayed IS via the displayed interface for the reason specified. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages ISIS Messages EM-2254 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-6-IIH_IF_ADDRESS IIH received from [chars] contains [chars] [chars] interface address: [chars] Explanation IS-IS received an IIH from the specified source containing an invalid and potentially unusable interface address for the specified address family. The message contains details of why the interface address is invalid. The message implies that the router sending the bad IIH is either misconfigured or is not conforming to the IS-IS specification. If the message describes the address as unusable, then IS-IS is not able to use the adjacency as a next hop for the specified address family. Otherwise IS-IS will still attempt to use the adjacency as a next hop. Recommended Action Using the contents of the error message as a guide, check the configuration of the router sourcing the IIH or contact the router’s vendor. Error Message %ROUTING-ISIS-6-INFO_STARTUP_ABORTED [chars] controlled start aborted. Reason: [chars] Explanation Startup state-machine controlled startup aborted for the specified reason. Some of the reasons indicate an internal software error, or the failure of anther software service. Other reasons are due to configuration or other operational problems. Recommended Action If the indicated reason can be corrected with configuration changes, then do so; otherwise, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-6-INFO_STARTUP_FINISH [chars] controlled start completed Explanation Startup state-machine controlled startup process ends here. Recommended Action None. Error Message %ROUTING-ISIS-6-INFO_STARTUP_FORCED_COLD Resorting to cold start: [chars]. Explanation The startup state-machine has determined that a cold (re)start must be performed regardless of current NSF configuration for the reason specified. Recommended Action None. Error Message %ROUTING-ISIS-6-INFO_STARTUP_START [chars] controlled start beginning Explanation Startup state-machine controlled startup process begins here. Recommended Action None. Routing Messages ISIS Messages EM-2255 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-6-INTF_MAC_ADDR_CHG_INVALID MAC address change notification received for P2P interface: [chars] Explanation IS-IS received MAC address change notification for non LAN interface. ISIS ignores the notification. The message is only informational. Recommended Action No action is required. Error Message %ROUTING-ISIS-6-NO_INPUTBUF Unable to allocate input buffer Explanation This system failed to allocate an input buffer because there was insufficient memory to do so. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-ISIS-7-ERR_CREATEMQ Error in creating message queue to MPLS Explanation The process failed to create a message queue to communicate with MPLS. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-7-ERR_MSG Error in reading message: [chars] Explanation The process failed to read the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-7-ERR_MSGLEN Error in reading message length: [chars] Explanation The process failed to read the message length. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ISIS Messages EM-2256 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ISIS-7-ERR_RCV_PAKTYPE Invalid IS-IS packet type [unsigned int] received on [chars] ([chars] code) Explanation An invalid packet was received on the specified interface (and, in the case of a LAN interface, SNPA). The packet is invalid because its type code is either unrecognized or inappropriate (e.g. a point to point IIH on a LAN interface). The packet has been ignored. Recommended Action No action is required. Error Message %ROUTING-ISIS-7-ERR_RECV_TE_MSG Received an invalid length TE message for [chars]: expected ([unsigned int]), received ([unsigned int]) Explanation The process has received an invalid length TE message. As a result, the TE message is ignored and TE tunnel may not come up. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-7-ERR_SEND_TE_MSG Failed to send a [chars] message to TE Explanation The process encountered an error while sending message to TE. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ISIS-7-STALE_PNODE_PURGE Skipping stale purge event for L[dec] LSP [chars] pseudo-node Explanation The router has re-elected itself DIS after initiating a purge of its L-LEVEL LSP LSP-ID due to a previous resignation. Recommended Action No action is required.Routing Messages LDP Messages EM-2257 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LDP Messages Error Message %ROUTING-LDP-3-ERR_BACKEND Backend scan failed for ’[chars]’: [chars] Explanation LDP failed backend scan for some tuple path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-3-ERR_GENERAL [chars] Explanation A general error occurred within LDP. The details appear in the output. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-3-ERR_INIT_SYNC_MISSING_SOCK Init Sync Done: Missing Pending Socket([chars]) Explanation Received Init Sync Done notification but socket wasn’t in pending database. Recommended Action No action is required. Error Message %ROUTING-LDP-3-ERR_LSD_INTF LSD Intf-[chars] failed for [chars] (ifh [hex]): [chars] Explanation LDP encountered some problem while trying to enable/disable MPLS on an interface via LSD server. Recommended Action Make sure that LSD is running and LDP is connected/registered with it. Error Message %ROUTING-LDP-3-ERR_LSD_REG LSD application registration failed: [chars] Explanation LDP encountered a problem while trying to register with LSD server. Recommended Action Make sure that LSD is running and LDP is connected to it. Routing Messages LDP Messages EM-2258 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LDP-3-ERR_TCP_ENQUEUE_MSG_INVALID_TX_CTX TCP: Msg Enqueue Failed: Invalid Tx Ctx. Explanation Msg was enqueued with non-NULL tx ctx when NSR is disabled. Recommended Action Remove source of transmit. Error Message %ROUTING-LDP-3-ERR_TCP_ENQUEUE_MSG_NOT_ACTIVE TCP: Msg Enqueue Failed: Node isn’t active. Explanation Standby Node tried to transmit LDP message. Recommended Action Remove source of transmit. Error Message %ROUTING-LDP-3-INCONSISTENCY An internal inconsistency was detected:[chars] Explanation LDP has detected an internal inconsistency. Please capture a core file for analysis. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-3-LOST_NSR_IPC_MSG An inter-card NSR msg was lost Explanation A received sequence number did not match the expected one. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-3-NSR_ACK_CHK_FAILED NSR ACK CHK failed: [chars]; count [dec] Explanation NSR ACK CHK failed. Please perform show mem heap for analysis. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages LDP Messages EM-2259 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LDP-3-NSR_IPC_TRANSPORT_FAILURE Repeated internode transport failures, re-initiating NSR sync Explanation LDP encountered too many consecutive transport errors while trying to send NSR messages which triggers NSR sync again. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-3-NSR_PEER_SYNC_RX_ERR Peer [chars]; op equals ’[chars]’; [chars] Explanation Standby LDP instance encountered an error during processing of NSR synchronization data sent by Active LDP instance. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-4-BAD_PDU_LENGTH A message with botched PDU length is received from peer [chars] Explanation A message with botched PDU length is received from the network. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-4-BAD_TLV TLV Check failed for a message (type [hex]) received from peer [chars] Explanation A message with a bad TLV is received from the network. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-4-DEPRECATED_RTRID ’router-id interface command is deprecated. Delete ’router-id [chars]’ and reconfigure ’router-id ip_addr’. Explanation MPLS LDP ’router-id interface’ command is deprecated. Recommended Action Use ’router-id ip_addr’. Routing Messages LDP Messages EM-2260 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LDP-4-DISCOVERY_SLIP CPU load or blockage caused latent tx of UDP discovery to [chars]: interval equals [dec] sec, expected equals [dec] sec. Hold equals [dec] sec Explanation Heavy CPU load or process blockage resulted in slip of discovery transmission. Possibly resulting in session/adjacency flap. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-4-DUP_ADDR_RCVD Duplicate Address [chars] advertised by peer [chars] is already bound to peer [chars] Explanation LDP received an Address advertisement for an address from a peer, but the address is already bound to a different peer. Recommended Action Fix the misconfiguration in the network and clear LDP sessions which have Address bindings which should not exist or are missing Address bindings which should exist. Error Message %ROUTING-LDP-4-TX_KEEPALIVE_SLIP CPU load or blockage caused latent tx of LDP keepalive to [chars]: interval equals [dec] sec, expected equals [dec] sec. Hold equals [dec] sec Explanation Heavy CPU load or process blockage resulted in slip of discovery transmission. Possibly resulting in session. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-5-GR GR session [chars] (instance [dec]) [chars] Explanation An LDP GR session state change has occured - such as disconnected, reconnected, timed out, forced abort, and cleaned up. This message appears only if the log graceful-restart command is configured. Recommended Action No action is required. Routing Messages LDP Messages EM-2261 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LDP-5-GR_RESTART_COMPLETE GR forwarding state hold timer has expired Explanation After LDP local restart, LDP GR forwarding state hold timer has expired, and MPLS forwarding is now being updated and reinstated by LDP application. This message appears only if the log graceful-restart command is configured. Recommended Action No action is required. Error Message %ROUTING-LDP-5-NBR_CHANGE Neighbor [chars], [chars] [chars] Explanation A LDP neighbor has changed state (up/down). If neighbor has went down, then a reason for session going down is also displayed. This message appears only if the log neighbor command is configured for the LDP process. Recommended Action No action is required. Error Message %ROUTING-LDP-5-NSR_SYNC_DONE Initial synchronization successfully done for [dec] peers Explanation LDP Non-stop routing initial-sync event has completed successfully for some or all peers. This message appears only if the mpls ldp log nsr command is configured. Recommended Action If number of peers do not match the number of peer for SYNC_START, then Check LDP logs and traces to see why not all attempted peers were successfully synced. Error Message %ROUTING-LDP-5-NSR_SYNC_LOST Global synchronization lost Explanation LDP Non-stop routing synchronization lost with the standby node. This message appears only if the mpls ldp log nsr command is configured. Recommended Action No action is required. Error Message %ROUTING-LDP-5-NSR_SYNC_PEER_DONE Peer [chars] initial synchronization done Explanation LDP Non-stop routing peer initial-sync event has completed successfully. This message appears only if the mpls ldp log nsr command is configured. Recommended Action No action is required. Routing Messages LDP Messages EM-2262 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LDP-5-NSR_SYNC_PEER_LOST Peer [chars] synchronization lost Explanation LDP Non-stop routing synchronization lost for the peer. This message appears only if the mpls ldp log nsr command is configured. Recommended Action No action is required. Error Message %ROUTING-LDP-5-NSR_SYNC_START Initial synchronization started for [dec] peers Explanation LDP Non-stop routing initial-sync event has been started for all eligible peers. This message appears only if the mpls ldp log nsr command is configured. Recommended Action No action is required. Error Message %ROUTING-LDP-5-SESSION_PROTECTION [chars] for peer [chars] Explanation An informational LDP notice was generated for a Session Protection event. Recommended Action No action is required. Error Message %ROUTING-LDP-5-SHUTDOWN LDP process is shutting down due to ’[chars]’ memory state. Explanation LDP process exiting due to unknown/critical node memory state. Recommended Action Start ’mpls_ldp’ process after memory state goes normal. Error Message %ROUTING-LDP-6-ISYNC_CHKPT_LIMIT Limit reached for maximum ([dec]) number of neighbors per interface Explanation LDP checkpointing has limit for maximum number of neighbors per interface due to LDP IGP Sync feature requirements. It is not recommended to cross the limit provided by Engineering. If crossed, undesired affects can be seen and LDP IGP Sync feature may not work. Recommended Action Limit number of neighbors to the value as provided in Engineering guidelines Routing Messages LMRIB_API Messages EM-2263 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LDP-7-ERR_INIT ’[chars]’ ([chars]) Explanation An internal system error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LDP-7-ERR_INIT_FATAL Failed to initialize ’[chars]’: [chars]: Process now terminating Explanation A fatal error occurred during initialization of an LDP subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LMRIB_API Messages Error Message %ROUTING-LMRIB_API-3-ASYNC_ERR Asynchronous error: [chars] Explanation ’An unhandled asynchromous error occurred in the LMRIB API’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LMRIB_API-3-CORRPT Corrupted update: [chars]. (expected [dec] bytes, got [dec] bytes) Explanation ’A corrupted update was received from the LMRIB by the LMRIB API’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LMRIB_API-3-GEN_ERR [chars] Explanation Error occurred in lmrib client lib. Recommended Action No action is required. Routing Messages LSPV Messages EM-2264 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LMRIB_API-3-GENINITFAIL Initialization failed: [chars] [chars] Explanation Error occurred at client initialization. Recommended Action No action is required. Error Message %ROUTING-LMRIB_API-3-RPC_FAIL RPC failure: [chars] Explanation ’An RPC-related error occurred in an RPC call from the LMRIB API’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LMRIB_API-7-ASYNC_WAR Warning: [chars] Explanation ’A recoverable error condition occurred in the LMRIB API’ Recommended Action No action is required. LSPV Messages Error Message %ROUTING-LSPV-3-BAG_REG_ERR bag(s) registration failed: [chars] Explanation Some error occured while trying to register edm bags. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LSPV-3-SYSDB_BIND_ERR sysdb_bind failed for ’[chars]’: [chars] Explanation Some error occured in sysdb bind operation bind. The text of the message displays the failed operation for the bindpoint with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages LSPV Messages EM-2265 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LSPV-3-SYSDB_ERR [chars] failed: [chars] Explanation Some error occured in sysdb operation. The text of the message displays the failed operation with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LSPV-4-show_timeout [chars] Explanation It was not possible to obtain the lock required to access the databases. This may be due to the main thread being very busy processing events. Recommended Action Wait a few minutes, and re-attempt to issue the show command. Error Message %ROUTING-LSPV-7-ERR_EVENT [chars] failed: error equals [hex] ([chars]) Explanation Some error occured in event/event manager/event connection operations. The text of the message displays the failed operation with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LSPV-7-ERR_GENERAL [chars] failed: error equals [hex] ([chars]) Explanation Some requested operation failed. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LSPV-7-ERR_INIT Failed to init ’[chars]’. Process now terminating Explanation Initialization of some subsystem failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MFWD_MA Messages EM-2266 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-LSPV-7-ERR_INIT_RC Failed to init ’[chars]’: error equals [hex] ([chars]). Process now terminating Explanation Initialization of some subsystem failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-LSPV-7-ERR_TIMER [chars] failed: error equals [hex] ([chars]) Explanation Some error occured in operations with mdg timers. The text of the message displays the failed operation with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MFWD_MA Messages Error Message %ROUTING-MFWD_MA-3-CFG_ERR [chars] cfg counter already 0. Can’t decrement : Item is [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_DEBUG_INIT_EVENT Failed to initialize and chain together the debug event discriptors : [chars] Explanation An error related to the debugging subsystem occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MFWD_MA Messages EM-2267 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MFWD_MA-3-ERR_DEBUG_REG Sysdb registration for debug config failed : [chars] Explanation An error related to the debugging subsystem occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_EVM_ASYNC_ATTACH [chars] : [chars] Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_EVM_CONN_CREATE Event connection create for [chars] failed : [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_EVM_CONN_NOTIFY Event connection notify for [chars] failed : [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MFWD_MA Messages EM-2268 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MFWD_MA-3-ERR_EVM_CONN_OPEN Event connection open for [chars] failed : [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_EVM_CREATE Cannot create event manager : [chars] Explanation An unrecoverable error occurred at system initialization time. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_IMC_CONTROL_SERVER_BIND Error in imc control server bind : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_LTRACE_INIT [chars] : [chars] Explanation An unrecoverable error occurred at system initialization time. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_MEM_ALLOC [chars] Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MFWD_MA Messages EM-2269 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MFWD_MA-3-ERR_MEM_FAIL [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_MEM_FAIL_1 [chars] : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_BAG_DECODE Error in bag decoding : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_BAG_FREE_INDIRECTIONS Error in bag free : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_BAG_REG Cannot register bags : [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MFWD_MA Messages EM-2270 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_BIND Error in sysdb bind : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_DATALIST_FREE Error in datalist free : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_DATALIST_NEXT Error in datalist next : [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_EDM_FNS_INIT SysDB Oper - [chars] failed : [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_EDM_REG SysDB Oper - [chars] failed : [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MFWD_MA Messages EM-2271 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_REG_VERIFY SysDB operation [chars] failed: [chars] Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-ERR_SYSDB_VRFN_FNS_INIT SysDB operation [chars] failed: [chars] Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-GEN_ERR [chars] failed : [chars]. Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-GENINITFAIL Initialization failed: [chars] [chars] Explanation An unrecoverable error occurred at system initialization time. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MFWD_MA-3-IDB_ERR [chars] failed for [chars] [[hex]] : [chars] Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MPLS_ALM Messages EM-2272 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MFWD_MA-3-IM_UPDATE_IDB_HANDLE_MISMATCH idb [chars] has handle [[hex]], IM update has [[hex]] Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPLS_ALM Messages Error Message %ROUTING-MPLS_ALM-7-ERR_GENERAL [chars] : [chars] Explanation An internal system error occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPLS_FWD Messages Error Message %ROUTING-MPLS_FWD-2-NO_MEM No memory for ’[chars]’ Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_FWD-3-BAG_REG_ERR bag(s) registration failed: [chars] Explanation Some error occured while trying to register edm bags. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MPLS_FWD Messages EM-2273 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_FWD-3-ERR_GENERAL [chars] failed: [chars] Explanation Some requested operation failed. The text of the message displays the failed operation with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_FWD-3-EVENT_ERR [chars] failed: [chars] Explanation Some error occured in event/event manager/event connection operations. The text of the message displays the failed operation with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_FWD-3-SYSDB_BIND_ERR sysdb_bind failed for ’[chars]’: [chars] Explanation Some error occured in sysdb bind operation bind. The text of the message displays the failed operation for the bindpoint with error code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_FWD-3-SYSDB_ERR [chars] failed: [chars] Explanation Some error occured in sysdb operation. The text of the message displays the failed operation with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages MPLS_HW Messages EM-2274 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MPLS_HW Messages Error Message %ROUTING-MPLS_HW-2-ERROR [chars]. Error equals [chars] (errno equals [dec]). Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-MPLS_HW-2-ERROR [chars]. Error equals [chars] (errno equals [dec]). Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-MPLS_HW-2-ERROR_TLU_ALLOC [chars]. Error equals [chars] (errno equals [dec]). Explanation Hardware memory allocation for table lookup unit (TLU) failed. This can be because the system has more forwarding entries than supported limits or there is a software defect. Recommended Action Please collect output of show tlu server summary [egress/ingress] loc to see why the line card is running out of forwarding entries. Then try to reduce the entries if possible. Copy the error message and report to your technical support representative. Error Message %ROUTING-MPLS_HW-2-ERROR_TLU_ALLOC [chars]. Error equals [chars] (errno equals [dec]). Explanation Hardware memory allocation for table lookup unit (TLU) failed. This can be because the system has more forwarding entries than supported limits or there is a software defect. Recommended Action Please collect output of show tlu server summary [egress/ingress] loc to see why the line card is running out of forwarding entries. Then try to reduce the entries if possible. Copy the error message and report to your technical support representative. Routing Messages MPLS_HW Messages EM-2275 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_HW-2-ERROR_TLU_WRITE [chars]. Error equals [chars] (errno equals [dec]). Explanation Hardware memory write for table lookup unit (TLU) failed. This can because 1) connection to mipc lost. 2) mipc/metro problem. Recommended Action Please collect output of show pse ipc clinet-connection all loc and show asic-errors pse [0|1] all loc . Copy the error message and report to technical support representative. Error Message %ROUTING-MPLS_HW-2-ERROR_TLU_WRITE [chars]. Error equals [chars] (errno equals [dec]). Explanation Hardware memory write for table lookup unit (TLU) failed. This can because 1) connection to mipc lost. 2) mipc/metro problem. Recommended Action Please collect output of show pse ipc clinet-connection all loc and show asic-errors pse [0|1] all loc . Copy the error message and report to technical support representative. Error Message %ROUTING-MPLS_HW-2-ERROR_WITH_LABEL [chars]. Error equals [chars] (errno equals [dec]). Out label equals [dec]. Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-MPLS_HW-2-ERROR_WITH_LABEL [chars]. Error equals [chars] (errno equals [dec]). Out label equals [dec]. Explanation There was a critical system call failure resulting in a failure to provide some system service as indicated in the message text. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-MPLS_HW-6-INFO [chars]. Error equals [chars] (errno [dec]). Explanation There was an internal failure that may impact non-essential system function. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Routing Messages MPLS_IMC_CLIENT Messages EM-2276 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_HW-6-INFO [chars]. Error equals [chars] (errno [dec]). Explanation There was an internal failure that may impact non-essential system function. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-MPLS_HW-6-INFO_WITH_LABEL [chars]. Error equals [chars] (errno [dec]). Out label equals [dec]. Explanation There was an internal failure that may impact non-essential system function. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-MPLS_HW-6-INFO_WITH_LABEL [chars]. Error equals [chars] (errno [dec]). Out label equals [dec]. Explanation There was an internal failure that may impact non-essential system function. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. MPLS_IMC_CLIENT Messages Error Message %ROUTING-MPLS_IMC_CLIENT-3-ERR_IMC MPLS LIB IM client could not register for debugging ([chars]) Explanation MPLS LIB IM client library failed to register for debugging. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages MPLS_IO Messages EM-2277 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MPLS_IO Messages Error Message %ROUTING-MPLS_IO-3-ERR_MEM_ALLOC [chars] failed :[chars] Explanation Some error occurred in Alloc/Chunk related memory operations. The text of the message displays the failed operation and the related memory construct. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_IO-6-ERR_GENERAL [chars]: [chars] Explanation Some informational message with cerrno. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_IO-7-ERR_IM [chars] failed: [chars] Explanation Some error occurred in operations with IM. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_IO-7-ERR_PAK [chars] failed: [chars] Explanation Some error occurred in Packet (IP/MPLS/ICMP) related operations. The text of the message displays the failed operation and the related error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MPLS_LCAC Messages EM-2278 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_IO-7-ERR_TIMER [chars] failed for ’[chars]’: [chars] Explanation Some error occurred in Managed Timer related operations. The text of the message displays the failed operation and the related timer construct with error code. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_IO-7-ERR_WAVL [chars] failed (tree equals [chars]): [chars] Explanation Some error occurred in WAVL operations The text of the message displays the failed operation and the related wavl tree. The traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPLS_LCAC Messages Error Message %ROUTING-MPLS_LCAC-4-SHOW_WARNING The show thread waited [unsigned int] seconds and could not acquire the mutex. Aborting show request. Please try again. If this problem persists, please contact your technical service representative. Explanation The show thread could not acquire the mutex to service the show request. The main thread in te_control may be busy/blocked/hogging while holding That mutex. Recommended Action Try to run the show command again. If the error reoccurs, then check the state of the te_control process (show process te_control). If thread number 1 is blocked for an extended period of time, contact your technical service representative. Error Message %ROUTING-MPLS_LCAC-7-ERR_INTERNAL [chars] Explanation An internal system error occured. Recommended Action Copy the message exactly as it appears and report it to your technical service representative.Routing Messages MPLS_LSD Messages EM-2279 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MPLS_LSD Messages Error Message %ROUTING-MPLS_LSD-2-ERR_MEM_ALLOC Insufficient memory for ’[chars]’, [unsigned int] bytes, terminating Explanation MPLS LSD terminated due to lack of memory for a critical operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_LSD-3-ERR_INVALID_THREAD Callback from ENS on incorrect thread, actual/expected equals [dec]/[dec] (CSCsd51829) Explanation Detected single-threaded mpls-lsd code running on an unknown thread. This concurrency can result in corruption. Recommended Action Collect LSD traces Error Message %ROUTING-MPLS_LSD-3-MULTI_IP_FPI_RW [chars] Explanation Rewrite creation or modification failed due to presence of multiple IP route elements. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_LSD-7-ERR_CLIENT_FAULT [chars] Explanation Client error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_LSD-7-ERR_GENERAL [chars] Explanation Miscellaneous MPLS LSD error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MPLS_NETIO Messages EM-2280 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_LSD-7-ERR_INIT Initialization of MPLS LSD failed, op equals ’[chars]’ ([chars]) Explanation MPLS LSD failed to initialize for the reason displayed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPLS_NETIO Messages Error Message %ROUTING-MPLS_NETIO-5-CLEAR_MAPPING_FAILED control clear mapping for [chars] mpls proto [dec] failed [chars] Explanation MPLS could not clear control mapping for underlying protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_NETIO-5-SET_MAPPING_FAILED control set mapping for [chars] to [hex]/[hex] mpls proto [dec] failed [chars] Explanation MPLS could not set control mapping for underlying protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_NETIO-7-BAD_ARP_DROP Pkt([pointer]) with no nexthop in HSSD, output interface - CH[hex]. MPLS label stack:[chars]. IP info:[chars]. HSSD info:[chars]. Explanation MPLS slowpath got a packet for which ARP needs to be done, but, it doesn’t have the nexthop needed. The pkt is dropped. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MPLS_STATIC Messages EM-2281 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_NETIO-7-ERR_GENERAL [chars] FAILED: [chars] Explanation Some miscellaneous error occured. The text of the message explains the err/warning and traceback can be used to get the function/line number of error generating code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPLS_STATIC Messages Error Message %ROUTING-MPLS_STATIC-4-ERR_MEM_ALLOC Memory allocation failed for [chars] Explanation Allocation of memory failed. Recommended Action Add more memory. Error Message %ROUTING-MPLS_STATIC-6-ERR_CONN Connection to the [chars] failed ([chars]) Explanation MPLS static process could not connect with a manager. Recommended Action No action is required. Error Message %ROUTING-MPLS_STATIC-7-ERR_INIT Initialization of MPLS Static failed - [chars] ([chars]) Explanation Initialization of the MPLS Static process failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages MPLS_TE Messages EM-2282 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MPLS_TE Messages Error Message %ROUTING-MPLS_TE-3-CALLBACK_WRONG_THREAD A callback ([chars]) has been received in the wrong thread ([unsigned int], should be in [unsigned int]). The callback has not been handled. Explanation A callback from the IOX-XR infrastructure was not handled by the MPLS-TE process because it was received in the wrong thread. The TE process may now be in an inconsistent state with the rest of the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. The te_control process may be restarted in order to recover from this situation. Error Message %ROUTING-MPLS_TE-3-ERR_INTERNAL_CHECK [chars](): line [unsigned int]: [chars] Explanation An inconsistency in internal state was detected. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-MPLS_TE-3-ERR_INTERNAL_CHECK_RC [chars](): line [unsigned int]: [chars]: error [chars] ([hex]) Explanation An inconsistency in internal state was detected. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-MPLS_TE-3-ERR_MEM_ALLOC Memory allocation failed for [chars] Explanation Allocation of memory failed. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-MPLS_TE-3-ERR_SYSDB_BAG_DECODE [chars]: [chars]: [chars] Explanation A Bag related error occurred. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Routing Messages MPLS_TE Messages EM-2283 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_TE-3-ERR_SYSDB_DELETE [chars]: [chars]: [chars] Explanation A SysDB free related error occurred. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-MPLS_TE-3-ERR_SYSDB_GET [chars]: [chars] failed for path [chars] : [chars] Explanation A sysdb error occurred. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-MPLS_TE-3-ERR_TRACE_INIT Traffic-eng event tracing subsytem initialization failed Explanation Traffic-eng could not initialize the tracing module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MPLS_TE-3-LSP_UPDOWN [chars] (LSP Id: [unsigned int]) state changed to [chars] Explanation The specified interface has changed operational state. Recommended Action None. This is a solicited message (by ’logging event lsp-status state’ interface configuration) and is informative only. Error Message %ROUTING-MPLS_TE-4-SHOW_WARNING The show thread waited [unsigned int] seconds and could not acquire the mutex. Aborting show request. Please try again. If this problem persists, please contact your technical service representative. Explanation The show thread could not acquire the mutex to service the show request. The main thread in te_control may be busy/blocked/hogging while holding That mutex. Recommended Action Try to run the show command again. If the error reoccurs, then check the state of the te_control process (show process te_control). If thread number 1 is blocked for an extended period of time, contact your technical service representative. Routing Messages MPLS_TE Messages EM-2284 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_TE-4-SHUTDOWN Process is shutting down ([chars]): [chars] Explanation TE process has encountered a problem which means it is no longer able to continue and is shutting down. The message includes a brief description of the problem. The message also describes whether or not TE process has automatically been restarted. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Follow the instructions associated with this message. If message states that an automatic restart has been scheduled, then TE process will recover automatically. If a manual restart is required, then ’process start te_control’ is required to recover. Error Message %ROUTING-MPLS_TE-4-WARN [chars] Explanation An internal system warning occurred. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-MPLS_TE-4-WARNING_FSM_EVENT_DROP Traffic-eng FSM dropped an event ([chars]) for S2L (tid [unsigned int], etid [unsigned int], lspid [unsigned int], p2mpid [unsigned int], subgroupid [unsigned int]) Explanation Traffic-eng FSM dropped an event, because the S2L was created after the event was posted. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-MPLS_TE-5-FRR Backup Tunnel ([chars], LSP Id: [unsigned int]) state changed to [chars]. Explanation The specified backup tunnel interface has changed it’s FRR status. Recommended Action None. This is a solicited message (by ’logging events frr-protection’ interface configuration) and is informative only. Error Message %ROUTING-MPLS_TE-5-LSP_REOPT [chars] (LSP Id: [unsigned int]) has been reoptimized. Explanation The specified interface has been reoptimized with the specified LSP. Recommended Action None. This is a solicited message (by ’logging event lsp-status reopt’ interface configuration) and is informative only. Routing Messages MPLS_TE Messages EM-2285 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MPLS_TE-5-LSP_REROUTE [chars] (LSP Id: [unsigned int]) has been fast-rerouted. Explanation The specified interface has been rerouted. Recommended Action None. This is a solicited message (by ’logging event lsp-status reroute’ interface configuration) and is informative only. Error Message %ROUTING-MPLS_TE-5-LSP_REROUTE_PENDING [chars] (LSP Id: [unsigned int]) is in re-route pending state. Explanation The specified interface is fast-reroute enabled and in UP state; path verification failed but it did not take down the interface. Interface is now in re-route pending state and may stay in this state forever until the interface finds a valid path. Recommended Action This is a solicited message (by ’logging event lsp-status reroute’ interface configuration). User may verify interface configuration and network topology. Error Message %ROUTING-MPLS_TE-5-LSP_REROUTE_PENDING_CLEAR [chars] (old LSP Id: [unsigned int], new LSP Id: [unsigned int]) has been reoptimized. Explanation The specified interface is fast-reroute enabled and in UP state; earlier path verification failed but it did not take down the interface and got into reroute-pending state. Interface is now getting out of re-route pending state as a result of reoptimization. Recommended Action None. This is a solicited message (by ’logging event lsp-status reroute’ interface configuration). Error Message %ROUTING-MPLS_TE-7-ERR_IM [chars]: [chars] failed, some tunnel-te interfaces were not created properly Explanation An Ifmgr error occurred. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-MPLS_TE-7-ERR_INTERNAL [chars] : [chars] Explanation An internal system error occurred. Recommended Action Copy the message exactly as it appears and report it to your technical service representative.Routing Messages MRIB_API Messages EM-2286 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MRIB_API Messages Error Message %ROUTING-MRIB_API-3-ASYNC_ERR Asynchronous error: [chars] Explanation ’An unhandled asynchromous error occurred in the MRIB API’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB_API-3-CORRPT Corrupted update: [chars]. (expected [dec] bytes, got [dec] bytes) Explanation ’A corrupted update was received from the MRIB by the MRIB API’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB_API-3-GEN_ERR [chars]%s Explanation Error occurred in mrib client lib. Recommended Action No action is required. Error Message %ROUTING-MRIB_API-3-GENINITFAIL Initialization failed: [chars] [chars] Explanation Error occurred at client initialization. Recommended Action No action is required. Error Message %ROUTING-MRIB_API-3-RPC_FAIL RPC failure: [chars] Explanation ’An RPC-related error occurred in an RPC call from the MRIB API’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MRIB Messages EM-2287 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MRIB_API-7-ASYNC_WAR Warning: [chars] Explanation ’A recoverable error condition occurred in the MRIB API’ Recommended Action No action is required. MRIB Messages Error Message %ROUTING-MRIB-2-NOMEMORY [chars]No memory for [chars] in [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-MRIB-2-NORESOURCE Resource unavailable for [chars] in [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-MRIB-2-RC_INIT_ERR Route collapse IPC Init failed at [chars]! Explanation The route collapse IPC could not be initialized Recommended Action This is a fatal error. Process does not recover currently. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-EDM_INIT Error in EDM activity : [chars] - [chars] Explanation An error occurred when MRIB tried to initialize conn to Sysdb for show commands. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MRIB Messages EM-2288 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MRIB-3-EXTRANET_ERR [chars] Explanation An error occurred in MRIB MVPN EXTRANET operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-GEN_ERR [chars]%s Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-GENCOMMERR Communication error: [chars] [chars] Explanation A Inter Process Communication error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-GENINITFAIL Initialization failed: [chars] [chars] Explanation An unrecoverable error occurred at system initialization time. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-IFCACHE_ERR [chars] Explanation An error occurred in MRIB interface cache operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MRIB Messages EM-2289 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MRIB-3-INTERNALERR Internal error: [chars] in [chars] line [dec] ([chars]) Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-LRD_ERR LRD Error: [chars] - [chars] Explanation A general error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-LWM_ERR MRIB LWM error: [chars] - [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-MOD_INTF_LIST Interface [chars] has no modified flags. Shouldn’t be present in list. Explanation An error occurred when MRIB tried to walk the modified interfaces list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-NSF_ERR [chars] Explanation An error occurred in MRIB NSF. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MRIB Messages EM-2290 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MRIB-3-NSFSTATE Error modifying MRIB Non-stop Forwarding state in [chars]: [chars] Explanation An internal error occurred when MRIB attempted to transition to/from Non-stop Forwarding mode. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-RC_ERR [chars] Explanation An error occurred in MRIB route collapse operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-REDUCEDFUNCT Initialization of [chars] functionality failed Explanation The initialization of a functionality failed. This component migh still operate without the functionality. Recommended Action This indicate a resource shortage. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-MRIB-3-TLC_ERR [chars] Explanation An error occurred in MRIB TLC operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-3-TREE_OPER Failed to [chars] [chars] interface in interface tree of [chars]. Explanation An error occurred when MRIB tried to perform a tree operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MRIB Messages EM-2291 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MRIB-4-CLIENT_WRITE Client [CCB ID [dec]]. Update size equals [dec] bytes. [chars] Explanation A client attempted to write an invalid update. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-4-DEBUGERR Debugging error: [chars] in [chars] line [dec] ([chars]) Explanation An error related to the debugging subsystem occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-4-FILTRVIOLERR Filter violation error: conn [dec] ([chars]:[chars]) in [chars] Explanation A client tried to modify a route attribute not owned by it Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-4-GEN_WARN [chars] Explanation A general warning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MSDP Messages EM-2292 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MRIB-4-INCORRECTPARS Illegal parameter in function call ([chars]) in [chars] Explanation An externally accessible function has been called with illegal parameter(s). the parameter(s) has been casted to an acceptable value. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MRIB-4-NOMEMORYW No memory for [chars] in [chars]. Handling: [chars] Explanation The requested operation could not be accomplished because of a low memory condition but the problem has ben handled locally. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-MRIB-4-STALE_HANDLE_ERR [chars]%s Explanation A pfi query was made for a stale interface handle, possibly transient error. Recommended Action No action is required. Error Message %ROUTING-MRIB-5-BCDL_ERR Failed to [chars]: [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MSDP Messages Error Message %ROUTING-MSDP-3-ACL_ERR acl error: [chars] [chars] [chars] Explanation Check if access list is configured as intended Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages MSDP Messages EM-2293 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MSDP-3-BAD_STATE the peer [chars] has changed to an illegal state: [dec] Explanation The state was not one of the valid states Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-CACHE_ERR cache error: [chars] [chars] Explanation An error occured updating the SA cache. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-CONNECTION_ERR [chars] error: [chars] Explanation A peer has incorrectly attempted to establish a connection with us. Possible causes may include a passive peer trying to make an active connection, in this case the connection will be rejected. Recieving a connection request from a peer that is in the Established state, in this case the current, if the peer is active, the existing connection will be terminated and the new connection will be acted upon. recommended_action: Gather as much relavent information from the respective peer. *SUPPORT* Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-EDM_ERR error: show server error: [chars] [chars] Explanation An error occured with a show client communicating with the msdp. show server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-EVENT_FAILED event [chars] failure: [chars] Explanation An unrecoverable error occurred during the event loop. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MSDP Messages EM-2294 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MSDP-3-IARM_REG_ERR Failed to register on interface [chars]: [chars] Explanation An error occured when registering to IARM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-IARM_UPDATE_ERR Failed to update: [chars] Explanation An error occured when registering to IARM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-INIT_FAILED Initialization failed: [chars] Explanation An unrecoverable error occurred at system initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-INIT_FAILED2 Initialization failed: [chars], [chars] Explanation An unrecoverable error occurred at system initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-INTERNAL_STATE_ERR [chars]: [chars] [chars]/[chars] Explanation An error occured due to inconsistent internal state. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MSDP Messages EM-2295 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MSDP-3-IO_FAILED I/O failure: [chars] [dec], [chars], [chars] Explanation An error has occurred during a socket operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-LPTS_POLICY_ERR Failed to [chars] lpts policy for peer [chars] [[dec]] Explanation Some socket/lpts error occured. Recommended Action Consult the configuration documentation for appropriate commands. Error Message %ROUTING-MSDP-3-LTRACE_INIT ltrace_init failed for ’[chars]’: [chars] Explanation Internal error Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-MRIB_ERR mrib error: [chars], [chars] Explanation An error has occurred during communication with the MRIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-NOTIFY [chars] notification [chars]: code: [dec], subcode [dec] Explanation An error was encountered during communication with specified peer. Recommended Action Observe error details to determine cause of problem. If that does not help turn on ’debug ip msdp tlv’. Routing Messages MSDP Messages EM-2296 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MSDP-3-OUT_OF_MEMORY out of memory: [chars] [chars] Explanation Eliminate system processes or add memory Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-MSDP-3-OUT_OF_RESOURCE [chars] active SA limit [dec] exceeded SA count Explanation Resource limit has been hit Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-MSDP-3-SOCKET_ERR socket([dec]) error: [chars] [chars] Explanation An unrecoverable error occured during a socket operation. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-SYSDB_ERR sysdb error: [chars] [chars] Explanation An error occured while communicating with sysdb. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-3-WDSYSMON_EVENT_ERROR Received an invalid event from WDSysmon Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MSDP Messages EM-2297 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MSDP-3-WDSYSMON_REGISTER_ERROR [chars] Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-4-BAD_MASKLEN invalid mask length, must be 32 ([chars]/[dec]): [chars] Explanation A masklen other than 32 was attempted’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-4-BGP bgp client: [chars] [chars] Explanation Problem communicating with BGP Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-4-CONFIG_FAILED config failed: [chars] [chars], [chars] Explanation ’reconfigure’ Recommended Action Consult the configuration documentation for appropriate commands. Error Message %ROUTING-MSDP-4-MRIB_WARN warning mrib: [chars]: [chars] Explanation An problem comminicating with the mrib. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MSDP Messages EM-2298 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MSDP-4-OOM_STATE_THROTTLE Received [chars] memory depletion warning, stop creating new msdp SA state Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-4-OOM_STATE_UNTHROTTLE Node memory back to normal, new msdp states will be created Explanation Internal error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-4-PEER_ERR peer error: [chars] [chars] Explanation Some peer error occured. Recommended Action Consult the configuration documentation for appropriate commands. Error Message %ROUTING-MSDP-4-RIB_ERR rib error: [chars] [chars]: [chars] Explanation An error has occurred during communication with the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-4-SA_MESSAGE [chars]: error in SA ([chars], [chars]): [chars] Explanation Error in the SA message format or contents. Recommended Action Turn on ’debug ip msdp tlv’ for more information. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages MULTIVER Messages EM-2299 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MSDP-4-TIMER timer error has occured Explanation A timer error has occur Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-5-INIT_PEER_UP_DOWN [chars] [chars] [chars] Explanation MSDP Peer UP/DOWN. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-6-INIT_BASIC [chars]: pid [dec] Explanation MSDP Initialized. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-MSDP-6-INIT_INFO retried [chars] [chars] [dec] Explanation An unrecoverable error occurred at system initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MULTIVER Messages Error Message %ROUTING-MULTIVER-3-ERR_DLL_OPEN Could not load DLL [chars]: [chars] Explanation There was a problem loading the DLL - perhaps the router has run out of memory, or there was a problem reading the file. Recommended Action Check to make sure that one or more nodes is not having problems with memory. Routing Messages ORA_SHARED Messages EM-2300 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-MULTIVER-4-DLL_SIGNATURE_MISMATCH Could not locate DLL [chars]([chars]), using [chars]([chars]) Explanation There was a problem locating the DLL with matching signature - the problem is resolved by using existing dll installed on this node. Recommended Action Check to make sure that there is no disparity in software installation across multiple nodes. ORA_SHARED Messages Error Message %ROUTING-ORA_SHARED-4-ERR_DLL_REG Unable to register cerrno dll [chars] because [chars] Explanation The given cerrno dll could not be marked for use. This does not change the functionality of the system but does obscure the meaning of error codes presented by this part of the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ORA Messages Error Message %ROUTING-ORA-2-ERR_MEM_ALLOC Cannot allocate entry Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-ORA-3-DUPLICATE_DOCKENTRY Dock entry add failure Explanation I really do not know. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ORA Messages EM-2301 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ORA-3-INIT Failure in init function in DLL [chars] Explanation The library is incorrectly installed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ORA-3-MISSING_BASE_TYPE The base type ’[chars]’ v’[chars]’ was used as a [chars] in a [chars]: ’[chars]’ type in area [chars] Explanation One of the operations in one of the ORAs used a base type that was not defined in any of the ORA math sets. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ORA-3-MISSING_FUNCTION Route access library [chars] has no [chars] function Explanation The library is incorrectly installed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ORA-3-MISSING_OPERATOR The operator ’[chars]’ was not located in any of the ’[chars]’s ORAs. Explanation There is a function declared within the various docked ORAs at this attach point that uses an operator that does not exist with the same set of docked ORAs. Please contact support. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages ORA Messages EM-2302 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ORA-3-THREADING Threading operation ’[chars]’ for ’[chars]’ failed because: [chars] Explanation The presented threading operation failed. It is likely that policy multi-version calls will stop working and thus policy may not be operational. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ORA-4-ERR_DLL_REG Unable to register cerrno dll [chars] because [chars] Explanation The given cerrno dll could not be marked for use. This does not change the functionality of the system but does obscure the meaning of error codes presented by this part of the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ORA-4-MERGE_FAILED Some base type(s) was(were) unavailable during AP merging at: [chars] Explanation One or more base types where not available when bringing together the parts of this attach point. This is an item that should be caught during testing. If it does show up, support should be contacted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ORA-4-MISSING_DOCK_INFO The dock data for docking item [chars] was missing Explanation This is most likely an internal logic error that resulted in a given ora dockling being released more than once. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF_EDM Messages EM-2303 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-ORA-7-DBGINIT Unable to bring up debug event structures: [chars] Explanation The debug event initialization failed. The ora docker will still run correctly, but debug commands may be unavailable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-ORA-7-DBGSHUTDOWN Unable to shutdown debug event structures: [chars] Explanation The debug event shutdown failed. The ora docker will still run correctly, but debug commands may be unavailable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OSPF_EDM Messages Error Message %ROUTING-OSPF_EDM-3-DATALIST_ADD_FAILED Failed to add an external data manager datalist for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_EDM-3-DATALIST_CREATE_FAILED Failed to create external data manager datalist for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF_EDM Messages EM-2304 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF_EDM-3-DATALIST_SET_MORE_FLAG Failed to set external data manager more flag for datalist [chars] Explanation A client has requested information through SysDB from OSPF. During execution of the request an attempt to set a flag indicating there is more data for the client failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_EDM-3-ENCODE_FAILED Failed to encode [chars] data in external data manager Explanation A process has requested information through SysDB, probably as the result of executing a show command. The data requested could not be encoded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_EDM-3-LIST_ADD_FAILED Failed to add to an external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_EDM-3-LIST_CREATE_FAILED Failed to create external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF_POLICY Messages EM-2305 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF_EDM-3-SYSDB_BIND_FAILED Failed to connect to SysDB ([chars]) Explanation The process failed to connect to SysDB while starting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OSPF_POLICY Messages Error Message %ROUTING-OSPF_POLICY-3-ORA_INSTBUILD Failed to build [chars], reason [chars] cer [chars] Explanation Internal error in policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_POLICY-3-ORA_RUN Could not apply policy operation [chars] to attribute [chars] because [chars] Explanation Internal error in policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OSPF_RIB Messages Error Message %ROUTING-OSPF_RIB-3-ERR_PATH_ADD Error adding path to batching buffer for [chars]/[dec], data len [dec], max msg len [dec], max buf len [dec] Explanation An error was encountered in the call to ipv4_rib_batch_add_path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF_RIB Messages EM-2306 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF_RIB-3-ERR_PATH_DELETE Error deleting path from batching buffer for [chars]/[dec], data len [dec], max msg len [dec], max buf len [dec] Explanation An error was encountered in the call to ipv4_rib_batch_delete_path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_RIB-3-ERR_PROTO_MODIFY Error changing purgetime Explanation An error was encountered in the call to ipv4_rib_protocol_modify. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_RIB-3-ERR_ROUTE_HDR Error adding route header to batching buffer for [chars]/[dec], data len [dec], max msg len [dec], max buf len [dec] Explanation An error was encountered in the call to ipv4_rib_batch_add_route. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_RIB-3-ERR_UPDATE_DONE Error informing rib that batch is complete Explanation An error was encountered in the call to ipv4_rib_batch_complete. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_RIB-4-BATCH_LOG_PATH RIB batch error, [chars] (result [dec]), prefix [hex]/[dec] next_hop [hex] intf [chars]. Retrying Explanation The specified error was encountered in the OSPF RIB batching code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF_UV Messages EM-2307 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF_RIB-5-BATCH_ERROR RIB batch error, [chars] Explanation The specified error was encountered in the OSPF RIB batching code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_RIB-5-BATCH_ERROR_CODE RIB batch error, [chars] ([hex]) Explanation The specified error was encountered in the OSPF RIB batching code. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_RIB-6-INFO_RT_HDR_NOTUSED Believes [chars]/[dec] and [chars]/[dec] differ Explanation The RIB batching API believes that it already has this router header in the batching buffer. Recommended Action No action is required. OSPF_UV Messages Error Message %ROUTING-OSPF_UV-3-CERR_REG_FAIL Failed to register internal error codes: [chars] Explanation An error occurred during the registration of OSPF error codes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF_UV Messages EM-2308 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF_UV-3-ERR_DBG_REGISTER_FAILED Error initializing ospf_uv debugging: [chars] Explanation An error occurred during initialization of the ospf_uv process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-ERR_MEM_ALLOC_FAIL Unable to allocate [unsigned int] bytes for ’[chars]’ Explanation The ospf_uv process was unable to allocate memory for the specified resource. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-ERR_PROC_READY Error signaling process ready: [chars] Explanation The ospf_uv process was unable to signal process ready to sysmgr. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-ERR_SYSDB_CONNECT Error binding to SysDB: [chars] Explanation The ospf_uv process was unable to bind to SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-ERR_SYSDB_DISCONNECT Error unbinding from SysDB: [chars] Explanation The ospf_uv process was unable to unbind from SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF_UV Messages EM-2309 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF_UV-3-ERR_SYSDB_REG_VERIFY Error registering with SysDB: [chars] Explanation The ospf_uv process was unable to register with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-ERR_VRFN_FNS_INIT Error setting SysDB callback functions: [chars] Explanation The ospf_uv process was unable to initialize SysDB callbacks. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-EVENT_ERR Error in event loop: [chars] Explanation An error occurred in the main ospf_uv event loop. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-EVM_CRE_FAIL Error creating event connection manager: [chars] Explanation The ospf_uv process was unable to create an event connection manager instance. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF_UV-3-INTF_FWS_INIT Error initializing forward-reference store: [chars] Explanation The ospf_uv process was unable to initialize the forward-reference store library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2310 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF_UV-6-PROCESS_NAME Caution: The OSPF process name [chars] conflicts with a show or clear command name Explanation The name chosen for the OSPF process matches an ospf show or clear command, or a command abbreviation. This can cause ambiguities with subsequent show or clear commands for this process. Recommended Action Choose a different name for the OSPF process. OSPF Messages Error Message %ROUTING-OSPF-2-ERR_MEM_ALLOC No memory, [chars], process terminated Explanation Memory allocation of a critical OSPF resource failed because of a low memory condition. The OSPF process was terminated. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-OSPF-3-ALLOC_ERR Allocation error, [unsigned int] bytes for [chars] Explanation Allocation of the specified resource failed because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. Error Message %ROUTING-OSPF-3-AREANULL [chars]: area pointer is NULL Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-BADMSG ospf router received bad message type [dec] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2311 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-BADSHARE Bad refcount at [hex] (refcount equals [hex]) in [chars] Explanation An internal software error occurred. Resources may be in inconsistent state. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-OSPF-3-BADTIMER Managed Timer error, [chars]: Unrecognized timer type [dec] Explanation A timer was found with an unrecognized type Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-DBGINIT Debug init error, [chars]: event [chars], error [dec] Explanation Unable to initialize a debugging flag Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-DUP_RTRID OSPF detected duplicate router-id [chars] from [chars] on interface [chars] Explanation OSPF received hello packet from a neighbor which has the same router-id as this routing process. A full adjacency cannot be established. Recommended Action OSPF router-id should be unique. Change the neighbors router-id. Error Message %ROUTING-OSPF-3-ERR_RESOURCE_ALLOC No memory could be allocated for the resource, [chars] Explanation Allocation of the specified resource failed because of a low memory condition. This could affect the protocol functionality. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands and preferably restart the OSPF process. Routing Messages OSPF Messages EM-2312 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-EVM External Event Manager error, [chars], error [chars] [[hex]] Explanation A call to an external event manager function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-EVM_CODE External Event Manager error, [chars]: [chars] code [dec], error [chars] [[hex]] Explanation A call to an external event manager function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-EVM_RL raw_conn momentarily not usable, [chars] Explanation raw_conn not available to send the packet Recommended Action If the condition persist, contact the technical support. Error Message %ROUTING-OSPF-3-EXTERNALERR External error, [chars] Explanation An external software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-EXTERNALERR_RC External error, [chars], error [hex] Explanation An external software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2313 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-FRIS FRIS error, [chars], [chars] error [chars] [[hex]] Explanation The FRIS request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-IDBERR IDB error, [chars]: [chars], intf [chars] cerr [chars] Explanation Error encountered while attempting to activate an idb. Problem could be corrupt data from IM or IP/ARM or the FRIS. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-IFCHECK Interface [chars] is attached to more than one area Explanation An internal consistency check has failed. An interface appears to be associated with more than one area. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-IFINIT Interface init error, interface [chars] Explanation OSPF failed to initialize data structures for an interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-IFMGR External IFMGR error, [chars], intf [chars] error [chars] [[hex]] Explanation The specified interface manager request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2314 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-IGPTE IGP/TE error, [chars]: [chars] error [dec] Explanation Error encountered while attempting to use the IGP_TE Lib. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-INIT_ERR Init error, [chars], error [hex] Explanation An error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-INIT_ERR_STR Initialization failure, [chars], error [chars], process terminated Explanation An error occurred during initialization, causing the process to terminate. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-OSPF-3-INTERNALERR Internal error, [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-INTERNALERR_RC Internal error, [chars], error [hex] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2315 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-IPARM External IP-ARM error, [chars], error [chars] [[hex]] Explanation A call to an external IP-ARM function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-LWM External light-weight msg error, [chars], error [chars] [[hex]] Explanation A call to an external light-weight messaging function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-MCAST Multicast error, [chars] [chars] on [chars], error [chars] Explanation The above specified multicast operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-MEDIAERR Media error, [chars]: Interface [chars] unknown type: [chars] Explanation Media table lookup failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-MUTEX Mutex error, [chars], [chars] mutex, error [chars] [[hex]] Explanation An error occurred in the pthread functions used for thread synchronization. This is most likely a system error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2316 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-NOBACKBONE Flagged as being an ABR without a backbone area Explanation The router was flagged as an Area Border Router (ABR) without backbone area in the router. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-NOIPADDR No IP Addr on interface [chars]. OSPF will not be run over it. Explanation This message is displayed if ospf is configured on an unnumbered interface that is not of type point to point. In this case, ospf will not run on this interface. Recommended Action No action is required. Error Message %ROUTING-OSPF-3-NOSELF if [chars] if_state [dec] Explanation An internal error occurred. An interface was not fully initialized when an OSPF related event occurred. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-NOTNBRTYPE Cannot configure neighbor on [chars]. Interface must be NBMA or P2MP Explanation Neighbor cannot be configured on interface if it is not type NBMA or point to multipoint. Recommended Action No action is required. Error Message %ROUTING-OSPF-3-PKTDROP Raw socket error, [chars]: packet dropped, [chars] Explanation An input packet was dropped for the specified reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2317 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-RDB_NO_LSA lsid [chars] adv [chars] type [dec] gateway [chars] metric [dec] network [chars] mask [chars] attr [hex] net-metric [dec] Explanation OSPF found inconsistency between its database and topology table. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-RECONF_VL OSPF process [chars] is changing router-id. Reconfigure virtual link neighbors with our new router-id Explanation OSPF process is being reset, and it is going to select a new router-id. This will bring down all virtual links. To make them work again, virtual link configuration needs to be changed on all virtual link neighbors. Recommended Action Change virtual link configuration on all the virtual link neighbors, to reflect our new router-id. Error Message %ROUTING-OSPF-3-RIB External RIB error, [chars], error [chars] [hex] Explanation A call to an external RIB function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-RIB_MSG External RIB error, [chars] Explanation A call to an external RIB function failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-RPC External RPC error, [chars], error [chars] [[hex]] Explanation An RPC error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2318 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-3-SOCKET External socket error, [chars], error [chars] [[hex]] Explanation The above specified socket operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-SYSDB External SysDB error, [chars], error [chars] [[hex]] Explanation An external OSPF error occurred when accessing the system database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-THREAD_CREATE Thread create error, [chars], error [chars] [[hex]] Explanation OSPF failed to create a thread essential to its operation. This is an internal error. An automatic restart of the OSPF process was necessary to attempt recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-3-UNKNOWNSTATE Reached unknown state in neighbor state machine Explanation An internal software error occurred. When processing and DBD packet, the neighbor was found to be in an indeterminate state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2319 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-4-BADLENGTH Invalid length [dec] in OSPF packet from [chars] (ID [chars]), [chars] Explanation The system received an OSPF packet with a length field of less than normal header size or inconsistent with the size of the IP packet in which it arrived. This indicates an error in the sender of the packet. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-4-BADLSATYPE Invalid lsa: [chars] Type [dec], LSID [chars] from [chars], [chars], [chars] Explanation The router received an LSA with invalid LSA Type. The cause is either memory corruption or unexpected behavior on a router. Recommended Action Check both the sending and receiving routers for memory corruption. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-4-CONFLICTING_LSAID Found LSA with the same host bits but different mask. LSA with shorter mask will be used. LSA 1: [chars]/[dec] LSA 2: [chars]/[dec] Explanation An LSA could not be generated because there is a supernet lsa with the host bit set LSA ID that conflicts with the major net LSA ID that also needs to have host bit set. Recommended Action This is a limitation in OSPF’s ability to handle conflicting LSA IDs. Attempt to avoid this limitation by modifying the generation of summary LSA’s so that the LSA ID’s do not conflict. Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-4-DEPRECATED_RTRID outer-id [chars] command has been deprecated. Please delete outer-id [chars] and reconfigure router-id. Explanation OSPF router-id interface has been deprecated. Recommended Action Use router-id ipaddress. Routing Messages OSPF Messages EM-2320 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-4-DOMAIN_TAG_NEEDED Domain-tag must be configured with 4-byte AS number in vrf [chars] Explanation At the time of the redistribution of BGP with 4 byte AS number, domain-tag wasn’t confiured. User needs to be aware that in this case domain-tag must be configured. Recommended Action If not already configured domain-tag should be configured for the vrf. Error Message %ROUTING-OSPF-4-ERR_MSG_GET_SCOID Error retrieving client’s connection ID to the [chars] channel: [chars] ([dec]) Explanation OSPF failed to retrieve its local connection ID for a client attached to the specified channel. This is an internal programming error. Recommended Action Restart the OSPF process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-4-ERR_MSG_REPLY Error replying to the client [chars]: [chars] ([dec]) Explanation OSPF failed to reply to its client through message channel. This could be a result of channel down or resource allocation failure. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.. Restart the OSPF process. *RECUR* Error Message %ROUTING-OSPF-4-ERRRCV Received invalid packet: [chars] from [chars], [chars] Explanation An invalid OSPF packet was received. Details are included in the error message. The cause might be a misconfigured OSPF or an internal error in the sender. Recommended Action Check the OSPF configuration of the receiver and the sender for inconsistency. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2321 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-4-IFINDEX_GET Unable to get interface index for [chars]: [chars] Explanation An error occurred when trying to get a numeric interface index value for the specified interface. Ietf nsf restart might fail. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-4-KEYCFG Key [unsigned long int] [chars] Explanation An error occurred when trying to configure an ospf authentication key. Recommended Action No action is required. Error Message %ROUTING-OSPF-4-MAX_INTF_APPLY Interface limit [dec] exceeded. Dropping interface [chars] Explanation The number of interfaces configured exceeds the interface limit. Recommended Action Either raise the maximum interface limit or unconfigure interfaces until the number is below the limit. Error Message %ROUTING-OSPF-4-MAX_LSA Maximum number of non self-generated LSA has been exceeded [chars] - [dec] LSAs Explanation Maximum number of non self-generated LSA has been exceeded Recommended Action Check if some router in the network is generating large number of LSAs as a result of misconfiguration Error Message %ROUTING-OSPF-4-MAX_LSA_THR Threshold for maximum number of non self-generated LSA has been reached [chars] - [dec] LSAs Explanation Threshold for maximum number of non self-generated LSA has been reached Recommended Action Check if some router in the network is generating large number of LSAs as a result of misconfiguration Routing Messages OSPF Messages EM-2322 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-4-MUTEX_ERR [chars] [chars] mutex ([hex]), tid [dec] owner [hex] count [dec], error [chars] [[hex]] Explanation An error has been returned by the functions used for locking/unlocking an OSPF synchronization mutex. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-4-NBREXIST Neighbors were configured when NBMA or P2MP. Changing network type will abandon that configuration. Please remove configured neighbors. Explanation Neighbors had been configured earlier when the network type was nonbroadcast. The current configuration request will cause these configured neighbors to be abandoned. Recommended Action Remove the configured neighbors. Error Message %ROUTING-OSPF-4-NETWORK_TYPE_MISMATCH Unexpected non-zero DR [chars] in hello packet from [chars] Explanation OSPF has received a hello packet with non-zero Designated Router field on an interface that is not a multiaccess interface. Indicates a misconfiguration of network type among the OSPF routers in the given subnet. Recommended Action Check the network type on all OSPF routers in the given subnet. Error Message %ROUTING-OSPF-4-NONEIGHBOR Received [chars] from unknown neighbor [chars], vrf [chars] vrfid [hex] Explanation OSPF hello, database description, or database request packet was received, but the router could not identify the sender. This is a normal occurrance if a link flap occurs on the router receiving the packet. Recommended Action This situation should correct itself. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2323 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-4-NORTRID OSPF process [chars] cannot start without a router id. Configure router-id with the outer-id command. Explanation OSPF failed while attempting to allocate a router ID from the IP address of one of its interfaces as no suitable IP address was available. Recommended Action Make sure that there is at least one interface that is up and has a valid IP address. If there are multiple OSPF processes running on the router, each requires a unique router ID. You must have enough ’up’ interfaces so that each of them can obtain a router ID. It is highly recommended that you configure loopback interfaces or use the router-id configuration command to better control the selection of OSPF router IDs. Error Message %ROUTING-OSPF-4-OLD_CMD Command [chars] has been upgraded by [chars]. Use the new command. Explanation The command has been replaced by a newer command. Recommended Action Use the new command inidicated in the message. Error Message %ROUTING-OSPF-4-PAKMAN_EVENT Pakman event [chars] received, code equals [dec], [chars] Explanation An error has occured and pak manager sent use an event. If we can’t recover from the error (ABORT event), OSPF will exit. Recommended Action This is an indication that error(s) has occured in pakman No specific actions are required for OSPF. Error Message %ROUTING-OSPF-4-POLICYCONFIG An error was encountered configuring policy, [chars]: [chars] Explanation A problem was encountered while setting up route policy configuration. Some of the routing policy may not have been configured correctly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2324 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-4-RAW_OUTPUT_ERR Raw socket output err: [chars], src equals [chars], dest equals [chars], if equals [chars], msglen equals [dec] Explanation An error has occured when OSPF is in process of sending a packet to the the raw socket. Recommended Action This is an indication that error(s) has occured in other components and it is impacting OSPF’s ability send data. No specific actions are required for OSPF. Error Message %ROUTING-OSPF-4-REDIST_FAILED OSPF was unable to configure redistribution for protocol [chars] Explanation An error occurred while OSPF was setting up redistribution for the named protocol. The redistribution will not take place. Recommended Action This may be due to lack of memory, or due to a RIB failure, or to an internal OSPF problem. It may help to restart the OSPF process. Error Message %ROUTING-OSPF-4-REDIST_MAX_PFX Redistribution prefix limit has been reached - [dec] prefixes Explanation We have reached the maximum number of redistributed prefixes Recommended Action Check if redistribution of large number of prefixes is desired and has not been wrongly configured. Error Message %ROUTING-OSPF-4-REDIST_THR_PFX Redistribution prefix threshold has been reached - [dec] prefixes Explanation We have reached the threshold level of number of redistributed prefixes. Recommended Action Check if redistribution of large number of prefixes is desired and has not been wrongly configured. Error Message %ROUTING-OSPF-4-STUB_ASBR Router is currently an ASBR while having only one area which is a stub area Explanation Router is configured as an ASBR but is only connected to a single stub area. This can waste resources since the router has nowhere to send the external LSAs that it is generating. Recommended Action Check configuration and disable redistribution of routes into ospf if appropriate. Routing Messages OSPF Messages EM-2325 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-4-USING_OLD_RTRID OSPF process [chars] encountered an error while finding a new router ID. The old router ID [chars] is being used as an interim value. clear ip ospf process will force another attempt to find a valid router ID. Explanation OSPF failed while attempting to allocate a router ID from the IP address of one of its interfaces due to an unexpected internal problem. Recommended Action Use ’clear ip ospf process’ to force another attempt to find a valid router ID. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-4-VIRTUAL_IN_NON_BACKBONE Virtual link information found in non-backbone area: [chars] Explanation An internal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-5-ADJCHG Process [chars], Nbr [chars] on [chars] in area [chars] from [chars] to [chars], [chars], vrf [chars] vrfid [hex] Explanation An OSPF neighbor has changed state. The message describes the change and the reason for it. This message appears only if the log-adjacency-changes command is configured for the OSPF process. Recommended Action No action is required. Error Message %ROUTING-OSPF-5-HA_NOTICE Process [chars]: [chars] Explanation Used for logging of HA events like process startup, entry and exit of NSF/GR or NSR procedures and related events. Recommended Action No action required. Error Message %ROUTING-OSPF-5-HA_NOTICE_START [chars] Explanation First log upon process startup. Recommended Action No action required. Routing Messages OSPF Messages EM-2326 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-6-BADCHKSUM Checksum Failure in database in area [chars] Link State Id [chars] Old Checksum [hex] New Checksum [hex] Explanation OSPF has detected a checksum error in the database due to memory corruption. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-6-DBEXIST area [chars] lsid [chars] mask [chars] adv [chars] type [dec] Explanation OSPF has a problem locating the LSA, which could lead to a memory leak. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-6-GRACEFUL_SHUTDOWN [chars] Explanation Informs user of graceful shutdown events. User needs to be aware of these activities. Recommended Action No action required. Error Message %ROUTING-OSPF-6-HA_INFO Process [chars]: [chars] Explanation Used for logging of HA events like process startup, entry and exit of NSF/GR or NSR procedures and related events. Recommended Action No action required. Error Message %ROUTING-OSPF-6-LSAREFRESH Process [chars] vrf [chars]: LSA refresh interval changed. Old: [dec] New: [dec]. May take 10 minutes for the new interval to be in effect. Explanation User has changed the configuable LSA refresh interval. Recommended Action No action required. This is an informational message. Routing Messages OSPF Messages EM-2327 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-6-MAXMETRIC_RUNNING Current max-metric on-startup timer is running. New timer will be used at next reload. Explanation maximum-metric LSA origination setting was changed while the maximum-metric origination was still active. The change will not take effect until the next time the system is restarted. Recommended Action No action is required. Error Message %ROUTING-OSPF-6-MEM_NOTIF [chars] [chars]. Explanation An unexpected event from the system monitor was seen. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-6-MGDTIMER External Managed Timer error, [chars], error [chars] [[hex]] Explanation An external managed timer support routine failed. The affect this error has on the proper operation of OSPF depends on where and when this error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-6-NEWLIMIT [chars] limit changed. Old: [dec] New: [dec] Explanation User has changed the configuable resource limit. Recommended Action No action required. This is an informational message. Error Message %ROUTING-OSPF-6-NOTREDIST3 build_ex_route(): don’t redistribute net [chars]/[dec], [chars] advertises it already Explanation For information only. Another router with a greater router ID is advertising the same external LSA. This router will stop originating the LSA to eliminate the redundancy. Recommended Action No action is required. Routing Messages OSPF Messages EM-2328 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-6-REFBW_CHG Reference bandwidth is changed. Please ensure reference bandwidth is consistent across all routers. Explanation Informational message reminding the user that reference bandwidth should be consistent across all routers in the area. Recommended Action No action is required. Error Message %ROUTING-OSPF-6-USING_MSGDGST Message-digest is used when both it and cleartext password are configured Explanation Inform user that when both a clear text password and message-digest key are configured the message-digest key will be used. Recommended Action No action is required. Error Message %ROUTING-OSPF-7-DB_EX_DQUEUE [chars]: Unexpected external ReadyQ count of 0, &db equals [hex], &rtr equals [hex] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-7-DB_READY_Q InReadyQ flag set for external DB, db [chars] on rtr_rt [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-7-DLINK dld [chars] is NULL Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPF Messages EM-2329 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPF-7-DQUEUE Double link queue count is 0 before decrement, &queue equals [hex] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-7-ERR_TUNNEL_INT TE IDB error, [chars], [chars] error [chars] [[hex]] Explanation Error in creating a tunnel interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPF-7-INIT_FAIL Initialization failure, [chars], process terminated Explanation An error occurred during initialization, causing the process to terminate. Recommended Action Copy the error message exactly as it appears, and report it to your technical support representative. Error Message %ROUTING-OSPF-7-VRF_DELETE VRF delete error [chars] [chars] [chars] Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages OSPFv3_EDM Messages EM-2330 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OSPFv3_EDM Messages Error Message %ROUTING-OSPFv3_EDM-3-DATALIST_ADD_FAILED Failed to add an external data manager datalist for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-DATALIST_CREATE_FAILED Failed to create external data manager datalist for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the external data manager datalist has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-EDMINIT Error initializing EDM thread: [chars]: [chars] Explanation An error occurred during initialization of the EDM thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-ENCODE_FAILED Failed to encode [chars] data in external data manager Explanation A process has requested information through SysDB, probably as the result of executing a show command. The data requested could not be encoded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3_EDM Messages EM-2331 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_EDM-3-EVENT_REGISTRATION_FAILED Failed to connect to the event manager: [chars] Explanation The process failed while attempting to connect to an event manager channel for the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-LIST_ADD_FAILED Failed to add to an external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-LIST_CREATE_FAILED Failed to create external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-NO_DATA Data for [chars] is not available Explanation The data needed for the specified OSPF show command was not available. This would occur for non-critical data such as trace or debug information. Recommended Action No action is required. Routing Messages OSPFv3_EDM Messages EM-2332 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_EDM-3-PROTO_REG_FAILED Failed to register show protocol information : [hex], ’[chars]’ Explanation OSPFv3 was unable to register for support of the show protocol command. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-REGISTER_FAILED Failed to register its [chars] external data manager, ’[chars]’ Explanation The process failed when attempting to register its external data manager with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-SYSDB_BIND_FAILED Failed to connect to SysDB ([chars]) Explanation The process failed to connect to SysDB while starting the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_EDM-3-SYSDB_COID_FAILED Failed to convert during a conn to coid conversion Explanation The process failed to convert a conn to a coid while starting the indicated subsystem. This generally can only occur when starting up. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFV3_POLICY Messages EM-2333 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_EDM-6-BAGREG_FAILED Failed to register its external data manager data blocks Explanation The process failed while attempting to register its external data manager data blocks with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OSPFV3_POLICY Messages Error Message %ROUTING-OSPFV3_POLICY-3-ORA_INSTBUILD Failed to build [chars], reason [chars] cer [chars] Explanation Internal error in policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFV3_POLICY-3-ORA_RUN Could not apply policy operation [chars] to attribute [chars] because [chars] Explanation Internal error in policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OSPFv3_RIB Messages Error Message %ROUTING-OSPFv3_RIB-2-NO_MEMORY Unable to allocate space for rib batching buffer: No Memory Explanation Insufficent memory to allocate buffer for RIB batching API’ Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Routing Messages OSPFv3_RIB Messages EM-2334 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_RIB-3-BIND Unable to bind to the RIB Explanation An error occurred on a request to bind to the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-DEFAULT_REG Unable to register with the RIB to receive the default route: [chars] Explanation An error occurred on a request to have the RIB send us route updates for the default route. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-DISCONNECT Error while disconnecting RIB Event connection Explanation An error occurred during an attempt to tear down the RIB Event connnection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-ERR_BATCH_COMPLETE Error informing rib that batch is complete Explanation An error was encountered in the call to ipv6_rib_batch_buffer_complete. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-ERR_PATH_ADD Error adding path-add to batching buffer (#[hex]) Explanation An error was encountered in the call to ipv6_rib_batch_add_path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3_RIB Messages EM-2335 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_RIB-3-ERR_PATH_DELETE Error adding path-delete to batching buffer ([hex]) Explanation An error was encountered in the call to ipv6_rib_batch_delete_path. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-ERR_ROUTE_HDR Error adding route header to batching buffer for [chars]/[dec] ([hex]) Explanation An error was encountered in the call to ipv6_rib_batch_add_route. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-ERR_UPDATE_COMPLETE Error informing rib that update is complete: [chars] Explanation An error was encountered in the call to ipv6_rib_update_complete. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-FINDPDB Unable to get a RIB handle for [chars] routes: [chars] Explanation An error occurred on a request to find the handle for the specified type of routes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-PURGE Error removing OSPFv3 routes from the IPv6 RIB: [chars] Explanation An error was encountered in the call to ipv6_rib_purge_protocol. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3_UV Messages EM-2336 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_RIB-3-REDIST_REG Unable to register with the RIB to receive updates for [chars] routes: [chars] Explanation An error occurred on a request to have the RIB send us route updates for the specified type of routes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_RIB-3-REGISTER Unable to register OSPFv3 with the RIB: [chars] Explanation An error occurred on a request to register the OSPFv3 protocol with the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. OSPFv3_UV Messages Error Message %ROUTING-OSPFv3_UV-3-CERR_REG_FAIL Failed to register internal error codes: [chars] Explanation An error occurred during the registration of OSPFv3 error codes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-ERR_DBG_REGISTER_FAILED Error initializing ospfv3_uv debugging: [chars] Explanation An error occurred during initialization of the ospfv3_uv process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3_UV Messages EM-2337 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_UV-3-ERR_MEM_ALLOC_FAIL Unable to allocate [unsigned int] bytes for ’[chars]’ Explanation The ospfv3_uv process was unable to allocate memory for the specified resource. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-ERR_PROC_READY Error signaling process ready: [chars] Explanation The ospfv3_uv process was unable to signal process ready to sysmgr. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-ERR_SYSDB_CONNECT Error binding to SysDB: [chars] Explanation The ospfv3_uv process was unable to bind to SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-ERR_SYSDB_DISCONNECT Error unbinding from SysDB: [chars] Explanation The ospfv3_uv process was unable to unbind from SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-ERR_SYSDB_REG_VERIFY Error registering with SysDB: [chars] Explanation The ospfv3_uv process was unable to register with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3_UV Messages EM-2338 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3_UV-3-ERR_VRFN_FNS_INIT Error setting SysDB callback functions: [chars] Explanation The ospfv3_uv process was unable to initialize SysDB callbacks. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-EVENT_ERR Error in event loop: [chars] Explanation An error occurred in the main ospfv3_uv event loop. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-EVM_CRE_FAIL Error creating event connection manager: [chars] Explanation The ospfv3_uv process was unable to create an event connection manager instance. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-3-INTF_FWS_INIT Error initializing forward-reference store: [chars] Explanation The ospfv3_uv process was unable to initialize the forward-reference store library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3_UV-6-PROCESS_NAME Caution: The OSPFv3 process name [chars] conflicts with a show or clear command name Explanation The name chosen for the OSPFv3 process matches an ospf show or clear command, or a command abbreviation. This can cause ambiguities with subsequent show or clear commands for this process. Recommended Action Choose a different name for the OSPFv3 process.Routing Messages OSPFv3 Messages EM-2339 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 OSPFv3 Messages Error Message %ROUTING-OSPFv3-2-NOMEMORY No memory for [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-OSPFv3-3-ACL_GET Unable to get prefix-list [chars]: [chars] Explanation An error occurred when trying to get the named prefix-list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-ACL_REG Unable to register prefix-list [chars]: [chars] Explanation An error occurred when trying to register for changes to the named prefix-list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-ALLOCFAIL [chars] allocation failed: [chars] Explanation Allocation of the specified resource failed, probably due to low memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-APIERR Call to [chars] from [chars] returns: [chars] Explanation A lower-level support function returned an unexpected status. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2340 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-BADMSG Router thread received an invalid message type: [dec] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-BADTIMER Unrecognized [chars] timer type [dec] Explanation A timer was found with an unrecognized type Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-CERR_REGISTER Failed to register internal error codes: [chars] Explanation An error occurred during the registration of OSPFv3 error codes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-CONN_FAIL Unable to connect to server [chars] : [chars] Explanation OSPFv3 was unable to open a connection to a server. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-DBGINIT Debug event initialization failed: [chars] Explanation Unable to initialize a debugging flag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2341 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-DBGREG Debug registration failed: [chars] Explanation Unable to initialize debugging flags. Debug commands will not function. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-DELVLINK Cannot delete virtual link, backbone is being deleted Explanation The virtual link cannot be removed because OSPFv3 is in the process of deleting the backbone area. Try again later. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-DLINK dld [chars] is NULL Explanation An internal software error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-DUP_RTRID Detected duplicate router ID [chars] from [chars] on interface [chars] Explanation OSPFv3 received hello packet from a neighbor which has the same router ID as this routing process. A full adjacency cannot be established. Recommended Action OSPFv3 router ID must be unique. Change the router ID. Error Message %ROUTING-OSPFv3-3-DUP_RTRID_AREA Detected router with duplicate router ID [chars] in area [chars] Explanation OSPFv3 has received multiple router LSAs with our router ID. Recommended Action OSPFv3 router ID must be unique. Change the router ID. Routing Messages OSPFv3 Messages EM-2342 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-DUP_RTRID_AS Detected router with duplicate router ID [chars] in inter-area router LSA advertised by [chars] Explanation OSPFv3 has received an inter-area router LSA with our router ID. Recommended Action OSPFv3 router ID must be unique. Change the router ID. Error Message %ROUTING-OSPFv3-3-EVENTBLOCK Event blocking error in [chars] thread: [chars] Explanation An error occurred while a thread was blocked waiting for an event Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-EVM_FD Error obtaining the [chars] file descriptor: [chars] Explanation A call to get the file descriptor associated with an event manager connection failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-EVM_RETRY Unable to set event manager retry values for the [chars] connection: [chars] Explanation A call to the external event manager to set connection retry values failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-FRIS_INSERT Unable to insert interface [chars] in the forward reference list: [chars] Explanation An error occurred when adding the interface to the forward-reference list. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2343 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-HELLOINIT Error initializing hello thread: [chars]: [chars] Explanation An error occurred during initialization of the hello thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IFINDEX_GET Unable to get interface index for [chars]: [chars] Explanation An error occurred when trying to get a numeric interface index value for the specified interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IFINIT Initialization failure for interface [chars] Explanation OSPFv3 failed to initialize data structures for an interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IFMGR [chars] failed: [chars] Explanation The specified interface manager request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IFMGR_IF [chars] failed for interface [chars]: [chars] Explanation The specified interface manager request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2344 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-INIT Initialization failed [[chars]], process terminated Explanation An error occurred during initialization, causing the OSPFv3 process to terminate. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-INSTALL_REG Unable to register for package installation notifications: [chars] Explanation An error occurred when trying to register with the packaging subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-INSTALL_UNREG Unable to unregister for package installation notifications: [chars] Explanation An error occurred when trying to unregister with the packaging subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-INTERNALERR Internal error: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IPARM [chars] failed: [chars] Explanation The specified IP/ARM request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2345 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-IPARM_IF [chars] failed for interface [chars]: [chars] Explanation The specified IP/ARM request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IPSEC_CLOSE Error terminating IPSec processing for interface [chars]: [chars] Explanation An error occurred when trying to close an IPSec SA for the named interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IPSEC_DEBUG_INIT Unable to initialize ipsec debugging: [chars] Explanation An error occurred when trying to initialize the ipsec debug commands. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IPSEC_INIT Error initializing IPSec support: [chars]%s Explanation An error occurred when trying to initialize the OSPFv3 IPSec subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-IPSEC_OPEN Error initiating IPSec processing for interface [chars]: [chars] Explanation An error occurred when trying to open an IPSec SA for the named interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2346 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-LAS [chars] failed: [chars] Explanation The specified Local Address Service request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-LAS_ADDR Interface [chars] does not have a link-local address assigned Explanation The specified interface has not received a link-local address from the Local Address Service. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-LAS_IF [chars] failed for interface [chars]: [chars] Explanation The specified Local Address Service request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-MCAST Multicast [chars] on [chars] failed: [chars] Explanation The specified multicast operation failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-MEM_ALLOC_FAIL Unable to allocate [unsigned int] bytes for ’[chars]’ Explanation OSPFv3 was unable to allocate memory for the specified resource. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2347 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-MUTEX_INIT Error [chars] for [chars] mutex: [dec] Explanation A error occurred in the initialization of the primitives used for thread synchronization. This is most likely a system error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-NO_VL_ENDPOINT Unable to add host route for virtual link endpoint in area [chars] Explanation No IPv6 address was available to use as an endpoint for a virtual link. Recommended Action Configure a loopback interface with an IPv6 address and add it to the specified area. Error Message %ROUTING-OSPFv3-3-NOBACKBONE Flagged as being an ABR without a backbone area Explanation The router was flagged as an Area Border Router (ABR) without backbone area in the router. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-NOSELF Interface [chars] if_state [dec] Explanation An internal error occurred. An interface was not fully initialized when an OSPFv3 related event occurred. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-NOTNBRTYPE Cannot configure neighbor on [chars]: interface must be NBMA or P2MP Explanation Neighbor cannot be configured on interface if it is not type NBMA or point to multipoint. Recommended Action No action is required. Routing Messages OSPFv3 Messages EM-2348 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-PKTDROP Packet dropped: [chars] Explanation An input packet was dropped for the specified reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-PKTDROP_STR Packet dropped: [chars]: [chars] Explanation An input packet was dropped for the specified reason. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-PROCINIT Error initializing OSPFv3 process: [chars]: [chars] Explanation An error occurred during OSPFv3 process initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-RIB [chars] [chars]/[dec]: [chars] Explanation An error occurred on a request to the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-RIB_ERR_PROTO_MODIFY Failed to modify purgetime with V6 RIB. Old [dec] New [dec]: [dec] Explanation An error occurred on a request to the RIB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2349 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-RTRINIT Error initializing router thread: [chars]: [chars] Explanation An error occurred during initialization of the router thread. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-SOCKET Socket operation [chars] failed: [chars] Explanation The specified socket operation failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-SYSDB SysDB error: [chars]([chars]): [chars] Explanation An error occurred when accessing the system database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-SYSMGR [chars] failed: [chars] Explanation An specified system manager request failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-THREAD_CREATE Error starting [chars] thread: [dec] Explanation OSPFv3 failed to create a thread essential to its operation. This is an internal error. An automatic restart of the OSPFv3 process was necessary to attempt recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2350 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-3-UCAST Unicast [chars] on [chars] failed: [chars] Explanation The specified unicast filter operation failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-UNKNOWNSTATE Reached unknown state in neighbor state machine Explanation An internal software error occurred. When processing and DBD packet, the neighbor was found to be in an indeterminate state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-3-UNSUPPORTED_IFTYPE Unsupported interface type [chars]: [chars] Explanation The interface type is not yet supported by OSPFv3. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-BADAREA Received invalid packet: Incorrect area number ([chars]) from [chars], [chars] Explanation The system received an OSPFv3 packet with an area ID that does not match the area that the interface belongs to. Recommended Action Check the OSPFv3 configuration of the receiver and the sender for inconsistency. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2351 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-4-BADLENGTH Received invalid packet: Incorrect length ([dec]) from [chars], [chars] Explanation The system received an OSPFv3 packet with a length field of less than normal header size or inconsistent with the size of the IPv6 packet in which it arrived. This indicates an error in the sender of the packet. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-BADLSA Invalid LSA: [chars], Type [hex] LSID [unsigned int] from [chars], [chars], [chars] Explanation The router received an invalid LSA. The cause is either memory corruption or unexpected behavior on a router. Recommended Action Check both the sending and receiving routers for memory corruption. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-BADVERS Received invalid packet: Incorrect OSPF version ([dec]) from [chars], [chars] Explanation The system received an OSPFv3 packet with an OSPF version field other than 3. This indicates an error in the sender of the packet. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-DEPRECATED_RTRID outer-id [chars] command has been deprecated. Please delete outer-id [chars] and reconfigure router-id. Explanation OSPFv3 router-id interface has been deprecated. Recommended Action Use router-id ipaddress. Routing Messages OSPFv3 Messages EM-2352 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-4-ERRRCV Received invalid packet: [chars] from [chars], [chars] Explanation An invalid OSPFv3 packet was received. Details are included in the error message. The cause might be a misconfigured OSPFv3 or an internal error in the sender. Recommended Action Check the OSPFv3 configuration of the receiver and the sender for inconsistency. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-LSDB_ERROR Database error: [chars], Type [hex] LSID [unsigned int] from [chars] Explanation OSPFv3 detected an error with its link state database. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-LTRACE_INIT Unable to initialize the ltrace buffer [chars]: [chars] Explanation An error occurred when trying to create a buffer for tracing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-NONEIGHBOR Received [chars] from unknown neighbor [chars] on [chars] Explanation OSPFv3 hello, database description, or database request packet was received, but the router could not identify the sender. This is a normal occurrance if a link flap occurs on the router receiving the packet. Recommended Action This situation should correct itself. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2353 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-4-NORTRID OSPFv3 process [chars] could not pick a router-id, please configure manually Explanation OSPFv3 failed while attempting to allocate a router ID. Recommended Action Use the ’router-id’ command to specify a unique Router ID for this OSPFv3 process. Error Message %ROUTING-OSPFv3-4-PKTDROP_WARN Packet dropped: [chars] Explanation An input packet was dropped for the specified reason. Recommended Action Such errors are possible during raw_ip restarts. If seen otherwise, these errors should be reported to SUPPORT. Error Message %ROUTING-OSPFv3-4-POLICYCONFIG An error was encountered configuring policy, [chars]: [chars] Explanation A problem was encountered while setting up route policy configuration. Some of the routing policy may not have been configured correctly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-REDIST_MAX_PFX Redistribution prefix limit has been reached - [dec] prefixes Explanation We have reached the maximum number of redistributed prefixes Recommended Action Check if redistribution of large number of prefixes is desired and has not been wrongly configured. Error Message %ROUTING-OSPFv3-4-REDIST_THR_PFX Redistribution prefix warning threshold has been reached - [dec] prefixes Explanation We have reached the warning threshold number of redistributed prefixes. Recommended Action Check if redistribution of large number of prefixes is desired and has not been wrongly configured Routing Messages OSPFv3 Messages EM-2354 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-4-SOCKET_WARN Socket operation [chars] failed: [chars] Explanation The specified socket operation failed. Recommended Action Such errors are possible during raw_ip restarts. If seen otherwise, these errors should be reported to SUPPORT. Error Message %ROUTING-OSPFv3-4-STUB_ASBR Router is currently an ASBR while having only one area which is a stub area Explanation Router is configured as an ASBR but is only connected to a single stub area. This can waste resources since the router has nowhere to send the external LSAs that it is generating. Recommended Action Check configuration and disable redistribution of routes into OSPFv3 if appropriate. Error Message %ROUTING-OSPFv3-4-USING_OLD_RTRID OSPFv3 process [chars] encountered an error while finding a new router ID. The old router ID [chars] is being used as an interim value. Explanation OSPFv3 failed while attempting to allocate a router ID from the IPv4 address of one of its interfaces due to an unexpected internal problem. Recommended Action Use ’clear ospfv3 process’ to force another attempt to find a valid router ID. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-4-VIRTUAL_IN_NON_BACKBONE Virtual link information found in non-backbone area: [chars] Explanation An internal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show tech-support command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show tech-support output, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages OSPFv3 Messages EM-2355 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-5-ADJCHG Process [chars], Nbr [chars] on [chars] from [chars] to [chars], [chars] Explanation An OSPFv3 neighbor has changed state. The message describes the change and the reason for it. This message appears only if the log-adjacency-changes command is configured for the OSPFv3 process. Recommended Action No action is required. Error Message %ROUTING-OSPFv3-5-HA_NOTICE Process [chars]: [chars] Explanation Used for logging of events like process startup, entry and exit of GR events. Recommended Action No action required. Error Message %ROUTING-OSPFv3-5-HA_NOTICE_START [chars] Explanation First log upon process startup. Recommended Action No action required. Error Message %ROUTING-OSPFv3-6-AREA_DELETE Area [chars] is being deleted, please try later Explanation The configuration command could not be accepted because OSPFv3 is in the process of deleting the specified area. Try again later. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-6-AREACREATE Error creating area [chars]: [chars] Explanation An error was encountered when trying to create an area. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages PIM_NETIO Messages EM-2356 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-OSPFv3-6-BADCHKSUM Checksum Failure in database: area [chars] LSA type [hex] LSID [hex] adv rtr [chars]: Old Checksum [hex] New Checksum [hex] Explanation OSPFv3 has detected a checksum error in the database due to memory corruption. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-OSPFv3-6-RECONF_VL OSPF v3 process [chars] is changing router-id. Reconfigure virtual link neighbors with our new router-id Explanation OSPF process is being reset, and it is going to select a new router-id. This will bring down all virtual links. To make them work again, virtual link configuration needs to be changed on all virtual link neighbors. Recommended Action Change virtual link configuration on all the virtual link neighbors, to reflect our new router-id. Error Message %ROUTING-OSPFv3-6-REFBW_CHG Reference bandwidth is changed. Please ensure reference bandwidth is consistent across all routers. Explanation Informational message reminding the user that reference bandwidth should be consistent across all routers in the area. Recommended Action No action is required. PIM_NETIO Messages Error Message %ROUTING-PIM_NETIO-3-DEBUG_ERR [chars] failed : ’[chars]’ Explanation PIM Netio dll failed initialization or registration with the debugging subsystem. This resulted in the restart of NetIO process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages PIM_POLICY Messages EM-2357 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 PIM_POLICY Messages Error Message %ROUTING-PIM_POLICY-3-ORA_INSTBUILD Failed to build [chars]: [chars] ([chars]) Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-PIM_POLICY-3-ORA_ORABUILD Failed to build ORA[chars]: [chars] ([chars]) Explanation There was an internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-PIM_POLICY-3-ORA_RUN Could not apply policy operation [chars] to attribute [chars] because [chars] Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. POLICY_REPOSITORY_DYNREG Messages Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-ADD Failed to add node location [chars] for protocol: [chars], version: [chars], ap_name: [chars] preventing successful registration for this item, because: [chars]. Explanation An error was encountered as the node location was being added to the attach point item. This will prevent the successful registration for this attach point and will leave this configuration space unverified with respect to policy configuration. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY_DYNREG Messages EM-2358 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-CREATE Failed to create the attach point data for dynamic registration item: [chars], because: [chars] Explanation An error was encountered as attach point data was being created. This could cause problems with future configuration attempts, and it does indicate an internal inconsistency so it might be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-DATA Failed to extract [chars] data for protocol: [chars], version: [chars], ap_name: [chars], because: [chars] Explanation An error was encountered as data was being extracted for the registration of this attach point. As such, the registration failed and the verification of configuration related to this attach point registration will NOT be performed. Thus, configuration could be accepted but could be unable to be processed by the protocols. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-DELETE Failed to delete the attach point data for dynamic registration item: [chars], because: [chars] Explanation An error was encountered as attach point data was being deleted. This could cause problems with future configuration attempts, and it does indicate an internal inconsistency so it might be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-DOCK Failed to dock the new data for protocol: [chars], version: [chars], ap_name: [chars], because: [chars] Explanation An error was encountered as new attach point data was being docked. As a result, the new data has not been activated for this attach point. At this point is would be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY_DYNREG Messages EM-2359 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-FIND Failed to find data for protocol: [chars], version: [chars], ap_name: [chars], during a [chars] operation, because: [chars] Explanation An error was encountered as we were looking up data for the above attach point. The operation in question do not succeed since we could not find this entry, and thus the policy_repository could be in an inconsistent state. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-INSTALL Failed to install the new attach point data for protocol: [chars], version: [chars], ap_name: [chars], because: [chars] Explanation An error was encountered as new attach point data was being swapped out for old data. As a result, the old data is either still activated, or NO data is activated for this attach point. As this point is would be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-MODIFY Failed to find data for a [chars] for protocol: [chars], version: [chars], ap_name: [chars], because: [chars] Explanation An error was encountered as we were looking up data for the above attach point. The operation in question did not succeed, and thus the policy_repository could be in an inconsistent state. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-REGISTER Failed to register (for verification) to the attach point data for dynamic registration item: [chars], because: [chars] Explanation An error was encountered as attach point data was being registered for verification. At this point is would be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY_DYNREG Messages EM-2360 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-SWITCH We have detected a condition where there are conflicting registration values for protocol: [chars], version: [chars], ap_name: [chars], and are swapping out the current values for new values. The data for this can be viewed by executing the appropriate bind point show command. Explanation An error was encountered as the node location was being added to the attach point item. This will prevent the successful registration for this attach point and will leave this configuration space unverified with respect to policy configuration. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-UNDOCK Failed to undock the old [chars] data for protocol: [chars], version: [chars], ap_name: [chars], because: [chars] Explanation An error was encountered as old attach point data was being undocked for new data. As a result, the old data is either still activated, or NO data is activated for this attach point. As this point is would be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-UNLOAD Failed to unload the old attach point data for protocol: [chars], version: [chars], ap_name: [chars], because: [chars] Explanation An error was encountered as old attach point data was being unloaded for new data. As a result, the old data is either still activated, or NO data is activated for this attach point. As this point is would be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_DYNREG-3-UNREGISTER Failed to unregister (for verification) the old attach point data for protocol: [chars], version: [chars], ap_name: [chars], because: [chars] Explanation An error was encountered as old attach point data was being unregistered for new data. As a result, the registration for the old data is still activated for this attach point. As this point is would be best to restart the policy_repository to try to clear this inconsistency. Recommended Action Restart the policy_repository process to remedy this situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages POLICY_REPOSITORY_EDM Messages EM-2361 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 POLICY_REPOSITORY_EDM Messages Error Message %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_BAG_ENCODE Failed to encode [chars] data in external data manager Explanation A process has requested information through SysDB, probably as the result of executing a show command. The data requested could not be encoded. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_BIND Failed to connect to SysDB ([chars]) Explanation The process failed to connect to SysDB while starting the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_EDM_DATA_GENERATE Failed to generate [chars] data in external data manager Explanation A process has requested information through SysDB, probably as the result of executing a show command. The data requested could not be generated. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_EDM_LIST_ADD Failed to add to an external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The attempt to add an item to an external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY_EDM Messages EM-2362 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_EDM_LIST_CREATE Failed to create external data manager list for [chars] Explanation A process has requested information through SysDB, probably as the result of executing a show command. The creation of the external data manager list has failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_EDM_REG Failed to register its external data manager Explanation The process failed when attempting to register its external data manager with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_UNBIND Failed to unconnect to SysDB ([chars]) Explanation The process failed to disconnect from SysDB before starting the indicated subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY_EDM-6-ERR_SYSDB_BAG_REG Failed to register its external data manager data blocks Explanation The process failed while attempting to register its external data manager data blocks with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages POLICY_REPOSITORY Messages EM-2363 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 POLICY_REPOSITORY Messages Error Message %ROUTING-POLICY_REPOSITORY-3-ERR_MEM_ALLOC Failed to allocate resources for [chars] Explanation The policy_repository process failed allocated memory for the operation specified. Recommended Action The policy_repository process may function properly in the future but the operations associated with this configuration are likely in an inconsistent state. Restarting the policy_repository may correct the situation if the memory is being consumed by this process; otherwise restarting the procees that is consuming the memory may be advisable. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-POLICY_REPOSITORY-3-ERR_ORA_DOCK Failed to dock with ORA [chars], version equals [chars], location equals [chars], signature equals [chars], path equals [chars] because: [chars]. This will result in NO policy being monitored or processed for this client. Explanation The policy_repository process, while trying to dock with the client ORA encountered an error. Recommended Action Restart the policy_repository and/or client. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_BAG_DECODE An attempt is being made to decode item ([chars]) which failed ([chars]) Explanation The system is attempting to process a policy object set or named policy and cannot decode the object. Recommended Action Look for out of resource conditions. If memory is low, then restart the policy_repository process and reapply the configuration. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY Messages EM-2364 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_CONNECT Failed to connect to the system database at ’[chars]’ ([chars]) Explanation The policy_repository process failed to bind to the system database at the displayed bind point. Recommended Action The policy_repository process must be restarted before it can function correctly. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_GET Failed to retrieve configuration item: [chars] (Reason: [chars]) Explanation The policy_repository process failed to retrieve an item from the system database. Recommended Action The policy_repository process may function properly in the future but the operations associated with this configuration are likely in an incinsistent state. Consider restarting the process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_REG_NOTIFY Failed to register for database notifications at: [chars] (Reason: [chars]) Explanation The policy_repository process failed to register for notification of changes on the displayed database path. Recommended Action The policy_repository process must be restarted before it can function correctly. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_REG_VERIFY Failed to register for database verifications at: [chars] (Reason: [chars]) Explanation The policy_repository process failed to register for verification of changes on the displayed database path. Recommended Action The policy_repository process must be restarted before it can function correctly. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY Messages EM-2365 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY-3-INCONSISTENT Inconsistency detected: [chars] ([chars]) Explanation The user is trying to do an operation which encountered inconsistent state for a policy object Recommended Action The policy_repository process may function properly in the future but the operations associated with this configuration are likely in an inconsistent state. Restarting the policy_repository may correct the situation. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-POLICY_REPOSITORY-4-CLEANUP Failed to clean up policy ’[chars]’ ([chars]) Explanation When deleting the specified policy, the policy_repository process encountered a problem. This could leave memory unfreed. Recommended Action If the policy_repository process is using an excessive amount of memory, consider restarting it with ’proc restart policy_repository’ to clean up any unused memory. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-4-ERR_SYSDB_DELETE Failed to remove policy [chars] (Reason: [chars]) Explanation The policy_repository process encountered an error while trying to remove the data for a deleted policy. Recommended Action This can only occur when there are no references to the deleted policy in the first place, and therefore will not have any harmful effects. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-4-PARSER_DLL Policy parser DLL: [chars]: [chars] Explanation A system call failed inside the routing policy parser DLL. Recommended Action Try again: the failure might have been due to resource issues. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY Messages EM-2366 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY-4-RPL_EDIT RPL editor: [chars] Explanation A system call failed inside the RPL editor program. Recommended Action Try again: the failure might have been due to resource issues. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-4-SYSMGR_GET_NODE_STATE Failed to receive the [active/standby] state indication. Error: [chars] Explanation An error occurred while trying to get the system [active/standby] state. A state of REDUNDANCY_UNKNOWN will be assumed. This process also registers for notification of changes to the [active/standby] state. Thus, the state can be determined by this means as well. Failure to receive notification for either one of these means could result in this process not functioning properly. Note: At least one of the processes in an active/standby pair must be active in order to assure proper functioning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-7-ARG_MISMATCH Argument list mismatch for statement ’[chars] [chars]’ in policy [[chars]]. Explanation The user is trying to do an operation in which the number of arguments entered does not match the number of argument expected. Recommended Action Correct the number of parameters that are passed in. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-7-ATTACHPOINT_ADD Failed to associate [chars] attach point item ’[chars]’ to policy [chars]. This will leave the policy repository in an inconsistent state. Explanation The policy_repository process was not able to add the attach point to the policy in question. This means that the policy repository will not verify the statements in this policy against the attach point in question. This could allow statements to be added to the policy that (could) result in run time errors in the client at this attach point. Recommended Action Restart the policy_repository process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY Messages EM-2367 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY-7-ATTACHPOINT_MISMATCH Failed to process [chars] attach point item ’[chars]’ because [chars]. This will leave the policy repository in an inconsistent state. Explanation The policy_repository process was not able to extract the policy name OR id value for this attach point path. This means that the policies that are actually using this attach point will NOT be recorded and thus policies *could* be deleted while still in use. Recommended Action Restart the policy_repository. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-7-ITEM_UNSUPPORTED The item of type [chars] and value ([dec]) is not recognized by the policy_repository. Explanation The policy_repository process was not able to extract the the item for this type. Please add support to the policy_repository or remove support from the protocols. Recommended Action This indicates and internal inconsistency between the policy_repository and the protocols. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-7-OBJECT_INIT Failed to initialize [chars]. Error ([hex]): [chars] Explanation The policy_repository was atempting to initialize a data object and it failed. Recommended Action Look for out of resource conditions. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-7-OBJECT_REBUILD Failed to rebuild the [chars] data. Error ([hex]): [chars] Explanation The system was atempting to rebuild an object and it failed. Recommended Action Look for out of resource conditions. The policy_repository will exit and restart. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages POLICY_REPOSITORY Messages EM-2368 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-POLICY_REPOSITORY-7-POLICY_TOO_BIG Policy [[chars]] contains a large number of statements and would cause the policy repository to exceed resource limits. The policy repository is now inconsistent with the running configuration. To regain consistency, rollback to the previous configuration for this policy. Explanation The policy named is very long and/or complex, and in compiling it for execution, the policy repository exhausted resource limits. This was not detected by the usual checks at configuration verification time. Rather than crash, the policy repository is left with the previous configuration for this policy, if any. Recommended Action Rollback the configuration operation to regain consistency between the running configuration and the policy respoitory. Then, rewrite the policy in question in a simpler form. It may help to make use of policies with parameters to reduce the total policy size. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-7-SETS_REBUILD Internal inconsistency rebuilding sets for policy [chars] (Reason: [chars]) Explanation The policy_repository process failed to rebuild the set references for the policy in question. This will result in an inconsistent state in the policy_repository and the process should be restarted. This could result in policies not functioning properly. Recommended Action The policy_repository process should be restarted to clean up the internal inconsistency. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-POLICY_REPOSITORY-7-VERIFY_APPLY Policy [[chars]] failed verification for use in policy [[chars]] Explanation The policy_repository process, while verifying a change to a policy, encountered an error while checking the validity of the change in the policies that are applied by that policy. Recommended Action Fix the offending argument in the applied policy so that it is accepted by the client (i.e. BGP, OSPF, etc.) Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages RASF Messages EM-2369 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RASF Messages Error Message %ROUTING-RASF-3-NO_BASE_COMPARE There was a missing base compare function for an ORA. Explanation This is a logic error in the construction of one of the ORA entities. The compare for checking two different route values against each other was missing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RASF-3-NO_CMP_RETRIEVER There was a missing compare retriever function for an ORA. Explanation This is a logic error in the construction of one of the ORA entities. The function to actually perform the compare retriever operation was not defined. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RASF-3-NO_COMPARE There was a missing compare function for an ORA. Explanation This is a logic error in the construction of one of the ORA entities. A compare function was missing at the ’per route’ level of detail. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RASF-3-NO_RETRIEVER There was a missing retriever function for an ORA. Explanation This is a logic error in the construction of one of the ORA entities. The function to actually perform the retriever operation was not defined. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RASF Messages EM-2370 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RASF-3-NO_SETTER There was a missing setter function for an ORA. Explanation This is a logic error in the construction of one of the ORA entities. The function to actually perform the setter operation was not defined. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RASF-4-ERR_DLL_REG Unable to register cerrno dll [chars] because [chars] Explanation The given cerrno dll could not be marked for use. This does not change the functionality of the system but does obscure the meaning of error codes presented by this part of the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RASF-7-DBGINIT Unable to bring up debug event structures: [chars] Explanation The debug event initialization failed. The rasf will still run correctly, but debug commands may be unavailable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RASF-7-DBGSHUTDOWN Unable to shutdown debug event structures: [chars] Explanation The debug shutdown failed. The rasf will still run correctly, but debug commands may be unavailable. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages RETRY Messages EM-2371 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RETRY Messages Error Message %ROUTING-RETRY-4-DEBUG_INIT [chars] [dec] [chars] [chars] Explanation Internal error. Retry debug library initilization failed Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RIB_LIB Messages Error Message %ROUTING-RIB_LIB-3-ERR_LOCK_FATAL [chars] Pthread [chars], unexpected fatal error [[chars]] Explanation An unexpected fatal error occured when trying operate on a pthread lock. Recommended Action *SUPPORT* Error Message %ROUTING-RIB_LIB-3-FETCH_UPDATE Error fetching RIB update - [chars] Explanation Unexpected error fetching a RIB update notification. See error message for more information. Recommended Action Restarting the client process from which the errow was emitted, or the RIB server, may fix the problem. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB_LIB-4-ERR_POSSIBLE_CONNECTION_LEAK RIB client binding with a non-NULL connection handle. Potential client memory leak. Explanation A client passed a pointer to rib_bind which points to a non-NULL connection. This implies a connection leak in the client code. Recommended Action *SUPPORT* Routing Messages RIB_QUERY_ORA Messages EM-2372 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB_LIB-4-UNBIND Failed to [chars] during client unbind - [chars] Explanation Unexpected error during client unbind operation. This may result in a resource leak. Recommended Action If there is a evidence of a memory leak in the process which reported this error, restart that process. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RIB_QUERY_ORA Messages Error Message %ROUTING-RIB_QUERY_ORA-3-CERRNO_REG Failure registering cerrno DLL with subsys num [unsigned int] and DLL name [chars]. Error: [chars] ([hex]) Explanation A failure occurred during the registration of the DLL for decoding error codes from the component. This may render certain codes unprintable, but otherwise has no negative impact. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB_QUERY_ORA-3-INSTBUILD Failed to build policy operation ’[chars]’ for attribute ’[chars]’.[chars]%s ([hex]) Explanation There was an internal error in the routing policy library and as a result routing policy may not be applied correctly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB_QUERY_ORA-3-ORABUILD Failed to build ORA: [chars]; [chars] ([hex]) Explanation There was an internal error in the routing policy library and as a result routing policy may not be applied correctly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RIB Messages EM-2373 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB_QUERY_ORA-3-RUN Could not apply policy operation ’[chars]’ to attribute ’[chars]’: [chars] ([hex]) Explanation There was an internal error in the routing policy library and as a result routing policy may not be applied correctly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RIB Messages Error Message %ROUTING-RIB-2-CHILD_PARENT_MISMATCH Child [chars] ([chars]) ([dec]) unregistering from Vrf: [chars] Tbl: [chars] Safi: [chars], table id [hex], is not caught up with parent. Route inconsistency possible Explanation A RIB download client (typically bcdl_agent), unregistered from a table while it was out of sync with its parent. The number of routes may no longer be insync in all FIBs. If corresponding bcdl_agent restarted just before this message was seen, this error message can be ignored. Recommended Action Restart the corresponding bcdl_agent process. *SUPPORT* Error Message %ROUTING-RIB-2-PARENT_REREGISTER Parent [chars] ([chars]) ([dec]) reregistering for Vrf: [chars] Tbl: [chars] Safi: [chars], table id [hex], it still has [dec] dependants Explanation A RIB download client (typically bcdl_agent), reregistered from a table while it still has children referring to this table. The number of routes may no longer be insync in all FIBs. If corresponding bcdl_agent restarted just before this message was seen, this error message can be ignored. Recommended Action Restart the corresponding bcdl_agent process. *SUPPORT* Error Message %ROUTING-RIB-2-PARENT_UNREGISTER Parent [chars] ([chars]) ([dec]) unregistering from Vrf: [chars] Tbl: [chars] Safi: [chars], table id [hex], it still has [dec] dependants, context [chars] Explanation A RIB download client (typically bcdl_agent), unregistered from a table while it still has children referring to this table. The number of routes may no longer be insync in all FIBs. If corresponding bcdl_agent restarted just before this message was seen, this error message can be ignored. Recommended Action Restart the corresponding bcdl_agent process. *SUPPORT* Routing Messages RIB Messages EM-2374 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-BATCH_PROTO_REG_FAILURE Protocol batch [chars] from client [dec] for table [hex] protocol [hex] failed: [dec] Explanation An error has occured processing protocol register batch from a RIB client. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-CONVERGE_VERSION_MISMATCH Client [chars] has last signalled version [dec] which is less than the RIB version [dec] for Vrf: [chars] Tbl: [chars] Safi: [chars] Explanation A client updated the RIB for convergence but not with the latest version as known by RIB. This will have delayed or prevented the convergence of the routing table, and hence the purging of any stale routes from the forwarding table. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_CHILD_REDIST_REQUESTS [chars] [dec], line [dec], client [chars] ([dec]) table [hex] Vrf: [chars] Tbl: [chars] Safi: [chars] Explanation An unexpected error occured when trying to add a path to the next-hop database. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_DELETE Path delete failure for Table [hex], prefix [chars]/[dec], protocol [dec], intf [hex], tunnelid [dec], nexthop_table [hex], nexthop [chars] Explanation An error occured when trying to delete a path from a route. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_LOCK_FATAL Pthread lock [chars], unexpected fatal error [[chars]] Explanation An unexpected fatal error occured when trying operate on a pthread lock. Recommended Action *SUPPORT* Routing Messages RIB Messages EM-2375 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-ERR_LOOKUP Table [hex], prefix [chars]/[dec], intf [hex], unexpected lookup results in [chars] Explanation An unexpected lookup error occured when trying to lookup a prefix. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_MEM_ALLOC Failed to allocate memory for RIB operations Explanation Failed to allocate memory for RIB operations probably out of memory because of huge configuration or a memory leak. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_MEM_NHPATH [chars] Explanation An unexpected error occured when trying to clear redist information for a client. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_MUTEX_FATAL Mutex [chars], context ’[chars]’, unexpected fatal error [[chars]] Explanation An unexpected fatal error occured when trying to lock or unlock a RIB mutex. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_NH_ATTRIBUTE [chars] Explanation An unexpected error occured, a nexthop which is a RIB-only nexthop should not have path information but has. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_NH_PACK [chars], table [hex] Explanation An unexpected nh notification packing error occured. Recommended Action *SUPPORT* Routing Messages RIB Messages EM-2376 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-ERR_NH_PATH Could not add [chars] to nh db for Vrf: [chars] Tbl: [chars] Safi: [chars] Explanation An unexpected error occured when trying to add a path to the next-hop database. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_REDIST_INFO_CLEAR [chars], table [hex], client [chars] [chars] ([dec]) Explanation An unexpected error occured when trying to clear redist information for a client. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_RIBIO Client [chars] [chars] warning [[chars]] Explanation An unexpected but non-fatal error occurred when a client performed an input/output operation. See error message for more information. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_RSI [chars], [chars] [chars] id [hex], [chars] Explanation An unexpected RSI error occured during a table creation/deletion/modification operation. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-ERR_TABLE_OPERATION [chars], table [hex] [chars] Explanation Some type of table related error occurred. Recommended Action *SUPPORT* Routing Messages RIB Messages EM-2377 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-ERR_THREAD_POOL Thread pool [chars] unexpected fatal error [[chars]] Explanation An unexpected fatal error during a RIB thread pool operation. See error message for more details. Recommended Action If the error is due to lack of resources, attempt to free some up and then restart RIB. Otherwise Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB-3-EVENT_BOOLEAN_SET Failed to set [chars] event boolean to [chars]: [chars] Explanation Unexpected error during event boolean set. This may result in unreleased memory resources in RIB server. Recommended Action If there is evidence of a memory leak in the RIB server, restarting it should help alleviate the problem. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB-3-GO_ACTIVE Failed to transition from active to standby - [chars] Explanation Fatal error handling node state transition to active. Recommended Action The RIB process should have restarted automatically and then gone into active state successfully. If not, try manually restarting it. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB-3-GO_STANDBY Node state changed from active to standby - don’t know what to do Explanation Node role state regressed from active state to standby state. This is not currently supported by RIB. Recommended Action If the node’s role change from active to standby was not deliberate, Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RIB Messages EM-2378 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-IMPROPER_PREFIX_MASK_LEN Received improper prefix, mask length [chars]/[dec] from client: [chars] proto: [chars]%s for Vrf: [chars] Tbl Id: [hex] Explanation A client sent a batch to RIB containing an invalid op code. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-INTERFACE_DB Interface database: failed to [chars] the entry for [chars] with table id [unsigned int] Explanation The rib unexpectedly failed to update the interface - IP address database. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-INVALID_BATCH_OPERATION Received invalid batch operation from client: [unsigned int] Explanation A client sent a batch to RIB containing an invalid op code. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-INVALID_BCDL_REGISTRATION BCDL client [chars] ([dec]) registering with parent [chars] ([dec]) which also has a parent Explanation Invalid BCDL registration detected. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-INVALID_TABLE_ACCESS A client attempted to access invalid table: [hex] Explanation A client attempted to access a RIB table that does not exist. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-LTRACE_INIT RIB ltrace init failed. Error initialising [[chars]] trace buffer. Process terminated : [chars] Explanation The ltrace buffer could not be initialised Recommended Action *SUPPORT* Routing Messages RIB Messages EM-2379 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-LWM_REPLY Failed to send reply to client - [chars] Explanation Unexpected error sending reply to a RIB client. Recommended Action Check for errors in the state of the routing table. If any problems are identified, restarting the client and/or RIB may help to fix the problem. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB-3-MAIN_INIT Main thread initialization failed [[chars]:[chars]]. Process terminated Explanation An error occurred during main thread initialization, causing the process to terminate. Check the details of the error message for more information. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-MGMNT_INIT Management thread initialization failed [[chars]:[chars]]. Process terminated Explanation An error occurred during management thread initialization, causing the process to terminate. Check the details of the error message for more information. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-NEXTHOPS_TRAVERSE Failed to unregister next-hops for client [chars] - [chars] Explanation Unexpected error unregistering client next-hops. This may lead to a slow memory leak. Recommended Action If RIB is leaking memory, try restarting it. *SUPPORT* Error Message %ROUTING-RIB-3-NH_CLIENT Failed to insert client [chars]/[chars] for nexthop [chars]/[dec] Explanation An unexpected error occured when trying to clear redist information for a client. Recommended Action *SUPPORT* Routing Messages RIB Messages EM-2380 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-NH_DB_ADD Could not add nexthop to nh db, error [chars] Explanation An unexpected error occured when trying to clear redist information for a client. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-NH_INSERT_HEAP Cannot insert nh_entry into the heap, [chars] Explanation An unexpected error occured when trying to clear redist information for a client. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-NSF_WARN Failed to allocate resources required for NSF [chars] Explanation Unexpected resource error during NSF initialization. This may result in NSF failures. Recommended Action Free some resources and restart RIB *SUPPORT* Error Message %ROUTING-RIB-3-PREFIXES_FULL The route prefix table ([hex]), VRF: [chars], is full with [unsigned int] prefixes. Explanation The route prefix table has become full--either because the table reached the configured maximum fill level, or a maximum of 2,000,000 prefixes are stored. Recommended Action If the maxmimum configured number of allowed route prefixes is configured lower than the allowed maximum of 2,000,000, update the configuration to allow a larger number of route prefixes. This threshold is set using the ’maximum prefix {max_prefixes} {low_threshold_percentage}’ command. This command can be set per virtual router (vrf) or for the main routing table. Error Message %ROUTING-RIB-3-PURGE_TIMER_ALLOC Not enough memory to allocate purge timer for Protocol [chars] (Instance [chars]) Explanation Couldn’t allocate a purge timer. Old routes for this protocol may not automatically get purge from the FIB table. Recommended Action Free up some resources and restart the RIB. *SUPPORT* Routing Messages RIB Messages EM-2381 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-QSM_ADD_SERVICE RIB failed function qsm_add_service to add local service: [chars] Explanation RIB failed to advertise it local channel during failed over. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-3-RUMP_NOTIFY Failed to notify RUMP of new protocol: [chars] Explanation Failed to notify RUMP about a newly registered protocol. See error message for more details. The result is that routes from the new protocol will not be redistributed into the multicast table. Recommended Action Restart the RUMP process. *SUPPORT* Error Message %ROUTING-RIB-3-SHUTDOWN Process is shutting down: [chars] Explanation The RIB process has performed a graceful shutdown and will be restarted. Recommended Action Check to make sure the process has restarted. If not, restart manually Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIB-3-SYSDB_FD_CLOSED RIB is closing sysdb EDM connection, fd: [dec] Explanation This notification indicates that RIB component is closing the connection with sysdb. Ignore the log if RIB or sysdb is restarting. Recommended Action If RIB or sysdb is not restarting while this message is logged check if RIB show commands are working. This message is added to catch this exact scenario. Error Message %ROUTING-RIB-3-TIME_ERR Failed to get timestamp from kernel Explanation A call to clock_gettime failed. Recommended Action *SUPPORT* Routing Messages RIB Messages EM-2382 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-3-UPDATE_TIMEOUT Client [chars] updated the RIB without signaling update completion for Vrf: [chars] Tbl: [chars] Safi: [chars] Explanation A client updated the RIB without signaling update completion. This will have delayed the convergence of the routing table, and hence the purging of any stale routes from the forwarding table. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-4-INVALID_SYSDB_ERROR RIB received an unexpected error([dec]) from sysdb Explanation RIB recevied an unexpected error number from sysdb API. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-4-OPAQUE_FLAG_MISMATCH Client [chars]adding opaque data of type [hex] for which it has not register to RIB Explanation A client adding an opaque data type for which it did register to RIB. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-4-PREFIXES_BELOW_THRESHOLD The previously full route prefix table ([hex]), VRF: [chars] is no longer full and can accept more routes. Explanation The route prefix table is no longer considered full. This warning is generated after a full route prefix table frees off some route prefixes. Recommended Action *NONE* Error Message %ROUTING-RIB-4-PREFIXES_REACHED_LOW_THRESHOLD The fill level for the route prefix table ([hex]), VRF: [chars], reached the low warning fill level of [unsigned int] prefixes. Explanation This warning indicates the number of prefixes in the specified prefix table reached the configured fill threshold. This is an informational message that may be used to alert changing trends in the number of active prefixes. This threshold is set using the ’maximum prefix {max_prefixes} {low_threshold_percentage}’ command. This command can be set per virtual router (vrf) or for the main routing table. Recommended Action If this threshold is regularly reached, it may no longer convey the original meaning. Either increase the fill percentage for the prefix table, or increase the number of prefixes that can be stored in the table. Both of these options are updated in the using the ’maximum prefix’ command. Routing Messages RIB Messages EM-2383 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-4-RECURSION_DEPTH_CHANGED Maximum recursion depth changed. Please restart process to take effect. Explanation The maximum recursion depth has changed. In order for the new value to take effect, the process has to be restarted. This warning is generated to remind the the customer to restart the RIB processes. Recommended Action restart the RIB Error Message %ROUTING-RIB-4-SELECT_IGNORED Client [chars] on [chars] - File select input ignored Explanation Internal notification error. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-4-SYSMGR_NODE_STATE Failed to retrieve node state from sysmgr: [chars] Explanation Sysmgr returned a failover from a node state query. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-4-UNSUPPORTED_OOM_STATE Bad memory state received from wdsysmon ([dec]) Explanation A memory state transition notification was received from wdsysmon with an invalid state. Recommended Action *SUPPORT* Error Message %ROUTING-RIB-4-WARN_UNEXPECTED_EXT_COMM [chars], [chars]/[dec] in table [hex] Explanation A route has extended communities attached to it unexpectedly. Recommended Action *SUPPORT* Routing Messages RIP_POLICY Messages EM-2384 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIB-5-TABLE_NH_DAMPED Nexthops in Vrf: [chars] Tbl: [chars] ([hex]) Safi: [chars] are getting damped Explanation This notification indicates that there is atleast one nexthop in this RIB table that is getting damped. Recommended Action *DEBUG* Error Message %ROUTING-RIB-6-INFO_LOCKING_CONTEXT_DISPLAY Rib locking context[[dec]] [chars], operation: [chars], thread id: [dec] Explanation Display a single entry of locking context information. The cause of this informational message should be evident from the context in the log. Recommended Action *DEBUG* Error Message %ROUTING-RIB-7-INFO_LOCKING_OPERATION_DISPLAY [chars] in function [chars] Explanation Display the operation being performed on lock, and the function the operation is taking place in. This will only be displayed in verbose locking debugging. Recommended Action *DEBUG* Error Message %ROUTING-RIB-7-SERVER_ROUTING_DEPTH Recursion loop looking up prefix [chars] in Vrf: [chars] Tbl: [chars] Safi: [chars] Explanation Recursive route lookup for resolving the prefix has exceeded the maximum recursion depth allowed(possibly because of a routing loop). Recommended Action To further debug/troubleshoot this state use commands like ’show route’ and ’show route resolving-next-hop’ recursively to resolve the prefix manually, notice if there are any loops indeed. RIP_POLICY Messages Error Message %ROUTING-RIP_POLICY-3-ORA_INSTBUILD Failed to build [chars]: [chars] ([chars]) Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RIP Messages EM-2385 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIP_POLICY-3-ORA_ORABUILD Failed to build ORA[chars]: [chars] ([chars]) Explanation There was an internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP_POLICY-3-ORA_RUN Could not apply policy operation [chars] to attribute [chars] because [chars] Explanation Internal error in the routing policy library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. RIP Messages Error Message %ROUTING-RIP-2-ERR_MEM_ALLOC Could not allocate memory for [chars]: instance [chars] Explanation There is not enough memory available to RIP process. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-RIP-3-ERR_AUTH Failure in RIP authentication module in context [chars]: instance [chars]: error equals [chars] Explanation Internal error encountered in RIP authentication module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RIP Messages EM-2386 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIP-3-ERR_CFG Error during configuration in context [chars]: error equals [chars] Explanation Internal error encountered in RIP configuration functions. Recommended Action Please retry the configuration command that caused this error and check running configuration to make sure it is correct. If the error persists open a case with TAC. Error Message %ROUTING-RIP-3-ERR_CLEAR Error in clear server in context [chars]: error equals [chars] Explanation Internal error encountered in RIP clear server. Recommended Action Please retry the command. If the error persists open a case with TAC. Error Message %ROUTING-RIP-3-ERR_EVENT Event handling error in context [chars]: type [dec]: error equals [chars] Explanation Internal error encountered in RIP event handling mechanisms. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-3-ERR_IF Error in interface module in context [chars]: instance [chars]: error equals [chars] Explanation Internal error encountered in RIP interface module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-3-ERR_INIT Initialization error in context [chars]: instance [chars]: error equals [chars] Explanation There was an error during initialization of one of RIP’s components. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RIP Messages EM-2387 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIP-3-ERR_ITAL ITAL error in context [chars]: VRF [chars]: Interface [chars]: IPAddress [chars]: error equals [chars] Explanation Internal error encountered in RIP ITAL module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-3-ERR_OOM Error in handling out-of-memory condition in context [chars]: state equals [chars]: error equals [chars] Explanation An internal error encountered in RIP’s OOM module. This may affect RIP’s behavior only under low memory conditions; otherwise RIP will operate normally. Recommended Action No action is required. Error Message %ROUTING-RIP-3-ERR_PAK_AUTH Authentication failure for RIP [chars] packet in context [chars]: instance [chars]: error equals [chars] Explanation Authentication failure during RIP send/receive packets. Recommended Action Please check to make sure RIP interface authentication configuration is correct. If key chains are used, please make sure atleast one active key is available for send operation. Please make sure both send and receive interfaces are configured with the same authentication mode. For text authentication mode, please make sure the active password used on the send interface key chain is also active on the receive interface key chain. For MD5 authentication mode, please make sure the active key ID and password used on the send interface key chain is also active on the receive interface key chain. Error Message %ROUTING-RIP-3-ERR_PAK_RECV Packet receive error in context [chars]: instance [chars]: error equals [chars] Explanation Error encountered during RIP packet receive operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RIP Messages EM-2388 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIP-3-ERR_POLICY Policy error in context [chars]: name [chars]: error equals [chars] Explanation Internal error with route policies used by RIP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-3-ERR_RDB RDB error in context [chars]: VRF [chars]: TableID [unsigned int]: error equals [chars] Explanation Error encountered in RIP’s routing database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-3-ERR_REDIST Redistribution error in context [chars]: protocol [chars]: instance [chars]: error equals [chars] Explanation Internal error encountered during redistribution of other protocols into RIP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-3-ERR_RIB RIB error in context [chars]: VRF [chars]: IPAddress/PrefixLen [chars]/[unsigned int]: error equals [chars] Explanation Error encountered by RIP during interaction with RIB. Recommended Action These messages are expected during RIB process restart. In all other cases, please contact TAC. Error Message %ROUTING-RIP-3-ERR_THREAD_MUTEX_LOCK Error [chars] locking [chars] in context [chars]: error equals [chars] Explanation Internal error during locking of a RIP resource. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RPL_COORD Messages EM-2389 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RIP-3-ERR_THREAD_MUTEX_UNLOCK Error unlocking [chars] in context [chars]: error equals [chars] Explanation Internal error during unlocking of a RIP resource. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-3-ERR_TOPO Route operation error in context [chars]: VRF [chars]: IPAddress/PrefixLen [chars]/[unsigned int]: error equals [chars] Explanation Internal error encountered in RIP’s topology module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RIP-6-INFO_OOM RIP out-of-memory event [chars]: new/current state equals [chars]: old state equals [chars] Explanation This is an event associated with out-of-memory conditions on the router. If the new state is MINOR, no new VRF contexts or interfaces will be activated. If the new state is SEVERE, some VRF contexts and interfaces may be forcible deactivated in order to free up memory. If the new state is CRITICAL, the RIP process will be shutdown. If the new state is NORMAL, RIP will behave normally. If a VRF context or interface is forcibly deactivated, it will not be activated again when memory state returns to NORMAL unless the user explicitly clears the out-of-memory condition in the VRF context or the interface using the ’clear rip’ command. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. RPL_COORD Messages Error Message %ROUTING-RPL_COORD-3-ERR_EVM_CREATE Unable to obtain required communication handler: [chars] Explanation The rpl multi-version coordinator was unable to obtain the event handler. This handle is required for all base level communitions with the rest of the system, so the coordinator was shutdown so sysmanger could attempt to restart. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RPL_COORD Messages EM-2390 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RPL_COORD-3-ERR_EVM_EVENT_BLOCK Error seen in primary wait loop: [chars] Explanation The rpl multi-version coordinator saw an error in the primary event loop. Recommended Action This should be reported to technical support. If only a single message was seen, however, the coordinator may still be functioning. Route policy may not be operational until this is resolved. Error Message %ROUTING-RPL_COORD-3-ERR_EVM_PROC_AVAILABLE Unable to issue process available: [chars] Explanation The system manager did not accept the proccess available that the rpl multi-version coordinator tried to post. The coordinator will exit so the system manager can restart it. Route policy may not be operational until this is resolved. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-3-ERR_EVM_PROC_READY Unable to issue process ready: [chars] Explanation The system manager did not accept the proccess ready that the rpl multi-version coordinator tried to post. The coordinator will exit so the system manager can restart it. Route policy may not be operational until this is resolved. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-3-ERR_GROUP_CREATE Unable to create the required ’[chars]’ group services group: [chars] Explanation The rpl multi-version coordinator was unable to create the group services group that is required to coordinate with other route policy entities. The coordinator will exit to allow the system manager to restart it. Route policy may not be operational until this is resolved. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RPL_COORD Messages EM-2391 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RPL_COORD-3-ERR_LWM_CHANNEL Unable to publish global channel: [chars] Explanation The rpl multi-version coordinator was unable to publish its channel in the global space. The coordinator will exit so the system manager can restart it. Route policy may not be operational until this is resolved. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-3-SW_CHANGE Unable to register for software change notification because [chars] Explanation The attempt to register with the install manager for change of software notification failed. The process will restart in an attempt to clear the problem. Route policy may not be operational until this is resolved. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-4-DEFAULT_ACTION The call to install_default_action failed because [chars] Explanation During the processing of a software change notice, the command to take the default restart action failed. The routine will now fall back on a straight exit. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-4-DLL_MANAGER Unable to setup remote dll manager: [chars] Explanation The attempt to setup the rpl remote dll coordinator failed. This will prevent the rpl coordinator from running and may prevent route policy from executing. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RPL_COORD Messages EM-2392 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RPL_COORD-4-ERR_DLL_CHECK The query to install_check_dll_changes failed because [chars] Explanation During the processing of a software change notice, the command to check the list of open dlls vs changed dlls failed. The routine will now attempt to fall back on default disposition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-4-ERR_DLL_LIST The query for docked dlls failed because [chars] Explanation During the processing of a software change notice, the command to get a list of dlls that this process had open failed. The routine will now attempt to fall back on default disposition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-4-ERR_GROUP_COMPONENT Group message from outside route access component ([dec] vs [dec]). ignored. Explanation The rpl multi-version coordinator received a group services message from a component other than itself. The message was ignored and thus the operations of the coordinator are unaffected. However, this can be a sign that something else is going wrong in the system. Recommended Action Observe system for other failures. Error Message %ROUTING-RPL_COORD-4-ERR_GROUP_MSG_BAD Unknown message type: [dec]. Message ignored. Explanation The rpl multi-version coordinator received a message with a type it did not recognize. The message was ignored. Recommended Action Observe system for other failures. Error Message %ROUTING-RPL_COORD-4-ERR_GROUP_MSG_LONG A ’who has this’ message longer ([dec]) than required [dec] octets. Ignored. Explanation A ’who has this’ dll message was longer than its content implied. This indicates either a corruptions of the message itself or a failure of the client to build the message correctly. Recommended Action Observe system for other failures. Routing Messages RPL_COORD Messages EM-2393 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RPL_COORD-4-ERR_GROUP_MSG_SHORT A ’who has this’ message shorter ([dec]) than required [dec] octets. Ignored. Explanation A ’who has this’ dll message was shorted than its content implied. This indicates either a corruptions of the message itself or a failure of the client to build the message correctly. Recommended Action Observe system for other failures. Error Message %ROUTING-RPL_COORD-4-ERR_MEM_ALLOC rpl multi-version Coordinator could not get memory to respond to ’who has this’ request. Explanation The rpl multi-version coorindator was unable to respond to a ’who has this’ request and was forced to ignore the message. This will likely cause a timeout on the client side. If this was the only node with the version of the dll being requested active on it, the client will be unable to access this version. If other nodes have it, the multi-version dll operation will continue. The status of this node remains in uncertain in any case. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-4-FIND_FILE Dll ’[chars]’ find failed ([chars]). No response sent Explanation When the rpl multi-version coordinator tried to locate the dll, an error was encountered. Because of this, no response will be returned. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-4-INSTALL_READY The call to indicate install ready failed because [chars] Explanation The attempt to notify install manager of install complete failed. If this is the initial startup, there should be no side affects. If this is the result of a software upgrade/downgrade, it is likely the process will be restarted by sysmgr after a timeout period. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RPL_COORD Messages EM-2394 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RPL_COORD-4-REBOOT install_will_this_node_reboot failed because [chars] Explanation During the processing of a software change notice, the command to get reboot information for this notice failed. The routine will now attempt to fall back on default disposition. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-7-DBGINIT Unable to setup debug handlers: [chars] Explanation The rpl multi-version coordinator was unable to setup the debug handlers. This will not affect its operational, but will prevent debug commands for the coordinator from functioning. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RPL_COORD-7-ERR_GROUP_RESPONSE Response to message [chars] received, but coordinator only supports requests Explanation The rpl multi-version coordinator received a message response instead of a request. This has been ignored and it is likely no other problems will result from this. Recommended Action Observe system for other failures. Error Message %ROUTING-RPL_COORD-7-NO_TERM The message string ’[chars]’ was missing it null terminator from [chars]:[chars] Explanation The given message string should have arrived with a null terminator in it. The library has repaired this, but it should not have occured in the first place. No operational impact should be visible. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Routing Messages RRR_PCALC Messages EM-2395 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RRR_PCALC Messages Error Message %ROUTING-RRR_PCALC-3-ERR_MEM_ALLOC [chars] [dec] Explanation A failure at an attempt to allocate memory was detected. Recommended Action Add more memory. RSVP Messages Error Message %ROUTING-RSVP-3-CLIENT_QUEUE_OVERFLOW Notification queue for client ’[chars]’ is overflowing Explanation The nofitication queue for the specified client has overflowed. Notifications are being dropped and the client has become out-of-sync. Immediate corrective actions required to reduce impact of TE traffic. Recommended Action First determine the cause of the queue overflow. There is a problem causing the client to become unresponsive, or otherwise not able to process the queue fast enough. The client could be blocked, or ’rsvp’ could be exposed to a prolonged packet burst/flood. Check CPU load, process states and incoming RSVP packet rate (use CLI ’show rsvp counters message’ for sampling). Once the cause is corrected, a restart of the client is necessary to recover. Error Message %ROUTING-RSVP-3-RSVP_LSP_RESOURCE_EXHAUSTED Failed to get a new LSP resource Explanation Resources to setup new LSP’s are exhausted. Recommended Action This condition will persist until some LSP’s are brought down. Error Message %ROUTING-RSVP-3-RSVP_TRACE_INIT_FAILED RSVP event tracing subsytem initialization failed Explanation RSVP could not initialize the event tracing module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages RSVP Messages EM-2396 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RSVP-4-SHUTDOWN Process is shutting down ([chars]): [chars] Explanation RSVP process has encountered a problem which means it is no longer able to continue and is shutting down. The message includes a brief description of the problem. The message also describes whether or not RSVP process has been automatically restarted. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Follow the instructions associated with this message. If message states that an automatic restart has been scheduled, then RSVP process will recover automatically. If a manual restart is required, then ’process restart rsvp’ is required to recover. Error Message %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_DIGEST Incoming [chars] from [chars] to [chars] discarded - bad digest using key chain ’[chars]’ key [unsigned long long int], [chars] Explanation The router received an RSVP message with a bad integrity digest. RSVP discarded the message because the digest verification failed. The ’key-strings’ used may not be configured the same on both sender/receiver. Recommended Action Check the configuration on the router and sending system to make sure that the authentication configuration is compatible. Especially ensure that the key-strings for the specified key ID’s match. Also ensure that the peer is using a supported HMAC cryptographic-algorithm. Error Message %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_DUP Incoming [chars] from [chars] to [chars] discarded - authentication seq #[unsigned long long int] is a duplicate, [chars] Explanation The router received an RSVP message with an authentication sequence number that has already been seen. RSVP discarded the message because an untrusted source may be (unsuccessfully) attempting an RSVP message replay attack. Recommended Action If you can verify that the source is trusted, it is possible that the source has rebooted and its clock has gone backward in time; in this case, the source should be configured to synchronize its clock with an NTP server. Otherwise, the sender could be an untrusted source (unsuccessfully) attempting an RSVP message replay attack; try to find and disable the untrusted source. Routing Messages RSVP Messages EM-2397 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_KEY Incoming [chars] from [chars] to [chars] discarded - key [unsigned long long int] is not eligble using key chain ’[chars]’, [chars] Explanation The router received an RSVP message with a bad integrity digest. RSVP discarded the message because the digest verification failed. The received key ID specified is not currently active/configured. Recommended Action Check the configuration on the router and sending system to make sure that the authentication configuration is compatible. Especially ensure that the configured key ID’s match and are active/enabled. Error Message %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_SEQ Incoming [chars] from [chars] to [chars] discarded - authentication seq #[unsigned long long int] is outside authentication window ([unsigned long long int]), [chars] Explanation The router received an RSVP message with a bad authentication sequence number. It may be possible in some cases that bursts of RSVP messages become re-ordered between RSVP neighbors. It may also be possible that an attack was attempted. Recommended Action If this occurs on a regular basis, and you can verify that the node sending the burst of messages is trusted, use the window-size option to allow for the burst size such that RSVP will not discard such reordered bursts. Error Message %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_TYPE_MISMATCH Incoming [chars] from [chars] to [chars] discarded - sender is using [chars] as the digest for key chain ’[chars]’ key [unsigned int], [chars] Explanation The router received an RSVP message with an authentication digest type that does not match the type configured on the router. RSVP discarded the message because the digest cannot be verified. Recommended Action Check the configuration on the router and sending system to make sure that the authentication configuration is compatible. Especially ensure that the cryptographic-algorithm for the specified key ID’s match. Error Message %ROUTING-RSVP-5-RSVP_AUTH_NO_KEYS Outgoing [chars] from [chars] to [chars] discarded - no active keys from key-source [chars] -- [chars], [chars] Explanation The router is unable to authenticate outgoing RSVP messages due to a lack of availaible keys. Recommended Action Check the router configuration of the specified key source. Routing Messages RUMP Messages EM-2398 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RSVP-6-RSVP_HELLO_STATE_DOWN Graceful restart hello session to [chars] has changed to the down state Explanation The RSVP Graceful Restart Hello session with a neighbor has gone down. This may be due to either a problem in the communication link with the neighbor or the neighbor’s RSVP control plane may be restarting. Recommended Action If RSVP hello communication is not re-established within the neighbor’s Restart Time, RSVP states will be deleted. You may wish to determine if there is a communication problem with the neighbour, or if the neighbour’s RSVP control plane has restarted. Error Message %ROUTING-RSVP-6-RSVP_HELLO_STATE_UP A graceful restart hello session to [chars] has been established Explanation A new hello session with a neighbour has been established Recommended Action No action is required. RUMP Messages Error Message %ROUTING-RUMP-2-ERR_MEM_ALLOC No memory for [chars] Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %ROUTING-RUMP-3-ERR_INIT Initialization failed for [chars] ([chars]) Explanation An error occurred during initialization. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RUMP-3-ERR_SYSDB SysDB Error: [chars] ([chars]) Explanation An error occurred when accessing the system database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages SAP_LISTEN Messages EM-2399 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-RUMP-3-INTERNALERR Internal error: [chars], [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RUMP-3-RIB_FAIL RIB failure for [chars] ([chars]) Explanation RIB initialization failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-RUMP-6-GRACEFUL_RESTART Restarting because [chars] restarted Explanation RUMP is restarting because the corresponding RIB proc restarted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SAP_LISTEN Messages Error Message %ROUTING-SAP_LISTEN-3-BAG_RELATED_ERROR Bag related error: [chars] : [chars] Explanation The SAP had trouble wth Bags. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-DEBUG_INIT_FAILED Debug Initialization failed Explanation Debug Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages SAP_LISTEN Messages EM-2400 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-SAP_LISTEN-3-EVENT_CONN_MGR_ERROR Event connection manager error:[chars] - [chars] Explanation Failed to open connection to Connection Manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-EVENT_MGR_CREATE_FAILED A call to event_manager_create() failed Explanation A problem occurred while calling the event_manager_create() API. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-GEN_ERR [chars] : [chars] Explanation General error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-MALLOC_FAILED malloc() failed : failed to allocate memory to receive messages Explanation A call to malloc() failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-SOCKET_ERROR Socket Error : [chars] - [chars] Explanation Socket Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages TAGCON Messages EM-2401 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-SAP_LISTEN-3-SYSDB_ACCESS_ERROR Sysdb related error: [chars] Explanation The SAP listener had trouble accessing SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-SYSDB_REGISTRATION_FAILED Sysdb registration error: [chars] Explanation The SAP had trouble registering as a notifier with SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-TIMER_ERROR Timer Error : [chars] Explanation Timer Error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-SAP_LISTEN-3-TUPLE_ERROR Tuple operation error : [chars] Explanation Tuple operation failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. TAGCON Messages Error Message %ROUTING-TAGCON-3-BUFFERBIND Unexpected error [dec]; peer [chars]; [chars] Explanation An unexpected failure occurred while building an LDP message for transmission to an LDP peer. It occurred when attempting to add a tag binding or an address to the message. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Routing Messages TAGCON Messages EM-2402 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-TAGCON-3-LABEL_OP Failed to [chars] remote label for [chars]/[dec] Explanation A problem is encountered to create/remove tag bindings Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TAGCON-3-TDPID Peer [chars], LDP Id/Addr mapping problem ([chars]) Explanation The tag distribution and control process maintains a data structure used to convert between the TDP identifier for a TDP peer and the IP addresses of that peer. This message is generated when an internal inconsistency is discovered in that data structure. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TAGCON-4-BAD_ADDR_LEN A message with a bad address length [unsigned int] is received from peer [chars] Explanation The address length is corrupt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TAGCON-4-UNEXPECTED_ALIST_TYPE Unexpected alist type from peer [chars] Explanation Address and Withdraw Address PDUs must have alist Type 3. But the received alist type is corrupt Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TAGCON-4-UNEXPECTED_MSG_TYPE Unexpected Message type ([unsigned int]) received from peer [chars] Explanation An unexpected message type is received. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages TDP Messages EM-2403 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-TAGCON-4-UNSOL_OPEN_FAIL Unsolicited open failed for peer [chars] Explanation Cannot create/find the peer adj struct. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TAGCON-5-SEND Could not queue LDP [chars] message for [int]([chars]) Explanation An attempt to queue an LDP message for transmission to a peer failed. Recommended Action This is an informational message. Failure to queue a msg for a peer should occur only when the LDP session with the peer no longer exists. The software should recover from this situation by discarding the LDP session and trying to establish a new one. If this message occurs repeatedly, copy it exactly as it appears and report it to your technical service representative. TDP Messages Error Message %ROUTING-TDP-3-BAD_PREFIX_LEN Peer [chars]; prefix len [dec] Explanation An LDP message containing a destination prefix with a bad length has been received from a peer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TDP-3-ERR_GENERAL [chars] Explanation The specified operation failed. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-TDP-3-LDP_OP Failed to queue a NOTIF with code [hex] for peer [chars] Explanation An internal operation failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Routing Messages TDP Messages EM-2404 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-TDP-3-LIB_APP [chars] failed for [chars]: [chars] Explanation A library call failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TDP-3-SM Unexpected event: peer [int]([chars]), state equals [chars], event equals [chars]%s Explanation An operation on the state machine for an LDP peer failed. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-TDP-4-BAD_PDU Received bad PDU [chars] from peer [chars]: [chars] Explanation Received a bad PDU from a peer. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %ROUTING-TDP-4-LDP_SESSION_PARAM Peer [chars] Explanation The session parameters proposed by an LDP peer differ from those preferred by the platform. The differences are not sufficient to prevent the LDP session from being established, but may have an impact on label distribution operation. Recommended Action If the parameters identified relate to the optional path vector-based loop detection mechanism, note that the IETF LDP specification recommends that when Loop Detection is enabled in a portion of a network, it is recommended that all LSRs in that portion of the network be configured with Loop Detection enabled and with the same path vector limit. If the parameters identified relate to some other aspect of the LDP session and the message occurs repeatedly, copy it exactly as it appears and report it to your technical service representative.Routing Messages TIB Messages EM-2405 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 TIB Messages Error Message %ROUTING-TIB-3-DB_OP Failed to [chars] in radix tree for entry [chars]/[dec] Explanation An operation on the radix tree failed. Recommended Action Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-TIB-3-ERR_GENERAL [chars] Explanation An action attempted by the LDP TIB implementation failed. Recommended Action None required. Error Message %ROUTING-TIB-3-LCL_LABEL_STATE Unexpected local_label state ([unsigned int]) for [chars]/[dec] Explanation The Tag Information Base (TIB) involving a locally assigned (incoming) tag/label is corrupt Recommended Action This is an informational message. The system proceeds by omitting the label operation. This may result in impaired or faulty behavior for labelled packets for this destination. Copy the message exactly as it appears and report it to your technical service representative. Error Message %ROUTING-TIB-3-REV_NUM_WRAP TIB revision number seems to wrap Explanation The TIB revision number used to manage advertisement of tags to LDP peers overflowed. This will result in faulty label distribution to LDP peers. The system recovers by toggling dynamic tag switching off and on, which forces the revision number to be re-initialized. Recommended Action None required. UCP_LCTRL_LIB Messages Error Message %ROUTING-UCP_LCTRL_LIB-3-ERR_LIB [chars] : [chars] Explanation An error occured with the line control library Recommended Action Please provide the output of the line control trace to the TAC.Routing Messages UCP_LCTRL Messages EM-2406 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 UCP_LCTRL Messages Error Message %ROUTING-UCP_LCTRL-7-ERR_INIT_SERVER Server initialization failure: [chars] Explanation The ucp lctrl server could not be initialized. Recommended Action No action is required. UCP_OLM Messages Error Message %ROUTING-UCP_OLM-3-NOT_RUNNING LMP system database not found; LMP is probably not running Explanation UCP LMP process is not running Recommended Action Please verify that at least one valid LMP or O-UNI configuration command has been entered and that the LMP process is running using the ’show proc ucp_olm’ command. Error Message %ROUTING-UCP_OLM-7-ACTIVE_IPCC_AVAIL At least one IPCC is now available for neighbor [chars] Explanation An IPCC has come back up or newly configured for a neighbor. Recommended Action No action is required. Error Message %ROUTING-UCP_OLM-7-ERR_INTERNAL [chars] Explanation An internal system error occurred. Recommended Action Please provide the output of the LMP trace to TAC. Error Message %ROUTING-UCP_OLM-7-MPLS_TE_LMP_ROUTER_ID_CHANGE MPLS TE LMP Router ID changed (from: [chars], to: [chars]) Explanation All existing MPLS TE optical tunnels will go down and will be re-established using the new router ID value. Recommended Action If MPLS TE optical tunnels do not come up after this change, please make sure that MPLS TE application is using the same router ID as specified in the global router ID. Routing Messages UCP_OLM Messages EM-2407 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %ROUTING-UCP_OLM-7-MPLS_TE_LMP_ROUTER_ID_ZERO MPLS TE LMP application does NOT have a router ID to use Explanation All existing MPLS TE optical tunnels will NOT come up until a Global or MPLS TE router ID value is specified using CLI. Recommended Action Please specify a global MPLS TE router ID or a local MPLS TE LMP router ID Error Message %ROUTING-UCP_OLM-7-NO_ACTIVE_IPCC All IPCCs are down or removed for neighbor [chars] Explanation All IPCCs are down or removed for a neighbor. Recommended Action Create a new IPCC. Error Message %ROUTING-UCP_OLM-7-ROUTER_ID_CHANGE Optical UNI Router ID changed (from: [chars], to: [chars]) Explanation All existing OUNI connection will go down and will be reestablished using the new router ID value. Recommended Action If optical UNI connections do not come up after this change, please make sure that MPLS TE application is using the same router ID as specified in the global router ID. Please refer to the FCS Caveat list for optical UNI router ID selection. Error Message %ROUTING-UCP_OLM-7-ROUTER_ID_ZERO OUNI application does NOT have a router ID to use Explanation All existing OUNI connection will NOT come up until a Global or OUNI router ID value will be specified using CLI. Recommended Action Please specify a global router ID. If this is not desired, please specify a node-id for optical UNI using: (config#) optical-uni node-id ip_address | Interface CLI. Make sure that this value matches the router ID used by MPLS Traffic Engineering application. If optical UNI connections do not come up even after entering the router IDs change, please make sure that MPLS TE application is using the same router ID as specified in the global router ID. Please refer to the QFT3 Caveat list for optical UNI router ID selection.Routing Messages UCP_OUNI Messages EM-2408 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 UCP_OUNI Messages Error Message %ROUTING-UCP_OUNI-6-CONNECTION_DESTROYED O-UNI Connection Destroyed on [chars] Explanation A connection was destroyed. Recommended Action No action is required. Error Message %ROUTING-UCP_OUNI-6-CONNECTION_ESTABLISHED O-UNI Connection Established on [chars] Explanation A connection was established. Recommended Action No action is required. Error Message %ROUTING-UCP_OUNI-7-ERR_INTERNAL [chars] Explanation An internal system error occured. Recommended Action Please provide the show trace output, show run and show mpls optical output to the TAC. VKG_IPV4_MRIB Messages Error Message %ROUTING-VKG_IPV4_MRIB-3-INIT_ERROR Process initialization failed: ([chars]%s) Explanation MRIB (multicast routing information base) failed to initialize. MRIB is the central routing information base for multicast components. It provides coordination among all multicast routing components and forwarding. The effect is that multicast forwarding will not function. %s - indicates the reason for the failure. Recommended Action The System Manager process (sysmgr) will automatically respawn this process, up to a fixed number of times when this error is encountered, to recover. Execute ’show process mrib’ to verify that the process is up and running. If it is still non-operational, try doing ’process restart mrib’ If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.EM-2409 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Security Messages This section contains all Security related System Error Messages, such as AAA, IPSec and related protocols, and so forth. The following facility codes are represented in this module: AAA_BASE Messages Error Message %SECURITY-AAA_BASE-3-ERROR Error: ’[chars]’. [chars] Explanation Error encountered while running AAA Base Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA_BASE-4-WARNING Warning: ’[chars]’. [chars] Explanation An internal software error has occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA_BASE-7-DEBUG Debug: ’[chars]’ Explanation Informational log only Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Security Messages aaa_task Messages EM-2410 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 aaa_task Messages Error Message %SECURITY-aaa_task-3-DEBUG_ERROR [chars]: [chars] Explanation Error message from AAA task debug module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-aaa_task-3-DLLMAIN_ERROR Error encountered in dllmain for [chars]: [chars] Explanation Error message from debug module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-aaa_task-3-INVALID_AAA_TASK_DEBUG_FLAG AAA task debug flag [dec] does not exist Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-aaa_task-7-GENERIC_ERROR [chars]: [chars] Explanation Internal debugging message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Security Messages AAA Messages EM-2411 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 AAA Messages Error Message %SECURITY-AAA-3-DEBUG_ERROR [chars]: [chars] Explanation Error encountered in debug module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-DEBUG_ERROR [chars]: [chars] Explanation Encountered an error in debug module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-DES_INIT_FAIL [chars]: DES initialization failed Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-DLL_INIT_ERROR [chars]: [chars] Explanation Error encountered while initializing AAA client library DLL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-DLLMAIN_ERROR Error encountered while initializing DLL for [chars]: [chars] Explanation Error message from DLL initialization module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages AAA Messages EM-2412 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-AAA-3-ERR_SERVER_GROUP [chars] Explanation None at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-ERROR_NO_MEM Not enough memory available while [chars] Explanation Failed to allocate necessary memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-INVALID_DEBUG_FLAG The AAA debug flag [dec] does not exist Explanation The debug flag specified is not supported. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-LIB_UTIL_ERROR_NO_MEM Not enough memory available while [chars] Explanation Failed to allocate memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-3-SYSDB_BIND_ERROR sysdb_bind returned error :[chars] in function :[chars] Explanation Error while trying to bind to sysdb. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2413 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-AAA-4-WHITESPACE_TRUNCATED_IN_SERVER_KEY WARNING: The server key contained trailing whitespace and was truncated Explanation Whitespace is not allowed at the end of a server key. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-7-ERR_ECM Failed to open event connection for a [chars]: [chars] Explanation The initial connection failed, but a retry has been successfully rescheduled. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-AAA-7-ERR_SYSDB [chars] path [chars]: [chars] Explanation ’Failed to execute a SysDB operation’ Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ACCTD Messages Error Message %SECURITY-ACCTD-3-AMBIGUOUS_PASSWD Password which is a single digit is not permitted Explanation Single digit passwords are not allowed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2414 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-3-BAG_ENCODE_ERR Failed to encode [chars] bag: [chars] Explanation Failed to encode a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-BAGS_UNREG_ERR Failed to unregister [chars] bag: [chars] Explanation Failed to unregister a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-DB_CLEAR_FAILED Clearing the [chars] DB failed. DB state is unknown Explanation Error encountered when attempting to clear the DB. DB might be in any state now & so usage of hat DB might fail with unexpected results. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Also, restarting the acctd DB process might help recover. Error Message %SECURITY-ACCTD-3-DEBUG_ERROR [chars]: [chars] Explanation Error encountered in debug module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-EDM_INIT_ERR Failed to register EDM - [chars] Explanation Failed to initialize EDM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2415 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-3-ERR_INVALID_GROUP [chars]: [chars] Explanation AAA failed to recognize the specified server group name. It may be undefined. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-ERR_THREAD_FN [chars]: pthread [chars] failed: [chars] Explanation The call to pthread functions, such as pthread_create, lock/unlock a mutex or wait on a condition, failed. The error is displayed in the message. Recommended Action *SH_TECH* Error Message %SECURITY-ACCTD-3-ERR_UNSUPPORTED_GROUP Group [chars] is not valid for [chars] Explanation RADIUS does not support command authorization and command accounting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-INSUFFICIENT_BUFFER_SIZE Buffer size is insufficient to hold the required data: [chars] Explanation A buffer is required in order to fill a certain data but the buffer size was too small. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-LIST_UNDEFINED Method list [chars] is not defined Explanation Trying to configure a method list in the line configuration that is not defined in AAA Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2416 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-3-LWA_ADD_DIR_FAIL Failed to add the username [chars] to lightweight authentication password database - [chars]. (Please remove/rename the file ’/disk0:/AAA’, which is in conflict with the directory ’/disk0:/aaa/’.) Explanation A file with the same name as aaa directory detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-LWA_ADD_FAIL Failed to add the username [chars] to lightweight authentication password database: [chars] Explanation Failed to enable this user to log into ksh. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-LWA_REM_FAIL Failed to remove the username [chars] from lightweight authentication password database - [chars] Explanation Failed to remove a username from the LWA DB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-MEMORY Failed to malloc [unsigned int] bytes Explanation acctd failed to allocate the required amount of memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-MSG_ERROR [chars]: [chars] Explanation Error encountered while handling messages received by acctd. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2417 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-3-MSG_SIZE_ERR [chars]: Size ([dec]) - [chars] Explanation An internal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-PLANE_MISMATCH The username ’[chars]’ is already configured in the other plane (Admin/LR), please choose a different one Explanation The username has to be unique across the Admin and LR plane. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-RED_STATE_ERROR Error on changing redundancy state to [chars]: [chars] Explanation Error encountered during redundancy state transistion. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-ROOT_USERDB_INIT_FAIL [chars]: path [chars], error: [chars] Explanation Accounting daemon failed to create/remove the root user database on the disk0. This will affect authentication to ksh since it refers to this database. Recommended Action As a workaround an admin could create this directory in disk0 himself. This should get around the problem. Error Message %SECURITY-ACCTD-3-ROOT_USERDB_LOCK_ERR Failed lock operation ’[chars]’. Error: [chars] Explanation A lock operation on shared resource, called by acctd lwDB failed due to the mentioned error. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2418 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-3-SETPRIO_FAILED Changing priority of acctd failed: [chars] Explanation Changing acctd priority failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-SHMWIN_INIT_FAILURE Failed to initialize shared memory used for AAA configuration - [chars] Explanation Failed to initialize shared memory window Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-SHUTDOWN_ERROR [chars]: [chars] Explanation acctd process failed to shutdown properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-SIGEVENT_SEND_FAIL Failed to send sigevent to [chars] - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-3-STARTUP_ERROR [chars]: [chars] Explanation acctd process failed to startup properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2419 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-3-STBY_INIT_ERR Failed to initialize standby - [chars] Explanation Failed to initialize acctd on standby node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-4-ACCT_FAILURE Failed to send the accounting record for request id [dec] - [chars] Explanation Failed to send an accounting record to RADIUS or TACACS+ server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-4-ACCT_TIMEOUT_FAILURE Failed to handle timeout for sending an accounting record (request id [dec]) - [chars] Explanation Failed to send an accounting record to RADIUS or TACACS+ server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-4-CERR_REGISTER [chars]: [chars] Explanation acctd failed to register error codes. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-4-CHKPT_REGISTER_FAILURE Error encountered while registering the checkpoint table [chars] - [chars] Explanation Encountered a checkpoint register failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACCTD Messages EM-2420 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-4-CHKPT_RESTORE_FAILURE Error encountered while recovering from checkpoint table [chars] - [chars] Explanation Encountered a checkpoint recovery failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-4-CHKPT_SAVE_FAILURE Error encountered while saving to checkpoint table [chars] - [chars] Explanation Encountered a checkpoint save failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-4-PASSWD_ALREADY_EXISTS Warning: The password is configured too for user ’[chars]’ Explanation An internal software error has occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-4-SECRET_ALREADY_EXISTS Warning: The secret is configured too for user ’[chars]’ Explanation An internal software error has occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-7-ERR_SYSDB_FD [chars] [chars]: [chars] Explanation Error encountered while using the System Database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages ACE_GRP Messages EM-2421 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACCTD-7-ERR_TTYMGMT_FD [chars]: [chars] Explanation Error encountered while using TTY management library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-ACCTD-7-GENERIC_ERROR [chars]: [chars] Explanation Generic error message used for internal debugging. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ACE_GRP Messages Error Message %SECURITY-ACE_GRP-3-ERROR [chars]: [chars] Explanation An error occurred in ace_grp dll Recommended Action *SH_TECH* ACE_LC Messages Error Message %SECURITY-ACE_LC-0-ACE_SYSLOG_EMERG [[dec]][chars] Explanation ACE SPA SYSLOG message Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages ACE_LC Messages EM-2422 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACE_LC-1-ACE_SYSLOG_ALERT [[dec]][chars] Explanation ACE SPA SYSLOG message Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_LC-2-ACE_SYSLOG_CRIT [[dec]][chars] Explanation ACE SPA SYSLOG message Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_LC-2-ACE_SYSLOG_ERR [[dec]][chars] Explanation ACE SPA SYSLOG message Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_LC-3-ERR [chars]: [chars] Explanation ACE Driver Fatal Error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_LC-4-ACE_SYSLOG_WARNING [[dec]][chars] Explanation ACE SPA SYSLOG message Recommended Action ’If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages ACE_QAD Messages EM-2423 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-ACE_LC-4-WARNING [chars]: [chars] Explanation ACE driver warning message. Recommended Action ’If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_LC-5-ACE_SYSLOG_NOTICE [[dec]][chars] Explanation ACE SPA SYSLOG message Recommended Action ’No action is required.’ Error Message %SECURITY-ACE_LC-6-ACE_SYSLOG_INFO [[dec]][chars] Explanation ACE SPA SYSLOG message Recommended Action ’No action is required.’ Error Message %SECURITY-ACE_LC-6-INFO [chars]: [chars] Explanation ACE driver Informational message Recommended Action ’No action is required.’ ACE_QAD Messages Error Message %SECURITY-ACE_QAD-3-ERR [chars] [dec] [chars] Explanation ACE QAD Erros Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Security Messages ACE_TSB_LC Messages EM-2424 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 ACE_TSB_LC Messages Error Message %SECURITY-ACE_TSB_LC-3-ERR [chars] Explanation ACE TSB Fatal Error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_TSB_LC-6-INFO [chars]: [chars] Explanation ACE TSB Informational message Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_TSB_LC-6-WARNING [chars]: [chars] Explanation ACE TSB warning message. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-ACE_TSB_LC-7-DEBUG [chars]: [chars] Explanation ACE TSB Debug Information Recommended Action ’No action is required.’Security Messages CEPKI Messages EM-2425 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CEPKI Messages Error Message %SECURITY-CEPKI-6-ERR [chars] Explanation CEPKI general error message with one prameter. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-CEPKI-6-ERR_2 [chars] [chars] Explanation CEPKI general error message with two prameters. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-CEPKI-6-INFO [chars] Explanation CEPKI general info message with one prameter. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-CEPKI-6-WARNING [chars] Explanation CEPKI general warning message. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Security Messages COND_DEB_RP Messages EM-2426 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 COND_DEB_RP Messages Error Message %SECURITY-COND_DEB_RP-3-INSUFMEM Failed to allocate memory Explanation The requested operation could not be accomplished because of a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SECURITY-COND_DEB_RP-3-NOCONDDBG Crypto conditional debug does not work. Explanation The request to use condition for a crypto debug message could not be accomplish. Recommended Action If displaying of crypto debug messages is needed, please use regular crypto debug mechanism instead of conditional crypto debug mechanism. Error Message %SECURITY-COND_DEB_RP-3-NOIPCONDDBG Crypto conditional debug using IP address does not work. Explanation The request to use using IP address as condition for a crypto debug message could not be accomplish. Recommended Action If displaying of crypto debug messages is needed, please use regular crypto debug mechanism instead of conditional crypto debug mechanism. Error Message %SECURITY-COND_DEB_RP-6-ILLIPVAL Illegal IP-address/IP-mask was configured. Explanation Illegal IP-address and/or IP-mask were configuring as condition to crypto debug message. Recommended Action Fix the values of IP-address and/or IP-mask in the ’ìdeugb condition crypto IPv4...’ Öî command.Security Messages IKE_CLIENT Messages EM-2427 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IKE_CLIENT Messages Error Message %SECURITY-IKE_CLIENT-3-MQ_SEND_FAIL [chars]:Failed to send IPC using mq_send. reason: [chars] Explanation Failed to send IPC message to IKE process. Most likely casue the process is too busy Recommended Action ’contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact error message seen’ Error Message %SECURITY-IKE_CLIENT-4-WARNING [chars] Explanation Internal Warning. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ IKE Messages Error Message %SECURITY-IKE-2-ERR_NO_MEMORY Failed to allocate memory. Explanation A memory allocation failure has occurred from which the process cannot automatically recover. Recommended Action ’The process must be restarted to ensure correct operation. If memory is repeatedly exhausted upgrade to a larger memory configuration.’ Error Message %SECURITY-IKE-3-ACCT_MSG_TX_FAILURE Failed to send an Accounting record of type: [chars], error: [chars] Explanation An error occurred while attempting to send an accounting record to the external AAA server Recommended Action ’Check AAA connectivity, otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact error message seen’ Security Messages IKE Messages EM-2428 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-ADD_KEY_FAIL IKE detects failure adding key, name [chars], ip address [unsigned int] Explanation IKE found failure when adding key Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-AUTHENTICATION_FAILED [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Authentication method [dec] failed with peer. Explanation The IKE process was unable to authenticate its security association with its remote peer. Recommended Action ’Contact the remote peer’s administrator.’ Error Message %SECURITY-IKE-3-BAD_CERT_USE IKE detects bad certificate was used, [chars], [chars] Explanation IKE found bad certificate was used Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-BAD_DOI_NOTIFY IKE detects bad DOI notify, DOI is [dec], address is [unsigned int] Explanation IKE found bad DOI notify Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-BADMAGIC Bad [chars] magic number ([hex]). Explanation ’An internal software error.’ Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages IKE Messages EM-2429 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-CRYPTO_FAILURE [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: EN/DE-crypto services failure, [chars] during [chars]. Explanation IKE found failure returned from encryption/decryption service. Recommended Action ’Contact remote peer’s administrator.’ Error Message %SECURITY-IKE-3-ERR_2_PARAM [chars], [chars] Explanation IKE general error message with two prameters. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-ERR_EMPTY_SESSION Session node empty (no ipsec/ike SAs) DB maybe inconsisten. Peer [chars]/[dec] vrf [chars] Explanation Internal error, Session node does not include any ipsec and ike SAs, This indicates an internal data structure inconsistency. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-ERROR [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-FAILED_TO_CREATE_SKEYID [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Failed to compute SKEYSEED. Explanation Failed to generate SKEYID. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages IKE Messages EM-2430 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-GROUP_AUTHOR_FAILED [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars]. grpname equals [chars]. Explanation Group authorization failed. Recommended Action ’Check AAA connectivity’ Error Message %SECURITY-IKE-3-GROUP_CONFIG_UPLOAD_LOCAL_AAA_FAILED Failed to upload the IKE groups from the running config to the local AAA server. rc equals [dec], errpr equals [chars] Explanation An error occured while the IKE process was uploading its localy configured groups to the localy running AAA server. This means that the system is in inconsistent state. the IKE groups that are seen in the running config are not configured in the local AAA DB that can be seen using ’show aaa ikegroups’. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-IKE-3-IKEINIT [chars] Explanation An IKE initialization error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-INTF_PARAMS_FAILURE [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars] Interface: [chars]. Explanation [1] When an interface is configured with a VRF that is not configured globally, it is treated as invalid VRF. SAs should not be created on this interface. [2] When an interface state is not UP SAs should not be created on this interface. Recommended Action [1] ’Make sure to use interfaces with valid VRF’ [2] ’Make sure to use interfaces with state UP’ Security Messages IKE Messages EM-2431 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-INVALID_CERT [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: IKE detects invalid certificate - [chars]. Explanation The certificate given by remote peer has either been revoked or expired (certificate invalid) or the signature check on the certificate failed (bad signature). Recommended Action ’Contact the CA of the remote peer. Possibly bad CA certificate.’ Error Message %SECURITY-IKE-3-IP_AP_NOTIFY_INUSE_ADDRESS_FAILED Failed to notify about a used IP address to the Address Pool component. pool equals [chars], vrf equals [chars], IP equals [chars], err equals [chars] Explanation An error occurred while attempting to notify IP local Address Pool about used addresses Recommended Action ’Try to disable ipsec-chkpt and restart IKE process’ Error Message %SECURITY-IKE-3-IP_POOL_FREE_FAILURE Failed to free a local pool IP address : poolname equals [chars], ip equals [chars] Explanation An error occurred while attempting to free an IP address back to the local pool Recommended Action ’It may be possible to rectify the problem by restarting ip_ap process.’ Error Message %SECURITY-IKE-3-KEY_NOT_FOUND_IN_PROFILE [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Key not found in ISAKMP profile ’[chars]’. Explanation In Main Mode, The ID payloads are exchanged only in MM5 and MM6. Since keyring material is needed in earlier stages of the negotiation, it is looked up based on peer address. This error is seen when the selected keyring appears to not match the keyring configured under the ISAKMP profile for that peer.’ Recommended Action ’Make sure that the keyring in which the key exist is attached to the ISAKMP profile’ Error Message %SECURITY-IKE-3-LOCAL_ADDRESS_FAILURE [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars]. grpname equals [chars], username equals [chars], pool equals [chars]. Explanation Failed to allocate IP address for client. Recommended Action ’Make sure ip local pool is defined and has at least one free address (’show local pool’), also make sure that the specific pool is assigned to the proper ISAKMP profile (’show crypto isakmp profile’), otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact log message received.’ Security Messages IKE Messages EM-2432 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-MALFORMED_MESSAGE [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: IKE message failed its sanity check or is malformed. Explanation A quick sanity check is done on all received ISAKMP messages to verify that all component payload types are valid, and that the sum of their individual lengths equals the total length of the received message. This message failed the sanity check. This continous bad messages could imply denial of service attack Recommended Action ’Contact the remote peer’s administrator’ Error Message %SECURITY-IKE-3-MQ_FAIL [chars]:Failed on [chars]:[chars] Explanation An internal software error occurred. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-3-MQ_SEND_FAIL [chars]:Failed to send IPC using mq_send. reason: [chars] Explanation Failed to send IPC message to IKE process. Most likely casue the process is too busy Recommended Action ’contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact error message seen’ Error Message %SECURITY-IKE-3-NO_POLICY_FOUND [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: No cert, encryption key or pre-shared address key with peer. Explanation Failed to derive peer key through either of the following ways: pre-shared keys, RSA keys, or certiifcates. Applies only to initiator mode. Recommended Action ’Contact administrator’ Error Message %SECURITY-IKE-3-PACKET_PROCESS_FAILURE [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Failed to process the packet, probably results from internal error. Explanation This error message implies a severe error condition, likely as result of internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages IKE Messages EM-2433 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-PHASE2_PROPOSAL_NOT_CHOSEN [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Phase-II: peer proposal rejected. Explanation Phase-II parameters negotiation failed with peer. Recommended Action ’Contact the remote peer’s administrator’ Error Message %SECURITY-IKE-3-POLICY_MISMATCH [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: No offers accepted. Explanation Phase I policy parameters negotiation failed with peer. Recommended Action ’Contact the remote peer’s administrator’ Error Message %SECURITY-IKE-3-PRESHARED_KEY_NOT_FOUND [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Failed to find pre-shared key. grpname equals [chars], username equals [chars]. Explanation Failed to find pre-shared key. Recommended Action ’Contact administrator’ Error Message %SECURITY-IKE-3-PROFILE_NOT_FOUND [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars] [chars]. Explanation [1] No ISAKMP profile found matching peer identity. applicable to RESPONDER mode only. [2] No ISAKMP profile found matching interface name. applicable only to INITIATOR mode. [3] Peer identity doesn’t match the ISAKMP profile associated with the interface. applicable only to INITIATOR mode. Recommended Action [1] ’Make sure an ISAKMP profile exists for peer match-id’ [2] ’Make sure that the ISAKMP profile is attached to the proper interface’ [3] ’Make sure that the ISAKMP profile attached to the interface matches peers identity’ Error Message %SECURITY-IKE-3-QUICK_MODE_TIMER_EXPIRED [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Timer to complete phase-I has expired. Explanation We can’t wait forever before we start quick-mode and initiate phase II. Recommended Action ’The most likely reason for failing to start phase2 is that the process failed to complete phase1. In this case, it should have also logged another message which should appear immediately before this one.’ Security Messages IKE Messages EM-2434 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-RADIUS_USER_AUTHEN_FAIL [[chars] ([char]) with peer:[chars] fvrf:[chars]] AAA user ’[chars]’ authentication failed Explanation AAA user authentication faild. Recommended Action ’Make sure you use the correct username and password, otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact log message received’ Error Message %SECURITY-IKE-3-RETRANSMISSION_LIMIT [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Retransmission limit exceeded. Explanation Retransmission limit exceeded. Recommended Action ’Contact administrator’ Error Message %SECURITY-IKE-3-RSA_PUBLIC_KEY_NOT_FOUND [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars]. Explanation Failed to query RSA key. Recommended Action ’Check the subject name in the certificate.’ Error Message %SECURITY-IKE-3-SA_NOT_AUTH [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: Cannot accept Quick Mode exchange if SA is not authenticated. Explanation The IKE security association with the remote peer was not authenticated; yet the peer attempted to begin a Quick Mode exchange. This exchange must only be done with an authenticated security association. Recommended Action ’Contact remote peer’s administrator.’ Error Message %SECURITY-IKE-3-SA_NOT_OFFERED IKE detects SA not being offered [unsigned int], [chars] Explanation IKE found SA not offered Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages IKE Messages EM-2435 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-3-USER_AUTHEN_REJECTED [[chars] ([char]) failed with peer:[chars] fvrf:[chars]] Reason: [chars]. grpname equals [chars], username equals [chars]. Explanation Processing of phase 1.5 (xauth) with peer failed. Recommended Action ’Make sure the password delivered is indeed matching the client, otherwise contact Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. with the exact log message received’ Error Message %SECURITY-IKE-4-BAD_DOI_SA [[chars] ([char]) with peer:[chars] fvrf:[chars]] Invalid DOI value: [dec] in a SA offer. Explanation The DOI field in a SA offer is needed for message parsing. SA offer with unknown DOI can’t be parsed. Recommended Action ’If this situation persists contact the remote peer’s administrator’ Error Message %SECURITY-IKE-4-CERT_DOESNT_MATCH_ID [[chars] ([char]) with peer:[chars] fvrf:[chars]] Certificate doesn’t match [chars] ID:[chars], id_type:[dec] ,cert:[chars]. Explanation Peers claimed identity doesn’t match what we can glean from the certificate. Recommended Action ’Contact remote peer and/or his administrator if session doesn’t come up’ Error Message %SECURITY-IKE-4-CERT_ISNT_TRUSTED_ROOT [[chars] ([char]) with peer:[chars] fvrf:[chars]] Certificate issuer name:[chars] is not a trusted root. Explanation During IKE phase-I signature verification, the initiator will send a list of its CA certificates. This warning will be printed by the responder if none of the CAs in the list is a trusted root. Note this is not necessarily an error, as there may be multiple cert-req payloads Recommended Action ’Contact remote peer and/or his administrator if session doesn’t come up’ Error Message %SECURITY-IKE-4-INCOMING_PKT_TOO_BIG ISAKMP packet from [chars] is larger ([dec]) than the maximum size permitted. Explanation The packet size is limited to 32K, in case that peer sends out long length info forcing large buffer allocation (DOS). Recommended Action ’Contact the remote peer and/or his administrator’ Security Messages IKE Messages EM-2436 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-4-IPV4_ROUTES_TOO_MANY [[chars] ([char]) with peer:[chars] fvrf:[chars]] Too many IPV4 routes from spoke, got [dec], max routes supported [dec] Explanation Spoke sent too many IPV4 routes during negotiation. Recommended Action ’configure spoke with less routes’ Error Message %SECURITY-IKE-4-MESSAGE_NOT_PROCESSED Message is not processed, ike is disabled. Explanation Trying to initiate a tunnel while ike is disabled. The request message for establishing the tunnel is not processed and dropped. Recommended Action ’Enable ike by configuring crypto isakmp command’ Error Message %SECURITY-IKE-4-NO_SA No SA found for peer (src:[chars] fvrf:[chars]) and it is not an initial offer. Explanation No security association exists for this packet and it is not an initial offer from the peer to establish one. These errors could imply denial of service attack. Recommended Action ’Contact the remote peer and/or his administrator’ Error Message %SECURITY-IKE-4-OUTGOING_PKT_TOO_BIG ISAKMP packet is too long. Size:[dec] bytes, max allowed:[dec] bytes. Explanation Trying to send an ISAKMP packet that is above the maximum UDP packet size allowed. That can happen if an inordinately large number of IKE policies were being proposed by the initiator. Recommended Action ’Try to reduce the number of ISAKMP policies configured’ Error Message %SECURITY-IKE-4-PACKET_NOT_ENCRYPTED [[chars] ([char]) with peer:[chars] fvrf:[chars]] IKE Packet wasn’t encrypted and it should have been. Explanation Received packet should have been encrypted by peer but wasn’t. Recommended Action ’Contact remote peer’s administrator’ Security Messages IKE Messages EM-2437 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-4-PACKET_OVERFLOW ISAKMP message from [chars] (fvrf [chars]) larger ([dec]) than the UDP packet length ([dec]) Explanation ISAKMP data is a payload of UDP packet, as such its length should be less than the UDP length. Each ISAKMP message has its own message length field. The message length field of this message was greater than the length of the UDP packet. Recommended Action ’This situation could denote a denial of service attack or corrupted message’ Error Message %SECURITY-IKE-4-UNKNOWN_EXCHANGE_TYPE [[chars] ([char]) with peer:[chars] fvrf:[chars]] Received message with unknown exchange [dec]. Explanation IKE performs actions on messages based on defined exchanges. A message received with an unknown exchange. Recommended Action ’If the problem appears to be more than a transient one, contact the peer’s administrator.’ Error Message %SECURITY-IKE-4-UNRELIABLE_INFO_MSG [[chars] ([char]) with peer:[chars] fvrf:[chars]] Received INFO message before peer has been authenticated. Explanation Received INFO message before peer has been authenticated that is why it is called unreliable. Recommended Action ’Contact the remote peer’s administrator’ Error Message %SECURITY-IKE-4-WARNING [chars] Explanation Internal Warning. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKE-4-WARNING2 [chars], [chars] Explanation Internal Warning. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages IKE Messages EM-2438 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IKE-6-CAC_DROPS [chars] Explanation Call admission control policy is configured on the device. Consequently an IKE SA request was denied due to the reason described in the error message. Recommended Action ’Depending on the reason that the request was denied, either reduce the load on the system so that it can handle new IKE SA requests, or increase the maximum allowed IKE sessions if more are needed’ Error Message %SECURITY-IKE-6-CRYPTO_TUNNEL_STATUS Crypto tunnel is [chars]. Peer [chars]:[dec] [chars] [chars] [chars] [chars] [chars] [chars] [chars] [chars] Explanation Report tunnel status. Recommended Action None. Error Message %SECURITY-IKE-6-DEFAULT_POLICY_ACCEPTED [[chars] ([char]) with peer:[chars] fvrf:[chars]] IKE default policy was matched and is being used. Explanation The default policy is being used because the local configured policies did not match with the peer’s policies. Recommended Action ’Check if this is indeed the desired ISAKMP policy to use. To avoid using the default policy, reconfigure the local policy to match with peer’s policy’ Error Message %SECURITY-IKE-6-IPSEC_REJECTED [[chars] ([char]) with peer:[chars] fvrf:[chars]] ISAKMP SA is to be deleted, reject phase-2 request on top of it. Explanation Due to major configuration change or manual delete, this session is to be deleted. No new IPSec SAs can be established now on the session. Recommended Action ’Wait until the session is completely removed and then try to establish a new one.’ Error Message %SECURITY-IKE-6-MODE_FAILURE Processing of [chars] mode failed with peer at [chars] Explanation Negotiation with the remote peer failed. Recommended Action ’If this situation persists contact the remote peer’Security Messages IKEv2 Messages EM-2439 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IKEv2 Messages Error Message %SECURITY-IKEv2-3-ERROR [chars] [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKEv2-4-WARNING [chars] Explanation Internal Warning. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IKEv2-4-WARNING2 [chars], [chars] Explanation Internal Warning. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ IMP Messages Error Message %SECURITY-IMP-3-CONFIG_ERR [chars] Explanation Crypto Configuration (SAs/ACLs) failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages IMP Messages EM-2440 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IMP-3-FATAL_ERR [chars] Explanation An internal software fatal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-IMP-3-MQ_FAIL [chars]:Failed on [chars]:[chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-IMP-3-SVI_TUNNEL_TYPE_ERR [chars] Explanation SVI has already tunnel with type different from the one that is trying to be established. Single sa tunnel can’t be on the same svi as regular tunnel. first tunnel type determines the SVI type Recommended Action verify all client are from same type Error Message %SECURITY-IMP-4-MSG_WARN [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-IMP-6-PROC_READY Process [chars] is ready Explanation Notification that the process is done its initialization phase and ready to process events. Recommended Action NoneSecurity Messages IPP Messages EM-2441 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IPP Messages Error Message %SECURITY-IPP-3-ERR_GENERAL [chars] [chars] Explanation Error description, error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IPP-3-ERR_MALLOC Cannot allocate memory in function [chars]() Explanation Internal error. System is out of memory - malloc failed. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IPP-6-INFO_GENERAL [chars] Explanation The IPSec IPP encountered some problem in genric nature or plain information. Recommended Action ’No action is required.’ IPSEC Messages Error Message %SECURITY-IPSEC-3-ERR [chars] Explanation IPSec Base component Fatal Error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages KEYCHAIN Messages EM-2442 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-IPSEC-4-WARNING [chars] Explanation IPSec Base component warning message. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-IPSEC-6-INFO [chars] Explanation IPSec Base component Informational message Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ KEYCHAIN Messages Error Message %SECURITY-KEYCHAIN-3-FATAL_ERR [chars] Explanation An internal software fatal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-KEYCHAIN-4-MSG_WARN Receive invalid message type [dec] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Security Messages LOCALD Messages EM-2443 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 LOCALD Messages Error Message %SECURITY-LOCALD-3-AMBIGUOUS_PASSWD Password which is a single digit is not permitted Explanation Single digit passwords are not allowed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-BAG_ENCODE_ERR Failed to encode [chars] bag: [chars] Explanation Failed to encode a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-BAGS_UNREG_ERR Failed to unregister [chars] bag: [chars] Explanation Failed to unregister a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-DB_CLEAR_FAILED Clearing the [chars] DB failed. DB state is unknown Explanation Error encountered when attempting to clear the DB. DB might be in any state now & so usage of hat DB might fail with unexpected results. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Also, restarting the local DB process might help recover. Security Messages LOCALD Messages EM-2444 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-3-DEBUG_ERROR [chars]: [chars] Explanation Error encountered in debug module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-EDM_INIT_ERR Failed to register EDM - [chars] Explanation Failed to initialize EDM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-ERR_FILE_OPEN Opening the File [chars] failed Explanation Error encountered while opening the file Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-ERR_FILE_WRITE Writing to the File [chars] failed Explanation Error encountered while writing to the file . Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-ERR_INVALID_GROUP [chars]: [chars] Explanation AAA failed to recognize the specified server group name. It may be undefined. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages LOCALD Messages EM-2445 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-3-ERR_THREAD_FN [chars]: pthread [chars] failed: [chars] Explanation The call to pthread functions, such as pthread_create, lock/unlock a mutex or wait on a condition, failed. The error is displayed in the message. Recommended Action *SH_TECH* Error Message %SECURITY-LOCALD-3-ERR_UNSUPPORTED_GROUP Group [chars] is not valid for [chars] Explanation RADIUS does not support command authorization and command accounting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-INSUFFICIENT_BUFFER_SIZE Buffer size is insufficient to hold the required data: [chars] Explanation A buffer is required in order to fill a certain data but the buffer size was too small. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-LIST_UNDEFINED Method list [chars] is not defined Explanation Trying to configure a method list in the line configuration that is not defined in AAA Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-LWA_ADD_DIR_FAIL Failed to add the username [chars] to lightweight authentication password database - [chars]. (Please remove/rename the file ’/disk0:/AAA’, which is in conflict with the directory ’/disk0:/aaa/’.) Explanation A file with the same name as aaa directory detected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages LOCALD Messages EM-2446 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-3-LWA_ADD_FAIL Failed to add the username [chars] to lightweight authentication password database: [chars] Explanation Failed to enable this user to log into ksh. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-LWA_REM_FAIL Failed to remove the username [chars] from lightweight authentication password database - [chars] Explanation Failed to remove a username from the LWA DB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-MEMORY Failed to malloc [unsigned int] bytes Explanation locald failed to allocate the required amount of memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-MSG_ERROR [chars]: [chars] Explanation Error encountered while handling messages received by locald. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-MSG_SIZE_ERR [chars]: Size ([dec]) - [chars] Explanation An internal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages LOCALD Messages EM-2447 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-3-PLANE_MISMATCH The username ’[chars]’ is already configured in the other plane (Admin/LR), please choose a different one Explanation The username has to be unique across the Admin and LR plane. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-RED_STATE_ERROR Error on changing redundancy state to [chars]: [chars] Explanation Error encountered during redundancy state transistion. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-ROOT_USERDB_INIT_FAIL [chars]: path [chars], error: [chars] Explanation Locald failed to create/remove the root user database on the disk0. This will affect authentication to ksh since it refers to this database. Recommended Action As a workaround an admin could create this directory in disk0 himself. This should get around the problem. Error Message %SECURITY-LOCALD-3-ROOT_USERDB_LOCK_ERR Failed lock operation ’[chars]’. Error: [chars] Explanation A lock operation on shared resource, called by locald lwDB failed due to the mentioned error. Recommended Action Collect the output of show logging and inform Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-SETPRIO_FAILED Changing priority of locald failed: [chars] Explanation Changing locald priority failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages LOCALD Messages EM-2448 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-3-SHMWIN_INIT_FAILURE Failed to initialize shared memory used for AAA configuration - [chars] Explanation Failed to initialize shared memory window Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-SHUTDOWN_ERROR [chars]: [chars] Explanation locald process failed to shutdown properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-SIGEVENT_SEND_FAIL Failed to send sigevent to [chars] - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-STARTUP_ERROR [chars]: [chars] Explanation locald process failed to startup properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-3-STBY_INIT_ERR Failed to initialize standby - [chars] Explanation Failed to initialize locald on standby node. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages LOCALD Messages EM-2449 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-4-ACCT_FAILURE Failed to send the accounting record for request id [dec] - [chars] Explanation Failed to send an accounting record to RADIUS or TACACS+ server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-4-ACCT_TIMEOUT_FAILURE Failed to handle timeout for sending an accounting record (request id [dec]) - [chars] Explanation Failed to send an accounting record to RADIUS or TACACS+ server Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-4-CERR_REGISTER [chars]: [chars] Explanation locald failed to register error codes. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-4-CHKPT_REGISTER_FAILURE Error encountered while registering the checkpoint table [chars] - [chars] Explanation Encountered a checkpoint register failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-4-CHKPT_RESTORE_FAILURE Error encountered while recovering from checkpoint table [chars] - [chars] Explanation Encountered a checkpoint recovery failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages LOCALD Messages EM-2450 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-4-CHKPT_SAVE_FAILURE Error encountered while saving to checkpoint table [chars] - [chars] Explanation Encountered a checkpoint save failure Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-4-PASSWD_ALREADY_EXISTS Warning: The password is configured too for user ’[chars]’ Explanation An internal software error has occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-4-SECRET_ALREADY_EXISTS Warning: The secret is configured too for user ’[chars]’ Explanation An internal software error has occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-7-ERR_SYSDB_FD [chars] [chars]: [chars] Explanation Error encountered while using the System Database. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-LOCALD-7-ERR_TTYMGMT_FD [chars]: [chars] Explanation Error encountered while using TTY management library. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages login Messages EM-2451 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-LOCALD-7-GENERIC_ERROR [chars]: [chars] Explanation Generic error message used for internal debugging. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. login Messages Error Message %SECURITY-login-2-AUTHEN_FAILED Failed authentication attempt by user ’[chars]’ from ’[chars]’ on ’[chars]’ Explanation Error message from debug module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-login-2-AUTHEN_SUCCESS Successfully authenticated user ’[chars]’ from ’[chars]’ on ’[chars]’ Explanation Info message from debug module Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-login-3-DEBUG_ERROR Failed to [chars] debug module: [chars] Explanation Failed to initialize or shutdown the debug module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages MPP Messages EM-2452 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-login-3-DLLMAIN_ERROR Error encountered while initializing the DLL, path [chars]: [chars] Explanation Error message from debug initialization module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-login-3-INVALID_LOGIN_DEBUG_FLAG The login debug flag [dec] does not exist Explanation The debug flag specified is not supported. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-login-3-NO_MEMORY Not enough memory was available while [chars] Explanation Failed to allocate necessary memory. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. MPP Messages Error Message %SECURITY-MPP-3-FATAL_ERR [chars] Explanation An internal software fatal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages PKI Messages EM-2453 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-MPP-4-MSG_WARN [chars]: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-MPP-6-MSG_INFO [chars]: [chars] Explanation Updated Management Plane configuration. Recommended Action ’No action is required.’ PKI Messages Error Message %SECURITY-PKI-6-ERR_1_PARAM [chars] Explanation CEPKI general error message with one prameter. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-PKI-6-ERR_2_PARAM [chars] [chars] Explanation CEPKI general error message with two prameters. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-PKI-6-LOG_INFO [chars] Explanation CEPKI general error message with one prameter. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Security Messages RADIUSD Messages EM-2454 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RADIUSD Messages Error Message %SECURITY-RADIUSD-3-ACCT_NOTIFY_FAIL Failed to notify the completion of accounting to sender - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-ADD_SYS_IP_ADDR_ATTR_ERR Adding NAS IP address failed, omitted: [chars] Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-ADD_VSA_FAIL Failed to add VSA av-pair [dec] with [chars] - [chars] Explanation Failure encountered while adding a VSA. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-BAD_AVPAIR Bad AAA avpair [dec] with length [dec] detected Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2455 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-BAD_MSG_TYPE Unsupported message type [dec] encountered while [chars] Explanation Found an unsupported AAA message type in avlist. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-BAD_VSA_FORMAT_BIT Format bit is not set for VSA [chars] Explanation Format bit is not set for VSA %s according to table bitmap. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-BAD_VSA_LENGTH Inconsistent [chars] VSA length [dec] was encountered Explanation VSA format error found in radiusd while translating. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-BAD_VSA_TYPE Bad [chars] VSA type [dec] with vendor_id [dec] encountered, possibily out of range Explanation VSA format error found in radiusd while translating. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-BAD_VSA_VENDOR Vendor specified for VSA [chars] is not recognized Explanation Vendor specified for the VSA is not recognized according to table bitmap. An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2456 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-BAG_ENCODE_ERR Failed to encode [chars] bag: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-BAGS_UNREG_ERR Failed to unregister bag [chars]: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-CONFIG_ERR Encountered configuration error while [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-DEBUG_ERROR [chars]: [chars] Explanation Error encountered in debug module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-EDM_INIT_ERR Failed to register EDM - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2457 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-ERR_CREATE_SERVER_ENTRY Failed to create a server entry: [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-ERR_CREATESG Unable to apply server group ’[chars]’ configuration: [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-ERR_SET_SERVER_ENTRY Error while setting or unsetting a parameter in server entry: [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-ERR_SYSDBBIND Failed to bind to SysDB at [chars]: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-ERR_TTY_IFH_PRESENT Both ttyname ([chars]) and ifh ([hex]) are present in the message Explanation In the AV pair message recieved from the radiusd clients should have either ttyname or interface handle, not both. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2458 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-EVENT_ASYNC_ATTACH_FAIL_ERR Failed to attach handler for async events: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-IP_ADDR_TOO_LONG_ERR IP address [chars] is too long ([dec]) Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-LOCKING Failed to obtain or release [chars] lock (error: [chars]) Explanation radiusd has either failed to obtain or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-MEMORY Failed to malloc [unsigned int] bytes Explanation radiusd has failed to allocate the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-MSG_ERROR [chars]: [chars] Explanation Error encountered while handling messages received by tacacsd. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2459 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-MSG_SIZE_ERR [chars]: size [dec] - [chars] Explanation An internal error occurred Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-NOT_VSA The specified attribute [dec] is a non-VSA radius attribute Explanation Encountered a non VSA attribute. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-PARAMETER [chars] Explanation RADIUS was passed an invalid parameter. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-RIB_BIND_ERR Binding to RIB failed: [chars] Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-RIB_LOCAL_ADDRESS_ERR NAS IP not found; address omitted: [chars] Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2460 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-SERVER_MUTEX_INIT_FAILED Failed to initialize mutex in radiusd Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-SETPRIO_FAILED Changing priority failed [dec] Explanation Attempt to change priority failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-SHUTDOWN_ERROR [chars]: [chars] Explanation TACACS+ process failed to shutdown properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-STARTUP_ERROR [chars]: [chars] Explanation TACACS+ process failed to startup properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR1 daemon VSA [dec] does not match type string in [chars]. Explanation VSA format error in daemon user config. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2461 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR2 Parsing error on daemon VSA ’[chars]’ (no protocol or type field) Explanation VSA format error in daemon user configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR3 Parsing error on daemon VSA ’[chars]’ (no value field or invalid length) Explanation VSA format error in daemon user configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR4 Parsing error on daemon VSA ’[chars]’, order number [dec] (not 0-254) is not supported Explanation VSA format error in daemon user configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-VSA_FORMAT_ERR5 Parsing error on daemon VSA ’[chars]’ (invalid type field) Explanation VSA format error in daemon user configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-VSA_NOTFOUND VSA [dec] ([chars]) not found in daemon-to-nas tables after string comparing Explanation VSA not found in the deamon to NAS mapping table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2462 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-3-VSA_TABLE_ERROR Table [chars] entry [dec] has inconsistent ignore flag and standard attribute type Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-3-ZERO_TIMER_REPEATEDLY_EXPIRING_ERROR [chars]: [dec] [dec] Explanation The deadtimer expiry event repeatedly occured with a deadtime value of zero. This could lead to cpu hogging by radiusd process. Recommended Action Restarting radiusd process should get around the problem. Error Message %SECURITY-RADIUSD-4-CERR_REGISTER [chars]: [chars] Explanation radiusd failed to register error codes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-4-IFHANDLE_NULL WARNING: Cannot obtain handle for the interface [chars]: [chars] Explanation Error encountered while obtaining handle for the interface specified as the source interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-4-IP_ADDRESS_NOT_FOUND WARNING: No IP address configured for [chars], using default address instead: [chars] Explanation There is no IP address configured for the specified interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2463 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-4-NO_IP_ADDRESS WARNING: No IP address has been configured for [chars] Explanation There is no IP address configured for the specified interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-4-NOSUCH_INTF WARNING: Specified source interface [chars] is not present: [chars] Explanation The interface specified as source interface is not present. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-4-RADIUS_NOSERV Warning: Server [chars]/[dec]/[dec] is not defined Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-4-SRCINTF_NOTUP WARNING: Specified source interface [chars] is not UP Explanation The interface specified as source interface is not UP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-BAD_ATTR_LENGTH Encountered bad attribute length [dec] (attr [dec]) while [chars], ignored Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2464 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-6-BAD_ATTR_TYPE Encountered bad attribute type [dec] while [chars], ignored Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-ERR_ACCT_ID Cannot convert accounting task id to accounting session id: [chars] Explanation Accounting task id is probably larger than 2^24 - 1 Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-ERR_BAD_REPLY_ATTR reply attr size equals [dec] not equal to sum of parts equals [dec] Explanation The length of the reply attribute does not equal its parts. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-ERR_BAD_SESSID_ATTR Using incorrect AAA attribute for RAD_ACCT_SESSID_ATTR [chars] Explanation Check consistancy between radius_table and nas_to_daemon_av_table Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-ERR_LEAFTIMER Cannot allocate leaf timer - [chars] Explanation None at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2465 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-6-ERR_SOCKET_BIND_FAIL Error in binding socket: [chars] Explanation None at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-ERR_SOCKETFAIL Error in opening socket: [chars] Explanation None at this time Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-EVENT_CONN_DESTROY_FAILED Event connection destroy failed while [chars]: [chars] Explanation An internal software error occured Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-EVENT_CONN_INIT_FAILED Failed to initialize event connection for [chars] (error: [chars]) Explanation An internal software error occured Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-GOT_CISCO_VSA Encountered a Cisco VSA while processing non Cisco VSAs Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages RADIUSD Messages EM-2466 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-6-INTRFC_STATE_QUERY_FAILED Cannot query state of interface [chars] (source interface not applied): [chars] Explanation An internal software error occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-INVALID_AUTHOR_TYPE Invalid authorization type [dec] encountered while [chars] Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-INVALID_VSA Found invalid VSA attr [dec] while [chars], ignored Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-LEN_TOO_LONG Length of attribute [chars] exceeds limit [chars] Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-6-SNPRINTF_FAIL snprintf failed while [chars]: [chars] Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages SAM Messages EM-2467 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-RADIUSD-6-UNSUPPORTED_VENDOR Found unsupported vendor id [dec] while [chars], ignored Explanation An internal software error has occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-RADIUSD-7-GENERIC_ERROR [chars]: [chars] Explanation Generic error message used for internal debugging. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SAM Messages Error Message %SECURITY-SAM-3-ERR_COPY_CRL Error copying CRL from [chars] to [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_DEL_CA_CERT Failed to delete CA certificate from SysDB [chars] during merge oper Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SAM Messages EM-2468 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SAM-3-ERR_FILE_MD5 Failed in MD5 operation for file: [chars], [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_INVALID_DEVICE Invalid device name ’[chars]’ Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_NO_DIGESTINDEX_VALUE Installed file, [chars], does not have SAM index entry Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_NO_MEMORY Out of memory Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_OPEN_FILE Failed opening file: [chars], [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SAM Messages EM-2469 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SAM-3-ERR_REG_MSGNO Could not register SAM_MSGNO message handler for message id [dec]: [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_RESTORE_LOG_ENCODE Failed to encode bag for log entry [dec] during restore, [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_SYSDB_GET Failed to get item [chars] in SysDB: [hex], [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_SYSDB_SET Failed to set item [chars] in SysDB: [hex], [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-ERR_WR_FILE Failed writing file : [chars], [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SAM Messages EM-2470 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SAM-3-WARN_NVRAM NVRAM is not available, nvram process might have been down. Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-3-WARN_SPM SPM is not available, [chars]. Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-4-CAUGHT_SIGNAL server terminating.. Explanation SAM server caught a signal, and terminated Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-4-NO_BK_LOG SAM log backup file is not present, will try to recover the backup log from SysDB Explanation For some reason, the backup file of SAM log has disappeared. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SAM Messages EM-2471 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SAM-4-SYSDB_INTEGRITY Cannot guarantee the integrity of SAM SysDB name space, SAM internal tables had been discarded, and will try to recover from backup files. Explanation Found digest mistmatch for SAM’s SysDB name space, the SAM portion of SysDB had been deleted. If SAM backup files exists, this should not impact SAM’s functionality; otherwise, CA root certificate and CRL will be lost Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-4-WARN_CA_CERT_EXPIRED SAM detects the CA certificate had expired, but accepted by user Explanation SAM found the expired CA certificate in table had been accepted by user. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-4-WARN_CSS_CERT_EXPIRED SAM detects the PIE certificate had expired, but accepted by user Explanation SAM found the expired CSS certificate in table had been accepted by user. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-ERR_1_PARAM [chars] Explanation SAM general error message with one prameter. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SAM Messages EM-2472 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SAM-6-ERR_2_PARAM [chars], [chars] Explanation SAM general error message with two prameters. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-WARN_CHANGE_NOT_PERSISTENT SAM found no ENA device with sufficient space to backup the modified SAM table, the change will not be persistent until a successful ENA installation on a flash device. Explanation SAM found there is nowhere to backup the modified SAM table. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-WARN_DIGEST_FILE_MISSING Secure digest file is not found, cannot guarantee the integrity of memory installed files. Explanation SAM found digest file in NVRAM is missing, discard the memory packages. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-WARN_DIGEST_FILE_REINIT Secure digest file not present, SAM will re-init the secure digest file Explanation SAM found digest file missing from NVRAM, re-init the file. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-WARN_INIT_LOG_BACKUP_FILE SAM failed to initialize log backup file Explanation SAM failed to initalize log backup file in NVRAM, log entry not backed up Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SANOS Messages EM-2473 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SAM-6-WARN_MEM_DIGEST SAM will remove backup files for memory digest tables and users MUST re-install the memory packages. Explanation SAM found MEM digest compare not successful, discard the memory packages. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-WARNING [chars] Explanation SAM general warning message. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-WARNING_INSECURE_FLASH_FILE [chars] is detected insecure, backup not restored Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SAM-6-WARNING_UNMATCH_DIGEST [chars] has been changed since last installed. Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ SANOS Messages Error Message %SECURITY-SANOS-0-FW_ADMIN_EMERG [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Security Messages SANOS Messages EM-2474 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SANOS-0-FW_APP_EMERG [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-0-FW_KERNEL_EMERG [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-1-FW_ADMIN_ALERT [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-1-FW_APP_ALERT [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-1-FW_KERNEL_ALERT [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-2-FW_ADMIN_CRIT [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Security Messages SANOS Messages EM-2475 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SANOS-2-FW_APP_CRIT [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-2-FW_KERNEL_CRIT [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-3-BOOT_LOAD_ERR [chars]: [chars] Explanation Details an error occurring in the boot sequence. Recommended Action No action needs to be taken- this will be dealt with by the external image helper Error Message %SECURITY-SANOS-3-CLOCK_UPDATE_FAIL Failed to update the SanOS and X-Scale clocks Explanation An Error occurred when trying to send clock update to SanOS. SanOS and X-Scale clocks will not be updated automatically. The main effect is on the time displayed in debug messages and in the SanOS/X-Scale syslog messages. Recommended Action Reload the router. Error Message %SECURITY-SANOS-3-EVENT Event handler function [chars] failed: [chars] Explanation A failure occurred when trying to use event handling. Recommended Action There is something wrong with the event handling infra. This probably signifies something more serious, like the kernel failure. Error Message %SECURITY-SANOS-3-FW_ADMIN_ERR [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Security Messages SANOS Messages EM-2476 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SANOS-3-FW_APP_ERR [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-3-FW_KERNEL_ERR [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-3-INIT SanOS Driver initialisation failed: [chars]: [chars] Explanation A failure occurred during the process startup of the SanOS Driver. This is most likely caused by a failure of some piece of infrastructure used by the SanOS Driver. The error message may give an indication of the root cause of the failure. Recommended Action The process will be restarted by the System Manager - no further action is necessary. If the problem occurs repeatedly, copy the error message and gather the other necessary information, and call your Cisco technical support representative. Error Message %SECURITY-SANOS-4-ATTACH_INIT Error in initiating attach session: [chars] Explanation A failure occurred when initiating an attach session Recommended Action -- Error Message %SECURITY-SANOS-4-BOOT_IMAGE_ERR [chars] Explanation Details an error occurring in the image. Recommended Action NIL- the system will deal with the error. Error Message %SECURITY-SANOS-4-CONNECT [chars] Explanation A failure occurred when trying to use the connection infra. Recommended Action There is something wrong with connection infra. Debug info should be collected. Security Messages SANOS Messages EM-2477 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SANOS-4-FW_ADMIN_WARNING [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-4-FW_APP_WARNING [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-4-FW_KERNEL_WARNING [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-4-IPCP IPCP function [chars] failed, returning: [chars] Explanation A failure occurred when trying to use IPCP. Recommended Action This is only a warning. If this message occurs repeatedly, IPCP is broken. In this case, communication between the IOX core and the SanOS core may be down. A restart may be required. Error Message %SECURITY-SANOS-4-IPCP_INVALID_ATTACH_MSG Attach module Received an invalid message from IPCP: [chars] Explanation Details an error occurring in message passing Recommended Action If this message persists in occurring, there has been a bug in the X-blade core 1 or IPCP. However, it will not affect the running of the SanOS driver Thus no action is required. Error Message %SECURITY-SANOS-4-IPCP_INVALID_SYSLOG_MSG Syslog module received an invalid message from IPCP: [chars] Explanation Details an error occurring in message passing Recommended Action If this message persists in occurring, there has been a bug in the X-blade core 1 or IPCP. However, it will not affect the running of the SanOS driver Thus no action is required. Security Messages SANOS Messages EM-2478 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SANOS-5-FW_ADMIN_NOTICE [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-5-FW_APP_NOTICE [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-5-FW_KERNEL_NOTICE [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-6-BOOT_IMAGE_STATUS [chars] Explanation Details information about the image status. Recommended Action No action needs to be taken. Error Message %SECURITY-SANOS-6-BOOT_LOAD_STATUS [chars] Explanation Details information about the boot. Recommended Action No action needs to be taken. Error Message %SECURITY-SANOS-6-FW_ADMIN_INFO [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Security Messages sIMP Messages EM-2479 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SANOS-6-FW_APP_INFO [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-6-FW_KERNEL_INFO [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-7-FW_ADMIN_DEBUG [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-7-FW_APP_DEBUG [chars]: [dec] Explanation See Manual Recommended Action See Manual required_info: See Manual. Error Message %SECURITY-SANOS-7-FW_KERNEL_DEBUG [chars] Explanation See Manual Recommended Action See Manual required_info: See Manual. sIMP Messages Error Message %SECURITY-sIMP-3-FATAL_ERR [chars] Explanation An internal software fatal error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages SPM Messages EM-2480 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-sIMP-4-ITI_WARN [chars] [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-sIMP-4-MSG_WARN [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SPM Messages Error Message %SECURITY-SPM-3-ERR_CHAN_CONNECT Message chan connect ([chars]) failed Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_ENTRY_FIND Unable to find a delete entry for : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_INVALID_EVENT SPM server received invalid event : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SPM Messages EM-2481 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SPM-3-ERR_MALLOC Cannot allocate memory in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_MSG_GEN [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_OPEN_SECURE Error in opening secure file : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_PTHREAD_CREATE pthread create error : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_PTHREAD_INIT pthread attr init error : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SPM Messages EM-2482 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SPM-3-ERR_PTHREAD_SET pthread set detach state error : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_PULSE_CODE Unknown pulse code ([dec]) received Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_REG_HANDLER Could not register async handlers : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_REG_MSG Could not register SPM_MSGNO message handler for message id - [dec] : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SPM-3-ERR_REPLY_FAIL Could not reply to client message : [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SSHD Messages EM-2483 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SPM-3-ERR_TOKEN_MISMATCH Delete file [chars] token mismatch Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ SSHD Messages Error Message %SECURITY-SSHD-3-ERR_DETAILS [chars] [chars] [chars] Explanation Error description, client address, error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SSHD-3-ERR_ERRNO [chars] [chars] Explanation Error description, error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SSHD-3-ERR_GENERAL [chars] Explanation SSH encounterd some error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SSHD-3-ERR_MALLOC Cannot allocate memory in function [chars]() Explanation Internal error. System is out of memory - malloc failed. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages SSHD Messages EM-2484 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SSHD-3-ERR_SYSDB_BIND Cannot bind to sysdb in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SSHD-3-ERR_SYSDB_DATALIST Cannot get datalist in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SSHD-3-ERR_SYSDB_DELETE sysdb_item_delete failed for tuple [chars] in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SSHD-3-ERR_SYSDB_PACK Cannot pack tuple in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SECURITY-SSHD-3-ERR_SYSDB_SET sysdb_item_set failed for tuple [chars] in function [chars]() Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Security Messages TACACSD Messages EM-2485 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-SSHD-6-INFO_GENERAL [chars] Explanation The sshd encountered some problem in genric nature or plain information. Recommended Action ’No action is required.’ TACACSD Messages Error Message %SECURITY-TACACSD-2-SERVER_UP TACACS+ server [chars]/[dec] is UP Explanation TACACS+ server is reachable or up. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-BAG_ENCODE_ERR Failed to encode bag information for ’[chars]’ - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-BAGS_UNREG_ERR Failed to unregister bags - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-DEBUG_ERROR [chars]: [chars] Explanation Error encountered in debug module. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages TACACSD Messages EM-2486 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-TACACSD-3-EDM_INIT_ERR Failed to register EDM - [chars] Explanation Failed to start the EDM. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_ATTACH_SOCK Unable to attach an event handler for socket [dec] - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_CONFIG_GLOBAL Error while setting or unsetting TACACS+ [chars] configuration - [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_CONFIG_SERVER Error while setting or unsetting [chars] in a server entry - [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_CREATE_SERVER_ENTRY Cannot create a TACACS+ server entry - [chars] Explanation Error occured while creating TACACS+ server entry. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages TACACSD Messages EM-2487 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-TACACSD-3-ERR_CREATE_SGSERVER Unable to add the server ’[chars]’ to group ’[chars]’ - [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_CREATESG Unable to create the server group ’[chars]’ - [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_DELETE_SGSERVER Unable to delete the server ’[chars]’ from group ’[chars]’ - [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_DELETESG Unable to delete the server group ’[chars]’ - [chars] Explanation A configuration error has occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-ERR_SYSDBBIND Failed to bind to SysDB for path [chars] after [dec] retries Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages TACACSD Messages EM-2488 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-TACACSD-3-MEMORY Failed to allocate [unsigned int] bytes while [chars] Explanation tacacsd has failed to allocate the required amount of memory Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-MSG_ERROR [chars]: [chars] Explanation Error encountered while handling messages received by tacacsd. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-MSG_SIZE_ERR [chars]: size [dec] - [chars] Explanation A message with illegal size was received or to be sent. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-PARAMETER [chars] Explanation An invalid argument was passed to either the tacacsd or one of its funtions. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-PROBE_THREAD_CREATE_FAILED Unable to create thread to probe status of TACACS+ server [chars]/[dec] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages TACACSD Messages EM-2489 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-TACACSD-3-SETPRIO_FAILED Failed to change server priority - [chars] Explanation Attempt to change priority failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-SHUTDOWN_ERROR [chars]: [chars] Explanation TACACS+ process failed to shutdown properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-3-STARTUP_ERROR [chars]: [chars] Explanation TACACS+ process failed to startup properly. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-4-CERR_REGISTER [chars]: [chars] Explanation tacacsd failed to register error codes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-4-IFHANDLE_NULL WARNING: Cannot obtain handle for the interface [chars]: [chars] Explanation Error encountered while obtaining handle for the interface specified as the source interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages TACACSD Messages EM-2490 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-TACACSD-4-NO_IP_ADDRESS WARNING: No IP address has been configured for [chars] Explanation There is no IP address configured for the specified interface. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-4-NOSUCH_INTF WARNING: Specified source interface [chars] is not present: [chars] Explanation The interface specified as source interface is not present. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-4-SRCINTF_NOTUP WARNING: Specified source interface [chars] is not UP Explanation The interface specified as source interface is not UP. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-4-TACACS_NOSERV Warning: Server [chars] is not configured Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-6-NO_CMD No valid command provided for [chars] Explanation An internal software error occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages TACACSD Messages EM-2491 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-TACACSD-6-NULL_REQ Encountered a NULL request pointer while [chars] Explanation An internal software error occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-6-SERVER_DOWN TACACS+ server [chars]/[dec] is DOWN - Socket [dec]: [chars] Explanation TACACS+ server is unreachable or down. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-6-TIMEOUT_IGNORED A time out event has been ignored for context key [chars] (session [hex]) Explanation An internal software error occured. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SECURITY-TACACSD-7-GENERIC_ERROR [chars]: [chars] Explanation Error message for internal debugging purposes. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Security Messages VFW Messages EM-2492 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 VFW Messages Error Message %SECURITY-VFW-3-FAA_FA_CB Error processing service failure action change: [chars] Explanation An error occurred in FAA or associated services whilst it was attempting to process the creation, update, or removal of default failure action configuration for a Virtual Firewall. More information on the course of the failure is contained in the message. Recommended Action If the error message indicated that a lack of resource was to blame for this error, make more resource available on the indicated node, then restart the rspp_ma process on this node using the ’process restart’ command. Otherwise, roll back the configuration change, wait 10 seconds, then re-apply the configuration. If the error is still seen, restart the RSPP MA process on the node indicated using the ’process restart’ command. Error Message %SECURITY-VFW-3-FMI_NETIO_DROPPED_PACKETS Packets have been dropped in the FMI base capsulation, but no error counts could be updated ([chars]). Explanation An error has occured during packet handling in the FMI base capsulation, and no error counters can be updated. If errors are seen for an extended period then it can be assumed that no packets can be forwarded through FMI interfaces. This is likely to be a symptom of a problem in the Packet Forwarding Infrastructure - earlier error messages might indicate the root cause of the problem. Recommended Action If the errors stop after a couple of minutes while traffic is still flowing through the FMI then it can be assumed that the problem has resolved itself. If the problem continues, then unconfiguring and reconfiguring the FMI interfaces could fix the issue. Error Message %SECURITY-VFW-3-FWC_AVL_DELETE_FAILED The Firewall Controller failed to remove interface [chars] (firewall [chars]) from its database Explanation A call into the IOS-XR AVL tree library failed. This may result in the firewall controller unexpectedly restarting after this message is seen. Recommended Action If the process unexpectedly restarts, this will clear the problem; otherwise no further action is necessary to recover. In either case, please copy the message exactly as it appears on the console or in the system log, along with any subsequent messages relating to process restart and the information detailed below, and call your Cisco technical support representative. Security Messages VFW Messages EM-2493 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-VFW-3-FWC_DB_CREATE_FAIL The Firewall Controller failed to create an entry for [chars] [chars]%s[chars] in the [chars] database Explanation The Firewall Controller has been informed of the existence of a new interface or firewall, but attempts to create an entry for it in the relevant database have failed. The most likely cause of this problem is a lack of memory. This will have left the system in an inconsistent state. Recommended Action Try to add memory or free up some by removing configuration. Restart the Firewall Controller process using the ’prcoess restart’ mechanism. Error Message %SECURITY-VFW-3-FWC_FWS_CFG_UPDATE_FAIL The Firewall Controller failed to update configuration following [chars] of [chars] [chars]%s[chars]: [chars] Explanation The Firewall Controller has been informed of an interface/firewall create/delete by the firewall application but has failed to update its configuration. This will have left the system in an inconsistent state. Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism, the firewall controller should resynchronise. Error Message %SECURITY-VFW-3-FWC_FWS_FW_NOTFOUND The Firewall Controller failed to find firewall with id [unsigned int] in the firewall database Explanation The Firewall Controller has been told to update firewall information as a result of a firewall state change but has been unable to find the firewall in the firewall database. This indicates that the system is in an inconsistent state. Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism, the firewall controller should resynchronise Error Message %SECURITY-VFW-3-FWC_INIT Firewall controller initialisation failed: [chars]: [chars] Explanation A failure occurred during the process startup of the firewall controller. This is most likely caused by a failure of some piece of infrastructure used by the firewall controller. The error message may give an indication of the root cause of the failure. Recommended Action The process will be restarted by the System Manager - no further action is necessary. If the problem occurs repeatedly, copy the error message and gather the other necessary information, and call you Cisco technical support representative. Security Messages VFW Messages EM-2494 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-VFW-3-FWC_INTF_FW_NOTFOUND The Firewall Controller could not find the firewall with ID [unsigned int] for interface [chars] when removing diversions Explanation The Firewall Controller has been informed of diversion removal for an interface, but found that the relevant firewall does not exist in the database. This error message indicates an inconsistency in the firewall database, which will cause the Firewall Controller process to restart. Recommended Action The Firewall Controller will restart, no user intervention is required. If the problem persists, contact your Cisco technical support representative. Error Message %SECURITY-VFW-3-FWC_SPU_CLEAR_FAIL The Firewall Controller failed to write an invalid entry to the the SPU context table on firewall delete Explanation The Firewall Controller’s attempt to set an invalid entry in the SPU context table following a firewall delete has failed. This will have left the system in an inconsistent state. Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism. Error Message %SECURITY-VFW-3-FWC_SSC_UPDATE_FAIL The Firewall Controller failed to update the Service Director when [chars] [chars] [chars]%s[chars]: [chars] Explanation The Firewall Controller’s attempt to inform the Service Director of a change to either interface/firewall state has failed. This will have left the system in an inconsistent state. Recommended Action Restart the Firewall Controller process using the ’process restart’ mechanism. Error Message %SECURITY-VFW-3-FWC_WAVL_DELETE_FAILED The Firewall Controller failed to remove firewall [chars] from its database Explanation A call into the IOS-XR WAVL tree library failed. This may result in the firewall controller unexpectedly restarting after this message is seen. Recommended Action If the process unexpectedly restarts, this will clear the problem; otherwise no further action is necessary to recover. In either case, please copy the message exactly as it appears on the console or in the system log, along with any subsequent messages relating to process restart and the information detailed below, and call your Cisco technical support representative. Security Messages VFW Messages EM-2495 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-VFW-3-FWM_INIT Firewall manager initialisation failed: [chars]: [chars] Explanation A failure occurred during the process startup of the firewall controller. This is most likely caused by a failure of some piece of infrastructure used by the firewall controller. The error message may give an indication of the root cause of the failure. Recommended Action The process will be restarted by the System Manager - no further action is necessary. If the problem occurs repeatedly, copy the error message and gather the other necessary information, and call you Cisco technical support representative. Error Message %SECURITY-VFW-4-EXITING [chars] failed to notify SysMgr of intention to exit: [chars] Explanation A failure occurred during shutdown of the specified process, and it was unable to notify the System Manager that it was about to exit. In rare cases, this could result in a failure by the System Manager to restart the process when it ought to do so. Recommended Action If the process ought to be running and is not, then attempt to restart it using the ’process restart’ command. If this fails, deconfigure the process and re-enter the configuration. Error Message %SECURITY-VFW-4-FWC_CONFIG_ERR Firewall Controller failed to process configuration change for firewall [chars]: failed to [chars] default-interface: [chars] Explanation An error occurred in the firewall controller whilst it was attempting to handle the default-interface configuration for the firewall specified in the message. Recommended Action Roll back the configuration change, wait 10 seconds, then re-apply the configuration. If the error is still seen, restart the firewall controller process using the ’process restart’ command. Error Message %SECURITY-VFW-4-FWC_EVENT_CONN_ERROR_FAIL Firewall controller failed to reset ’[chars]’ connection: [chars] Explanation After detecting an error with the connection to the specified service, the Firewall controller failed to reset that connection. This is an internal error. It requires a restart of the process for recovery. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Security Messages VFW Messages EM-2496 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-VFW-4-FWC_FMI_IFH_MISMATCH The Firewall Controller saw an interface handle mismatch when updating FMI information for interface [chars] (firewall [chars]) in its database Explanation The Firewall Controller has been informed of the creation of a Firewall Management Interface, but found that the interface handle for the interface differs from the handle in its database. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour. Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism. Error Message %SECURITY-VFW-4-FWC_FMI_INFO_UPDATE The Firewall Controller [chars] FMI info already present when updating interface [chars] (firewall [chars]) in its database Explanation The Firewall Controller has been informed of the creation of a Firewall Management Interface that already exists, or has received an update about a Firewall Management Interface that does not exist. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour. Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism. Error Message %SECURITY-VFW-4-FWC_FW_APP_BAD_VERSION Firewall Controller received a message from the Firewall Application with an unexpected version: expected version [unsigned int], received version [unsigned int] Explanation The Firewall Controller received a message from the Firewall Application with an unexpected version. This could indicate a mismatch in software versions between IOS-XR and the Firewall Application as a result of a software upgrade. Recommended Action Ensure that compatible versions of the IOS-XR and Firewall Application software are installed. The problem may be cleared by rolling back any recent software install operations. Error Message %SECURITY-VFW-4-FWC_FW_APP_RECV_FAILED Failed to process a received message: [chars] Explanation The Firewall Controller encountered an error while processing a message received from the Firewall Application, for example a corrupt message. As a result, some virtual firewalls may not operate correctly. Recommended Action If some firewalls are not operating correctly after seeing this message, the system can be recovered by restarting the ’fwc’ process using the ’process restart’ command. If the error occurs repeatedly, contact your Cisco technical support representative. Security Messages VFW Messages EM-2497 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-VFW-4-FWC_INTF_DB_INFO_ALREADY_SET The Firewall Controller found [chars] already present when updating interface [chars] (firewall [chars]) in its database Explanation If the interface ID is already present, the Firewall Controller has been informed of a Firewall Application interface create, but found that its database already contains the Firewall Application interface ID. If diversions were already present, the Firewall Controller has been informed of diversion creation for an interface, but found that its database already contains diversion information for the interface. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour. Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism. Error Message %SECURITY-VFW-4-FWC_INTF_IFH_MISMATCH The Firewall Controller saw an interface handle mismatch when updating diversions for interface [chars] (firewall [chars]) in its database Explanation The Firewall Controller has been informed of diversion creation for an interface, but found that the interface handle for the diversion differs from the handle in its database. This error message indicates an inconsistency in the firewall database, which may result in unexpected behaviour. Recommended Action If this message is seen and the state of firewalls on the router does not match the expected state as a result of configuration, restart the Firewall Controller process using the ’process restart’ mechanism. Error Message %SECURITY-VFW-4-FWC_REMOVE_ATTACHMENT The Firewall Controller failed to remove an attachment for an interface in firewall [chars] Explanation The Firewall Controller has tried to remove an attachment as a result of a notification from RSPP, but has failed to do so. This may result in inconsistent data in the firewall controller and unexpected behaviour. Recommended Action If the firewall controller behaves unexpectedly, the problem may be resolved by restarting it using the ’process restart’ command. Error Message %SECURITY-VFW-4-LOST_EVENT Failed to receive an event: [chars] Explanation The process failed to receive an event from the Operating System. As a result, some aspects of the process may fail to function correctly. Recommended Action If erroneous behaviour is seen, restart the process using the ’process restart’ command. Security Messages VFW Messages EM-2498 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SECURITY-VFW-6-FMI_CONFLICTING_CONFIG Two Firewall Management interfaces of the same type have been configured on the same firewall ([chars]). Explanation Two Firewall Management interfaces of the same type (follow-active or follow-standby) have been configured on the specified firewall. Both of the interfaces will be brought down until the conflicting configuration is removed. Recommended Action Remove the conflicting configuration from one of the Firewall Management interfaces.EM-2499 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Services Messages This section contains all Services related System Error Messages. IPSEC_SVI_EA Messages Error Message %SERVICES-IPSEC_SVI_EA-3-INITFAIL Failure during initialization. Error: [chars] Explanation A failure occurred during the initialization of the IPSec SVI EA process on a particular node. The process will be restarted. Until the process starts successfully, any IPSec SVI interfaces located on that node will not come up. (If there is a standby node the interfaces should come up on the standby). Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-IPSEC_SVI_EA-3-INTERNAL [chars] Explanation An unexpected internal error has occurred in the IPSec SVI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages IPSEC_SVI_EA Messages EM-2500 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-IPSEC_SVI_EA-3-INTERNAL_ERR [chars] : [chars] Explanation An unexpected internal error has occurred in the IPSec SVI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-IPSEC_SVI_EA-3-LINK_FAIL Error while [chars]ing [unsigned int] interfaces: [chars] Explanation An error occurred while attempting to program HW for IPSec SVI on specified node. The interfaces will not come up. If there is a standby node configured for the interfaces, they may come up on the standby. Recommended Action It may help to shut down, then bring up, the IPSEc SVI interfaces in question. Error Message %SERVICES-IPSEC_SVI_EA-3-NOT_FOUND Received request for an interface (0x[pointer]) that is not in our database Explanation The IPSec SVI EA process received a request to process an interface that does not exist in its database. This indicates some sort of internal inconsistency. Recommended Action It may help to restart the IPSec SVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-IPSEC_SVI_EA-3-SSC_SEND Error while sending messages to Service Director: [chars] Explanation A problem was encountered while trying to send a batch of messages to the Service Director. The Service Director may not be up to date with the state of services on this node, so IPSec SVI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the IPSec SVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages IPSEC_SVI_NETIO Messages EM-2501 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-IPSEC_SVI_EA-3-SSC_SEND_SRV Error while sending message about [chars] to Service Director: [chars] Explanation A problem was encountered while trying to send a single message to the Service Director. The Service Director may not be up to date with the state of this services on this node, so the associated IPSec SVI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the IPSec SVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-IPSEC_SVI_EA-3-STATE_CHANGE An error occurred while checking the state for ’[chars]’: [chars] Explanation While the IPSec SVI EA process was checking the state for the specified interface, an error was encountered. The interface in question may be left in an inconsistent state. Recommended Action It may help to restart the IPSec SVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPSEC_SVI_NETIO Messages Error Message %SERVICES-IPSEC_SVI_NETIO-3-INIT_DEBUG Failure of debug intialization during [chars]. Error: [chars] Explanation A failure occurred during the initialization of debug for the NetIO caps. If this occured during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages IPSEC_SVIA Messages EM-2502 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-IPSEC_SVI_NETIO-3-INIT_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the NetIO caps. This will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IPSEC_SVIA Messages Error Message %SERVICES-IPSEC_SVIA-4-TUNNEL_SOURCE_CONFLICT Interface [chars] tunnel source IP address conflicts with other system local IP address Explanation The interface’s tunnel source IP address is configured as a system local IP address. Recommended Action Either configure a different tunnel source IP address or change this local system IP address to any other. OT Messages Error Message %SERVICES-OT-3-ERROR [chars] Explanation Internal error. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SERVICES-OT-4-WARNING [chars] Explanation Internal Warning. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Services Messages rspp_drop Messages EM-2503 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-OT-6-TRACK_INFO [chars] Explanation Internal information. for example: track state changes. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ rspp_drop Messages Error Message %SERVICES-rspp_drop-3-DEBUG Failed to [chars] debug for service diversion drop caps: [chars] Explanation A problem with the debug infrastructure was encountered by the service diversion drop processing in NetIO. This is not fatal, and simply means that the ’debug services diversion drop’ commands may be unavailable. All non-verbose messages are still traced in a circular buffer, and the most recent of these can be inspected with the ’show services diversion drop trace’ commands. Recommended Action *RECUR* Error Message %SERVICES-rspp_drop-3-DIVERT Unable to [chars] packet (can’t [chars])[chars]%s Explanation A pre-routed packet created on the router’s host stack hit a problem during service diversion processing. The packet was dropped. Recommended Action *SUPPORT* Error Message %SERVICES-rspp_drop-3-INIT Failed to [chars] when initializing service diversion drop caps (id [dec]): [chars] Explanation A failure occurred when installing the capability in NetIO to process slow path packets for service diversion. If this occurred during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded,and an error will be returned to the user. Recommended Action *RECUR* Services Messages RSPP_MA Messages EM-2504 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-rspp_drop-3-UNDIVERT Unable to undivert packet (can’t [chars]): [chars] Explanation A packet could not be sent out to its original destination after firewalling. The packet was dropped. Recommended Action *SUPPORT* RSPP_MA Messages Error Message %SERVICES-RSPP_MA-2-IMP_FAILED An error was detected whilst performing [chars] for [chars] (Error: [chars]). Traffic Diversion may now be inconsistent. Explanation Some aspect of diversion implementation has failed. This means that traffic may be inconsistently diverted for the specified interface (ie traffic may be diverted to the service card in the ingress direction, but not on egress). Note that, where the error message indicates a single interface that is affected, there may also be other attachments impacted by the error. Recommended Action Restarting the rspp_ma process on the node which produced the error may solve the issue. If not, contact support. Error Message %SERVICES-RSPP_MA-3-EVENT Error receiving event: [chars] Explanation An error occured receiving an event from the OS. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_MA-3-IMP_ERROR A persistent error has occured during the implementation of one or more attachments. Diversion may be in an inconsistent state Explanation Whilst attempting to implement one or more attachments, the service diversion infrastructure has hit one or more problems that were not solved by a retry, and as such one or more diversions may be in an inconsistent state. Retries will continue to be made, and a further message will be printed if this situation clears. Recommended Action Running ’show firewall attachments’ will provide information on which attachments are suffering from errors, and in which way they will not be operating correctly. These problems may be cleared by removing and re-attaching the service to the specified interface. If this does not resolve the problem, then support should be contacted. Services Messages RSPP_MA Messages EM-2505 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_MA-3-INIT Failure during intialization of RSPP MA [chars]. Error: [chars] Explanation A failure occurred during the initialization of the RSPP MA, the process responsible for managing the diversion of packets to services such as firewalls. The initialization will be aborted and retried. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_MA-3-INIT_NON_FATAL Non-fatal error during intialization of RSPP MA [chars]: [chars] Continuing with initialization. Explanation A non-fatal failure occurred during the initialization of the specified module of RSPP MA, the process responsible for managing the diversion of packets to services such as firewalls. This will typically mean that some level of debugging support will not be provided for the process (e.g. error codes will not be decoded), but the functioning of the process is not otherwise affected. Restarting the process should restore full debugging support. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_MA-3-LCFG_DELETE Failed to process local configuration delete for interface [chars]. Error: [chars] Explanation An error has occurred while removing the diversion implemented for the given interface. The error string will give more detail on the type of error that has occurred. Recommended Action For non-resource errors, adding and removing a service attachment for the interface indicated in the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Services Messages RSPP_MA Messages EM-2506 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_MA-3-LCFG_UPDATE Failed to process local configuration update for attachment of service [chars] of type [chars] to interface [chars] with attachment ID [chars]. Error: [chars] Explanation An error has occurred while implementing the diversion required for the given service attachment. The error string will give more detail on the type of error that has occurred. Recommended Action For non-resource errors, removing and adding back the configuration that prompted the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-3-NO_VFW RSPP MA was started when the firewalls package was not installed. Exiting Explanation RSPP MA, the service diversion management agent, could not complete initialization as the firewall service package could not be found in the current installed image. Restart will not be attempted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_MA-3-PUBLISH_DELETE Failed to publish local configuration delete for interface [chars]. Error: [chars] Explanation An error has occurred while indicating the deletion of the given service attachment removal to nodes other than that local to the interface indicated. Packet diversion may now be inconsistent. The error string will give more detail on the type of error that has occurred. Recommended Action For non-resource errors, adding and removing a service attachment for the interface indicated in the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Services Messages RSPP_MA Messages EM-2507 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_MA-3-PUBLISH_UPDATE Failed to publish local configuration update for attachment of service [chars] of type [chars] to interface [chars] with attachment ID [chars] to remote nodes. Error: [chars] Explanation An error has occurred while indicating the occurence of the given update to nodes other than that local to the interface indicated. Packet diversion may now be inconsistent. The error string will give more detail on the type of error that has occurred. Recommended Action For non-resource errors, removing and adding back the configuration that prompted the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-3-RCFG Failed to process remote config notification of [chars] of attachment of service [chars] of type [chars] to interface [chars] with attachment ID [chars]. Error: [chars] Explanation An error has occurred while processing the attachment of a service to an interface remote to this node. Packet diversion may now be inconsistent on this node. The error string will give more detail on the type of error that has occurred. Recommended Action For non-resource errors, removing and adding back the configuration that prompted the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-3-RCFG_REFRESH Error deleting any stale attachment publications to remote nodes. Error: [chars] Explanation If a virtual firewall or other service is attached to an interface, then all cards in the system need to know. Similarly, if a service attachment is deconfigured, then all cards needs to be notified. This will not happen if the interface’s line card is down (eg a preconfigured attachment is removed while the card is absent from the chassis and then re-inserted). A backup mechanism exists for this case, that ensures that any attachments that were deconfigured in such a situation really are removed globally. This error indicates that a problem occurred with this backup mechanism. So if a service attachment was deconfigured while the card was down, the rest of the system might not have caught up, and could still be diverting or dropping traffic for that interface. Recommended Action If an interface seems ’stuck’, then configuring an attachment again, committing the configuration, and then de-configuring that attachment and comitting should un-stick it. Services Messages RSPP_MA Messages EM-2508 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_MA-4-DUP_CREATE Attachment of service [chars] of type [chars] to interface [chars] with attachment ID [chars] invalid due to duplicate attachment to interface [chars]. Both attachments will be invalidated. Explanation The same service attachment has been configured on two or more interfaces, resulting in both attachments being viewed as failed and moved in to failure state. Recommended Action Removing the given configuration until zero or one instances of the attachment exist will resolve this misconfiguration. Error Message %SERVICES-RSPP_MA-4-DUP_CREATE_ERR Error withdrawing attachment of service [chars] of type [chars] to interface [chars] with attachment ID [chars] (invalid due to duplicate attachment to interface [chars]): [chars] Explanation An error has occurred processing an invalid configuration whereby the same service attachment has been configured on two or more interfaces (which should result in both attachments being viewed as failed and moved in to failure state). Packet diversion may now be inconsistent. The error string will give more detail on the type of error that has occurred. Recommended Action For non-resoucre errors, removing the initial misconfiguration may remove this error. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-4-DUP_REMOVE Attachment of service [chars] of type [chars] to interface [chars] with attachment ID [chars] now valid due to removal of duplicate attachment to interface [chars]. Attachment will be reimplemented. Explanation The given attachment configuration, which was previously invalid due to duplicate attachments being configured on different interfaces, is now valid as the duplicate attachment configuration has been removed. Recommended Action No action is required. Error Message %SERVICES-RSPP_MA-4-DUP_REMOVE_ERR Error reinstalling attachment of service [chars] of type [chars] to interface [chars] with attachment ID [chars] (now valid due to removal of duplicate attachment to interface [chars]): [chars] Explanation The given attachment configuration, which was previously invalid due to duplicate attachments being configured on different interfaces, is now valid as the duplicate attachment configuration has been removed, but an error has occurred reimplementing the attachment. The error string given should give more details on the error that has occurred. Recommended Action For non-resource errors, removing and adding back the configuration that prompted the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative Services Messages RSPP_MA Messages EM-2509 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-4-FA_BATCH_ERR Errors occurred processing batch of failure action notifications. Total Errors: [unsigned int], First Error [chars] Explanation One or more errors occurred in RSPP MA, the service diversion management agent, during the processing of a set of configuration detailing the failure policies to be applied in the event of service failure. The configured failure policies may now not be implemented on the node indicated. The error string will give more detail on the type of error that has occurred. Recommended Action For non-resource errors, removing and adding back the configuration that prompted the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-4-RCFG_BATCH Failed to signal [chars] of batch of remote config publications. Error: [chars] Explanation An error has occurred sending information on service attachments to interfaces local to the node to remote nodes. Recommended Action For non-resource errors, removing and adding back the configuration that prompted the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-4-RED_STATE_ERR Error handling change in redundancy state. Error [chars] Explanation An error has occurred during the handling of a notification from Sysmgr indicating a change in the redundancy state of the card indicated (e.g. from standby to online). Recommended Action Restarting RSPP MA may solve the problem. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages RSPP_MA Messages EM-2510 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_MA-4-RED_STATE_UNK Unable to handle redundancy state notification. New redundancy state [unsigned int], previous state [unsigned int] Explanation A notification has been received from Sysmgr indicating that the redundancy state (e.g. active, standby, etc) of the card has changed to a state unknown to RSPP MA. RSPP MA will continue to use the old state. Recommended Action A restart of RSPP MA may solve the problem. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_MA-4-RESYNC_FAILED Failed to resync diversions correctly. Error: [chars] Explanation An error has occurred following a restart of RSPP MA in the reconciliation of persistent data structures with the current configuration. Packet diversion may now be inconsistent. Recommended Action Restarting RSPP MA may clear the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_MA-4-SD_BATCH_ERR Errors occurred processing batch of Service Director notifications. Total Errors: [unsigned int], First Error [chars] Explanation One or more errors occurred in RSPP MA, the service diversion management agent, during the processing of a set of notifications from Service Director, containing service locations and diversion information. Diversions for service attachments may now be inconsistent on the given node. The error string will give more detail on the type of error that has occurred. Recommended Action If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. If the error string given does not indicate that this is a resource error, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages RSPP_MA Messages EM-2511 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_MA-4-SD_ERR Error requesting service information from the Service Director on services referenced by the last batch of attachment or failure action configuration. Error [chars] Explanation When a service attachment (e.g. a firewall attachment) is configured on an interface, the local RSPP MA process (the service diversion management agent) must request information on the attached service from Service Director to be able to implement the required diversion. This error indicates that a problem has arisen in this request. The error string given should give more details on the error that has occurred. Recommended Action For non-resource errors, removing and adding back the configuration that prompted the message may remove the error. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. If the error is a resource error this will be indicated in the error description given. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. If any inconsistency in packet forwarding to the indicated interfaces is seen, a restart of RSPP MA may solve the problem. Error Message %SERVICES-RSPP_MA-6-IMP_ERROR_CLEARED All pre-existing persistent errors have been cleared. All diversion should now be operating correctly. Explanation This message should only be seen after a corresponding IMP_ERROR message has been seen. It indicates that any problems with diversions should now have been resolved. Recommended Action No further action should be necessary. Error Message %SERVICES-RSPP_MA-6-PROBLEM_EXITING Problem ensuring an orderly exit: [chars] Explanation The process implementing service diversions (eg for virtual firewalls) has just exited, since the last service attachments have just been deconfigured. As part of this orderly shutdown, the process tried to inform System Manager that this was happening, but hit a problem in signalling this fact. The system should have recovered from this problem fully; however, very rarely it is possible that some other service attachment configuration in the same commit could be rejected. Recommended Action If any service attachments in the same configuration commit were rejected, simply re-commit them.Services Messages RSPP_REPO Messages EM-2512 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RSPP_REPO Messages Error Message %SERVICES-RSPP_REPO-3-DUAL_ERR Error encountered by REPO whilst processing a dual adjacency update request for the adjacency for interface handle [hex]: [chars] Explanation An error has occurred in the FIB library responsible for implementing diversions (e.g. for virtual firewall attachments) on a service card, following a call by FIB to retrieve the post-egress diversion forwarding information. If the interface given has a service attached then forwarding following egress diversion to this service may now be incorrect as a result of this error. Recommended Action Restarting the fib_mgr process on the node which produced the error may solve the issue. If not, contact support. Error Message %SERVICES-RSPP_REPO-3-INIT Error initializing REPO: [chars] Explanation An error has occurred during the initialization of the FIB library responsible for implementing diversions (e.g. for virtual firewall attachments). Service attachments may now fail to be implemented properly as a result of this error. Recommended Action Restarting the fib_mgr process on the node which produced the error may solve the issue. If not, contact support. Error Message %SERVICES-RSPP_REPO-3-INIT_MSG Error encountered by REPO whilst processing the initialization message from RSPP MA: [chars] Explanation An error has occurred in the IPC between the Management Agent for service diversions (e.g. for virtual firewall attachments) and the FIB Library responsible for implementing them, in the initialization stage. The initialization will be aborted, and no changes to service attachment configuration will be made in the forwarding plane Recommended Action Restarting the fib_mgr process on the node which produced the error may solve the issue. If not, contact support. Error Message %SERVICES-RSPP_REPO-3-TWEAK_ERR Error encountered by REPO whilst processing an adjacency update request for the adjacency for interface handle [hex]: [chars] Explanation An error has occurred in the FIB library responsible for implementing diversions (e.g. for virtual firewall attachments) following a request from FIB to check whether a diversion should be in place for the given adjacency. The adjacency given may now be incorrect as a result of this error. Recommended Action Restarting the fib_mgr process on the node which produced the error may solve the issue. If not, contact support. Services Messages RSPP_REX Messages EM-2513 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_REPO-3-UPDATE_MSG Error encountered by REPO whilst processing the diversion update message ([hex]) from RSPP MA: [chars] Explanation An error has occurred in the IPC between the Management Agent for service diversions (e.g. for virtual firewall attachments) and the FIB Library responsible for implementing them, during a diversion update. The update will not be implemented. Recommended Action Restarting the fib_mgr process on the node which produced the error may solve the issue. If not, contact support. RSPP_REX Messages Error Message %SERVICES-RSPP_REX-3-EDM Failed to initialize diversion manager external data manager, error: [chars]. Diagnostic show commands may not function correctly, other functionality is unaffected. Explanation During intialization of the EDM an error occurred. The EDM was not successfully registered, so show commands and other manageability applications may not function correctly. Otherwise the diversion manager will work correctly. Recommended Action This is not a fatal error. If the show commands are required, restarting the REX process should clear up the problem. Error Message %SERVICES-RSPP_REX-3-IMP_CONNECT Failed to connect to IM Proxy. Error: [chars] Explanation The diversion manager was unable to connect to IM Proxy to register as an interface capsulation. Diversion information may not be correctly applied or inconsistent. Recommended Action The connection will be retried automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_REX-3-INIT Failure [chars] during intialization of diversion exectution agent. Error: [chars] Explanation A failure occurred during the initialization of the RSPP REX library. This is used to divert packets, e.g. to a virtual firewall. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages RSPP_REX Messages EM-2514 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_REX-3-MEM Diversion manager failed to get memory [chars]. Diversions (e.g to a virtual firewall) may not have been correctly applied. Explanation During processing of a new or updated diversion, insufficient memory was available. The diversion information was not applied, and future updates may also not be applied correctly. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Once the memory condition is resolved, execute the command ’proc restart rspp_rex’ for the node where the error message originated to ensure all diversion information is correctly set up. Error Message %SERVICES-RSPP_REX-3-MSG_REPLY Unable to send a reply to diversion manager’s client. Error: [chars] Explanation The diversion manager process was unable to send a reply to a message sent to one of its clients. Diversion information may be inconsistent. Recommended Action Restarting the rspp_rex and fwc processes should clear the problem. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_REX-3-SYSDB Diversion manager failed to communicate with SysDB. Error: [chars] Explanation The diversion manager was unable to communicate with SysDB. Notifications may be missed, and manageability functionality may not be available. Recommended Action Check the status of SysDB, and restart the SysDB and firewall controller processes. Error Message %SERVICES-RSPP_REX-6-CORE The diversion manager has reached an unexpected situation ([chars] dumping core - this is NOT a crash. Explanation An unexpected situation was reached; the diversion manager has voluntarily produced a core dump for debugging purposes. This does not affect the operation of the diversion manager. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages RSPP_RIO_EA Messages EM-2515 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 RSPP_RIO_EA Messages Error Message %SERVICES-RSPP_RIO_EA-3-DEBUG Failed to initialize service ingress diversion debug facility: [chars] Explanation An error occurred during initialization of the service ingress diversion debug facility. The ’debug services diversion rio ea’ command will not function correctly. Otherwise service ingress diversion will work correctly. Executing the command ’proc restart rspp_rio_ea’ for the node where the error message originated might resolve this condition. Recommended Action This is not a fatal error. Error Message %SERVICES-RSPP_RIO_EA-3-DM_REMOVE Failed to remove service ingress diversion (ifh equals [hex]). Could not remove [chars]: [chars] Explanation An error occurred during service ingress diversion removal from the specified interface. Recommended Action *SUPPORT* Error Message %SERVICES-RSPP_RIO_EA-3-EDM Failed to initialize service ingress diversion External Data Manager: [chars] Explanation During initialization of the EDM an error occurred. The EDM was not successfully registered, so show commands and other manageability applications may not function correctly. Otherwise service ingress diversion will work correctly. Executing the command ’proc restart rspp_rio_ea’ for the node where the error message originated might resolve this condition. Recommended Action This is not a fatal error. Error Message %SERVICES-RSPP_RIO_EA-3-EVENT_BLOCK An error was received during event_block: [chars] Explanation The service ingress diversion process received an error while waiting for events from other processes in the system. The process will be restarted. Recommended Action *RECUR* Services Messages RSPP_RIO_EA Messages EM-2516 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_RIO_EA-3-EVM_CREATE_FAILED RSPP RIO event manager create failed: [chars]. Explanation An error occurred during initialization of service ingress diversion process. The process could not create an event queue used to communicate with other processes in the system. The initialization will be aborted and retried. Recommended Action This condition might indicate a low memory condition. Reduce other system activity to ease memory demand. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_RIO_EA-3-FM_INIT_REPLAY Could not re-synchronize with feature manager process: [chars] Explanation During the initialization of ingress diversion process, feature manager process requested a replay of all current diversions but the replay operation failed. Recommended Action If this message is reported more than once, execute the command ’proc restart feat_mgr’ for the node where the error message originated. Error Message %SERVICES-RSPP_RIO_EA-3-IMP_INIT_ERR IMP initialization failed during [chars]: [chars] Explanation The service ingress diversion process failed while trying to connect to Interface Manager Proxy process. The process will be restarted. If error still exists, execute the command ’proc restart imp’ for the node where the error message originated. Recommended Action *RECUR* Error Message %SERVICES-RSPP_RIO_EA-3-INIT_FAILED Ingress Diversion process initialization failed following [unsigned int] function call(s): [chars]. Explanation An error occurred during the initialization of service ingress diversion process. The initialization will be aborted and retried. Current and future service to an interface will fail until successful process initialization. Recommended Action *RECUR* Services Messages rspp_rio_netio Messages EM-2517 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_RIO_EA-3-MEM During ingress diversion installation or update, failed to get memory for [chars] Explanation During processing of a new or existing service ingress diversion, insufficient memory was available. The diversion information was not applied, and future updates may also not be applied correctly. Recommended Action This indicates a low memory condition. *REDUCE* Once the memory condition is resolved, execute the command ’proc restart rspp_rio_ea’ for the node where the error message originated to ensure all diversion information is correctly set up. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_RIO_EA-3-TRACE Failed to initialize service ingress diversion trace facility: [chars] Explanation An error occurred during initialization of the trace facility. There will be no trace messages for service ingress diversion. The ’show services diversion rio ea trace’ command on this node will not function correctly. Otherwise service ingress diversion will work correctly. Executing the command ’proc restart rspp_rio_ea’ for the node where the error message originated might resolve this condition. Recommended Action This is not a fatal error. Error Message %SERVICES-RSPP_RIO_EA-6-CORE The service ingress diversion process has reached an unexpected situation ([chars] dumping core - this is NOT a crash. Explanation An unexpected situation was reached; the service ingress diversion process has voluntarily produced a core dump for debugging purposes. Unless other symptoms are seen than it can be assumed that the system has recovered. Recommended Action *SUPPORT* rspp_rio_netio Messages Error Message %SERVICES-rspp_rio_netio-3-CAPS_BUILDER_FAILED The capsulation build function failed because ’[chars]’ (ifh equals [hex]). Error: [chars] Explanation The service ingress diversion NetIO DLL capsulation builder function failed. Service ingress diversion in NetIO for the specified interface will not function properly. Recommended Action *SUPPORT* Services Messages rspp_rio_netio Messages EM-2518 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-rspp_rio_netio-3-CAPS_CONTROL_FAILED The capsulation control function failed because ’[chars]’ (ifh equals [hex]). Error: [chars] Explanation The service ingress diversion NetIO DLL capsulation function failed. Service ingress diversion in NetIO for the specified interface will not function properly. Recommended Action *SUPPORT* Error Message %SERVICES-rspp_rio_netio-3-CAPS_UNBUILDER_FAILED The capsulation unbuild function failed because ’[chars]’ (ifh equals [hex]). Error: [chars] Explanation The service ingress diversion NetIO DLL capsulation unbuilder function failed. Service ingress diversion in NetIO for the specified interface will not be removed from NetIO process. Recommended Action *SUPPORT* Error Message %SERVICES-rspp_rio_netio-3-INIT_DEBUG Service ingress diversion NetIO DLL failed to initialize the debug facility during [chars]: [chars] Explanation A failure occurred during the initialization of debug for the service ingress diversion NetIO DLL. If this occurred during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded,and an error will be returned to the user. Recommended Action *RECUR* Error Message %SERVICES-rspp_rio_netio-3-INIT_TRACE Failed to initialize service ingress diversion [chars] trace facility within NetIO process: [chars] Explanation An error occurred during initialization of the trace facility. There will be no NetIO trace messages for service ingress diversion. The ’show services diversion rio netio trace’ command on this node will not function correctly. Otherwise service ingress diversion will work correctly. Recommended Action This is not a fatal error. Error Message %SERVICES-rspp_rio_netio-3-SUBBLOCK_REG_FAILED Service ingress diversion NetIO DLL failed to register the RIO subblock: [chars] Explanation The service ingress diversion NetIO DLL initialization function failed to register the RIO subblock type. Recommended Action *SUPPORT* Services Messages RSPP_ROXI Messages EM-2519 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-rspp_rio_netio-3-TERM_FAILED Service ingress diversion NetIO DLL termination failed because ’[chars]’. Error: [chars] Explanation The service ingress diversion NetIO DLL termination function failed. Recommended Action *SUPPORT* RSPP_ROXI Messages Error Message %SERVICES-RSPP_ROXI-3-IMP_CONNECT Failed to connect to IM Proxy. Error: [chars] Explanation The replicated interface owner was unable to connect to IM Proxy to register as an interface owner. Diversion information may not be correctly applied or inconsistent. Recommended Action The connection will be retried automatically. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_ROXI-3-INIT Failure [chars] during intialization of replicated interface owner. Error: [chars] Explanation A failure occurred during the initialization of the replicated interface owner process. This means that attaching services (e.g a firewall) on the card producing this error to interfaces may not work. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-RSPP_ROXI-3-MEM Replicated interface owner failed to get memory [chars] during diversion update processing. Diversions (e.g to a virtual firewall) may not have been correctly applied, and future diversion may also not be correctly applied. Explanation During processing of a new or updated diversion, insufficient memory was available. The diversion information was not applied, and future updates may also not be applied correctly. Recommended Action This indicates a low memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Once the memory condition is resolved, execute the command ’proc restart rspp_roxi’ for the node where the error message originated to ensure all diversion information is correctly set up. Services Messages SBC_MPF Messages EM-2520 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-RSPP_ROXI-3-REPLICATE Bulked operation to [chars] [unsigned int] replicated interface(s) (including [hex]) failed with error: [chars]. Packet diversion may now be incorrectly set up. Explanation During the processing of interface create or delete notifications an error occurred that means the interfaces may not have been replicated or unreplicated correctly. This might result in the packets that are diverted to the node being dropped. A user with cisco-support privileges may find the interface name corresponding to the given interface handle using ’show im chains ifhandle ifhandle’ Recommended Action Restart the rspp_roxi process on the affected node; If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SBC_MPF Messages Error Message %SERVICES-SBC_MPF-6-INFO MPF_INFO: [chars] Explanation The system is in normal state. This is info log. Recommended Action none SBC_PROC Messages Error Message %SERVICES-SBC_PROC-6-INFO SBC_INFO: [chars] Explanation The system is in normal state. This is info log. Recommended Action noneServices Messages SBC_RSRCMON Messages EM-2521 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SBC_RSRCMON Messages Error Message %SERVICES-SBC_RSRCMON-1-ALERT SBC resource monitor: [chars] alarm raised. System is now congested. All new calls will be rejected. cpu usage equals [dec], mem state equals [dec] Explanation The system is in congested state. Red alarm has been raised. No new calls will be accepted Recommended Action reduce the call rate Error Message %SERVICES-SBC_RSRCMON-2-WARNING SBC resource monitor: [chars] Explanation The system is not able to carry on congestion handling. Recommended Action Restart the sbc proces Error Message %SERVICES-SBC_RSRCMON-6-INFO SBC resource monitor: Alarm cleared. System is now in normal state. cpu usage equals [dec], mem state equals [dec] Explanation The system is in normal state. Alarms have been cleared. Recommended Action none Error Message %SERVICES-SBC_RSRCMON-7-DEBUG SBC resource monitor: [chars] [dec] Explanation Debug messages Recommended Action noneServices Messages SBC Messages EM-2522 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SBC Messages Error Message %SERVICES-SBC-1-L1 [chars]: [chars] Explanation Log level in sbc app is set to higher than nbb_console_unconditional_log_level. Use errmsg facilty to print error message Recommended Action collect ips and pd trace Error Message %SERVICES-SBC-2-L2 [chars]: [chars] Explanation Log level in sbc app is set to higher than nbb_console_unconditional_log_level. Use errmsg facilty to print error message Recommended Action collect ips and pd trace Error Message %SERVICES-SBC-3-L3 [chars]: [chars] Explanation Log level in sbc app is set to higher than nbb_console_unconditional_log_level. Use errmsg facilty to print error message Recommended Action collect ips and pd trace Error Message %SERVICES-SBC-6-L6 [chars]: [chars] Explanation Log level in sbc app is set to higher than 40 and less than 50. This is an info message. Recommended Action None.Services Messages SBCSVI_BILLING Messages EM-2523 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SBCSVI_BILLING Messages Error Message %SERVICES-SBCSVI_BILLING-3-CONFERR [chars] SBC billing paths will not be available Explanation Couldn’t not establish the SBC instance name from SysDB. SBC instance name is required for the billing cach paths SBC billing application will not be able to save billing records. Recommended Action Delete the SBC instance and create it again to mount the SBC billing drives. Error Message %SERVICES-SBCSVI_BILLING-3-PATHERR Error: SBC billing cache location [chars] [chars]: [chars]. Make sure that SBC billing drive is installed and formatted. SBC billing paths will not be available Explanation A failure occurred during the creation of an sbc billing cache path. SBC billing application will not be able to save billing records Recommended Action Make sure that the the drive needed for the type of SBC billing you need (local or remote) is mounted and formatted. Delete the SBC instance and create again to mount the SBC billing drives. Error Message %SERVICES-SBCSVI_BILLING-4-PATHWARN SBC billing path [chars] [chars] [chars] Explanation The SBC billing cache path might require some user action to save the billing records in an SBC-instance-specific directory. SBC billing will still work properly but the billing records could either be saved in an SBC-shared directory if the SBC instance name is too long or not saved at all if there is no space left in the drive. Recommended Action Make sure that the condition reported doesn’t affect the billing records otherwise, correct the condition by changing the SBC instance name or by manually removing the billing files depending on the condition reported. Error Message %SERVICES-SBCSVI_BILLING-5-PATHSTATUS SBC billing path [chars] [chars] [chars] Explanation The SBC billing cache path mount point status has changed and is being reported to the user for an easier access to the SBC billing records. Recommended Action Take note of the paths used by SBC billing to access the SBC billing recordsServices Messages SBCSVI_EA Messages EM-2524 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SBCSVI_EA Messages Error Message %SERVICES-SBCSVI_EA-3-INITFAIL Failure during initialization. Error: [chars] Explanation A failure occurred during the initialization of the SBCSVI EA process on a particular node. The process will be restarted. Until the process starts successfully, any SBCSVI interface located on that node will not come up. (If there is a standby node the interfaces should come up on the standby). Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SBCSVI_EA-3-INTERNAL [chars] Explanation An unexpected internal error has occurred in the SBCSVI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SBCSVI_EA-3-INTERNAL_ERR [chars] : [chars] Explanation An unexpected internal error has occurred in the SBCSVI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SBCSVI_EA-3-LINK_FAIL Error while [chars]ing [unsigned int] interfaces: [chars] Explanation An error occurred while attempting to join together the two halves of some SBCSVI pairs on the specified node. The pairs will not come up. If there is a standby node configured for the pairs, they may come up on the standby. Recommended Action It may help to shut down, then bring up, the SBCSVI interface pairs in question. Services Messages SBCSVI_EA Messages EM-2525 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SBCSVI_EA-3-NOT_FOUND Received request for an interface (0x[pointer]) that is not in our database Explanation The SBCSVI EA process received a request to process an interface that does not exist in its database. This indicates some sort of internal inconsistency. Recommended Action It may help to restart the SBCSVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SBCSVI_EA-3-SSC_SEND Error while sending messages to Service Director: [chars] Explanation A problem was encountered while trying to send a batch of messages to the Service Director. The Service Director may not be up to date with the state of services on this node, so SBCSVI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the SBCSVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SBCSVI_EA-3-SSC_SEND_SRV Error while sending message about [chars] to Service Director: [chars] Explanation A problem was encountered while trying to send a single message to the Service Director. The Service Director may not be up to date with the state of this services on this node, so the associated SBCSVI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the SBCSVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SBCSVI_EA-3-STATE_CHANGE An error occurred while checking the state for ’[chars]’: [chars] Explanation While the SBCSVI EA process was checking the state for the specified interface pair, an error was encountered. The interface pair in question may be left in an inconsistent state. Recommended Action It may help to restart the SBCSVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages SBCSVI_NETIO Messages EM-2526 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SBCSVI_NETIO Messages Error Message %SERVICES-SBCSVI_NETIO-3-INIT_DEBUG Failure of debug intialization during [chars]. Error: [chars] Explanation A failure occurred during the initialization of debug for the NetIO caps. If this occured during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SBCSVI_NETIO-3-INIT_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the NetIO caps. This will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SD_COMMON Messages Error Message %SERVICES-SD_COMMON-3-SEND_FAILED Failed to send a ’[chars]’ message: ’[chars]’ Explanation A required control message could not be sent. The reason for the failure is detailed in the message. The failure is unexpected, and likely caused by a failure in the underlying transport. Services controlled by this process are likely to be out of sync as a result. Recommended Action Restart the ’service_director’ process to force a resync of all data, which will recover the lost message. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages SD Messages EM-2527 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SD Messages Error Message %SERVICES-SD-3-ASSERT ASSERT failure: [chars] Explanation The process is in an inconsistent state. The process will exit and restart. All data will be resynchronised after the restart. Recommended Action No action is required to recover the system, this will happen automatically. Report this issue to your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SD-3-INIT_FAILED Initialisation failed, module: [chars], operation: [chars], error: [chars] Explanation The Service Director has failed to start up. The operation being attempted is detailed in the error message. The Service Director will be restarted automatically. Recommended Action If the error indicates an Out Of Memory error, then attempt to increase the available resources. Otherwise, if the error persists, contact your technical support representative copying the error message exactly as it appears. Error Message %SERVICES-SD-3-LOOP_FAILED Unexpected error in event loop: [chars] Explanation An unexpected error has been encountered in the main Service Director event loop. The Service Director will be automatically restarted, and should recover by itself. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SD-3-NOMEM Insufficient resources: [chars] Explanation There are insufficient resources to perform some action. The error message contains more details about what action failed. In any case, services may not be operating correctly, and states may be out of sync. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Once the memory conditions have been improved, restart the Service Director process to allow it to resynchronise with its clients. Services Messages SD Messages EM-2528 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SD-3-SYSMGR_FAIL SysMgr didn’t respond when told we’re exiting: [chars] Explanation The Service Director attempted to notify SysMgr that it was exiting and SysMgr returned an error. If this coincides with an attempt to configure the locations of a service, then further error may be observed from SysDB. Recommended Action Restart the Service Director process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SD-4-INVALID_FIND_SERVICE An invalid Service Find request was received (type [hex]) Explanation The Service Director received a batch with an invalid service type field. This can be due to message corruption, or due to a timing issue but is most likely due to an error in a service process. Except in the latter case (when it will most probably be repeated) this error is not fatal. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SD-4-WRONG_SSC Invalid SSC is sending updates on node [hex]. Beginning recovery Explanation A Service Controller process not currently registered is sending updates from a node. The Service Director will now attempt to recover from this by resynchronising with its clients. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SD-6-RESTART_SELF The Service Director process requires a restart in order to synchronize data. This message is informational and requires no further action. The reason for restart is: [chars] Explanation The Service Director encountered an error when trying to send a control message, which could leave the system in an inconsistent state. The error results from an unexpected failure in the transport infrastructure. The process is now restarting and will then be able to resynchronize its Services Messages SESVI_EA Messages EM-2529 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 state, restoring system consitency. This message is for informational purposes only, and no further action is required as a result. On completion of the resyncronization, the system will have self-healed, unless any further errors are encountered. Recommended Action No action is required unless further errors are observed. If further errors are encountered, wait until possible root problems (such as node reload, or low memory conditions) have been resolved, and restart the Service Director. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SESVI_EA Messages Error Message %SERVICES-SESVI_EA-3-INITFAIL Failure during initialization. Error: [chars] Explanation A failure occurred during the initialization of the SESVI EA process on a particular node. The process will be restarted. Until the process starts successfully, any SESVI interface located on that node will not come up. (If there is a standby node the interfaces should come up on the standby). Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SESVI_EA-3-INTERNAL [chars] Explanation An unexpected internal error has occurred in the SESVI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SESVI_EA-3-INTERNAL_ERR [chars] : [chars] Explanation An unexpected internal error has occurred in the SESVI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages SESVI_EA Messages EM-2530 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SESVI_EA-3-LINK_FAIL Error while [chars]ing [unsigned int] interfaces: [chars] Explanation An error occurred while attempting to join together the two halves of some SESVI pairs on the specified node. The pairs will not come up. If there is a standby node configured for the pairs, they may come up on the standby. Recommended Action It may help to shut down, then bring up, the SESVI interface pairs in question. Error Message %SERVICES-SESVI_EA-3-NOT_FOUND Received request for an interface (0x[pointer]) that is not in our database Explanation The SESVI EA process received a request to process an interface that does not exist in its database. This indicates some sort of internal inconsistency. Recommended Action It may help to restart the SESVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SESVI_EA-3-SSC_SEND Error while sending messages to Service Director: [chars] Explanation A problem was encountered while trying to send a batch of messages to the Service Director. The Service Director may not be up to date with the state of services on this node, so SESVI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the SESVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SESVI_EA-3-SSC_SEND_SRV Error while sending message about [chars] to Service Director: [chars] Explanation A problem was encountered while trying to send a single message to the Service Director. The Service Director may not be up to date with the state of this services on this node, so the associated SESVI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the SESVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages SESVI_NETIO Messages EM-2531 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SESVI_EA-3-STATE_CHANGE An error occurred while checking the state for ’[chars]’: [chars] Explanation While the SESVI EA process was checking the state for the specified interface pair, an error was encountered. The interface pair in question may be left in an inconsistent state. Recommended Action It may help to restart the SESVI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SESVI_NETIO Messages Error Message %SERVICES-SESVI_NETIO-3-INIT_DEBUG Failure of debug intialization during [chars]. Error: [chars] Explanation A failure occurred during the initialization of debug for the NetIO caps. If this occured during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SESVI_NETIO-3-INIT_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the NetIO caps. This will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages SRD_AGENT Messages EM-2532 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SRD_AGENT Messages Error Message %SERVICES-SRD_AGENT-6-NODE_REBOOTING A change in role requires Node [chars] to go down for reboot. Explanation The Service Role Agent has determined a role change requires a reboot of the specified node. This is not an error. Recommended Action None. This is expected behaviour when changing the role of a card. SRD_LIB Messages Error Message %SERVICES-SRD_LIB-4-NOTIFICATION_FAILED SRD Library notification failure: [chars] Explanation The Service Role Daemon client library received a notification, but was unable to perform the necessary operations to execute the client’s callback function. The client process is unaware of a role change event that has occured, and as such services running on the affected node are likely to be out of sync. Recommended Action In order to force a resync of the current role status, restart the process that emitted this error. If the error string indicates a low resource condition, first free up some resources. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SRD Messages Error Message %SERVICES-SRD-3-ASSERT ASSERT failure: [chars] Explanation The process is in an inconsistent state. The process will exit and restart. All data will be resynchronised after the restart. Recommended Action No action is required to recover the system, this will happen automatically. Report this issue to your Cisco technical support representative and provide the representative with the gathered information. Services Messages SRD Messages EM-2533 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SRD-3-INIT_FAILED Initialisation failed, module: [chars], operation: [chars], error: [chars] Explanation The Service Role Daemon has failed to start up. The operation being attempted is detailed in the error message. The Service Role Daemon will be restarted automatically. Recommended Action If the error indicates an Out Of Memory error, then attempt to increase the available resources. Otherwise, if the error persists, contact your technical support representative copying the error message exactly as it appears. Error Message %SERVICES-SRD-3-LOOP_FAILED Unexpected error in event loop: [chars] Explanation An unexpected error has been encountered in the main Service Role Daemon event loop. The Service Role Daemon will be automatically restarted, and should recover by itself. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SRD-3-NOMEM Insufficient resources: [chars] Explanation There are insufficient resources to perform some action. The error message contains more details about what action failed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Once the memory conditions have been improved, restart the Service Role Daemon process to allow it to resynchronise with its clients. Error Message %SERVICES-SRD-4-CARD_NOT_PRESENT The role you are attempting to assign is not supported by the node you have selected. Explanation A node has been set to a role which is not supported. This could be because the wrong card is at this location, or no card is there. Recommended Action Insert a card of an appropriate type into the specified location. If you believe that the card in the slot is of an appropriate type, ensure it is correctly booted (in IOX-RUN state according to ’show platform’). If everything looks right, and the role is still not enacted, then contact your Cisco technical support representative and provide the representative with the gathered information. Services Messages SRD Messages EM-2534 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SRD-4-ERROR_PROCESSING_LRD_EVENT SRD Unable to process OIR notification: [chars] Explanation The Service Role Daemon received an LRd event which it was unable to process. This could potentially mean that a card does not have it’s specified role enacted, or removed if it was taken down. Recommended Action Restart the service_role_daemon process to resync all roles and replay the lost notification. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SRD-4-ERROR_STARTING_AGENT Unable to update role on card with Node ID [chars]: [chars] Explanation The Service Role Change Agent returned an error while running on this node. The role has not been correctly applied on the specified card. Recommended Action Restart the service_role_agent process on the given card manually to enact the role. Assuming no error is returned, restart the service_role_daemon process as well to resync the state and notify all interested clients. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SRD-4-MISSING_TIMER_CONTEXT An error occured while setting role. Role not applied. Explanation Required data was not available when a timer expired. A role that should be applied now is unable to be applied. Recommended Action Restart the service_role_daemon process to attempt to re-enable the role. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages SVII_EA_GSR Messages EM-2535 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SVII_EA_GSR Messages Error Message %SERVICES-SVII_EA_GSR-3-INTF_EXIST Interface ’[chars]’ of type [unsigned int] already exists as type [unsigned int] Explanation An attempt was made to create an interface that already existed, but with a different type. It is likely that the given interface will no longer be operating as expected. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_EA_GSR-3-NOMEM Insufficient memory: [chars] Explanation SVII EA ran out of memory. The exact operation being attempted is detailed in the error message. Recommended Action This indicates a low-memory condition. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. SVII_EA_STATS Messages Error Message %SERVICES-SVII_EA_STATS-3-CHKPT_GET_FAILURE Failed in checkpoint interaction, resulting in zero stats returned for [chars] (expected length [unsigned int], found [unsigned int]): [chars] Explanation An error occured during periodic statistics collection for the interface specified. This means that the statistics (as reported by eg. ’show interface’) will be inaccurate for as long as this error is seen. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages SVII_EA Messages EM-2536 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SVII_EA Messages Error Message %SERVICES-SVII_EA-3-EVENT Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process must exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_EA-3-FORWARDER_CONNECTION Failed to handle forwarder connection being lost - error: [chars] Explanation The forwarder driver has restarted, but this process was unable to handle this as the error was unexpected. It is possible, though not necessarily true, that slow path packet processing for some interfaces owned by this process may be broken. Recommended Action Restarting the relevant SVI Manager process will prompt a resync, which should get the SVI Manager process and forwarder driver back into step. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_EA-3-INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the Service Virtual Interface infrastructure. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_EA-3-SEND_FAILED Failed during [chars] stage of sending a ’[chars]’ message - Error: [chars] Explanation A control message could not be sent from the EA to the MA. See error message for a possible reason. An interface may now be in the wrong up/down state. Recommended Action Restarting the relevant SVI Manager process will prompt a resync, which should re-send the lost message. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages SVII_LRD_SPA Messages EM-2537 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SVII_EA-3-SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SVII_LRD_SPA Messages Error Message %SERVICES-SVII_LRD_SPA-3-STATE_UPDATE Failed to report SPA [chars] change to SVIA; reason: [chars]; error [chars] Explanation A failure occured while processing a SPA state or type change notification. Service interfaces configured on the given SPA may not be appropriately (un)replicated. Recommended Action Restarting the process in question should rectify the situation. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SVII_MGR Messages Error Message %SERVICES-SVII_MGR-3-ACTIVATE Failure during activation of [chars]. Error: [chars] Explanation A failure occurred during the activation of the Service Virtual Interface infrastructure. Activation occurs when the card transitions to ACTIVE state. This error resulted in the restart of the process. Recommended Action *RECUR* Error Message %SERVICES-SVII_MGR-3-EVENT Unrecoverable error in event loop. Error: [chars] Explanation An error (other than EINTR) occured in the event loop. The process must exit. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages SVII_MGR Messages EM-2538 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SVII_MGR-3-EXITING Failure communicating exit to System Manager. Error: [chars] Explanation The process was unable to inform System Manager of its graceful shutdown. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_MGR-3-IM_STATE_SYNC_ERROR The Service Infrastructure encountered an error when trying to synchronize interface states with the Interface Manager process, while [chars]. Error [chars] Explanation The Service Application was unable to report the state of an interface that it owns to the Interface Manager process. The interface state may be inconsistent, and may stop forwarding traffic, or forward traffic when it appears shut down. Recommended Action Restarting the process that displayed the message may help, & If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_MGR-3-INIT Failure during intialization of [chars]. Error: [chars] Explanation A failure occurred during the initialization of the Service Virtual Interface infrastructure. This resulted in the restart of the process. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_MGR-3-INIT_ENS Failure to initialise ENS - retry scheduled. Error: [chars] Explanation A failure occurred during the initialization of ENS library in the process. This probably indicates an underlying more severe problem, and retry will be attempted. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages SVII_MGR Messages EM-2539 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-SVII_MGR-3-SEND_FAILED Failed to send a ’[chars]’ message - Error: [chars] Explanation A control message could not be sent from the MA to the EA. See error message for a possible reason. An interface may now be in the wrong up/down state. Recommended Action Restarting the relevant SVI Manager process will prompt a resync, which should re-send the lost message. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_MGR-3-SVIA_INTF_STATE_ERROR The Service Application for [chars] attempted to set an invalid interface state. The interface will be taken down. Invalid state: [chars]. Explanation The Service Application that manages the interface attempted to put the interface in a state that is not valid. This indicates an internal error in the application. The interface will be put in DOWN state and will cease to forward traffic. Recommended Action recommend that restarting the process that displayed the message may help, & If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-SVII_MGR-3-SYSMGR Failure communicating readiness to System Manager. Error: [chars] Explanation The process was initialized successfully but was unable to inform System Manager of the success. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages VASI_EA Messages EM-2540 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 VASI_EA Messages Error Message %SERVICES-VASI_EA-3-ADJACENCY Error setting up adjacencies for an interface: [chars] Explanation An error was encoutered while trying to set up adjacencny information for a VASI interface. The exact error is detailed in the error message. Packets will not be forwarded to the affected interface. Recommended Action It may help to restart the affected VASI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be addressed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-VASI_EA-3-INITFAIL Failure during initialization. Error: [chars] Explanation A failure occurred during the initialization of the VASI EA process on a particular node. The process will be restarted. Until the process starts successfully, any VASI interface pairs located on that node will not come up. (If there is a standby node the interfaces should come up on the standby). Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-VASI_EA-3-INTERNAL [chars] Explanation An unexpected internal error has occurred in the VASI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-VASI_EA-3-INTERNAL_ERR [chars] : [chars] Explanation An unexpected internal error has occurred in the VASI EA process. The process will restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages VASI_EA Messages EM-2541 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-VASI_EA-3-LINK_FAIL Error while [chars]ing [unsigned int] interfaces: [chars] Explanation An error occurred while attempting to join together the two halves of some VASI pairs on the specified node. The pairs will not come up. If there is a standby node configured for the pairs, they may come up on the standby. Recommended Action It may help to shut down, then bring up, the VASI interface pairs in question. Error Message %SERVICES-VASI_EA-3-NOMEM Insufficient memory: [chars] Explanation Insufficient memory was available to perform an operation. The exact operation is detailed in the error message. Recommended Action A low memory condition has occured: Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. You will also have to restart the affected VASI EA process once that is done. Error Message %SERVICES-VASI_EA-3-NOT_FOUND Received request for an interface (0x[pointer]) that is not in our database Explanation The VASI EA process received a request to process an interface that does not exist in its database. This indicates some sort of internal inconsistency. Recommended Action It may help to restart the VASI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-VASI_EA-3-SSC_SEND Error while sending messages to Service Director: [chars] Explanation A problem was encountered while trying to send a batch of messages to the Service Director. The Service Director may not be up to date with the state of services on this node, so VASI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the VASI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Services Messages VASI_MA Messages EM-2542 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-VASI_EA-3-SSC_SEND_SRV Error while sending message about [chars] to Service Director: [chars] Explanation A problem was encountered while trying to send a single message to the Service Director. The Service Director may not be up to date with the state of this services on this node, so the associated VASI interfaces located on this node may fail to forward packets. Recommended Action It may help to restart the VASI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-VASI_EA-3-STATE_CHANGE An error occurred while checking the state for ’[chars]’: [chars] Explanation While the VASI EA process was checking the state for the specified interface pair, an error was encountered. The interface pair in question may be left in an inconsistent state. Recommended Action It may help to restart the VASI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be fixed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-VASI_EA-3-SVI_HW_UPD_FAIL Error updating service infrastructure with new hardware state: [chars] Explanation An error was encountered whilst updating the hardware state of one or more VASI interfaces. The exact error is detailed in the error message. The interfaces affected may no longer be able to forward traffic. Recommended Action It may help to restart the affected VASI EA process. If there are any obvious resource problems (e.g. memory exhaustion), these must be addressed first. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. VASI_MA Messages Error Message %SERVICES-VASI_MA-3-INIT Failed to initialise VASI interface owner process. Stage: [chars], error: [chars] Explanation The VASI Manager failed to startup correctly. Though it will get automatically restarted, the error is unlikely to be recoverable. Recommended Action *RECUR* Services Messages VASI_NETIO Messages EM-2543 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SERVICES-VASI_MA-3-INTF_CREATE_FAIL Failed to cleanup after interface creation failed. Error: [chars] Explanation The VASI Manager failed to completely clean up interface state after an interface creation failed. This will have left the system in an inconsistent state. The most likely reason for this error is memory exhaustion. Recommended Action Look for ways to free up memory and restart the vasimgr process. VASI_NETIO Messages Error Message %SERVICES-VASI_NETIO-3-DROPPED_PACKETS Packets have been dropped in the VASI base capsulation, but no error counts could be updated ([chars]). Explanation An error has occured during packet handling in the VASI base capsulation, and no error counters can be updated. If errors are seen for an extended period then it can be assumed that no packets can be forwarded through VASI interfaces. This is likely to be a symptom of a problem in the Packet Forwarding Infrastructure - earlier error messages might indicate the root cause of the problem. Recommended Action If the errors stop after a couple of minutes while traffic is still flowing through the VASI interfaces then it can be assumed that the problem has resolved itself. If the problem continues, then unconfiguring and reconfiguring the VASI interfaces could fix the issue. Error Message %SERVICES-VASI_NETIO-3-INIT_DEBUG Failure of debug intialization during [chars]. Error: [chars] Explanation A failure occurred during the initialization of debug for the NetIO caps. If this occured during an upgrade operation then it will cause the NetIO process to reload. Otherwise this will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SERVICES-VASI_NETIO-3-INIT_TRACE Failure initializing tracing ([chars] buffer). Error: [chars] Explanation A failure occurred during the initialization of tracing for the NetIO caps. This will cause the capsulation to be unloaded, and an error returned to the user. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Services Messages VASI_NETIO Messages EM-2544 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01EM-2545 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Simple Network Management Protocol (SNMP) Messages This section contains all Simple Network Management Protocol related System Error Messages, such as BGP, MIB, CONFIG MIB, SNMP agent, and so forth. MIB location does not matter. ATM_MIB Messages Error Message %SNMP-ATM_MIB-3-INIT_ERR ATM MIB support initialization failed ([chars]%s) Explanation An error occurred while initializing ATM MIB support in snmpd process. If this occurred during process startup, then the process may be restarted. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. ATMSNMP Messages Error Message %SNMP-ATMSNMP-3-IFMGR ATM SNMP: [chars]: [chars]: [dec]: [dec] Explanation A high severity error is encountered. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages BULKFILEMIB Messages EM-2546 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-ATMSNMP-3-info ATM SNMP: [chars] Explanation debug msg Recommended Action None Error Message %SNMP-ATMSNMP-3-SYSDB ATM SNMP: [chars]: [chars]: [dec] Explanation This message indicates the ATM SNMP library fails to perform a SYSDB operation. *DDTS* Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BULKFILEMIB Messages Error Message %SNMP-BULKFILEMIB-3-ERR_MEM_ALLOC Insufficient memory to perform [chars] operation Explanation No memory in the process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-BULKFILEMIB-3-ERR_THREAD_CREATE Could not create a bulk file processing thread Explanation There are no resources available to create a bulk file processing thread Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Simple Network Management Protocol (SNMP) Messages CBQOSMIB Messages EM-2547 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CBQOSMIB Messages Error Message %SNMP-CBQOSMIB-3-ERR_MEM_ALLOC Insufficient Memory to perform [chars] operation Explanation The MIB had trouble allocating memory. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SNMP-CBQOSMIB-3-ERR_MUTEX Mutex [chars] failed Explanation The MIB had trouble locking/unlocking mutex. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ CISCOBGPPAMIB Messages Error Message %SNMP-CISCOBGPPAMIB-3-ERR_MEM_ALLOC Failed to get memory for [chars] Explanation Memory unavailable Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ CISCOPROCESSMIB Messages Error Message %SNMP-CISCOPROCESSMIB-3-ERR_MEM_ALLOC Unable to allocate memory for process name Explanation The MIB had trouble allocating memory for process name’ Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Simple Network Management Protocol (SNMP) Messages CISCOSYSTEMMIB Messages EM-2548 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CISCOSYSTEMMIB Messages Error Message %SNMP-CISCOSYSTEMMIB-3-CLOCK Clock operation Error: [chars] Explanation The MIB had trouble in spawning a process. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SNMP-CISCOSYSTEMMIB-3-EVENT_ASYNC_ALLOC Failed to allocate asynchronous event: [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-CISCOSYSTEMMIB-3-SPAWN Spawn Error: [chars] Explanation The MIB had trouble in spawning a process. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SNMP-CISCOSYSTEMMIB-3-SYSDB_ACCESS Sysdb related error: [chars] Explanation The MIB had trouble reading from or writing to or binding/unbinding SysDB. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Simple Network Management Protocol (SNMP) Messages COPYMIB Messages EM-2549 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-CISCOSYSTEMMIB-3-TARGET_CFG_PROBLEM [chars] : Failed to [chars] target config for [chars] : [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-CISCOSYSTEMMIB-3-TIMER Timer Error: [chars] Explanation Timer error Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SNMP-CISCOSYSTEMMIB-7-CREATE_EVM Could not create event manager for [chars] ([chars]) Explanation Attempt to create an event manager fails for some reason. Recommended Action Use the status to determine the reason. COPYMIB Messages Error Message %SNMP-COPYMIB-3-ENTRYNONE Entry for id [dec] doesn’t exist. Explanation An attempt to remove an entry from a queue was made, but the entry was not found. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-COPYMIB-3-ERR_MEM_ALLOC Insufficient memory to [chars] Explanation No memory to perform edm or bag operations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Simple Network Management Protocol (SNMP) Messages CSCMIB Messages EM-2550 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 CSCMIB Messages Error Message %SNMP-CSCMIB-7-CSC_ASSERT Invalid codepath encountered - exitting. Explanation An invalid codepath has been encountered - the process is exitting and restarting. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-CSCMIB-7-CSC_BAG The MIB was unable to marshall or unmarshall a set of data, error: [chars] Explanation This may be due to invalid data being sent by the agent or request, or due to an error in the data-marshalling infrastructure. The current request cannot be completed. Check the request and try again. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-CSCMIB-7-CSC_OCTETSTRING Failed to convert an SNMP supplied OctetString to a string. Explanation An illegal string was passed in to the MIB by the agent. The current request cannot be completed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-CSCMIB-7-CSC_SNMP The SNMP request did not specify an index. Explanation The SNMP management station tried a set request without specifying a request index. Check the request and try again. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages CSCMIB Messages EM-2551 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-CSCMIB-7-INVALID_ARG Internal error occurred: [chars] Explanation The MIB has reached an expected state, and will not be able to service the current request. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-CSCMIB-7-NOMEM Could not allocate memory Explanation The MIB has failed to aquire the required amount of memory. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-CSCMIB-7-SYSDB_ACCESS The MIB was unable to access the system database, error: [chars] Explanation The MIB was unable to read to or write from the system database, so will be unable to provide some requested MIB data. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-CSCMIB-7-SYSDB_BIND The MIB was unable to connect to the system database, error: [chars] Explanation The MIB was unable to connect to the system database, so will be unable to provide the MIB data. This may be because the communications infrastructure is not yet up. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Simple Network Management Protocol (SNMP) Messages FTPCLIENTMIB Messages EM-2552 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 FTPCLIENTMIB Messages Error Message %SNMP-FTPCLIENTMIB-3-NOMEM Insufficient memory to perform [chars] operation Explanation No memory in the process. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-FTPCLIENTMIB-3-NOTHREADCREATE Could not create a FTP request processing thread Explanation There are no resources available to create a FTP request processing thread Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. HSRPMIB Messages Error Message %SNMP-HSRPMIB-3-ERR_CONN The HSRP MIB could not connect to the HSRP process. ([chars]) Explanation The HSRP MIB was unable to create a SysDB connection to the HSRP process for the purpose of retrieving management information. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-HSRPMIB-4-WARN_DEBUG Failed to register HSRP MIB debug control: [chars] Explanation During initialisation of the HSRP MIB, it was not possible to register to be notified of changes to the debugging state. The MIB will continue to function, but it will not be possible to turn on debugging for the MIB. Recommended Action If debugging is essential, then restart SNMP. This will reinitialize the HSRP MIB. If the problem persists, do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages IFINDEX_PROVIDER Messages EM-2553 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-HSRPMIB-4-WARN_NOTIFY Failed to register for notification of state changes. ([chars]) Explanation During initialisation of the HSRP MIB, it was not possible to register to be notified of changes in active state of an HSRP group. The MIB will continue to function, but no traps will be generated for the cHsrpStateChange notification. Recommended Action Restart SNMP. This will re-initialize the HSRP MIB. If the problem persists, do the following. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-HSRPMIB-4-WARN_OID Failed to construct OID in trap generation. ([dec]) Explanation An OID (object identifier) string failed to be constructed during trap generation. The trap for a cHsrpStateChange notification did not get sent. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. IFINDEX_PROVIDER Messages Error Message %SNMP-IFINDEX_PROVIDER-3-IFNAME_TO_INDEX Failed to [chars] for [chars]: [chars] Explanation Failed to get the ifindex value for the given interface name Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-IFINDEX_PROVIDER-3-SERVER_ERROR [chars] error during [chars]: [chars] Explanation An error occurred while communicating with one of the servers Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Simple Network Management Protocol (SNMP) Messages IFMIB Messages EM-2554 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-IFINDEX_PROVIDER-7-INTERNAL [chars] Explanation An unexpected internal error occurred in the ifindex subsystem. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-IFINDEX_PROVIDER-7-LTRACE_INIT_ERROR ’[chars]’ error during intialization of LW tracing for ifindex provider Explanation An error occured while initializing LW tracing for ifindex provider library. Recommended Action No action is required. IFMIB Messages Error Message %SNMP-IFMIB-3-ERR_MEM_ALLOC Failed to [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action ’Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.’ Error Message %SNMP-IFMIB-3-ERR_REGEXP_COMP Failed to compile regexp:[chars] , Error : [chars] Explanation Failed to compile given regular expression Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-IFMIB-3-ERR_SYSDB Failed to [chars], err: [chars] Explanation Ifmib has failed during sysdb operation. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Simple Network Management Protocol (SNMP) Messages IPMIB Messages EM-2555 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-IFMIB-3-GEN_ERROR IFMIB DLL error:[chars] Explanation Failed to do DLL operation Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %SNMP-IFMIB-4-ERR_SYSDB_APPLY Configuration got applied with Err:[chars]. Remove this configuration from the system Explanation verification for ’snmp interface subset’ command failed because of some invalid input. Ifmib database is not updated because of this config but in sysdb, config might have happened. For recovering from this ’no snmp interface subset subset-no’ is required. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-IFMIB-4-ERR_SYSDB_REGISTER Failed to register with sysdb for bundle config [chars] Explanation Ifmib has failed to register with sysdb for bundle config notification. Ifmib will retry registering with sysdb. If the syslog message is seen continuously then there could be a problem either with sysdb or ifmib. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Collect ’show tech sysdb’, ’show logging’ and ’show tech snmp ifmib’. IPMIB Messages Error Message %SNMP-IPMIB-3-BAG An operation on a bag failed: [chars] Explanation A problem occurred while encoding or decoding information from a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages LIBSNMP Messages EM-2556 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-IPMIB-3-SYSDB_ACCESS Operation [chars] failed, error [chars] Explanation The MIB had trouble reading from or writing to or binding/unbinding SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBSNMP Messages Error Message %SNMP-LIBSNMP-3-NOMEM_FOR_INIT snmpd is being shut down due to lack of memory required for initialization. Try restarting snmpd after freeing some memory Explanation Not enough memory was available for snmpd to set up its internal data structures. Recommended Action Try stopping some running processes, or wait awhile before restarting snmpd. If the problem persists after several tries, please contact your customer support representative. MIB Messages Error Message %SNMP-MIB-3-BADTRANSPORT Attempt to [chars] unknown transport type: [dec] Explanation Attempted to perform the indicated operation on an unknown transport type. This is an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-MIB-3-CHKPT [chars]: [chars] Explanation Failed in checkpointing the data, it could reading/writing, creating object or registering with existing checkpoint_table. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages NLMMIB Messages EM-2557 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-MIB-3-NOINIT MIB Library not properly initialized Explanation The MIB library was not properly initialized by the SNMP agent. This is an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-MIB-3-SYSUPTIME Failed to retrieve sysUpTime: [chars] Explanation Failed to read the system clock, and thus determine what sysUpTime is. The result is that sysUpTime will latch at its last known value. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. NLMMIB Messages Error Message %SNMP-NLMMIB-3-ERR_MEM_ALLOC Failed to [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action ’Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.’ PINGMIB Messages Error Message %SNMP-PINGMIB-3-BADID Server received [chars] request with no valid id Explanation Bad ID error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages PINGMIB Messages EM-2558 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-PINGMIB-3-BAG Bag encode/decode Error : [chars] Explanation Error bag encoding/decoding Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-ENTRYNONE Entry for id [dec] doesn’t exist Explanation Entry for id not found Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-EVENT_BLOCK event block call failed: [chars] Explanation Event block call failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-INIT Failed to [chars], cannot initialize: [chars] Explanation initialization failed error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-MSGFAIL SysDB failed to process incoming message: [chars] Explanation Sysdb error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages PINGMIB Messages EM-2559 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-PINGMIB-3-MUTEX_INIT Failed to init pthread mutex: [chars] Explanation Failed to init pthread mutex Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-NOMEM Insufficient memory to perform [chars] operation Explanation Out of memory error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-NOTHREADCREATE Could not create a PING request processing thread Explanation There are no resources available to create a PING request processing thread Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-PTHREAD_COND_INIT Pthread cond wait call failed: [chars] Explanation pthread cond wait call failed Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-SYSDB_ACCESS SysDB failed to process incoming message : [chars] Explanation Sysdb Err Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages PINGMIB Messages EM-2560 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-PINGMIB-3-SYSMGR_PROC_READY Failed to notify sysmgr the completion of initialization: [chars] Explanation Failed to notify sysmgr the completion of initialization Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-TIMER Failed to create [chars] timer Explanation Timer error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-TIMERNOMEM Insufficient memory to create timer for entry [dec] Explanation Insufficient memory to create timer for entry error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-TIMERNONE Failed to find timer for entry id [dec] Explanation Failed to find timer for entry Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-3-TRAPOID Failed to create trap OID for [chars] Explanation Failed to create trap OID error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages QOSMIB Messages EM-2561 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-PINGMIB-3-UNKNOWNMSG Received unknown event type: [dec] Explanation Received unknown event type error Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-PINGMIB-7-DEBUG_REGISTER debug register call failed: [chars] Explanation debug register call failed. No action needed. System will recover by itself. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. QOSMIB Messages Error Message %SNMP-QOSMIB-3-ERR_MEM_ALLOC Insufficient Memory to perform [chars] operation Explanation The MIB had trouble allocating memory. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’ Error Message %SNMP-QOSMIB-3-ERR_NO_ENT Entry for [chars] not found in [chars] or insufficient memory Explanation The particular entry was not found in the list or MIB had trouble allocating memory. Recommended Action ’Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.’Simple Network Management Protocol (SNMP) Messages SNMP_IPC Messages EM-2562 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SNMP_IPC Messages Error Message %SNMP-SNMP_IPC-4-ERR_MEM Failed to allocate memory for [chars] Explanation SNMP library failed to allocate memory for an object due to low memory conditions in the System. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-SNMP_IPC-4-INTERNAL [chars] :[chars] Explanation SNMP library incurred an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SNMP Messages Error Message %SNMP-SNMP-3-CONFIGFAIL Failed to [chars] [chars]: [chars] Explanation Failed to perform the indicated configuration operation. This could be due to a low memory condition, an unsane configuration, or an internal software error. Failed in Host config: Received a good tuple for the snmp-server host CLI command, but could not configure it. This is likely due to lack of memory, which may be a transient condition, or may be due to SNMP supporting too many MIBS with large amounts of data. Try this command again after a few minutes. If it continues to fail, you may wish to undo some SNMP configurations and then retry the command. Recommended Action Examine the configuration and ensure that it is sane. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *SH_CMD config* Error Message %SNMP-SNMP-3-DATASIZE Data size exceeded for [chars]. Length of data is [dec](max length is [dec]) Explanation The maximum size of the data has been exceeded. This could be due to user configuration or internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2563 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SNMP-3-ERR_DLL_LOAD Failed to load [chars]: [chars] Explanation Failed to load the given MIB, for the given reason. This could be due to a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-SNMP-3-ERR_DLL_UNKNOWN Failed to map [chars] to an address: [chars] Explanation An attempt to map a MIB DLL symbolic name to an address failed. This MIB will be unloaded. This could be due to a corrupted MIB configuration file, a corrupted DLL, or a MIB configuration file that is out-of-sync with its corresponding MIB DLL. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Also provide a copy of the MIB DLL and its associated MIB configuration file. Error Message %SNMP-SNMP-3-ERR_EVM_EVENT_BLOCK Received error from event_wait: [chars] Explanation SNMP receives messages from an event manager. While trying to retrieve a message, an error occured, preventing successful receipt of the message. Recommended Action Check ’show context’ command to see if any crash happened . If there is a crash, you may need to collect ’show process blocked’ and ’run attach_process -p pid of crashed process’ output. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-ERR_MEM_ALLOC Failed to [chars] [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2564 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SNMP-3-ERR_SYSDB_BIND Failed to bind to SysDB for MIB notifications: [chars] Explanation SNMP binds to SysDB to receive notifications on the MIB’s behalf. MIBs typically use these notifications as triggers to send out SNMP notifications (e.g. Traps). If SNMP cannot bind to SysDB, these SysDB notifications will not be received, and thus some SNMP notifications may never be generated. Recommended Action Check ’show context’ command to see if any crash happened and sysdb is in a blocked state. Collect ’show process blocked’ and ’run attach_process -p pid of crashed process’ output. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-ERR_SYSDB_GET Unable to [chars] Explanation When a show snmp CLI is executed, SNMP agent displays this message when it is not able to retrieve the information. This is likely due to an internal software error. Recommended Action Check ’show context’ command to see if any crash happened . If there is a crash, you may need to collect ’show process blocked’ and ’run attach_process -p pid of crashed process’ output. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-ERR_SYSDB_LIST Failed to [chars] Explanation An attempt to read from SysDB failed, the result being that whatever action was being performed cannot be completed by the SNMP agent. Recommended Action Check ’show context’ command to see if any crash happened and sysdb is in a blocked state. If there is a crash, you may need to collect ’show process blocked’ and ’run attach_process -p pid of crashed process’ output. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-INIT Failed to [chars], cannot initialize: [chars] Explanation The requested operation could not be performed, due to the given reason. This could be due to a low memory condition, or an internal software error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2565 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SNMP-3-INTERNAL [chars]:[chars] Explanation General internal failure. This is likely an internal software error. Recommended Action If there is a crash/deadlock, you may need to collect logs from ’show process blocked’ and ’run attach_process -p pid of crashed process’ Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-INTERNAL_TUPLE_ERROR [chars] [chars] [chars] : [chars] Explanation This is an internal software error. Tuple-Type: The retrieved datatype for the given SysDB tuple does not match the expected datatype. Bad-host: Received a tuple for the snmp-server host CLI command, but could not parse it. Unpack: Failed to decode/unpack the retrieved SysDB tuple value. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-MIBCFGERR Error in getting MIB config data. [chars], [chars] Explanation Error in opening cfg directory : The MIB configuration files should be located in the directory ’/ios/mib’. This directory could not be read, for some reason. General Error: A syntax error was encountered while parsing the given MIB configuration file. The MIB referred to by this configuration file will not be loaded. Failed to read MIB Cfg file: This could be due to a low memory condition. Missing config entries: One or more required entries are missing from the given MIB configuration file. The MIB referred to by this configuration file will not be loaded. Recommended Action Error in opening cfg directory : Ensure that the ’/ios/mib’ directory exists and contains one or more files with a ’.mib’ suffix. Failed to read MIB Cfg file: Ensure that the specified configuration file does exist on the system Missing config entries or General Error: Also provide the contents of the given configuration file. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-NOTIFOID_FAILED Failed to add sysObjectID to notification view for trapstring: [chars] Explanation Every trapstring supported by the ’snmp host’ command corresponds to one or more notification OIDs. Each of these notifications will have zero or more varbinds that are carried as payload - each MIB tells snmpd about these varbinds so that a ’notification view’ can be built for them. An extra varbind - sysObjectID - is required to be sent with all v2c notifications. This message Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2566 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 indicates that an attempt to register this varbind failed. Sending v2c notifications for the trapstring specified in the error message may fail. You can workaround this by not specifying any trapstring in the ’snmp host’ configuration - this will enable all notifications for that destination. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %SNMP-SNMP-3-PERSISTENCE_FILE_LOCATION_GET_ERR Failed to get location of the persistence file: [chars] Explanation SNMP agent reads default engineID and engineboots from a persistence file on startup. It fails to find the location of the persistence file. This causes delay or failure in the start up of the snmpd process. Recommended Action Collect the show logging output, console logs and error message. Collect the show snmp trace output, and contact tac representative with this information. Error Message %SNMP-SNMP-3-SUBAGT Failed initialize Sub-Agent:[chars] Explanation Error indicating that one of the SNMP Sub-Agent could get initialized. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-TARGETNONE Cannot find notification target [chars] Explanation A configuration command refers to an SNMP target that has not yet been configured. Recommended Action You must configure an SNMP target before you can refer to it. Examine your configuration. Ensure that the given target has been configured. If it has not, configure it. Copy the error message exactly as it appears on the console or in the system log. Issue the config command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the config output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-3-TRANSPORTIO Failed to [chars] transport [chars]: [chars] Explanation Failed to communicate with the SNMP transport process. This could be due to a low memory condition, or the fact that there is no SNMP transport process running. Recommended Action Check the running processes to ensure that an appropriate SNMP transport process is running. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2567 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SNMP-3-TRAPSEND Failed to send trap to [chars] Explanation A trap destined for the given address could not be sent. This could be due to a low memory condition. It also might be due to the fact that there is no SNMP transport process running for that transport protocol (e.g. udp_snmpd for SNMP over UDP). Recommended Action Check the running processes to ensure that an appropriate SNMP transport process is running. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-SNMP-3-TUPLEVALUE Failed to retrieve tuple [chars]%s: [chars] Explanation Failed to retrieve the given SysDB tuple for the given reason. This may or may not have a detrimental effect on the behavior of the SNMP agent (depends on which tuple it is). Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-CONFIGOPEN Failed to open snmp agent configuration file Explanation Failed to open snmp agent configuration file, /disk0/config/snmp/snmpd.cnf Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-DEBUGDUP Duplicate debug registration for the MIB [chars] Explanation The given MIB attempted to register for MIB debug handling more than once. This is an internal software error. It may not have a detrimental effect on the behavior of the SNMP agent. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-DEBUGFAIL Failed debug registration for the MIB [chars] Explanation Failed to initialize support for the command ’debug snmp mib xxx’, where ’xxx’ is the MIB indicated in the error message. This could be due to a low memory condition or an internal software error. The result is that this command cannot be used. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2568 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SNMP-4-ENABLEFAILED Unable to parse tuple [chars] when trying to enable or disable a trap Explanation The SysDB tuple was not properly formatted, and hence could not be parsed. This will not degrade system performance, but the user will be unable to enable or disable some traps. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-ENABLENOTSUPPORTED Unrecognized trap type ([chars]). MIB is not loaded Explanation The snmp-server enable traps command allowed the user to set the specified traptype, but no callback function was registered to handle the command. This should have no detrimental effect on the system, but the user will not be able to enable/disable the specified trap. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-ENABLETRAPSTWICE [chars] MIB attempt to register same handler for the snmp enable traps [chars] command twice: handler: [hex] Explanation The given MIB attempted to register a second handler for the same traptype in the ’snmp enable traps traptype’ command. This should have no detrimental effect on the behavior of the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-EXCEEDEDSIZE The maximum allowed size for enable trap tuple exceeded for [chars] trapstring Explanation While creating an enable trap tuple we exceeded the limit of maximum allowed size. The snmp enable trap command for this trapstring will not be NVGENed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2569 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SNMP-4-INCOMING_QUEUE_FULL Maximum incoming trap queue size reached, emitting the oldest trap from correlation incoming queue Explanation SNMP trap correlation incoming queue is full; traps already in the queue is emitted on a FIFO basis to free up room for more incoming traps Recommended Action No action is required. Error Message %SNMP-SNMP-4-INIT_WARN Failed to [chars], cannot initialize: [chars] Explanation The requested operation could not be performed, due to the given reason. This could be due to a low memory condition, or an internal software error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %SNMP-SNMP-4-NOTIFYTWICE [chars] MIB attempt to register for [chars] notifications again: existing handlers: [hex] [hex] Explanation The given MIB attempted to register more than once for the given MIB notifications. This should have no detrimental effect on the behavior of the system. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-RESPONSE Failed to send response to [chars] Explanation A response destined for the given address could not be sent. This could be due to a low memory condition. It also might be due to the fact that there is no SNMP transport process running for that transport protocol (e.g. udp_snmpd for SNMP over UDP). Recommended Action Check the running processes to ensure that an appropriate SNMP transport process is running. Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-SNMP-4-TARGETINUSE Notification target [chars] is in use Explanation An attempt was made to unconfigure an SNMP target, however that target is still in use by one or more other SNMP configuration commands. Recommended Action You must remove all other configuration commands that refer to this target before you can remove this target configuration. Copy the error message exactly as it appears on the console or in the system log. Issue the config command to gather data that may provide information Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2570 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the config output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-TIMER [chars]: [chars] Explanation Timer problem; internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-TRAPEMPTY Found empty trap, destined for [chars] Explanation A trap destined for the given address was empty. This is an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-VIEWFAIL Could not create view: [chars] Explanation Could not create an SNMP view using the ’snmp-server view’ CLI command. Possible causes could be poorly formatted viewnames or oid subtrees. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-VIEWOID_NOT_FOUND The command [chars] could not be applied at this time because the oid [chars] does not belong to a known MIB module. Explanation The snmpd process attempted to load the view OID, but the OID did not correspond to any known MIB module. Recommended Action It could be that either - 1. the OID is of the format ’foobar.1’, but the MIB module containing the OID ’foobar’ is not yet loaded on the router. If this is the case, when the MIB is loaded, this command will be automatically applied - there is no need to re-enter it. 2. The MIB module containing the OID ’foobar’ is indeed loaded, but the MIB did not load a translation from ’foobar’ to ’1.3.6.1.x.y.z’ (i.e. there is no translation from the oid-name to the dotted decimal representation for that name). In this case, you can enter the dotted decimal version instead of the name, i.e. ’snmp-server view viewname 1.3.6.1.x.y.z included’ - note that using the dotted decimal version of the name will ALWAYS succeed without a warning message - it is upto the user to make Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2571 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 sure the OID entered is valid. 3. The OID ’foobar.1’ contains a typo - please re-enter the command with the correct OID and it should succeed. If the above steps result in repeated warning messages or failure, please contact your customer support representative wit the error message. Error Message %SNMP-SNMP-4-WARN_BAG_REG Failed to register bags with SysDB for providing SNMP statistics and MIB information: [chars] Explanation Failed to register the bags with SysDB. The access to SNMP statistics and MIB items in /oper/snmp/info through ’sysdbcon’ might not be available. This is likely due to an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-WARN_MEM_ALLOC Insufficient memory to [chars] [chars] Explanation Due to a low memory condition we could not enable (or disable) the specified traps or we could not register to receive the specified MIB notifications. Until available memory is increased and the SNMP process is restarted, these notifications will not be generated by the agent. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-SNMP-4-WARN_SYSDB_BAG_ENCODE Failed to encode a bag due to [chars] Explanation Failed to encode a bag. The access to SNMP statistics and MIB information through ’show snmp’ CLI command might not be available. This is likely due to an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-4-WARN_SYSDB_EDM_REG Failed to register as EDM for providing SNMP statistics and MIB information: [chars] Explanation Failed to register as EDM. The access to SNMP statistics and MIB information through ’show snmp’ CLI command will not be available. This is likely due to an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages SNMP Messages EM-2572 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SNMP-4-WARN_SYSDB_NOTIFY Failed to [chars] [chars]: [chars] Explanation Failed to register for receipt of the given notifications. This could be due to a low memory condition or an internal software error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %SNMP-SNMP-7-DEBUGINIT Failed debug registration for SNMP Explanation Failed to initialize support for the command ’debug snmp xxx’, where xxx is one of the areas of debug interest within SNMP. This could be due to a low memory condition or an internal software error. The result is that this command cannot be used. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-7-ERR_NOTFOUND Unable to [chars] Explanation Did not get data in sysdb, there could be a case where data does not exist. Like, in case of some mibs No. of objects are zero and hence ’sh snmp mib object-name’ will give this warnning. Recommended Action Check whether this mib contains any object or not. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-7-MIBINSTALL [chars] Explanation An error was encountered during installation of a new MIB or deletion of an old MIB. These messages are printed when MIB installation/deletion failed. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SNMP-7-PERSISTENCE_FILE_MISSING Persistence file [chars] will be created on initialization, reset snmpEngineBoots to 1 Explanation SNMP agent reads default engineID and engineboots from a persistence file on startup. File is missing, and will be created, reset engineboots to 1 Recommended Action No action is required.Simple Network Management Protocol (SNMP) Messages SONETMIB Messages EM-2573 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SONETMIB Messages Error Message %SNMP-SONETMIB-3-BAG An operation on a bag failed: [chars] Explanation A problem occurred while encoding or decoding information from a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIB-3-BAG An operation on a bag failed: [chars] Explanation A problem occurred while encoding or decoding information from a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIB-3-NOMEM_ERROR Failed to [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action ’Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.’ Error Message %SNMP-SONETMIB-3-NOMEM_ERROR Failed to [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action ’Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.’ Error Message %SNMP-SONETMIB-3-SYSDB_ACCESS Sysdb related error: [chars] Explanation The MIB had trouble reading from or writing to or binding/unbinding SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages SONETMIBAPI Messages EM-2574 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SONETMIB-3-SYSDB_ACCESS Sysdb related error: [chars] Explanation The MIB had trouble reading from or writing to or binding/unbinding SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SONETMIBAPI Messages Error Message %SNMP-SONETMIBAPI-2-THREAD_CREATE pthread_create([chars]) failed Explanation Sonet MIB API had trouble in creating thread. Recommended Action File a DDTS If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIBAPI-3-BAG An operation on a bag failed: [chars] Explanation A problem occurred while encoding or decoding information from a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIBAPI-3-EVM_CREATE_ERR Event manager create failed : [chars] Explanation An internal operation failed. The system will attempt to recover. Recommended Action Copy the message exactly as it appears, and report it to your technical support representative. Error Message %SNMP-SONETMIBAPI-3-NOMEM_ERROR Failed [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action ’Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.’ Simple Network Management Protocol (SNMP) Messages SONETMIBCORE Messages EM-2575 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SONETMIBAPI-3-SYSDB_ACCESS Sysdb related error: [chars] Explanation SonetMIB API had trouble registering/deregistering EDM or binding/unbinding SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SONETMIBCORE Messages Error Message %SNMP-SONETMIBCORE-2-THREAD_CREATE pthread_create([chars]) failed Explanation Sonet MIB API had trouble in creating thread. Recommended Action File a DDTS If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIBCORE-3-BAG An operation on a bag failed: [chars] Explanation A problem occurred while encoding or decoding information from a bag. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIBCORE-3-EVM_CREATE_ERR Event manager create failed : [chars] Explanation An internal operation failed. The system will attempt to recover. Recommended Action Copy the message exactly as it appears, and report it to your technical support representative. Error Message %SNMP-SONETMIBCORE-3-NOMEM_ERROR Failed [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action ’Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration.’ Simple Network Management Protocol (SNMP) Messages SONETMIBCORE Messages EM-2576 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-SONETMIBCORE-3-SYSDB_ACCESS Sysdb related error: [chars] Explanation SonetMIB API had trouble registering/deregistering EDM or binding/unbinding SysDB. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIBCORE-7-DEBUG [chars] Explanation A Debug message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIBCORE-7-DEBUG2 [chars] : [chars] Explanation A Debug message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SONETMIBCORE-7-ERROR [chars] : [chars] Explanation An internal operation failed. The system will attempt to recover. Recommended Action Copy the message exactly as it appears, and report it to your technical support representative. Error Message %SNMP-SONETMIBCORE-7-STATUS Send SNMP [chars] trap notification to [chars] : [hex] Explanation A Debug message Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Simple Network Management Protocol (SNMP) Messages SYSLOGMIB Messages EM-2577 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SYSLOGMIB Messages Error Message %SNMP-SYSLOGMIB-3-NOMEM Insufficient memory to perform [chars] operation Explanation No memory in the process. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-SYSLOGMIB-3-PARSEERROR Failed to parse [chars] Explanation This is given out if there are problems parsing the encoded tuple from syslogd/sysdb. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SYSLOGMIB-3-SYSDBERROR Failed to [chars]. Error: [chars]: Explanation The syslog mib reads the sysdb tuples and gets information about the syslog mib objects. If due to some reason the sysdb error occurs this message is printed out. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-SYSLOGMIB-3-TARGET_CFG_PROBLEM [chars] : Failed to [chars] target config for [chars] : [chars] Explanation An internal software error occurred. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Simple Network Management Protocol (SNMP) Messages UDPSNMP Messages EM-2578 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 UDPSNMP Messages Error Message %SNMP-UDPSNMP-3-ERR_MEM_ALLOC Failed to [chars], due to lack of memory Explanation The requested operation could not be performed due to a low memory condition. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-UDPSNMP-3-ERR_SYSDB_ACCESS Failed to [chars] due to sysdb error:[chars] Explanation udp_snmpd reads the snmp trap Q length and trap timeout from the sysdb. If udp_snmpd is not able to read it then this error is printed. Or is printed when sysdb configuration for trap host does not have valid format. This is an internal error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-UDPSNMP-3-ERR_SYSDB_BIND Failed to bind to SysDB for [chars]: [chars] Explanation udp_snmpd binds to SysDB to receive notifications on the trap destinations udp_snmpd typically use these notifications to add trap destination to the trap Q. If udp_snmpd cannot bind to SysDB, these SysDB notifications will not be received, and thus some trap desination will not be added and traps will not be sent to those destinations. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-UDPSNMP-3-ERR_SYSDB_REG Failed to register for [chars] [chars]: [chars] Explanation Failed to register for receipt of the given notifications or receipt of the verification event. This could be due to a low memory condition or an internal software error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Simple Network Management Protocol (SNMP) Messages UDPSNMP Messages EM-2579 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-UDPSNMP-3-INIT Failed to [chars], cannot initialize: [chars] Explanation Initialization failed. This could be due to a low memory condition or an internal software error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %SNMP-UDPSNMP-3-SYSTEM Failed to [chars] Explanation Failed to execute a system call. This could be due to low memory condition or an internal software error. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. *RECUR* Error Message %SNMP-UDPSNMP-4-AGENTIO_WARN [chars] [chars]: [chars] Explanation SNMP-UDP process received a bad Message or failed to send a message to Agent. This may be due to a invalid message number or an internal software error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-UDPSNMP-4-NOVRF Failed to find VRF details for [dec]/[chars] Explanation Failed to find VRF related information that is required to send an SNMP PDU. This could be due to an internal software error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages UTIL Messages EM-2580 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-UDPSNMP-4-SYSMGR_INFORM Failed to inform SysMgr on SNMP-UDP initialization, [chars] Explanation Failed to inform SysMgr on end of initialization of UDP transport module for SNMP. This could be due to a block in snmpd initialization. If snmpd process does not come to normal execution even after some time need to take the recommended action. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Take the ’show processes blocked’ and ’run attach_process -p snmpd-pid’ Error Message %SNMP-UDPSNMP-7-INTERNAL_ERROR Failed to [chars]: [chars] Explanation Failed to initialize a functionality for snmp - like debugging, setup event manager for notification timer. Or failed to send PDU since the outgoing PDU is greater than the configured maximum PDU size, the PDU will be dropped. This could be due to an internal software error. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. UTIL Messages Error Message %SNMP-UTIL-3-NOINIT SNMP Utilities Library not properly initialized Explanation The SNMP Utilities library was not properly initialized by the SNMP agent. This is an internal software error. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.Simple Network Management Protocol (SNMP) Messages VLANIFMIB Messages EM-2581 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 VLANIFMIB Messages Error Message %SNMP-VLANIFMIB-4-BAG Bag encode/decode Error : [chars] Explanation The VLAN Interface table relationship MIB encountered an error while encoding / decoding some data. It is likely that an SNMP query that was in progress will not have been completed. Recommended Action Retry the operation that caused the message to be displayed. It may help to restart the SNMP process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-VLANIFMIB-4-GEN Failed to [chars] Explanation The VLAN Interface table relationship MIB encountered an internal error during initialisation. It is likely that an SNMP query that was in progress will not have been completed. Recommended Action Retry the operation that caused the message to be displayed. It may help to restart the SNMP process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SNMP-VLANIFMIB-4-MEMORY Failed to [chars] Explanation The VLAN Interface table relationship MIB was unable to allocate sufficient memory to complete an operation. It is likely that an SNMP query that was in progress will not have been completed. Recommended Action Reduce other system activity to ease memory demands. If conditions warrant, upgrade to a larger memory configuration. Error Message %SNMP-VLANIFMIB-4-MIBLIB Failed to [chars] Explanation The VLAN Interface table relationship MIB encountered an internal error. It is likely that an SNMP query that was in progress will not have been completed. Recommended Action Retry the operation that caused the message to be displayed. It may help to restart the SNMP process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Simple Network Management Protocol (SNMP) Messages VLANIFMIB Messages EM-2582 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SNMP-VLANIFMIB-4-SYSDB_ACCESS SysDB failed to [chars] Explanation The VLAN Interface table relationship MIB encountered an error while connecting to, or accessing data within the System Database. It is likely that an SNMP query that was in progress will not have been completed. Recommended Action Retry the operation that caused the message to be displayed. It may help to restart the SNMP process. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.EM-2583 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 System Database Messages This section contains all system database related System Error Messages. BACKEND Messages Error Message %SYSDB-BACKEND-7-INTERNAL [chars]: rc [hex] ([chars]) Explanation The backend library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-BACKEND-7-INTERNAL_PATH [chars] for pathname [chars]: rc [hex] ([chars]) Explanation The backend library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-BACKEND-7-INVALIDARG Invalid arguments to [chars] Explanation Invalid arguments were supplied to a backend function Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages BACKUPDB Messages EM-2584 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-BACKEND-7-INVALIDARG_PATH Invalid arguments to [chars] for path [chars] Explanation Invalid arguments were supplied to a backend function Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-BACKEND-7-MISMATCH A [chars] argument was not in a valid format. The value passed was ’[chars]’; backend converted this to ’[chars]’ Explanation The backend library has detected a mismatch between the actual and parsed values of a node. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BACKUPDB Messages Error Message %SYSDB-BACKUPDB-7-INTERNAL [chars]: rc [hex] Explanation The client library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. BAG Messages Error Message %SYSDB-BAG-7-INTERNAL The bag infrastructure has encountered an error. [chars] Explanation An internal error has occurred in the bag library. Some management functions may not operate correctly. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.System Database Messages IXDB Messages EM-2585 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 IXDB Messages Error Message %SYSDB-IXDB-3-GC_ERROR [chars] : [chars] - Error:[chars] Explanation There was an internal error during garbage collection. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. LIBSYSDB Messages Error Message %SYSDB-LIBSYSDB-4-CFG_SIZE_CRIT The config size([dec] operations) exceeds critical mem limits, the config request requires ([dec] kbytes) of mem Wdsysmon mem state([dec]) total node free memory([dec]). Split the config in to smaller chunks and reattempt the config to avoid config failures Explanation The message to the user to indicate that the requested config size excceds the critical system memory limits and the config request will be allowed to proceed Recommended Action *SUPPORT* Error Message %SYSDB-LIBSYSDB-6-CFG_SIZE_HIGH The config size([dec] operations) exceeds high watermark Requires ([dec] kbytes) of memory. Wdsysmon mem state([dec]) total node free memory([dec]) Explanation The message to the user to indicate that the requested config size excceds the high end of the system memory limits Recommended Action *RECURR* Error Message %SYSDB-LIBSYSDB-7-APPLY [unsigned int] out of [unsigned int] apply callbacks failed (first error: [chars]), system may now be in an inconsistent state. Explanation An apply function failed while a verifier was scanning SysDB (e.g. after restarting), so the operational state of the system may be inconsistent with the running configuration. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages LIBSYSDB Messages EM-2586 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-LIBSYSDB-7-CERRNO_REG Failed to register block [dec] errors - cerr_register_dll returned [chars] Explanation The client library has failed to register SysDB’s error code (cerrno) definitions. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-LIBSYSDB-7-CFG_SIZE_LOW The config size([dec] operations) exceeds low watermark Requires ([dec] kbytes) of memory. Wdsysmon mem state([dec]) total node free memory([dec]) Explanation The message to the user to indicate that the requested config size excceds the low end of the system memory limits Recommended Action *RECURR* Error Message %SYSDB-LIBSYSDB-7-EDM_BIND SysDB client library received an EDM ’BIND’ message not intended for it. Most probable cause of this error is that some other EDM has registered with the same LWM channel name as this EDM. Explanation The SysDB client library was unable to complete an EDM ’BIND’ request as the EDM registration information sent with the message was invalid for the EDM. Recommended Action Ensure the LWM channel name used by this client is not being used by any other EDM. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-LIBSYSDB-7-INTERNAL [chars]: rc [hex] ([chars]) Explanation The client library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages LIBSYSDB Messages EM-2587 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-LIBSYSDB-7-LOCKING Failed to [chars] [chars]. Error [dec] ([chars]) Explanation The client library has either failed to aquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-LIBSYSDB-7-MULT_DEFAULTIFIERS An attempt was made to register a multiple verifier with a default function on path ’[chars]’ which already has a default provider. Explanation Another process has already registered a default provider function on this path. It is not possible to have multiple default providers. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-LIBSYSDB-7-PICKUP_FAILED Failed to pick up a message from the server. Client connid: [dec], server connid: [dec]. Error: [hex] ([chars]). Explanation The SysDB client library has failed to pick up a message from the server after receiving an async pulse. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-LIBSYSDB-7-RECONNECTION Failed to reconnect to SysDB server and re-register: rc [hex] ([chars]) Explanation The client library has failed to reconnect to the SysDB server. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages REPLICATOR Messages EM-2588 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-LIBSYSDB-7-REFERRAL_COUNT Maximum number of bind referrals hit attempting to connect to path [chars]. Explanation An internal library error has caused a connection attempt from a client to SysDB to fail. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-LIBSYSDB-7-RESTORE Failed to restore items after EDM registration on [chars], system may now be in an inconsistent state. Explanation If an EDM registers or reregisters on a path on which items already exist (and SYSDB_REGISTRATION_OPTION_SCAN has been specified), then those items have been deleted but not all restored after the EDM registration, so the system may now be in an inconsistent state. Recommended Action *RECUR* Error Message %SYSDB-LIBSYSDB-7-UNEXPECTED_SEND_ERROR Unable to send a LWM message due to a non-connection-related error ([dec]). Explanation The SysDB client library has failed to send a LWM message to the server, due to receiving an unexpected non-connection-related error in sending the message. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. REPLICATOR Messages Error Message %SYSDB-REPLICATOR-3-BAD_HANDLENAME Handle name ([chars]) has been corrupted. rc: [hex] ([chars]) Explanation The replicator library got an error back from NRS indicating that the data handle is no longer valid. This handle would have been validated on initialisation, so the likely cause of this error is memory corruption. The client process will be forcibly restarted to try to recover. Recommended Action *RECUR* System Database Messages REPLICATOR Messages EM-2589 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-REPLICATOR-3-IDT_FAIL Failed to complete IDT after several retries: rc [hex] ([chars]) Explanation The replicator has repeatedly failed to complete IDT for a system data handle. There may be problems with communications or other low-level infrastructure. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-3-LARGE_HANDLE Large item handle detected ([hex]/[hex]) Explanation The replicator library has received an exceptionally large item handle from NRS which may cause conflicts within the replicator library. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-3-WRITE_OWNERSHIP_FAIL Failed to acquire data handle after several retries: rc [hex] ([chars]) Explanation The replicator has repeatedly failed to acquire ownership of a system data handle. The client process may need restarting. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-7-BAD_MAGIC A corrupted peristent data structure was discovered ([chars]) Explanation The replicator library discovered a bad magic number in a persistent data structure. This suggests that the data has been corrupted. The replicator library will attempt to recover the situation. Recommended Action *RECUR* System Database Messages REPLICATOR Messages EM-2590 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-REPLICATOR-7-CTX_NOT_FOUND Could not access [chars] context structure: rc [hex] ([chars]) Explanation The replicator library was unable to access an internal structure. This may result in failure of data replication to the standby node(s). Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-7-INTERNAL [chars]: rc [hex] ([chars]) Explanation The replicator library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-7-LOCKING Failed to [chars] [chars]. Error [dec] ([chars]) Explanation The replicator library has either failed to aquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-7-MEMORY Failed to malloc [unsigned int] bytes Explanation The replicator has failed to acquire the required amount of memory. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-7-NO_CB No completion notification received for update message [unsigned int] Explanation The replicator library did not receive a callback from the transport library. The update will be allowed to continue without the replication acknowledgement. If any replicas have not received the update, they will resync on the next update. Recommended Action *RECUR* System Database Messages SMC Messages EM-2591 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-REPLICATOR-7-SEND_FAILED Failed to send update: rc [hex] ([chars]) Explanation An error was returned from RDS when trying to send an update. Clients will handle this condition differently either by retrying later, or failing the operation. If this condition persists, data may be lost on failover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-7-UPDATE_FAILED Failed to apply [chars] update: rc [hex] ([chars]) Explanation The client returned an error when trying to apply an update. The replicator library will try to recover by requesting a replay of the update. If this condition persists, data may be lost on failover. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-REPLICATOR-7-WRITE_OWNERSHIP Failed to acquire data handle: rc [hex] ([chars]) Explanation The replicator has failed to acquire ownership of a system data handle. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SMC Messages Error Message %SYSDB-SMC-7-DEPRECATED_PATH SysDB path ’[chars]’ is deprecated Explanation An operation has been attempted on a part of the SysDB namespace that should no longer be used. Recommended Action *RECUR* System Database Messages SMC Messages EM-2592 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SMC-7-INTERNAL [chars]: rc [hex] ([chars]) Explanation The server has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMC-7-INTERNAL_STATE [chars] Explanation The server has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMC-7-INVALID_PATH SysDB path ’[chars]’ is invalid Explanation An operation has been attempted on a part of the SysDB namespace that should not be used. Recommended Action *RECUR* Error Message %SYSDB-SMC-7-MISSING_NODE_NFN Missing node down notification from node [chars] Explanation No node down notification was received from the underlying infrastructure for a recent node reload. Recommended Action *SUPPORT* Error Message %SYSDB-SMC-7-MULTI_NODE_TRANS Multi-node access from transaction will be non-atomic (transaction node [dec]:[dec], accessing node [dec]:[dec], by [chars]) Explanation An application tried to use a transaction to access multiple nodes; this is not supported currently. Recommended Action *SUPPORT* System Database Messages SMC Messages EM-2593 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SMC-7-PARSE_FAILED [chars] (’[chars]’ from ’[chars]’) Explanation A pathname was used for a SysDB operation from which the destination node could not be parsed. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMC-7-PROTOCOL A incompatible version of a message was received from process id [dec], node [dec] Explanation There was a mismatch between the messaging protocol version used by the SysDB MC and the SysDB MS. Recommended Action Upgrade all nodes to have the same version of SysDB installed. Error Message %SYSDB-SMC-7-RESTARTING This process is restarting, as ([chars]) is failing. [chars] ([chars]). Explanation The SysDB server is unable to function due to a problem with one of its modules. The only hope of recovery is to restart. If the problem persists, the card will be automatically reloaded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMC-7-TIMEOUT Message #[unsigned int], destined for [chars], timed out having received [unsigned int] of [unsigned int] expected responses: returning [chars] to client [chars]. Check for potential transport issues within the system, or deadlocked SysDB processes. Explanation A request timed out before SysDB MC received the expected number of replies Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SMC Messages EM-2594 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SMC-7-TRANS Attempted multi-node access from transaction was prevented (attempted to access multi-cast group [dec]) Explanation A client attempted to use an unsupported distributed transaction. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMC-7-UNEXPECTED_MSG_TYPE An unexpected message type was received: [hex] Explanation We are receiving messages of a type that we did not expect. This should not cause failures of any kind, but probably does indicate an error in another part of the system. Recommended Action *SUPPORT* Error Message %SYSDB-SMC-7-UNEXPECTED_MULTIPLE_RESPONSES Received unexpected multiple responses for message of type [hex] Explanation The SysDB Medusa process received multiple responses for a message type for which only a single response was expected. Recommended Action *SUPPORT* Error Message %SYSDB-SMC-7-UNEXPECTED_VALUE Encountered unexpected [chars]: [hex] Explanation The server has come across an unexpected value for the specified parameter. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMC-7-WRONG_PLANE An attempt was made to access SysDB path ’[chars]’. This resolves to the [chars] plane and cannot be accessed on this card type. Explanation An application has tried to access a plane of SysDB data that does not exist on this node. Recommended Action *RECUR*System Database Messages SMS Messages EM-2595 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SMS Messages Error Message %SYSDB-SMS-6-EDM_RESPONSE_TOO_BIG EDM Manager jid: [dec] nid: [dec] response too big, size: [dec] Explanation A Client is responding with a very huge data, it should split the response. Recommended Action *SUPPORT* Error Message %SYSDB-SMS-7-INTERNAL [chars]: rc [hex] ([chars]) Explanation The SysDB server has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMS-7-LOCKING Failed to [chars] [chars]. Error [dec] ([chars]) Explanation The SysDB server has either failed to acquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMS-7-MISSING_NODE_NFN Missing node down notification from node [chars] Explanation No node down notification was received from the underlying infrastructure for a recent node reload. Recommended Action *SUPPORT* Error Message %SYSDB-SMS-7-PROTOCOL A incompatible version of a message was received from process id [dec], node [dec] Explanation There was a mismatch between the messaging protocol version used by the SysDB MC and the SysDB server. Recommended Action Upgrade all nodes to have the same version of SysDB installed. System Database Messages SMS Messages EM-2596 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SMS-7-REG_CONTEXT_EXISTS Reg from [dec]/[dec]/[dec] already exists for connid [dec] and reg_handle [dec] Explanation Sysdb is attempting to add a registration that already exists in its registration context. This will cause a sysdb server restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMS-7-REG_SEC_CONTEXT_EXISTS Reg from [dec]/[dec]/[dec] already exists for msgid [dec] Explanation Sysdb is attempting to add a registration that already exists in its secondary registration context. This will cause a sysdb server restart. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMS-7-REG_SEC_DEL_FAIL Delete of Reg from [dec]/[dec]/[dec] exists for msgid [dec] fails Explanation Sysdb is attempting to del a registration that does not exist in its secondary registration context. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMS-7-REQUEST_REG_SEND_ERR Not able to send message out, as an essential piece of infrastructure ([chars]) is failing. [chars] ([chars]). Explanation The SysDB server is unable to function due to a problem with a piece of infrastructure. The only hope of recovery is to restart. If the problem persists, the card will be automatically reloaded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SMS Messages EM-2597 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SMS-7-RESTARTING This process is restarting, as an essential piece of infrastructure ([chars]) is failing. [chars] ([chars]). Explanation The SysDB server is unable to function due to a problem with a piece of infrastructure. The only hope of recovery is to restart. If the problem persists, the card will be automatically reloaded. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMS-7-SEND_RESPONSE Sending [chars] via group_sendv_memberset failed [msg_size [unsigned int]]: [hex] ([chars]) Explanation The SysDB server failed to send a message to the SysDB Medusa Client Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SMS-7-UNEXPECTED_MSG_TYPE An unexpected message type was received: [hex] Explanation We are receiving messages of a type that we did not expect. This should not cause failures of any kind, but probably does indicate an error in another part of the system. Recommended Action *SUPPORT* Error Message %SYSDB-SMS-7-UNEXPECTED_VALUE Encountered unexpected [chars]: [hex] Explanation The SysDB server came across an unexpected value for the specified parameter. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.System Database Messages SYSDB Messages EM-2598 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SYSDB Messages Error Message %SYSDB-SYSDB-3-SC_BIND [Sysdbcon] Could not bind to SysDB: [chars] Explanation Sysdbcon was unable to bind to the root of SysDB. It is possible that there is a problem with SysDB. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_DATATYPERET [Sysdbcon] SysDB returned unrecognised datatype ([unsigned int]) Explanation The datatype returned by SysDB does not match any of those expected by Sysdbcon. This is probably because the type is missing in Sysdbcon. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_EXTFMTSTR [Sysdbcon] Unable to extract format string from packed tuple Explanation The packed tuple returned from SysDB is in some way corrupt. The format string it contains could not be read. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_FILEREAD [Sysdbcon] Unable to read from command file Explanation An error occurred during a read operation from the instruction file. Recommended Action Check that the file format is correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2599 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-3-SC_INTERR [Sysdbcon] An internal error has occurred Explanation The code has performed an action which should not be possible. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_NOFILE [Sysdbcon] The specified command file ([chars]) could not be opened Explanation The instruction file specified when Sysdbcon was started cannot be found. The most probable reason is that an incorrect name was supplied. Recommended Action Check that the file name supplied was correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_PKDREAD [Sysdbcon] Unable to read in data for packed tuple Explanation An error occurred while preparing to read instructions from the command line. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_PKDTUPLECRE [Sysdbcon] Unable to create packed tuple Explanation An error occurred creating a packed tuple. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_PKDTUPLEFILE [Sysdbcon] No data for packed tuple in file Explanation An error occurred during a read operation from the instruction file. Recommended Action Check that the file format is correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2600 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-3-SC_READERINIT [Sysdbcon] Unable to initialize the command line reader Explanation An error occurred while preparing to read instructions from the command line. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-SC_UNPACKTUP [Sysdbcon] Unable to unpack packed tuple Explanation The packed tuple returned from SysDB is in some way corrupt. The data it contains could not be read. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-3-THREAD_EXIT Process is exiting, thread ID: ([dec]) Explanation A thread of SysDB server or medusa process has exited for some critical reason and will be restarted. Recommended Action Check to make sure the process has restarted. If not, restart manually. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-REPLICATOR_OOS A possible configuration inconsistency has been detected. Please check recent configuration changes and verify that configuration is consistent with binary files. Explanation The SysDB replicator module has been informed that it may have been out of sync when taking over as the new active server. The other replica nodes will sync up, but it is possible that a recent configuration change may have been partially or completely lost. Recommended Action Check any recent commits to see if the configuration has been lost. Run ’clear configuration inconsistency’ for the relevant plane. System Database Messages SYSDB Messages EM-2601 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_ABORTBULK [Sysdbcon] While aborting a bulk operation the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_ABORTTRANS [Sysdbcon] While aborting a transaction the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_BAD_INTEGER [Sysdbcon] Warning: bad integer format or integer value is out of range. Explanation The user entered integer in unrecognized format or out of range of current integer data type. Recommended Action Correct input value and run command again. Error Message %SYSDB-SYSDB-4-SC_BADFORMAT [Sysdbcon] Badly formatted command Explanation An unescaped ’’’ character was found part way through a token in a command string. Recommended Action Re-enter the command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_BIND_NOTFOUND [Sysdbcon] Warning: now bound to a non-existent node. Explanation The user bound to a node which does not exist. This is a warning only - this action is perfectly legal. Recommended Action Check that this is the directory you intended to bind to. System Database Messages SYSDB Messages EM-2602 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_BULK_NUM_OPS [Sysdbcon] While getting the number of operations in the bulk the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the operation does not exist. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_CFGMGR_ADD_DELETES [Sysdbcon] While adding deletes to the bulk buffer the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_CFGMGR_ADDDIFFS [Sysdbcon] While adding diffs to the bulk the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_CFGMGR_DELETE [Sysdbcon] While performing a bulk regular expression delete the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2603 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_CFGMGR_MERGE [Sysdbcon] While merging files the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_CFGMGR_REMOVE_DELETES [Sysdbcon] While removing deletes to the bulk buffer the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_COMMITTRANS [Sysdbcon] While committing a transaction the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_COPY [Sysdbcon] While copying item [chars] to [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the item to copy does not exist. The details are in the error string. Recommended Action Check that the item to copy exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2604 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_CREATE [Sysdbcon] While creating item [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the item to create already exists. The details are in the error string. Recommended Action Check that the item to create does not exist. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_DATAFIND [Sysdbcon] While executing the find data request the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_DATALIST [Sysdbcon] While executing the datalist request the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_DATATYPE [Sysdbcon] Unrecognised datatype ([chars]) Explanation A datatype other than one of those supported was supplied. Recommended Action Use help for a list of supported datatypes. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2605 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_DELETE [Sysdbcon] While deleting item [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the item does not exist. The details are in the error string. Recommended Action Check that the item to delete exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_EDM_NOT [Sysdbcon] While generating EDM notifications the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_ENDBULK [Sysdbcon] While ending a bulk operation the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_ERRORSLIST [Sysdbcon] While executing the errors list request the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2606 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_EVENT [Sysdbcon] Unrecognised notification event ([chars]) Explanation A notification event other than one of those supported was supplied. Recommended Action Use help for a list of supported events. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_EVENTFIND [Sysdbcon] While executing the event find request the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_EXCESS [Sysdbcon] Excess tokens in command string Explanation There were more tokens entered as part of the command string than are required for the command. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_FILERESTORE [Sysdbcon] While restoring items from a file the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2607 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_FILESAVE [Sysdbcon] While saving items to a file the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_FIND [Sysdbcon] While executing the find request the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_GENERIC [Sysdbcon] While performing operation ’[chars]’ the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_GET [Sysdbcon] While fetching item [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the item to fetch does not exist. The details are in the error string. Recommended Action Check that the requested item exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2608 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_GET_ITEMS [Sysdbcon] While fetching items from path [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the items to fetch do not exist. The details are in the error string. Recommended Action Check that the requested items exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_ITERATE [Sysdbcon] While executing the iterate request the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_LIST [Sysdbcon] While executing the list request the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_MISMATCH [Sysdbcon] Mismatched quotes in command Explanation A quoted token was not terminated with a quote character. Recommended Action Re-enter the command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2609 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_MISSEVENT [Sysdbcon] Missing notification event Explanation The command entered requires a notification event type and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_MISSFILENAME [Sysdbcon] Missing file name Explanation The command entered requires an file name and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_MISSNAME [Sysdbcon] Missing item name Explanation The command entered requires an item name and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_MISSTYPE [Sysdbcon] Missing item type Explanation The command entered requires an item type and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_MISSVALUE [Sysdbcon] Missing item value Explanation The command entered requires an item value and one was not supplied. Recommended Action Use the help command to determine the correct usage for this command. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2610 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_PATHCREATE [Sysdbcon] Unable to create full path from path supplied Current dir: [chars] Path supplied [chars] Explanation When combining the path supplied with the path Sysdbcon is currently bound to an error occurred. This could be because the path created would be invalid. Recommended Action Check that the combination of paths is valid. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_PKDFMTSTR [Sysdbcon] Format string contains illegal character ([char]) Explanation The packed tuple format string should only contain combinations of ’%’, ’d’, ’ld’ and ’s’. A character other than one of these was found in the string. Recommended Action Check that the format string is correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_RDLOCK [Sysdbcon] While getting a read lock the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_REBIND [Sysdbcon] While binding to [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the path supplied is invalid. The details are in the error string. Recommended Action Check that the path is valid. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2611 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_REMOVE_BULK_OP [Sysdbcon] While removing operation on [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the operation does not exist. The details are in the error string. Recommended Action Check that the operation to remove exists. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_SET [Sysdbcon] While setting item [chars] the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the item does not exist or has the wrong type. The details are in the error string. Recommended Action Check that the item to set exists and has the same type as it is being set to. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_STARTBULK [Sysdbcon] While starting a bulk operation the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_STARTTRANS [Sysdbcon] While starting a transaction the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. This could be because the timeout time was not correctly entered. The details are in the error string. Recommended Action Check that the format of the timeout time is correct. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2612 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_UNKCMD [Sysdbcon] Unrecognised command. Type help or ? for a list of available commands Explanation The first token in a command string was not a recognised Sysdbcon command. Recommended Action Check the list of available commands and retry. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_UNLOCK [Sysdbcon] While releasing a lock the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_VERIFY [Sysdbcon] Verification failed on item [chars] for the following reason [chars] Explanation An error occurred invoking a SysDB function. This could be because the item does not exist or has the wrong type. Or because the verifier did not allow the change. The details are in the error string. Recommended Action Check that the item to set exists and has the same type as it is being set to. If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_VRFNRES [Sysdbcon] While resuming verification the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2613 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-4-SC_VRFNSUSP [Sysdbcon] While suspending verification the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-SC_WRLOCK [Sysdbcon] While getting a write lock the following error occurred: [chars] Explanation An error occurred invoking a SysDB function. The details are in the error string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-4-TIMEOUT_NFN Process ’[chars]’ (jid [dec], node [chars]) failed to pick up notification event within the timeout period ([unsigned int] seconds) Explanation A notification event sent by the SysDB server timed out. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-6-TIMEOUT_EDM EDM request for ’[chars]’ from ’[chars]’ (jid [dec], node [chars]). No response from ’[chars]’ (jid [dec], node [chars]) within the timeout period ([unsigned int] seconds) Explanation A timeout occured whilst processing a request. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2614 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-7-CFG_WRITE [chars] (jid [dec]) wrote to the configuration namespace (item: /[chars]). Illegal modification of configuration is not allowed. Explanation A non-management client illegally modified part of the system configuration. Recommended Action Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-CLIENT_STATS [chars]: client name: [chars], jid: [dec], nid: [dec], counter: [hex] Explanation A SysDB server process was unable to update a per-client statistics counter for one of its clients. This is an unexpected condition, though has no effect on router operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-CLIENT_STATS_MISMATCH SysDB usage statistics for [chars] (jid: [dec], nid: [dec]) and [chars] (jid: [dec], nid: [dec]) have been unexpectedly combined and should be treated as inaccurate Explanation The per-client usage statistics for the SysDB clients identified in the message have been combined, when they should be stored separately. The statistics for these processes should be treated as inaccurate. This is an unexpected condition, though has no effect on router operation. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-INFO [chars]: rc [hex] ([chars]) Explanation The server detected an error with one of its clients. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDB Messages EM-2615 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-7-INTERNAL [chars]: rc [hex] ([chars]) Explanation The server has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-INVALID_PATHNAME [chars] attempted an item get on a subtree path ([chars]). Item gets should only be attempted on items, with no trailing ’/’ Explanation A process, likely to be a show command, is attempting to access a sysdb item with an incorrect path string. Recommended Action *DEBUG* Error Message %SYSDB-SYSDB-7-LOCKING Failed to [chars] [chars]. Error [dec] ([chars]) Explanation The server has either failed to aquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-LTRACE_INIT SysDB ltrace init failed. Error initialising [[chars]] trace buffer. Error returned by ltrace initialisation: [chars] Explanation The ltrace buffer could not be initialised Recommended Action *RECUR* Error Message %SYSDB-SYSDB-7-REPLICATOR_NO_CB No completion notification received for update message [unsigned int] Explanation The SysDB replicator module on the active server did not receive a callback from the transport library. The request will be allowed to continue without the replication acknowledgement. If any replicas have not received the update, they will resync on the next update. Recommended Action *RECUR* System Database Messages SYSDB Messages EM-2616 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-7-REPLY Failed to send reply to client jid [unsigned int] tid [unsigned int] node [chars]: rc [hex] ([chars]) Explanation The server failed to reply to a client request. A likely reason for this is that the process in question has exited. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show process jid location all command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show process jid location all output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-RPL_INIT [chars]: rc [hex] ([chars]) Explanation An unexpected error occurred during initialisation of the replicator module. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-SEND [chars] to process ’[chars]’ (jid [dec], node [chars]): errno: [dec] ([chars]) Explanation The SysDB server failed to send an asynchronous message to a SysDB client. A likely reason for this is that the process in question has exited. Recommended Action Copy the error message exactly as it appears on the console or in the system log. Issue the show process jid location all command to gather data that may provide information to determine the nature of the error. If you cannot determine the nature of the error from the error message text or from the show process jid location all output, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-SHUTDOWN Process is shutting down, rc [hex] ([chars]) Explanation A SysDB server process has performed a graceful shutdown and will be restarted. Recommended Action Check to make sure the process has restarted. If not, restart manually. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. System Database Messages SYSDBHELPER Messages EM-2617 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 Error Message %SYSDB-SYSDB-7-STARTUP Startup request for ’[chars]’ from ’[chars]’ (jid [dec]) failed for a process on a slow starting node Explanation A startup request failed during the second round of callbacks. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDB-7-USAGE Incorrect arguments: Usage: [chars] l|s|a [svr_threads] l equals local-plane; s equals shared-plane; a equals admin-plane Maximum number of threads is [dec]. Explanation Incorrect command line parameters were passed to the sysdb server, and so it failed to start. Recommended Action Check the startup arguments passed to sysdb. A default configuration will be used if no parameters are passed. Copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. SYSDBHELPER Messages Error Message %SYSDB-SYSDBHELPER-7-INTERNAL [chars]: rc [hex] Explanation The client library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDBHELPER-7-LOCKING Failed to [chars] [chars]. Error [dec] Explanation The client library has either failed to aquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information.System Database Messages SYSDBUTILS Messages EM-2618 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 SYSDBUTILS Messages Error Message %SYSDB-SYSDBUTILS-7-INTERNAL [chars]: rc [hex] ([chars]) Explanation The client library has either failed a function that expected to succeed, or has got into an inconsistent state. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDBUTILS-7-INTERNAL_NODEID_STR NodeID to string conversion failed for node id [dec] (rc [hex] - [chars]) Explanation The client library was unable to convert the specified node ID into a node description string. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. Error Message %SYSDB-SYSDBUTILS-7-LOCKING Failed to [chars] [chars]. Error [dec] Explanation The client library has either failed to aquire or release a lock. Recommended Action If the message recurs, copy the error message exactly as it appears on the console or in the system log, call your Cisco technical support representative and provide the representative with the gathered information. EM-2619 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 I N D E X %ACL-APPS_ES_ACLMGR-7-ERROR EM-5 %ACL-ES_ACL-6-ESACCESSLOGV EM-5 %ACL-IP_ACL_PARSE-7-ERR_MEM_ALLOC EM-6 %ACL-IP_ACL_PARSE-7-ERR_THREAD_MUTEX_LOCK EM-6 %ACL-IPV4_ACL_DP-4-DUP_NAME EM-6 %ACL-IPV4_ACL_DP-7-INIT EM-6 %ACL-IPV4_ACL-6-IPACCESSLOGDP EM-7 %ACL-IPV4_ACL-6-IPACCESSLOGDP EM-7 %ACL-IPV4_ACL-6-IPACCESSLOGNP EM-7 %ACL-IPV4_ACL-6-IPACCESSLOGNP EM-7 %ACL-IPV4_ACL-6-IPACCESSLOGP EM-8 %ACL-IPV4_ACL-6-IPACCESSLOGP EM-8 %ACL-IPV4_ACL-6-IPACCESSLOGRP EM-8 %ACL-IPV4_ACL-6-IPACCESSLOGRP EM-8 %ACL-IPV4_ACL-6-IPACCESSLOGS EM-9 %ACL-IPV4_ACL-6-IPACCESSLOGS EM-9 %ACL-IPV4_ACL-7-INIT EM-9 %ACL-IPV4_ACL-7-IPACCESSPTHREAD EM-9 %ACL-IPV4_ACL-7-IPACCESSPTHREAD EM-10 %ACL-IPV6_ACL_DAEMON-7-INIT EM-10 %ACL-IPV6_ACL_LTRACE-3-INIT EM-10 %ACL-IPV6_ACL-1-IPACCESSDLLOPEN EM-10 %ACL-IPV6_ACL-1-IPACCESSDLLOPEN EM-11 %ACL-IPV6_ACL-1-IPACCESSDLSYM EM-11 %ACL-IPV6_ACL-1-IPACCESSDLSYM EM-11 %ACL-IPV6_ACL-1-IPACCESSNOMEM EM-11 %ACL-IPV6_ACL-1-IPACCESSNOMEM EM-11 %ACL-IPV6_ACL-3-IPACCESSPTHREAD EM-12 %ACL-IPV6_ACL-3-IPACCESSPTHREAD EM-12 %ACL-IPV6_ACL-6-IPACCESSLOGDP EM-12 %ACL-IPV6_ACL-6-IPACCESSLOGDP EM-12 %ACL-IPV6_ACL-6-IPACCESSLOGNP EM-12 %ACL-IPV6_ACL-6-IPACCESSLOGNP EM-13 %ACL-IPV6_ACL-6-IPACCESSLOGP EM-13 %ACL-IPV6_ACL-6-IPACCESSLOGP EM-13 %ACL-IPV6_ACL-6-IPACCESSLOGRP EM-13 %ACL-IPV6_ACL-6-IPACCESSLOGRP EM-13 %ACL-IPV6_ACL-6-IPACCESSLOGS EM-13 %ACL-IPV6_ACL-6-IPACCESSLOGS EM-14 %ACL-LI-3-ERROR EM-14 %ACL-PFILTER_NETIO_LTRACE-7-INIT EM-14 %PLMGR_UIBAG_OPS-PLMGR_BAG_OPS-3-NOMEM EM-15 %PLMGR_UIBAG_OPS-PLMGR_BAG_OPS-4-DEBUG EM-15 %PLMGR_OBJ_LIB-PLMGR_OBJ_LIB-3-NAME_DLLINIT EM-15 %PLMGR_OBJ_LIB-PLMGR_OBJ_LIB-4-DEBUG EM-16 %APP_INFRA-PLMGR_UI-3-CLI_ERR EM-16 %APP_INFRA-PLMGR_UI-3-NOMEM EM-16 %APP_INFRA-PLMGR_UI-3-PTHREAD EM-16 %APP_INFRA-PLMGR_UI-4-DEBUG EM-16 %APP_INFRA-PLMGR_UI-4-INVAL_DATA EM-17 %APP_INFRA-PLMGR_UI-4-LTRACE EM-17 %APP_INFRA-POLICYMGR-3-APP_NAME_FAILURE EM-17 %APP_INFRA-POLICYMGR-3-STATE_CHANGE EM-17 %APP_INFRA-POLICYMGR-7-INIT EM-17 %DIAG-DIAG-3-ALWAYS_ENABLE_TEST EM-19 %DIAG-DIAG-3-CARD_ABSENT EM-19 %DIAG-DIAG-3-CERR_REGISTER EM-19 %DIAG-DIAG-3-CREATE_PROCESS_FAIL EM-20 %DIAG-DIAG-3-DIAG_RUNNING EM-20 %DIAG-DIAG-3-ENQUEUE_FAIL EM-20 %DIAG-DIAG-3-FIXED_INTERVAL_TEST EM-20 %DIAG-DIAG-3-GET_ARGU_FAIL EM-20 %DIAG-DIAG-3-GOLDXR_ERROR EM-21 %DIAG-DIAG-3-INVALID_DEVICE EM-21 %DIAG-DIAG-3-INVALID_MONITORING_INTERVAL EM-21 %DIAG-DIAG-3-INVALID_PORT EM-21 %DIAG-DIAG-3-INVALID_TEST EM-21 %DIAG-DIAG-3-MAJOR EM-22 %DIAG-DIAG-3-MINOR EM-22 %DIAG-DIAG-3-MONITOR_DISABLE EM-22 %DIAG-DIAG-3-MONITOR_INTERVAL_ZERO EM-22 %DIAG-DIAG-3-NO_DIAG_RUNNING EM-22 %DIAG-DIAG-3-NOT_MONITORING_TEST EM-23 %DIAG-DIAG-3-SET_ARGU_FAIL EM-23 %DIAG-DIAG-3-SW_ERROR EM-23 %DIAG-DIAG-3-TEST_FAIL EM-23 %DIAG-DIAG-3-TEST_NOT_SUPPORT EM-23 %DIAG-DIAG-3-TEST_SKIPPED EM-24 %DIAG-DIAG-3-TIMER_FAIL EM-24 %DIAG-DIAG-3-UNKNOWN_OPCODE EM-24 %DIAG-DIAG-6-BYPASS EM-24 %DIAG-DIAG-6-DIAG_OK EM-24 %DIAG-DIAG-6-DIAG_STOPPED EM-25 %DIAG-DIAG-6-GOLDXR_GENERAL EM-25 %DIAG-DIAG-6-NO_TEST EM-25 %DIAG-DIAG-6-RUN_COMPLETE EM-25 %DIAG-DIAG-6-RUN_MINIMUM EM-25 %DIAG-DIAG-6-SCHED_COMPLETE EM-25 %DIAG-DIAG-6-SCHED_RUNNING EM-26 %DIAG-DIAG-6-SCHED_STOPPED EM-26 %DIAG-DIAG-6-SCHEDULE_IS_REMOVED EM-26 %DIAG-DIAG-6-SKIP_ONDEMAND_ACTIVE_TO_STANDBYIndex EM-2620 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 _TEST EM-26 %DIAG-DIAG-6-SKIP_ONDEMAND_STANDBY_CARD_TEST EM-26 %DIAG-DIAG-6-TEST_OK EM-27 %DIAG-DIAG-6-TEST_RUNNING EM-27 %DIAG-DIAG-6-TEST_SKIPPED_FROM_ACTIVE EM-27 %DIAG-DIAG-6-TEST_SKIPPED_FROM_STANDBY EM-27 %DIAG-HFRDIAG-3-ERROR EM-27 %DIAG-HFRDIAG-6-INFO EM-28 %DIAG-PFDIAGBASE-3-INIT_ERROR EM-28 %DIAG-PFDIAGBASE-3-INIT_ERROR EM-28 %DIAG-PFDIAGBASE-3-INIT_ERROR EM-28 %DIAG-PFDIAGBASE-3-SW_ERROR EM-29 %DIAG-PFDIAGBASE-3-SW_ERROR EM-29 %DIAG-PFDIAGBASE-3-SW_ERROR EM-29 %DIAG-PFDIAGBASE-4-WARNING EM-29 %DIAG-PFDIAGBASE-4-WARNING EM-29 %DIAG-PFDIAGBASE-4-WARNING EM-30 %DIAG-XR_DIAG-2-ERR_PLANE_FAILURE_NOTIFY EM-30 %DIAG-XR_DIAG-3-ERROR EM-30 %DIAG-XR_DIAG-6-INFO EM-30 %FABRIC-FAB_SVR-7-ERR_ASIC_INIT EM-31 %FABRIC-FAB_SVR-7-ERR_ASIC_INIT EM-31 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_CREATE EM-32 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_CREATE EM-32 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_EVM_HANDLE R EM-32 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_EVM_HANDLE R EM-32 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_NOTIFY EM-33 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_NOTIFY EM-33 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_OPEN EM-33 %FABRIC-FAB_SVR-7-ERR_EVENT_CONN_OPEN EM-33 %FABRIC-FAB_SVR-7-ERR_EVM_CREATE EM-34 %FABRIC-FAB_SVR-7-ERR_EVM_CREATE EM-34 %FABRIC-FAB_SVR-7-ERR_INIT EM-34 %FABRIC-FAB_SVR-7-ERR_INIT EM-35 %FABRIC-FAB_SVR-7-ERR_THREAD_ATTRIBUTE EM-35 %FABRIC-FAB_SVR-7-ERR_THREAD_ATTRIBUTE EM-35 %FABRIC-FAB_SVR-7-ERR_THREAD_MUTEX_INIT EM-36 %FABRIC-FAB_SVR-7-ERR_THREAD_MUTEX_INIT EM-36 %FABRIC-FABQ-0-PRP3_FAULT_RECOVERY_ERR EM-36 %FABRIC-FABQ-2-PRP3_DRVR_INIT_ERROR EM-37 %FABRIC-FABQ-2-PRP3_PKT_INIT_ERROR EM-37 %FABRIC-FABQ-3-FATAL EM-37 %FABRIC-FABQ-3-INIT_ERROR EM-38 %FABRIC-FABQ-3-PKT_INIT_ERROR EM-38 %FABRIC-FABQ-3-PKT_INIT_FAIL EM-38 %FABRIC-FABQ-3-PKT_INIT_POOL EM-39 %FABRIC-FABQ-3-PRP3_FABMSG EM-39 %FABRIC-FABQ-3-PRP3_FRFAB_PKT_NO_STREAM EM-39 %FABRIC-FABQ-3-PRP3_FRFAB_PKT_STARTOFFSET EM-40 %FABRIC-FABQ-3-PRP3_FRFAB_TAIL_PAR_ERR EM-40 %FABRIC-FABQ-3-PRP3_HW_IRQ_ERR EM-40 %FABRIC-FABQ-3-PRP3_IRQ_ERR EM-41 %FABRIC-FABQ-3-PRP3_PORT_DISABLE_ERR EM-41 %FABRIC-FABQ-3-PRP3_PORT_ENABLE_ERR EM-42 %FABRIC-FABQ-3-PRP3_REUSE_NO_BUFFER EM-42 %FABRIC-FABQ-3-PRP3_SHM EM-42 %FABRIC-FABQ-3-PRP3_TOFAB_CREDIT_CNT_EXCEEDED EM-42 %FABRIC-FABQ-3-PRP3_TOFAB_QUEUE_BLOCKED EM-43 %FABRIC-FABQ-3-PRP3_TX_DONE_RING EM-43 %FABRIC-FABQ-3-SHOW_ERR EM-44 %FABRIC-FABQ-6-PKT_INIT_INFO EM-44 %FABRIC-FABQ-7-PKT_INIT_INFO EM-44 %FABRIC-FABQ-7-PRP3_PKT_INIT_INFO EM-44 %FABRIC-FABRIC_DRIVER_LITE-3-ERR_ASIC_ACCESS_E XCEPTION EM-45 %FABRIC-FABRIC_DRIVER_LITE-3-ERR_DRIVER_INIT EM-45 %FABRIC-FABRIC_DRIVER_LITE-3-ERR_EVM_CREATE EM-45 %FABRIC-FABRIC_DRIVER_LITE-3-ERR_SHMEM_INIT EM-46 %FABRIC-FABRIC_DRIVER_LITE-3-ERR_THREAD_ATTRIB UTE EM-46 %FABRIC-FABRIC_DRIVER_LITE-4-ERR_LTRACE_INIT EM-46 %FABRIC-FABRIC_DRIVER_LITE-6-ASIC_INITIALIZED EM-46 %FABRIC-FABRIC_DRVR-2-ERR_MAINTENANCE_MODE EM-47 %FABRIC-FABRIC_DRVR-2-ERR_SHUTDOWN EM-47 %FABRIC-FABRIC_DRVR-3-ERR_ASIC_ACCESS_EXCEPTIO N EM-47 %FABRIC-FABRIC_DRVR-3-ERR_BOARD_PLD_VERSION EM-48 %FABRIC-FABRIC_DRVR-3-ERR_DRV_INIT EM-48 %FABRIC-FABRIC_DRVR-3-ERR_DRV_INIT EM-48 %FABRIC-FABRIC_DRVR-3-ERR_EVM_CREATE EM-49 %FABRIC-FABRIC_DRVR-3-ERR_EVM_CREATE EM-49 %FABRIC-FABRIC_DRVR-3-ERR_FGID_ACCESS EM-49 %FABRIC-FABRIC_DRVR-3-ERR_FGID_REFRESH EM-49 %FABRIC-FABRIC_DRVR-3-ERR_FGID_REFRESH_RETRY EM-50 %FABRIC-FABRIC_DRVR-3-ERR_FGID_WRITE EM-50 %FABRIC-FABRIC_DRVR-3-ERR_MAX_TOPO_TIME_OUT EM-50 %FABRIC-FABRIC_DRVR-3-ERR_POD_INIT EM-50 %FABRIC-FABRIC_DRVR-3-ERR_POD_INIT EM-51 %FABRIC-FABRIC_DRVR-3-ERR_RELOAD EM-51 %FABRIC-FABRIC_DRVR-3-ERR_SELF_RELOAD EM-51 %FABRIC-FABRIC_DRVR-3-ERR_STUCK_BARRIER_FLOW EM-52 %FABRIC-FABRIC_DRVR-3-ERR_THREAD_ATTRIBUTE EM-52 %FABRIC-FABRIC_DRVR-3-ERR_THREAD_ATTRIBUTE Index EM-2621 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 EM-52 %FABRIC-FABRIC_DRVR-3-ERR_TIMER_START EM-52 %FABRIC-FABRIC_DRVR-3-ERR_WAITING_FOR_TOPO_TI MED_OUT EM-53 %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_GLACIAL EM-53 %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_GLACIAL EM-53 %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_NO_LIMIT EM-53 %FABRIC-FABRIC_DRVR-3-ERRRATE_EXCEED_SLOW EM-54 %FABRIC-FABRIC_DRVR-4-ERR_LTRACE_INIT EM-54 %FABRIC-FABRIC_DRVR-4-ERR_LTRACE_INIT EM-54 %FABRIC-FABRIC_DRVR-6-ASIC_INITIALIZED EM-54 %FABRIC-FABRIC_DRVR-6-ASIC_INITIALIZED EM-54 %FABRIC-FABRIC_DRVR-6-BARRIER_FLOW_STARTED EM-55 %FABRIC-FABRIC_DRVR-6-DLL_LOAD EM-55 %FABRIC-FABRIC_DRVR-6-MISSING_PLANE_CONFIG EM-55 %FABRIC-FABRIC_DRVR-7-ERR_BP_CFG EM-55 %FABRIC-FABRIC_DRVR-7-ERR_BP_CFG EM-55 %FABRIC-FABRIC_DRVR-7-ERR_DEBUG_REG EM-56 %FABRIC-FABRIC_DRVR-7-ERR_DEBUG_REG EM-56 %FABRIC-FABRIC_DRVR-7-ERR_INTERNAL_SW EM-56 %FABRIC-FABRIC_DRVR-7-ERR_INTERNAL_SW EM-56 %FABRIC-FABRIC_DRVR-7-ERR_LINK_TOPO EM-57 %FABRIC-FABRIC_DRVR-7-ERR_LINK_TOPO EM-57 %FABRIC-FABRIC_DRVR-7-ERRRATE_EXCEED_DEBUG EM-57 %FABRIC-FABRIC_DRVR-7-ERRRATE_EXCEED_DEBUG EM-57 %FABRIC-FABRIC_DRVR-7-LINK_SHUT_DOWN EM-58 %FABRIC-FABRIC_DRVR-7-LINK_SHUT_DOWN EM-58 %FABRIC-FABRIC_SRVR-3-ERR_ANNOUNCE EM-58 %FABRIC-FABRIC_SRVR-3-ERR_DRV_INIT EM-58 %FABRIC-FABRIC_SRVR-3-ERR_DRV_INIT EM-59 %FABRIC-FABRIC_SRVR-3-ERR_EES_REG EM-59 %FABRIC-FABRIC_SRVR-3-ERR_ENABLE EM-59 %FABRIC-FABRIC_SRVR-3-ERR_EVM_CREATE EM-59 %FABRIC-FABRIC_SRVR-3-ERR_EVM_CREATE EM-60 %FABRIC-FABRIC_SRVR-3-ERR_FGID_CONS_THREAD EM-60 %FABRIC-FABRIC_SRVR-3-ERR_FGID_DOWNLOAD_FAILE D EM-60 %FABRIC-FABRIC_SRVR-3-RESET_ALL_ASICS EM-60 %FABRIC-FABRIC_SRVR-4-ERR_ECM_CREATE EM-61 %FABRIC-FABRIC_SRVR-4-ERR_ECM_CREATE EM-61 %FABRIC-FABRIC_SRVR-4-ERR_ECM_NOTIFY EM-61 %FABRIC-FABRIC_SRVR-4-ERR_ECM_NOTIFY EM-61 %FABRIC-FABRIC_SRVR-4-ERR_FGID_DOWNLOAD EM-62 %FABRIC-FABRIC_SRVR-4-ERR_LTRACE_INIT EM-62 %FABRIC-FABRIC_SRVR-4-ERR_LTRACE_INIT EM-62 %FABRIC-FABRIC_SRVR-6-ASIC_RESET_REASONS EM-62 %FABRIC-FABRIC_SRVR-6-FAB_MODULE EM-62 %FABRIC-FABRIC_SRVR-6-FAB_MODULE EM-63 %FABRIC-FABRIC_SRVR-6-INVALID_CARD_TYPE_ERROR EM-63 %FABRIC-FABRIC_SRVR-7-ERR_BAG_REG EM-63 %FABRIC-FABRIC_SRVR-7-ERR_BAG_REG EM-63 %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_INIT EM-64 %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_INIT EM-64 %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_REG EM-64 %FABRIC-FABRIC_SRVR-7-ERR_DEBUG_REG EM-65 %FABRIC-FABRIC_SRVR-7-ERR_INTERNAL_SW EM-65 %FABRIC-FABRIC_SRVR-7-ERR_INTERNAL_SW EM-65 %FABRIC-FABRIC_SRVR-7-ERR_SYSDB_EDM_REG EM-65 %FABRIC-FABRIC_SRVR-7-ERR_SYSDB_EDM_REG EM-66 %FABRIC-FABRICQ_MGR-3-ERR_INIT EM-66 %FABRIC-FABRICQ_MGR-3-ERR_INIT EM-66 %FABRIC-FABRICQ_MGR-3-ERR_MEM_ALLOC EM-66 %FABRIC-FABRICQ_MGR-3-ERR_MEM_ALLOC EM-67 %FABRIC-FABRICQ_MGR-4-ERR_CHKPT_INIT EM-67 %FABRIC-FABRICQ_MGR-4-ERR_CHKPT_INIT EM-67 %FABRIC-FABRICQ_MGR-7-ERR_BAG_REG EM-67 %FABRIC-FABRICQ_MGR-7-ERR_BAG_REG EM-67 %FABRIC-FABRICQ_MGR-7-ERR_CLIENT_REG EM-68 %FABRIC-FABRICQ_MGR-7-ERR_CLIENT_REG EM-68 %FABRIC-FABRICQ_MGR-7-ERR_DLL_INIT EM-68 %FABRIC-FABRICQ_MGR-7-ERR_DLL_INIT EM-68 %FABRIC-FABRICQ_MGR-7-ERR_EVM_CREATE EM-68 %FABRIC-FABRICQ_MGR-7-ERR_EVM_CREATE EM-69 %FABRIC-FABRICQ_MGR-7-ERR_EVM_NOTIFY EM-69 %FABRIC-FABRICQ_MGR-7-ERR_EVM_NOTIFY EM-69 %FABRIC-FABRICQ_MGR-7-ERR_LWM_EVENT_BLOCK EM-69 %FABRIC-FABRICQ_MGR-7-ERR_LWM_EVENT_BLOCK EM-69 %FABRIC-FABRICQ_MGR-7-ERR_LWM_REPLY EM-70 %FABRIC-FABRICQ_MGR-7-ERR_LWM_REPLY EM-70 %FABRIC-FABRICQ_MGR-7-ERR_SYSDB_EDM_REG EM-70 %FABRIC-FABRICQ_MGR-7-ERR_SYSDB_EDM_REG EM-70 %FABRIC-FABRICQ-3-ERR_ASIC_FCRAM_ASSERT EM-71 %FABRIC-FABRICQ-3-ERR_ASIC_FCRAM_ASSERT EM-71 %FABRIC-FABRICQ-3-ERR_BIST EM-71 %FABRIC-FABRICQ-3-ERR_BIST EM-71 %FABRIC-FABRICQ-3-ERR_INIT EM-71 %FABRIC-FABRICQ-3-ERR_INIT EM-72 %FABRIC-FABRICQ-3-PCL_CCNT_ERR EM-72 %FABRIC-FABRICQ-3-PCL_CCNT_ERR EM-72 %FABRIC-FABRICQ-3-PCL_CSLOT_SYNC EM-72 %FABRIC-FABRICQ-3-PCL_CSLOT_SYNC EM-72 %FABRIC-FABRICQ-3-PCL_PKT EM-72 %FABRIC-FABRICQ-3-PCL_PKT EM-73 %FABRIC-FABRICQ-3-PCL_XCELL_ERR EM-73 %FABRIC-FABRICQ-3-PCL_XCELL_ERR EM-73 %FABRIC-FABRICQ-3-RESET EM-73 %FABRIC-FABRICQ-3-RESET EM-73 %FABRIC-FABRICQ-4-ERR_ASIC_MBE EM-73Index EM-2622 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %FABRIC-FABRICQ-4-ERR_ASIC_MBE EM-74 %FABRIC-FABRICQ-4-ERR_ASIC_PARITY EM-74 %FABRIC-FABRICQ-4-ERR_ASIC_PARITY EM-74 %FABRIC-FABRICQ-4-ERR_ASIC_SN_LINK EM-74 %FABRIC-FABRICQ-4-ERR_ASIC_SN_LINK EM-75 %FABRIC-FABRICQ-4-FI_LINK_ALARM EM-75 %FABRIC-FABRICQ-4-FI_LINK_ALARM EM-75 %FABRIC-FABRICQ-4-FI_LINK_BRINGDOWN EM-75 %FABRIC-FABRICQ-4-FI_TOPOLOGY EM-75 %FABRIC-FABRICQ-4-FI_TOPOLOGY EM-75 %FABRIC-FABRICQ-4-MI_WEDGE EM-76 %FABRIC-FABRICQ-4-MI_WEDGE EM-76 %FABRIC-FABRICQ-4-PSN_WRAP EM-76 %FABRIC-FABRICQ-4-PSN_WRAP EM-76 %FABRIC-FABRICQ-5-ERR_RES_PROG EM-76 %FABRIC-FABRICQ-5-ERR_RES_PROG EM-77 %FABRIC-FABRICQ-5-MI_BPDECODE EM-77 %FABRIC-FABRICQ-5-MI_BPDECODE EM-77 %FABRIC-FABRICQ-6-ERR_ASIC_EOP EM-77 %FABRIC-FABRICQ-6-ERR_ASIC_EOP EM-77 %FABRIC-FABRICQ-6-ERR_ASIC_GENERIC EM-78 %FABRIC-FABRICQ-6-ERR_ASIC_GENERIC EM-78 %FABRIC-FABRICQ-6-ERR_ASIC_OOR EM-78 %FABRIC-FABRICQ-6-ERR_ASIC_OOR EM-78 %FABRIC-FABRICQ-6-ERR_ASIC_SBE EM-78 %FABRIC-FABRICQ-6-ERR_ASIC_SBE EM-79 %FABRIC-FABRICQ-6-SPI_FBP EM-79 %FABRIC-FABRICQ-6-SPI_FBP EM-79 %FABRIC-FABRICQ-6-URG_CTX EM-79 %FABRIC-FABRICQ-6-URG_CTX EM-79 %FABRIC-FABRICQ-7-ERR_DMA EM-80 %FABRIC-FABRICQ-7-ERR_DMA EM-80 %FABRIC-FDI-2-ERR_CONNECTION EM-80 %FABRIC-FDI-2-ERR_CONNECTION EM-80 %FABRIC-FDI-2-ERR_INTERNAL_SW EM-81 %FABRIC-FDI-2-ERR_INTERNAL_SW EM-81 %FABRIC-FDI-2-ERR_MSG_TYPE EM-81 %FABRIC-FDI-3-EES_ANNOUNCEMENT_ERR EM-81 %FABRIC-FDI-3-ERR_BUFF_Q EM-81 %FABRIC-FDI-3-ERR_BUFF_Q EM-82 %FABRIC-FDI-3-ERR_CORRUPT_MSG EM-82 %FABRIC-FDI-3-ERR_MSG_TYPE EM-82 %FABRIC-FDI-3-ERR_SEND_FAIL EM-82 %FABRIC-FDI-7-ERR_COMM_SYSTEM_ERROR EM-83 %FABRIC-FDI-7-ERR_DEBUG_CLEAN EM-83 %FABRIC-FDI-7-ERR_DEBUG_CLEAN EM-83 %FABRIC-FDI-7-ERR_DEBUG_INIT EM-83 %FABRIC-FDI-7-ERR_DEBUG_INIT EM-84 %FABRIC-FDI-7-ERR_DEBUG_REG EM-84 %FABRIC-FDI-7-ERR_DEBUG_REG EM-84 %FABRIC-FDI-7-ERR_EDM_INIT EM-84 %FABRIC-FDI-7-ERR_EDM_INIT EM-85 %FABRIC-FDI-7-ERR_GROUP_MEMBER_ALREADY_EXIST S EM-85 %FABRIC-FDI-7-ERR_MEM_ALLOC EM-85 %FABRIC-FDI-7-ERR_MEM_ALLOC EM-85 %FABRIC-FDI-7-ERR_MEMBER_ALREADY_EXISTS EM-8 5 %FABRIC-FDI-7-ERR_MSG_SEQ_GT EM-86 %FABRIC-FEATURE_LPTS-3-ERR_DOUBLE_FREE EM-86 %FABRIC-FEATURE_LPTS-3-ERR_DOUBLE_FREE EM-86 %FABRIC-FEATURE_LPTS-3-ERR_FGID_DB_RETRIES_EXC EEDED EM-86 %FABRIC-FEATURE_LPTS-3-ERR_UNALLOCATED_FREE EM-87 %FABRIC-FEATURE_LPTS-3-ERR_UNALLOCATED_FREE EM-87 %FABRIC-FEATURE_LPTS-3-ERR_UNKNOWN_FGID_DB_E RROR EM-87 %FABRIC-FEATURE_LPTS-3-ERR_UNKNOWN_FGID_DB_E RROR EM-87 %FABRIC-FGID_AGG-3-ERR_DEBUG_INIT EM-88 %FABRIC-FGID_AGG-3-ERR_DEBUG_INIT EM-88 %FABRIC-FGID_AGG-3-ERR_EVM_CREATE EM-88 %FABRIC-FGID_AGG-3-ERR_EVM_CREATE EM-89 %FABRIC-FGID_AGG-3-ERR_EVM_SYNC_ATTACH EM-89 %FABRIC-FGID_AGG-3-ERR_EVM_SYNC_ATTACH EM-89 %FABRIC-FGID_AGG-3-ERR_GSP EM-90 %FABRIC-FGID_AGG-3-ERR_GSP EM-90 %FABRIC-FGID_AGG-3-ERR_INTERNAL_SW EM-90 %FABRIC-FGID_AGG-3-ERR_INTERNAL_SW EM-90 %FABRIC-FGID_AGG-3-ERR_MEM_ALLOC EM-91 %FABRIC-FGID_AGG-3-ERR_MEM_ALLOC EM-91 %FABRIC-FGID_AGG-3-ERR_SYSMGR EM-91 %FABRIC-FGID_AGG-3-ERR_SYSMGR EM-91 %FABRIC-FGID_AGG-7-ERR_LTRACE_INIT EM-92 %FABRIC-FGID_AGG-7-ERR_LTRACE_INIT EM-92 %FABRIC-FGID_ALLOC-3-ERR_EVM_CREATE EM-92 %FABRIC-FGID_ALLOC-3-ERR_EVM_CREATE EM-93 %FABRIC-FGID_ALLOC-3-ERR_GSP EM-93 %FABRIC-FGID_ALLOC-3-ERR_GSP EM-93 %FABRIC-FGID_ALLOC-3-ERR_INTERNAL_SW EM-93 %FABRIC-FGID_ALLOC-3-ERR_INTERNAL_SW EM-94 %FABRIC-FGID_ALLOC-3-ERR_MEM_ALLOC EM-94 %FABRIC-FGID_ALLOC-3-ERR_MEM_ALLOC EM-94 %FABRIC-FGID_ALLOC-3-ERR_SYSMGR EM-94 %FABRIC-FGID_ALLOC-3-ERR_SYSMGR EM-95 %FABRIC-FGID_ALLOC-7-ERR_BAG_REG EM-95 %FABRIC-FGID_ALLOC-7-ERR_BAG_REG EM-95 %FABRIC-FGID_ALLOC-7-ERR_CHKPT_INIT EM-95 %FABRIC-FGID_ALLOC-7-ERR_CHKPT_INIT EM-96 %FABRIC-FGID_ALLOC-7-ERR_CHKPT_ITERATE_START EM-96 %FABRIC-FGID_ALLOC-7-ERR_CHKPT_ITERATE_START EM-96 %FABRIC-FGID_ALLOC-7-ERR_CHKPT_REG EM-96 %FABRIC-FGID_ALLOC-7-ERR_CHKPT_REG EM-97 %FABRIC-FGID_ALLOC-7-ERR_DEBUG_INIT EM-97 %FABRIC-FGID_ALLOC-7-ERR_DEBUG_INIT EM-97 %FABRIC-FGID_ALLOC-7-ERR_LTRACE_INIT EM-97 %FABRIC-FGID_ALLOC-7-ERR_LTRACE_INIT EM-98 %FABRIC-FGID_ALLOC-7-ERR_SYSDB_BIND EM-98 %FABRIC-FGID_ALLOC-7-ERR_SYSDB_BIND EM-98 %FABRIC-FGID_ALLOC-7-ERR_SYSDB_EDM_REG EM-98 %FABRIC-FGID_ALLOC-7-ERR_SYSDB_EDM_REG EM-99 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BCDL EM-99Index EM-2623 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BCDL EM-99 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BOARD_TYPE EM-99 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_BOARD_TYPE EM-100 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_DEBUG_INIT EM-100 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_DEBUG_INIT EM-100 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_EVM EM-100 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_EVM EM-101 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FDI_CLIENT_R EG EM-101 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FDI_CLIENT_R EG EM-101 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_DOWNLO AD_DONE_NOTIF EM-101 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_DOWNLO AD_DONE_NOTIF EM-102 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_SET EM -102 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_FGID_SET EM -102 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_RACK_NUM EM-102 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_RACK_NUM EM-103 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_USAGE EM-10 3 %FABRIC-FGID_BCDL_CONSUMER-3-ERR_USAGE EM-10 3 %FABRIC-FGID_BCDL_CONSUMER-7-ERR_LTRACE_INIT EM-103 %FABRIC-FGID_BCDL_CONSUMER-7-ERR_LTRACE_INIT EM-104 %FABRIC-FGID_LIB-7-ERR_DEBUG_INIT EM-104 %FABRIC-FGID_LIB-7-ERR_DEBUG_INIT EM-104 %FABRIC-FGID_LIB-7-ERR_LTRACE_INIT EM-104 %FABRIC-FGID_LIB-7-ERR_LTRACE_INIT EM-105 %FABRIC-FGID_SVR-2-ERR_EES_INIT EM-105 %FABRIC-FGID_SVR-3-ERR_BCDL EM-105 %FABRIC-FGID_SVR-3-ERR_BCDL EM-105 %FABRIC-FGID_SVR-3-ERR_DSC EM-106 %FABRIC-FGID_SVR-3-ERR_DSC EM-106 %FABRIC-FGID_SVR-3-ERR_EES EM-106 %FABRIC-FGID_SVR-3-ERR_EVM_CREATE EM-106 %FABRIC-FGID_SVR-3-ERR_EVM_CREATE EM-107 %FABRIC-FGID_SVR-3-ERR_EVM_SYNC_ATTACH EM-10 7 %FABRIC-FGID_SVR-3-ERR_EVM_SYNC_ATTACH EM-10 7 %FABRIC-FGID_SVR-3-ERR_GSP EM-108 %FABRIC-FGID_SVR-3-ERR_GSP EM-108 %FABRIC-FGID_SVR-3-ERR_INTERNAL_SW EM-108 %FABRIC-FGID_SVR-3-ERR_INTERNAL_SW EM-108 %FABRIC-FGID_SVR-3-ERR_MEM_ALLOC EM-109 %FABRIC-FGID_SVR-3-ERR_MEM_ALLOC EM-109 %FABRIC-FGID_SVR-3-ERR_USAGE EM-109 %FABRIC-FGID_SVR-3-ERR_USAGE EM-109 %FABRIC-FGID_SVR-4-WARNING_INTERNAL_SW EM-11 0 %FABRIC-FGID_SVR-7-ERR_LTRACE_INIT EM-110 %FABRIC-FGID_SVR-7-ERR_LTRACE_INIT EM-110 %FABRIC-FGID_SVR-7-ERR_SYSMGR EM-110 %FABRIC-FGID_SVR-7-ERR_SYSMGR EM-110 %FABRIC-FIA_API-7-ERR_ECM EM-111 %FABRIC-FIA_API-7-ERR_ECM EM-111 %FABRIC-FIA-2-ARB_SERDES_0_FAIL EM-111 %FABRIC-FIA-2-ARB_SERDES_1_FAIL EM-112 %FABRIC-FIA-2-DATA_SERDES_0_FAIL EM-112 %FABRIC-FIA-2-DATA_SERDES_1_FAIL EM-112 %FABRIC-FIA-2-DATA_SERDES_2_FAIL EM-112 %FABRIC-FIA-2-DATA_SERDES_3_FAIL EM-112 %FABRIC-FIA-2-FIAHW_INT_FIFO EM-113 %FABRIC-FIA-2-FIAHW_INT_PARITY EM-113 %FABRIC-FIA-2-PKT_INT_ERR_AT_DDRIF_0 EM-113 %FABRIC-FIA-2-PKT_INT_ERR_AT_DDRIF_1 EM-113 %FABRIC-FIA-2-TEMP_TOO_HIGH EM-114 %FABRIC-FIA-3-ERR_ECM_CREATE EM-114 %FABRIC-FIA-3-ERR_ECM_CREATE EM-114 %FABRIC-FIA-3-ERR_ECM_REG EM-114 %FABRIC-FIA-3-ERR_ECM_REG EM-115 %FABRIC-FIA-3-ERR_EIO_TRAIN EM-115 %FABRIC-FIA-3-ERR_EIO_TRAIN EM-115 %FABRIC-FIA-3-ERR_EVM_INIT EM-116 %FABRIC-FIA-3-ERR_EVM_INIT EM-116 %FABRIC-FIA-3-ERR_INIT EM-116 %FABRIC-FIA-3-ERR_INIT EM-117 %FABRIC-FIA-3-ERR_INIT EM-117 %FABRIC-FIA-3-ERR_MEM_ALLOC EM-117 %FABRIC-FIA-3-ERR_MEM_ALLOC EM-118 %FABRIC-FIA-3-ERR_MEM_MAP EM-118 %FABRIC-FIA-3-ERR_MEM_MAP EM-118 %FABRIC-FIA-3-ERR_PLL EM-119 %FABRIC-FIA-3-ERR_PLL EM-119 %FABRIC-FIA-3-FFIAHW_ERR_FIFO EM-119 %FABRIC-FIA-3-FFIAHW_ERR_PARITY EM-120 %FABRIC-FIA-3-FIAHW_CHIP EM-120 %FABRIC-FIA-3-FIAHW_CRC16 EM-120 %FABRIC-FIA-3-FIAHW_CRC16 EM-121 %FABRIC-FIA-3-FIAHW_DEVCTL EM-121 %FABRIC-FIA-3-FIAHW_EMPTY_DEST_SOFTREQ EM-121 %FABRIC-FIA-3-FIAHW_EXT_FIFO EM-122 %FABRIC-FIA-3-FIAHW_EXT_PARITY EM-122 %FABRIC-FIA-3-FIAHW_INT EM-122 %FABRIC-FIA-3-FIAHW_LOS EM-123 %FABRIC-FIA-3-FIAHW_LOS EM-123 %FABRIC-FIA-3-FIAHW_LOS_CLEAR EM-123 %FABRIC-FIA-3-FIAHW_LOS_CLEAR EM-123 %FABRIC-FIA-3-FIAHW_MULTI_DEST_SOFTREQ EM-124 %FABRIC-FIA-3-FIAHW_NOHALT EM-124 %FABRIC-FIA-3-FIAHW_RATE EM-124 %FABRIC-FIA-3-FIAHW_RATE EM-124 %FABRIC-FIA-3-FIAHW_TMR EM-125 %FABRIC-FIA-3-FIAHW_TMR EM-125 %FABRIC-FIA-3-FIAHW_UNHANDLED EM-125Index EM-2624 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %FABRIC-FIA-3-FIAHW_UNHANDLED EM-125 %FABRIC-FIA-3-TFIAHW_ERR_PACKET EM-126 %FABRIC-FIA-3-TFIAHW_ERR_PARITY EM-126 %FABRIC-FIA-4-ERR_CHKPT EM-126 %FABRIC-FIA-4-ERR_CHKPT EM-127 %FABRIC-FIA-4-ERR_SYSDB_CONN_TO_COID EM-127 %FABRIC-FIA-4-ERR_SYSDB_CONN_TO_COID EM-127 %FABRIC-FIA-4-ERR_SYSDB_EDM_REG EM-127 %FABRIC-FIA-4-ERR_SYSDB_EDM_REG EM-128 %FABRIC-FIA-4-FIAHW_WARNING_UNSUPPORTED_CARD EM-128 %FABRIC-FIA-5-ERR_DEV_NOT_FOUND EM-128 %FABRIC-FIA-6-PCDS_STATS_TIMESTAMP_FAILURE EM -128 %FABRIC-FIA-6-PCDS_STATS_TIMESTAMP_FAILURE EM -128 %FABRIC-FIA-7-ERR_CHKPT_INIT EM-129 %FABRIC-FIA-7-ERR_CHKPT_INIT EM-129 %FABRIC-FIA-7-ERR_CHKPT_REG EM-129 %FABRIC-FIA-7-ERR_CHKPT_REG EM-129 %FABRIC-FIA-7-ERR_EVM EM-130 %FABRIC-FIA-7-ERR_EVM EM-130 %FABRIC-FIA-7-ERR_EVM_ASYNC_ATTACH EM-130 %FABRIC-FIA-7-ERR_EVM_ASYNC_ATTACH EM-131 %FABRIC-FIA-7-ERR_EVM_CREATE EM-131 %FABRIC-FIA-7-ERR_EVM_CREATE EM-131 %FABRIC-FIA-7-ERR_LWM_EVENT_BLOCK EM-132 %FABRIC-FIA-7-ERR_LWM_EVENT_BLOCK EM-132 %FABRIC-FIA-7-ERR_LWM_REPLY EM-132 %FABRIC-FIA-7-ERR_LWM_REPLY EM-132 %FABRIC-FIA-7-ERR_MEM_ALLOC EM-132 %FABRIC-FIA-7-ERR_MEM_ALLOC EM-133 %FABRIC-FIA-7-ERR_SYSDB_EDM_DATALIST EM-133 %FABRIC-FIA-7-ERR_SYSDB_EDM_DATALIST EM-133 %FABRIC-FIA-7-ERR_SYSDB_EDM_OPEN EM-133 %FABRIC-FIA-7-ERR_SYSDB_EDM_OPEN EM-134 %FABRIC-FIA-7-ERR_THREAD_CREATE EM-134 %FABRIC-FIA-7-ERR_THREAD_CREATE EM-134 %FABRIC-FIFO-2-SW_FATAL_ERROR EM-134 %FABRIC-FSDB_FADB_MAIN-3-EVT_MGR_CREATE_FAIL EM-135 %FABRIC-FSDB_FADB_MAIN-3-EXTRACT_NODE_ID_FAIL EM-135 %FABRIC-FSDB_FADB_MAIN-3-GET_NODE_ID_FAIL EM- 135 %FABRIC-FSDB_FADB_MAIN-3-RESPAWN_COUNT_GET_F AIL EM-135 %FABRIC-FSDB_FADB_MAIN-3-SYNC_HDLR_ATTACH_FA IL EM-136 %FABRIC-FSDB_FADB_MAIN-3-SYSDB_BIND_FAIL EM-1 36 %FABRIC-FSDB_FADB_MAIN-3-SYSDB_LIST_FREE_FAIL EM-136 %FABRIC-FSDB_FADB-3-SHM_CREATE_FAIL EM-136 %FABRIC-FSDB_FADB-3-SHM_OPEN_FAIL EM-137 %FABRIC-FSDB_FADB-4-SHM_FILE_TRUNCATE_FAIL E M-137 %FABRIC-FSDB_FADB-4-SHM_MMAP_FAIL EM-137 %FABRIC-FSDB-0-BARRIER_STALL_RACK_RELOAD EM- 137 %FABRIC-FSDB-0-BARRIER_STALL_ROUTER_RELOAD E M-138 %FABRIC-FSDB-0-FABRIC_LOSS_LC_RELOAD EM-138 %FABRIC-FSDB-0-FABRIC_LOSS_LC_RELOAD EM-138 %FABRIC-FSDB-1-ERR_PLANE_CONFIG EM-139 %FABRIC-FSDB-1-ERR_PLANE_CONFIG EM-139 %FABRIC-FSDB-1-FABRIC_UPDOWN EM-139 %FABRIC-FSDB-1-PLANE_UPDOWN EM-139 %FABRIC-FSDB-1-PLANE_UPDOWN EM-140 %FABRIC-FSDB-2-ERR_CONTROL_MSG EM-140 %FABRIC-FSDB-2-ERR_CONTROL_MSG EM-140 %FABRIC-FSDB-2-INVALID_PLANE_SHUT_REQ EM-141 %FABRIC-FSDB-2-MSG_TO_FSDB_FAILED_CONNECT E M-141 %FABRIC-FSDB-2-MSG_TO_FSDB_FAILED_SEND EM-141 %FABRIC-FSDB-3-ASERVER_DOWNLOAD EM-142 %FABRIC-FSDB-3-ASERVER_DOWNLOAD EM-142 %FABRIC-FSDB-3-ERR_BUNDLE_LINK EM-142 %FABRIC-FSDB-3-ERR_BUNDLE_STATE EM-142 %FABRIC-FSDB-3-ERR_CHKPT EM-143 %FABRIC-FSDB-3-ERR_CHKPT EM-143 %FABRIC-FSDB-3-ERR_CHKPT_INIT EM-143 %FABRIC-FSDB-3-ERR_CHKPT_INIT EM-144 %FABRIC-FSDB-3-ERR_DEBUG EM-144 %FABRIC-FSDB-3-ERR_DEBUG EM-144 %FABRIC-FSDB-3-ERR_DSC EM-144 %FABRIC-FSDB-3-ERR_DSC EM-145 %FABRIC-FSDB-3-ERR_ECM_CREATE EM-145 %FABRIC-FSDB-3-ERR_ECM_CREATE EM-145 %FABRIC-FSDB-3-ERR_ECM_NOTIFY EM-145 %FABRIC-FSDB-3-ERR_ECM_NOTIFY EM-146 %FABRIC-FSDB-3-ERR_EVM_CREATE EM-146 %FABRIC-FSDB-3-ERR_EVM_CREATE EM-146 %FABRIC-FSDB-3-ERR_GET_NODEID EM-146 %FABRIC-FSDB-3-ERR_GET_NODEID EM-147 %FABRIC-FSDB-3-ERR_INTERNAL EM-147 %FABRIC-FSDB-3-ERR_INTERNAL EM-147 %FABRIC-FSDB-3-ERR_PARSE_FILE EM-147 %FABRIC-FSDB-3-ERR_PARSE_FILE EM-148 %FABRIC-FSDB-3-ERR_RESYNC_ASSERT EM-148 %FABRIC-FSDB-3-ERR_RESYNC_TIMEOUT EM-148 %FABRIC-FSDB-3-ERR_RESYNC_TIMEOUT EM-148 %FABRIC-FSDB-3-ERR_SYSDB EM-149 %FABRIC-FSDB-3-ERR_SYSDB EM-149 %FABRIC-FSDB-3-ERR_SYSDB_BIND EM-149 %FABRIC-FSDB-3-ERR_SYSDB_BIND EM-149 %FABRIC-FSDB-3-ERR_SYSDB_EDM_NOTIF_GEN EM-150 %FABRIC-FSDB-3-ERR_SYSDB_EDM_NOTIF_GEN EM-150 %FABRIC-FSDB-3-ERR_SYSDB_EDM_REG EM-150 %FABRIC-FSDB-3-ERR_SYSDB_EDM_REG EM-151 %FABRIC-FSDB-3-ERR_SYSDB_REG_NOTIF EM-151 %FABRIC-FSDB-3-ERR_SYSDB_REG_NOTIF EM-151 %FABRIC-FSDB-3-ERR_UNKNOWN_FAB_DEF EM-152 %FABRIC-FSDB-3-ERR_UNKNOWN_FAB_DEF EM-152 %FABRIC-FSDB-4-ERR_DEST_CONN EM-152 %FABRIC-FSDB-4-ERR_FLED EM-152Index EM-2625 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %FABRIC-FSDB-4-ERR_FLED EM-153 %FABRIC-FSDB-4-ERR_INTERNAL_WARN EM-153 %FABRIC-FSDB-4-ERR_INTERNAL_WARN EM-153 %FABRIC-FSDB-4-ERR_THREAD_COND_SIGNAL EM-153 %FABRIC-FSDB-4-ERR_THREAD_COND_SIGNAL EM-154 %FABRIC-FSDB-4-ERR_THREAD_COND_WAIT EM-154 %FABRIC-FSDB-4-ERR_THREAD_COND_WAIT EM-154 %FABRIC-FSDB-4-ERR_THREAD_MUTEX_LOCK EM-154 %FABRIC-FSDB-4-ERR_THREAD_MUTEX_LOCK EM-155 %FABRIC-FSDB-4-ERR_THREAD_MUTEX_UNLOCK EM-1 55 %FABRIC-FSDB-4-ERR_THREAD_MUTEX_UNLOCK EM-1 55 %FABRIC-FSDB-4-PLANE_SHUTDOWN EM-155 %FABRIC-FSDB-6-PLANE_DEST_UNREACHABLE EM-156 %FABRIC-FSDB-6-PLANE_GROUP_DISABLED EM-156 %FABRIC-FSDB-6-PLANE_GROUP_UNREACHABLE EM-1 56 %FABRIC-FSDB-6-PLANE_RACK_MCAST_DOWN EM-156 %FABRIC-FSDB-7-ERR_MEM_ALLOC EM-157 %FABRIC-FSDB-7-ERR_MEM_ALLOC EM-157 %FABRIC-FSDB-7-ERR_SYSDB_BAG_ENCODE EM-157 %FABRIC-FSDB-7-ERR_SYSDB_BAG_ENCODE EM-157 %FABRIC-FSTATSA-3-ERR_BAG_REG EM-158 %FABRIC-FSTATSA-3-ERR_BAG_REG EM-158 %FABRIC-FSTATSA-3-ERR_DEBUG_INIT_EVENT EM-158 %FABRIC-FSTATSA-3-ERR_DEBUG_INIT_EVENT EM-159 %FABRIC-FSTATSA-3-ERR_DEBUG_REGISTER EM-159 %FABRIC-FSTATSA-3-ERR_DEBUG_REGISTER EM-159 %FABRIC-FSTATSA-3-ERR_EVM_CREATE EM-160 %FABRIC-FSTATSA-3-ERR_EVM_CREATE EM-160 %FABRIC-FSTATSA-3-ERR_GSP_GROUP_CREATE EM-160 %FABRIC-FSTATSA-3-ERR_GSP_GROUP_CREATE EM-161 %FABRIC-FSTATSA-3-ERR_INTERNAL EM-161 %FABRIC-FSTATSA-3-ERR_INTERNAL EM-161 %FABRIC-FSTATSA-3-ERR_SYSDB_BIND EM-161 %FABRIC-FSTATSA-3-ERR_SYSDB_BIND EM-162 %FABRIC-FSTATSA-3-ERR_SYSDB_EDM_REG EM-162 %FABRIC-FSTATSA-3-ERR_SYSDB_EDM_REG EM-162 %FABRIC-FSTATSA-3-ERR_SYSMGR_PROC_READY EM- 162 %FABRIC-FSTATSA-3-ERR_SYSMGR_PROC_READY EM- 163 %FABRIC-FSTATSC-3-ERR_GSP_GROUP_CREATE EM-163 %FABRIC-FSTATSC-3-ERR_GSP_GROUP_CREATE EM-163 %FABRIC-FSTATSC-7-ERR_DEBUG_CLEANUP EM-163 %FABRIC-FSTATSC-7-ERR_DEBUG_CLEANUP EM-164 %FABRIC-FSTATSC-7-ERR_DEBUG_INIT_EVENT EM-164 %FABRIC-FSTATSC-7-ERR_DEBUG_INIT_EVENT EM-164 %FABRIC-FSTATSC-7-ERR_DEBUG_REG EM-164 %FABRIC-FSTATSC-7-ERR_DEBUG_REG EM-164 %FABRIC-FSTATSC-7-ERR_GSP_LOOKUP_LWG EM-165 %FABRIC-FSTATSC-7-ERR_GSP_LOOKUP_LWG EM-165 %FABRIC-FSTATSS-3-ERR_BAG_REG EM-165 %FABRIC-FSTATSS-3-ERR_BAG_REG EM-166 %FABRIC-FSTATSS-3-ERR_DEBUG_INIT_EVENT EM-166 %FABRIC-FSTATSS-3-ERR_DEBUG_INIT_EVENT EM-166 %FABRIC-FSTATSS-3-ERR_DEBUG_REGISTER EM-167 %FABRIC-FSTATSS-3-ERR_DEBUG_REGISTER EM-167 %FABRIC-FSTATSS-3-ERR_EVM_CREATE EM-167 %FABRIC-FSTATSS-3-ERR_EVM_CREATE EM-168 %FABRIC-FSTATSS-3-ERR_GSP_GROUP_CREATE EM-168 %FABRIC-FSTATSS-3-ERR_GSP_GROUP_CREATE EM-168 %FABRIC-FSTATSS-3-ERR_INTERNAL EM-169 %FABRIC-FSTATSS-3-ERR_INTERNAL EM-169 %FABRIC-FSTATSS-3-ERR_MEM_ALLOC EM-169 %FABRIC-FSTATSS-3-ERR_MEM_ALLOC EM-169 %FABRIC-FSTATSS-3-ERR_SYSDB_BIND EM-170 %FABRIC-FSTATSS-3-ERR_SYSDB_BIND EM-170 %FABRIC-FSTATSS-3-ERR_SYSDB_EDM_REG EM-170 %FABRIC-FSTATSS-3-ERR_SYSDB_EDM_REG EM-171 %FABRIC-FSTATSS-3-ERR_SYSMGR_PROC_READY EM-1 71 %FABRIC-FSTATSS-3-ERR_SYSMGR_PROC_READY EM-1 71 %FABRIC-FSTATSS-7-ERR_RSC_REG_INCONSISTENT_VAL UE EM-172 %FABRIC-FSTATSS-7-ERR_RSC_REG_INCONSISTENT_VAL UE EM-172 %FABRIC-HFR_FSDB_FADB_LTRACE-3-ERROR_INIT_FAIL EM-172 %FABRIC-HFR_FSDB_FADB_LTRACE-3-EVENT_INIT_FAIL EM-172 %FABRIC-HFR_FSDB_FADB_LTRACE-3-INTERNAL_INIT_F AIL EM-173 %FABRIC-INGRESSQ_ALARM-2-DEVICE_HALT EM-173 %FABRIC-INGRESSQ_ALARM-2-DEVICE_HALT EM-173 %FABRIC-INGRESSQ_DLL-2-ASIC_RESET_FAILED EM-17 3 %FABRIC-INGRESSQ_DLL-2-ERR_EIO_TRAIN EM-174 %FABRIC-INGRESSQ_DLL-2-ERR_EIO_TRAIN EM-174 %FABRIC-INGRESSQ_DLL-2-TAKING_NODE_DOWN EM- 174 %FABRIC-INGRESSQ_DLL-2-TAKING_NODE_DOWN EM- 174 %FABRIC-INGRESSQ_DLL-3-BRM_BARRIER_SYNCUP_FAI LED EM-174 %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_FCRAM_ASSERT EM-175 %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_FCRAM_ASSERT EM-175 %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_MBE EM-175 %FABRIC-INGRESSQ_DLL-3-ERR_ASIC_MBE EM-175 %FABRIC-INGRESSQ_DLL-3-ERR_BIST EM-176 %FABRIC-INGRESSQ_DLL-3-ERR_BIST EM-176 %FABRIC-INGRESSQ_DLL-3-ERR_INIT EM-176 %FABRIC-INGRESSQ_DLL-3-ERR_INIT EM-176 %FABRIC-INGRESSQ_DLL-3-ERR_MEM_ALLOC EM-176 %FABRIC-INGRESSQ_DLL-3-ERR_MEM_ALLOC EM-177 %FABRIC-INGRESSQ_DLL-3-RESET EM-177 %FABRIC-INGRESSQ_DLL-3-RESET EM-177 %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_POST_OP_FAILE D EM-177 %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_POST_OP_FAILE D EM-177 %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_PRE_OP_FAILED Index EM-2626 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 EM-178 %FABRIC-INGRESSQ_DLL-3-SEQ_STATE_PRE_OP_FAILED EM-178 %FABRIC-INGRESSQ_DLL-3-WDG_SEG_HUNG EM-178 %FABRIC-INGRESSQ_DLL-3-WDG_SEG_HUNG EM-178 %FABRIC-INGRESSQ_DLL-4-BRM_AGGR_DELTA_THRSHL D EM-179 %FABRIC-INGRESSQ_DLL-4-BRM_AGGR_DELTA_THRSHL D EM-179 %FABRIC-INGRESSQ_DLL-4-BRM_DELTA_THRSHLD EM -179 %FABRIC-INGRESSQ_DLL-4-BRM_DELTA_THRSHLD EM -179 %FABRIC-INGRESSQ_DLL-4-BRM_DID_CULPRIT EM-179 %FABRIC-INGRESSQ_DLL-4-BRM_DID_CULPRIT EM-180 %FABRIC-INGRESSQ_DLL-4-BRM_INVALID_INPUT EM-1 80 %FABRIC-INGRESSQ_DLL-4-BRM_INVALID_INPUT EM-1 80 %FABRIC-INGRESSQ_DLL-4-BRM_PHASE_CHANGE_COUN TER EM-180 %FABRIC-INGRESSQ_DLL-4-BRM_PHASE_CHANGE_COUN TER EM-180 %FABRIC-INGRESSQ_DLL-4-CDMA_REQ_ERROR EM-181 %FABRIC-INGRESSQ_DLL-4-CDMA_REQ_ERROR EM-181 %FABRIC-INGRESSQ_DLL-4-CONFIG_ERR EM-181 %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_CRC EM-181 %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_CRC EM-182 %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_LENGTH EM-182 %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_LENGTH EM-182 %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_SN_LINK EM-182 %FABRIC-INGRESSQ_DLL-4-ERR_ASIC_SN_LINK EM-182 %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INIT EM-183 %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INIT EM-183 %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INSERT EM-18 3 %FABRIC-INGRESSQ_DLL-4-ERR_CHKPT_INSERT EM-18 3 %FABRIC-INGRESSQ_DLL-4-INTR_ENABLE_FAIL EM-183 %FABRIC-INGRESSQ_DLL-4-INTR_ENABLE_FAIL EM-184 %FABRIC-INGRESSQ_DLL-4-LNS_CCDF_OVERFLOW_ERR OR EM-184 %FABRIC-INGRESSQ_DLL-4-LNS_CCDF_OVERFLOW_ERR OR EM-184 %FABRIC-INGRESSQ_DLL-4-LNS_LOP_DROP EM-184 %FABRIC-INGRESSQ_DLL-4-LNS_LOP_DROP EM-185 %FABRIC-INGRESSQ_DLL-4-PFI_PARITY_ERROR EM-185 %FABRIC-INGRESSQ_DLL-4-PFI_PARITY_ERROR EM-185 %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_PARITY EM-185 %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_PARITY EM-186 %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_SBE EM-186 %FABRIC-INGRESSQ_DLL-5-ERR_ASIC_SBE EM-186 %FABRIC-INGRESSQ_DLL-6-BRM_BARRIER_SYNCED_UP EM-186 %FABRIC-INGRESSQ_DLL-6-BRM_BARRIER_SYNCUP_FAI LED EM-187 %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_GENERIC EM-187 %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_GENERIC EM-187 %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_OOR EM-187 %FABRIC-INGRESSQ_DLL-6-ERR_ASIC_OOR EM-188 %FABRIC-INGRESSQ_DLL-6-SEQ_STATE_THRESHOLD_EX CEEDED EM-188 %FABRIC-INGRESSQ_DLL-6-SEQ_STATE_THRESHOLD_EX CEEDED EM-188 %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALL_CLEA RED EM-188 %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALL_CLEA RED EM-188 %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALLED E M-189 %FABRIC-INGRESSQ_DLL-6-WDG_BARRIER_STALLED E M-189 %FABRIC-INGRESSQ_DLL-7-ERR_REGISTER_GET EM-189 %FABRIC-INGRESSQ_DLL-7-ERR_REGISTER_GET EM-189 %FABRIC-INGRESSQ_DLL-7-ERR_RES_PROG EM-189 %FABRIC-INGRESSQ_DLL-7-ERR_RES_PROG EM-190 %FABRIC-INGRESSQ_LIB-7-ERR_LWM_SEND EM-190 %FABRIC-INGRESSQ_LIB-7-ERR_LWM_SEND EM-190 %FABRIC-INGRESSQ-2-ASIC_RESET_FAILED EM-190 %FABRIC-INGRESSQ-2-ASIC_RESET_FAILED EM-191 %FABRIC-INGRESSQ-3-ERR_INIT EM-191 %FABRIC-INGRESSQ-3-ERR_INIT EM-191 %FABRIC-INGRESSQ-3-ERR_MEM_ALLOC EM-191 %FABRIC-INGRESSQ-3-ERR_MEM_ALLOC EM-191 %FABRIC-INGRESSQ-4-ERR_CHKPT_INIT EM-192 %FABRIC-INGRESSQ-4-ERR_CHKPT_INIT EM-192 %FABRIC-INGRESSQ-6-LINK_DOWN EM-192 %FABRIC-INGRESSQ-7-ERR_BAG_REG EM-192 %FABRIC-INGRESSQ-7-ERR_BAG_REG EM-193 %FABRIC-INGRESSQ-7-ERR_CHKPT_DELETE EM-193 %FABRIC-INGRESSQ-7-ERR_CHKPT_DELETE EM-193 %FABRIC-INGRESSQ-7-ERR_CHKPT_INSERT EM-193 %FABRIC-INGRESSQ-7-ERR_CHKPT_INSERT EM-193 %FABRIC-INGRESSQ-7-ERR_CLIENT_REG EM-194 %FABRIC-INGRESSQ-7-ERR_CLIENT_REG EM-194 %FABRIC-INGRESSQ-7-ERR_DLL_REG EM-194 %FABRIC-INGRESSQ-7-ERR_DLL_REG EM-194 %FABRIC-INGRESSQ-7-ERR_EVM_CREATE EM-194 %FABRIC-INGRESSQ-7-ERR_EVM_CREATE EM-195 %FABRIC-INGRESSQ-7-ERR_EVM_NOTIFY EM-195 %FABRIC-INGRESSQ-7-ERR_EVM_NOTIFY EM-195 %FABRIC-INGRESSQ-7-ERR_LWM_CREATE EM-195 %FABRIC-INGRESSQ-7-ERR_LWM_CREATE EM-195 %FABRIC-INGRESSQ-7-ERR_LWM_EVENT_BLOCK EM-19 6 %FABRIC-INGRESSQ-7-ERR_LWM_EVENT_BLOCK EM-19 6 %FABRIC-INGRESSQ-7-ERR_LWM_REPLY EM-196 %FABRIC-INGRESSQ-7-ERR_LWM_REPLY EM-196 %FABRIC-INGRESSQ-7-ERR_RES_PROG EM-196 %FABRIC-INGRESSQ-7-ERR_RES_PROG EM-197 %FABRIC-INGRESSQ-7-ERR_SYSDB_BIND EM-197 %FABRIC-INGRESSQ-7-ERR_SYSDB_BIND EM-197 %FABRIC-INGRESSQ-7-ERR_SYSDB_EDM_REG EM-197 %FABRIC-INGRESSQ-7-ERR_SYSDB_EDM_REG EM-197 %FABRIC-INGRESSQ-7-ERR_SYSDB_REG_VERIFY EM-19Index EM-2627 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 8 %FABRIC-INGRESSQ-7-ERR_SYSDB_REG_VERIFY EM-19 8 %FABRIC-INGRESSQ-7-ERR_SYSDB_SET EM-198 %FABRIC-INGRESSQ-7-ERR_SYSDB_SET EM-198 %FORWARDING-FWD_EDGE_ADJ-2-EDGE_ADJ_ERR EM- 199 %FORWARDING-FWD_HAL-2-ACCESSOR EM-199 %FORWARDING-FWD_HAL-2-ADJ_ERR EM-200 %FORWARDING-FWD_HAL-2-BACKWALK_ERR EM-200 %FORWARDING-FWD_HAL-2-ECD_ERR EM-200 %FORWARDING-FWD_HAL-2-ECD_TRKR_ERR EM-200 %FORWARDING-FWD_HAL-2-FASTCONV_CLI_ERR EM-2 01 %FORWARDING-FWD_HAL-2-HW_OCE_NULL EM-201 %FORWARDING-FWD_HAL-2-IDB_ERR EM-201 %FORWARDING-FWD_HAL-2-INIT EM-201 %FORWARDING-FWD_HAL-2-INVALID_PARENT_OBJ E M-202 %FORWARDING-FWD_HAL-2-LDI_ERR EM-202 %FORWARDING-FWD_HAL-2-MTRIE_MODE_CLI_ERR E M-202 %FORWARDING-FWD_HAL-2-PFX_ERR EM-202 %FORWARDING-FWD_HAL-2-SHMWIN_ERR EM-203 %FORWARDING-FWD_HAL-2-STATS_INTF_REGISTER E M-203 %FORWARDING-FWD_HAL-2-STATS_INTF_UNREGISTER EM-203 %FORWARDING-FWD_HAL-2-STATS_VALIDATION EM-2 03 %FORWARDING-FWD_HAL-2-TUNNEL_NH_ERR EM-204 %FORWARDING-FWD_HAL-2-UNSUPT_TERMINATE EM- 204 %FORWARDING-FWD_HAL-2-USED_BY_BGP_STATUS_CH ANGE EM-204 %FORWARDING-FWD_HAL-3-PM_ERR EM-204 %FORWARDING-FWD_HAL-3-PP_NFN_LIB_GET_INFO E M-205 %FORWARDING-FWD_HAL-3-PP_NFN_MSG_HDLR EM-20 5 %FORWARDING-FWD_HAL-6-CHANGE_MTRIE_MODE_CLI _INFO EM-205 %FORWARDING-FWD_HAL-6-FASTCONVERGENCE_CLI_I NFO EM-205 %FORWARDING-FWD_L2HAL-2-ACCESSOR EM-206 %FORWARDING-FWD_L2HAL-2-BACKWALK_ERR EM-20 6 %FORWARDING-FWD_L2HAL-2-CONFIG_NOT_SUPPORTE D EM-206 %FORWARDING-FWD_L2HAL-2-HW_OCE_NULL EM-206 %FORWARDING-FWD_L2HAL-2-INIT EM-207 %FORWARDING-FWD_L2HAL-2-INVALID_PARENT_OBJ EM-207 %FORWARDING-FWD_L2HAL-2-MQOS EM-207 %FORWARDING-FWD_L2HAL-2-SHMWIN_ERR EM-207 %FORWARDING-FWD_L2HAL-6-INIT_RETRY EM-208 %FORWARDING-HAL_PDFIB-6-PD_UPDATE EM-208 %FORWARDING-HAL_PDFIB-6-PD_UPDATE_IFH EM-208 %FORWARDING-IP_TUNNEL_MA_LTRACE-7-INIT EM-20 9 %FORWARDING-IP_TUNNEL-3-AIB EM-209 %FORWARDING-IP_TUNNEL-3-AIBSERVER EM-209 %FORWARDING-IP_TUNNEL-3-ASYNC_MSG EM-209 %FORWARDING-IP_TUNNEL-3-BADCHECKSUM EM-210 %FORWARDING-IP_TUNNEL-3-BADKEY EM-210 %FORWARDING-IP_TUNNEL-3-EAIDB EM-210 %FORWARDING-IP_TUNNEL-3-EAINIT EM-210 %FORWARDING-IP_TUNNEL-3-ENS_READ EM-210 %FORWARDING-IP_TUNNEL-3-EVENTMGR EM-211 %FORWARDING-IP_TUNNEL-3-FEA EM-211 %FORWARDING-IP_TUNNEL-3-FIB_ERROR EM-211 %FORWARDING-IP_TUNNEL-3-FIB_INIT EM-211 %FORWARDING-IP_TUNNEL-3-FIB_SEND EM-211 %FORWARDING-IP_TUNNEL-3-IMPSERVER EM-212 %FORWARDING-IP_TUNNEL-3-IPT_DEBUG EM-212 %FORWARDING-IP_TUNNEL-3-LOOPING EM-212 %FORWARDING-IP_TUNNEL-3-MAINIT EM-212 %FORWARDING-IP_TUNNEL-3-MEM EM-212 %FORWARDING-IP_TUNNEL-3-NETIOIDB EM-213 %FORWARDING-IP_TUNNEL-3-P2MP_TUNNEL EM-213 %FORWARDING-IP_TUNNEL-3-ROUTING EM-213 %FORWARDING-IP_TUNNEL-3-SEQUENCE EM-213 %FORWARDING-IP_TUNNEL-3-THREAD EM-213 %FORWARDING-IP_TUNNEL-3-UNKNOWN_GRE_TUNNEL EM-214 %FORWARDING-IP_TUNNEL-3-UNKNOWN_IPIP_TUNNEL EM-214 %FORWARDING-IP_TUNNEL-3-UNKNOWN_MSG EM-214 %FORWARDING-IP_TUNNEL-3-UNSUP_PROTO EM-214 %FORWARDING-IP_TUNNEL-3-VERSION EM-214 %FORWARDING-IP_TUNNEL-4-DECAP EM-215 %FORWARDING-IP_TUNNEL-4-ENCAP EM-215 %FORWARDING-IP_TUNNEL-4-FIB_CONNECTION EM-21 5 %FORWARDING-IP_TUNNEL-4-MTU EM-215 %FORWARDING-IPT_EA_LTRACE-3-INIT EM-215 %HA-CDM_CLI-3-MUTEX_COUNT EM-217 %HA-CDM_CLI-7-BAD_BUFFER EM-217 %HA-CDM_CLI-7-BUFFER_MISMATCH EM-217 %HA-CDM_CLI-7-INVALID_ARG EM-217 %HA-CDM_MEMMGR_HEAP-7-BAD_HEAPIDX EM-218 %HA-CDM_MEMMGR_HEAP-7-BAD_HEAPPAGE EM-218 %HA-CDM_MEMMGR_HEAP-7-BAD_HEAPPTR EM-218 %HA-CDM_MEMMGR_HEAP-7-BAD_NCTDELETE EM-218 %HA-CDM_MEMMGR_HEAP-7-CORRUPTION EM-218 %HA-CDM_MEMMGR_HEAP-7-DATA_CORRUPTION EM- 219 %HA-CDM_MEMMGR_HEAP-7-MUNMAP EM-219 %HA-CDM_MEMMGR_HEAP-7-NCT_BIGNEW EM-219 %HA-CDM_MEMMGR_HEAP-7-OBJ_NOT_FOUND EM-219 %HA-CDM_MEMMGR_HEAP-7-PROC_RUNNING EM-219 %HA-CDM_MEMMGR_HEAP-7-SEGMENT_RENAMED EM -220 %HA-CDM_MEMMGR_HEAP-7-TBL_OBJ_SEG_MISMATCH EM-220 %HA-CDM_MEMMGR_UTIL-3-ASSERT_MSG EM-220Index EM-2628 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %HA-CDM_MEMMGR_UTIL-7-COLD_RESTART EM-220 %HA-CDM_MEMMGR_UTIL-7-COLD_RESTART_IGNORED EM-220 %HA-CDM_MEMMGR_UTIL-7-DEBUG_REGISTER EM-221 %HA-CDM_MEMMGR_UTIL-7-DUP_KEY EM-221 %HA-CDM_MEMMGR_UTIL-7-INIT_ERROR EM-221 %HA-CDM_MEMMGR_UTIL-7-NOT_IMPLEMENTED EM-2 21 %HA-CDM_MEMMGR_UTIL-7-REGISTRATION EM-221 %HA-CDM_MEMMGR_UTIL-7-SYSERR EM-222 %HA-CDM_MEMMGR_UTIL-7-UNEXPECTED EM-222 %HA-CDM_MEMMGR_UTIL-7-WARNING EM-222 %HA-CDM_TDM-7-BAD_ALIGNMENT EM-222 %HA-CDM_TDM-7-COLD_RESTART EM-222 %HA-CDM_TDM-7-DUP_TABLE EM-223 %HA-CDM_TDM-7-NO_TRANSLATOR EM-223 %HA-CDM_TDM-7-NOT_INDEXED EM-223 %HA-CDM_TDM-7-OBJ_COUNT EM-223 %HA-CDM_TDM-7-OBJ_LEN EM-223 %HA-CDM_TDM-7-REG_MISMATCH EM-224 %HA-CDM_TDM-7-TRANSLATION_FATAL EM-224 %HA-CHKPT_BASIC-7-COLD_RESTART EM-224 %HA-CHKPT_BASIC-7-COLD_RESTART_IGNORED EM-22 4 %HA-CHKPT_BASIC-7-DEBUG_REGISTER EM-224 %HA-CHKPT_BASIC-7-DUP_KEY EM-225 %HA-CHKPT_BASIC-7-INCONSISTENT_VERSIONS EM-22 5 %HA-CHKPT_BASIC-7-INIT_ERROR EM-225 %HA-CHKPT_BASIC-7-NOT_IMPLEMENTED EM-225 %HA-CHKPT_BASIC-7-REGISTRATION EM-225 %HA-CHKPT_BASIC-7-SYSERR EM-226 %HA-CHKPT_BASIC-7-UNEXPECTED EM-226 %HA-CHKPT_BASIC-7-WARNING EM-226 %HA-CHKPT_CLI-7-BAD_BUFFER EM-226 %HA-CHKPT_CLI-7-BUFFER_MISMATCH EM-226 %HA-CHKPT_CLI-7-INVALID_ARG EM-227 %HA-CHKPT_HEAP-7-BAD_HEAPIDX EM-227 %HA-CHKPT_HEAP-7-BAD_HEAPPAGE EM-227 %HA-CHKPT_HEAP-7-BAD_HEAPPTR EM-227 %HA-CHKPT_HEAP-7-BAD_NCTDELETE EM-227 %HA-CHKPT_HEAP-7-CORRUPTION EM-228 %HA-CHKPT_HEAP-7-DATA_CORRUPTION EM-228 %HA-CHKPT_HEAP-7-MUNMAP EM-228 %HA-CHKPT_HEAP-7-NCT_BIGNEW EM-228 %HA-CHKPT_HEAP-7-OBJ_NOT_FOUND EM-228 %HA-CHKPT_HEAP-7-PROC_RUNNING EM-229 %HA-CHKPT_HEAP-7-SEGMENT_RENAMED EM-229 %HA-CHKPT_HEAP-7-TBL_OBJ_SEG_MISMATCH EM-229 %HA-CHKPT_LIB_COMMS-3-SYSTEM_ERROR EM-229 %HA-CHKPT_LIB_COMMS-6-INFO EM-229 %HA-CHKPT_LIB_COMMS-7-DEBUG EM-230 %HA-CHKPT_MESSAGING-3-COMMS_INIT_FAIL EM-230 %HA-CHKPT_MESSAGING-3-IDT_FAILED EM-230 %HA-CHKPT_MESSAGING-7-BAD_MSGLEN EM-230 %HA-CHKPT_MESSAGING-7-BAD_MSGTYPE EM-230 %HA-CHKPT_MESSAGING-7-BAD_REQUEST EM-231 %HA-CHKPT_MESSAGING-7-BAD_SEQNO EM-231 %HA-CHKPT_MESSAGING-7-BAD_TOTALSIZE EM-231 %HA-CHKPT_MESSAGING-7-BUFFER_TOO_SMALL EM-2 31 %HA-CHKPT_MESSAGING-7-DUPLICATE_PROCESS EM-2 31 %HA-CHKPT_MESSAGING-7-EVENT_MANAGER EM-232 %HA-CHKPT_MESSAGING-7-GET_MSGLEN EM-232 %HA-CHKPT_MESSAGING-7-IDT_ALL_FAILED EM-232 %HA-CHKPT_MESSAGING-7-LWM_FAILURE EM-232 %HA-CHKPT_MESSAGING-7-MALLOC_FAILED EM-232 %HA-CHKPT_MESSAGING-7-MSG_READ EM-233 %HA-CHKPT_MESSAGING-7-MSG_REPLY EM-233 %HA-CHKPT_MESSAGING-7-MSG_SEND_EVENT EM-233 %HA-CHKPT_MESSAGING-7-NON_CHKPT_MSG EM-233 %HA-CHKPT_MESSAGING-7-PTHREAD_FAILURE EM-233 %HA-CHKPT_MESSAGING-7-REPLICA_NAME EM-234 %HA-CHKPT_MESSAGING-7-STANDBY_OPEN_TIMEOUT EM-234 %HA-CHKPT_MESSAGING-7-STANDBY_PROXY_SPAWN EM-234 %HA-CHKPT_MESSAGING-7-STBY_CAPABLE EM-234 %HA-CHKPT_MESSAGING-7-SYSMGR_GET_PROC_ROLE EM-234 %HA-CHKPT_PROXY-7-BAD_IPC_LENGTH EM-235 %HA-CHKPT_PROXY-7-BAD_IPC_REQUEST EM-235 %HA-CHKPT_PROXY-7-DEBUG EM-235 %HA-CHKPT_PROXY-7-GROUP_CREATE_ERROR EM-235 %HA-CHKPT_PROXY-7-IPC_ERROR EM-235 %HA-CHKPT_PROXY-7-NO_MEMORY EM-236 %HA-CHKPT_PROXY-7-PUTENV EM-236 %HA-CHKPT_PROXY-7-STDBY_NOPROXY EM-236 %HA-CHKPT_PROXY-7-SYSTEM_ERROR EM-236 %HA-CHKPT_TDM-4-OOS EM-236 %HA-CHKPT_TDM-7-BAD_ALIGNMENT EM-237 %HA-CHKPT_TDM-7-COLD_RESTART EM-237 %HA-CHKPT_TDM-7-DUP_TABLE EM-237 %HA-CHKPT_TDM-7-NATIVE_VERSION EM-237 %HA-CHKPT_TDM-7-NO_TRANSLATOR EM-237 %HA-CHKPT_TDM-7-NOT_INDEXED EM-238 %HA-CHKPT_TDM-7-OBJ_COUNT EM-238 %HA-CHKPT_TDM-7-OBJ_LEN EM-238 %HA-CHKPT_TDM-7-REG_MISMATCH EM-238 %HA-CHKPT_TDM-7-TRANSLATION_FATAL EM-238 %HA-DCL_LIB-2-NULL_PTR EM-239 %HA-DCL_LIB-4-CERR_REGISTER EM-239 %HA-DCL_LIB-4-NONFATAL_INTERNAL EM-239 %HA-DCL_LIB-4-UNEXPECTED EM-239 %HA-HA_EEM-4-EEMSD_DIRECTORY_NOT_EXIST EM-23 9 %HA-HA_EEM-4-EEMSD_POLICY_APPLY EM-240 %HA-HA_EEM-4-EEMSD_POLICY_CONFIG_INCONSISTENT EM-240 %HA-HA_EEM-4-EEMSD_POLICY_NOT_EXIST EM-240 %HA-HA_EEM-4-EEMSD_POLICY_TUPLE_UNPACK EM-2 40 %HA-HA_EEM-4-EEMSD_POLICY_UNREGREG_ERR EM-2 40 %HA-HA_EEM-6-EEMED_WD_CPU_NOTIF EM-241Index EM-2629 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %HA-HA_EEM-6-EEMS_POLICY_EXEC EM-241 %HA-HA_EEM-6-EEMS_POLICY_TIMEOUT EM-241 %HA-HA_EEM-6-EEMS_RELOAD_SYSTEM EM-241 %HA-HA_EEM-6-EEMS_SYSLOG_SCAN_SIGNUP EM-241 %HA-HA_EEM-6-EEMSD_POLICY_CHANGED EM-242 %HA-HA_EEM-6-EEMSD_POLICY_DELETED EM-242 %HA-HA_EEM-6-EEMSD_POLICY_REG_SUCC EM-242 %HA-HA_EEM-6-EEMSD_POLICY_UNREG_SUCC EM-242 %HA-HA_EEM-6-EEMSD_POLICY_UNREGREG_SUCC EM -242 %HA-HA_EEM-7-DEBUG_INIT_EVENT EM-243 %HA-HA_EEM-7-DEBUG_REGISTER EM-243 %HA-HA_EEM-7-ED_NONE_CHKPT_INIT EM-243 %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_ADD EM-243 %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_INIT EM-243 %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_ITERATE EM-24 4 %HA-HA_EEM-7-ED_NONE_CHKPT_TBL_REMOVE EM-24 4 %HA-HA_EEM-7-ED_NONE_EA_ATTACH EM-244 %HA-HA_EEM-7-ED_NONE_EI_EVENT EM-244 %HA-HA_EEM-7-ED_NONE_EM_ATTACH EM-244 %HA-HA_EEM-7-ED_NONE_EVM_CREATE EM-245 %HA-HA_EEM-7-ED_NONE_EVM_EVENT_BLOCK EM-245 %HA-HA_EEM-7-ED_NONE_MEM_ALLOC EM-245 %HA-HA_EEM-7-ED_NONE_MSG_REPLY EM-245 %HA-HA_EEM-7-ED_NONE_MSGSEND_EVT EM-245 %HA-HA_EEM-7-ED_NONE_MSGSEND_RETRY_ERR EM- 246 %HA-HA_EEM-7-ED_NONE_PUB_ENQUEUE EM-246 %HA-HA_EEM-7-ED_NONE_PUB_RBLD EM-246 %HA-HA_EEM-7-ED_NONE_PUB_TM_ALLOC EM-246 %HA-HA_EEM-7-ED_NONE_RM_ATTACH EM-246 %HA-HA_EEM-7-ED_NONE_TM_ADDL_CTX EM-247 %HA-HA_EEM-7-ED_NONE_TM_LEAF_NEW EM-247 %HA-HA_EEM-7-ED_NONE_TM_PARENT_NEW EM-247 %HA-HA_EEM-7-ED_NONE_TM_TREE_NEW EM-247 %HA-HA_EEM-7-EEMC_APPL_CBH_PULSE EM-247 %HA-HA_EEM-7-EEMC_APPL_CBH_SEND EM-248 %HA-HA_EEM-7-EEMC_CB_EVM_CREATE EM-248 %HA-HA_EEM-7-EEMC_CB_INIT_EEMC EM-248 %HA-HA_EEM-7-EEMC_CB_MC_ATTACH EM-248 %HA-HA_EEM-7-EEMC_CBS_THREAD_CREATE EM-248 %HA-HA_EEM-7-EEMC_CERR_REG EM-249 %HA-HA_EEM-7-EEMC_REG_CBH_PULSE EM-249 %HA-HA_EEM-7-EEMC_REG_CBH_SEND EM-249 %HA-HA_EEM-7-EEMED_CHKPT_INIT EM-249 %HA-HA_EEM-7-EEMED_CHKPT_TBL_INIT EM-249 %HA-HA_EEM-7-EEMED_CHKPT_TBL_ITERATE EM-250 %HA-HA_EEM-7-EEMED_CONNECTION_FAIL EM-250 %HA-HA_EEM-7-EEMED_DE_FETCH EM-250 %HA-HA_EEM-7-EEMED_DE_INIT EM-250 %HA-HA_EEM-7-EEMED_EA_ATTACH EM-250 %HA-HA_EEM-7-EEMED_EI_EVENT EM-251 %HA-HA_EEM-7-EEMED_EM_ATTACH EM-251 %HA-HA_EEM-7-EEMED_EVM_CREATE EM-251 %HA-HA_EEM-7-EEMED_EVM_EVENT_BLOCK EM-251 %HA-HA_EEM-7-EEMED_HIST_QERR EM-251 %HA-HA_EEM-7-EEMED_INV_COMPARE_OP EM-252 %HA-HA_EEM-7-EEMED_INV_STATS_TYPE EM-252 %HA-HA_EEM-7-EEMED_INV_TM EM-252 %HA-HA_EEM-7-EEMED_INV_TM_TYPE EM-252 %HA-HA_EEM-7-EEMED_LOCAL_NODEID EM-252 %HA-HA_EEM-7-EEMED_MEM_ALLOC EM-253 %HA-HA_EEM-7-EEMED_MET_ENQUEUE EM-253 %HA-HA_EEM-7-EEMED_MET_RBLD EM-253 %HA-HA_EEM-7-EEMED_MISC_ERR EM-253 %HA-HA_EEM-7-EEMED_MSGSEND_EVT EM-253 %HA-HA_EEM-7-EEMED_MSGSEND_RETRY_ERR EM-254 %HA-HA_EEM-7-EEMED_OE_CREATE EM-254 %HA-HA_EEM-7-EEMED_OE_REMOVE EM-254 %HA-HA_EEM-7-EEMED_PLTF_NODENAME EM-254 %HA-HA_EEM-7-EEMED_PUB_ENQUEUE EM-254 %HA-HA_EEM-7-EEMED_PUB_RBLD EM-255 %HA-HA_EEM-7-EEMED_RM_ATTACH EM-255 %HA-HA_EEM-7-EEMED_SM_PROC_EXIT EM-255 %HA-HA_EEM-7-EEMED_STATS_VAL_GET_ERR EM-255 %HA-HA_EEM-7-EEMED_SYSDB_BIND EM-255 %HA-HA_EEM-7-EEMED_SYSDB_GET EM-256 %HA-HA_EEM-7-EEMED_SYSDB_REG_NOTIFY EM-256 %HA-HA_EEM-7-EEMED_THREAD_CREATE EM-256 %HA-HA_EEM-7-EEMED_TM_ADDL_CTX EM-256 %HA-HA_EEM-7-EEMED_TM_CRTICK_INIT EM-256 %HA-HA_EEM-7-EEMED_TM_LEAF_NEW EM-257 %HA-HA_EEM-7-EEMED_TM_PARENT_NEW EM-257 %HA-HA_EEM-7-EEMED_TM_TREE_NEW EM-257 %HA-HA_EEM-7-EEMMD_CHKPT_INIT EM-257 %HA-HA_EEM-7-EEMMD_CHKPT_NULL_PTR EM-257 %HA-HA_EEM-7-EEMMD_CHKPT_TBL_ADD EM-258 %HA-HA_EEM-7-EEMMD_CHKPT_TBL_INIT EM-258 %HA-HA_EEM-7-EEMMD_CHKPT_TBL_RECOVER EM-258 %HA-HA_EEM-7-EEMMD_CONN_EXIST EM-258 %HA-HA_EEM-7-EEMMD_EVM_ASYNC_ATTACH EM-258 %HA-HA_EEM-7-EEMMD_EVM_CREATE EM-259 %HA-HA_EEM-7-EEMMD_EVM_EVENT_BLOCK EM-259 %HA-HA_EEM-7-EEMMD_EVM_FILE_ATTACH EM-259 %HA-HA_EEM-7-EEMMD_EVM_INIT_EVENT EM-259 %HA-HA_EEM-7-EEMMD_EVM_TM_ATTACH EM-260 %HA-HA_EEM-7-EEMMD_EVM_TM_LEAF_NEW EM-260 %HA-HA_EEM-7-EEMMD_FD_SIGEVENT EM-260 %HA-HA_EEM-7-EEMMD_FILE_OPEN EM-260 %HA-HA_EEM-7-EEMMD_GET_CHID EM-261 %HA-HA_EEM-7-EEMMD_GET_NODE_NAME EM-261 %HA-HA_EEM-7-EEMMD_GUARD_WORD_VER EM-261 %HA-HA_EEM-7-EEMMD_LAST_PROC EM-261 %HA-HA_EEM-7-EEMMD_LOCAL_NODEID EM-261 %HA-HA_EEM-7-EEMMD_LONG_PATHNAME EM-262 %HA-HA_EEM-7-EEMMD_LWM_ATTACH EM-262 %HA-HA_EEM-7-EEMMD_LWM_CONNECT EM-262 %HA-HA_EEM-7-EEMMD_LWM_SEND EM-262 %HA-HA_EEM-7-EEMMD_LWM_SEND_ASYNC EM-262 %HA-HA_EEM-7-EEMMD_MEM_ALLOC EM-263 %HA-HA_EEM-7-EEMMD_METRIC_POLL EM-263 %HA-HA_EEM-7-EEMMD_METRICSVC_INIT EM-263 %HA-HA_EEM-7-EEMMD_PROC_EVENT_TYPE EM-263 %HA-HA_EEM-7-EEMMD_QSM_REG_NOTIF EM-263Index EM-2630 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %HA-HA_EEM-7-EEMMD_SVC_REG EM-264 %HA-HA_EEM-7-EEMMD_SVCEVM_CREATE EM-264 %HA-HA_EEM-7-EEMMD_SYSCALL EM-264 %HA-HA_EEM-7-EEMMD_UNEXP_MSG_TYPE EM-264 %HA-HA_EEM-7-EEMMD_UNEXP_PROC EM-264 %HA-HA_EEM-7-EEMMD_UNEXP_PULSECODE EM-265 %HA-HA_EEM-7-EEMS_ASYNC_ATTACH EM-265 %HA-HA_EEM-7-EEMS_ASYNC_ATTACH_FD EM-265 %HA-HA_EEM-7-EEMS_CALLBACK_MAX_ENTRIES EM-2 65 %HA-HA_EEM-7-EEMS_CHKPT_INIT EM-266 %HA-HA_EEM-7-EEMS_CHKPT_NULL_PTR EM-266 %HA-HA_EEM-7-EEMS_CHKPT_TBL_ADD EM-266 %HA-HA_EEM-7-EEMS_CHKPT_TBL_INIT EM-266 %HA-HA_EEM-7-EEMS_CHKPT_TBL_RECOVER EM-266 %HA-HA_EEM-7-EEMS_CHKPT_TBL_REMOVE EM-267 %HA-HA_EEM-7-EEMS_CHKPT_TBL_SAVE EM-267 %HA-HA_EEM-7-EEMS_EVM_CREATE EM-267 %HA-HA_EEM-7-EEMS_EVM_EVENT_BLOCK EM-267 %HA-HA_EEM-7-EEMS_EVM_FILE_ATTACH EM-267 %HA-HA_EEM-7-EEMS_EVM_INIT_EVENT EM-268 %HA-HA_EEM-7-EEMS_FDC_ALLOCATE EM-268 %HA-HA_EEM-7-EEMS_FDC_OPEN EM-268 %HA-HA_EEM-7-EEMS_GET_CHAN_CHAN EM-268 %HA-HA_EEM-7-EEMS_GET_NODE_NAME EM-269 %HA-HA_EEM-7-EEMS_GET_NODE_STATE EM-269 %HA-HA_EEM-7-EEMS_GET_PRIO EM-269 %HA-HA_EEM-7-EEMS_GUARD_WORD_VER EM-269 %HA-HA_EEM-7-EEMS_INIT_EVENT_TIMER EM-269 %HA-HA_EEM-7-EEMS_INV_ARG_STRING EM-270 %HA-HA_EEM-7-EEMS_INV_ENV_STRING EM-270 %HA-HA_EEM-7-EEMS_KILL EM-270 %HA-HA_EEM-7-EEMS_KILL_RUN EM-270 %HA-HA_EEM-7-EEMS_LWM_ATTACH EM-270 %HA-HA_EEM-7-EEMS_LWM_ATTACH_SYNC EM-271 %HA-HA_EEM-7-EEMS_LWM_CONNECT EM-271 %HA-HA_EEM-7-EEMS_LWM_DISCONNECT EM-271 %HA-HA_EEM-7-EEMS_LWM_SEND EM-271 %HA-HA_EEM-7-EEMS_LWM_SEND_ASYNC EM-272 %HA-HA_EEM-7-EEMS_LWM_SEND_EVENT EM-272 %HA-HA_EEM-7-EEMS_MEM_ALLOC EM-272 %HA-HA_EEM-7-EEMS_MEM_REALLOC EM-272 %HA-HA_EEM-7-EEMS_MISC_ERR EM-272 %HA-HA_EEM-7-EEMS_NULL_SCRIPT_NAME EM-273 %HA-HA_EEM-7-EEMS_OPEN EM-273 %HA-HA_EEM-7-EEMS_OVL_GET_MODULE_PATH EM-27 3 %HA-HA_EEM-7-EEMS_OVL_NOTIFY_REG EM-273 %HA-HA_EEM-7-EEMS_OVL_SETUP_ENV EM-273 %HA-HA_EEM-7-EEMS_POLICY_CHECKSUM EM-274 %HA-HA_EEM-7-EEMS_POLICY_HASH EM-274 %HA-HA_EEM-7-EEMS_QSM_REGISTER EM-274 %HA-HA_EEM-7-EEMS_REG_NODE_STATE_CHANGE EM -274 %HA-HA_EEM-7-EEMS_SCRIPT_MAX_ENTRIES EM-275 %HA-HA_EEM-7-EEMS_SIGNAL_ATTACH EM-275 %HA-HA_EEM-7-EEMS_SIGQUEUE EM-275 %HA-HA_EEM-7-EEMS_SPAWN EM-275 %HA-HA_EEM-7-EEMS_SYSLOG_SCAN_RESIGN EM-276 %HA-HA_EEM-7-EEMS_TM_LEAF_NEW EM-276 %HA-HA_EEM-7-EEMS_TM_PARENT_NEW EM-276 %HA-HA_EEM-7-EEMS_TM_TREE_NEW EM-276 %HA-HA_EEM-7-EEMSD_CHKPT_INIT EM-277 %HA-HA_EEM-7-EEMSD_CHKPT_NULL_PTR EM-277 %HA-HA_EEM-7-EEMSD_CHKPT_TBL_ADD EM-277 %HA-HA_EEM-7-EEMSD_CHKPT_TBL_INIT EM-277 %HA-HA_EEM-7-EEMSD_CHKPT_TBL_RECOVER EM-277 %HA-HA_EEM-7-EEMSD_CHKPT_TBL_REMOVE EM-278 %HA-HA_EEM-7-EEMSD_CHKPT_TBL_RESET EM-278 %HA-HA_EEM-7-EEMSD_COUNTER_SET EM-278 %HA-HA_EEM-7-EEMSD_EVENT_CREATE EM-278 %HA-HA_EEM-7-EEMSD_EVENT_REG EM-278 %HA-HA_EEM-7-EEMSD_EVENT_TYPE EM-279 %HA-HA_EEM-7-EEMSD_EVM_CREATE EM-279 %HA-HA_EEM-7-EEMSD_EVM_EVENT_BLOCK EM-279 %HA-HA_EEM-7-EEMSD_FILE_OPEN EM-279 %HA-HA_EEM-7-EEMSD_FM_INIT EM-279 %HA-HA_EEM-7-EEMSD_GET_NODE_NAME EM-280 %HA-HA_EEM-7-EEMSD_GET_PRIO EM-280 %HA-HA_EEM-7-EEMSD_LAST_POLICY EM-280 %HA-HA_EEM-7-EEMSD_MEM_ALLOC EM-280 %HA-HA_EEM-7-EEMSD_OVL_NOTIF_REG EM-280 %HA-HA_EEM-7-EEMSD_OVL_SETUP_ENV EM-281 %HA-HA_EEM-7-EEMSD_POLICY_MISSING EM-281 %HA-HA_EEM-7-EEMSD_POLICY_UNREG_ERR EM-281 %HA-HA_EEM-7-EEMSD_REFRESHTIMER_INIT EM-281 %HA-HA_EEM-7-EEMSD_RESYNC_FAIL EM-282 %HA-HA_EEM-7-EEMSD_SVC_REG EM-282 %HA-HA_EEM-7-EEMSD_SVCEVM_CREATE EM-282 %HA-HA_EEM-7-EEMSD_SYNC_FAIL EM-282 %HA-HA_EEM-7-EEMSD_SYNCLIST_FAIL EM-282 %HA-HA_EEM-7-EEMSD_SYSDB_VERIFY_REG EM-283 %HA-HA_EEM-7-EEMSD_TIMER_ARM EM-283 %HA-HA_SS-7-DEBUG EM-283 %HA-HA_WD_LIB-3-DEBUG_REGISTER_FAIL EM-283 %HA-HA_WD_LIB-7-CLIENT_MONITOR EM-284 %HA-HA_WD_LIB-7-CLIENT_UNMONITOR EM-284 %HA-HA_WD_LIB-7-INVALID_ARG EM-284 %HA-HA_WD_LIB-7-MISSING_CTX EM-284 %HA-HA_WD_LIB-7-NO_MEM EM-284 %HA-HA_WD_LIB-7-SVR_MEMINFO EM-285 %HA-HA_WD_LIB-7-SVR_REG EM-285 %HA-HA_WD_LIB-7-SVR_RSC_UNREG EM-285 %HA-HA_WD_LIB-7-SVR_UNREG EM-285 %HA-HA_WD_LIB-7-SYSCALL EM-286 %HA-HA_WD_LIB-7-THREAD_CTX_INIT EM-286 %HA-HA_WD-1-ABORTING EM-286 %HA-HA_WD-1-CPU_HOG_5 EM-286 %HA-HA_WD-1-CPU_HOG_ALERT EM-287 %HA-HA_WD-1-CURRENT_STATE EM-287 %HA-HA_WD-1-DISK_ALERT EM-287 %HA-HA_WD-2-DISK_CRIT EM-287 %HA-HA_WD-3-DEBUG_REGISTER_FAIL EM-288 %HA-HA_WD-3-DEVCTL EM-288 %HA-HA_WD-3-EVM_ASYNC_ATTACH EM-288 %HA-HA_WD-3-EVM_CREATE EM-288Index EM-2631 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %HA-HA_WD-3-EVM_EVENT_BLOCK EM-288 %HA-HA_WD-3-EVM_INIT_EVENT EM-289 %HA-HA_WD-3-EVM_MSG_ATTACH EM-289 %HA-HA_WD-3-EVM_THREAD_INIT EM-289 %HA-HA_WD-3-EVM_TM_ATTACH EM-289 %HA-HA_WD-3-EVM_TM_DETACH EM-290 %HA-HA_WD-3-EVM_TM_LEAF_NEW EM-290 %HA-HA_WD-3-FD_CRIT_LIM EM-290 %HA-HA_WD-3-FD_INIT EM-290 %HA-HA_WD-3-FREE_MEM_ADDR EM-291 %HA-HA_WD-3-HELPER_INIT_FAIL EM-291 %HA-HA_WD-3-MSG_GET_CHAN_CHAN EM-291 %HA-HA_WD-3-NOTIF_THREAD_INIT EM-291 %HA-HA_WD-3-OPEN_PROCFS EM-291 %HA-HA_WD-3-PLATFORM_NODENAME EM-292 %HA-HA_WD-3-PLATFORM_SLOT EM-292 %HA-HA_WD-3-POP EM-292 %HA-HA_WD-3-PTHRD_CREATE EM-292 %HA-HA_WD-3-SERVICE_CREATE EM-292 %HA-HA_WD-3-WATCHER_THREAD_INIT EM-293 %HA-HA_WD-4-CFG_FAILED EM-293 %HA-HA_WD-4-DISK_ALARM EM-293 %HA-HA_WD-4-DISK_WARN EM-293 %HA-HA_WD-4-DSC_REG_FAILED EM-293 %HA-HA_WD-4-FD_MAJ_LIM EM-294 %HA-HA_WD-4-FD_MIN_LIM EM-294 %HA-HA_WD-4-FD_NORMAL_LIM EM-294 %HA-HA_WD-4-MEM_POLL EM-294 %HA-HA_WD-4-MEMORY_ALARM EM-294 %HA-HA_WD-4-MEMORY_LIMIT_EXCEEDED EM-295 %HA-HA_WD-4-MEMORY_STATE_CHANGE EM-295 %HA-HA_WD-4-TOP_MEMORY_USER_WARNING EM-295 %HA-HA_WD-4-TOP_MEMORY_USERS_WARNING EM-29 5 %HA-HA_WD-4-TOP_SHMEM_USER_WARNING EM-296 %HA-HA_WD-4-TOP_SHMEM_USERS_WARNING EM-296 %HA-HA_WD-5-NO_TIMEOUT EM-296 %HA-HA_WD-5-TIMEOUT EM-296 %HA-HA_WD-5-TIMEOUT_CANCELLED EM-297 %HA-HA_WD-5-TIMEOUT_EXIT EM-297 %HA-HA_WD-6-CPU_HOG_1 EM-297 %HA-HA_WD-6-CPU_HOG_2 EM-297 %HA-HA_WD-6-CPU_HOG_3 EM-297 %HA-HA_WD-6-CPU_HOG_4 EM-298 %HA-HA_WD-6-DISK_NORMAL EM-298 %HA-HA_WD-6-DISK_UNMONITOR EM-298 %HA-HA_WD-6-GI_FILES_CREATED EM-298 %HA-HA_WD-6-IN_DEP_LIST EM-298 %HA-HA_WD-6-KNOWN_HOG EM-299 %HA-HA_WD-6-MEMORY_RECOVERY_DISABLED EM-29 9 %HA-HA_WD-6-MEMORY_RECOVERY_KILL_NON_SYSMG R EM-299 %HA-HA_WD-6-MEMORY_RECOVERY_KILL_SYSMGR E M-299 %HA-HA_WD-6-MEMORY_RECOVERY_RESTART EM-300 %HA-HA_WD-6-PROC_KILL_DISABLED EM-300 %HA-HA_WD-6-TOP_MEMORY_USER_INFO EM-300 %HA-HA_WD-6-TOP_MEMORY_USERS_INFO EM-300 %HA-HA_WD-6-TOP_SHMEM_USER_INFO EM-301 %HA-HA_WD-6-TOP_SHMEM_USERS_INFO EM-301 %HA-HA_WD-7-CISCOSHMEM EM-301 %HA-HA_WD-7-CLINFO_GET_DATUM EM-301 %HA-HA_WD-7-CLINFO_M_PID EM-302 %HA-HA_WD-7-CLINFO_SAVE_DATUM EM-302 %HA-HA_WD-7-CLINFO_UNHOLD EM-302 %HA-HA_WD-7-CONTEXT_CREATE EM-302 %HA-HA_WD-7-GET_EVM_CTX_BY_TIMER EM-303 %HA-HA_WD-7-MSG_CHAN_CONNECT EM-303 %HA-HA_WD-7-MSG_CHAN_DISCONN EM-303 %HA-HA_WD-7-MSG_SEND EM-303 %HA-HA_WD-7-MSG_SEND_EVENT EM-304 %HA-HA_WD-7-MSG_TYPE EM-304 %HA-HA_WD-7-NO_MEM EM-304 %HA-HA_WD-7-SCHED_GET_PRIORITY_MAX EM-304 %HA-HA_WD-7-SCHED_SETSCHEDULER EM-304 %HA-HA_WD-7-SYSCALL EM-305 %HA-HA_WD-7-UNEXPECTED EM-305 %HA-HM-3-FPING_ERROR EM-305 %HA-HM-3-FPING_MISMATCH EM-305 %HA-HM-4-ERROR_INIT EM-306 %HA-HM-4-FPING_INCOMPLETE EM-306 %HA-HM-4-FPING_RETRY_ERROR EM-306 %HA-IRM_CHKPT-7-INIT_ERROR EM-306 %HA-LRD_inv-3-BAG_REGISTRATION EM-307 %HA-LRD_inv-3-BAG_REGISTRATION EM-307 %HA-LRD_inv-3-BAG_REGISTRATION EM-307 %HA-LRD_inv-3-BAG_REGISTRATION EM-307 %HA-LRD_inv-3-MEM_ALLOC_FAIL EM-307 %HA-LRD_inv-3-MEM_ALLOC_FAIL EM-308 %HA-LRD_inv-3-MEM_ALLOC_FAIL EM-308 %HA-LRD_inv-3-MEM_ALLOC_FAIL EM-308 %HA-LRD_inv-3-MEM_ALLOC_FAIL EM-308 %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL EM-308 %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL EM-308 %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL EM-309 %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL EM-309 %HA-LRD_inv-3-MSG_CERR_REGISTER_DLL EM-309 %HA-LRD_inv-3-MSG_INVENTORY_FWD EM-309 %HA-LRD_inv-3-MSG_INVENTORY_FWD EM-309 %HA-LRD_inv-3-MSG_INVENTORY_FWD EM-309 %HA-LRD_inv-3-MSG_INVENTORY_FWD EM-310 %HA-LRD_inv-3-REDUNDANCY_STATE EM-310 %HA-LRD_inv-3-REDUNDANCY_STATE EM-310 %HA-LRD_inv-3-REDUNDANCY_STATE EM-310 %HA-LRD_inv-3-REDUNDANCY_STATE EM-310 %HA-LRD_inv-3-REDUNDANCY_STATE EM-310 %HA-LRD_inv-3-SYSDB_ITEM_ERROR EM-311 %HA-LRD_inv-3-SYSDB_ITEM_ERROR EM-311 %HA-LRD_inv-3-SYSDB_ITEM_ERROR EM-311 %HA-LRD_inv-3-SYSDB_ITEM_ERROR EM-311 %HA-LRD_inv-4-CANT_FIND_DSC EM-311 %HA-LRD_inv-4-CANT_FIND_DSC EM-311 %HA-LRD_inv-4-UNEXPECTED EM-312 %HA-LRD_inv-4-UNEXPECTED EM-312 %HA-LRD_inv-4-UNEXPECTED EM-312Index EM-2632 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %HA-LRD_inv-4-UNEXPECTED EM-312 %HA-LRD_inv-4-UNEXPECTED EM-312 %HA-LRD_inv-6-NON_DRP_PRIMARY EM-313 %HA-LRD_inv-6-NON_DRP_PRIMARY EM-313 %HA-LRD_inv-6-NON_DRP_PRIMARY EM-313 %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING EM-313 %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING EM-314 %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING EM-314 %HA-LRD_inv-6-RESET_CARD_FOR_PAIRING EM-314 %HA-LRD_inv-6-RESET_CARD_LR_CHANGE EM-314 %HA-LRD_inv-6-UNPAIRED_DRP EM-314 %HA-LRD_inv-6-UNPAIRED_DRP EM-315 %HA-LRD_inv-6-UNPAIRED_DRP EM-315 %HA-LRD-2-EVENTATTACHFAIL EM-315 %HA-LRD-2-SYSMGR_GET_NODE_STATE EM-315 %HA-LRD-2-SYSMGR_REGISTER EM-315 %HA-LRD-3-BAG_REGISTRATION EM-316 %HA-LRD-3-MEM_ALLOC_FAIL EM-316 %HA-LRD-3-MSG_CERR_REGISTER_DLL EM-316 %HA-LRD-3-MSG_INVENTORY_FWD EM-316 %HA-LRD-3-REDUNDANCY_STATE EM-316 %HA-LRD-3-SYSDB_ITEM_ERROR EM-316 %HA-LRD-4-CANT_FIND_DSC EM-317 %HA-LRD-4-HEADLESS_SDR_STATE EM-317 %HA-LRD-4-SDR_PLANE_READY_TIMEOUT EM-317 %HA-LRD-4-UNEXPECTED EM-317 %HA-LRD-4-UNEXPECTED EM-317 %HA-LRD-6-LATE_MGMT_NODE EM-317 %HA-REDCON_CLIENT-3-ERROR EM-318 %HA-REDCON_CLIENT-7-MSG_SEND EM-318 %HA-REDCON-1-STANDBY_NOT_READY EM-318 %HA-REDCON-1-STANDBY_READY EM-318 %HA-REDCON-3-DRIVER_INIT_FAILED EM-319 %HA-REDCON-3-PCDS_INIT_FAILED EM-319 %HA-REDCON-3-UNEXPECTED_ERROR EM-319 %HA-REDCON-4-FAILOVER_DISABLED EM-319 %HA-REDCON-4-FAILOVER_REQUESTED EM-319 %HA-REDCON-4-SRP_NR_CLIENT_UNREG EM-319 %HA-REDCON-4-SRP_NR_REASON_UNREG EM-320 %HA-REDCON-4-STANDBY_NOT_READY_ALARM EM-32 0 %HA-REDCON-4-STANDBY_NOT_READY_REASON EM-3 20 %HA-REDCON-4-STBY_ACTIVE_NOT_READY EM-320 %HA-REDCON-4-STBY_CONN_RETRY EM-320 %HA-REDCON-4-STBY_FORCE_GO_ACTIVE EM-320 %HA-REDCON-6-GO_ACTIVE EM-321 %HA-REDCON-6-GO_STANDBY EM-321 %HA-REDCON-6-STANDBY_CONNECTION_DOWN EM-32 1 %HA-REDCON-6-STANDBY_CONNECTION_UP EM-321 %HA-REDCON-6-STBY_STANDBY_NOT_READY EM-321 %HA-REDCON-6-STBY_STANDBY_READY EM-321 %HA-REDCON-7-FAILOVER_ENABLED EM-322 %HA-REDCON-7-MSG_SEND_FAILED EM-322 %HA-REDCON-7-UNEXPECTED EM-322 %HA-REDSTATS-3-SERVICE_CREATE EM-322 %HA-REDSTATS-7-SYSCALL EM-322 %HA-REDSTATS-7-UNEXPECTED EM-323 %HA-WD_STAT_PUB-3-SHM_EDM_ERR EM-323 %HA-WD_STAT_PUB-3-SHM_ERR EM-323 %HA-WD_STAT_PUB-3-SHMEM EM-323 %HA-WD_STAT_PUB-7-SYSCALL EM-323 %INSTALL-BOOTVAR-7-CANT_OPEN EM-325 %INSTALL-BOOTVAR-7-CANT_WRITE EM-325 %INSTALL-BOOTVAR-7-CERR_REGISTER_DLL EM-326 %INSTALL-BOOTVAR-7-INVALID_ARG EM-326 %INSTALL-BOOTVAR-7-NULL_PTR EM-326 %INSTALL-BOOTVAR-7-VAR_TOO_BIG EM-326 %INSTALL-FC-3-FW_OPERATION_ERROR EM-327 %INSTALL-FC-6-FW_OPERATION_INFO EM-327 %INSTALL-FC-6-FWFILE_COPY_INFO EM-327 %INSTALL-FC-6-FWFILE_INFO EM-327 %INSTALL-INST_IO-3-INTERNALERR EM-328 %INSTALL-INST_IO-7-DEVICE_FULL EM-328 %INSTALL-INSTDIR_INVENTORY-7-LTRACE_INIT EM-32 8 %INSTALL-INSTDIR_INVENTORY-7-NULL_PTR EM-329 %INSTALL-INSTHELPER-3-DSDRSC_UNAVAILABLE_FOR_ SW_DWNLD EM-329 %INSTALL-INSTHELPER-3-EXIT_ERROR EM-329 %INSTALL-INSTHELPER-3-FAILED_MDR_NODE EM-329 %INSTALL-INSTHELPER-3-FAILED_PKG_DOWNLOAD E M-330 %INSTALL-INSTHELPER-3-INSTALL_DEVICE_UNAVAILA BLE EM-330 %INSTALL-INSTHELPER-3-INSUFFICIENT_DISKSPACE E M-330 %INSTALL-INSTHELPER-3-MBI_COPY_FAIL EM-330 %INSTALL-INSTHELPER-3-NOMEMORY EM-331 %INSTALL-INSTHELPER-3-RUNNING_ON_NON_PERSISTE NT_DEVICE EM-331 %INSTALL-INSTHELPER-3-USES_MEM_FOR_PERSISTENT_ DEVICE EM-331 %INSTALL-INSTHELPER-3-WRONG_IMAGE EM-331 %INSTALL-INSTHELPER-4-DEVICE_FORMAT_FAIL EM-3 32 %INSTALL-INSTHELPER-6-DEVICE_FORMAT EM-332 %INSTALL-INSTHELPER-6-DISKSPACE_CHECK_PASS E M-332 %INSTALL-INSTHELPER-6-FAILED_BOOT_DURING_INSTA LL_PAUSE EM-332 %INSTALL-INSTHELPER-6-FAILED_BOOT_DURING_INSTA LL_RESET EM-333 %INSTALL-INSTHELPER-6-INCORRECT_LOADPATH EM- 333 %INSTALL-INSTHELPER-6-INCORRECT_MBI EM-333 %INSTALL-INSTHELPER-6-MBI_BOOTING_HOLD_BOOT_I N_MBI EM-333 %INSTALL-INSTHELPER-6-MBI_BOOTING_MID_INSTALL EM-334 %INSTALL-INSTHELPER-6-MBI_DOWNLOAD_COMPLETE EM-334 %INSTALL-INSTHELPER-6-RELOAD_NODE_INFO EM-334 %INSTALL-INSTHELPER-6-SELF_RESET EM-334 %INSTALL-INSTHELPER-7-CLEAN_INVALID_DEVICE EIndex EM-2633 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 M-334 %INSTALL-INSTHELPER-7-COMPLETE_PACKAGE_CLEAN EM-335 %INSTALL-INSTHELPER-7-COMPLETE_SYNC EM-335 %INSTALL-INSTHELPER-7-DIGEST_BK_INTEGRITY EM-3 35 %INSTALL-INSTHELPER-7-EVENT_FAIL EM-335 %INSTALL-INSTHELPER-7-FAIL_ACTIVE_SYNC EM-335 %INSTALL-INSTHELPER-7-FAIL_COPY EM-336 %INSTALL-INSTHELPER-7-FAIL_FILE_IO EM-336 %INSTALL-INSTHELPER-7-FAIL_LDPATH_UPDATE EM-3 36 %INSTALL-INSTHELPER-7-FAIL_LWM_DISCONNECT EM -336 %INSTALL-INSTHELPER-7-FAIL_PACKAGE_CLEAN EM-3 36 %INSTALL-INSTHELPER-7-FAIL_STAT EM-337 %INSTALL-INSTHELPER-7-FAIL_SYNC EM-337 %INSTALL-INSTHELPER-7-FAIL_SYSMGR_NOTIFY EM-3 37 %INSTALL-INSTHELPER-7-FAIL_THREAD_CREATE EM-3 37 %INSTALL-INSTHELPER-7-FAILED_MEM_CACHE_INIT E M-337 %INSTALL-INSTHELPER-7-FAILED_SDS_CONNECT EM-3 38 %INSTALL-INSTHELPER-7-FAILED_SYSDB_CONNECT E M-338 %INSTALL-INSTHELPER-7-FILE_OPEN_FAIL EM-338 %INSTALL-INSTHELPER-7-INIT EM-338 %INSTALL-INSTHELPER-7-INTERNALERR EM-339 %INSTALL-INSTHELPER-7-INVALID_NODEID_RETURNED EM-339 %INSTALL-INSTHELPER-7-INVALID_NOTIF_INFO EM-339 %INSTALL-INSTHELPER-7-LOCKING EM-339 %INSTALL-INSTHELPER-7-MBI_DOWNLOAD EM-339 %INSTALL-INSTHELPER-7-NULL_PTR EM-340 %INSTALL-INSTHELPER-7-PKG_DOWNLOAD EM-340 %INSTALL-INSTHELPER-7-PKGFS_INIT_BOOT EM-340 %INSTALL-INSTHELPER-7-PREPARATION_COMPLETE E M-340 %INSTALL-INSTHELPER-7-START_PACKAGE_CLEAN E M-340 %INSTALL-INSTHELPER-7-START_SYNC EM-340 %INSTALL-INSTHELPER-7-SYSDB_BIND EM-341 %INSTALL-INSTMGR_CMD-3-NOMEMORY EM-341 %INSTALL-INSTMGR_CMD-7-NULL_PTR EM-341 %INSTALL-INSTMGR_CMD-7-PLATFORM_TYPE_FAIL E M-341 %INSTALL-INSTMGR_LIB-2-FAILED_RELOAD_NODE EM -342 %INSTALL-INSTMGR_LIB-2-RELOAD_SAVE_CONFIG_FAIL ED EM-342 %INSTALL-INSTMGR_LIB-3-FAILED_STATE_FILE_UPDAT E EM-342 %INSTALL-INSTMGR_LIB-3-FAILED_SYNC EM-343 %INSTALL-INSTMGR_LIB-3-REPLY_MSG_SENDING EM-3 43 %INSTALL-INSTMGR_LIB-6-MESSAGE_NOT_PROCESSED EM-343 %INSTALL-INSTMGR_LIB-7-CLIENT_ERROR EM-343 %INSTALL-INSTMGR_LIB-7-CONFIG_POSTINSTALL_NOTI FICATION EM-344 %INSTALL-INSTMGR_LIB-7-CONFIG_PREINSTALL_NOTIFI CATION EM-344 %INSTALL-INSTMGR_LIB-7-DBADD EM-344 %INSTALL-INSTMGR_LIB-7-DBCREATE EM-344 %INSTALL-INSTMGR_LIB-7-DBFORMAT EM-345 %INSTALL-INSTMGR_LIB-7-DBNAME EM-345 %INSTALL-INSTMGR_LIB-7-DBOPEN EM-345 %INSTALL-INSTMGR_LIB-7-DBOPERATION EM-345 %INSTALL-INSTMGR_LIB-7-DBPATH EM-346 %INSTALL-INSTMGR_LIB-7-DBRECORD EM-346 %INSTALL-INSTMGR_LIB-7-DBSUBDIRECTORY EM-346 %INSTALL-INSTMGR_LIB-7-ENS_CONSUMER_RESPONSE EM-346 %INSTALL-INSTMGR_LIB-7-ENS_UNKNOWN_PAYLOAD_ MSG_TYPE EM-347 %INSTALL-INSTMGR_LIB-7-ERROR_REG EM-347 %INSTALL-INSTMGR_LIB-7-FAIL_LWM_REPLY_TOO_BIG EM-347 %INSTALL-INSTMGR_LIB-7-FAIL_LWM_SEND EM-347 %INSTALL-INSTMGR_LIB-7-FAILED_OUTPUT_ERROR E M-347 %INSTALL-INSTMGR_LIB-7-FILE_CHECK EM-348 %INSTALL-INSTMGR_LIB-7-FILE_INFO EM-348 %INSTALL-INSTMGR_LIB-7-FILE_OPEN_FAIL EM-348 %INSTALL-INSTMGR_LIB-7-FILE_READ EM-348 %INSTALL-INSTMGR_LIB-7-INFRA_BLOB EM-349 %INSTALL-INSTMGR_LIB-7-INTERNALERR EM-349 %INSTALL-INSTMGR_LIB-7-LIST EM-349 %INSTALL-INSTMGR_LIB-7-LOAD_PIE EM-349 %INSTALL-INSTMGR_LIB-7-LTRACE_INIT EM-349 %INSTALL-INSTMGR_LIB-7-MEMORY EM-350 %INSTALL-INSTMGR_LIB-7-NODE_CLASS_GET EM-350 %INSTALL-INSTMGR_LIB-7-PACKAGE EM-350 %INSTALL-INSTMGR_LIB-7-PARAMETER_NULL EM-350 %INSTALL-INSTMGR_LIB-7-PATH EM-351 %INSTALL-INSTMGR_LIB-7-PATH_CLEANUP EM-351 %INSTALL-INSTMGR_LIB-7-PIE_FORMAT EM-351 %INSTALL-INSTMGR_LIB-7-PIE_INFO_CONSTRUCT EM- 351 %INSTALL-INSTMGR_LIB-7-PKG_LOAD EM-351 %INSTALL-INSTMGR_LIB-7-PLATFORM_TYPE_FAIL EM- 352 %INSTALL-INSTMGR_LIB-7-RELOAD_MEMBOOTED_MAN AGEMENT_NODE EM-352 %INSTALL-INSTMGR_LIB-7-STACK EM-352 %INSTALL-INSTMGR_LIB-7-SYSMGR EM-352 %INSTALL-INSTMGR_LIB-7-TEST_ISSU_RUN_MDR_COMP LETE_SLEEP EM-352 %INSTALL-INSTMGR_LIB-7-TEST_ISSU_RUN_RELOAD_SL EEP EM-353 %INSTALL-INSTMGR-2-AUTO_ABORT_TIMER_EXPIRED EM-353 %INSTALL-INSTMGR-2-AUTO_ABORT_TIMER_EXPIRING Index EM-2634 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 EM-353 %INSTALL-INSTMGR-2-FAILED_RELOAD_NODE EM-353 %INSTALL-INSTMGR-2-INSTALL_CRITICAL_AUTO_ABOR T EM-353 %INSTALL-INSTMGR-2-INSTALL_OP_SYS_ERR_GLOBAL_ NODES_INCONSISTENT EM-354 %INSTALL-INSTMGR-2-INSTALL_OP_SYS_ERR_SPECIFIC_ NODES_INCONSISTENT EM-354 %INSTALL-INSTMGR-2-INSTALL_OP_SYS_ERR_SPECIFIC_ NODES_INCONSISTENT_HDR EM-354 %INSTALL-INSTMGR-2-INSTALL_SYS_ERR_FAILURE E M-355 %INSTALL-INSTMGR-3-ABORT_INCOMPLETE_INSTALL EM-355 %INSTALL-INSTMGR-3-ABORT_INCOMPLETE_INSTALL_A DD EM-355 %INSTALL-INSTMGR-3-AUTO_ABORT_TIMER_RUNNING_ WARN EM-355 %INSTALL-INSTMGR-3-BAD_OP_TYPE EM-356 %INSTALL-INSTMGR-3-BUILD_TABLE_FAIL EM-356 %INSTALL-INSTMGR-3-CORRUPT_CHECKPOINT EM-356 %INSTALL-INSTMGR-3-FAILED_ENS_INIT EM-356 %INSTALL-INSTMGR-3-FAILED_ENS_REQUEST EM-356 %INSTALL-INSTMGR-3-INIT EM-357 %INSTALL-INSTMGR-3-INSTALL_ERROR_BUT_NO_CLI_C ONNECTION EM-357 %INSTALL-INSTMGR-3-INSTALL_OPERATION_SYSTEM_E RROR_GLOBAL_NODES EM-357 %INSTALL-INSTMGR-3-INSTALL_OPERATION_SYSTEM_E RROR_SPECIFIC_NODES EM-357 %INSTALL-INSTMGR-3-INSTALL_OPERATION_SYSTEM_E RROR_SPECIFIC_NODES_HDR EM-358 %INSTALL-INSTMGR-3-INSTALL_OPERATION_USER_ERR OR EM-358 %INSTALL-INSTMGR-3-INSTALL_SYSTEM_ERROR_GLOB AL_NODES EM-358 %INSTALL-INSTMGR-3-INSTALL_SYSTEM_ERROR_SPECIF IC_NODES EM-358 %INSTALL-INSTMGR-3-INSTALL_SYSTEM_ERROR_SPECIF IC_NODES_HDR EM-359 %INSTALL-INSTMGR-3-NOMEMORY EM-359 %INSTALL-INSTMGR-3-REPLY_MSG_SENDING EM-359 %INSTALL-INSTMGR-3-SAM_CERTIFICATE_EXPIRED E M-359 %INSTALL-INSTMGR-3-SYSDB EM-360 %INSTALL-INSTMGR-3-SYSDBREG EM-360 %INSTALL-INSTMGR-3-TIMER_ABORT EM-360 %INSTALL-INSTMGR-3-UNABLE_TO_DETERMINE_PRERE QUISITE_ORDERING EM-360 %INSTALL-INSTMGR-4-ABORTING_FORCE_RELOAD_NOD E EM-360 %INSTALL-INSTMGR-4-ACTIVE_SOFTWARE_COMMITTED _INFO EM-361 %INSTALL-INSTMGR-4-AUTO_ABORT_TIMER_RUNNING EM-361 %INSTALL-INSTMGR-4-AUTO_ABORT_TIMER_STARTED EM-361 %INSTALL-INSTMGR-4-AUTO_ABORT_TIMER_STOPPED EM-361 %INSTALL-INSTMGR-4-INSTALL_IS_TO_SUSPEND EM-36 1 %INSTALL-INSTMGR-4-INSTALL_ISSU_AUTO_ABORT_TI MER_NOT_FOUND EM-362 %INSTALL-INSTMGR-4-INSTALL_OPERATION_WARNING EM-362 %INSTALL-INSTMGR-4-INSTALL_WARNING_AUTO_ABOR T EM-362 %INSTALL-INSTMGR-4-ISSU_NODE_BOOT_NOT_ALLOWE D EM-362 %INSTALL-INSTMGR-4-ISSU_UNEXPECTED_NODE_BOOT EM-362 %INSTALL-INSTMGR-4-ROLLBACK_FILE_FAILURE EM-3 63 %INSTALL-INSTMGR-4-STANDBY_NOT_READY EM-363 %INSTALL-INSTMGR-6-INSTALL_ACCEPT_PHASE_FINISH ED EM-363 %INSTALL-INSTMGR-6-INSTALL_ACCEPT_PHASE_START ED EM-363 %INSTALL-INSTMGR-6-INSTALL_COMPLETE_PHASE_FINI SHED EM-363 %INSTALL-INSTMGR-6-INSTALL_COMPLETE_PHASE_STA RTED EM-364 %INSTALL-INSTMGR-6-INSTALL_LOAD_PHASE_FINISHED EM-364 %INSTALL-INSTMGR-6-INSTALL_LOAD_PHASE_STARTED EM-364 %INSTALL-INSTMGR-6-INSTALL_OPERATION_ABORTED EM-364 %INSTALL-INSTMGR-6-INSTALL_OPERATION_ABORTING _ON_ERROR EM-364 %INSTALL-INSTMGR-6-INSTALL_OPERATION_CANCELLE D EM-365 %INSTALL-INSTMGR-6-INSTALL_OPERATION_COMPLETE D_SUCCESSFULLY EM-365 %INSTALL-INSTMGR-6-INSTALL_OPERATION_FAILED E M-365 %INSTALL-INSTMGR-6-INSTALL_OPERATION_STARTED EM-365 %INSTALL-INSTMGR-6-INSTALL_OPERATION_USER_ABO RTED EM-365 %INSTALL-INSTMGR-6-INSTALL_RESUMED EM-366 %INSTALL-INSTMGR-6-INSTALL_RUN_PHASE_FINISHED EM-366 %INSTALL-INSTMGR-6-INSTALL_RUN_PHASE_STARTED EM-366 %INSTALL-INSTMGR-6-NODE_BOOT_OPTIONS EM-366 %INSTALL-INSTMGR-6-NODE_BOOT_OPTIONS_CLEAR EM-366 %INSTALL-INSTMGR-6-PAUSED_AT_CONFIG_LOCK EM- 367 %INSTALL-INSTMGR-6-WAIT_FOR_STANDBY EM-367 %INSTALL-INSTMGR-6-WAIT_FOR_TARGET_NODES EM -367 %INSTALL-INSTMGR-7-DSC_MIGRATED EM-367 %INSTALL-INSTMGR-7-FAILED_OUTPUT_ERROR EM-367 %INSTALL-INSTMGR-7-FAILED_OUTPUT_USEFUL_INFORIndex EM-2635 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 MATION EM-368 %INSTALL-INSTMGR-7-FAILED_OUTPUT_WARNING EM -368 %INSTALL-INSTMGR-7-FAILED_PARTNER_NODE_STATE EM-368 %INSTALL-INSTMGR-7-FAILMSG EM-368 %INSTALL-INSTMGR-7-FILE_OPEN_FAIL EM-368 %INSTALL-INSTMGR-7-INTERNALERR EM-369 %INSTALL-INSTMGR-7-INVALID_CLIENT_NODEID EM-3 69 %INSTALL-INSTMGR-7-LTRACE_INIT EM-369 %INSTALL-INSTMGR-7-NO_LOG_STORED EM-369 %INSTALL-INSTMGR-7-NULL_PTR EM-369 %INSTALL-INSTMGR-7-PATH EM-370 %INSTALL-INSTMGR-7-RDS_SYNC_WAIT EM-370 %INSTALL-INSTMGR-7-RELOAD_NODE_INFO EM-370 %INSTALL-INSTMGR-7-REQ_MSG_PROCESSING EM-370 %INSTALL-INSTMGR-7-REQUEST_RETRIEVE EM-370 %INSTALL-INSTMGR-7-RESUME_INCOMPLETE_INSTALL EM-371 %INSTALL-INSTMGR-7-SOFTWARE_CHANGE_RELOAD EM-371 %INSTALL-INSTMGR-7-SWITCHOVER_DATA_LOST EM-3 71 %INSTALL-INSTMGR-7-TEST_ISSU_RUN_SWITCHOVER_S LEEP EM-371 %INSTALL-INSTMGR-7-TIMEOUT_ALMOST_EXPIRED E M-371 %INSTALL-INSTMGR-7-TIMER EM-372 %INSTALL-INSTMGR-7-UNKNOWN_ERROR_TYPE EM-37 2 %INSTALL-IOR-7-INTERNALERR EM-372 %INSTALL-IOR-7-LTRACE_INIT EM-372 %INSTALL-IOR-7-NOMEMORY EM-372 %INSTALL-IOR-7-NULL_PTR EM-373 %INSTALL-LIBINST_DEBUG-3-INIT EM-373 %INSTALL-LIBINST_DEBUG-3-INTERNAL EM-373 %INSTALL-LIBINST_DEBUG-3-MUTEX EM-373 %INSTALL-LIBINST_DEBUG-4-CERR_REGISTER_DLL EM -374 %INSTALL-LIBNOTIFY-7-ARCH_NOT_SUPPORTED EM-37 4 %INSTALL-LIBNOTIFY-7-BAD_TOOLS_VERSION EM-374 %INSTALL-LIBNOTIFY-7-BLOBBIFIER_ERROR EM-374 %INSTALL-LIBNOTIFY-7-CANNOT_GET_BLOB_SIZE_IN_A 2STRUCT EM-375 %INSTALL-LIBNOTIFY-7-CANNOT_GET_BLOB_SIZE_IN_S TRUCT EM-375 %INSTALL-LIBNOTIFY-7-CANNOT_GET_PROCNAME EM -375 %INSTALL-LIBNOTIFY-7-DEBLOBBIFIER_ERROR EM-375 %INSTALL-LIBNOTIFY-7-EVENT_CONN_CREATE EM-376 %INSTALL-LIBNOTIFY-7-EVENT_CONN_NOTIFY EM-376 %INSTALL-LIBNOTIFY-7-EVENT_CONN_OPEN EM-376 %INSTALL-LIBNOTIFY-7-FAILED_INIT_LTRACE EM-376 %INSTALL-LIBNOTIFY-7-INTERNAL EM-376 %INSTALL-LIBNOTIFY-7-INTERNAL_DATA_INCONSISTEN CY EM-377 %INSTALL-LIBNOTIFY-7-ITEM_NOT_FOUND EM-377 %INSTALL-LIBNOTIFY-7-LIST_IS_FULL EM-377 %INSTALL-LIBNOTIFY-7-LIST_ITEM_NOT_FOUND EM-37 7 %INSTALL-LIBNOTIFY-7-MEMORY EM-377 %INSTALL-LIBNOTIFY-7-NOT_A_MANAGEMENT_NODE EM-378 %INSTALL-LIBNOTIFY-7-PARAMETER_BAD_EVENT EM- 378 %INSTALL-LIBNOTIFY-7-PARAMETER_BAD_TRANSID E M-378 %INSTALL-LIBNOTIFY-7-PARAMETER_DYNAMIC_TYPE_ CHECK_FAILURE EM-378 %INSTALL-LIBNOTIFY-7-PARAMETER_INCOMPLETE E M-379 %INSTALL-LIBNOTIFY-7-PARAMETER_MISSING_BLOBBIF IER EM-379 %INSTALL-LIBNOTIFY-7-PARAMETER_MISSING_OR_NUL L EM-379 %INSTALL-LIBNOTIFY-7-PARAMETER_NULL EM-379 %INSTALL-LIBNOTIFY-7-PARAMETER_RANGE EM-380 %INSTALL-LIBNOTIFY-7-PARAMETER_REFERENCES_NUL L EM-380 %INSTALL-LIBNOTIFY-7-PARAMETER_WRONG_BLOB_TY PE EM-380 %INSTALL-LIBNOTIFY-7-RESOURCE_LOCKED EM-380 %INSTALL-LIBNOTIFY-7-SYSDB_BIND EM-381 %INSTALL-LIBNOTIFY-7-SYSDB_COMMIT EM-381 %INSTALL-LIBNOTIFY-7-SYSDB_DELETE EM-381 %INSTALL-LIBNOTIFY-7-SYSDB_GET EM-381 %INSTALL-LIBNOTIFY-7-SYSDB_LIST EM-382 %INSTALL-LIBNOTIFY-7-SYSDB_NOTIFICATION_UNREGI STER EM-382 %INSTALL-LIBNOTIFY-7-SYSDB_SET EM-382 %INSTALL-LIBNOTIFY-7-SYSDB_START EM-382 %INSTALL-LIBNOTIFY-7-SYSDB_UNBIND EM-383 %INSTALL-LIBNOTIFY-7-SYSMGR_TROUBLE EM-383 %INSTALL-LIBNOTIFY-7-TIMEOUT_RESET_LIMIT EM-38 3 %INSTALL-LIBNOTIFY-7-TYPE_MISMATCH_FOR_KEY E M-383 %INSTALL-LOADPATH_UPGRADE-7-CANT_ACTIVATE_O N_NODE_TYPES EM-384 %INSTALL-LOADPATH_UPGRADE-7-NULL_PTR EM-384 %INSTALL-LOADPATH_UPGRADE-7-PACKAGE_SUPPORT S_NO_NODE_TYPES EM-384 %INSTALL-LOADPATH-3-CERR_REGISTER_DLL EM-384 %INSTALL-LOADPATH-3-LIB_INIT EM-385 %INSTALL-LOADPATH-3-LTRACE_INIT EM-385 %INSTALL-LOADPATH-7-CORRUPT_ARG EM-385 %INSTALL-LOADPATH-7-CORRUPT_LDPATH EM-385 %INSTALL-LOADPATH-7-EMPTY_LOADPATH_STR EM-3 85 %INSTALL-LOADPATH-7-FAILED_REMOVE_IGNORE_COM MIT_LDPATH_FILE EM-386 %INSTALL-LOADPATH-7-FILE_CLOSE_FAIL EM-386 %INSTALL-LOADPATH-7-FILE_OPEN_FAIL EM-386 %INSTALL-LOADPATH-7-FILE_READ_FAIL EM-386Index EM-2636 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %INSTALL-LOADPATH-7-FILE_RENAME_FAIL EM-387 %INSTALL-LOADPATH-7-FILE_SEEK_FAIL EM-387 %INSTALL-LOADPATH-7-NULL_PTR EM-387 %INSTALL-LOADPATH-7-PACKAGE_OUTPUT_SORT EM- 387 %INSTALL-PKG_PLAT_MEM_CACHE-7-NULL_PTR EM-38 8 %INSTALL-PKG_PLAT-7-INTERNALERR EM-388 %INSTALL-PKG_PLAT-7-INTERNALERR EM-388 %INSTALL-PKG_PLAT-7-INTERNALERR EM-388 %INSTALL-PKG_PLAT-7-IO_FAIL EM-389 %INSTALL-PKG_PLAT-7-IO_FAIL EM-389 %INSTALL-PKG_PLAT-7-MY_NODE_TYPE EM-389 %INSTALL-PKG_PLAT-7-MY_NODE_TYPE EM-389 %INSTALL-PKG_PLAT-7-MY_NODE_TYPE EM-389 %INSTALL-PKG_PLAT-7-NO_MEM EM-390 %INSTALL-PKG_PLAT-7-NO_MEM EM-390 %INSTALL-PKG_PLAT-7-NO_MEM EM-390 %INSTALL-PKG_PLAT-7-NO_MEM EM-390 %INSTALL-PKG_PLAT-7-NULL_PTR EM-390 %INSTALL-PKG_PLAT-7-NULL_PTR EM-391 %INSTALL-PKG_PLAT-7-NULL_PTR EM-391 %INSTALL-PKG_PLAT-7-NULL_PTR EM-391 %INSTALL-PKG_PLAT-7-OPEN_FAIL EM-391 %INSTALL-PKG_PLAT-7-OPEN_FAIL EM-392 %INSTALL-PKG_PLAT-7-OPEN_FAIL EM-392 %INSTALL-PKG_PLAT-7-OPEN_FAIL EM-392 %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE EM-39 2 %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE EM-39 3 %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE EM-39 3 %INSTALL-PKG_PLAT-7-UNKNOWN_NODE_TYPE EM-39 3 %INSTALL-PKG-3-CORRUPT_INSTALL_FILE EM-393 %INSTALL-PKG-7-BAD_DEVICE_INDEX_ENTRY EM-394 %INSTALL-PKG-7-BAD_DIR_PREFIX EM-394 %INSTALL-PKG-7-BAD_INSTDB_FORMAT EM-394 %INSTALL-PKG-7-BAD_PIE_FORMAT EM-394 %INSTALL-PKG-7-BAD_SORT_TYPE EM-395 %INSTALL-PKG-7-CANT_ADD_FILE_INTO_TABLE EM-39 5 %INSTALL-PKG-7-CANT_CD EM-395 %INSTALL-PKG-7-CANT_GET_FILES EM-395 %INSTALL-PKG-7-CANT_GET_INSTALL_PATH EM-396 %INSTALL-PKG-7-CANT_GET_NODE_TABLE EM-396 %INSTALL-PKG-7-CANT_GET_RELATIVE_PATH EM-396 %INSTALL-PKG-7-CANT_GET_SIGNATURE EM-396 %INSTALL-PKG-7-CANT_MKDIR EM-397 %INSTALL-PKG-7-CANT_READ EM-397 %INSTALL-PKG-7-CANT_RMDIR EM-397 %INSTALL-PKG-7-CANT_SORT_NODE_TABLE EM-397 %INSTALL-PKG-7-CANT_UNCOMPRESS EM-398 %INSTALL-PKG-7-CERR_REGISTER_DLL EM-398 %INSTALL-PKG-7-CLOSE_FILE EM-398 %INSTALL-PKG-7-COPY_FILE EM-398 %INSTALL-PKG-7-CORRUPT_ARG EM-399 %INSTALL-PKG-7-CORRUPT_PIE EM-399 %INSTALL-PKG-7-CREATE_SYMLINK EM-399 %INSTALL-PKG-7-DELETE_FILE EM-399 %INSTALL-PKG-7-FAILED_REPAIR_INDEX_FILE EM-400 %INSTALL-PKG-7-FILE_NOT_IN_LOADPATH EM-400 %INSTALL-PKG-7-GET_APINAME_REPORT EM-400 %INSTALL-PKG-7-GET_FILE_INFO EM-400 %INSTALL-PKG-7-GET_PROVIDERS_REPORT EM-401 %INSTALL-PKG-7-INSTDB_BUILD_ERROR EM-401 %INSTALL-PKG-7-INTERNALERR EM-401 %INSTALL-PKG-7-INVALID_ARG EM-401 %INSTALL-PKG-7-LTRACE_INIT EM-402 %INSTALL-PKG-7-MBI_CONFIG_INCORRECTLY_CHANGE D EM-402 %INSTALL-PKG-7-MD5_GET_PACKAGE_SIGNATURE EM -402 %INSTALL-PKG-7-MD5_TO_STRING EM-402 %INSTALL-PKG-7-MD5_VERIFY_FILES EM-403 %INSTALL-PKG-7-MEMORY_FAILURE_MINOR EM-403 %INSTALL-PKG-7-MISSING_PIE_ATTRIBUTE EM-403 %INSTALL-PKG-7-NO_CWD EM-403 %INSTALL-PKG-7-NON_RELOAD_MDR_ISSU EM-404 %INSTALL-PKG-7-NON_RELOAD_PARALLEL_LR EM-404 %INSTALL-PKG-7-NOT_DIR EM-404 %INSTALL-PKG-7-NOT_PIE_FILE EM-404 %INSTALL-PKG-7-NOT_SINGLE_PIE_ATTRIBUTE EM-405 %INSTALL-PKG-7-NULL_PTR EM-405 %INSTALL-PKG-7-OPEN_FILE EM-405 %INSTALL-PKG-7-PIE_LIST_MISMATCH EM-405 %INSTALL-PKG-7-PREDICT_AVL_TREE EM-406 %INSTALL-PKG-7-READ_FILE EM-406 %INSTALL-PKG-7-RENAME_FILE EM-406 %INSTALL-PKG-7-RETIRED_PIE_FORMAT EM-406 %INSTALL-PKG-7-UNKNOWN_NODE_TYPE EM-407 %INSTALL-PKG-7-UNLINK_FILE EM-407 %INSTALL-PKG-7-WRITE_FILE EM-407 %INSTALL-PKG-7-WRONG_PIE_LOADER EM-407 %INSTALL-SDS_LIB-3-INIT EM-408 %INSTALL-SDS_LIB-7-INTERNALERR EM-408 %INSTALL-SDS_LIB-7-MEMORY EM-408 %INSTALL-SDS-3-INIT EM-408 %INSTALL-SDS-7-LWM EM-409 %INSTALL-SM-3-CALLBACK EM-409 %INSTALL-SM-3-CANNOT_DO_DLL EM-409 %INSTALL-SM-3-COMMUNICATION EM-409 %INSTALL-SM-3-INTERNAL EM-410 %INSTALL-SM-3-UNABLE_TO_PROCEED EM-410 %INSTALL-SM-4-NONFATAL_ERROR EM-410 %INSTALL-TURBOBOOT-3-DISK_TOO_SMALL EM-410 %INSTALL-TURBOBOOT-3-INVALID_DEVICE EM-411 %INSTALL-TURBOBOOT-4-ROMMON_VARIABLE_NOT_SE T EM-411 %INSTALL-TURBOBOOT-7-CANNOT_RESET_BOOTENV EM-411 %INSTALL-TURBOBOOT-7-DISK_INACCESSIBLE EM-411 %INSTALL-TURBOBOOT-7-DUAL_DEVICE_INIT_SPEC E M-412 %INSTALL-TURBOBOOT-7-DUAL_DEVICE_SPEC EM-412Index EM-2637 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %INSTALL-VERSMGR_LIB-7-FILESYSTEM EM-412 %INSTALL-VERSMGR_LIB-7-MEMORY EM-412 %INSTALL-VERSMGR_LIB-7-PARAMETER EM-413 %INSTALL-VERSMGR_LIB-7-SYSDB_BIND EM-413 %INSTALL-VERSMGR_LIB-7-SYSDB_GET EM-413 %INSTALL-VERSMGR_LIB-7-SYSDB_REGISTER EM-413 %INSTALL-VERSMGR_LIB-7-SYSDB_SET EM-414 %INSTALL-VERSMGR_LIB-7-SYSDB_UNBIND EM-414 %INSTALL-VS_CLIENT-3-CACHE_LOOKUP EM-414 %INSTALL-VS_CLIENT-3-CACHE_LOOKUP_NOT_PRESENT EM-414 %INSTALL-VS_CLIENT-3-FAILURE EM-414 %INSTALL-VS_CLIENT-3-NOMEM EM-415 %INSTALL-VS_CLIENT-3-NOTIFICATION EM-415 %INSTALL-VS_CLIENT-3-NOTIFICATION EM-415 %INSTALL-VS_CLIENT-3-NOTIFICATION_NOT_PRESENT EM-415 %INSTALL-VS_CLIENT-4-RESPONSE EM-415 %INSTALL-VS_CLIENT-7-INIT_SUCCESSFUL EM-416 %INSTALL-VS_PUBLISHER-3-HANDLER EM-416 %INSTALL-VS_PUBLISHER-3-TIMEOUT EM-416 %IP-ARP_GMP-4-WARN_EVENT EM-417 %IP-ARP_GMP-4-WARN_INIT EM-417 %IP-ARP-3-ERR_CACHE EM-418 %IP-ARP-3-ERR_MEDIA EM-418 %IP-ARP-3-ERR_NO_MEM EM-418 %IP-ARP-4-WARN_CLIENT_OVERWRITE EM-418 %IP-ARP-4-WARN_CLIENT_RESYNC EM-419 %IP-ARP-4-WARN_CONN EM-419 %IP-ARP-4-WARN_INIT EM-419 %IP-ARP-4-WARN_REGISTER EM-419 %IP-ARP-4-WARN_THREAD EM-420 %IP-ARP-4-WARN_WAIT EM-420 %IP-ARP-6-INFO_DUPADDR EM-420 %IP-ARP-6-INFO_DUPMAC EM-420 %IP-ARP-6-INFO_IF_MISMATCH EM-420 %IP-ARP-6-INFO_MAC EM-421 %IP-CE_TFTP-3-DATA_SEND_ERR EM-421 %IP-CE_TFTP-3-DATA_SEND_ERR EM-421 %IP-CE_TFTP-3-DATA_SEND_ERR EM-421 %IP-CE_TFTP-3-FILE_ACCESS_ERR EM-421 %IP-CE_TFTP-3-FILE_ACCESS_ERR EM-422 %IP-CE_TFTP-3-FILE_ACCESS_ERR EM-422 %IP-CE_TFTP-3-FILE_NOT_FOUND_ERR EM-422 %IP-CE_TFTP-3-FILE_NOT_FOUND_ERR EM-422 %IP-CE_TFTP-3-FILE_NOT_FOUND_ERR EM-422 %IP-CE_TFTP-3-INVALID_FILENAME_ERR EM-422 %IP-CE_TFTP-3-INVALID_FILENAME_ERR EM-423 %IP-CE_TFTP-3-INVALID_FILENAME_ERR EM-423 %IP-CE_TFTP-6-INVALID_PKT EM-423 %IP-CE_TFTP-6-INVALID_PKT EM-423 %IP-CE_TFTP-6-INVALID_PKT EM-423 %IP-CE_TFTP-6-INVALID_PROTOCOL_FIELD EM-423 %IP-CE_TFTP-6-INVALID_PROTOCOL_FIELD EM-424 %IP-CE_TFTP-6-INVALID_PROTOCOL_FIELD EM-424 %IP-CE_TFTP-6-KERNEL_DUMP_MSG EM-424 %IP-CE_TFTP-7-ERR EM-424 %IP-CE_TFTP-7-ERR EM-424 %IP-CE_TFTP-7-ERR EM-425 %IP-CE_TFTP-7-ERR_MEM_ALLOC EM-425 %IP-CE_TFTP-7-ERR_MEM_ALLOC EM-425 %IP-CE_TFTP-7-ERR_MEM_ALLOC EM-425 %IP-CE_TFTP-7-ERR_SYSDB_BIND EM-425 %IP-CE_TFTP-7-ERR_SYSDB_BIND EM-425 %IP-CE_TFTP-7-ERR_SYSDB_BIND EM-426 %IP-CE_TFTP-7-ERR_SYSDB_REG_VERIFY EM-426 %IP-CE_TFTP-7-ERR_SYSDB_REG_VERIFY EM-426 %IP-CE_TFTP-7-ERR_SYSDB_REG_VERIFY EM-426 %IP-DAPS-3-INIT EM-426 %IP-DAPS-3-SYSDBINIT EM-427 %IP-DAPS-4-ERR_INIT EM-427 %IP-DAPS-5-POOL_UTIL_HIGH EM-427 %IP-DAPS-5-POOL_UTIL_LOW EM-427 %IP-DAPS-5-UTIL_HIGH EM-427 %IP-DAPS-5-UTIL_LOW EM-427 %IP-DHCPD-3-INIT EM-428 %IP-DHCPD-3-NOPACKET EM-428 %IP-DHCPD-3-SYSDBINIT EM-428 %IP-DHCPD-4-ERR_INIT EM-428 %IP-DHCPV6-3-DBNOTLOADED EM-429 %IP-DHCPV6-3-DBOPEN EM-429 %IP-DHCPV6-3-DBREAD EM-429 %IP-DHCPV6-3-DBWRITE EM-429 %IP-DHCPV6-3-INIT EM-429 %IP-DHCPV6-3-MCASTJOIN EM-430 %IP-DHCPV6-3-MUTEXLOCK EM-430 %IP-DHCPV6-3-NOPACKET EM-430 %IP-DHCPV6-3-SYSDBINIT EM-430 %IP-DHCPV6-5-RELAYOUTIF EM-430 %IP-DOMAIN_SERVICES-3-ATTACH_HANDLER EM-431 %IP-DOMAIN_SERVICES-3-BIND_SYSDB EM-431 %IP-DOMAIN_SERVICES-3-CREATE_CHANNEL EM-431 %IP-DOMAIN_SERVICES-3-CREATE_CHUNK EM-431 %IP-DOMAIN_SERVICES-3-CREATE_EVENT_CONN EM-4 32 %IP-DOMAIN_SERVICES-3-CREATE_TIMER EM-432 %IP-DOMAIN_SERVICES-3-EDM_SERVER EM-432 %IP-DOMAIN_SERVICES-3-END_PROC EM-432 %IP-DOMAIN_SERVICES-3-GET_COID EM-432 %IP-DOMAIN_SERVICES-3-OPEN_EVENT_CONN EM-433 %IP-DOMAIN_SERVICES-3-REGISTER_DEBUG EM-433 %IP-DOMAIN_SERVICES-3-REGISTER_EVM EM-433 %IP-DOMAIN_SERVICES-3-REGISTER_RPC EM-433 %IP-DOMAIN_SERVICES-3-SYSMGR_PROC_READY EM-4 34 %IP-DOMAIN_SERVICES-7-REGISTER_CERRNO EM-434 %IP-HFR_IPv4-2-BGP_PA_CONFIG_IFH EM-434 %IP-HFR_IPv4-2-BGP_PA_CONFIG_IFH EM-434 %IP-HFR_IPv4-2-MSTATS_ALLOC_ERR EM-435 %IP-HFR_IPv4-2-MSTATS_ALLOC_ERR EM-435 %IP-HFR_IPv4-2-SYSTEM_FAIL EM-435 %IP-HFR_IPv4-2-SYSTEM_FAIL EM-435 %IP-HFR_IPv4-2-TRANS_ERR EM-435 %IP-HFR_IPv4-2-TRANS_ERR EM-436 %IP-HFR_IPv4-4-LTRACE EM-436 %IP-HFR_IPv4-4-LTRACE EM-436Index EM-2638 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %IP-HFR_IPv4-4-TRANS_WARNING EM-436 %IP-HFR_IPv4-4-TRANS_WARNING EM-436 %IP-HFR_IPv4-6-INFO EM-437 %IP-HFR_IPv4-6-INFO EM-437 %IP-IEP-3-DAEMON_ERR_EVM_CREATE EM-437 %IP-IEP-3-DAEMON_ERR_EVM_EVENT_BLOCK EM-437 %IP-IEP-3-DAEMON_ERR_SYSDB_BIND EM-437 %IP-IEP-3-DAEMON_ERR_SYSDB_BSCAN EM-438 %IP-IEP-3-DAEMON_ERR_SYSDB_REG_VERIFY EM-438 %IP-IEP-3-DAEMON_ERR_SYSDB_UNBIND EM-438 %IP-IEP-3-DAEMON_ERR_SYSMGR_PROC_READY EM-43 8 %IP-IEP-3-ERR_SYSDB_BIND EM-438 %IP-IEP-3-ERR_SYSDB_UNBIND EM-439 %IP-IEP-7-ERR_INTERNAL EM-439 %IP-IP_APS-3-ADDR_THRESHOLD_MAX EM-439 %IP-IP_APS-3-RANGE_THRESHOLD_MAX EM-439 %IP-IP_APS-6-ADDR_THRESHOLD_XCED EM-439 %IP-IP_APS-6-RANGE_THRESHOLD_XCED EM-440 %IP-IP_ARM_PLIB-3-EVENT_SET_RETRY_FAILED EM-440 %IP-IP_ARM_TEST-6-RCVD_UPDATE EM-440 %IP-IP_ARM-3-BAD_VISIBLE_COUNT EM-441 %IP-IP_ARM-3-CFLCT_FORCED_DOWN EM-441 %IP-IP_ARM-3-CFLCT_NOT_FOUND EM-441 %IP-IP_ARM-3-MHOST_DEFAULT_PIM EM-441 %IP-IP_ARM-3-UNNUM_CFLCT EM-442 %IP-IP_ARM-6-CFGED_MHOST_DEFAULT_MGMT EM-442 %IP-IP_ARM-6-CFLCT_NO_LONGER EM-442 %IP-IP_ARM-6-RTRID_CFG_DEPRECATED EM-442 %IP-IP_ARM-6-RTRID_GLOBAL_UNAVAILABLE EM-442 %IP-IP_ARM-6-UNNUM_CFLCT_NO_LONGER EM-443 %IP-IP_ARM-7-ERR_SYSDB_BIND EM-443 %IP-IP_ARM-7-INIT_FAILED EM-443 %IP-IP_ARM-7-LTRACE_INIT_ERR EM-443 %IP-IP_ICMP-7-ERR_EVM_CREATE EM-444 %IP-IP_ICMP-7-ERR_SYSDB_BIND EM-444 %IP-IP_ICMP-7-ERR_SYSDB_REG_NOTIFY EM-444 %IP-IP_ICMP-7-ERR_SYSDB_REG_VERIFY EM-444 %IP-IP_ICMP-7-LIB_INIT_FAILED EM-445 %IP-IP_LIB_NETIO-3-STATS_SHM EM-445 %IP-IP_NTP-3-CALENDAR_UPDATE_FAILED EM-445 %IP-IP_NTP-3-CLOCK_UPDATE_FAILED EM-446 %IP-IP_NTP-3-DRIFT_UPDATE_FAILED EM-446 %IP-IP_NTP-3-EXCEED_MAXFREQ EM-446 %IP-IP_NTP-5-ALL_CONN_LOST EM-446 %IP-IP_NTP-5-HP_CONN_LOST EM-446 %IP-IP_NTP-5-HP_CONN_RECOVERED EM-447 %IP-IP_NTP-5-LP_CONN_RECOVERED EM-447 %IP-IP_NTP-5-SYNC_LOSS EM-447 %IP-IP_NTP-5-UNUSUAL_OFFSET EM-447 %IP-IPV4_EDM-3-DECODE_FAILED EM-447 %IP-IPV4_EDM-3-ENCODE_FAILED EM-448 %IP-IPV4_EDM-3-SYSDB_BIND_FAILED EM-448 %IP-IPV4_EDM-6-BAGREG_FAILED EM-448 %IP-IPV4_EDM-7-ERR_BAG_REG EM-448 %IP-IPV4_EDM-7-ERR_SYSDB_BAG_ENCODE EM-448 %IP-IPV4_EDM-7-ERR_SYSDB_REG_EDM EM-449 %IP-IPV4_IO-3-NOMEM EM-449 %IP-IPV4_IO-3-OPTION_UPDATE_FAIL EM-449 %IP-IPV4_IO-3-PA_BIND EM-450 %IP-IPV4_IO-3-PA_NULL_HANDLE EM-450 %IP-IPV4_IO-3-PLATFORM_UPDATE EM-450 %IP-IPV4_IO-3-PLATFORM_UPDATE_BULK EM-450 %IP-IPV4_IO-3-UNHANDLED_ERROR EM-451 %IP-IPV4_IO-4-UNKNOWN_MESSAGE EM-451 %IP-IPV4_IO-7-INIT_FAILED EM-451 %IP-IPV4_MA-3-ADD_GROUP_FAILED EM-452 %IP-IPV4_MA-3-ERR_AVLBL_MTU EM-452 %IP-IPV4_MA-3-ERR_IFH_MISMATCHED EM-452 %IP-IPV4_MA-3-REMOVE_GROUP_FAILED EM-453 %IP-IPV4_MA-4-ERR_INTERFACE_EXIST EM-453 %IP-IPV4_MA-4-LOG_MTU EM-453 %IP-IPV4_MA-7-ERR_CREATE_REGISTER EM-454 %IP-IPV4_MA-7-ERR_EVM_ASYNC_ATTACH EM-454 %IP-IPV4_MA-7-ERR_EVM_ATTACH EM-454 %IP-IPV4_MA-7-ERR_EVM_CREATE EM-455 %IP-IPV4_MA-7-ERR_FINT_NAME EM-455 %IP-IPV4_MA-7-ERR_SYSDB_BIND EM-455 %IP-IPV4_MA-7-ERR_SYSDB_REG_NOTIFY EM-455 %IP-IPV4_MA-7-ERR_SYSDB_REG_VERIFY EM-456 %IP-IPV4_MA-7-INIT_FAILED EM-456 %IP-IPV4_MA-7-REPLICATE_DPC_INVALID_COOKIE EM- 456 %IP-IPV4_MA-7-UNKNOWN_MESSAGE EM-456 %IP-IPV4_NTP-7-EXIT_MESSAGE EM-457 %IP-IPV4_NTP-7-EXIT_MESSAGES EM-457 %IP-IPV4_NTPC-7-EXIT_MESSAGE EM-457 %IP-IPV4_NTPC-7-EXIT_MESSAGES EM-457 %IP-IPV6_MA-2-PROT_DOWN EM-458 %IP-IPV6_MA-3-ADD_GROUP_FAILED EM-458 %IP-IPV6_MA-3-ERR_ADDRSVR_INIT EM-458 %IP-IPV6_MA-3-ERR_CONFIG_INIT EM-458 %IP-IPV6_MA-3-ERR_DB_INIT EM-459 %IP-IPV6_MA-3-ERR_DEBUG_INIT EM-459 %IP-IPV6_MA-3-ERR_INIT EM-459 %IP-IPV6_MA-3-ERR_LAS_P_INIT EM-459 %IP-IPV6_MA-3-ERR_LL_CFG EM-459 %IP-IPV6_MA-3-ERR_LTRACE_INIT_FAIL EM-460 %IP-IPV6_MA-3-ERR_MTU EM-460 %IP-IPV6_MA-3-ERR_REMOVE_ENCAP EM-460 %IP-IPV6_MA-3-ERR_SETUP_HANDLERS EM-460 %IP-IPV6_MA-3-ERR_TIMER_ADDL_CTXT EM-460 %IP-IPV6_MA-3-ERR_TIMER_INIT EM-461 %IP-IPV6_MA-3-EVENT_CONN_ERR EM-461 %IP-IPV6_MA-3-EVENTMGR_CREATE_FAILED EM-461 %IP-IPV6_MA-3-REMOVE_GROUP_FAILED EM-461 %IP-IPV6_MA-3-SYSDB_BIND_FAILED EM-461 %IP-IPV6_MA-4-ERR_INTERFACE_EXIST EM-462 %IP-IPV6_MA-4-LOG_MTU EM-462 %IP-IPV6_MA-6-ERR_IM EM-462 %IP-IPV6_ND-3-ADDRESS_DUPLICATE EM-462 %IP-IPV6_ND-3-ERR_AIB_ADJ EM-463 %IP-IPV6_ND-3-ERR_AIB_CONN EM-463 %IP-IPV6_ND-3-ERR_EVENT_MGR_CREATE EM-463 %IP-IPV6_ND-3-ERR_EXTERNAL_FAIL EM-463 %IP-IPV6_ND-3-ERR_IFH_CONN EM-464Index EM-2639 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %IP-IPV6_ND-3-ERR_IM_BIND EM-464 %IP-IPV6_ND-3-ERR_IM_MEDIA_NOT_SUPPORTED EM-4 64 %IP-IPV6_ND-3-ERR_SYSDB EM-464 %IP-IPV6_SW-3-CLEAR_MAPPING_FAILED EM-465 %IP-IPV6_SW-3-ERR_ATTACH_FSV EM-465 %IP-IPV6_SW-3-ERR_MEDIA_REGISTER EM-465 %IP-IPV6_SW-3-ERR_NETIO_MUTEX_LOCK EM-465 %IP-IPV6_SW-3-ERR_NO_INTERFACE EM-466 %IP-IPV6_SW-3-ERR_PAK_REDIRECT EM-466 %IP-IPV6_SW-3-ERR_PROTO_INIT EM-466 %IP-IPV6_SW-3-ERR_READ_PUNT_REASON_FAILED EM- 466 %IP-IPV6_SW-3-NEED_SLOW_ROUTINE EM-467 %IP-IPV6_SW-3-SET_MAPPING_FAILED EM-467 %IP-IPV6_SW-4-ERR_DEBUG_INIT EM-467 %IP-IPV6-3-DEBUG_INIT_FAILED EM-467 %IP-IPV6-3-EDM_DECODE_FAILED EM-468 %IP-IPV6-3-EDM_ENCODE_FAILED EM-468 %IP-IPV6-3-EDM_OPEN_FAILED EM-468 %IP-IPV6-3-EDM_REGISTER_FAILED EM-468 %IP-IPV6-3-ERR_ADD_ENCAP EM-468 %IP-IPV6-3-ERR_LTRACE_INIT_FAIL EM-469 %IP-IPV6-3-ERR_NULL_HANDLE_ALLOC EM-469 %IP-IPV6-3-ERR_PA_BIND EM-469 %IP-IPV6-3-ERR_PA_BIND_RETVAL EM-469 %IP-IPV6-3-EVENTCONN_CREATE_FAILED EM-469 %IP-IPV6-3-INIT_FAILED EM-470 %IP-IPV6-3-INVALID_INPUT EM-470 %IP-IPV6-3-PACKET_ERROR_DISCARD EM-470 %IP-IPV6-3-PACKETMGR_CONNECT_FAILED EM-470 %IP-IPV6-3-PAK_FSV_WRITE_FAILED EM-470 %IP-IPV6-3-PAK_SEND_TO_TRANSPORT_FAILED EM-471 %IP-IPV6-3-STATS_SHM_INIT_FAILED EM-471 %IP-IPV6-3-SYSDB_BIND_FAILED EM-471 %IP-IPV6-3-SYSDB_CONNECT_FAILED EM-471 %IP-IPV6-3-SYSDB_CREATEITEM_FAILED EM-471 %IP-IPV6-6-ERR_IM EM-472 %IP-L2SNOOP-3-DEBUG_INIT EM-472 %IP-L2SNOOP-3-INIT_ERR EM-472 %IP-L2SNOOP-3-INIT_RETRY EM-473 %IP-L2SNOOP-3-NO_MEM EM-473 %IP-L2SNOOP-3-RED_INIT EM-473 %IP-L2SNOOP-3-REG_NETWORK EM-473 %IP-L2SNOOP-3-SOCKET_INIT EM-474 %IP-L2SNOOP-3-SOFTWARE_INSTALL EM-474 %IP-L2SNOOP-3-TIMER_INIT EM-474 %IP-L2SNOOP-3-VRF_INIT EM-474 %IP-L2SNOOP-7-SYSDB_INIT EM-475 %IP-LIBIPPIMDLL-3-ENS_NRS_ERROR EM-475 %IP-LIBIPPIMDLL-3-PIM_LIB_DEBUG EM-475 %IP-LIBIPPIMDLL-3-PIM_LIB_SYSDB EM-476 %IP-LIBIPV4-3-ERR_CONV_ITEM EM-476 %IP-LIBIPV4-7-ERR_DATALIST EM-476 %IP-LIBIPV4-7-ERR_HSSD_REG EM-477 %IP-LIBIPV4PROTO-6-PAKHDR EM-477 %IP-LIBIPV4PROTO-6-PAKHDR_ERROR EM-477 %IP-LIBIPV4PROTO-7-GET_PAK_HDR_COUNT EM-477 %IP-LIBIPV4PROTO-7-PLIB_INIT EM-478 %IP-LIBIPV6PROTO-3-ERR_CONNECT_IO_STATS EM-478 %IP-LIBIPV6PROTO-3-ERR_CONNECT_RIB EM-478 %IP-LIBIPV6PROTO-3-ERR_FSV_REG EM-478 %IP-LIBIPV6PROTO-3-ERR_FSV_WRITE EM-479 %IP-LIBIPV6PROTO-3-ERR_GET_MTU EM-479 %IP-LIBIPV6PROTO-3-ERR_LAS_INIT EM-479 %IP-LIBIPV6PROTO-3-ERR_NETIO_CONN_INIT EM-479 %IP-LIBIPV6PROTO-3-ERR_NETWORK_GONE EM-479 %IP-LIBIPV6PROTO-3-ERR_NO_MEM EM-480 %IP-LIBIPV6PROTO-3-IPSEC_HANDLE EM-480 %IP-LIBIPV6PROTO-7-ERR_SEND_PACKET EM-480 %IP-MPA_CONSUMER-3-ERR_MEM_ALLOC EM-480 %IP-MPA-3-DOWNLOAD_FAIL EM-481 %IP-MPA-3-ERR_MEM_ALLOC EM-481 %IP-MPA-3-GROUP_SEND_NODE EM-481 %IP-MPA-3-MGII_MUTEX EM-481 %IP-MPA-3-RADIX_FAIL EM-482 %IP-MPA-3-RTINSERT_FAIL EM-482 %IP-MPA-7-DELETE_FAIL EM-482 %IP-MPA-7-INIT_FAILED EM-482 %IP-PFILTER_MA-7-INIT EM-483 %IP-PLATFORM_IPV4-1-DLERR EM-483 %IP-PRRT-3-ERR_CHUNK_CREATE EM-483 %IP-PRRT-3-ERR_CONN EM-483 %IP-PRRT-3-ERR_EVM EM-484 %IP-PRRT-3-ERR_INIT EM-484 %IP-PRRT-3-ERR_PTHREAD_CREATE EM-484 %IP-PRRT-3-ERR_TIMER EM-484 %IP-PRRT-6-ERR_NETIO_CONNECT EM-484 %IP-RAW-3-DEBUG_INIT EM-485 %IP-RAW-3-INIT_ERR EM-485 %IP-RAW-3-INIT_RETRY EM-485 %IP-RAW-3-NO_MEM EM-486 %IP-RAW-3-RED_INIT EM-486 %IP-RAW-3-REG_NETWORK EM-486 %IP-RAW-3-SOCKET_INIT EM-486 %IP-RAW-3-SOFTWARE_INSTALL EM-487 %IP-RAW-3-TIMER_INIT EM-487 %IP-RAW-3-VRF_INIT EM-487 %IP-RAW-7-SYSDB_INIT EM-488 %IP-rlogin-3-CHILD_PID EM-488 %IP-rlogin-3-CHILD_STOPPED EM-488 %IP-rlogin-3-CHILD_TERMINATED EM-488 %IP-rlogin-3-ERR_BEST_ROUTE EM-489 %IP-rlogin-3-ERR_CREATE_EVENTMGR EM-489 %IP-rlogin-3-ERR_FLUSH EM-489 %IP-rlogin-3-ERR_FORK EM-489 %IP-rlogin-3-ERR_SOCKET EM-489 %IP-rlogin-3-WAIT EM-490 %IP-rlogin-6-ERR_GENRAL EM-490 %IP-RLOGIND-3-ERR_CREATE_EVENTMGR EM-490 %IP-RLOGIND-3-ERR_DEBUG_INIT EM-490 %IP-RLOGIND-3-ERR_FATAL EM-490 %IP-RLOGIND-3-ERR_MALLOC EM-491 %IP-RLOGIND-3-ERR_OPEN EM-491 %IP-RLOGIND-3-ERR_SPAWN EM-491 %IP-RLOGIND-3-ERR_SYSDB EM-491Index EM-2640 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %IP-RLOGIND-3-ERR_TTY_DETAILS EM-491 %IP-RLOGIND-3-ERR_USAGE EM-492 %IP-RLOGIND-3-ERR_VTY_CONNECT EM-492 %IP-RLOGIND-4-ERR_SOCKET EM-492 %IP-RLOGIND-6-INFO_GENERAL EM-492 %IP-RSHD-2-ILLEGAL_PORT EM-492 %IP-RSHD-3-ERR_AUTH EM-493 %IP-RSHD-3-ERR_CREATE_EVENTMGR EM-493 %IP-RSHD-3-ERR_MALLOC EM-493 %IP-RSHD-3-ERR_REGISTER_DEBUG EM-493 %IP-RSHD-3-ERR_SOCKET EM-493 %IP-RSHD-3-ERR_USAGE EM-493 %IP-SCTP-3-INIT_ERR EM-494 %IP-SMIAP-2-INIT_FAILED EM-494 %IP-SMIAP-3-CHKPT_FAIL EM-494 %IP-SMIAP-4-ADDR_CFLCT EM-494 %IP-SMIAP-4-IM_ATTR_FIND_IF_FAILED EM-495 %IP-SMIAP-4-INVALID_NETWORK EM-495 %IP-SMIAP-4-SYSMGR_FAILURE EM-495 %IP-SMIAP-4-VIRTUAL_IP_CFLCT EM-495 %IP-SOCKET-3-INVALID_CLOSE EM-496 %IP-SOCKET-4-DOUBLE_CLOSE EM-496 %IP-SOCKET-4-DOUBLE_CLOSE EM-496 %IP-SOCKET-7-DEBUG_INIT_EVENT EM-496 %IP-SOCKET-7-DEBUG_INIT_EVENT EM-497 %IP-SOCKET-7-DEBUG_REGISTER EM-497 %IP-SOCKET-7-DEBUG_REGISTER EM-497 %IP-SOCKET-7-ERR_EVM_CREATE EM-497 %IP-SOCKET-7-ERR_EVM_CREATE EM-498 %IP-SOCKET-7-NOFDREF EM-498 %IP-SOCKET-7-NOFDREF EM-498 %IP-STANDBY-3-ERR_EDM_NOTIFY EM-498 %IP-STANDBY-3-ERR_IFINDEX EM-499 %IP-STANDBY-3-ERR_IM EM-499 %IP-STANDBY-3-ERR_INDEX EM-499 %IP-STANDBY-3-ERR_JOIN EM-499 %IP-STANDBY-3-ERR_MAC EM-500 %IP-STANDBY-3-ERR_NO_MEM EM-500 %IP-STANDBY-3-ERR_REGISTER EM-500 %IP-STANDBY-4-WARN_DEBUG EM-500 %IP-STANDBY-4-WARN_INIT EM-501 %IP-STANDBY-6-INFO_HOLDTIME EM-501 %IP-STANDBY-6-INFO_REDIRECTS_DISABLED EM-501 %IP-STANDBY-6-INFO_REDIRECTS_SECONDARY EM-501 %IP-STANDBY-6-INFO_STATECHANGE EM-501 %IP-TCP_NSR-3-FAILURE EM-502 %IP-TCP_NSR-3-FO_INITIATED EM-502 %IP-TCP_NSR-3-INIT_ERR EM-502 %IP-TCP_NSR-3-OUT_OF_SYNC EM-503 %IP-TCP_NSR-6-KEEPALIVE_MISS EM-503 %IP-TCP-3-BADAUTH EM-503 %IP-TCP-3-DEBUG_INIT EM-503 %IP-TCP-3-EAOPT_KEYMAX EM-504 %IP-TCP-3-EAOPT_RECV_UNSUPPORTED_MAC EM-504 %IP-TCP-3-EAOPT_SEND_INVALID_KEY EM-504 %IP-TCP-3-EAOPT_SEND_NOKEY EM-504 %IP-TCP-3-EAOPT_SEND_UNSUPPORTED_MAC EM-505 %IP-TCP-3-IM_INIT EM-505 %IP-TCP-3-INIT_ERR EM-505 %IP-TCP-3-INIT_RETRY EM-506 %IP-TCP-3-MISSING_AUTH EM-506 %IP-TCP-3-NO_MEM EM-506 %IP-TCP-3-RED_INIT EM-506 %IP-TCP-3-REG_NETWORK EM-507 %IP-TCP-3-SOCKET_INIT EM-507 %IP-TCP-3-TIMER_INIT EM-507 %IP-TCP-3-VRF_INIT EM-507 %IP-TCP-7-SYSDB_INIT EM-508 %IP-telnet-3-ERR_SYSDB EM-508 %IP-telnet-3-IMC_BIND EM-508 %IP-telnet-3-INVALID_ADDR_FAMILY EM-508 %IP-telnet-3-INVALID_PORT EM-509 %IP-telnet-3-RIB_BIND_FAILURE EM-509 %IP-telnet-3-RIB_SRC_ADDRESS_ERROR EM-509 %IP-telnet-3-SYSDB_GET EM-509 %IP-telnet-3-SYSTEM_ERROR EM-509 %IP-telnet-3-TCP_NETWORK_COMMS EM-510 %IP-telnet-3-TTY_DETAILS EM-510 %IP-telnet-3-TTY_NMSPC_PATH EM-510 %IP-telnet-4-DSCP_EXTRACT EM-510 %IP-telnet-4-DSCP_SET EM-510 %IP-telnet-4-SETSOCKOPT_BADF EM-510 %IP-telnet-6-ARM_ADDRESS EM-511 %IP-telnet-6-BIND EM-511 %IP-telnet-6-CONNECT EM-511 %IP-telnet-6-INTF_DOWN EM-511 %IP-telnet-6-INTF_HANDLE EM-511 %IP-telnet-6-INVALID_ADDRESS EM-511 %IP-telnet-6-INVALID_INTF EM-512 %IP-telnet-6-IP_ARM EM-512 %IP-telnet-6-SETSOCKOPT EM-512 %IP-telnet-6-SETSOCKOPT_EDOM EM-512 %IP-telnet-6-SETSOCKOPT_FAULT EM-512 %IP-telnet-6-SETSOCKOPT_INVAL EM-512 %IP-telnet-6-SETSOCKOPT_NOPROTOOPT EM-513 %IP-telnet-6-SOCKET EM-513 %IP-telnet-6-TCP_NODELAY EM-513 %IP-telnet-6-TCP_SO_OOBINLINE EM-513 %IP-TELNETD-2-SYSTEM_FAIL EM-513 %IP-TELNETD-3-ADDRESS_ERROR EM-514 %IP-TELNETD-3-CON_TIMEOUT EM-514 %IP-TELNETD-3-ERR_ADDRESS_FAMILY EM-514 %IP-TELNETD-3-ERR_BAD_PORT EM-514 %IP-TELNETD-3-ERR_CONNECT EM-514 %IP-TELNETD-3-ERR_CREATE_EVENTMGR EM-515 %IP-TELNETD-3-ERR_DEBUG_INIT EM-515 %IP-TELNETD-3-ERR_EXITING EM-515 %IP-TELNETD-3-ERR_KERNEL EM-515 %IP-TELNETD-3-ERR_MALLOC EM-515 %IP-TELNETD-3-ERR_OPEN EM-516 %IP-TELNETD-3-ERR_PANIC EM-516 %IP-TELNETD-3-ERR_SYSDB EM-516 %IP-TELNETD-3-ERR_TTY_DETAILS EM-516 %IP-TELNETD-3-ERR_USAGE EM-516 %IP-TELNETD-3-SYSTEM_ERROR EM-517 %IP-TELNETD-3-TCP_NETWORK_COMMS EM-517Index EM-2641 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %IP-TELNETD-4-CONFIGURATION_CHECK EM-517 %IP-TELNETD-4-DSCP_EXTRACT EM-517 %IP-TELNETD-4-TCP_KEEPALIVE EM-517 %IP-TELNETD-4-TCP_NAGLE EM-518 %IP-telnetdscp-4-DSCP_EXTRACT EM-518 %IP-telnetdscp-4-DSCP_SET EM-518 %IP-telnetmgmt-4-DSCP_VERIFY EM-518 %IP-TFTP_FS-3-ETIMEOUT_THRESHOLD EM-519 %IP-TTS-3-ERR EM-519 %IP-TTS-3-INIT_ERR EM-519 %IP-TTS-6-INFO EM-519 %IP-UDP-3-DEBUG_INIT EM-520 %IP-UDP-3-INIT_ERR EM-520 %IP-UDP-3-INIT_RETRY EM-520 %IP-UDP-3-NO_MEM EM-521 %IP-UDP-3-RED_INIT EM-521 %IP-UDP-3-REG_NETWORK EM-521 %IP-UDP-3-SOCKET_INIT EM-521 %IP-UDP-3-TIMER_INIT EM-522 %IP-UDP-3-VRF_INIT EM-522 %IP-UDP-7-SYSDB_INIT EM-522 %IP-VRRP-3-ERR_INDEX EM-523 %IP-VRRP-3-ERR_NO_MEM EM-523 %IP-VRRP-4-WARN_DEBUG EM-523 %IP-VRRP-4-WARN_INIT EM-523 %IP-VRRP-4-WARN_REGISTER EM-524 %IP-VRRP-6-INFO_STATECHANGE EM-524 %L1-PLIM_OC3-2-ERR_HW_RESTART EM-525 %L1-PLIM_OC3-3-ERR_INIT EM-525 %L1-PLIM_OC3-3-ERR_TIMER EM-526 %L1-PLIM_OC3-4-ERR_DEBUG EM-526 %L1-PMENGINE-4-TCA EM-526 %L1-TREX_LIB-3-MSG_SEND_FAILED EM-526 %L1-TREX_LIB-7-DEBUG EM-527 %L1-TREX-2-HW_FATAL_ERROR EM-527 %L1-TREX-2-SW_FATAL_ERROR EM-527 %L1-TREX-3-BOARD_PLL_ERROR EM-527 %L1-TREX-3-HW_NONFATAL_ERROR EM-528 %L1-TREX-3-PLL_ERROR EM-528 %L1-TREX-5-NOTICE EM-528 %L1-TREX-6-INFO EM-528 %L1-UT2-7-ERR_MSG EM-528 %L1-XENA-2-HW_FATAL_ERROR EM-529 %L1-XENA-2-SW_FATAL_ERROR EM-529 %L1-XENA-3-ERR_SPA_UNSUPPORTED EM-529 %L1-XENA-5-NOTICE EM-529 %L2-10GE_PLIM-2-RX_LOSS EM-531 %L2-10GE_PLIM-2-RX_LOSS EM-531 %L2-10GE_PLIM-2-RX_RF EM-531 %L2-10GE_PLIM-2-RX_RF EM-532 %L2-10GE_PLIM-2-RX_UNKNOWN EM-532 %L2-10GE_PLIM-2-RX_UNKNOWN EM-532 %L2-10GE_PLIM-2-STARTUP EM-532 %L2-10GE_PLIM-2-UNSUP EM-532 %L2-10GE_PLIM-2-XGXS_RX_SYNC EM-533 %L2-10GE_PLIM-2-XGXS_RX_SYNC EM-533 %L2-10GE_PLIM-2-XGXS_TX_SYNC EM-533 %L2-10GE_PLIM-3-OIM_ERR EM-533 %L2-10GE_PLIM-3-OIM_ERR EM-533 %L2-10GE_PLIM-4-INVALID_MAC EM-534 %L2-10GE_PLIM-4-INVALID_MAC EM-534 %L2-10GE_PLIM-6-ERR_UPGRADE EM-534 %L2-10GE_PLIM-6-ERR_UPGRADE EM-534 %L2-10GE_PLIM-6-OIM_OIR EM-534 %L2-10GE_PLIM-6-OIM_OIR EM-535 %L2-ACCT_SVR-3-ERR_INIT EM-535 %L2-ACCT_SVR-3-ERR_INTERNAL EM-535 %L2-ACCT_SVR-4-HFA_CLK_DELTA_FAIL EM-535 %L2-ACCT_SVR-7-ISR_FIFO_USAGE_FLAG EM-536 %L2-ALPHA_TCAM-3-ERROR_MSG EM-536 %L2-ALPHA-3-ERR_ACCESS EM-536 %L2-ALPHA-3-ERROR_MSG EM-537 %L2-ALPHA-6-VERSION_WARNING EM-537 %L2-ALPHA-7-INFO_MSG EM-537 %L2-ALPHA-7-PAIR_REG EM-537 %L2-ALPHA-7-PHB_DUMP EM-538 %L2-ASIC_ERRORS-7-ERR_ECM_CREATE EM-538 %L2-ASIC_ERRORS-7-ERR_ECM_CREATE EM-538 %L2-ASIC_ERRORS-7-ERR_ECM_CREATE EM-538 %L2-ASIC_ERRORS-7-ERR_ECM_CREATE EM-539 %L2-ASIC_ERRORS-7-ERR_ECM_REG EM-539 %L2-ASIC_ERRORS-7-ERR_ECM_REG EM-539 %L2-ASIC_ERRORS-7-ERR_ECM_REG EM-539 %L2-ASIC_ERRORS-7-ERR_ECM_REG EM-540 %L2-ASIC_ERRORS-7-ERR_SYSDB EM-540 %L2-ASIC_ERRORS-7-ERR_SYSDB EM-540 %L2-ASIC_ERRORS-7-ERR_SYSDB EM-540 %L2-ASIC_ERRORS-7-ERR_SYSDB EM-540 %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE EM-541 %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE EM-541 %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE EM-541 %L2-ASIC_ERRORS-7-ERR_SYSDB_BAG_ENCODE EM-541 %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG EM-541 %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG EM-542 %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG EM-542 %L2-ASIC_ERRORS-7-ERR_SYSDB_EDM_REG EM-542 %L2-ASIC_SCAN_SERVER-2-NODE_BRINGDOWN EM-542 %L2-ASIC_SCAN_SERVER-2-NODE_BRINGDOWN EM-543 %L2-ASIC_SCAN_SERVER-7-ERR_EVM_CREATE EM-543 %L2-ASIC_SCAN_SERVER-7-ERR_EVM_CREATE EM-543 %L2-ASIC_SCAN_SERVER-7-ERR_INIT EM-543 %L2-ASIC_SCAN_SERVER-7-ERR_INIT EM-544 %L2-ASIC_SCAN_SERVER-7-ERR_IO EM-544 %L2-ASIC_SCAN_SERVER-7-ERR_IO EM-544 %L2-ATM_ILMI-2-IM_ERR EM-544 %L2-ATM_ILMI-2-INTERNAL_ERR EM-545 %L2-ATM_ILMI-2-SYSDB_ERR EM-545 %L2-ATM_INARP-2-INTERNAL_ERR EM-545 %L2-ATM_INARP-2-NOMEM EM-545 %L2-ATM_NETIO-3-CARD_DLL EM-546 %L2-ATM_NETIO-3-INSERT_DICT EM-546 %L2-ATM_NETIO-3-INVALID_DLL EM-546 %L2-ATM_NETIO-3-LOAD_PATH EM-546 %L2-ATM_NETIO-3-MEMORY EM-546 %L2-ATM_NETIO-3-PARSE_FAILURE EM-547 %L2-ATM_NETIO-3-PARSER_NULL_PATH EM-547Index EM-2642 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-ATM_NETIO-6-DEBUG_REG EM-547 %L2-ATM_OAM-2-IM_ERR EM-547 %L2-ATM_OAM-2-INTERNAL_ERR EM-547 %L2-ATM_OAM-2-SYSDB_ERR EM-548 %L2-ATM_RM-1-SYSDB_ERR EM-548 %L2-ATM_RM-2-INTERNAL_ERR EM-548 %L2-ATM_RM-2-NOMEM EM-548 %L2-ATM_RM-4-BANDWIDTH_ERR EM-548 %L2-ATM_SAAR-2-INIT EM-549 %L2-ATM_SAAR-6-DEBUG_REG EM-549 %L2-ATM_SOCKET-2-INTERNAL_ERR EM-549 %L2-ATM_SOCKET-2-NOMEM EM-549 %L2-ATM_SOCKET-3-RESMGR_ATTACH EM-550 %L2-ATM_SOP-3-INTR EM-550 %L2-ATM_SOP-7-DEBUG EM-550 %L2-ATM_VCM-2-IM_ERR EM-550 %L2-ATM_VCM-2-INTERNAL_ERR EM-551 %L2-ATM_VCM-2-SYSDB_ERR EM-551 %L2-atmdrv-2-ERR EM-551 %L2-atmdrv-2-ERR EM-551 %L2-atmdrv-2-ERR_ENCAP EM-551 %L2-atmdrv-2-ERR_ENCAP EM-552 %L2-atmdrv-2-ERR_STS EM-552 %L2-atmdrv-2-ERR_STS EM-552 %L2-atmdrv-2-ERR_VC EM-552 %L2-atmdrv-2-ERR_VC EM-552 %L2-atmdrv-3-cpk_err EM-553 %L2-atmdrv-3-cpk_err EM-553 %L2-atmdrv-4-warning EM-553 %L2-atmdrv-4-warning EM-553 %L2-atmdrv-7-db_dump EM-553 %L2-ATMGCMGR-2-DBG_INIT EM-554 %L2-ATMGCMGR-2-INIT EM-554 %L2-BFD-4-ASYNC_DETECT_TIMER_FAULTY_EXPIRY E M-554 %L2-BFD-4-RATE_LIMIT_WARNING_HIGH_WATERMARK EM-554 %L2-BFD-4-RATE_LIMIT_WARNING_LOW_WATERMARK EM-555 %L2-BFD-6-SESSION_NO_RESOURCES EM-555 %L2-BFD-6-SESSION_NO_RESOURCES_CLR EM-555 %L2-BFD-6-SESSION_REMOVED EM-555 %L2-BFD-6-SESSION_STATE_DOWN EM-555 %L2-BFD-6-SESSION_STATE_UP EM-556 %L2-BFD-6-SESSION_VERSION_CHANGE EM-556 %L2-BM_PD-3-DLL_CERRNO EM-556 %L2-BM_PD-3-DLL_CERRNO EM-556 %L2-BM_PD-3-DLL_CERRNO EM-557 %L2-BM_PD-3-DLL_CERRNO EM-557 %L2-BM_PD-3-DLL_CERRNO EM-557 %L2-BM_PD-3-DLL_CERRNO EM-557 %L2-BM_PD-3-DLL_CERRNO EM-558 %L2-BM_PD-3-DLL_INIT EM-558 %L2-BM_PD-3-DLL_INIT EM-558 %L2-BM_PD-3-DLL_INIT EM-558 %L2-BM_PD-3-DLL_INIT EM-559 %L2-BM_PD-3-DLL_INIT EM-559 %L2-BM_PD-3-DLL_INIT EM-559 %L2-BM_PD-3-DLL_INIT EM-559 %L2-BM_PD-3-DLL_TRACE EM-560 %L2-BM_PD-3-DLL_TRACE EM-560 %L2-BM_PD-3-DLL_TRACE EM-560 %L2-BM_PD-3-DLL_TRACE EM-560 %L2-BM_PD-3-DLL_TRACE EM-561 %L2-BM_PD-3-DLL_TRACE EM-561 %L2-BM_PD-3-DLL_TRACE EM-561 %L2-BM_PD-4-ERR_ADJ_CMPL_DLL_INIT EM-561 %L2-BM_PD-4-ERR_ADJ_DLL_INIT EM-562 %L2-BM_PD-4-ERR_ADJ_DLL_INIT EM-562 %L2-BM_PD-4-ERR_ADJ_DLL_INIT EM-562 %L2-BM_PD-4-ERR_ADJ_DLL_INIT EM-562 %L2-BM_PD-4-ERR_INIT EM-563 %L2-BM_PD-4-ERR_INIT EM-563 %L2-BM_PD-4-ERR_INIT EM-563 %L2-BM-3-ERR_IIR_MEMBERSHIP EM-563 %L2-BM-4-ERR_ACTIVATE EM-564 %L2-BM-4-ERR_ADJ_DLL_INIT EM-564 %L2-BM-4-ERR_ADMINSTATE EM-564 %L2-BM-4-ERR_COMMS_LINK_UNKNOWN EM-564 %L2-BM-4-ERR_EVM_EVENT_BLOCK EM-565 %L2-BM-4-ERR_GROUP_CREATE EM-565 %L2-BM-4-ERR_IDENTICAL EM-565 %L2-BM-4-ERR_IIR_BDL_DATA EM-565 %L2-BM-4-ERR_IIR_BDL_HANDLE EM-566 %L2-BM-4-ERR_IIR_MBR_DATA EM-566 %L2-BM-4-ERR_IIR_MBR_HANDLE EM-566 %L2-BM-4-ERR_IIR_OP EM-566 %L2-BM-4-ERR_IIR_SUB_HANDLE EM-567 %L2-BM-4-ERR_INIT EM-567 %L2-BM-4-ERR_INIT_ENS EM-567 %L2-BM-4-ERR_LINK_ATTACHED EM-567 %L2-BM-4-ERR_MEM_ALLOC EM-568 %L2-BM-4-ERR_MIB_CLEANUP EM-568 %L2-BM-4-ERR_MIB_INIT EM-568 %L2-BM-4-ERR_MOVING_LINK EM-568 %L2-BM-4-ERR_MTU_IMPOSE EM-569 %L2-BM-4-ERR_NETIO_INIT EM-569 %L2-BM-4-ERR_NODE_SET EM-569 %L2-BM-4-ERR_PAKMAN EM-569 %L2-BM-4-ERR_RECREATE_BUNDLE EM-570 %L2-BM-4-ERR_RECREATE_LINK EM-570 %L2-BM-4-ERR_REPAIR_BUNDLE EM-571 %L2-BM-4-ERR_REPAIR_DATABASE EM-571 %L2-BM-4-ERR_REPAIR_LINK EM-571 %L2-BM-4-ERR_REPLICATE EM-571 %L2-BM-4-ERR_RESTORE_LINK EM-572 %L2-BM-4-ERR_RESYNC_EXCEED_IIR EM-572 %L2-BM-4-ERR_RESYNC_SCHED_IIR EM-572 %L2-BM-4-ERR_RETRY_EXCEED EM-572 %L2-BM-4-ERR_RETRY_EXCEED_GSP EM-573 %L2-BM-4-ERR_RETRY_EXCEED_IMP EM-573 %L2-BM-4-ERR_RETRY_EXCEED_SYSTEM_MAC EM-573 %L2-BM-4-ERR_RETRY_SCHED EM-574 %L2-BM-4-ERR_SYSMGR EM-574 %L2-BM-4-ERR_SYSTEM_MAC_RESET EM-574 %L2-BM-4-ERR_TX_HEAP_LOOKUP EM-574Index EM-2643 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-BM-4-ERR_TX_TIMER EM-575 %L2-BM-4-ERR_UNREPLICATE EM-575 %L2-BM-4-LRD_RESYNC EM-575 %L2-BM-5-CHURN EM-575 %L2-BM-5-ERR_TX_ENQUEUE EM-576 %L2-BM-6-DISTRIBUTING EM-576 %L2-BM-6-MEMBER_COMPATIBILITY EM-576 %L2-BM-6-MIN_MAX EM-576 %L2-C_SHIM_PARTNER-3-AIB_INIT_FAILED EM-577 %L2-C_SHIM_PARTNER-3-CAP_ADD_ERR EM-577 %L2-C_SHIM_PARTNER-3-CAP_CNTL_ERR EM-577 %L2-C_SHIM_PARTNER-3-CAP_LKP_ERR EM-577 %L2-C_SHIM_PARTNER-3-ECM_INIT_FAILED EM-578 %L2-C_SHIM_PARTNER-3-SET_CALLBACK_ERR EM-578 %L2-C_SHIM_PARTNER-3-SVR_UBIND_ERR EM-578 %L2-C_SHIM_PARTNER-4-SVR_BIND_ERR EM-578 %L2-C_SHIM_PARTNER-7-IFH_ERR EM-578 %L2-C_SHIM_PARTNER-7-IM_CALLBACK_ERR EM-579 %L2-C12000_FR-3-SUBIF_COUNT EM-579 %L2-CCL-3-INIT_ERROR EM-579 %L2-CDP-3-ERR_CONN EM-579 %L2-CDP-3-ERR_IM_ATTR_REGISTRATION EM-580 %L2-CDP-3-ERR_IM_CAPS_ADD EM-580 %L2-CDP-3-ERR_IM_CAPS_REMOVE EM-580 %L2-CDP-3-ERR_IM_MTU_REGISTER EM-580 %L2-CDP-3-ERR_IM_STATE_REGISTER EM-581 %L2-CDP-3-ERR_INTF_INIT EM-581 %L2-CDP-3-ERR_INTF_STATS EM-581 %L2-CDP-3-ERR_IPV4_ADDRESS_SCAN EM-581 %L2-CDP-3-ERR_IPV4_REGISTRATION EM-582 %L2-CDP-3-ERR_IPV6_ADDRESS_SCAN EM-582 %L2-CDP-3-ERR_IPV6_REGISTRATION EM-582 %L2-CDP-3-ERR_STATS EM-582 %L2-CDP-3-STALE_TLV EM-583 %L2-CDP-4-DUPLEX_MISMATCH EM-583 %L2-CDP-4-ERR_MULTICAST_ADDR_SET EM-583 %L2-CDP-4-ERR_TABLE_RESIZE EM-583 %L2-CDP-4-NEIGHBOR_LIMIT EM-583 %L2-CDP-4-NO_KNOWN_MEDIA EM-584 %L2-CDP-4-NO_KNOWN_MEDIA_DRIVERS EM-584 %L2-CDP-4-WARN_INIT EM-584 %L2-CDP-4-WARN_TERM EM-584 %L2-CDP-6-DELETED_NEIGHBOR EM-585 %L2-CDP-6-NEW_NEIGHBOR EM-585 %L2-CDPCP-3-DEBUG_ASSOC EM-585 %L2-CDPCP-3-DEBUG_COND_REGISTER EM-585 %L2-CDPCP-3-DEBUG_REGISTER EM-586 %L2-CDPCP-3-ERR_CONN EM-586 %L2-CDPCP-3-ERR_EVENT EM-586 %L2-CDPCP-3-ERR_EVENT_MGR_CREATE EM-586 %L2-CDPCP-3-ERR_IM_STATE EM-586 %L2-CDPCP-3-ERR_MBOX_ADD EM-587 %L2-CDPCP-3-ERR_MBOX_CREATE EM-587 %L2-CDPCP-3-ERR_MBOX_INIT EM-587 %L2-CDPCP-3-ERR_MBOX_SEND EM-587 %L2-CDPCP-3-ERR_MQ_OPEN EM-587 %L2-CDPCP-3-ERR_NETIO_RXQ EM-588 %L2-CDPCP-3-ERR_SYSDB EM-588 %L2-CDPCP-3-ERR_SYSDB_NOTIFICATION EM-588 %L2-CDPCP-3-ERR_TIMER EM-588 %L2-CDPCP-3-LTRACE_INIT EM-588 %L2-CDPCP-4-ERR_EVENT_WAIT EM-589 %L2-CDPCP-4-ERR_INTERFACE_NULL EM-589 %L2-CDPCP-4-ERR_MEMORY EM-589 %L2-CDPCP-4-ERR_MQ_RECEIVE EM-589 %L2-CDPCP-4-ERR_NO_INTERFACE EM-589 %L2-CDPCP-4-ERR_NO_INTERFACE_STRUCT EM-590 %L2-CDPCP-6-ERR_IM_CONNECT EM-590 %L2-CDPCP-6-ERR_IM_ENCAPS EM-590 %L2-CDPCP-6-ERR_IM_EVENT EM-590 %L2-CDPCP-6-ERR_IM_PROTO EM-590 %L2-CEMA-3-FATAL_ERR EM-591 %L2-CEMA-3-MISMATCH_ERR EM-591 %L2-CEMA-4-GEN_ERR EM-591 %L2-CFM-3-BD_ERROR EM-591 %L2-CFM-3-CCI_TIMER EM-592 %L2-CFM-3-CCM_GEN_ERROR EM-592 %L2-CFM-3-CFG_DELETED_INTF_OP EM-592 %L2-CFM-3-CFG_UPDATE_LOST EM-592 %L2-CFM-3-CGM_APPLY_FAILED EM-593 %L2-CFM-3-DB_DELETE_FAILED EM-593 %L2-CFM-3-DB_INCONSISTENT EM-593 %L2-CFM-3-DB_LOCK_ERROR EM-594 %L2-CFM-3-ELO_LB_STATE EM-594 %L2-CFM-3-ENGINE_TIMER EM-594 %L2-CFM-3-FAULT_NOTIFICATION EM-594 %L2-CFM-3-HW_ERROR EM-595 %L2-CFM-3-IM_STATE_ERROR EM-595 %L2-CFM-3-INV_DEBUG_FLTR EM-595 %L2-CFM-3-LWM_ERROR EM-596 %L2-CFM-3-MA_RESYNC EM-596 %L2-CFM-3-MEPS_DELETE_CCM_GEN EM-596 %L2-CFM-3-MP_DB_ALLOC EM-597 %L2-CFM-3-PAK_ERROR EM-597 %L2-CFM-3-RETRY_EXCEEDED EM-597 %L2-CFM-3-STATE_UPDATE_DROPPED EM-598 %L2-CFM-3-WL_QUEUE_FAILED EM-598 %L2-CFM-4-CCM_PARSE_FAILED EM-598 %L2-CFM-4-CFG_INCONSISTENT EM-599 %L2-CFM-4-ENCAP_CHANGE EM-599 %L2-CFM-4-EXIT_FAILED EM-599 %L2-CFM-4-INIT_FAILED EM-600 %L2-CFM-4-LOSS_TIMER_FAILED EM-600 %L2-CFM-4-LOST_EVENT EM-600 %L2-CFM-4-MIB_CHKPT_BATCH_ERROR EM-600 %L2-CFM-4-MIB_CHKPT_ITEM_ERROR EM-601 %L2-CFM-4-NOTIFY_LOSS_FAILED EM-601 %L2-CFM-4-PACKET_DECODE_FAILED EM-601 %L2-CFM-6-CC_ERROR EM-602 %L2-CFM-6-MEP_CHANGE EM-602 %L2-CFM-6-SHMWIN_RESET EM-602 %L2-CFM-6-TOO_MANY_TLVS EM-602 %L2-CFM-6-XC_ERROR EM-603 %L2-CFM-7-PD_NOT_SUP EM-603 %L2-CFMMIB-3-NO_DEBUG EM-603 %L2-CFMMIB-3-NO_TRAP EM-603Index EM-2644 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-CHDLC_EA-4-ERR_EVM_EVENT_BLOCK EM-604 %L2-CHDLC_EA-4-ERR_INIT EM-604 %L2-CHDLC_EA-6-ERR_IMP_MULTIPLE_NTFCNS EM-604 %L2-CHDLC_MA-3-ERR_IIR_BDL_OP EM-604 %L2-CHDLC_MA-3-ERR_INTF_UP_DOWN EM-605 %L2-CHDLC_MA-3-ERR_SYSMGR_SOCK_FEAT_START E M-605 %L2-CHDLC_MA-4-ERR_EVM_EVENT_BLOCK EM-605 %L2-CHDLC_MA-4-ERR_INIT EM-605 %L2-CHDLC_MA-6-ERR_IM_MULTIPLE_NTFCNS EM-606 %L2-CHDLC_SOCK-4-ERR_EVM_EVENT_BLOCK EM-606 %L2-CHDLC_SOCK-4-ERR_INIT EM-606 %L2-CHDLC_SOCK-4-ERR_PAKMAN_CORRUPTION EM-6 06 %L2-CHDLCDLL-3-ERR_DEBUG_REGISTER EM-607 %L2-CHDLCDLL-3-ERR_PKT_ENCAP EM-607 %L2-CHDLCDLL-3-ERR_TRACE_REGISTER EM-607 %L2-CHIPs-2-error EM-607 %L2-COMMS-3-MSG_DROPPED EM-608 %L2-COMMS-3-MY_ID_MISMATCH EM-608 %L2-COMMS-3-MY_SAVE_FAILED EM-608 %L2-COMMS-3-SAVE_FAILED EM-608 %L2-COMMS-4-DUPLICATE_ENTRY EM-609 %L2-d1qnetio-3-CHAIN_BUILDER_FAILED EM-609 %L2-d1qnetio-3-IDB_NOT_FOUND EM-609 %L2-d1qnetio-3-REGISTRY_CREATION_FAILED EM-609 %L2-d1qnetio-3-SUBBLOCK_REG_FAILED EM-610 %L2-d1qnetio-3-TRACE_INIT_ERROR EM-610 %L2-d1qnetio-4-CHAIN_UNBUILDER_FAILED EM-610 %L2-d1qnetio-4-DEBUG_INIT_ERROR EM-610 %L2-d1qnetio-4-DEVCTL_NOT_SUP EM-611 %L2-d1qnetio-4-TERM_FAILED EM-611 %L2-DI-3-CHANNELCREATE EM-611 %L2-DI-3-CHKPT EM-611 %L2-DI-3-COMMAND EM-611 %L2-DI-3-COMMAND3 EM-612 %L2-DI-3-CONNECTION EM-612 %L2-DI-3-DESTINSANE EM-612 %L2-DI-3-DESTORG EM-612 %L2-DI-3-DIDORG EM-612 %L2-DI-3-DLLABSENT EM-612 %L2-DI-3-DLLORG EM-613 %L2-DI-3-DLLSYMMISSING EM-613 %L2-DI-3-ENTRY EM-613 %L2-DI-3-ERRORG EM-613 %L2-DI-3-EVE EM-613 %L2-DI-3-EVELOOP EM-613 %L2-DI-3-EVEMGR EM-614 %L2-DI-3-INCONSISTINSTHASH EM-614 %L2-DI-3-INCONSISTRSRCHASH EM-614 %L2-DI-3-INSTHASH EM-614 %L2-DI-3-INSTSTORE EM-614 %L2-DI-3-INTORG EM-614 %L2-DI-3-MAINLINE EM-615 %L2-DI-3-MUTEXINIT EM-615 %L2-DI-3-MUTEXLOCKFAIL EM-615 %L2-DI-3-NETIOEST EM-615 %L2-DI-3-OUTMEM EM-615 %L2-DI-3-PEERSTORE EM-615 %L2-DI-3-REGOMISSING EM-616 %L2-DI-3-REGOMISSING1 EM-616 %L2-DI-3-REGOORG EM-616 %L2-DI-3-RESIDORG EM-616 %L2-DI-3-RESOURCEHASH EM-616 %L2-DI-3-SHMWIN EM-616 %L2-DI-3-STARTCHKPT EM-617 %L2-DI-3-STARTDESTORG EM-617 %L2-DI-3-SYNHORG EM-617 %L2-DI-3-THREADCREATE EM-617 %L2-DIV2_DM-3-INFO EM-617 %L2-DIV2_DM-3-INIT EM-618 %L2-DIV2_DM-3-NO_MEM EM-618 %L2-DRIVERS_UTIL-3-TUPLE_READ_ERROR EM-618 %L2-DWDM-3-FATAL EM-618 %L2-DWDM-3-FATAL_2 EM-619 %L2-DWDM-3-INFO EM-619 %L2-DWDM-3-NOT_YET_IMPLEMENTED EM-619 %L2-E3EGRESSQ-3-ERR_MEM_ALLOC EM-619 %L2-E3EGRESSQ-3-ERR_THREAD_MUTEX_LOCK EM-620 %L2-E3EGRESSQ-3-ERR_THREAD_MUTEX_UNLOCK EM- 620 %L2-E3EGRESSQ-3-MEM_MAP EM-620 %L2-E3EGRESSQ-3-RECONFIG EM-620 %L2-E3EGRESSQ-4-ERR_MEM_ALLOC_SHMWIN EM-621 %L2-E3EGRESSQ-4-ERR_MEM_FREE EM-621 %L2-E3EGRESSQ-4-ERR_MEM_MQS_COUNTER_THR_EXC EEDED EM-621 %L2-E3EGRESSQ-4-ERR_MUTEX_INIT EM-621 %L2-E3EGRESSQ-4-ERR_MUTEX_REVIVE EM-622 %L2-E3EGRESSQ-4-ERR_PLATFORM_INFO EM-622 %L2-E3EGRESSQ-4-INTERRUPT EM-622 %L2-E3EGRESSQ-6-ERR_MEM_MQS_COUNTER_THR_NOR MAL EM-622 %L2-E3INGRESSQ-3-RECONFIG EM-623 %L2-E3INGRESSQ-4-INTERRUPT EM-623 %L2-E5EGRESSQ-3-RECONFIG EM-623 %L2-E5EGRESSQ-4-ERR_MEM_MQS_COUNTER_THR_EXC EEDED EM-623 %L2-E5EGRESSQ-4-ERROR EM-624 %L2-E5EGRESSQ-4-INTERRUPT EM-624 %L2-E5EGRESSQ-6-ERR_MEM_MQS_COUNTER_THR_NOR MAL EM-624 %L2-E5INGRESSQ-3-RECONFIG EM-624 %L2-E5INGRESSQ-4-INTERRUPT EM-625 %L2-EGRESSQ_HW_DLL-3-ENQ_PKT_LOGIC_ERROR EM -625 %L2-EGRESSQ_HW_DLL-3-ERR_MEM_ALLOC EM-625 %L2-EGRESSQ_HW_DLL-3-FAIL_TO_GET_BP_MAP_FROM_ PLIM_AISC EM-625 %L2-EGRESSQ_HW_DLL-3-FCRAM_BIST_FAILURE EM-62 6 %L2-EGRESSQ_HW_DLL-3-FORWARD_PACKET_TO_UNAL LOCATED_QUEUE EM-626 %L2-EGRESSQ_HW_DLL-3-HW_ERROR EM-626 %L2-EGRESSQ_HW_DLL-3-NON_ZERO_Q0_COUNTER E M-626Index EM-2645 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-EGRESSQ_HW_DLL-3-QUEUE_STUCK EM-627 %L2-EGRESSQ_HW_DLL-3-SBE_THRESHOLD_EXCEED E M-627 %L2-EGRESSQ_HW_DLL-3-UNALLOCATED_QUEUE_NOT_ EMPTY EM-627 %L2-EGRESSQ_HW_DLL-7-ERR_EVM_FAIL EM-627 %L2-EGRESSQ_HW_DLL-7-ERR_INTERNAL EM-628 %L2-EGRESSQ_HW_DLL-7-ERR_LWM_FAIL EM-628 %L2-EGRESSQ-3-ERR_MEM_ALLOC EM-628 %L2-EGRESSQ-3-ERR_MEM_ALLOC EM-629 %L2-EGRESSQ-3-FCRAM_BIST_FAILURE EM-629 %L2-EGRESSQ-3-HW_ERROR EM-629 %L2-EGRESSQ-3-SBE_THRESHOLD_EXCEED EM-629 %L2-EGRESSQ-3-UNALLOCATED_QUEUE_NOT_EMPTY EM-630 %L2-EGRESSQ-7-ERR_CLIENT_REG EM-630 %L2-EGRESSQ-7-ERR_CLIENT_REG EM-630 %L2-EGRESSQ-7-ERR_EVM_FAIL EM-630 %L2-EGRESSQ-7-ERR_EVM_FAIL EM-631 %L2-EGRESSQ-7-ERR_INTERNAL EM-631 %L2-EGRESSQ-7-ERR_INTERNAL EM-631 %L2-EGRESSQ-7-ERR_LWM_FAIL EM-632 %L2-EGRESSQ-7-ERR_LWM_FAIL EM-632 %L2-ELO_COMMON-3-SYSMGR_FAIL EM-632 %L2-ELO_COMMON-4-EVM_CLEANUP_FAILED EM-632 %L2-ELO_COMMON-4-PROC_READY_FAILED EM-633 %L2-ELO_COMMON-4-VERIFY_CLEANUP_FAILED EM-63 3 %L2-ELO_COMMON-4-VERIFY_INIT_FAILED EM-633 %L2-ELO-3-BAD_CONFIG EM-633 %L2-ELO-3-COULD_NOT_GET_NODEID EM-634 %L2-ELO-3-COULD_NOT_REMOVE_CAPS EM-634 %L2-ELO-3-DAEMON_INIT_FAILED EM-634 %L2-ELO-3-DEBUG_INIT_FAILED EM-634 %L2-ELO-3-EDM_INIT_FAILED EM-635 %L2-ELO-3-ERRDIS_FAILED EM-635 %L2-ELO-3-EXITING EM-635 %L2-ELO-3-IDB_INIT_FAILED EM-635 %L2-ELO-3-IW_INIT_FAILED EM-636 %L2-ELO-3-LOOPBACK_SET_FAILED EM-636 %L2-ELO-3-PFI_CLEANUP_FAILED_NOMEM EM-636 %L2-ELO-3-PFI_INIT_FAILED EM-636 %L2-ELO-3-PLATFORM_INIT_FAILED EM-637 %L2-ELO-3-PROTO_INIT_FAILED EM-637 %L2-ELO-4-CHKPT_SAVE_FAILED EM-637 %L2-ELO-4-DEBUG_CLEANUP_FAILED EM-637 %L2-ELO-4-EDM_CLEANUP_FAILED EM-638 %L2-ELO-4-IDB_CLEANUP_FAILED EM-638 %L2-ELO-4-INVALID_PLATFORM_EVENT_IFH EM-638 %L2-ELO-4-INVALID_PLATFORM_EVENT_TYPE EM-638 %L2-ELO-4-IW_CLEANUP_FAILED EM-639 %L2-ELO-4-LOOPBACK_FAILED EM-639 %L2-ELO-4-NOT_IN_LOOPBACK EM-639 %L2-ELO-4-PFI_ERROR EM-639 %L2-ELO-4-PFI_MODULE_CLEANUP_FAILED EM-640 %L2-ELO-4-PLATFORM_CLEANUP_FAILED EM-640 %L2-ELO-4-PROTO_CLEANUP_FAILED EM-640 %L2-ELO-4-SEND_FAILED EM-640 %L2-ELO-4-SEND_HEARTBEAT EM-641 %L2-ELO-6-CPU_STARVED EM-641 %L2-ELO-6-INTF_CAPABILITIES_CONFLICT EM-641 %L2-ELO-6-INTF_DISCOVERY_TIMEOUT EM-641 %L2-ELO-6-INTF_REMOTE_CRITICAL_EVENT EM-641 %L2-ELO-6-INTF_REMOTE_DYING_GASP EM-642 %L2-ELO-6-INTF_REMOTE_LINK_FAULT EM-642 %L2-ELO-6-INTF_REMOTE_LOOPBACK EM-642 %L2-ELO-6-INTF_SESSION_DOWN EM-642 %L2-ELO-6-INTF_SESSION_UP EM-642 %L2-ELO-6-INTF_THRESHOLD_BREACHED EM-643 %L2-ELO-6-LOOPBACK_CANCEL EM-643 %L2-ELO-6-MISCONFIGURED_INTERFACE EM-643 %L2-ELO-6-MISWIRED EM-643 %L2-ELO-6-NO_PROFILE EM-644 %L2-ELO-6-REMOTE_MASTER_LEFT_LOOPBACK EM-644 %L2-ELO-6-REMOTE_SLAVE_LEFT_LOOPBACK EM-644 %L2-ELO-6-UNEXPECTED_LOOPBACK_STATE EM-644 %L2-ELO-6-UNEXPECTED_STATE EM-645 %L2-ELOGM-4-DEBUG_CLEANUP_FAILED EM-645 %L2-ELOGM-4-DEBUG_INIT_FAILED EM-645 %L2-ELOGM-4-EXITING EM-645 %L2-ELOGM-4-INIT_FAILED EM-646 %L2-EMA-4-ERR_ACTIVATE EM-646 %L2-EMA-4-ERR_EVM_EVENT_BLOCK EM-646 %L2-EMA-4-ERR_INIT EM-646 %L2-EMA-4-ERR_SYSMGR EM-647 %L2-EPI-3-ATTR_NOTIFY_FAILED EM-647 %L2-EPI-3-INIT_FAILED EM-647 %L2-EPI-3-PAK_FREE_FAILED EM-648 %L2-EPI-3-PKT_OVERFLOW EM-648 %L2-ETH_OUTPUT-3-ERR_NO_MEM EM-648 %L2-ETHER_NETIO-4-DEBUG_REG EM-649 %L2-ether_spa_intr-1-MAX_BURST_EVENT EM-649 %L2-ether_spa_intr-6-BURST_EVENT EM-649 %L2-ether_spa_mac_error-1-RECOVERY_FAILED EM-650 %L2-ether_spa_plugin-6-ERRORRECOVER EM-650 %L2-ether_spa_plugin-6-LINK_EVENT EM-650 %L2-ether_spa_plugin-6-OPTICS_OIR EM-650 %L2-ether_spa_plugin-6-UNSUPPORTED_OPTICS EM-651 %L2-ETHER-1-CONFIGERROR EM-651 %L2-ETHER-1-IMERROR EM-651 %L2-ETHER-2-DEVCTLFAILED EM-651 %L2-ETHER-2-OUTOFMEMORY EM-651 %L2-ETHER-2-SYSDBREGISTERFAILED EM-652 %L2-ETHER-3-BADASYNCEVENT EM-652 %L2-ETHER-3-BDL_IIR_OP_FAILED EM-652 %L2-ETHER-3-DILBFAILED EM-652 %L2-ETHER-3-DPCFAILED EM-652 %L2-ETHER-3-EDMERROR EM-653 %L2-ETHER-3-INITFAILED EM-653 %L2-ETHER-3-INVALIDARGSIZE EM-653 %L2-ETHER-3-INVALIDTIMER EM-653 %L2-ETHER-3-RESTARTFAILED EM-653 %L2-ETHER-3-TIMERINITFAILED EM-654 %L2-ETHER-3-UNSUPPORTEDSTATS EM-654 %L2-ETHER-4-ERR_EVM_EVENT_BLOCK EM-654 %L2-ETHER-4-INIT EM-654Index EM-2646 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-ETHERNET-3-INTERFACE_INITIAL EM-655 %L2-ETHERNET-3-MIB_ERROR EM-655 %L2-ETHERNET-3-MTU_IMPOSE_FAILED EM-655 %L2-ETHERNET-3-STATE_FSM EM-655 %L2-ETHERNET-3-TX_DISABLE EM-656 %L2-ETHERNET-4-BDL_IIR_OP_FAILED EM-656 %L2-ETHERNET-4-INITIALIZATION EM-656 %L2-ETHERNET-4-INTERFACE_CREATE EM-656 %L2-ETHERNET-6-MAC_ACC_NOT_PROGRAMMED EM-6 57 %L2-ETHERNET-6-MTU_NEAR_HW_LIMIT EM-657 %L2-FB_PLIM-3-ERROR EM-657 %L2-FB_PLIM-3-ERROR_NO_RC EM-658 %L2-FB_PLIM-3-INIT_ERROR EM-658 %L2-FB_PLIM-3-ML_ERROR EM-658 %L2-FB_PLIM-3-ML_PULSE_ERROR EM-658 %L2-FB_PLIM-4-WARNING EM-659 %L2-FB_SHIM_ENCAP-3-EINVAL EM-659 %L2-FB_SHIM_ENCAP-3-NO_SHIM EM-659 %L2-FB_SHIM_ENCAP-3-UNEXPECTED EM-659 %L2-FE_PLIM-4-INVALID_MAC EM-660 %L2-FIB_IPV4-3-ADJ_ERROR EM-660 %L2-FIB_IPV4-3-ADJ_ERROR EM-660 %L2-FIB_IPV4-3-ADJ_ERROR EM-661 %L2-FIB_IPV4-3-ERR_INFO EM-661 %L2-FIB_IPV4-3-ERR_INFO EM-661 %L2-FIB_IPV4-3-ERR_INFO EM-661 %L2-FIB_IPV4-3-ERR_STR EM-661 %L2-FIB_IPV4-3-ERR_STR EM-662 %L2-FIB_IPV4-3-ERR_STR EM-662 %L2-FIB_IPV4-3-ERROR EM-662 %L2-FIB_IPV4-3-ERROR EM-662 %L2-FIB_IPV4-3-ERROR EM-662 %L2-FIB_IPV4-3-GEN_ERR EM-663 %L2-FIB_IPV4-5-RECURSIVE_LOOP EM-663 %L2-FIB_IPV6-3-ERR_INFO EM-663 %L2-FIB_IPV6-3-ERR_INFO EM-663 %L2-FIB_IPV6-3-ERR_INFO EM-663 %L2-FIB_IPV6-3-ERR_INFO_VERBOSE EM-664 %L2-FIB_IPV6-3-ERR_INFO_VERBOSE EM-664 %L2-FIB_IPV6-3-ERR_INFO_VERBOSE EM-664 %L2-FIB_IPV6-3-ERROR EM-664 %L2-FIB_IPV6-3-ERROR EM-664 %L2-FIB_IPV6-3-ERROR EM-664 %L2-FIB_IPV6-3-GEN_ERR EM-665 %L2-FIB_IPV6-5-RECURSIVE_LOOP EM-665 %L2-FR_EDM-2-INIT EM-665 %L2-FR_EDM-3-NO_STATS EM-665 %L2-FR_EDM-3-NOMEM EM-665 %L2-FR_INARP-2-CONNECT_IM EM-666 %L2-FR_INARP-2-INIT EM-666 %L2-FR_INARP-3-IF_VC_CLASS EM-666 %L2-FR_INARP-3-INVALID_FD EM-666 %L2-FR_INARP-3-NOMEM EM-667 %L2-FR_INARP-3-PVC_VC_CLASS EM-667 %L2-FR_INARP-3-SOCKET_SEND EM-667 %L2-FR_INARP-3-UNKNOWN_EVENT EM-667 %L2-FR_INARP-3-UNKNOWN_IDB EM-667 %L2-FR_INARP-4-UNKNOWN_INTFTYPE EM-668 %L2-FR_INARP-4-UNKNOWN_MSG EM-668 %L2-FR_LMI-2-INIT EM-668 %L2-FR_LMI-3-CODEP_ERROR EM-668 %L2-FR_LMI-3-ENCAP EM-669 %L2-FR_LMI-3-FSM_T391_EXPIRY EM-669 %L2-FR_LMI-3-IDB_INIT EM-669 %L2-FR_LMI-3-IDB_SEARCH EM-669 %L2-FR_LMI-3-IM_ERR EM-669 %L2-FR_LMI-3-INVALID_VC EM-670 %L2-FR_LMI-3-KEEPALIVES EM-670 %L2-FR_LMI-3-LINE_STATE EM-670 %L2-FR_LMI-3-MALLOC EM-670 %L2-FR_LMI-3-RECVFROM EM-670 %L2-FR_LMI-3-SENDTO EM-671 %L2-FR_LMI-3-SET_DLCI_STATUS EM-671 %L2-FR_LMI-3-VC_CREATE EM-671 %L2-FR_LMI-3-VCM_VC_STATES EM-671 %L2-FR_LMI-6-CODEP_CHANGE EM-671 %L2-FR_NETIO-3-MEMORY EM-672 %L2-FR_NETIO-6-DEBUG_REG EM-672 %L2-FR_SFRAR-2-INIT EM-672 %L2-FR_SFRAR-3-SYSMGR EM-672 %L2-FR_SOCKET-2-INIT EM-673 %L2-FR_SOCKET-3-CONN EM-673 %L2-FR_SOCKET-3-DPC_FAIL EM-673 %L2-FR_SOCKET-3-NETIO_OUTPUT_FAIL EM-673 %L2-FR_SOCKET-3-NOMEM EM-673 %L2-FR_SOCKET-3-PACKET_CONN EM-674 %L2-FR_SOCKET-3-RESMGR_ATTACH EM-674 %L2-FR_SOCKET-3-SEND_ASYNC EM-674 %L2-FR_SOCKET-3-SYSMGR EM-674 %L2-FR_UV-3-ERR_ABORT_ENCAP_FAIL EM-675 %L2-FR_UV-3-ERR_MISCONFIG EM-675 %L2-FR_UV-3-EVENT EM-675 %L2-FR_UV-3-INIT EM-676 %L2-FR_UV-3-SYSMGR EM-676 %L2-FR_VCM_EA-2-INIT EM-676 %L2-FR_VCM_EA-2-INTERNAL_ERR EM-676 %L2-FR_VCM_EA-3-AIB_INIT_FAILED EM-677 %L2-FR_VCM_EA-3-BATCH_INTERFACE_ERROR EM-677 %L2-FR_VCM_EA-3-DATABASE_KEY_MISSING EM-677 %L2-FR_VCM_EA-3-DLCI_MATCH_FAILED EM-677 %L2-FR_VCM_EA-3-NO_STATS EM-677 %L2-FR_VCM-2-CONFIG_INIT EM-678 %L2-FR_VCM-2-CONNS EM-678 %L2-FR_VCM-3-CONNECT_TO_L2VPN EM-678 %L2-FR_VCM-3-ENCAPS_TYPE EM-678 %L2-FR_VCM-3-IDB EM-679 %L2-FR_VCM-3-IM_OP EM-679 %L2-FR_VCM-3-INTF_NOTFOUND EM-679 %L2-FR_VCM-3-MAIN_IF EM-679 %L2-FR_VCM-3-NOMEM EM-679 %L2-FR_VCM-3-PTP_VC EM-680 %L2-FR_VCM-3-SUB_IF EM-680 %L2-FR_VCM-3-SYSDB_OP EM-680 %L2-FR_VCM-3-VC_EXISTS EM-680 %L2-FR_VCM-3-VC_NOTFOUND EM-680Index EM-2647 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-FR_VCM-6-DEBUG_REG EM-681 %L2-FRMIB-3-SYSDB EM-681 %L2-FWD_EDGE_COMMON-3-EDGE_ADJ_ERR EM-681 %L2-FWD_EDGE_COMMON-3-EDGE_ADJ_NULL EM-681 %L2-FWD_EDGE_COMMON-3-EDGE_IP_ERR EM-682 %L2-G709-4-ALARM EM-682 %L2-GATM-2-ERR EM-682 %L2-GATM-2-ERR_HEX EM-682 %L2-GATM-2-ERR_IFH_STS EM-682 %L2-GATM-2-ERR_INT EM-683 %L2-GATM-2-ERR_STR EM-683 %L2-GATM-2-ERR_STS EM-683 %L2-GDO-5-L2PORT_FAULT_NOTIFY EM-683 %L2-GDO-7-DEBUG EM-683 %L2-GE_ASIC_PRP3-3-INIT_ERR EM-684 %L2-GE_ASIC_PRP3-3-PKT_ERR EM-684 %L2-GE_ASIC-3-INIT_ERR EM-684 %L2-GE-3-INIT_ERR EM-685 %L2-GSR_aib-3-RES_ERROR EM-685 %L2-GSR_aib-6-INFO_MSG EM-685 %L2-GSR_edge_fwd_lib-3-RES_ERROR EM-686 %L2-GSR-3-ERR_MEM_ALLOC EM-686 %L2-GSR-3-ERR_SF_RESET EM-686 %L2-GSR-3-ERR_THREAD_CREATE EM-687 %L2-GSR-3-ERR_THREAD_CREATE EM-687 %L2-GSR-3-FIA_CHKPT EM-687 %L2-GSR-3-FIA_CHKPT_DATA_EXISTS EM-688 %L2-GSR-3-FIA_CHKPT_RECOVERY_NODATA EM-688 %L2-GSR-3-FIA_DEVCTL_ERR EM-688 %L2-GSR-3-FIA_DLOPEN EM-688 %L2-GSR-3-FIA_INT_ATTACH EM-689 %L2-GSR-3-FIA_MEM_CHIP_ERR EM-689 %L2-GSR-3-FIA_MEM_ERROR EM-689 %L2-GSR-3-FIA_MMAP_ERROR EM-689 %L2-GSR-3-FIA_NOT_RESET EM-689 %L2-GSR-3-FIA_STARTUP_DATA EM-690 %L2-GSR-3-FIA_SYNC_ERROR EM-690 %L2-GSR-3-FIA_UNHALT EM-690 %L2-GSR-3-FIA_UNSUPPORTED_CDB EM-690 %L2-GSR-3-FIA_UNSUPPORTED_OPAQUE_DATA EM-690 %L2-GSR-3-FS_ERR1 EM-691 %L2-GSR-3-SPABRG_ERR_HW EM-691 %L2-GSR-3-SPABRG_ERR2_HW EM-691 %L2-GSR-3-SPABRG_ERR3_HW EM-691 %L2-GSR-3-SPABRG_ERR4_HW EM-692 %L2-GSR-3-SPABRG_ERR5_HW EM-692 %L2-GSR-3-SPABRG_ERR6_HW EM-692 %L2-GSR-3-SPABRG_ERR7_HW EM-692 %L2-GSR-4-ERR_SYSDB_SET EM-692 %L2-GSR-4-FIA_EDM EM-693 %L2-GSR-6-FIA_INFO_MSG EM-693 %L2-GSR-6-FIA_PCDS_FAILURE EM-693 %L2-GSR-6-PCDS_STATS_TIMESTAMP_FAILURE EM-693 %L2-GSR-6-SPABRG_CRIT_INFO EM-693 %L2-GSR-6-SPABRG_INFO1_HW EM-694 %L2-GSR-6-SPABRG_INFO2_HW EM-694 %L2-GSR-6-SPABRG_INFO3_HW EM-694 %L2-GSR-7-FIA_FCTL EM-694 %L2-GT64115-2-PCI_CONFIG EM-694 %L2-GT64115-2-PCI_INIT EM-695 %L2-GT64115-3-PCI_BRIDGE_INTR EM-695 %L2-gulf-3-FATAL_ERROR EM-695 %L2-gulf-4-WARNING EM-695 %L2-gulf-6-INFO_MSG EM-695 %L2-gulf-7-DEBUG_MSG EM-696 %L2-HALE_QOS-3-ERR_COMMIT EM-696 %L2-HALE_TCAM-3-ERROR EM-696 %L2-HFA_COMMON-3-FATAL_ERR EM-697 %L2-HFA_COMMON-4-ANOMALY EM-697 %L2-HFA_COMMON-6-INFO_MSG EM-697 %L2-HFA_COMMON-6-INFO_WARNING EM-697 %L2-HFA_LIB-3-ANOMALY EM-697 %L2-HFA_LIB-3-BLWM_CLIENT_CONF_FAILED EM-698 %L2-HFA_LIB-3-BLWM_CLIENT_REBIND_FAILED EM-69 8 %L2-HFA_LIB-3-BLWM_MSG_SEND_FAILED EM-698 %L2-HFA_LIB-3-BLWM_RECVD_REPLY_FAIL EM-698 %L2-HFA_LIB-3-MSG_SEND_FAILED EM-699 %L2-HFA_LIB-4-BLWM_REPLAY_REQUEST EM-699 %L2-HFA_LIB-4-ERR_LOCK EM-699 %L2-HFA_LIB-6-INFO_WARNING EM-699 %L2-if_discovery-3-FATAL_ERROR EM-699 %L2-if_discovery-6-INFO_MSG EM-700 %L2-if_discovery-7-DEBUG_MSG EM-700 %L2-IOB-3-INTR EM-700 %L2-IOB-5-UNKNOWN_INTR EM-700 %L2-IPCP-1-ERR_ADJ_DELETE EM-701 %L2-IPCP-1-ERR_ADJ_UPDATE EM-701 %L2-IPCP-1-ERR_RIB_ROUTE_ADD EM-701 %L2-IPCP-3-DEBUG_ASSOC EM-701 %L2-IPCP-3-DEBUG_COND_REGISTER EM-702 %L2-IPCP-3-DEBUG_REGISTER EM-702 %L2-IPCP-3-ERR_CONN EM-702 %L2-IPCP-3-ERR_EVENT EM-702 %L2-IPCP-3-ERR_EVENT_MGR_CREATE EM-702 %L2-IPCP-3-ERR_IM_STATE EM-703 %L2-IPCP-3-ERR_IPARM EM-703 %L2-IPCP-3-ERR_MBOX_ADD EM-703 %L2-IPCP-3-ERR_MBOX_CREATE EM-703 %L2-IPCP-3-ERR_MBOX_INIT EM-703 %L2-IPCP-3-ERR_MBOX_SEND EM-704 %L2-IPCP-3-ERR_MQ_CREATE EM-704 %L2-IPCP-3-ERR_MQ_OPEN EM-704 %L2-IPCP-3-ERR_NETIO_RXQ EM-704 %L2-IPCP-3-ERR_SYSDB EM-704 %L2-IPCP-3-ERR_SYSDB_NOTIFICATION EM-705 %L2-IPCP-3-ERR_SYSDB_VERIFICATION EM-705 %L2-IPCP-3-ERR_TIMER EM-705 %L2-IPCP-3-LTRACE_INIT EM-705 %L2-IPCP-4-ERR_CHKPT EM-705 %L2-IPCP-4-ERR_CHKPT_ITERATE EM-706 %L2-IPCP-4-ERR_EVENT_WAIT EM-706 %L2-IPCP-4-ERR_IM_ENCAPS EM-706 %L2-IPCP-4-ERR_INTERFACE_NULL EM-706 %L2-IPCP-4-ERR_MEMORY EM-707 %L2-IPCP-4-ERR_MQ_RECEIVE EM-707Index EM-2648 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-IPCP-4-ERR_NO_INTERFACE EM-707 %L2-IPCP-4-ERR_NO_INTERFACE_STRUCT EM-707 %L2-IPCP-6-ERR_IM_CONNECT EM-707 %L2-IPCP-6-ERR_IM_EVENT EM-708 %L2-IPCP-6-ERR_IM_PROTO EM-708 %L2-IPV6_EA-3-INIT EM-708 %L2-IPV6_EA-3-INIT EM-708 %L2-IPV6_EA-3-INIT EM-708 %L2-IPV6_EA-3-NOMEM EM-709 %L2-IPV6_EA-3-PLAT_UPD_FAILED EM-709 %L2-IPV6_EA-3-PLAT_UPD_FAILED_GL EM-709 %L2-IPV6_EA-4-ERROR EM-709 %L2-IPV6CP-1-ERR_ADJ_DELETE EM-709 %L2-IPV6CP-1-ERR_ADJ_UPDATE EM-710 %L2-IPV6CP-3-DEBUG_ASSOC EM-710 %L2-IPV6CP-3-DEBUG_COND_REGISTER EM-710 %L2-IPV6CP-3-DEBUG_REGISTER EM-710 %L2-IPV6CP-3-ERR_CONN EM-710 %L2-IPV6CP-3-ERR_EVENT EM-711 %L2-IPV6CP-3-ERR_EVENT_MGR_CREATE EM-711 %L2-IPV6CP-3-ERR_IM_STATE EM-711 %L2-IPV6CP-3-ERR_MBOX_ADD EM-711 %L2-IPV6CP-3-ERR_MBOX_CREATE EM-711 %L2-IPV6CP-3-ERR_MBOX_INIT EM-712 %L2-IPV6CP-3-ERR_MBOX_SEND EM-712 %L2-IPV6CP-3-ERR_MQ_OPEN EM-712 %L2-IPV6CP-3-ERR_NETIO_RXQ EM-712 %L2-IPV6CP-3-ERR_SYSDB EM-712 %L2-IPV6CP-3-ERR_SYSDB_NOTIFICATION EM-713 %L2-IPV6CP-3-ERR_SYSDB_VERIFICATION EM-713 %L2-IPV6CP-3-ERR_TIMER EM-713 %L2-IPV6CP-3-LTRACE_INIT EM-713 %L2-IPV6CP-4-ERR_CHKPT EM-713 %L2-IPV6CP-4-ERR_CHKPT_ITERATE EM-714 %L2-IPV6CP-4-ERR_EVENT_WAIT EM-714 %L2-IPV6CP-4-ERR_INTERFACE_NULL EM-714 %L2-IPV6CP-4-ERR_MEMORY EM-714 %L2-IPV6CP-4-ERR_MQ_RECEIVE EM-714 %L2-IPV6CP-4-ERR_NO_INTERFACE EM-715 %L2-IPV6CP-4-ERR_NO_INTERFACE_STRUCT EM-715 %L2-IPV6CP-6-ERR_IM_CONNECT EM-715 %L2-IPV6CP-6-ERR_IM_ENCAPS EM-715 %L2-IPV6CP-6-ERR_IM_EVENT EM-715 %L2-IPV6CP-6-ERR_IM_PROTO EM-716 %L2-IXP2800_FWD-3-IPCP_FAILURE EM-716 %L2-IXP2800_FWD-3-NONFATAL_ERROR EM-716 %L2-IXP2800_FWD-7-LOG_FILE_ERROR EM-716 %L2-IXP2800_FWD-7-UNEXPECTED_FUNC_INVOC EM-71 6 %L2-IXP2800_HW-2-NOMEM EM-717 %L2-IXP2800_HW-3-FATAL_ERROR EM-717 %L2-IXP2800_HW-4-WARNING EM-717 %L2-IXP2800_HW-6-INFO EM-717 %L2-IXP2800_HW-7-LOG_FILE_ERROR EM-717 %L2-IXP2800_SERVICE-2-NOMEM EM-718 %L2-IXP2800_SERVICE-3-FATAL_ERROR EM-718 %L2-IXP2800_SERVICE-3-HOST_SPU_ERROR EM-718 %L2-IXP2800_SERVICE-3-IPCP_FAILURE EM-718 %L2-IXP2800_SERVICE-4-WARNING EM-718 %L2-IXP2800_SERVICE-6-INFO EM-719 %L2-IXP2800_SERVICE-7-LOG_FILE_ERROR EM-719 %L2-IXP2800_VFW-2-NOMEM EM-719 %L2-IXP2800_VFW-3-FATAL_ERROR EM-719 %L2-IXP2800_VFW-3-IPCP_FAILURE EM-719 %L2-IXP2800_VFW-3-NONFATAL_ERROR EM-720 %L2-IXP2800_VFW-4-WARNING EM-720 %L2-IXP2800_VFW-6-INFO EM-720 %L2-IXP2800_VFW-7-LOG_FILE_ERROR EM-720 %L2-JACKET-3-CRITICAL_ERROR EM-720 %L2-JACKET-3-CRITICAL_ERROR EM-721 %L2-JACKET-3-PIO_CRITICAL_ERROR EM-721 %L2-JACKET-3-PIO_CRITICAL_ERROR EM-721 %L2-JACKET-3-RULES_CRITICAL_ERROR EM-721 %L2-JACKET-3-RULES_CRITICAL_ERROR EM-722 %L2-JACKET-3-SPA_DISABLE EM-722 %L2-JACKET-3-SPA_DISABLE EM-722 %L2-JACKET-3-SPA_PIO_ERROR EM-722 %L2-JACKET-3-SPA_PIO_ERROR EM-722 %L2-JACKET-3-SPA_SELF_DESTRUCT EM-723 %L2-JACKET-3-SPA_SELF_DESTRUCT EM-723 %L2-JACKET-6-EVENT_INFO EM-723 %L2-JACKET-6-EVENT_INFO EM-723 %L2-JACKET-6-INFO EM-723 %L2-JACKET-6-INFO EM-723 %L2-JACKET-7-DEBUG_MSG EM-724 %L2-JACKET-7-DEBUG_MSG EM-724 %L2-JDAM-3-FATAL_ERROR EM-724 %L2-JDAM-6-INFO_MSG EM-724 %L2-JDAM-7-DEBUG_MSG EM-725 %L2-L2C-3-ERR_MISCONFIG EM-725 %L2-L2C-4-WARN_EVENT EM-725 %L2-L2C-4-WARN_INIT EM-726 %L2-L2FIB_DEBUG-3-ERR EM-726 %L2-L2FIB_LIB-2-OOR EM-726 %L2-L2FIB_LIB-3-ERR EM-727 %L2-L2FIB_LIB-3-SHM_ERR EM-727 %L2-L2FIB_LIB-4-RSRC_LOW EM-727 %L2-L2FIB_SHM-2-INIT EM-728 %L2-L2FIB_SHM-3-ERR EM-728 %L2-L2FIB-2-INIT EM-728 %L2-L2FIB-2-INVALID_MSG EM-728 %L2-L2FIB-2-SHM_INIT EM-729 %L2-L2FIB-3-SHM_ERR EM-729 %L2-L2FIB-3-WAVL_ERR EM-729 %L2-L2FIB-6-GEN_INFO_CERR EM-729 %L2-L2FIB-6-GEN_INFO_ERR EM-729 %L2-L2FIB-6-XC_MOD EM-730 %L2-L2TP-2-INIT EM-730 %L2-L2TP-3-GEN_ERR EM-730 %L2-L2TP-3-IPC_ERR EM-730 %L2-L2VPN_DEBUG-3-ERR EM-731 %L2-L2VPN_PW-3-SANITY_ERROR EM-731 %L2-L2VPN_PW-3-UPDOWN EM-731 %L2-L2VPN-2-CRIT_MEM_SHUT EM-731 %L2-L2VPN-3-BAG_REG_ERR EM-732 %L2-L2VPN-3-EVENT_ERR EM-732Index EM-2649 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-L2VPN-3-GEN_ERR EM-732 %L2-L2VPN-3-INTERNAL_ERROR EM-732 %L2-L2VPN-3-SYSDB_BIND_ERR EM-733 %L2-L2VPN-3-SYSDB_ERR EM-733 %L2-L2VPN-4-BRIDGE_MTU_MISMATCH EM-733 %L2-L2VPN-4-ENCAP_REMOVED_PW EM-733 %L2-L2VPN-4-MAC_LIMIT_AC_SHUT EM-733 %L2-L2VPN-4-MAC_LIMIT_BD_SHUT EM-734 %L2-L2VPN-4-MAC_LIMIT_PW_SHUT EM-734 %L2-L2VPN-4-PROVISIONING_WARNING EM-734 %L2-L2VPN-5-NO_LICENSE EM-734 %L2-L2VPN-6-BRIDGE_MTU_MISMATCH_CLEAR EM-734 %L2-L2VPN-6-ENCAP_REMOVED_PW_CLEAR EM-735 %L2-L2VPN-6-MAC_LIMIT_AC_CLEAR EM-735 %L2-L2VPN-6-MAC_LIMIT_AC_SET EM-735 %L2-L2VPN-6-MAC_LIMIT_BD_CLEAR EM-735 %L2-L2VPN-6-MAC_LIMIT_BD_SET EM-735 %L2-L2VPN-6-MAC_LIMIT_PW_CLEAR EM-736 %L2-L2VPN-6-MAC_LIMIT_PW_SET EM-736 %L2-LACP_LITE-3-ERR_LL_DLL_ASYNC_SEND_FAIL EM -736 %L2-LACP_LITE-3-ERR_LL_DLL_CHAN_CONNECT_FAIL EM-736 %L2-LACP_LITE-3-ERR_SHMEM_MMAP_FAIL EM-737 %L2-LACP_LITE-3-ERR_SHMEM_OPEN_FAIL EM-737 %L2-LACP_LITE-3-ERR_SHMEM_TRNC_FAIL EM-737 %L2-LACP_LITE-3-ERR_SHMEM_UNAVAILABLE EM-737 %L2-LACP_LITE-3-ERR_UNSUPPORTED_FLAG EM-738 %L2-LC-0-TESTEMERG EM-738 %L2-LC-1-TESTALERT EM-738 %L2-LC-2-TESTCRIT EM-738 %L2-LC-3-BMA_CHKPT EM-738 %L2-LC-3-BMA_CHKPT_NOINIT EM-739 %L2-LC-3-BMA_CHKPT_NORESTORE EM-739 %L2-LC-3-BMA_CHKPT_NOSAVE EM-739 %L2-LC-3-BMA_CHKPT_RECOVERY_NODATA EM-739 %L2-LC-3-BMA_DI_INVALID_MODE EM-739 %L2-LC-3-BMA48ERR EM-740 %L2-LC-3-BMA48ERRS EM-740 %L2-LC-3-BMA48FIM EM-740 %L2-LC-3-BMABUFF EM-740 %L2-LC-3-BMACMDFTCH EM-740 %L2-LC-3-BMACMDLOST EM-741 %L2-LC-3-BMACMDRPLY EM-741 %L2-LC-3-BMAERR EM-741 %L2-LC-3-BMAERRS EM-741 %L2-LC-3-BMAERRSS EM-741 %L2-LC-3-BMAMEM EM-742 %L2-LC-3-BMASDRAM_BADCAS_LATENCY EM-742 %L2-LC-3-BMASDRAM_BADSIZE EM-742 %L2-LC-3-BMASDRAM_BADWIDTH EM-742 %L2-LC-3-BMASDRAM_NOTMATCH EM-743 %L2-LC-3-BMAUCODE_GET EM-743 %L2-LC-3-BMAUCODE_LCTYPE EM-743 %L2-LC-3-BMAUCODE_NULL EM-743 %L2-LC-3-CARVE_BUFHDRS EM-743 %L2-LC-3-CARVE_BUFSIZE EM-744 %L2-LC-3-CARVE_EXBUFS EM-744 %L2-LC-3-CARVE_EXFREEQS EM-744 %L2-LC-3-CARVE_EXPCT EM-744 %L2-LC-3-CARVE_EXSDRAM EM-744 %L2-LC-3-CARVE_NOFREEQS EM-745 %L2-LC-3-CARVE_PARMS EM-745 %L2-LC-3-CARVE_QELEM EM-745 %L2-LC-3-CARVE_QMREAD EM-745 %L2-LC-3-DOWNREV EM-745 %L2-LC-3-IICDEV_NOTACKADDR EM-746 %L2-LC-3-IICDEV_NOTACKREAD EM-746 %L2-LC-3-IICDEV_NOTRESPOND EM-746 %L2-LC-3-INIT_CARD_TYPE EM-746 %L2-LC-3-INIT_MEM EM-746 %L2-LC-3-INIT_READ EM-746 %L2-LC-3-INIT_RESET EM-747 %L2-LC-3-INIT_ZERO EM-747 %L2-LC-3-INVQ EM-747 %L2-LC-3-L3FEERR EM-747 %L2-LC-3-L3FEERRS EM-747 %L2-LC-3-LC_CODE_DLD_ALLOC EM-748 %L2-LC-3-LC_CODE_DLD_CHKSUM EM-748 %L2-LC-3-LC_CODE_PROG EM-748 %L2-LC-3-LOOKUP_ERROR EM-748 %L2-LC-3-MACSTR EM-748 %L2-LC-3-OUTINFO EM-749 %L2-LC-3-PARITYERRTTM48 EM-749 %L2-LC-3-SELECTOR EM-749 %L2-LC-3-TESTERR EM-749 %L2-LC-4-CARVE_JVMASK EM-749 %L2-LC-4-CARVE_TIME EM-750 %L2-LC-4-TESTWARNING EM-750 %L2-LC-5-TESTNOTICE EM-750 %L2-LC-6-TESTINFO EM-750 %L2-LC-7-TESTDEBUG EM-750 %L2-MARVEL-3-CHAN_CREATE EM-751 %L2-MARVEL-3-DEBUG_INIT EM-751 %L2-MARVEL-3-DEBUG_REG EM-751 %L2-MARVEL-3-EVENT_MGR_FAIL EM-751 %L2-MARVEL-3-MMAP EM-751 %L2-MARVEL-3-MSG_REPLY EM-752 %L2-MARVEL-3-NOMEM EM-752 %L2-MARVEL-3-OPEN EM-752 %L2-MARVEL-6-RX_ASYNC_MSG EM-752 %L2-METRO_STATS_API-7-DEBUG_MSG EM-753 %L2-METRO_STATS_API-7-DEBUG_MSG EM-753 %L2-METRO_STATS_API-7-ERR_DLL_INIT EM-753 %L2-METRO_STATS_API-7-ERR_DLL_INIT EM-753 %L2-METRO_STATS_API-7-ERR_THREAD EM-754 %L2-METRO_STATS_API-7-ERR_THREAD EM-754 %L2-METRO_STATS_API-7-RESERVE_LMT_MSG EM-754 %L2-METRO_STATS-7-ERR_INIT EM-754 %L2-METRO_STATS-7-ERR_INIT EM-755 %L2-METRO_STATS-7-ERR_MEM EM-755 %L2-METRO_STATS-7-ERR_MEM EM-755 %L2-METRO_UIDB-7-ERR_INIT EM-756 %L2-METRO_UIDB-7-ERR_INIT EM-756 %L2-MFR_EA_LTRACE_DLL-3-OPER_FAIL EM-757 %L2-MFR_EA_LTRACE-3-ERROR_INIT_FAIL EM-757Index EM-2650 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-MFR_EA_LTRACE-3-EVENT_INIT_FAIL EM-757 %L2-MFR_EA_LTRACE-3-INTERNAL_INIT_FAIL EM-757 %L2-MFR_EA-2-DPC_CALL_FAILED EM-758 %L2-MFR_EA-2-INTERNAL_ERR EM-758 %L2-MFR_EA-3-AIB_INIT_FAILED EM-758 %L2-MFR_EA-3-INTERFACE_OPERATION_FAILED EM-75 8 %L2-MFR_EA-3-MALLOC EM-758 %L2-MFR_EA-3-MEMBER_AIB_REMOVE_FAILED EM-759 %L2-MFR_EA-3-MEMBER_AIB_SET_FAILED EM-759 %L2-MFR_EA-3-MEMBER_CAPS_ADD_FAILED EM-759 %L2-MFR_EA-3-MEMBER_CAPS_REMOVE_FAILED EM-7 59 %L2-MFR_EA-3-MEMBER_ENCAP_REMOVE_FAILED EM- 759 %L2-MFR_EA-3-MEMBER_ENCAP_SET_FAILED EM-760 %L2-MFR_EA-3-MEMBER_INFO_COLLECT_FAILED EM-7 60 %L2-MFR_EA-3-NO_STATS EM-760 %L2-MFR_EA-3-STATE_CHANGE_FAILED EM-760 %L2-MFR_MA-2-FAIL EM-761 %L2-MFR_MA-3-DPC_ERROR EM-761 %L2-MFR_MA-3-ENCAP EM-761 %L2-MFR_MA-3-ERR_MEMBER_ADD EM-761 %L2-MFR_MA-3-ERR_MUTEX_LOCK EM-762 %L2-MFR_MA-3-ERR_PULSE EM-762 %L2-MFR_MA-3-ERROR EM-762 %L2-MFR_MA-3-MALLOC EM-762 %L2-MFR_MA-3-RECVFROM EM-762 %L2-MFR_MA-3-THREAD_ERROR EM-763 %L2-MFR_MA-4-ERR_CHKPT EM-763 %L2-MFR_MA-4-ERR_CHKPT_CORRUPT EM-763 %L2-MFR_MA-4-ERR_CHKPT_DUPLICATE EM-763 %L2-MFR_MA-4-ERR_EVC_ERROR EM-764 %L2-MFR_MA-4-ERR_MEM_ALLOC EM-764 %L2-MFR_MA-4-ERR_MGD_TIMER EM-764 %L2-MFR_MA-4-ERR_THREAD_CREATE EM-764 %L2-MFR_MA-6-SENDTO EM-764 %L2-MICKEY-2-INTR EM-765 %L2-MICKEY-3-SERDES_CTRL EM-765 %L2-MICKEY-5-UNKNOWN_INTR EM-765 %L2-MLCTRLR-2-NOMEM EM-765 %L2-MLCTRLR-3-ERROR EM-766 %L2-MLCTRLR-4-ALARM EM-766 %L2-MLCTRLR-4-FEAC EM-766 %L2-MLCTRLR-4-LOOPSTATUS EM-766 %L2-MLCTRLR-4-UPDOWN EM-766 %L2-MLCTRLR-4-WARNING EM-766 %L2-MMSMLIB-4-EXIT_ON_ERR EM-767 %L2-MOTHRA-3-FATAL_ERROR EM-767 %L2-MOTHRA-3-FATAL_ERROR EM-767 %L2-MOTHRA-3-PIO_FATAL_ERROR EM-767 %L2-MOTHRA-3-PIO_FATAL_ERROR EM-768 %L2-MOTHRA-6-INFO_MSG EM-768 %L2-MOTHRA-6-INFO_MSG EM-768 %L2-MOTHRA-7-DEBUG_MSG EM-768 %L2-MOTHRA-7-DEBUG_MSG EM-768 %L2-MOUSE-2-INTR EM-769 %L2-MOUSE-5-UNKNOWN_INTR EM-769 %L2-MPLSCP-1-ERR_ADJ_DELETE EM-769 %L2-MPLSCP-1-ERR_ADJ_UPDATE EM-769 %L2-MPLSCP-3-DEBUG_ASSOC EM-770 %L2-MPLSCP-3-DEBUG_COND_REGISTER EM-770 %L2-MPLSCP-3-DEBUG_REGISTER EM-770 %L2-MPLSCP-3-ERR_CONN EM-770 %L2-MPLSCP-3-ERR_EVENT EM-770 %L2-MPLSCP-3-ERR_EVENT_MGR_CREATE EM-771 %L2-MPLSCP-3-ERR_IM_STATE EM-771 %L2-MPLSCP-3-ERR_MBOX_ADD EM-771 %L2-MPLSCP-3-ERR_MBOX_CREATE EM-771 %L2-MPLSCP-3-ERR_MBOX_INIT EM-771 %L2-MPLSCP-3-ERR_MBOX_SEND EM-772 %L2-MPLSCP-3-ERR_MQ_OPEN EM-772 %L2-MPLSCP-3-ERR_NETIO_RXQ EM-772 %L2-MPLSCP-3-ERR_SYSDB EM-772 %L2-MPLSCP-3-ERR_SYSDB_NOTIFICATION EM-772 %L2-MPLSCP-3-ERR_TIMER EM-773 %L2-MPLSCP-3-LTRACE_INIT EM-773 %L2-MPLSCP-4-ERR_EVENT_WAIT EM-773 %L2-MPLSCP-4-ERR_INTERFACE_NULL EM-773 %L2-MPLSCP-4-ERR_MEMORY EM-773 %L2-MPLSCP-4-ERR_MQ_RECEIVE EM-774 %L2-MPLSCP-4-ERR_NO_INTERFACE EM-774 %L2-MPLSCP-4-ERR_NO_INTERFACE_STRUCT EM-774 %L2-MPLSCP-6-ERR_IM_CONNECT EM-774 %L2-MPLSCP-6-ERR_IM_ENCAPS EM-774 %L2-MPLSCP-6-ERR_IM_EVENT EM-775 %L2-MPLSCP-6-ERR_IM_PROTO EM-775 %L2-MULTILINK_UV-3-ERR_MISCONFIG EM-775 %L2-MULTILINK_UV-3-EVENT EM-775 %L2-MULTILINK_UV-3-INIT EM-776 %L2-MULTILINK_UV-3-SYSMGR EM-776 %L2-Multilink-3-INCORRECT_BW_UPDATE EM-776 %L2-Multilink-3-MTU_IMPOSE_FAILED EM-776 %L2-Multilink-4-ALARM EM-777 %L2-ND-3-INIT EM-777 %L2-OAMMIB-3-NO_DEBUG EM-777 %L2-OAMMIB-3-NO_TRAP EM-778 %L2-OC768_FRAMER_ASIC-3-CRITICAL_ERROR EM-778 %L2-OC768_FRAMER_ASIC-3-CRITICAL_ERROR EM-778 %L2-OC768_FRAMER_ASIC-6-INFO EM-778 %L2-OC768_FRAMER_ASIC-6-INFO EM-779 %L2-OC768_FRAMER_ASIC-7-DEBUG_MSG EM-779 %L2-OC768_FRAMER_ASIC-7-DEBUG_MSG EM-779 %L2-OPTICS-3-CRITICAL_ERROR EM-779 %L2-OPTICS-3-CRITICAL_ERROR EM-779 %L2-OPTICS-6-INFO EM-780 %L2-OPTICS-6-INFO EM-780 %L2-OPTICS-7-DEBUG_MSG EM-780 %L2-OPTICS-7-DEBUG_MSG EM-780 %L2-OSICP-3-DEBUG_ASSOC EM-781 %L2-OSICP-3-DEBUG_COND_REGISTER EM-781 %L2-OSICP-3-DEBUG_REGISTER EM-781 %L2-OSICP-3-ERR_CONN EM-781 %L2-OSICP-3-ERR_EVENT EM-782 %L2-OSICP-3-ERR_EVENT_MGR_CREATE EM-782Index EM-2651 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-OSICP-3-ERR_IM_STATE EM-782 %L2-OSICP-3-ERR_MBOX_ADD EM-782 %L2-OSICP-3-ERR_MBOX_CREATE EM-782 %L2-OSICP-3-ERR_MBOX_INIT EM-783 %L2-OSICP-3-ERR_MBOX_SEND EM-783 %L2-OSICP-3-ERR_MQ_OPEN EM-783 %L2-OSICP-3-ERR_NETIO_RXQ EM-783 %L2-OSICP-3-ERR_SYSDB EM-783 %L2-OSICP-3-ERR_SYSDB_NOTIFICATION EM-784 %L2-OSICP-3-ERR_TIMER EM-784 %L2-OSICP-3-LTRACE_INIT EM-784 %L2-OSICP-4-ERR_EVENT_WAIT EM-784 %L2-OSICP-4-ERR_INTERFACE_NULL EM-784 %L2-OSICP-4-ERR_MEMORY EM-785 %L2-OSICP-4-ERR_MQ_RECEIVE EM-785 %L2-OSICP-4-ERR_NO_INTERFACE EM-785 %L2-OSICP-4-ERR_NO_INTERFACE_STRUCT EM-785 %L2-OSICP-6-ERR_IM_CONNECT EM-785 %L2-OSICP-6-ERR_IM_ENCAPS EM-786 %L2-OSICP-6-ERR_IM_EVENT EM-786 %L2-OSICP-6-ERR_IM_PROTO EM-786 %L2-PFILTER_EA-3-ERR_IM_CAPS EM-786 %L2-PFILTER_EA-3-ERR_IM_CAPS EM-787 %L2-PFILTER_EA-3-INIT_ERROR EM-787 %L2-PFILTER_EA-7-EVENT_ERROR EM-787 %L2-PFILTER_EA-7-INIT EM-787 %L2-PFILTER_EA-7-INIT EM-788 %L2-PLAOC768_API-3-CRITICAL_ERROR EM-789 %L2-PLAOC768_API-3-CRITICAL_ERROR EM-789 %L2-PLAOC768_API-7-DEBUG_MSG EM-789 %L2-PLAOC768_API-7-DEBUG_MSG EM-789 %L2-PLAOC768-3-ASIC_ERROR EM-790 %L2-PLAOC768-3-ASIC_ERROR EM-790 %L2-PLAOC768-3-CRITICAL_ERROR EM-790 %L2-PLAOC768-3-CRITICAL_ERROR EM-790 %L2-PLAOC768-3-PIO_CRITICAL_ERROR EM-791 %L2-PLAOC768-3-PIO_CRITICAL_ERROR EM-791 %L2-PLAOC768-6-INFO EM-791 %L2-PLAOC768-6-INFO EM-791 %L2-PLAOC768-7-DEBUG_MSG EM-791 %L2-PLAOC768-7-DEBUG_MSG EM-792 %L2-PLAT_L2FIB_VPLS-7-DEBUG_ERROR EM-792 %L2-PLAT_L2FIB_VPLS-7-INIT_ERROR EM-792 %L2-PLAT_L2FIB_VPLS-7-LTRACE_ERROR EM-792 %L2-PLAT_L2FIB_VPLS-7-PFI_ERROR EM-792 %L2-PLATFORM_ATM_OAM-3-PACKET_RX EM-793 %L2-plim_4p_oc12-3-ALLOC_FAILED EM-793 %L2-plim_4p_oc12-3-CREATE_THREAD_ERROR EM-793 %L2-plim_4p_oc12-3-DEBUG_INIT_ERROR EM-794 %L2-plim_4p_oc12-3-ERR_EVM_CREATE EM-794 %L2-plim_4p_oc12-3-ERR_EVM_EVENT_BLOCK EM-794 %L2-plim_4p_oc12-3-ERR_PORT_INIT EM-795 %L2-plim_4p_oc12-3-FWD_REGISTER_ERROR EM-795 %L2-plim_4p_oc12-3-PORT_AVAILABLE_FAILED EM-795 %L2-plim_4p_oc12-3-RESET_FAILED EM-796 %L2-plim_4p_oc12-3-STATS_COLLECT_REGISTER_FAILED EM-796 %L2-plim_4p_oc12-3-STATSD_COLL_INIT_ERROR EM-796 %L2-plim_4p_oc12-3-TIMER_INIT_FAILED EM-797 %L2-plim_4p_oc12-3-TX_CLK_GET_INVALID_PORT_CTX EM-797 %L2-plim_4p_oc12-3-TX_CLK_SET_INVALID_PORT_CTX EM-797 %L2-plim_4p_oc12-4-INVALID_TIMER EM-797 %L2-PLIM_4P_OC192-3-DEVICE_INTR_CLEAR EM-798 %L2-PLIM_4P_OC192-3-DEVICE_INTR_CLEAR EM-798 %L2-PLIM_4P_OC192-3-DEVICE_INTR_DISABLE EM-798 %L2-PLIM_4P_OC192-3-DEVICE_INTR_DISABLE EM-798 %L2-PLIM_4P_OC192-3-ERR EM-799 %L2-PLIM_4P_OC192-3-ERR EM-799 %L2-PLIM_4P_OC192-3-MEM_ERR EM-799 %L2-PLIM_4P_OC192-3-MEM_ERR EM-799 %L2-PLIM_ASIC_API-7-ERR EM-799 %L2-PLIM_ASIC_API-7-ERR EM-800 %L2-PLIM_ASIC-2-EIO_TRAIN EM-800 %L2-PLIM_ASIC-3-ERR EM-800 %L2-PLIM_ASIC-3-HW_ERR EM-800 %L2-PLIM_ASIC-3-HW_ERR EM-801 %L2-PLIM_ASIC-3-LTRACE_INIT EM-801 %L2-PLIM_ASIC-3-LTRACE_INIT EM-801 %L2-PLIM_ASIC-7-ERR EM-801 %L2-PLIM_CLKSEL-3-ERR_INIT EM-801 %L2-PLIM_CLKSEL-4-ERR_DEBUG EM-802 %L2-PLIM_FPGA-3-CRITICAL_ERROR EM-802 %L2-PLIM_FPGA-3-CRITICAL_ERROR EM-802 %L2-PLIM_FPGA-3-PIO_CRITICAL_ERROR EM-803 %L2-PLIM_FPGA-3-PIO_CRITICAL_ERROR EM-803 %L2-PLIM_FPGA-6-INFO EM-803 %L2-PLIM_FPGA-6-INFO EM-803 %L2-PLIM_FPGA-7-DEBUG_MSG EM-803 %L2-PLIM_FPGA-7-DEBUG_MSG EM-804 %L2-PLIM_IOX_4P_GE-3-INIT_ERR EM-804 %L2-PLIM_IOX_4P_GE-6-INFO_MSG EM-804 %L2-PLIM_IOX_4P_GE-6-RXLOS_INT EM-804 %L2-PLIM_LIB-2-ERR_FM_REPLY EM-805 %L2-PLIM_LIB-2-ERR_FM_REQUEST EM-805 %L2-PLIM_LIB-3-ERR_INIT EM-805 %L2-PLIM_LIB-3-ERROR EM-806 %L2-PLIM_LIB-3-ERROR EM-806 %L2-PLIM_LIB-4-ERR_MSG_RCV EM-806 %L2-PLIM_LIB-7-DEBUG EM-806 %L2-PLIM_LIB-7-DEBUG EM-807 %L2-plim_oc48-3-ALLOC_FAILED EM-807 %L2-plim_oc48-3-ALLOC_FAILED EM-807 %L2-plim_oc48-3-CREATE_THREAD_ERROR EM-808 %L2-plim_oc48-3-CREATE_THREAD_ERROR EM-808 %L2-plim_oc48-3-DEBUG_INIT_ERROR EM-808 %L2-plim_oc48-3-DEBUG_INIT_ERROR EM-809 %L2-plim_oc48-3-E3_BW_CHNG_REJ EM-809 %L2-plim_oc48-3-ERR_EVM_CREATE EM-809 %L2-plim_oc48-3-ERR_EVM_CREATE EM-809 %L2-plim_oc48-3-ERR_EVM_EVENT_BLOCK EM-810 %L2-plim_oc48-3-ERR_EVM_EVENT_BLOCK EM-810 %L2-plim_oc48-3-ERR_MBUS_OP EM-810 %L2-plim_oc48-3-ERR_MBUS_OP EM-811 %L2-plim_oc48-3-ERR_PORT_INIT EM-811Index EM-2652 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-plim_oc48-3-ERR_PORT_INIT EM-811 %L2-plim_oc48-3-FWD_REGISTER_ERROR EM-812 %L2-plim_oc48-3-FWD_REGISTER_ERROR EM-812 %L2-plim_oc48-3-PORT_AVAILABLE_FAILED EM-812 %L2-plim_oc48-3-PORT_AVAILABLE_FAILED EM-813 %L2-plim_oc48-3-RESET_FAILED EM-813 %L2-plim_oc48-3-RESET_FAILED EM-813 %L2-plim_oc48-3-STATS_COLLECT_REGISTER_FAILED E M-814 %L2-plim_oc48-3-STATS_COLLECT_REGISTER_FAILED E M-814 %L2-plim_oc48-3-STATSD_COLL_INIT_ERROR EM-814 %L2-plim_oc48-3-STATSD_COLL_INIT_ERROR EM-815 %L2-plim_oc48-3-TIMER_INIT_FAILED EM-815 %L2-plim_oc48-3-TIMER_INIT_FAILED EM-815 %L2-plim_oc48-3-TX_CLK_GET_INVALID_PORT_CTX EM- 816 %L2-plim_oc48-3-TX_CLK_GET_INVALID_PORT_CTX EM- 816 %L2-plim_oc48-3-TX_CLK_SET_INVALID_PORT_CTX EM- 816 %L2-plim_oc48-3-TX_CLK_SET_INVALID_PORT_CTX EM- 816 %L2-plim_oc48-4-INVALID_TIMER EM-817 %L2-plim_oc48-4-INVALID_TIMER EM-817 %L2-PLIM_OC768-3-CRITICAL_ERROR EM-817 %L2-PLIM_OC768-3-CRITICAL_ERROR EM-817 %L2-PLIM_OC768-6-INFO EM-818 %L2-PLIM_OC768-6-INFO EM-818 %L2-PLIM_OC768-7-DEBUG_MSG EM-818 %L2-PLIM_OC768-7-DEBUG_MSG EM-818 %L2-PLIM-2-EIO_TRAIN EM-819 %L2-PLIM-3-CHK_ERR EM-819 %L2-PLIM-3-ERR EM-819 %L2-PLIM-3-HW_ERR EM-819 %L2-PLIM-3-HW_ERR EM-820 %L2-PLIM-3-INCONSISTENT_CONFIG EM-820 %L2-PLIM-3-MEM_ERR EM-820 %L2-PLIM-3-MEM_ERR EM-820 %L2-PLIM-3-SQUID_ERR EM-820 %L2-PLIM-3-SQUID_ERR EM-821 %L2-PLIM-7-ERR EM-821 %L2-PLIM-7-LTRACE_ERR EM-821 %L2-pm5315-3-FATAL_ERROR EM-821 %L2-pm5315-6-INFO_MSG EM-821 %L2-pm5315-7-DEBUG_MSG EM-822 %L2-pm5316-3-FATAL_ERROR EM-822 %L2-pm5316-4-WARNING EM-822 %L2-PM622-2-error EM-822 %L2-PMSAR-2-CFG_ERR EM-823 %L2-PMSAR-2-CHAN_STATS_ERR EM-823 %L2-PMSAR-2-CLOSE_VC_COSQ_ERR EM-823 %L2-PMSAR-2-CLOSE_VC_ERR EM-823 %L2-PMSAR-2-CMD_ACK_ERR EM-824 %L2-PMSAR-2-CMD_ERR EM-824 %L2-PMSAR-2-CMD_POLL_TIMEOUT EM-824 %L2-PMSAR-2-CMD_POST_ERR EM-824 %L2-PMSAR-2-INITERR EM-824 %L2-PMSAR-2-MMAPERR EM-825 %L2-PMSAR-2-MUTEX_TIMEOUT EM-825 %L2-PMSAR-2-OPEN_VC_ERR EM-825 %L2-PMSAR-2-OPEN_VP_ERR EM-825 %L2-PMSAR-2-PORT_STATS_ERR EM-825 %L2-PMSAR-2-RESOURCE_ERR EM-826 %L2-PMSAR-3-ESYS_ERR EM-826 %L2-PMSAR-3-ESYS_LOAD_ELF EM-826 %L2-PMSAR-3-EVENT_INDICATE EM-826 %L2-PMSAR-3-UNKNOWN_EVENT EM-826 %L2-PMSAR-4-WARNING EM-827 %L2-PMSAR-6-event_dump EM-827 %L2-PMSAR-6-INFO EM-827 %L2-PMSAR-7-DEBUG EM-827 %L2-POS-3-MTU_IMPOSE_FAILED EM-827 %L2-PPP_EA-3-INIT_ERROR EM-828 %L2-PPP_EA-4-ERR_BATCH_ALLOC EM-828 %L2-PPP_EA-4-ERR_EVM_EVENT_BLOCK EM-828 %L2-PPP_EA-4-ERR_INIT EM-828 %L2-PPP_EA-4-ERR_MEM_ALLOC EM-829 %L2-PPP_EA-4-ERR_RWMGR EM-829 %L2-PPP_EA-4-ERR_RWMGR_IF EM-829 %L2-PPP_EA-6-ERR_IM_MULTIPLE_NTFCNS EM-829 %L2-PPP_FSM-3-ERR_SOCKET EM-830 %L2-PPP_GBL_CFG-4-ERR_INIT EM-830 %L2-PPP_LCP-3-AAA_SESSION_CLEANUP_FAILED EM-83 0 %L2-PPP_LCP-3-MTU_UNUSABLE EM-831 %L2-PPP_LCP-4-ERR_AAA_IEDGE_SESSION EM-831 %L2-PPP_LCP-4-L2_NOT_SUPPORTED EM-831 %L2-PPP_LCP-4-MISSING_AUTHENTICATION_LIST EM-8 31 %L2-PPP_LCP-4-MTU_WARNING EM-832 %L2-PPP_LCP-4-UNEXPECTED_AAA_RESPONSE EM-832 %L2-PPP_LCP-4-UNRECOGNIZED_PROTO EM-832 %L2-PPP_LCP-5-MTU_NEGOTIATED EM-832 %L2-PPP_LCP-6-LOCAL_MTU_TOO_SMALL EM-833 %L2-PPP_lite-3-ERR_PL_DLL_ASYNC_SEND_FAIL EM-833 %L2-PPP_lite-3-ERR_PL_DLL_CHAN_CONNECT_FAIL EM- 833 %L2-PPP_lite-3-ERR_SHMEM_MMAP_FAIL EM-834 %L2-PPP_lite-3-ERR_SHMEM_OPEN_FAIL EM-834 %L2-PPP_lite-3-ERR_SHMEM_TRNC_FAIL EM-834 %L2-PPP_lite-3-ERR_SHMEM_UNAVAILABLE EM-834 %L2-PPP_MA-4-ERR_AAA EM-835 %L2-PPP_MA-4-ERR_AAA_ATTR EM-835 %L2-PPP_MA-4-ERR_AAA_ATTR_IF EM-835 %L2-PPP_MA-4-ERR_AAA_SESSION EM-836 %L2-PPP_MA-4-ERR_AAA_SESSION_IF EM-836 %L2-PPP_MA-4-ERR_AIB EM-836 %L2-PPP_MA-4-ERR_ATTR EM-837 %L2-PPP_MA-4-ERR_BACKEND EM-837 %L2-PPP_MA-4-ERR_BAG EM-837 %L2-PPP_MA-4-ERR_CHKPT EM-837 %L2-PPP_MA-4-ERR_CHKPT_CORRUPT EM-838 %L2-PPP_MA-4-ERR_CHKPT_DUPLICATE EM-838 %L2-PPP_MA-4-ERR_CLOCK EM-838 %L2-PPP_MA-4-ERR_DAPS EM-838Index EM-2653 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-PPP_MA-4-ERR_DAPS_IF EM-839 %L2-PPP_MA-4-ERR_DEBUG EM-839 %L2-PPP_MA-4-ERR_EVC_CLOSE EM-839 %L2-PPP_MA-4-ERR_EVC_CREATE EM-839 %L2-PPP_MA-4-ERR_EVC_ERROR EM-840 %L2-PPP_MA-4-ERR_EVC_EVM_HANDLER EM-840 %L2-PPP_MA-4-ERR_EVC_GET_FD EM-840 %L2-PPP_MA-4-ERR_EVC_NOTIFY EM-840 %L2-PPP_MA-4-ERR_EVC_OPEN EM-841 %L2-PPP_MA-4-ERR_EVM_ATTACH EM-841 %L2-PPP_MA-4-ERR_EVM_CREATE EM-841 %L2-PPP_MA-4-ERR_EVM_SEND EM-841 %L2-PPP_MA-4-ERR_EVQ_CREATE EM-842 %L2-PPP_MA-4-ERR_EVQ_DEQUEUE EM-842 %L2-PPP_MA-4-ERR_EVQ_ENQUEUE EM-842 %L2-PPP_MA-4-ERR_IMC EM-842 %L2-PPP_MA-4-ERR_IP_ARM EM-842 %L2-PPP_MA-4-ERR_IPCP_OPTS_INCONSISTENT EM-843 %L2-PPP_MA-4-ERR_IPCP_SCAN_IF EM-843 %L2-PPP_MA-4-ERR_IPHC EM-843 %L2-PPP_MA-4-ERR_IPHC_CONFIG EM-843 %L2-PPP_MA-4-ERR_L2VPN EM-844 %L2-PPP_MA-4-ERR_LAS EM-844 %L2-PPP_MA-4-ERR_LTRACE EM-844 %L2-PPP_MA-4-ERR_MEM_ALLOC EM-844 %L2-PPP_MA-4-ERR_MGD_TIMER EM-845 %L2-PPP_MA-4-ERR_PAK EM-845 %L2-PPP_MA-4-ERR_PLAT_PROPS EM-845 %L2-PPP_MA-4-ERR_RIB EM-845 %L2-PPP_MA-4-ERR_SUBDB EM-846 %L2-PPP_MA-4-ERR_SUBDB_IF EM-846 %L2-PPP_MA-4-ERR_SYSDB EM-846 %L2-PPP_MA-4-ERR_SYSMGR EM-846 %L2-PPP_MA-4-ERR_SYSMGR_MDR EM-847 %L2-PPP_MA-4-ERR_THREAD EM-847 %L2-PPP_MA-4-ERR_THREAD_COND EM-847 %L2-PPP_MA-4-ERR_THREAD_CREATE EM-847 %L2-PPP_MA-4-ERR_THREAD_MUTEX EM-848 %L2-PPP_MA-4-ERR_WAVL_INIT EM-848 %L2-PPP_MA-6-ERR_EVC_DESTROY EM-848 %L2-PPP_MA-6-ERR_EVM_EVENT_BLOCK EM-848 %L2-PPP_MA-6-ERR_EVQ_DESTROY EM-849 %L2-PPP_NETIO-3-ERR_INTF_INIT EM-849 %L2-PPP_NETIO-4-ERR_INIT EM-849 %L2-PPP_NETIO-4-PAK_DROP EM-850 %L2-PPP_NETIO-5-SUBBLOCK_VERSION EM-850 %L2-PPP_SOCK-3-ERR_MEM_ALLOC EM-850 %L2-PPP_SOCK-3-ERR_SYSMGR EM-850 %L2-PPP_SOCK-4-ERR_EVM_EVENT_BLOCK EM-851 %L2-PPP_SOCK-4-ERR_LTRACE_INIT EM-851 %L2-PPP_SOCK-4-ERR_PAKMAN EM-851 %L2-PPP_SOCK-4-INIT EM-851 %L2-PPPOE_EA-4-ERR_EVC_ERROR EM-852 %L2-PPPOE_EA-4-ERR_EVM_EVENT_BLOCK EM-852 %L2-PPPOE_EA-4-ERR_INIT EM-852 %L2-PPPOE_EA-4-ERR_MEM_ALLOC EM-852 %L2-PPPOE_EA-4-ERR_PLATFORM_INIT EM-852 %L2-PPPOE_EA-4-ERR_RWMGR EM-853 %L2-PPPOE_EA-6-ERR_IMP_MULTIPLE_NTFCNS EM-853 %L2-PPPOE_GBL_CFG-4-ERR_DBG_TRACE EM-853 %L2-PPPOE_GBL_CFG-4-ERR_EVM_CREATE EM-853 %L2-PPPOE_MA-2-ERR_INVALID_CB EM-854 %L2-PPPOE_MA-2-ERR_UNEXPECTED_CB EM-854 %L2-PPPOE_MA-2-ERR_UNEXPECTED_CLEANUP EM-854 %L2-PPPOE_MA-4-ERR_AAA_ATTR EM-854 %L2-PPPOE_MA-4-ERR_AAA_SESSION EM-855 %L2-PPPOE_MA-4-ERR_ATTR EM-855 %L2-PPPOE_MA-4-ERR_CHKPT EM-855 %L2-PPPOE_MA-4-ERR_CHKPT_CORRUPT EM-855 %L2-PPPOE_MA-4-ERR_CHKPT_DUPLICATE EM-856 %L2-PPPOE_MA-4-ERR_DBG_TRACE EM-856 %L2-PPPOE_MA-4-ERR_DEBUG EM-856 %L2-PPPOE_MA-4-ERR_EVC_ERROR EM-856 %L2-PPPOE_MA-4-ERR_EVM_ATTACH EM-857 %L2-PPPOE_MA-4-ERR_EVM_CREATE EM-857 %L2-PPPOE_MA-4-ERR_EVM_EVENT_BLOCK EM-857 %L2-PPPOE_MA-4-ERR_EVM_SEND EM-857 %L2-PPPOE_MA-4-ERR_IMC EM-858 %L2-PPPOE_MA-4-ERR_INSERT_GLOBAL EM-858 %L2-PPPOE_MA-4-ERR_MEM_ALLOC EM-858 %L2-PPPOE_MA-4-ERR_MGD_TIMER EM-858 %L2-PPPOE_MA-4-ERR_REGCOMP EM-858 %L2-PPPOE_MA-4-ERR_SUBDB EM-859 %L2-PPPOE_MA-4-ERR_SYSDB EM-859 %L2-PPPOE_MA-4-ERR_TUPLE EM-859 %L2-PPPOE_MA-4-ERR_VACCESS EM-859 %L2-PRECAM-2-HW_RESOURCE_FAILURE EM-860 %L2-PSE-2-CRIT_EXIT EM-860 %L2-PSE-2-CRIT_EXIT EM-860 %L2-PSE-2-MIPC_STUCK EM-860 %L2-PSE-2-NODE_BRINGDOWN EM-861 %L2-PSE-2-NODE_BRINGDOWN EM-861 %L2-PSE-3-INTERNAL_ERR EM-861 %L2-PSE-3-INVALID_COUNT EM-861 %L2-PSE-4-COLD_RESET_FAILED EM-861 %L2-PSE-4-COLD_RESET_FAILED EM-862 %L2-PSE-4-ERRRATE_EXCEED_FAST EM-862 %L2-PSE-4-ERRRATE_EXCEED_FAST EM-862 %L2-PSE-4-ERRRATE_EXCEED_GLACIAL EM-862 %L2-PSE-4-ERRRATE_EXCEED_GLACIAL EM-862 %L2-PSE-4-PROTO_HW_VERSION EM-863 %L2-PSE-4-PROTO_HW_VERSION EM-863 %L2-PSE-4-WARM_RESET_FAILED EM-863 %L2-PSE-4-WARM_RESET_FAILED EM-863 %L2-PSE-5-ERR_CONT EM-863 %L2-PSE-5-ERR_CONT EM-864 %L2-PSE-6-INFO_MSG EM-864 %L2-PSE-6-INFO_MSG EM-864 %L2-PSE-6-INFO_MSG EM-864 %L2-PSE-6-MP_INFO EM-864 %L2-PSE-7-DEBUG_MSG EM-864 %L2-PSE-7-DEBUG_MSG EM-865 %L2-PSE-7-ERR_EXIT EM-865 %L2-PSE-7-ERR_EXIT EM-865 %L2-PSE-7-MP_CORE EM-865 %L2-PSE-7-MP_CORE EM-865Index EM-2654 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-PSELIB-4-EXIT_ON_ERR EM-866 %L2-PSELIB-4-EXIT_ON_ERR EM-866 %L2-QM_E5-3-SANITY_RELOAD EM-866 %L2-QM_E5-3-SANITY_WARNING EM-866 %L2-QM_E5-4-INTERRUPT EM-867 %L2-QM_E5-4-INTERRUPT2 EM-867 %L2-QM_E5-7-INTERRUPT3 EM-867 %L2-QM_E5-7-INTERRUPT4 EM-867 %L2-QM_E5-7-INTERRUPT5 EM-867 %L2-QM_E5-7-INTERRUPT6 EM-867 %L2-QM-3-SANITY_RELOAD EM-868 %L2-QM-3-SANITY_WARNING EM-868 %L2-QM-4-INTERRUPT EM-868 %L2-QUEUEING-3-FATAL_ERR EM-868 %L2-RSMLIB-4-EXIT_ON_ERR EM-869 %L2-Serial-3-MTU_IMPOSE_FAILED EM-869 %L2-Serial-3-NULL_HW_FUNC EM-869 %L2-Serial-4-ALARM EM-869 %L2-SLARP_EA-2-EVENT_BLOCK EM-870 %L2-SLARP_EA-2-INIT EM-870 %L2-SLARP_EA-3-ADJ_UPDATE_FAIL EM-870 %L2-SLARP_LITE-3-ERR_CSL_DLL_ASYNC_SEND_FAIL EM-870 %L2-SLARP_LITE-3-ERR_CSL_DLL_CHAN_CONNECT_FAIL EM-871 %L2-SLARP_LITE-3-ERR_SHMEM_MMAP_FAIL EM-871 %L2-SLARP_LITE-3-ERR_SHMEM_OPEN_FAIL EM-871 %L2-SLARP_LITE-3-ERR_SHMEM_TRNC_FAIL EM-871 %L2-SLARP_LITE-3-ERR_SHMEM_UNAVAILABLE EM-87 2 %L2-SLARP-1-CAPS_ADD EM-872 %L2-SLARP-1-CAPS_REMOVE EM-872 %L2-SLARP-1-CLOCK_READ_ERROR EM-872 %L2-SLARP-1-CONN_ALLOC EM-873 %L2-SLARP-1-CONN_NOTIFY EM-873 %L2-SLARP-1-DEBUG_REGISTER EM-873 %L2-SLARP-1-EVENT_CONN EM-873 %L2-SLARP-1-EVENTBLOCK EM-873 %L2-SLARP-1-IM_STATEQUERY EM-874 %L2-SLARP-1-INVTIMER EM-874 %L2-SLARP-1-NO_INITIAL_CONFIG EM-874 %L2-SLARP-1-NOIDB EM-874 %L2-SLARP-1-NORESOURCE EM-874 %L2-SLARP-1-TIMER_ALLOC EM-875 %L2-SLARP-1-TRACE_REGISTER EM-875 %L2-SLARP-1-TREE_INSERT EM-875 %L2-SLARP-5-OLDSEQ EM-875 %L2-SLARP-5-PKTLENGTH EM-875 %L2-SLOGIC-4-ANOMALY EM-876 %L2-SONET_APS-4-WARNING EM-876 %L2-SONET_APS-4-WP_INFO EM-876 %L2-SONET_APS-6-CONFLICT EM-876 %L2-SONET_APS-6-CONTACT EM-876 %L2-SONET_APS-6-REQUEST_PREEMPTED EM-877 %L2-SONET_APS-6-SWITCH_INFO EM-877 %L2-SONET_APS-6-UPDOWN EM-877 %L2-SONET_APS-7-ERROR EM-877 %L2-SONET_APS-7-NOMEM EM-877 %L2-SONET_LOCAL-3-ERROR EM-878 %L2-SONET_LOCAL-4-ALARM EM-878 %L2-SONET_LOCAL-5-AIS_PWFAULT EM-878 %L2-SONET_LOCAL-6-CLEAR_COUNTERS EM-878 %L2-SPA_192-3-ERR_SPA_UNSUPPORTED EM-879 %L2-SPA_192-3-ERR_SPA_UNSUPPORTED EM-879 %L2-SPA_192-3-JACKET_ERROR EM-879 %L2-SPA_192-3-JACKET_V2_ERROR EM-879 %L2-SPA_192-3-SPARULE_INT_ERROR EM-879 %L2-SPA_192-6-SPARULE_ERROR EM-880 %L2-SPA_192-6-UPGRADE_FPGA EM-880 %L2-SPA_192-6-UPGRADE_FPGA EM-880 %L2-SPA_ATM_V2-3-DRIVER_ERR EM-880 %L2-SPA_ATM_V2-6-INFO EM-880 %L2-SPA_ATM_V2-7-DEBUG EM-880 %L2-SPA_C_SHIM-3-GET_SHIM_INFO_FAIL EM-881 %L2-SPA_C_SHIM-3-NULL_SHIM_INFO EM-881 %L2-SPA_C_SHIM-3-QUERY_FAIL EM-881 %L2-SPA_CHOC_DSX-3-HDLC_ERR_CHNL_QUE_OV_STAT EM-881 %L2-SPA_CHOC_DSX-3-NULL_PD_FIELD EM-882 %L2-SPA_ETHER-1-LTRACE_INIT_ERR EM-882 %L2-SPA_ETHER-2-LTRACE_RETRY_ERR EM-882 %L2-SPA_ETHER-2-SPA_CTX_ERR EM-882 %L2-SPA_ETHER-2-SPA_JKT_ERR EM-883 %L2-SPA_ETHER-2-SPA_MAC_ERR EM-883 %L2-SPA_ETHER-2-SPA_MAC_ERR EM-883 %L2-SPA_ETHER-3-INCONSISTENT_CONFIG EM-883 %L2-SPA_ETHER-3-PORT_DEL_TIMEOUT EM-883 %L2-SPA_ETHER-4-INVALID_MAC EM-884 %L2-SPA_ETHER-4-INVALID_MAC EM-884 %L2-SPA_ETHER-4-PORT_DEL_WARNING EM-884 %L2-SPA_ETHER-4-WAIT_CONFIG EM-884 %L2-SPA_ETHER-6-PORT_DEL_INFO EM-885 %L2-SPA_FPD-3-FATAL_ERROR EM-885 %L2-SPA_FPD-3-GET_IMG_ERROR EM-885 %L2-SPA_FPD-3-GET_VERSION_ERROR EM-885 %L2-SPA_FPD-3-SW_ERROR EM-886 %L2-SPA_FPD-3-UPDATE_FAILED EM-886 %L2-SPA_FPD-3-WRONG_OIR_STATE EM-886 %L2-SPA_FPD-5-OFFLINE_NOTICE EM-886 %L2-SPA_FPD-5-RELOAD_NOTICE EM-887 %L2-SPA_FPD-6-UPDATE_PASSED EM-887 %L2-SPA_FPD-6-UPDATE_START EM-887 %L2-SPA_OC3_OC12-3-DRIVER_ERR EM-887 %L2-SPA_OC3_OC12-3-DRIVER_ERR EM-887 %L2-SPA_OC3_OC12-3-ERR_IF EM-888 %L2-SPA_OC3_OC12-3-ERR_PLUGIN EM-888 %L2-SPA_OC3_OC12-3-ERR_RESTART EM-888 %L2-SPA_OC3_OC12-3-ERR_SFP EM-889 %L2-SPA_OC3_OC12-6-INFO EM-889 %L2-SPA_OC3_OC12-6-INFO EM-889 %L2-SPA_OC3_OC12-6-INFO EM-889 %L2-SPA_OC3_OC12-6-OPTICS_OIR EM-889 %L2-SPA_OC3_OC12-7-DEBUG EM-890 %L2-SPA_OC3_OC12-7-DEBUG EM-890 %L2-SPA_OC48-3-DRIVER_ERR EM-890 %L2-SPA_OC48-3-DRIVER_ERR EM-890Index EM-2655 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-SPA_OC48-3-ERR_INIT EM-890 %L2-SPA_OC48-3-ERR_SFP_OIR EM-891 %L2-SPA_OC48-6-INFO EM-891 %L2-SPA_OC48-6-INFO EM-891 %L2-SPA_OC48-6-OPTICS_INSERTION EM-891 %L2-SPA_OC48-6-OPTICS_REMOVAL EM-891 %L2-SPA_OC48-7-DEBUG EM-892 %L2-SPA_OC48-7-DEBUG EM-892 %L2-SPA_PLIM_SB-3-FPD_GETVER_FAIL EM-892 %L2-SPA_PLIM_SB-3-FPD_IMG_DNLD_ERROR EM-892 %L2-SPA_PLIM_SB-3-FPD_IMG_UPD_ERROR EM-893 %L2-SPA_PLIM_SB-3-MSG_REPLY_FAIL EM-893 %L2-SPA_PLIM_SB-3-MSG_SEND_FAIL EM-893 %L2-SPA_PLIM_SB-3-OPEN_CH_FAIL EM-893 %L2-SPA_PLIM_SB-3-SPA_FW_ERR EM-894 %L2-SPA_PLIM_SB-3-SW_ERROR EM-894 %L2-SPA_T3E3-6-SPA_RELOAD_INFO EM-894 %L2-SPA-3-BUS_FAILURE EM-894 %L2-SPA-3-IPSEC_SPA_CRASH EM-895 %L2-SPA-3-PLIM_HEARTBEAT_ERR EM-895 %L2-SPA-3-POWER_FAILURE EM-895 %L2-SPA-3-SYSDB_ERROR EM-895 %L2-SPA-4-CERR_REGISTRATION_FAILURE EM-896 %L2-SPA-5-APPS_IMAGE_DOWNLOADING EM-896 %L2-SPA-5-APPS_IMAGE_ERROR EM-896 %L2-SPA-5-APPS_IMAGE_SIZE_ERR EM-896 %L2-SPA-5-DOWNLOAD_METHOD_ERR EM-896 %L2-SPA-5-FILE_SIZE_ERR EM-896 %L2-SPA-5-OIR_ERROR EM-897 %L2-SPA-5-OIR_INSERTED EM-897 %L2-SPA-5-OIR_REMOVED EM-897 %L2-SPA-5-OS_IMAGE_DOWNLOADING EM-897 %L2-SPA-5-OS_IMAGE_ERROR EM-897 %L2-SPA-5-OS_IMAGE_SIZE_ERR EM-897 %L2-SPA-5-PLIM_EVENT_INIT_ERR EM-898 %L2-SPA-5-PLIM_KA_INIT_ERR EM-898 %L2-SPA-5-PLIM_RELOADING EM-898 %L2-SPA-5-STATE_CHANGE EM-898 %L2-SPA-6-OPTICS_INSERTION EM-898 %L2-SPA-6-OPTICS_REMOVAL EM-898 %L2-SPA-6-PM_ERR EM-899 %L2-SPAMSG-3-ERR EM-899 %L2-SPAMSG-6-INFO EM-899 %L2-SPIO_PD-3-ERROR_MSG EM-899 %L2-SPU_LIB-3-MSG_SEND_FAILED EM-900 %L2-SPU_LIB-6-INFO_WARNING EM-900 %L2-SPU_VFW_LIB-3-MSG_SEND_FAILED EM-900 %L2-SPU_VFW_LIB-6-INFO_WARNING EM-900 %L2-SPU_VFW-3-FATAL_ERR EM-900 %L2-SPU_VFW-3-NONFATAL_ERR EM-901 %L2-SPU_VFW-6-INFO_MSG EM-901 %L2-SPU-3-COREDUMP_END_NOTIF EM-901 %L2-SPU-3-COREDUMP_FP_NOTIF EM-901 %L2-SPU-3-COREDUMP_START_NOTIF EM-901 %L2-SPU-3-FATAL_ERR EM-902 %L2-SPU-3-NONFATAL_ERR EM-902 %L2-SPU-3-SER_NOTIF EM-902 %L2-SPU-6-INFO_MSG EM-902 %L2-SPU-6-MINOR_SBE_NOTIF EM-902 %L2-SRP-2-FATAL EM-903 %L2-SRP-2-FATAL EM-903 %L2-SRP-2-MUTEX EM-903 %L2-SRP-2-MUTEX EM-903 %L2-SRP-3-ERR_DUP_MAC_ADDR EM-904 %L2-SRP-3-ERR_MEDIA_SINGLE_RING EM-904 %L2-SRP-3-ERR_MEDIA_WRAP EM-904 %L2-SRP-3-ERR_SRR_VER_MISMATCH EM-904 %L2-SRP-6-INFO_SINGLE_NODE_TOPO EM-904 %L2-STP_IO-3-BPDU_DROPPED EM-905 %L2-STP_IO-3-DETACH_FAILED EM-905 %L2-STP_IO-3-TIMER_FAILED EM-905 %L2-STP_IO-4-CFG_FAILED EM-905 %L2-STP_IO-4-ERR_PACKET_INVALID_MSTI EM-906 %L2-STP_IO-4-ERROR_DISABLING_PORT EM-906 %L2-STP_IO-4-INITIALISATION_FAILURE EM-906 %L2-STP_IO-4-OOM EM-906 %L2-STP_IO-4-PROBLEM_EXITING EM-907 %L2-STP_IO-4-RECONNECT_FAILED EM-907 %L2-STP_IO-4-UNEXPECTED_BPDU_RECEIVED EM-907 %L2-STP_IO-4-UNEXPECTED_SYSDB_MESSAGE EM-907 %L2-STP_LIB-3-PROTECT_STATE EM-908 %L2-STP-3-PORT_STATE_UPDATES_BLOCKED EM-908 %L2-STP-4-ERR_CHKPT_SAVE EM-908 %L2-STP-4-ERR_PORT_ID_RECLAIM EM-909 %L2-STP-4-INITIALISATION_FAILURE EM-909 %L2-STP-4-INVALID_L2VPN_STATE EM-909 %L2-STP-4-LOOP_INCONSISTENT EM-909 %L2-STP-4-PORTFAST_CHANGES_PENDING EM-910 %L2-STP-4-PROBLEM_EXITING EM-910 %L2-STP-4-RECONNECT_FAILED EM-910 %L2-STP-4-TIMER_FAILED EM-910 %L2-STP-6-LOOP_CONSISTENT EM-910 %L2-STREE-4-CONNECT_FAIL EM-911 %L2-STREE-4-CREATE_FAIL EM-911 %L2-STREE-4-MSGSEND_FAIL EM-911 %L2-STREE-4-PORT_CREATE_FAIL EM-912 %L2-STREE-4-SET_MACADDR_FAIL EM-912 %L2-STREE-4-START_FAIL EM-912 %L2-T1E1-2-NOMEM EM-912 %L2-T1E1-3-ERROR EM-913 %L2-T1E1-4-ALARM EM-913 %L2-T1E1-4-LOOPSTATUS EM-913 %L2-T1E1-4-UPDOWN EM-913 %L2-T1E1-4-WARNING EM-913 %L2-T3E3-2-NOMEM EM-914 %L2-T3E3-3-ERROR EM-914 %L2-T3E3-4-ALARM EM-914 %L2-T3E3-4-FEAC EM-914 %L2-T3E3-4-LOOPSTATUS EM-914 %L2-T3E3-4-PM EM-914 %L2-T3E3-4-UPDOWN EM-915 %L2-T3E3-4-WARNING EM-915 %L2-TCAM_RM_CARVE_VERIFY-3-FATAL_ERR EM-915 %L2-TCAM_RM-3-BLWM_CLIENT_CONF_FAILED EM-915 %L2-TCAM_RM-3-BLWM_CLIENT_REBIND_FAILED EM-9 16Index EM-2656 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %L2-TCAM_RM-3-BLWM_FAILED_MSG_DUMP EM-916 %L2-TCAM_RM-3-BLWM_FAILED_MSG_MASK_DUMP E M-916 %L2-TCAM_RM-3-BLWM_FAILED_MSG_RESULT_DUMP EM-916 %L2-TCAM_RM-3-BLWM_FAILED_MSG_VALUE_DUMP EM-917 %L2-TCAM_RM-3-BLWM_MSG_SEND_FAILED EM-917 %L2-TCAM_RM-3-BLWM_RECVD_REPLY_FAIL EM-917 %L2-TCAM_RM-3-FATAL_ERR EM-917 %L2-TCAM_RM-3-MSG_SEND_FAILED EM-918 %L2-TCAM_RM-3-NONFATAL_ERR EM-918 %L2-TCAM_RM-3-RETURN_ERROR EM-918 %L2-TCAM_RM-3-TCAM_RM_RECVD_REPLY_NOMEM E M-918 %L2-TCAM_RM-4-BLWM_REPLAY_REQUEST EM-919 %L2-TCAM_RM-4-CACHE_ERR_COUNT EM-919 %L2-TCAM_RM-4-CACHE_UNSUPPORTED_OP_SEQUENCE EM-919 %L2-TCAM_RM-4-REPLY_HDLR_ERR_COUNT EM-919 %L2-TCAM_RM-5-PARITY_ERR EM-920 %L2-TCAM_RM-6-INFO_MSG EM-920 %L2-UDLD-4-DISABLE_PORT EM-920 %L2-UIDB_RM-3-INIT_ERR EM-921 %L2-VCM_CLIENT-1-COMM_ERR EM-921 %L2-VCM_EA-2-INTERNAL_ERR EM-921 %L2-VCM_EA-2-INTERNAL_ERR_2 EM-922 %L2-VCM-2-IM_ATTR_ERR EM-922 %L2-VCM-2-IM_ERR EM-922 %L2-VCM-2-INTERNAL_ERR EM-922 %L2-vlan_netio-4-DEBUG_INIT_ERROR EM-923 %L2-vlea-3-NATIVE_VLAN_NOTIF EM-923 %L2-vlea-3-NO_STATS EM-923 %L2-vlea-4-EVENT_BLOCK EM-924 %L2-vlea-4-IMP_CANT_REPLY EM-924 %L2-vlea-4-IMP_REG_FAILED EM-924 %L2-vlea-4-INIT_FAILED EM-924 %L2-vlea-6-NO_MEM EM-925 %L2-vlma-3-BULK_IM_HANDLER_FAILED EM-925 %L2-vlma-3-BULK_IM_HANDLER_FAILED_ALL EM-925 %L2-vlma-3-BULK_L2VPN_FAILED EM-926 %L2-vlma-3-BULK_L2VPN_FAILED_ALL EM-926 %L2-vlma-3-BULK_L2VPN_FAILED_BATCH EM-926 %L2-vlma-3-IM_ATTR_MSG_FAILED EM-926 %L2-vlma-3-IM_CONNECT_FAILED EM-927 %L2-vlma-3-IM_RESTART_RESYNC_FAILED EM-927 %L2-vlma-3-L2VPN_DISCONNECT_FAILED EM-927 %L2-vlma-3-MAIN_INTF_INIT_FAILED EM-927 %L2-vlma-4-ASYNC_HANDLER EM-928 %L2-vlma-4-ATTR_NOTIF_LOST EM-928 %L2-vlma-4-BULK_IM_HANDLER_FAILED_BATCH EM-92 8 %L2-vlma-4-EVENT_BLOCK EM-928 %L2-vlma-4-IM_HANDLER_FAILED EM-929 %L2-vlma-4-INIT_FAILED EM-929 %L2-vlma-4-RECOVERY_FAILED EM-929 %L2-vlma-6-NO_MEM EM-929 %L2-vlma-6-UNKNOWN_NODE_VLAN_LIMIT EM-930 %L2-VPA_1P_OC192-3-MEM_ERR EM-930 %L2-VPA_1P_OC192-3-MEM_ERR EM-930 %L2-VPA_1P_OC192-6-OPTICS_INSERTION EM-930 %L2-VPA_1P_OC192-6-OPTICS_INSERTION EM-930 %L2-VPA_1P_OC192-6-OPTICS_REMOVAL EM-931 %L2-VPA_1P_OC192-6-OPTICS_REMOVAL EM-931 %L2-VPA_1P_OC192-6-PORT_DEL_INFO EM-931 %L2-VPA_1P_OC192-7-ERR EM-931 %L2-VPA_1P_OC192-7-ERR EM-931 %L2-VPA_1P_OC192-7-INFO EM-931 %L2-VPA_1P_OC192-7-INFO EM-932 %L2-VPA_8P_GE-1-LTRACE_INIT_ERR EM-932 %L2-VPA_8P_GE-2-LTRACE_RETRY_ERR EM-932 %L2-VPA_8P_GE-2-SPA_CTX_ERR EM-932 %L2-VPA_8P_GE-2-SPA_JKT_ERR EM-932 %L2-VPA_8P_GE-2-SPA_MAC_ERR EM-933 %L2-VPA_8P_GE-2-SPA_MAC_ERR EM-933 %L2-VPA_8P_GE-3-PORT_DEL_TIMEOUT EM-933 %L2-VPA_8P_GE-4-INVALID_MAC EM-933 %L2-VPA_8P_GE-4-INVALID_MAC EM-934 %L2-VPA_8P_GE-6-PORT_DEL_INFO EM-934 %L2-VPA_RULES-4-DEBUG_INIT_ERR EM-934 %L2-VPA_RULES-4-DEBUG_INIT_ERR EM-934 %L2-WAHOO-3-ERR_ACCESS EM-935 %L2-WAHOO-6-INFO_MSG EM-935 %L2-WAHOO-6-INTERRUPT_INFO EM-935 %L2-WAHOO-7-ERR_PIPE_STUCK EM-935 %L2-WAHOO-7-PAIR_PCR_REG EM-936 %L2-WAHOO-7-PAIR_REG EM-936 %L2-WAHOO-7-PAIR_REG_LIST EM-936 %L2-WAHOO-7-PHB_DUMP EM-937 %L2-WAN_INARP-2-INIT EM-937 %L2-WAN_INARP-3-CONFIG EM-937 %L2-WAN_INARP-3-NOMEM EM-937 %L2-WAN_INARP-3-UNKNOWN_EVENT EM-938 %L2-WAN_INARP-3-UNKNOWN_FSMSTATE EM-938 %L2-WAN_INARP-3-UNKNOWN_IDB EM-938 %L2-WAN_INARP-3-UNKNOWN_IDBTYPE EM-938 %L2-WAN_INARP-3-UNKNOWN_IFSTATE EM-938 %L2-WAN_INARP-3-VCCLASS_IDB EM-939 %L2-WAN_INARP-4-UNKNOWN_INTF EM-939 %L2-WAN_LIB_IFDB-3-NOMEM EM-939 %L2-WAN_LIB_IFDB-3-UNKNOWN_IDBTYPE EM-939 %L2-WAN_LIB_VCC-3-NOMEM EM-940 %L2-WAN_LIB_VCC-3-UNKNOWN_IDBTYPE EM-940 %L2-XCONNECT-3-ERROR EM-940 %L2-XCONNECT-3-init EM-940 %L2-XCONNECT-6-GENERIC EM-941 %L3-IPV6_ND_LITE-3-ERR_ASYNC_SEND_FAIL EM-943 %L3-IPV6_ND_LITE-3-ERR_CHAN_CONNECT_FAIL EM-94 3 %L3-IPV6_ND_LITE-3-ERR_SELF_GENERATE EM-944 %L3-IPV6_ND_LITE-3-ERR_SHMEM_CACHED_DATA_FAIL EM-944 %L3-IPV6_ND_LITE-3-ERR_SHMEM_GIP_UNAVAILABLE EM-944 %L3-IPV6_ND_LITE-3-ERR_SHMEM_MMAP_FAIL EM-944 %L3-IPV6_ND_LITE-3-ERR_SHMEM_MUNMAP_FAIL EM-Index EM-2657 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 945 %L3-IPV6_ND_LITE-3-ERR_SHMEM_OPEN_FAIL EM-945 %L3-IPV6_ND_LITE-3-ERR_SHMEM_TRNC_FAIL EM-945 %L3-IPV6_ND_LITE-3-ERR_SHMEM_UNAVAILABLE EM- 945 %L3-IPV6_ND_LITE-3-ERR_SHMEM_UNLINK_FAIL EM-94 6 %LICENSE-GSR_LCLM_SHOW-3-ERROR EM-947 %LICENSE-LCLICMGR-2-NO_LICENSE EM-947 %LICENSE-LCLICMGR-3-ERROR EM-948 %LICENSE-LCLICMGR-3-RATE_MODE_SECURITY_AUTH EM-948 %LICENSE-LCLICMGR-3-RATE_MODE_SECURITY_FAIL EM-948 %LICENSE-LCLICMGR-5-RATE_CHANGE EM-948 %LICENSE-LICCMD-4-LACK_OF_ARG EM-949 %LICENSE-LICCMD-4-TRACE_INIT_FAILED EM-949 %LICENSE-LICLIB-3-DB_DIR_ERROR EM-949 %LICENSE-LICLIB-3-NO_APP_MEDIA EM-950 %LICENSE-LICLIB-4-TRACE_INIT_FAILED EM-950 %LICENSE-LICLIB-6-DB_DIR_CREATE EM-950 %LICENSE-LICMGR-3-AUTHENTICATION_ERR EM-950 %LICENSE-LICMGR-3-CHASSIS_MISMATCH EM-951 %LICENSE-LICMGR-3-DB_CORRUPT EM-951 %LICENSE-LICMGR-3-DB_DIR_ERROR EM-951 %LICENSE-LICMGR-3-DB_SAVE_ERROR EM-951 %LICENSE-LICMGR-3-EVENT_FAIL EM-952 %LICENSE-LICMGR-3-EXIT_ERROR EM-952 %LICENSE-LICMGR-3-INIT EM-952 %LICENSE-LICMGR-3-NO_OPERATION_ID EM-952 %LICENSE-LICMGR-3-NO_SERIAL_NUM EM-953 %LICENSE-LICMGR-3-SYSDB EM-953 %LICENSE-LICMGR-3-SYSDBREG EM-953 %LICENSE-LICMGR-4-AUDIT_PROBLEM EM-953 %LICENSE-LICMGR-4-DATASTORE_PROBLEM EM-953 %LICENSE-LICMGR-4-IMPLICIT_EXPIRED EM-954 %LICENSE-LICMGR-4-IMPLICIT_LICENSE_USED EM-954 %LICENSE-LICMGR-4-IMPLICIT_WILL_EXPIRE EM-954 %LICENSE-LICMGR-4-LICENSE_EXPIRED EM-954 %LICENSE-LICMGR-4-LICENSE_FILE_PROBLEM EM-955 %LICENSE-LICMGR-4-LICENSE_POOL_REMOVED EM-95 5 %LICENSE-LICMGR-4-LICENSE_RMA_EXPIRED EM-955 %LICENSE-LICMGR-4-LICENSE_RMA_WILL_EXPIRE EM- 955 %LICENSE-LICMGR-4-LICENSE_WILL_EXPIRE EM-956 %LICENSE-LICMGR-6-LICENSE_CLEAR_FEATURE EM-95 6 %LICENSE-LICMGR-6-LICENSE_CLEAR_NO_FEATURE E M-956 %LICENSE-LICMGR-6-LICENSE_CLEAR_NO_POOL EM-95 6 %LICENSE-LICMGR-6-LICENSE_CLEAR_POOL EM-957 %LICENSE-LICMGR-6-LOAD_LICENSE_FILE EM-957 %LICENSE-LICMGR-6-LOAD_LICENSE_FILE_OK EM-957 %LICENSE-LICMGR-6-READ_LICENSE_FILE EM-957 %LICENSE-LICMGR-7-CLIENT_NORESPONSE EM-958 %LICENSE-LICMGR-7-LICENSE_RECLAIMED EM-958 %MEDIA-c12000_bflash_prp_driver-3-INIT_ERROR EM-959 %MEDIA-DISKUTIL-3-INIT_ERROR EM-959 %MEDIA-FLASHFS_HES-1-BADDEVOPEN EM-960 %MEDIA-FLASHFS_HES-1-BADOPTIONS EM-960 %MEDIA-FLASHFS_HES-1-BADPATH EM-960 %MEDIA-FLASHFS_HES-1-BADPERM EM-960 %MEDIA-FLASHFS_HES-1-CARD_UNAVAILABLE EM-960 %MEDIA-FLASHFS_HES-1-COND_PROBLEM EM-961 %MEDIA-FLASHFS_HES-1-DRIVER_UNAVAILABLE EM-9 61 %MEDIA-FLASHFS_HES-1-INIT_FAILED EM-961 %MEDIA-FLASHFS_HES-1-MUTEX_PROBLEM EM-961 %MEDIA-FLASHFS_HES-3-BAD_DEVICE_DATA EM-961 %MEDIA-FLASHFS_HES-3-BAD_DRIVER_WAIT_THREAD EM-962 %MEDIA-FLASHFS_HES-3-BAD_PULSE_ATTACH EM-962 %MEDIA-FLASHFS_HES-3-BAD_THREAD_CREATE EM-96 2 %MEDIA-FLASHFS_HES-3-BADCARD EM-962 %MEDIA-FLASHFS_HES-3-BADCHANNEL EM-962 %MEDIA-FLASHFS_HES-3-BADDLLOPEN EM-963 %MEDIA-FLASHFS_HES-3-BADDLSYM EM-963 %MEDIA-FLASHFS_HES-3-BADHDR EM-963 %MEDIA-FLASHFS_HES-3-BADSTATUS EM-963 %MEDIA-FLASHFS_HES-3-BOOTFLASH_CORRUPTED EM -963 %MEDIA-FLASHFS_HES-3-CONNECT_FAILED EM-964 %MEDIA-FLASHFS_HES-3-DEBUG_INIT_FAILED EM-964 %MEDIA-FLASHFS_HES-3-DRIVER_CHANGED EM-964 %MEDIA-FLASHFS_HES-3-EVENT_BLOCK_ERROR EM-96 4 %MEDIA-FLASHFS_HES-3-EVENT_MGR_CREATE_FAILED EM-964 %MEDIA-FLASHFS_HES-3-FAIL_DEBUG_REG EM-965 %MEDIA-FLASHFS_HES-3-RECOVERY_FROM_SQUEEZE_F AILED EM-965 %MEDIA-FLASHFS_HES-3-SYMLINK_EXPORT EM-965 %MEDIA-FLASHFS_HES-3-SYSMGR_PROC_READY_FAILE D EM-965 %MEDIA-FLASHFS_HES-4-BAD_DRIVER_PULSE_REGISTR ATION EM-965 %MEDIA-FLASHFS_HES-4-BAD_SECTOR_ERASE EM-966 %MEDIA-FLASHFS_HES-4-CARD_WRITE_PROTECTED E M-966 %MEDIA-FLASHFS_HES-4-EXCLUSIVE_ACCESS_DENIED EM-966 %MEDIA-FLASHFS_HES-4-UNKNOWN_PULSE EM-966 %MEDIA-FLASHFS_HES-5-CARD_SWAPPED EM-966 %MEDIA-FLASHFS_HES-6-DRIVER_BACK_UP EM-966 %MEDIA-FLASHFS_HES-6-RECOVERING_FROM_SQUEEZE EM-967 %MEDIA-FLASHFS_HES-6-RECOVERING_FROM_SQUEEZE _DONE EM-967 %MEDIA-FLASHFS_HES-6-USAGE EM-967 %MEDIA-FSDEVINFO-3-DBG_CLEANUP EM-967 %MEDIA-FSDEVINFO-3-EVM_ERROR EM-968 %MEDIA-FSDEVINFO-3-GET_FILESYS_ERR EM-968 %MEDIA-FSDEVINFO-3-LWM_ERROR EM-968Index EM-2658 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MEDIA-FSDEVINFO-3-MAIN_INIT_ERROR EM-968 %MEDIA-FSDEVINFO-3-NO_MEMORY EM-968 %MEDIA-FSDEVINFO-3-REGISTER_ERROR EM-969 %MEDIA-FSDEVINFO-3-SIGNAL_RELATED EM-969 %MEDIA-FSDEVINFO-3-SYSDB_CONNECT_FAIL EM-969 %MEDIA-FSDEVINFO-3-SYSMGR_READY EM-969 %MEDIA-FSDEVINFO-3-THREAD_ERROR EM-969 %MEDIA-FSDEVINFO-4-INVALID_PARM EM-970 %MEDIA-GETMEDIA-4-DEVFILE_READ_FAILED EM-970 %MEDIA-GETMEDIA-4-INVALID_PARM EM-970 %MEDIA-GT_BFLASH_DRIVER-4-ERR_OPTION EM-970 %MEDIA-GT_BFLASH_DRIVER-4-ERR_USAGE EM-970 %MEDIA-GT_BFLASH_DRIVER-7-ERR_DETECT_BOARD EM-971 %MEDIA-GT_BFLASH_DRIVER-7-UNKNOWN_BOARD_STA TE EM-971 %MEDIA-HARDDISK-3-MALLOC_FAIL EM-971 %MEDIA-HARDDISK-3-SPAWN_FAIL EM-971 %MEDIA-HARDDISK-3-SYSMGR_REGISTER_FAIL EM-971 %MEDIA-HARDDISK-4-GET_NODE_FAIL EM-971 %MEDIA-HARDDISK-7-MUTEX_LOCK EM-972 %MEDIA-HARDDISK-7-MUTEX_UNLOCK EM-972 %MEDIA-HARDDISK-7-UNKNOWN_MACHINE EM-972 %MEDIA-HARDDISK-7-UNSUPPORTED_BOARD EM-972 %MEDIA-HFRSP_BFLASH_DRIVER-3-INVALID_OPTION EM-972 %MEDIA-HFRSP_BFLASH_DRIVER-3-INVALID_OPTION EM-972 %MEDIA-MB_FLASH_LIB-1-BADCHANNEL EM-973 %MEDIA-MB_FLASH_LIB-1-BADPATH EM-973 %MEDIA-MB_FLASH_LIB-7-VERIFYINFO EM-973 %MEDIA-mbus_flash_driver-3-INIT_ERROR EM-973 %MEDIA-MEDIAAPI-4-CHAN_CONNECT_FAILED EM-974 %MEDIA-MEDIAAPI-4-INVALID_FSTYPE EM-974 %MEDIA-MEDIAAPI-4-INVALID_PARM EM-974 %MEDIA-MEDIAAPI-4-MSG_SEND_FAILED EM-974 %MEDIA-MEDIASVR-2-NODE_RELOADING EM-975 %MEDIA-MEDIASVR-4-DEVICE_CORRUPT EM-975 %MEDIA-MEDIASVR-4-DEVICE_FAILED EM-975 %MEDIA-MEDIASVR-4-FSTYPE_MISMATCH EM-975 %MEDIA-MEDIASVR-4-INIT_ERROR EM-976 %MEDIA-MEDIASVR-4-NVRAM_WRITE EM-976 %MEDIA-MEDIASVR-5-DEVICE_FORMATTED EM-976 %MEDIA-MEDIASVR-5-DEVICE_INCONSISTENT EM-976 %MEDIA-MEDIASVR-5-DEVICE_REPAIRED EM-976 %MEDIA-MEDIASVR-5-DEVICE_UNFORMATTED EM-977 %MEDIA-MEDIASVR-5-PARTITION_REASON EM-977 %MEDIA-MEDIASVR-6-BOOT_DEVICE_FORMAT_REQUES TED EM-977 %MEDIA-MEDIASVR-6-DEVICE_FORMAT_COMPLETED EM-977 %MEDIA-MEDIASVR-6-DEVICE_FORMAT_REQUESTED EM-978 %MEDIA-MEDIASVR-6-NVRAM_READ_FSTYPE EM-978 %MEDIA-MEDIASVR-6-NVRAM_UNKNOWN_FSTYPE EM -978 %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CHECKS UM EM-978 %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CLASSIC _CONFIG EM-979 %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CLASSIC _CONFIG_COMPRESS EM-979 %MEDIA-NVRAM_PLATFORM_COMMON-3-BAD_CLASSIC _CONFIG_MEM EM-979 %MEDIA-NVRAM_PLATFORM_COMMON-3-LOGGING_ER ROR EM-979 %MEDIA-NVRAM_PLATFORM_COMMON-4-WRITE_ABOR T EM-979 %MEDIA-NVRAM_PLATFORM-3-BAD_NVRAM_MAP EM- 980 %MEDIA-NVRAM_PLATFORM-3-BAD_NVRAM_VAR EM- 980 %MEDIA-NVRAM_PLATFORM-3-BATTERY_LOW EM-980 %MEDIA-NVRAM_PLATFORM-3-NO_SPACE EM-980 %MEDIA-NVRAM_PLATFORM-3-NVRAM_RAW_NOT_SUPP ORTED EM-980 %MEDIA-NVRAM_PLATFORM-3-NVRAM_SIZE_ZERO EM -981 %MEDIA-NVRAM_PLATFORM-4-BAD_NVRAM_BYTES E M-981 %MEDIA-NVRAM_PLATFORM-4-BAD_NVRAM_MAP EM- 981 %MEDIA-NVRAM_PLATFORM-4-BAD_NVRAM_MAP EM- 981 %MEDIA-NVRAM_PLATFORM-7-BAD_NVRAM_VAR EM- 981 %MEDIA-NVRAM_PLATFORM-7-BAD_NVRAM_VAR EM- 982 %MEDIA-NVRAM_PLATFORM-7-ERROR_REG_PM EM-982 %MEDIA-NVRAM_PLATFORM-7-ERROR_RUN_BMON EM -982 %MEDIA-NVRAM_PLATFORM-7-NVRAM_SIZE_ZERO EM -982 %MEDIA-NVRAM_UTIL-3-DEBUG_INIT_FAILED EM-982 %MEDIA-NVRAM_UTIL-3-FAIL_DEBUG_REG EM-983 %MEDIA-NVRAM-3-BADDLLOPEN EM-983 %MEDIA-NVRAM-3-BADDLSYM EM-983 %MEDIA-NVRAM-3-BADFUNCTIONS EM-983 %MEDIA-NVRAM-3-BADINIT EM-983 %MEDIA-NVRAM-3-BADMEM EM-984 %MEDIA-NVRAM-3-CONNECT_FAILED EM-984 %MEDIA-NVRAM-3-CORRUPT EM-984 %MEDIA-NVRAM-3-EVENT_BLOCK_ERROR EM-984 %MEDIA-NVRAM-3-FORMATERROR EM-984 %MEDIA-NVRAM-3-NOSPACE EM-984 %MEDIA-NVRAM-3-RECOVERED EM-985 %MEDIA-NVRAM-4-BADFILES EM-985 %MEDIA-NVRAM-6-OPEN_DUMP_PATH EM-985 %MEDIA-NVRAM-6-OPENERROR EM-985 %MEDIA-NVRAM-6-UPGRADING EM-985 %MEDIA-NVRAM-7-BADPATH EM-985 %MEDIA-NVRAM-7-BADRAWINIT EM-986 %MEDIA-NVRAM-7-EVENT_MGR_CREATE_FAILED EM-9 86 %MEDIA-REDFSAPI-4-CHAN_CONNECT_FAILED EM-986 %MEDIA-REDFSAPI-4-INVALID_PARM EM-986Index EM-2659 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MEDIA-REDFSAPI-4-MSG_SEND_FAILED EM-986 %MEDIA-SYNCFS2-3-FAILURE EM-987 %MEDIA-SYNCFS2-3-INIT_FAILED EM-987 %MEDIA-SYNCFS2-3-REGISTER_NTFN EM-987 %MEDIA-SYNCFS2-3-STBY_SYMLINK EM-987 %MEDIA-SYNCFS2-3-STBY_SYMLINK_NOTYET EM-987 %MEDIA-SYNCFS2-7-CLIENT_ERR EM-988 %MEDIA-SYNCFS2-7-LOST_SYNC EM-988 %MEDIA-SYNCFS2-7-LRD_AVAILABLE EM-988 %MEDIA-SYNCFS2-7-LRD_NOTAVAILABLE EM-988 %MEDIA-SYNCFS2-7-LRD_PARTNER_AVAILABLE EM-98 8 %MEDIA-SYNCFS2-7-MUTEX_LOCK EM-989 %MEDIA-SYNCFS2-7-MUTEX_TEST_LOCK EM-989 %MEDIA-SYNCFS2-7-MUTEX_UNLOCK EM-989 %MEDIA-SYNCFS2-7-REPLICATE_FAIL EM-989 %MEDIA-SYNCFS2LIB-6-LOST_SYNC EM-989 %MEDIA-SYNCFS2LIB-7-MUTEX_LOCK EM-989 %MEDIA-SYNCFS2LIB-7-MUTEX_TEST_LOCK EM-990 %MEDIA-SYNCFS2LIB-7-MUTEX_UNLOCK EM-990 %MGBL-adminexec-3-ACCT_ERR EM-991 %MGBL-adminexec-3-AUTHORIZATION_ERR EM-991 %MGBL-adminexec-3-EVENT_ATTACH EM-991 %MGBL-adminexec-3-EVENT_BLOCK EM-992 %MGBL-adminexec-3-EVENT_MANAGER_CREATE EM-992 %MGBL-adminexec-3-EVENT_MANAGER_DESTORY_FAILE D EM-992 %MGBL-adminexec-3-GETLINE_DATA EM-992 %MGBL-adminexec-3-GETLINE_INIT EM-992 %MGBL-adminexec-3-LTRACE_INIT EM-993 %MGBL-adminexec-3-LWM EM-993 %MGBL-adminexec-3-PTHREAD_CREATE EM-993 %MGBL-adminexec-3-SYSDB_BIND_FAILED EM-993 %MGBL-adminexec-3-SYSDB_REGISTER_NOTIFICATION EM-993 %MGBL-adminexec-4-DISPLAYING_DEFAULT_HOSTNAME EM-994 %MGBL-ALARM_LOC_TEST-4-SIMPLE_NO_SOURCELOC EM-994 %MGBL-ALARM_LOC_TEST-4-SIMPLE_WITH_SOURCELO C EM-994 %MGBL-ALARMS-6-CLEAR EM-994 %MGBL-APP_OBJ-2-ELEMENT_EXISTS EM-995 %MGBL-APP_OBJ-2-INVALID_ELEM_COUNT EM-995 %MGBL-APP_OBJ-2-NULL_PARAM EM-995 %MGBL-APP_OBJ-7-ERR EM-995 %MGBL-ATM_VCCLASS-2-CONSUMER_INIT_ERROR EM -996 %MGBL-ATM_VCCLASS-2-MEM_ERROR EM-996 %MGBL-ATM_VCCLASS-2-PRODUCER_INIT_ERROR EM- 996 %MGBL-ATM_VCCLASS-2-VCCLASS_LIB_INIT_ERROR E M-996 %MGBL-ATM_VCCLASS-3-ATTACH_ERROR EM-997 %MGBL-ATM_VCCLASS-3-CONSUMER_ENS_ERROR EM- 997 %MGBL-ATM_VCCLASS-3-CONSUMER_ERROR EM-997 %MGBL-ATM_VCCLASS-3-CONSUMER_RCV_BUF_ERROR EM-997 %MGBL-ATM_VCCLASS-3-EDM_ERROR EM-997 %MGBL-ATM_VCCLASS-3-ENS_ERROR EM-998 %MGBL-ATM_VCCLASS-3-INVALID_ARG EM-998 %MGBL-ATM_VCCLASS-3-PRODUCER_DATA_ERROR E M-998 %MGBL-ATM_VCCLASS-3-PRODUCER_HDLR_ERROR E M-998 %MGBL-ATM_VCCLASS-3-SYSDB_ERROR EM-998 %MGBL-ATM_VCCLASS-3-TREE_ERROR EM-999 %MGBL-BISCUIT_MA-3-APPLY_ERROR EM-999 %MGBL-CLEAR-3-ERR_MEM_ALLOC EM-999 %MGBL-CLEAR-3-ERR_SYSDB_BIND EM-999 %MGBL-CLEAR-3-ERR_SYSDB_SET EM-1000 %MGBL-CLEAR-3-ERR_SYSDB_UNBIND EM-1000 %MGBL-CONAUX-3-AUX_BLOCK_REG_ERROR EM-1000 %MGBL-CONAUX-3-AUX_REG_ERROR EM-1000 %MGBL-CONAUX-3-CONSOLE_BLOCK_REG_ERROR EM -1001 %MGBL-CONAUX-3-CONSOLE_REG_ERROR EM-1001 %MGBL-CONFIG_HIST_UPDATE-3-INET_NTOP_ERR EM- 1001 %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_BIND_ERR E M-1001 %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_DELETE EM-1 002 %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_GET EM-1002 %MGBL-CONFIG_HIST_UPDATE-3-SYSDB_SET EM-1002 %MGBL-CONFIG_HIST_UPDATE-3-TRANSACTION_START EM-1002 %MGBL-CONFIG_HIST_UPDATE-3-TTY_NMSPC_PATH E M-1002 %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_LOCK_ERROR EM-1003 %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_NULL_ON_SUC CESS EM-1003 %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_PACK EM-1003 %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_UNLOCK_ERRO R EM-1003 %MGBL-CONFIG_HIST_UPDATE-3-TUPLE_UNPACK EM-1 003 %MGBL-CONFIG-0-INIT_FAILURE EM-1004 %MGBL-CONFIG-0-INIT_RETRY_SUCCEEDED EM-1004 %MGBL-CONFIG-2-STARTUP_ALTERNATE EM-1004 %MGBL-CONFIG-3-ADMIN_INCONSISTENCY_ALARM E M-1004 %MGBL-CONFIG-3-CFS_NATIVITY_CLEANUP EM-1005 %MGBL-CONFIG-3-DB_CONSOLIDATE EM-1005 %MGBL-CONFIG-3-DB_DISK EM-1005 %MGBL-CONFIG-3-FILESAVE_ERROR EM-1005 %MGBL-CONFIG-3-INCONSISTENCY_ALARM EM-1005 %MGBL-CONFIG-3-INTERFACE_ERROR EM-1006 %MGBL-CONFIG-3-OIR_TIMEOUT EM-1006 %MGBL-CONFIG-3-PARSE EM-1006 %MGBL-CONFIG-3-READ EM-1006 %MGBL-CONFIG-3-STARTUP EM-1007 %MGBL-CONFIG-3-UNLOCK_ERR EM-1007 %MGBL-CONFIG-4-CFS_NATIVITY EM-1007Index EM-2660 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MGBL-CONFIG-4-DB_DISK_FAILURE EM-1007 %MGBL-CONFIG-4-DB_INIT_FAILURE EM-1007 %MGBL-CONFIG-4-DIR_MODE_ERR EM-1008 %MGBL-CONFIG-4-FAILED EM-1008 %MGBL-CONFIG-4-INIT_ERROR EM-1008 %MGBL-CONFIG-4-INTERFACE_PORTS EM-1008 %MGBL-CONFIG-4-TRACE EM-1009 %MGBL-CONFIG-4-VERSION EM-1009 %MGBL-CONFIG-5-SESSION_CLEAR EM-1009 %MGBL-CONFIG-6-DB_COMMIT EM-1009 %MGBL-CONFIG-6-DB_COMMIT_ADMIN EM-1009 %MGBL-CONFIG-6-OIR_RESTORE EM-1010 %MGBL-CONFIG-6-OIR_SAVE EM-1010 %MGBL-CONFIG-6-PKG EM-1010 %MGBL-CONFIG-7-INTERNAL EM-1010 %MGBL-CONFIGCLI-2-STARTUP_ANNOUNCE_ERR EM-1 011 %MGBL-CONFIGCLI-3-AAA_ERR EM-1011 %MGBL-CONFIGCLI-3-ADMIN_BATCH_CONFIG_FAIL E M-1011 %MGBL-CONFIGCLI-3-ADMIN_CONFIG_INIT_ERR EM-10 11 %MGBL-CONFIGCLI-3-AUTOSAVE_INIT_ERR EM-1012 %MGBL-CONFIGCLI-3-BATCH_CONFIG_FAIL EM-1012 %MGBL-CONFIGCLI-3-CHILD_TERMINATED EM-1012 %MGBL-CONFIGCLI-3-CONFIG_ABORT EM-1012 %MGBL-CONFIGCLI-3-EVENT_ATTACH EM-1012 %MGBL-CONFIGCLI-3-EVH_INIT_ERR EM-1013 %MGBL-CONFIGCLI-3-FAILED_CREATE_THREAD EM-10 13 %MGBL-CONFIGCLI-3-FILE_OPERATION EM-1013 %MGBL-CONFIGCLI-3-GETLINE_DATA EM-1013 %MGBL-CONFIGCLI-3-LTRACE_INIT EM-1014 %MGBL-CONFIGCLI-3-LTRACE_INIT EM-1014 %MGBL-CONFIGCLI-3-LWM EM-1014 %MGBL-CONFIGCLI-3-MALLOC_ERROR EM-1014 %MGBL-CONFIGCLI-3-MEMORY_INFO_ERROR EM-1014 %MGBL-CONFIGCLI-3-PIPE_FAILURE EM-1015 %MGBL-CONFIGCLI-3-PROGRESS_BAR EM-1015 %MGBL-CONFIGCLI-3-READ_FAILURE EM-1015 %MGBL-CONFIGCLI-3-SIGNAL_ATTACH EM-1015 %MGBL-CONFIGCLI-3-STARTUP_FILE_DIR_ERR EM-1015 %MGBL-CONFIGCLI-3-SYSDB EM-1016 %MGBL-CONFIGCLI-3-TARGET_CFG_CLEAR EM-1016 %MGBL-CONFIGCLI-3-TARGET_CFG_COMMIT EM-1016 %MGBL-CONFIGCLI-3-TARGET_CFG_COMMIT EM-1016 %MGBL-CONFIGCLI-3-TARGET_CFG_CREATE EM-1016 %MGBL-CONFIGCLI-3-TARGET_CFG_DESTROY EM-1017 %MGBL-CONFIGCLI-3-TARGET_CFG_LOCKERR EM-1017 %MGBL-CONFIGCLI-3-TARGET_CFG_UNLOCKERR EM-1 017 %MGBL-CONFIGCLI-4-DISPLAYING_DEFAULT_HOSTNAM E EM-1017 %MGBL-CONFIGCLI-4-FAILED_CONFIG_NOT_DELETED EM-1017 %MGBL-CONFIGCLI-4-SPAWN_FAILURE EM-1018 %MGBL-CONFIGCLI-4-STARTUP_FILE_OPEN_WRN EM-1 018 %MGBL-CONFIGCLI-7-INFRA_READY EM-1018 %MGBL-CONFIGEDM-3-FAILEDREGCOMP EM-1018 %MGBL-CONFIGEDM-3-FAILEDREGEXEC EM-1019 %MGBL-CONFIGEDM-3-REGISTER EM-1019 %MGBL-CONFIGEDM-3-UNREGISTER EM-1019 %MGBL-CORRELATOR-4-BUFFER_RECYCLE EM-1019 %MGBL-EMORB_XMLAGENT-3-CRYPTO_DEACT EM-102 0 %MGBL-EMORB_XMLAGENT-3-CRYPTO_INIT EM-1020 %MGBL-EMORB_XMLAGENT-6-PIPE_RESTART EM-1020 %MGBL-EMORB_XMLAGENT-6-RESTART_WAIT_TIMEOU T EM-1020 %MGBL-EMORB_XMLAGENT-6-TCP_RESTART EM-1020 %MGBL-exec-3-ACCT_ERR EM-1021 %MGBL-exec-3-BAG_REGISTER EM-1021 %MGBL-exec-3-CHDIR_FAILED EM-1021 %MGBL-exec-3-DEBUG_DLL_HOOK_FAILED EM-1021 %MGBL-exec-3-DEBUGINIT EM-1021 %MGBL-exec-3-DEBUGREG EM-1022 %MGBL-exec-3-EVENT_ATTACH EM-1022 %MGBL-exec-3-EVENT_BLOCK EM-1022 %MGBL-exec-3-EVENT_INIT_EVENT EM-1022 %MGBL-exec-3-EVENT_MANAGER_CREATE EM-1022 %MGBL-exec-3-EVENT_MANAGER_DESTORY_FAILED E M-1023 %MGBL-exec-3-GET_ENVPATH EM-1023 %MGBL-exec-3-GETLINE_DATA EM-1023 %MGBL-exec-3-GETLINE_INIT EM-1023 %MGBL-exec-3-LOGIN_AUTHEN EM-1023 %MGBL-exec-3-LOGIN_ECM_CONN_SYSDB_FAILED EM- 1024 %MGBL-exec-3-LTRACE_INIT EM-1024 %MGBL-exec-3-LWM EM-1024 %MGBL-exec-3-MUTEX_LOCK EM-1024 %MGBL-exec-3-PARSER_UNAVAIL EM-1024 %MGBL-exec-3-PTHREAD_CREATE EM-1025 %MGBL-exec-3-PTHREAD_MUTEX_LOCK EM-1025 %MGBL-exec-3-PTHREAD_MUTEX_UNLOCK EM-1025 %MGBL-exec-3-SETENV_FAILED EM-1025 %MGBL-exec-3-SYSDB_BIND_FAILED EM-1025 %MGBL-exec-3-SYSDB_ITEM_DELETE_FAILED EM-1026 %MGBL-exec-3-SYSDB_ITEM_GET_FAILED EM-1026 %MGBL-exec-3-SYSDB_REGISTER_EDM EM-1026 %MGBL-exec-3-SYSDB_REGISTER_NOTIFICATION EM-10 26 %MGBL-exec-3-SYSDB_UNBIND_FAILED EM-1026 %MGBL-exec-3-TASKMAP_GET EM-1027 %MGBL-exec-3-TCGETATTR_FAIL EM-1027 %MGBL-exec-3-TCSETATTR_FAIL EM-1027 %MGBL-exec-3-TTY_DETAILS EM-1027 %MGBL-exec-3-TTY_MGMT_CONNECT EM-1027 %MGBL-exec-3-TTY_MGMT_DEREGISTER EM-1028 %MGBL-exec-3-TTY_MGMT_REG_OPTIONS EM-1028 %MGBL-exec-3-TTY_MGMT_REG_SUBSET EM-1028 %MGBL-exec-3-TTY_MGMT_SCAN EM-1028 %MGBL-exec-3-TUPLE_PACK EM-1028 %MGBL-exec-3-TUPLE_UNPACK EM-1029 %MGBL-exec-3-TUPLE_UNPACK_MASK EM-1029Index EM-2661 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MGBL-GSR_NETFLOW-7-ERR EM-1029 %MGBL-HTTP_CLI-3-AAA EM-1029 %MGBL-HTTP_CLI-3-EMWEB EM-1030 %MGBL-HTTP_CLI-3-FILE EM-1030 %MGBL-HTTP_CLI-3-INTERNAL EM-1030 %MGBL-HTTP_CLI-3-INTERNAL_NULL EM-1030 %MGBL-HTTP_CLI-3-INTERNAL_PARAMETER EM-1031 %MGBL-HTTP_CLI-3-MEMORY EM-1031 %MGBL-HTTP_CLI-3-PARSER EM-1031 %MGBL-HTTP_CLI-3-SYSDB EM-1031 %MGBL-HTTP_CLI-3-SYSDB_CONN EM-1032 %MGBL-HTTP_CLI-3-SYSDB_GET EM-1032 %MGBL-HTTP_CLI-3-THREAD EM-1032 %MGBL-HTTP_CLI-5-WARN EM-1032 %MGBL-HTTP_ENA-3-AUTH EM-1033 %MGBL-HTTP_ENA-3-BACKEND_SCAN EM-1033 %MGBL-HTTP_ENA-3-CRYPTO_DEACT EM-1033 %MGBL-HTTP_ENA-3-EMWEB EM-1033 %MGBL-HTTP_ENA-3-EVENT_MGR EM-1034 %MGBL-HTTP_ENA-3-FILE EM-1034 %MGBL-HTTP_ENA-3-INTERNAL_NULL EM-1034 %MGBL-HTTP_ENA-3-MEMORY EM-1034 %MGBL-HTTP_ENA-3-SSL_INIT EM-1035 %MGBL-HTTP_ENA-3-SYSDB EM-1035 %MGBL-HTTP_ENA-3-SYSDB_CONN EM-1035 %MGBL-HTTP_ENA-6-TCP_FAIL EM-1035 %MGBL-HTTP_ENA-7-TCP_UNKNOWN EM-1035 %MGBL-HTTP-3-EMWEB_ERROR EM-1036 %MGBL-HTTP-7-DEBUGGING EM-1036 %MGBL-HTTP-7-INTERNAL EM-1036 %MGBL-IFSTATS-3-INIT EM-1036 %MGBL-IFSTATS-3-TYPE_LOOKUP EM-1037 %MGBL-IFSTATS-4-ERR_EVENT_WAIT EM-1037 %MGBL-IFSTATS-6-CLEAR_COUNTERS EM-1037 %MGBL-INTERFACE-3-CI_GEN_ERROR EM-1037 %MGBL-INTERFACE-3-CI_NOMEM_ERROR EM-1037 %MGBL-INTERFACE-4-ERR_SYSDB_BAG_DECODE EM-1 038 %MGBL-INTERFACE-4-ERR_SYSDB_BIND EM-1038 %MGBL-IPSLA_TS_SVR-3-EVENT EM-1038 %MGBL-IPSLA_TS_SVR-3-EVENT EM-1038 %MGBL-IPSLA_TS_SVR-3-INIT EM-1038 %MGBL-IPSLA_TS_SVR-3-INIT EM-1039 %MGBL-IPSLA-4-ERR_MEM EM-1039 %MGBL-IPSLA-4-ERR_MPLSLM EM-1039 %MGBL-IPSLA-4-ERR_OPER EM-1039 %MGBL-IPSLA-5-INTERNAL EM-1039 %MGBL-IPSLA-5-LPD_RESULT_CHG EM-1040 %MGBL-IPSLA-5-LSP_GROUP_CHG EM-1040 %MGBL-IPSLA-5-THRESHOLD_CLEAR EM-1040 %MGBL-IPSLA-5-THRESHOLD_SET EM-1040 %MGBL-IPSLA-6-DISC_LIMIT EM-1040 %MGBL-IPSLA-7-AGENT EM-1041 %MGBL-IPSLA-7-ERR_SYSDB EM-1041 %MGBL-LIBNVGEN-3-ERR_MEM_ALLOC EM-1041 %MGBL-LIBNVGEN-3-ERR_SYSDB_BIND EM-1041 %MGBL-LIBNVGEN-3-ERR_THREAD_MUTEX_LOCK EM- 1041 %MGBL-LIBNVGEN-3-ERR_THREAD_MUTEX_UNLOCK EM-1041 %MGBL-LIBNVGEN-3-LWM_API_ERR EM-1042 %MGBL-LIBPARSER-3-AAA_STRING_TASKID_CHECK E M-1042 %MGBL-LIBPARSER-3-ADD_SESSION EM-1042 %MGBL-LIBPARSER-3-API_FAIL EM-1042 %MGBL-LIBPARSER-3-COMMENT_LIMIT EM-1043 %MGBL-LIBPARSER-3-ERR_DLL_UNKNOWN EM-1043 %MGBL-LIBPARSER-3-ERR_DLL_UNKNOWN_FUNC EM- 1043 %MGBL-LIBPARSER-3-ERR_ETIMEOUT EM-1043 %MGBL-LIBPARSER-3-ERR_INVALID_DATA EM-1043 %MGBL-LIBPARSER-3-ERR_MEM_ALLOC EM-1044 %MGBL-LIBPARSER-3-ERR_PARSE EM-1044 %MGBL-LIBPARSER-3-ERR_SYSDB_API EM-1044 %MGBL-LIBPARSER-3-ERR_SYSDB_BIND EM-1044 %MGBL-LIBPARSER-3-ERR_SYSDB_CONDITIONAL_DELE TE EM-1044 %MGBL-LIBPARSER-3-ERR_SYSDB_DATALIST EM-1045 %MGBL-LIBPARSER-3-ERR_SYSDB_DATALIST_NEXT E M-1045 %MGBL-LIBPARSER-3-ERR_SYSDB_DELETE EM-1045 %MGBL-LIBPARSER-3-ERR_SYSDB_SET EM-1045 %MGBL-LIBPARSER-3-ERR_THREAD_COND_WAIT EM-1 045 %MGBL-LIBPARSER-3-ERR_THREAD_MUTEX_LOCK EM -1046 %MGBL-LIBPARSER-3-ERR_THREAD_MUTEX_UNLOCK EM-1046 %MGBL-LIBPARSER-3-FAILEDREGCOMP EM-1046 %MGBL-LIBPARSER-3-FILE_IO EM-1046 %MGBL-LIBPARSER-3-FILE_SIZE EM-1046 %MGBL-LIBPARSER-3-INITIFMGR EM-1047 %MGBL-LIBPARSER-3-IP_ADDR2_HEX_STRING_FAILED EM-1047 %MGBL-LIBPARSER-3-IPV46_COMPRESSION_ERROR EM -1047 %MGBL-LIBPARSER-3-LTRACE_INIT EM-1047 %MGBL-LIBPARSER-3-LWM_API_ERR EM-1047 %MGBL-LIBPARSER-3-TESTPOINT_LIMIT EM-1048 %MGBL-LIBPARSER-3-TOOMANYALIASES EM-1048 %MGBL-LIBPARSER-3-TTY_NMSPC_PATH EM-1048 %MGBL-LIBPARSER-3-TUPLE_UNPACK EM-1048 %MGBL-LIBPARSER-3-WDSYSMON_REGISTER_ERROR EM-1048 %MGBL-LIBPARSER-7-ERR_DEBUG EM-1049 %MGBL-LIBPARSER-7-ERR_SYSDB_REG_NOTIFY EM-104 9 %MGBL-LIBPARSER-7-ERR_SYSDB_UNREG_NOTIFY EM -1049 %MGBL-LIBPARSER-7-FDOPEN EM-1049 %MGBL-LIBSHELL-3-PTHREAD_MUTEX_LOCK EM-1049 %MGBL-LIBSHELL-3-WS_INIT EM-1050 %MGBL-MDACON-4-ABORTBULK EM-1050 %MGBL-MDACON-4-ABORTTRANS EM-1050 %MGBL-MDACON-4-ARRAYTOOBIG EM-1050 %MGBL-MDACON-4-BADCLASS EM-1051Index EM-2662 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MGBL-MDACON-4-BADFILTER EM-1051 %MGBL-MDACON-4-BADFORMAT EM-1051 %MGBL-MDACON-4-BADHRCHY EM-1051 %MGBL-MDACON-4-BADOPTION EM-1051 %MGBL-MDACON-4-BIND EM-1052 %MGBL-MDACON-4-COMMITTRANS EM-1052 %MGBL-MDACON-4-COPY EM-1052 %MGBL-MDACON-4-CREATE EM-1052 %MGBL-MDACON-4-DATAARRAYLENGTH EM-1053 %MGBL-MDACON-4-DATAARRAYTYPE EM-1053 %MGBL-MDACON-4-DELETE EM-1053 %MGBL-MDACON-4-ENDBULK EM-1053 %MGBL-MDACON-4-ERR_MEM_ALLOC EM-1054 %MGBL-MDACON-4-ERRORLIST EM-1054 %MGBL-MDACON-4-EVENTLIST EM-1054 %MGBL-MDACON-4-EXCESS EM-1054 %MGBL-MDACON-4-FILEOPEN EM-1055 %MGBL-MDACON-4-FILEREAD EM-1055 %MGBL-MDACON-4-FINDDATA EM-1055 %MGBL-MDACON-4-GET EM-1055 %MGBL-MDACON-4-LIST EM-1056 %MGBL-MDACON-4-MISMATCH EM-1056 %MGBL-MDACON-4-MISSDESTNAME EM-1056 %MGBL-MDACON-4-MISSFILTER EM-1056 %MGBL-MDACON-4-MISSNUMBER EM-1057 %MGBL-MDACON-4-MISSSTARTOBJECT EM-1057 %MGBL-MDACON-4-MISSVALUE EM-1057 %MGBL-MDACON-4-NOTLEAF EM-1057 %MGBL-MDACON-4-READERINIT EM-1057 %MGBL-MDACON-4-SET EM-1058 %MGBL-MDACON-4-STARTBULK EM-1058 %MGBL-MDACON-4-STARTTRANS EM-1058 %MGBL-MDACON-4-SYSDBMATCH EM-1058 %MGBL-MDACON-4-TASKNAMES EM-1059 %MGBL-MDACON-4-TEST EM-1059 %MGBL-MDACON-4-UNKCMD EM-1059 %MGBL-MDACON-7-INTERNAL EM-1059 %MGBL-NETFLOW-3-ERR_CFG_APPLY EM-1060 %MGBL-NETFLOW-4-WARNING_CFG_APPLY EM-1060 %MGBL-NETFLOW-6-INFO_HIGHWATER EM-1060 %MGBL-NETFLOW-7-ERR EM-1060 %MGBL-NVGEN-3-ARG EM-1061 %MGBL-NVGEN-3-BASENAME EM-1061 %MGBL-NVGEN-3-BGCOPTIONMISSING1 EM-1061 %MGBL-NVGEN-3-BLANKENTERTUPLE EM-1061 %MGBL-NVGEN-3-BUFFER EM-1061 %MGBL-NVGEN-3-CFS_INIT_ERR EM-1062 %MGBL-NVGEN-3-COPTIONNOTPRESENT EM-1062 %MGBL-NVGEN-3-DECODESTR EM-1062 %MGBL-NVGEN-3-DIR_IO EM-1062 %MGBL-NVGEN-3-ENDCOPTIONINCOMPLETE EM-1062 %MGBL-NVGEN-3-ENDCOPTIONMISSINGCOMMA EM-10 63 %MGBL-NVGEN-3-ENDCOPTIONNOTPRESENT EM-1063 %MGBL-NVGEN-3-ENV EM-1063 %MGBL-NVGEN-3-ERR_DLL_UNKNOWN EM-1063 %MGBL-NVGEN-3-ERR_DLL_UNKNOWN_FUNC EM-1063 %MGBL-NVGEN-3-ERR_MEM_ALLOC EM-1063 %MGBL-NVGEN-3-ERR_SYSDB_BIND EM-1064 %MGBL-NVGEN-3-ERR_SYSDB_GET EM-1064 %MGBL-NVGEN-3-ERR_SYSDB_LIST EM-1064 %MGBL-NVGEN-3-ERR_SYSDB_SET EM-1064 %MGBL-NVGEN-3-ERR_THREAD_COND_WAIT EM-1064 %MGBL-NVGEN-3-ERR_THREAD_CREATE EM-1064 %MGBL-NVGEN-3-ERR_THREAD_JOIN EM-1065 %MGBL-NVGEN-3-ERR_THREAD_MUTEX_LOCK EM-1065 %MGBL-NVGEN-3-ERR_THREAD_MUTEX_UNLOCK EM- 1065 %MGBL-NVGEN-3-EVENT_ATTACH EM-1065 %MGBL-NVGEN-3-EVENTBLOCK EM-1065 %MGBL-NVGEN-3-EVENTMGRCREATE EM-1065 %MGBL-NVGEN-3-FAILEDREGCOMP EM-1066 %MGBL-NVGEN-3-FILE_COMPRESS EM-1066 %MGBL-NVGEN-3-FILE_IO EM-1066 %MGBL-NVGEN-3-FILE_NOT_OPEN EM-1066 %MGBL-NVGEN-3-GENERAL_ERR EM-1067 %MGBL-NVGEN-3-ILLEGAL_TEMPLATE_TUPLE EM-1067 %MGBL-NVGEN-3-ILLEGALENTERSTR EM-1067 %MGBL-NVGEN-3-ILLEGALENTERTUPLE EM-1067 %MGBL-NVGEN-3-INSTALL_READY_FAILED EM-1067 %MGBL-NVGEN-3-INTF_NAME_NULL EM-1068 %MGBL-NVGEN-3-INTF_NAME_PARSE_ERROR EM-1068 %MGBL-NVGEN-3-INTFINFO EM-1068 %MGBL-NVGEN-3-INVALID_IPV4_6_FLAG EM-1068 %MGBL-NVGEN-3-INVALID_IPV6_FLAG EM-1068 %MGBL-NVGEN-3-INVALID_NOTIFICATION EM-1069 %MGBL-NVGEN-3-INVALID_ORDER EM-1069 %MGBL-NVGEN-3-INVALIDINPUT EM-1069 %MGBL-NVGEN-3-INVALIDINPUTFMT EM-1069 %MGBL-NVGEN-3-INVALIDNXCOPTION EM-1069 %MGBL-NVGEN-3-INVALIDTEMPLATE EM-1070 %MGBL-NVGEN-3-INVALIDVERSION EM-1070 %MGBL-NVGEN-3-INVALTUPLEPATH EM-1070 %MGBL-NVGEN-3-LOCK_ERR EM-1070 %MGBL-NVGEN-3-MINMSGLENGTH EM-1070 %MGBL-NVGEN-3-MISSINGBRACKET EM-1071 %MGBL-NVGEN-3-MISSINGEQUALSIGN EM-1071 %MGBL-NVGEN-3-MSGREADV EM-1071 %MGBL-NVGEN-3-NAMESPACE_ERR EM-1071 %MGBL-NVGEN-3-NESTEDCOPTION EM-1071 %MGBL-NVGEN-3-NULLCHARMISSING EM-1072 %MGBL-NVGEN-3-OBJINREPLACE EM-1072 %MGBL-NVGEN-3-OPEN EM-1072 %MGBL-NVGEN-3-PART_NAMES_GET_ERR EM-1072 %MGBL-NVGEN-3-PATTERN_NOT_FOUND EM-1072 %MGBL-NVGEN-3-READERR EM-1072 %MGBL-NVGEN-3-REGISTER_INSTMGR EM-1073 %MGBL-NVGEN-3-RESMGRATTACH EM-1073 %MGBL-NVGEN-3-SHRINK_IPV4_6ADDRESS_FAILED E M-1073 %MGBL-NVGEN-3-STAT EM-1073 %MGBL-NVGEN-3-SUBMODESTRING EM-1073 %MGBL-NVGEN-3-SYSDBOPERATION EM-1073 %MGBL-NVGEN-3-TARGET_CFG_CREATE EM-1074 %MGBL-NVGEN-3-TARGET_CFG_DESTROY EM-1074 %MGBL-NVGEN-3-TARGET_CFG_LOCKERR EM-1074Index EM-2663 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MGBL-NVGEN-3-TARGET_CFG_UNLOCKERR EM-1074 %MGBL-NVGEN-3-TASKID_COMPARE_ERROR EM-1074 %MGBL-NVGEN-3-TASKID_EXCEEDED EM-1075 %MGBL-NVGEN-3-TASKID_MISMATCH EM-1075 %MGBL-NVGEN-3-TASKID_NOT_FOUND EM-1075 %MGBL-NVGEN-3-TOKENNUMBER EM-1075 %MGBL-NVGEN-3-TOKENTYPE EM-1075 %MGBL-NVGEN-3-UNMATCHEDCOPTIONS EM-1076 %MGBL-NVGEN-3-WRMEM_ABORT EM-1076 %MGBL-NVGEN-4-CONFIG_GEN_ERR EM-1076 %MGBL-PARSER-3-API_FAIL EM-1076 %MGBL-PARSER-3-BOGUS_HOOKPOINT EM-1076 %MGBL-PARSER-3-BOGUS_LINKPOINT EM-1077 %MGBL-PARSER-3-BUFFER_OVERFLOW EM-1077 %MGBL-PARSER-3-CARD_MODULE_FROM_NODEID_FAIL ED EM-1077 %MGBL-PARSER-3-CREATETHREAD EM-1077 %MGBL-PARSER-3-ENV EM-1077 %MGBL-PARSER-3-ERR_GENERAL_ERR EM-1078 %MGBL-PARSER-3-ERR_SYSDB_BAG_DECODE EM-1078 %MGBL-PARSER-3-ERR_SYSDB_GET EM-1078 %MGBL-PARSER-3-ERR_SYSDB_STRING_ENCODE EM-10 78 %MGBL-PARSER-3-EXTRACT_FAILED EM-1078 %MGBL-PARSER-3-EXTRACT_NODEID_FIELDS_FAILED EM-1078 %MGBL-PARSER-3-INVALID_NOTIFICATION EM-1079 %MGBL-PARSER-3-INVALID_PARSERFILE EM-1079 %MGBL-PARSER-3-INVALIDDETAILS EM-1079 %MGBL-PARSER-3-INVALIDINPUTFMT EM-1079 %MGBL-PARSER-3-INVALIDOFFSET EM-1079 %MGBL-PARSER-3-INVALIDRANGE EM-1080 %MGBL-PARSER-3-INVALIDVERSION EM-1080 %MGBL-PARSER-3-INVENTORY_DB_INTEGRITY_ERROR EM-1080 %MGBL-PARSER-3-INVENTORY_DB_SIZE_INCREASE_FAI LED EM-1080 %MGBL-PARSER-3-INVENTORY_DB_SIZE_ZERO EM-1080 %MGBL-PARSER-3-INVENTORY_DESCRIPTION_NULL E M-1081 %MGBL-PARSER-3-INVENTORY_FIELD_IS_NULL EM-108 1 %MGBL-PARSER-3-INVENTORY_FIELD_NOT_NUMBER EM-1081 %MGBL-PARSER-3-LOCK_ERR EM-1081 %MGBL-PARSER-3-MMAP EM-1081 %MGBL-PARSER-3-NODE_CREATION_FAILED EM-1082 %MGBL-PARSER-3-NODEID_TO_STRING_ERROR EM-108 2 %MGBL-PARSER-3-NOTIFICATION_PATH_NULL EM-1082 %MGBL-PARSER-3-OBJECT_NOT_FOUND_FOR_RANGE EM-1082 %MGBL-PARSER-3-OVERFLOW EM-1082 %MGBL-PARSER-3-RACK_TO_STR_FAILED EM-1083 %MGBL-PARSER-3-REGEX_COMP_ERROR EM-1083 %MGBL-PARSER-3-RIGHTARG EM-1083 %MGBL-PARSER-3-SUBMODE EM-1083 %MGBL-PARSER-3-SYSDBOPERATION EM-1083 %MGBL-PARSER-3-TASKID_LIMIT EM-1083 %MGBL-PARSER-3-THREAD_LIMIT EM-1084 %MGBL-PARSER-3-TUPLEUNPACK EM-1084 %MGBL-PARSER-3-UNKNOWNTOKEN EM-1084 %MGBL-PARSER-3-UNRESOLVED_HOOKPOINT EM-1084 %MGBL-PARSER-3-UNRESOLVED_LINKPOINT EM-1084 %MGBL-PARSER-3-UNSUPPORTEDARG EM-1085 %MGBL-PARSER-7-ERR_LRD_EVENT EM-1085 %MGBL-PM-5-CHKPT EM-1085 %MGBL-PM-5-ERR_MEM EM-1085 %MGBL-PM-5-MEMORY_LIMITS EM-1085 %MGBL-PM-5-TFTP EM-1086 %MGBL-PM-6-TFTP_DISABLED EM-1086 %MGBL-PM-6-TFTP_SEND EM-1086 %MGBL-PM-6-THRESHOLD EM-1086 %MGBL-PM-7-ERR_SYSDB EM-1086 %MGBL-PM-7-INTERNAL EM-1086 %MGBL-PM-7-WDSYSMON_ERROR EM-1087 %MGBL-RS232-1-CONSOLE_SESSION_ANYWAY EM-1087 %MGBL-RS232-3-BAUD_RATE EM-1087 %MGBL-RS232-3-CABLE_MONITOR_DISABLED EM-1087 %MGBL-RS232-3-KERNEL EM-1088 %MGBL-RS232-3-SESSION_DISCONNECT_FAILURE EM-1 088 %MGBL-RS232-3-SESSION_NOTIFICATION_ABORT EM-1 088 %MGBL-RS232-3-TTY_NOT_REGISTERED EM-1088 %MGBL-RS232-4-API_LOCATE_ERROR EM-1089 %MGBL-RS232-4-DLL_OPEN_ERROR EM-1089 %MGBL-RS232-4-MAPPING_ERROR EM-1089 %MGBL-RS232-4-MEM_ALLOC_ERROR EM-1089 %MGBL-RS232-4-NO_PACKET_MODE EM-1089 %MGBL-RS232-4-PDP_SET_ERROR EM-1090 %MGBL-RS232-4-SESSION_SETUP_ERROR EM-1090 %MGBL-RS232-4-TEMPLATE_APPLY_ERROR EM-1090 %MGBL-RS232-4-TEMPLATE_DEAPPLY_ERROR EM-1090 %MGBL-RS232-6-DCD_DISCOVERED EM-1090 %MGBL-RS232-6-DCD_LOST EM-1091 %MGBL-S2681-3-COND_SIGNAL_ERROR EM-1091 %MGBL-S2681-3-INTERRUPT_UNMASK_ERROR EM-1091 %MGBL-S2681-3-IO_PERM_ERROR EM-1091 %MGBL-S2681-3-MUTEX_LOCK_ERROR EM-1092 %MGBL-S2681-3-MUTEX_UNLOCK_ERROR EM-1092 %MGBL-S2681-3-SCHED_PRIORITY_ERROR EM-1092 %MGBL-S2681-3-SCHEDPARAM_ERROR EM-1092 %MGBL-S2681-3-SCHEDPOLICY_ERROR EM-1092 %MGBL-S2681-3-STATUS_MUTEX_LOCK_ERROR EM-109 3 %MGBL-S2681-3-STATUS_MUTEX_UNLOCK_ERROR EM- 1093 %MGBL-S2681-3-THREAD_CREATE_ERROR EM-1093 %MGBL-S2681-6-STAT_CREATE_ERROR EM-1093 %MGBL-SCHBRO-7-ARRAYTOOBIG EM-1093 %MGBL-SCHBRO-7-AUTHENTICATE EM-1094 %MGBL-SCHBRO-7-BADCLASS EM-1094 %MGBL-SCHBRO-7-BADFORMAT EM-1094 %MGBL-SCHBRO-7-BADHRCHY EM-1094 %MGBL-SCHBRO-7-BADOPTION EM-1094Index EM-2664 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MGBL-SCHBRO-7-BIND EM-1095 %MGBL-SCHBRO-7-DATAARRAYLENGTH EM-1095 %MGBL-SCHBRO-7-DATAARRAYTYPE EM-1095 %MGBL-SCHBRO-7-ERR_MEM_ALLOC EM-1095 %MGBL-SCHBRO-7-EXCESS EM-1096 %MGBL-SCHBRO-7-FILEOPEN EM-1096 %MGBL-SCHBRO-7-FILEREAD EM-1096 %MGBL-SCHBRO-7-FINDDATA EM-1096 %MGBL-SCHBRO-7-GET EM-1097 %MGBL-SCHBRO-7-INTERNAL EM-1097 %MGBL-SCHBRO-7-LIST EM-1097 %MGBL-SCHBRO-7-MISMATCH EM-1097 %MGBL-SCHBRO-7-NOTLEAF EM-1098 %MGBL-SCHBRO-7-READERINIT EM-1098 %MGBL-SCHBRO-7-UNKCMD EM-1098 %MGBL-SCHEMA-6-VERSIONCHANGE EM-1098 %MGBL-SCHEMA-7-INTERNAL EM-1099 %MGBL-SCONBKUP-3-INTERNAL_FATAL EM-1099 %MGBL-SCONBKUP-7-INTERNAL_ERR EM-1099 %MGBL-SCONBKUP-7-RELOAD_REPLY_ERR EM-1099 %MGBL-SCONBKUP-7-REPLY_ERR EM-1100 %MGBL-ST16550-3-INTERRUPT_UNMASK_ERROR EM-11 00 %MGBL-ST16550-3-IO_PERM_ERROR EM-1100 %MGBL-ST16550-3-MUTEX_LOCK_ERROR EM-1100 %MGBL-ST16550-3-MUTEX_UNLOCK_ERROR EM-1101 %MGBL-ST16550-3-SCHED_PRIORITY_ERROR EM-1101 %MGBL-ST16550-3-SCHEDPARAM_ERROR EM-1101 %MGBL-ST16550-3-SCHEDPOLICY_ERROR EM-1101 %MGBL-ST16550-3-SEM_ERROR EM-1102 %MGBL-ST16550-3-STATUS_MUTEX_LOCK_ERROR EM-1 102 %MGBL-ST16550-3-STATUS_MUTEX_UNLOCK_ERROR E M-1102 %MGBL-ST16550-3-THREAD_CREATE_ERROR EM-1102 %MGBL-ST16550-6-STAT_CREATE_ERROR EM-1102 %MGBL-STATSD-3-EVENT_BLOCK EM-1103 %MGBL-STATSD-3-LTRACE_INIT EM-1103 %MGBL-STATSD-3-REGISTRATION_FAILED EM-1103 %MGBL-STATSD-3-SHMEM_CORRUPTED EM-1103 %MGBL-STATSD-3-SHMEM_LOCK EM-1104 %MGBL-SYS-3-ALREADY_THREADED_MSG EM-1104 %MGBL-SYS-3-COMPARE_ALREADY_SET EM-1104 %MGBL-SYS-3-FTRUNCATE EM-1104 %MGBL-SYS-3-ILLEGAL_THREAD EM-1104 %MGBL-SYS-3-MALLOCFAIL EM-1105 %MGBL-SYS-3-MMAPFAIL EM-1105 %MGBL-SYS-3-MMAPSHIFT EM-1105 %MGBL-SYS-3-MUTEX_OP_FAILED EM-1105 %MGBL-SYS-3-NODE_DEL_FAILED EM-1105 %MGBL-SYS-3-NOMEMORY EM-1106 %MGBL-SYS-3-NOT_THREADED_MSG EM-1106 %MGBL-SYS-3-NULL_HANDLE_MSG EM-1106 %MGBL-SYS-3-NULLREG EM-1106 %MGBL-SYS-3-REG_UNKNOWN_TYPE EM-1106 %MGBL-SYS-3-RN_ASC_DESC EM-1107 %MGBL-SYS-3-RN_DELINK_INODE EM-1107 %MGBL-SYS-3-RN_NDESC EM-1107 %MGBL-SYS-3-RN_PRNT_LINK EM-1107 %MGBL-SYS-3-RN_VPARENT EM-1107 %MGBL-SYS-3-ROOT_ALREADY_SET EM-1108 %MGBL-SYS-3-SHMOPENFAIL EM-1108 %MGBL-SYS-3-THREAD_NOT_EXIST EM-1108 %MGBL-SYS-3-UNINIT_MSG EM-1108 %MGBL-SYS-5-CONFIG_I EM-1108 %MGBL-SYS-5-TABLEERR EM-1109 %MGBL-TTY_CONNECT-2-UNLOCKING EM-1109 %MGBL-TTY_CONNECT-3-INTERNAL EM-1109 %MGBL-TTY_CONNECT-3-LOCKING EM-1109 %MGBL-TTY_CONNECT-3-MEMORY EM-1109 %MGBL-TTY_CONNECT-7-LWM EM-1110 %MGBL-TTY_DB-2-PANIC EM-1110 %MGBL-TTY_DB-3-KERNEL_ERROR EM-1110 %MGBL-TTY-0-ISSU_STDBY_CON_AVAILABLE EM-1110 %MGBL-TTY-2-FATAL EM-1111 %MGBL-TTY-2-PHASE2_FATAL EM-1111 %MGBL-TTY-3-ACCESS_CHECK EM-1111 %MGBL-TTY-3-ACL EM-1111 %MGBL-TTY-3-CLOSE_DEVICE EM-1112 %MGBL-TTY-3-ENV_VARS EM-1112 %MGBL-TTY-3-EXEC EM-1112 %MGBL-TTY-3-INTERNAL EM-1112 %MGBL-TTY-3-ISSU_NFN_REG_FAIL EM-1112 %MGBL-TTY-3-KERNEL EM-1113 %MGBL-TTY-3-MEMORY EM-1113 %MGBL-TTY-3-MGMT_HOST_IP_ERROR EM-1113 %MGBL-TTY-3-MGMT_NO_ATTR EM-1113 %MGBL-TTY-3-MGMT_NO_FEATURE EM-1113 %MGBL-TTY-3-MGMT_NOT_ENOUGH_VALUES EM-1114 %MGBL-TTY-3-MGMT_TOO_MANY_VALUES EM-1114 %MGBL-TTY-3-MGMT_TTY_DETAILS_ERROR EM-1114 %MGBL-TTY-3-MGMT_UNEXPECTED EM-1114 %MGBL-TTY-3-OPEN_OR_DUP_DEVICE EM-1114 %MGBL-TTY-3-PACKET EM-1115 %MGBL-TTY-3-PHASE2_NON_FATAL EM-1115 %MGBL-TTY-3-SET_PROCESS_GROUP EM-1115 %MGBL-TTY-3-SYSDB EM-1115 %MGBL-TTY-3-SYSDB_BIND_ERROR EM-1115 %MGBL-TTY-3-VERIFYD_EXIT EM-1116 %MGBL-TTY-3-WAIT_ON_SIGNAL EM-1116 %MGBL-TTY-6-FILE_OPER EM-1116 %MGBL-TTY-6-ISSU_NFN_REG EM-1116 %MGBL-TTY-6-PHASE2_RETRY EM-1116 %MGBL-TTY-6-SESSION_STARTUP EM-1117 %MGBL-TTY-6-SYSDB_INTERN EM-1117 %MGBL-TTY-7-CERRNO EM-1117 %MGBL-TTY-7-GET_CLINFO_FAILED EM-1117 %MGBL-TTY-7-INVALID_PULSE EM-1117 %MGBL-TTY-7-INVALID_SRVR_HANDLE EM-1118 %MGBL-TTY-7-ISSU_LOAD_DONE EM-1118 %MGBL-TTY-7-ISSU_LOAD_EXEC EM-1118 %MGBL-TTY-7-MGMT_STATE EM-1118 %MGBL-TTY-7-MGMT_TTY_ATTR_EXTRACT_ERROR E M-1118 %MGBL-TTY-7-SESSION_STARTUP_OK EM-1119 %MGBL-VTY-2-PANIC EM-1119Index EM-2665 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %MGBL-VTY-3-CONTROL EM-1119 %MGBL-VTY-3-DATA_PATH EM-1119 %MGBL-VTY-3-DB EM-1120 %MGBL-VTY-3-MEM EM-1120 %MGBL-VTY-3-OPERATION EM-1120 %MGBL-VTY-3-POOL_APPLY_FAILURE EM-1120 %MGBL-VTY-3-REGISTRATION EM-1120 %MGBL-VTY-3-SESSION EM-1121 %MGBL-VTY-3-SYSDB EM-1121 %MGBL-VTY-3-SYSTEM_LIB_ERROR EM-1121 %MGBL-VTY-3-TTY_MANAGEMENT EM-1121 %MGBL-VTY-6-COMMAND_LINE_ARGS EM-1121 %MGBL-VTY-6-SYSDB_TIMEOUT_SET EM-1122 %MGBL-VTY-7-SYSDB_BULKING EM-1122 %MGBL-XML_INFRA-7-INIT_ERR EM-1122 %MGBL-XML_INFRA-7-INTERNAL EM-1122 %MGBL-XML_TTY-7-INTERNAL EM-1123 %MGBL-XML_TTY-7-LOGIN EM-1123 %MGBL-XML_TTY-7-SSLINIT EM-1123 %MGBL-XML_TTY-7-TRANSPORT EM-1124 %OS-action-3-BISTATE_MSG EM-1125 %OS-action-3-NONE_MSG EM-1125 %OS-action-3-PEG1MSG EM-1125 %OS-action-3-PEG2MSG EM-1126 %OS-action-3-RESET_MSG EM-1126 %OS-action-3-RESTART_MSG EM-1126 %OS-action-3-TESTMSG EM-1126 %OS-ALARM_TEST-3-ALARM_GENERATE EM-1126 %OS-ALLOCATOR-3-LTRACE_INIT_FAILED EM-1127 %OS-ALLOCATOR-7-LOCKING EM-1127 %OS-ALLOCATOR-7-MEMORY EM-1127 %OS-ALLOCATOR-7-NULL EM-1127 %OS-ALLOCATOR-7-SIZE_MISMATCH EM-1128 %OS-ARBMGR-4-INIT_ERROR EM-1128 %OS-ARBMGR-4-MBI_BOOT_HOLD EM-1128 %OS-ARBMGR-7-UNEXPECTED EM-1128 %OS-ATC_CACHE-3-ERROR EM-1129 %OS-ATC_LIB-3-CLASS_CACHE_CREATE_FAIL EM-1129 %OS-ATC_LIB-3-ERROR EM-1129 %OS-ATTRACTOR-3-ERROR EM-1129 %OS-ATTRACTOR-6-INFO EM-1130 %OS-AVPAIR-6-ADD_FAIL EM-1130 %OS-AVPAIR-6-BUFFER_TOO_SMALL EM-1130 %OS-AVPAIR-6-ERR_BAD_AVLIST EM-1130 %OS-AVPAIR-6-ERR_BAD_LIST EM-1130 %OS-BANNER-3-CERR_REGISTER_FAILED EM-1131 %OS-BANNER-3-CONFIG_INIT_FAILED EM-1131 %OS-BANNER-3-EVENT_BLOCK_ERROR EM-1131 %OS-BANNER-3-EVENT_MGR_CREATE_FAILED EM-1131 %OS-BANNER-3-SYSMGR_CALL EM-1131 %OS-BANNER-7-SYSDB_BIND_FAILURE EM-1132 %OS-BANNER-7-SYSDB_REGISTRATION_FAILURE EM-1 132 %OS-BANNER-7-SYSDB_UNREGISTRATION_FAILURE E M-1132 %OS-BANNER-7-UNKNOWNCARD EM-1132 %OS-BCDL-3-MSG_AGENT_USAGE EM-1132 %OS-BCDL-3-MSG_BASE_NAME EM-1133 %OS-BCDL-3-MSG_CERR_REGISTER_DLL EM-1133 %OS-BCDL-3-MSG_DEBUG_INIT EM-1133 %OS-BCDL-3-MSG_DEBUG_INIT EM-1133 %OS-BCDL-3-MSG_DEBUG_SERVICES EM-1133 %OS-BCDL-3-MSG_DEBUG_SERVICES EM-1133 %OS-BCDL-3-MSG_DLL_OPEN EM-1134 %OS-BCDL-3-MSG_DLSYM EM-1134 %OS-BCDL-3-MSG_DOUBLE_AGENT EM-1134 %OS-BCDL-3-MSG_EVENT EM-1134 %OS-BCDL-3-MSG_EVENT_MANAGER EM-1134 %OS-BCDL-3-MSG_GENERIC_FUNC EM-1134 %OS-BCDL-3-MSG_GENERIC_FUNC EM-1135 %OS-BCDL-3-MSG_GROUP EM-1135 %OS-BCDL-3-MSG_GROUP EM-1135 %OS-BCDL-3-MSG_GROUP_CREATE EM-1135 %OS-BCDL-3-MSG_GROUP_CREATE_LWG EM-1135 %OS-BCDL-3-MSG_GROUP_NODESET EM-1135 %OS-BCDL-3-MSG_GROUP_NODESET EM-1136 %OS-BCDL-3-MSG_HB_MISS EM-1136 %OS-BCDL-3-MSG_INSTALLMGR EM-1136 %OS-BCDL-3-MSG_LWM EM-1136 %OS-BCDL-3-MSG_MALLOC EM-1136 %OS-BCDL-3-MSG_MALLOC EM-1136 %OS-BCDL-3-MSG_PTHREAD EM-1137 %OS-BCDL-3-MSG_PTHREAD EM-1137 %OS-BCDL-3-MSG_RINFO EM-1137 %OS-BCDL-3-MSG_TABLE_REF_COUNT EM-1137 %OS-BCDL-7-MSG_CRIT_NORM EM-1137 %OS-BCDL-7-MSG_STALL_RESET EM-1137 %OS-BLWM-4-BATCH_CONFIG_REPLY_FAILED EM-1138 %OS-BLWM-4-BATCHED_REPLY_FAILED EM-1138 %OS-BLWM-4-PULSED_FLUSH_FAILED EM-1138 %OS-BLWM-4-REPLY_PROCESSING_ERRORS EM-1138 %OS-BLWM-4-RESTART_PROCESSING_ERRORS EM-1139 %OS-BLWM-4-SHMEM_FAILURE EM-1139 %OS-BLWM-4-TIMED_FLUSH_FAILED EM-1139 %OS-BLWM-4-WARNING EM-1139 %OS-CDS_CONSUMER_LIB-3-NULL_CONSUMER EM-1139 %OS-CDS_PRODUCER_LIB-3-MEMORY EM-1140 %OS-CDS_PRODUCER_LIB-3-SEND_FAILED EM-1140 %OS-cds_proxy-2-USAGE EM-1140 %OS-cds_proxy-3-INTERNAL EM-1140 %OS-cds_proxy-3-MEMORY EM-1141 %OS-cds_proxy-3-NULLARG EM-1141 %OS-cds_svr-2-USAGE EM-1141 %OS-cds_svr-3-INTERNAL EM-1141 %OS-cds_svr-3-MEMORY EM-1142 %OS-CDSUTILS-7-INTERNAL_ERROR EM-1142 %OS-CDSUTILS-7-INVALID_ARG EM-1142 %OS-CERR_LIB-7-CORRUPT EM-1142 %OS-CERR_LIB-7-NOMEM EM-1143 %OS-CERR_LIB-7-PTHREADKEY EM-1143 %OS-CERR_LIB-7-SETSPECIFIC EM-1143 %OS-CERR_SVR-7-EVENT EM-1143 %OS-CERR_SVR-7-INIT EM-1144 %OS-CERR_SVR-7-INSTALL EM-1144 %OS-CERR_SVR-7-SYSMGR EM-1144 %OS-CHUNK-3-CREATE EM-1144Index EM-2666 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-CHUNK-3-INIT EM-1144 %OS-CHUNK-3-PRIVMEM_SIZE EM-1145 %OS-CHUNK-7-BADELESIZE EM-1145 %OS-CHUNK-7-BADREFCOUNT EM-1145 %OS-CHUNK-7-BOUNDS EM-1145 %OS-CHUNK-7-DESTROY_NOTEMPTY EM-1145 %OS-CHUNK-7-FREE EM-1146 %OS-CHUNK-7-INVFREE EM-1146 %OS-CHUNK-7-LOCK EM-1146 %OS-CHUNK-7-NEG_FREE_COUNT EM-1146 %OS-CHUNK-7-NOSIBLING EM-1146 %OS-CHUNK-7-NULLCHUNK EM-1147 %OS-CHUNK-7-PARTIAL EM-1147 %OS-CHUNK-7-SIB_INDEX EM-1147 %OS-DEBUG_CERR-7-REGISTER EM-1147 %OS-deflate-3-ERROR EM-1148 %OS-DISTRIB_LIB-3-ASYNC_HANDLER_FAILED EM-1148 %OS-DISTRIB_LIB-3-BAD_CANCEL_TYPE EM-1148 %OS-DISTRIB_LIB-3-BAD_MSG_TYPE EM-1148 %OS-DISTRIB_LIB-3-BAD_REPLY EM-1149 %OS-DISTRIB_LIB-3-COND_OP_FAILED EM-1149 %OS-DISTRIB_LIB-3-CONNECT_FAILED EM-1149 %OS-DISTRIB_LIB-3-CONNECT_GSP_FAILED EM-1149 %OS-DISTRIB_LIB-3-CREATE_GROUP_ERR EM-1149 %OS-DISTRIB_LIB-3-DEF_SYNC_HANDLER_FAILED EM- 1150 %OS-DISTRIB_LIB-3-EVENT_ASYNC_ATTACH_FAILED E M-1150 %OS-DISTRIB_LIB-3-EVENT_BLOCK_ERR EM-1150 %OS-DISTRIB_LIB-3-EVENT_FILE_ATTACH_FAILED EM- 1150 %OS-DISTRIB_LIB-3-FUNCTION_ERR EM-1150 %OS-DISTRIB_LIB-3-GSP_FAILURE EM-1151 %OS-DISTRIB_LIB-3-gsp_msg_failed EM-1151 %OS-DISTRIB_LIB-3-GSP_MSG_RCV_FAILURE EM-1151 %OS-DISTRIB_LIB-3-GSP_TRACE_BACK EM-1151 %OS-DISTRIB_LIB-3-INCORRECT_GROUP_ID EM-1151 %OS-DISTRIB_LIB-3-INIT_MEM_MANAGER_FAILED EM- 1152 %OS-DISTRIB_LIB-3-MALLOC_FAILED EM-1152 %OS-DISTRIB_LIB-3-MSG_CHAN_DISCONNECT_FAIL E M-1152 %OS-DISTRIB_LIB-3-MSG_GET_CONN_FAILED EM-1152 %OS-DISTRIB_LIB-3-MSG_SEND_ERR EM-1152 %OS-DISTRIB_LIB-3-MUNMAP_FAILED EM-1153 %OS-DISTRIB_LIB-3-MUTEX_OP_FAILED EM-1153 %OS-DISTRIB_LIB-3-NO_PRIV_MSG_HANDLER EM-1153 %OS-DISTRIB_LIB-3-REG_ERROR EM-1153 %OS-DISTRIB_LIB-3-RELEASE_TICKET_FAILURE EM-115 3 %OS-DISTRIB_LIB-3-SBM_MODE_ENTER_ERR EM-1154 %OS-DISTRIB_LIB-3-SYNC_RESP_ERR EM-1154 %OS-DISTRIB_LIB-3-WRONG_TICKET_TYPE EM-1154 %OS-DISTRIB_LIB-6-BAD_SEQ_CHAN EM-1154 %OS-DISTRIB_LIB-6-GROUP_SEQ_INFO EM-1154 %OS-DISTRIB_LIB-6-GSP_TRACE_HDR EM-1155 %OS-DISTRIB_LIB-6-MEM_TRACE_BLOCK EM-1155 %OS-DUMPER_MARK-4-NO_SLOT EM-1155 %OS-DUMPER_MARK-7-NOT_FOUND EM-1155 %OS-DUMPER_SNAP-3-INSANE EM-1156 %OS-DUMPER_SNAP-4-DUMP EM-1156 %OS-DUMPER_SNAP-4-NODUMP EM-1156 %OS-DUMPER_SNAP-6-DUMP_OK EM-1156 %OS-DUMPER_SNAP-6-LIMITED EM-1157 %OS-DUMPER-3-CORE_FILE_TOO_SMALL EM-1157 %OS-DUMPER-3-DLOPEN_FAILED EM-1157 %OS-DUMPER-3-GET_MAPPING_INFO_FAILED EM-1157 %OS-DUMPER-3-MAP_INFO_FAILED EM-1157 %OS-DUMPER-3-PATH_FAILED EM-1158 %OS-DUMPER-3-SELECT_SEGMENTS_FAILED EM-1158 %OS-DUMPER-3-SET_RLIMIT_FAIL EM-1158 %OS-DUMPER-3-STACK_SIZE_INVALID EM-1158 %OS-DUMPER-3-TIMER_PROBLEM EM-1158 %OS-DUMPER-3-WRONG_COMP_MAGIC_NUMBER EM-1 159 %OS-DUMPER-4-BUS_OBJERR EM-1159 %OS-DUMPER-4-CORE_INFO EM-1159 %OS-DUMPER-4-CORE_PAGE_LOST EM-1159 %OS-DUMPER-4-CRASH_INFO EM-1159 %OS-DUMPER-4-DEVCTL_FAILED EM-1160 %OS-DUMPER-4-ERR_MEM_ALIGN EM-1160 %OS-DUMPER-4-ERR_MEM_ALLOC EM-1160 %OS-DUMPER-4-ERR_PATHMGR_SYMLINK EM-1160 %OS-DUMPER-4-ERR_QSM_ADD_SERVICE EM-1160 %OS-DUMPER-4-ERR_SP_INVAL EM-1161 %OS-DUMPER-4-ERR_SYSDB_APPLY EM-1161 %OS-DUMPER-4-ERR_SYSDB_BIND EM-1161 %OS-DUMPER-4-ERR_SYSDB_GET EM-1161 %OS-DUMPER-4-ERR_SYSDB_NOTIFY EM-1161 %OS-DUMPER-4-ERR_SYSDB_REG_NOTIFY EM-1162 %OS-DUMPER-4-ERR_SYSDB_REG_VERIFY EM-1162 %OS-DUMPER-4-ERR_SYSDB_SET EM-1162 %OS-DUMPER-4-ERR_SYSDB_UNBIND EM-1162 %OS-DUMPER-4-ERR_SYSMGR_REG_LREVT EM-1162 %OS-DUMPER-4-ERR_SYSMGR_REG_REDST EM-1163 %OS-DUMPER-4-SHOW_REGISTERS_FAILED EM-1163 %OS-DUMPER-4-SIGNALCORE_INFO EM-1163 %OS-DUMPER-4-UNKNOWNCORE_INFO EM-1163 %OS-DUMPER-5-CORE_FILE_NAME EM-1163 %OS-DUMPER-5-CORE_TRANSFER_STATUS EM-1164 %OS-DUMPER-5-DUMP_FAILURE EM-1164 %OS-DUMPER-5-DUMP_SUCCESS EM-1164 %OS-DUMPER-5-LTRACE_INIT EM-1164 %OS-DUMPER-5-TIMEOUT EM-1164 %OS-DUMPER-5-TMP_PATH_FULL EM-1164 %OS-DUMPER-6-BAD_PATH EM-1165 %OS-DUMPER-6-BOOT_DEVICE_FAILURE EM-1165 %OS-DUMPER-6-CORE_DUMP_OFF EM-1165 %OS-DUMPER-6-CORE_FILE_NAME_UNAVAIL EM-1165 %OS-DUMPER-6-CORE_MD5 EM-1165 %OS-DUMPER-6-CORRUPT_CONTEXT EM-1165 %OS-DUMPER-6-DEFAULT_PATH_TMP EM-1166 %OS-DUMPER-6-ERR_SYSMGR_CORE_OPTIONS EM-1166 %OS-DUMPER-6-FALLBACK_CHOICE EM-1166 %OS-DUMPER-6-FALLBACK_CHOICE_BOOT_DEV EM-11 66Index EM-2667 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-DUMPER-6-GET_PROC_CISCO EM-1166 %OS-DUMPER-6-GET_PROC_CURTHREAD_FAILED EM-1 167 %OS-DUMPER-6-GET_PROC_GETGREG_FAILED EM-1167 %OS-DUMPER-6-GET_PROC_TIDSTATUS_FAILED EM-116 7 %OS-DUMPER-6-GET_PROCINFO_FAILED EM-1167 %OS-DUMPER-6-MSGREPLY_CONFIRMED EM-1167 %OS-DUMPER-6-NO_SP_INFO EM-1168 %OS-DUMPER-6-NODE_NAME_FAIL EM-1168 %OS-DUMPER-6-NODEID_FAIL EM-1168 %OS-DUMPER-6-ONLY_CONTEXT EM-1168 %OS-DUMPER-6-PENDING_SEGMENT_FLUSH_FAILED E M-1168 %OS-DUMPER-6-POPULATE_FILTERS_FAILED EM-1168 %OS-DUMPER-6-READ_TEXT_DUMP_FAIL EM-1169 %OS-DUMPER-6-REMOVE_OLDEST EM-1169 %OS-DUMPER-6-SAVE_SEGINFO_FAILED EM-1169 %OS-DUMPER-6-SCAN_DLLDATA_FAILED EM-1169 %OS-DUMPER-6-SCAN_PROCDATA_FAILED EM-1169 %OS-DUMPER-6-SCAN_REGISTERS_FAILED EM-1169 %OS-DUMPER-6-SCAN_STACK_FAILED EM-1170 %OS-DUMPER-6-SPARSE_CORE_DUMP EM-1170 %OS-DUMPER-6-TREEWALK_FAILED EM-1170 %OS-DUMPER-6-UNLINK_CORE_FAILED EM-1170 %OS-DUMPER-6-USAGE EM-1170 %OS-DUMPER-6-WORKER_THREAD_BUSY EM-1170 %OS-DUMPER-6-WRITE_TEXT_DUMP_FAIL EM-1171 %OS-DUMPER-7-BAD_CORE_SIZE EM-1171 %OS-DUMPER-7-BUS_ADRALN EM-1171 %OS-DUMPER-7-BUS_ADRERR EM-1171 %OS-DUMPER-7-CLOSE_PROBLEM EM-1171 %OS-DUMPER-7-CORE_CONFLICT EM-1171 %OS-DUMPER-7-CORE_FILE_OPEN_FAILED EM-1172 %OS-DUMPER-7-DEBUG_INIT_FAILED EM-1172 %OS-DUMPER-7-DLL_INFO EM-1172 %OS-DUMPER-7-DLL_INFO_HEAD EM-1172 %OS-DUMPER-7-DUMP_ATTRIBUTE EM-1172 %OS-DUMPER-7-DUMP_CORE_FAILURE EM-1172 %OS-DUMPER-7-DUMP_INFO_PROBLEM EM-1173 %OS-DUMPER-7-DUMP_REQUEST EM-1173 %OS-DUMPER-7-ERR_EVM_CREATE EM-1173 %OS-DUMPER-7-ERR_EVM_EVENT_BLOCK EM-1173 %OS-DUMPER-7-ERR_EVM_FILE_ATTACH EM-1173 %OS-DUMPER-7-ERR_SYSDB_DATALIST EM-1174 %OS-DUMPER-7-ERR_SYSDB_ITEM EM-1174 %OS-DUMPER-7-ERR_SYSDB_ITEM_TYPE EM-1174 %OS-DUMPER-7-ERR_THREAD_ATTRIBUTE EM-1174 %OS-DUMPER-7-ERR_THREAD_COND EM-1174 %OS-DUMPER-7-ERR_THREAD_CREATE EM-1174 %OS-DUMPER-7-ERR_THREAD_JOIN EM-1175 %OS-DUMPER-7-ERR_THREAD_MUTEX_INIT EM-1175 %OS-DUMPER-7-ERR_THREAD_MUTEX_LOCK EM-1175 %OS-DUMPER-7-ERR_THREAD_MUTEX_UNLOCK EM-11 75 %OS-DUMPER-7-ERROR EM-1175 %OS-DUMPER-7-FAIL_DEBUG_REG EM-1176 %OS-DUMPER-7-FLT_STACK EM-1176 %OS-DUMPER-7-GET_FSLIST_FAILED EM-1176 %OS-DUMPER-7-GET_MAPINFO_FAILED EM-1176 %OS-DUMPER-7-GET_PAGEDATA_FAILED EM-1176 %OS-DUMPER-7-INSTALL_PKG EM-1177 %OS-DUMPER-7-INSTALL_PKG_SHOW_FAILED EM-1177 %OS-DUMPER-7-INVALID_PATH EM-1177 %OS-DUMPER-7-KERNEL_INFO_MMAP_FAILURE EM-117 7 %OS-DUMPER-7-MKDIR_FAILED EM-1177 %OS-DUMPER-7-MMAP_FAILED EM-1178 %OS-DUMPER-7-MSGERROR_FAILED EM-1178 %OS-DUMPER-7-MSGREPLY_FAILED EM-1178 %OS-DUMPER-7-MUNMAP_FAILED EM-1178 %OS-DUMPER-7-NO_FREE_SPACE_INFO EM-1178 %OS-DUMPER-7-OPEN_FAILED EM-1179 %OS-DUMPER-7-PROC_OPEN_FAILED EM-1179 %OS-DUMPER-7-PROC_PAGES EM-1179 %OS-DUMPER-7-PROCESS_NAME_FAILED EM-1179 %OS-DUMPER-7-READ_FAILED EM-1179 %OS-DUMPER-7-REGISTERS_INFO EM-1180 %OS-DUMPER-7-REMOVE_LOWMEM EM-1180 %OS-DUMPER-7-SEEK_FAILED EM-1180 %OS-DUMPER-7-SIGBUS_INFO EM-1180 %OS-DUMPER-7-SIGEMT EM-1180 %OS-DUMPER-7-SIGILL EM-1180 %OS-DUMPER-7-SIGNAL_NUMBER EM-1181 %OS-DUMPER-7-SIGSEGV EM-1181 %OS-DUMPER-7-SYSMGR_CALL EM-1181 %OS-DUMPER-7-TRACE_BACK EM-1181 %OS-DUMPER-7-TRACE_BACK_ERROR EM-1181 %OS-DUMPER-7-TRACE_BACK_FAILED EM-1181 %OS-DUMPER-7-UNKNOWNCARD EM-1182 %OS-DUMPER-7-UNLINK_FAILED EM-1182 %OS-DUMPER-7-WRITE_FAILED EM-1182 %OS-EVM-1-CORRUPT_MLIST EM-1182 %OS-EVM-1-FLAGS EM-1182 %OS-EVM-1-QSM EM-1183 %OS-EVM-1-SIGPATCH EM-1183 %OS-EVM-1-TIMEOUT EM-1183 %OS-EVM-3-MUTEX_LOCK EM-1183 %OS-EVM-3-MUTEX_UNLOCK EM-1183 %OS-EVM-4-EMPTY_PATH EM-1184 %OS-EVM-4-FATTACH EM-1184 %OS-EVM-4-HANDLE EM-1184 %OS-EVM-4-IONOTIFY_FAIL EM-1184 %OS-EVM-4-RMCONTEXT EM-1185 %OS-EVM-4-SIGACTION EM-1185 %OS-EVM-4-SIGHEAP EM-1185 %OS-EVM-7-HEAP EM-1185 %OS-FIAM-0-EMERGENCY EM-1186 %OS-FIAM-1-ABORT_WARM_RELOAD EM-1186 %OS-FIAM-1-ALERT EM-1186 %OS-FIAM-2-CRITICAL EM-1186 %OS-FIAM-2-MANAGED_REBOOT EM-1186 %OS-FIAM-2-REBOOT EM-1186 %OS-FIAM-3-ERROR EM-1187 %OS-FIAM-3-FUNCTION EM-1187 %OS-FIAM-3-GET_PLACEMENT_LIST EM-1187Index EM-2668 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-FIAM-3-UNEXPECTED EM-1187 %OS-FIAM-4-CHECK_LOG EM-1187 %OS-FIAM-4-MANDATORY_OFF EM-1187 %OS-FIAM-4-MANDATORY_ON EM-1188 %OS-FIAM-4-MANDATORY_REBOOT_ABORTED EM-1188 %OS-FIAM-4-MANDATORY_REBOOT_ENABLE EM-1188 %OS-FIAM-4-MANDATORY_REBOOT_OVERRIDE EM-118 8 %OS-FIAM-4-PROC_CRASH_JID EM-1188 %OS-FIAM-4-PROC_CRASH_NAME EM-1188 %OS-FIAM-4-PROC_RESTART_JID EM-1189 %OS-FIAM-4-PROC_RESTART_NAME EM-1189 %OS-FIAM-4-PROC_SHUTDOWN_JID EM-1189 %OS-FIAM-4-PROC_SHUTDOWN_NAME EM-1189 %OS-FIAM-4-PROC_START_JID EM-1189 %OS-FIAM-4-PROC_START_NAME EM-1189 %OS-FIAM-4-WARNING EM-1190 %OS-FIAM-5-NOTICE EM-1190 %OS-FIAM-6-INFO EM-1190 %OS-FIAM-7-DEBUG EM-1190 %OS-FIAM-7-FUNCTION_PATH EM-1190 %OS-FIAM-7-INSTALL_FINISHED EM-1190 %OS-FIAM-7-INSTALL_NOTIFICATION EM-1191 %OS-FILECOPY_LIB-3-BAGDECODE EM-1191 %OS-FILECOPY_LIB-3-BAGENCODE EM-1191 %OS-FILECOPY_LIB-3-NOMEM EM-1191 %OS-FILECOPY_LIB-3-NULLARGS EM-1192 %OS-FILECOPY_LIB-3-SYSDBFAIL EM-1192 %OS-FILECOPY-3-BAGREGFAILED EM-1192 %OS-FILECOPY-3-EVMCREATE EM-1193 %OS-FILECOPY-3-NOMEM EM-1193 %OS-FILECOPY-3-SIGATTACH EM-1193 %OS-FILECOPY-3-SYSDBBIND EM-1193 %OS-FILECOPY-4-DEBUGINIT EM-1194 %OS-FILECOPY-4-NOTIFFAIL EM-1194 %OS-FILECOPY-4-SYSDBUNBIND EM-1194 %OS-FSM-4-ANOMALY EM-1194 %OS-GSP_C12000-7-info EM-1195 %OS-GSP_NOTIF-3-msg_failed EM-1195 %OS-gsp-3-BAD_GRP_DELETE EM-1195 %OS-gsp-3-CLIENT_LOCK_ERROR EM-1195 %OS-gsp-3-CONDVAR_OP_FAILED EM-1196 %OS-gsp-3-ENS_INVALIDATE_HANDLE_FAILED EM-1196 %OS-gsp-3-ENS_MULTIPLE_PUBLISHERS_ERROR EM-119 6 %OS-gsp-3-FILE_OP_FAILED EM-1196 %OS-gsp-3-GET_MEM_FAILED EM-1196 %OS-gsp-3-INCORRECT_RSI EM-1197 %OS-gsp-3-LTRACE_INIT EM-1197 %OS-gsp-3-MSG_ENQUEUE_ERROR EM-1197 %OS-gsp-3-MUTEX_OP_FAILED EM-1197 %OS-gsp-3-node_insert_fail EM-1197 %OS-gsp-3-PTHREAD_OP_FAILED EM-1198 %OS-gsp-3-TRACEBACK EM-1198 %OS-gsp-3-UPDATE_ADDR EM-1198 %OS-gsp-3-WRONG_FLOW EM-1198 %OS-gsp-6-INFO EM-1198 %OS-gsp-7-DEBUG EM-1198 %OS-gsp-7-FUNC_ERROR EM-1199 %OS-gsp-7-MSG_ENQUEUE_WARN EM-1199 %OS-gsp-7-MSG_NOTIF_WARN EM-1199 %OS-gsp-7-RCV_OWN_MSG EM-1199 %OS-gsp-7-send_mcast_failed EM-1199 %OS-INIT-2-MBI_BOOT_HOLD_TIMEOUT EM-1200 %OS-INIT-4-INSTALL_TIMEOUT EM-1200 %OS-INIT-7-INSTALL_READY EM-1200 %OS-INIT-7-INSTALL_THRESHOLD_EXCEEDED EM-1200 %OS-INIT-7-MBI_STARTED EM-1200 %OS-INIT-7-MBI_THRESHOLD_EXCEEDED EM-1201 %OS-ISIS_MIB-3-ERR_ALLOC EM-1201 %OS-ISIS_MIB-3-ERR_BAG_DECODE EM-1201 %OS-ISIS_MIB-3-ERR_INIT EM-1201 %OS-ISIS_MIB-3-ERR_MAKE_VAR_BIND EM-1201 %OS-ITAL_SHM-3-ERR_RESOURCE EM-1202 %OS-ITAL_SHM-7-ERR_GENERAL EM-1202 %OS-ITAL_SHM-7-ERR_INIT EM-1202 %OS-ITAL_SHM-7-ERR_INIT_DEBUG EM-1202 %OS-ITAL-2-ERR_INIT EM-1203 %OS-ITAL-2-ERR_THREAD_LOCK EM-1203 %OS-ITAL-2-ERR_THREAD_UNLOCK EM-1203 %OS-ITAL-3-ERR_DEBUG_INIT EM-1203 %OS-ITAL-3-ERR_IF_NOTIF EM-1204 %OS-ITAL-3-ERR_MEM_ALLOC EM-1204 %OS-ITAL-5-ERR_UNSUPPORTED EM-1204 %OS-ITAL-7-ERR_GENERAL EM-1204 %OS-ITAL-7-ERR_REG EM-1204 %OS-ITAL-7-ERR_RETRY EM-1205 %OS-KD_MBUS-3-DEBUG_INIT_FAILED EM-1205 %OS-KD_MBUS-3-INIT_FAILED EM-1205 %OS-KD_MBUS-3-KDUMPER_FILE_FAILED EM-1205 %OS-KD_MBUS-3-KDUMPER_TRUNCATED EM-1206 %OS-KD_MBUS-3-OPEN_FAILED EM-1206 %OS-KD_MBUS-3-RC_FAILED EM-1206 %OS-KD_MBUS-3-READ_FAILED EM-1206 %OS-KD_MBUS-3-REOPEN_FAILED EM-1207 %OS-KD_MBUS-3-WRITE_FAILED EM-1207 %OS-KD_MBUS-6-FORCED_EXIT EM-1207 %OS-KD_MBUS-6-KDUMPER_FILE_INFO EM-1207 %OS-KD_MBUS-6-KDUMPER_INFO EM-1207 %OS-KD_MBUS-7-DEBUG_REG_FAILED EM-1208 %OS-LGROUP-3-ERROR EM-1208 %OS-LIBDLLMGR-4-OVERFLOW_DELETE EM-1208 %OS-LIBDLLMGR-4-POSSIBLE_MISSING_INFO EM-1208 %OS-LIBDLLMGR-4-SYSCALL EM-1209 %OS-LIBDLLMGR-4-UNEXPECTED_ARRAY_ADDR EM-12 09 %OS-LIBDLLMGR-4-UNEXPECTED_MAGIC EM-1209 %OS-LIBDLLMGR-6-OVERFLOW_REPLACE EM-1209 %OS-LIBDLLMGR-7-OVERFLOW EM-1209 %OS-LIBDLLMGR-7-UNEXPECTED EM-1209 %OS-LIBSYSMGR-3-ALREADY_CALLED EM-1210 %OS-LIBSYSMGR-3-INST_ERR EM-1210 %OS-LIBSYSMGR-3-INTERNAL EM-1210 %OS-LIBSYSMGR-3-INVALID_ARG EM-1210 %OS-LIBSYSMGR-3-NOMEM EM-1210 %OS-LIBSYSMGR-3-PARSE EM-1211Index EM-2669 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-LIBSYSMGR-3-SYSCALL EM-1211 %OS-LIBSYSMGR-6-INFO EM-1211 %OS-LIBSYSMGR-6-SCRIPT_TIMEOUT EM-1211 %OS-LIBSYSMGR-7-ERR EM-1211 %OS-LPTS_LIB-7-DEBUG_CLEANUP EM-1212 %OS-LPTS_LIB-7-DEBUG_INIT_EVENT EM-1212 %OS-LPTS_LIB-7-DEBUG_REGISTER EM-1212 %OS-LPTS_MRT-7-DEBUG_CLEANUP EM-1212 %OS-LPTS_MRT-7-DEBUG_INIT_EVENT EM-1213 %OS-LPTS_MRT-7-DEBUG_REGISTER EM-1213 %OS-LPTS_PA_FF_CL-7-DEBUG_INIT_EVENT EM-1213 %OS-LPTS_PA_FF_CL-7-DEBUG_REGISTER EM-1213 %OS-LPTS_PA_FF-3-CLIENT_NOT_FOUND EM-1214 %OS-LPTS_PA_FF-3-EVENT_BLOCK EM-1214 %OS-LPTS_PA_FF-3-EVENT_INIT_EVENT EM-1214 %OS-LPTS_PA_FF-3-EVENT_UPDATE_FAIL EM-1214 %OS-LPTS_PA_FF-3-EVM_ASYNC_ATTACH EM-1215 %OS-LPTS_PA_FF-3-EVM_CREATE EM-1215 %OS-LPTS_PA_FF-3-GET_NODEID EM-1215 %OS-LPTS_PA_FF-3-INIT EM-1215 %OS-LPTS_PA_FF-3-LRD_FAIL EM-1215 %OS-LPTS_PA_FF-3-MALLOC EM-1216 %OS-LPTS_PA_FF-3-MSG_ATTACH_SYNC EM-1216 %OS-LPTS_PA_FF-3-MSG_CLINFO_GET_DATUM EM-1216 %OS-LPTS_PA_FF-3-MSG_SEND_EVENT EM-1216 %OS-LPTS_PA_FF-3-TIMER_CREATE EM-1216 %OS-LPTS_PA_FF-3-TIMER_SETTIME EM-1217 %OS-LPTS_PIFIB-7-DEBUG_CLEANUP EM-1217 %OS-LPTS_PIFIB-7-DEBUG_INIT_EVENT EM-1217 %OS-LPTS_PIFIB-7-DEBUG_REGISTER EM-1217 %OS-LPTS_PREIFIB-3-BACKEND_EDM EM-1218 %OS-LPTS_PREIFIB-3-BAG EM-1218 %OS-LPTS_PREIFIB-3-BATCHING EM-1218 %OS-LPTS_PREIFIB-3-BLC_UPDATE EM-1218 %OS-LPTS_PREIFIB-3-DATAPATH_CMD EM-1219 %OS-LPTS_PREIFIB-3-EDM_UNREG EM-1219 %OS-LPTS_PREIFIB-3-ENTRY_UPDATE EM-1219 %OS-LPTS_PREIFIB-3-EVENT_BLOCK EM-1219 %OS-LPTS_PREIFIB-3-EVENT_CONN_CREATE EM-1219 %OS-LPTS_PREIFIB-3-EVENT_CONN_NOTIFY EM-1220 %OS-LPTS_PREIFIB-3-EVENT_CONN_OPEN_ALL EM-1220 %OS-LPTS_PREIFIB-3-EVM_CREATE EM-1220 %OS-LPTS_PREIFIB-3-EVM_TM_ATTACH EM-1220 %OS-LPTS_PREIFIB-3-EVM_TM_LEAF_NEW EM-1221 %OS-LPTS_PREIFIB-3-HW_RETRY EM-1221 %OS-LPTS_PREIFIB-3-IIR_QUERY EM-1221 %OS-LPTS_PREIFIB-3-IM_CAPS_DATAPATH_CONTROL EM-1221 %OS-LPTS_PREIFIB-3-INVALID_ARGS EM-1222 %OS-LPTS_PREIFIB-3-INVALID_FLOW_TYPE EM-1222 %OS-LPTS_PREIFIB-3-IPSEC_FVRF EM-1222 %OS-LPTS_PREIFIB-3-LRD_FAIL EM-1222 %OS-LPTS_PREIFIB-3-LTRACE_INIT EM-1222 %OS-LPTS_PREIFIB-3-MSG_CHAN_GLOBAL EM-1223 %OS-LPTS_PREIFIB-3-NOMEM EM-1223 %OS-LPTS_PREIFIB-3-PA_FF_OPEN EM-1223 %OS-LPTS_PREIFIB-3-PA_FF_RESET EM-1223 %OS-LPTS_PREIFIB-3-PA_UPDATE EM-1223 %OS-LPTS_PREIFIB-3-PARSE_INFLOW_CONFIG EM-1224 %OS-LPTS_PREIFIB-3-PFI_IFH_BIND EM-1224 %OS-LPTS_PREIFIB-3-PIFIBM_INIT EM-1224 %OS-LPTS_PREIFIB-3-REASS_LIST EM-1224 %OS-LPTS_PREIFIB-3-SYSDB EM-1224 %OS-LPTS_PREIFIB-3-SYSMGR_PROC_READY EM-1225 %OS-LPTS_PREIFIB-3-VRF_UPDATE EM-1225 %OS-LPTS_PREIFIB-6-NETIO_DOWN EM-1225 %OS-LPTS_PREIFIB-6-NETIO_UP EM-1225 %OS-LPTS_PREIFIB-7-DEBUG_CLEANUP EM-1225 %OS-LPTS_PREIFIB-7-DEBUG_INIT_EVENT EM-1226 %OS-LPTS_PREIFIB-7-DEBUG_REGISTER EM-1226 %OS-LPTS-3-ERR_BAD_LISTENER_TAG EM-1226 %OS-LPTS-3-ERR_BAG_ENCODE EM-1226 %OS-LPTS-3-ERR_BAG_REG EM-1227 %OS-LPTS-3-ERR_DATAPATH_INPUT_LEN EM-1227 %OS-LPTS-3-ERR_DEBUG_REG EM-1227 %OS-LPTS-3-ERR_ECM_CREATE EM-1227 %OS-LPTS-3-ERR_ECM_OPEN EM-1227 %OS-LPTS-3-ERR_EDM_DATALIST_ADD EM-1228 %OS-LPTS-3-ERR_EDM_DATALIST_CREATE EM-1228 %OS-LPTS-3-ERR_EDM_REG EM-1228 %OS-LPTS-3-ERR_EVM_CREATE EM-1228 %OS-LPTS-3-ERR_FINT_MEDIA_REG EM-1228 %OS-LPTS-3-ERR_HSSD EM-1229 %OS-LPTS-3-ERR_HSSD_GET_DATA EM-1229 %OS-LPTS-3-ERR_IFIB EM-1229 %OS-LPTS-3-ERR_IFIB_RES_ALLOC EM-1229 %OS-LPTS-3-ERR_IFIB_RES_SET EM-1229 %OS-LPTS-3-ERR_IFIB_SET_KEY EM-1230 %OS-LPTS-3-ERR_INFO_GENERAL EM-1230 %OS-LPTS-3-ERR_INVALID_ARGS EM-1230 %OS-LPTS-3-ERR_MALLOC EM-1230 %OS-LPTS-3-ERR_NETIO_DEBUG_INIT EM-1230 %OS-LPTS-3-ERR_NETWORK_START_FAIL EM-1231 %OS-LPTS-3-ERR_NULL_FINT_IDB EM-1231 %OS-LPTS-3-ERR_NULL_TRANSPORT_CALLBACK EM-12 31 %OS-LPTS-3-ERR_PA_CLOSE EM-1231 %OS-LPTS-3-ERR_PA_CONN EM-1231 %OS-LPTS-3-ERR_PAK_DUP EM-1232 %OS-LPTS-3-ERR_PAK_NETIO_MUTEX_LOCK EM-1232 %OS-LPTS-3-ERR_PAK_NETIO_MUTEX_UNLOCK EM-123 2 %OS-LPTS-3-ERR_PAK_NETIO_RETURN_BUFFER EM-123 2 %OS-LPTS-3-ERR_PAK_NETIO_UINT8_GET EM-1232 %OS-LPTS-3-ERR_PLATFORM_GET_MY_NODEID EM-123 3 %OS-LPTS-3-ERR_PREPARE_EGRESS_BUFFHDR EM-1233 %OS-LPTS-3-ERR_PROCESS_INGRESS_BUFFHDR EM-1233 %OS-LPTS-3-ERR_PUNT_FAIL EM-1233 %OS-LPTS-3-ERR_SYSDB_CONN_TO_COID EM-1233 %OS-LPTS-3-ERR_SYSDB_NS_NODE_TO_STR EM-1234 %OS-LPTS-3-LTRACE_INIT_FAIL EM-1234 %OS-LPTS-6-INFO_INTERNAL_TABLE EM-1234 %OS-LTRACE_SDT_SHOW-4-EXTEND_FAIL EM-1234 %OS-LTRACE_SDT_SHOW-4-GROUP_CALLOC EM-1235Index EM-2670 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-LTRACE_SDT_SHOW-4-NODE_PRINT EM-1235 %OS-LTRACE_SDT_SHOW-4-STR_CALLOC EM-1235 %OS-LTRACE_SDT_SHOW-4-STR_SEQ EM-1235 %OS-LTRACE_SDT_SHOW-4-TRACE_FIND EM-1236 %OS-LTRACE_SDT_SHOW-4-TRACE_INSERT EM-1236 %OS-LTRACE_SDT-4-BTREE_FIND EM-1236 %OS-LTRACE_SDT-4-BTREE_INSERT EM-1237 %OS-LTRACE_SYNC-3-EXTERNAL_API_ERROR EM-1237 %OS-LTRACE_SYNC-3-FILE_BAD_MAGIC EM-1237 %OS-LTRACE_SYNC-3-MEMORY_UNMAP_ERROR EM-12 37 %OS-LTRACE_SYNC-3-PTHREAD_API_ERROR EM-1237 %OS-LTRACE_SYNC-3-RWLOCK_ERROR EM-1238 %OS-LTRACE_SYNC-4-FILE_SIZE_CHANGE EM-1238 %OS-LTRACE_SYNC-4-LTRACE_INIT_ERROR EM-1238 %OS-LTRACE_SYNC-4-MEMORY_MAP_ERROR EM-1238 %OS-LTRACE_SYNC-4-SHMEM_ERROR EM-1238 %OS-LTRACE_SYNC-6-FILE_TOO_SHORT EM-1238 %OS-LTRACE_SYNC-6-FILE_WRONG_VERSION EM-1239 %OS-LTRACE-3-ERROR EM-1239 %OS-LTRACE-7-BADMAGIC EM-1239 %OS-LTRACE-7-DEBUG EM-1239 %OS-LTRACE-7-STRING_SCALE EM-1239 %OS-LTRACE-7-WRAP_SCALE EM-1239 %OS-LWMESS-7-CORRUPT_CLI EM-1240 %OS-LWMESS-7-CORRUPT_CLI_SKIP EM-1240 %OS-LWMESS-7-INVALID_MSG_ERROR_CODE EM-1240 %OS-LWMESS-7-LOCK_CONN EM-1240 %OS-LWMESS-7-UNLOCK_CONN EM-1241 %OS-MEMLOG-3-ERRCHECK EM-1241 %OS-MEMLOG-3-FREE EM-1241 %OS-MEMLOG-3-HEADER EM-1241 %OS-MEMLOG-3-MALLOC EM-1241 %OS-MEMLOG-3-MEMALIGN EM-1242 %OS-MEMLOG-3-SIGERR EM-1242 %OS-MEMLOG-3-TOOBIG EM-1242 %OS-MEMPOOL_EDM-1-EVENT_BLOCK_ERROR EM-1242 %OS-MEMPOOL_EDM-1-SYSDB_REGISTRATION_FAILURE EM-1242 %OS-MEMPOOL_EDM-3-EVENT_MGR_CREATE_FAILED EM-1243 %OS-MEMPOOL_EDM-3-MALLOC_FAILED EM-1243 %OS-MEMPOOL_EDM-3-SYSDB_BIND_FAILURE EM-1243 %OS-MGII_API-3-INFRA_FAIL EM-1243 %OS-MPLS_VPN_MIB-3-ERR_DLL_LOAD EM-1244 %OS-MPLS_VPN_MIB-3-ERR_DLL_SYMBOL_ERROR EM- 1244 %OS-MPLS_VPN_MIB-3-ERR_INIT EM-1244 %OS-NCD-3-INIT_ERR EM-1244 %OS-NCD-3-PAK_CSUM_ERR EM-1245 %OS-NQC-3-PAK_CSUM_ERR EM-1245 %OS-NRS_LIB-7-ERROR EM-1245 %OS-NRS_LIB-7-REG_ERROR EM-1245 %OS-nrs-2-USAGE EM-1246 %OS-nrs-3-CHKPT_ATTR_CREATE EM-1246 %OS-nrs-3-CHKPT_ATTR_SAVE EM-1246 %OS-nrs-3-CHKPT_CREATE EM-1246 %OS-nrs-3-CHKPT_DEBUG EM-1247 %OS-nrs-3-CHKPT_DELETE_BYKEY EM-1247 %OS-nrs-3-CHKPT_ITERATE EM-1247 %OS-nrs-3-CHKPT_ITERATE_NEXT EM-1247 %OS-nrs-3-CHKPT_REGISTER EM-1247 %OS-nrs-3-CHKPT_RESTORE_ATTR EM-1248 %OS-nrs-3-CHKPT_RESTORE_CLASS EM-1248 %OS-nrs-3-CHKPT_RESTORE_DATA EM-1248 %OS-nrs-3-CHKPT_RESTORE_DEBUG EM-1248 %OS-nrs-3-CHKPT_RESTORE_DEBUG_SUCCESS EM-1248 %OS-nrs-3-CHKPT_RESTORE_SET EM-1249 %OS-nrs-3-CHKPT_SAVE EM-1249 %OS-nrs-3-CHKPT_UNREGISTER EM-1249 %OS-nrs-3-ENS_PUBLISH EM-1249 %OS-nrs-3-ENS_WRITE EM-1249 %OS-nrs-3-INIT EM-1250 %OS-nrs-3-INTERNAL EM-1250 %OS-nrs-3-LOCKING EM-1250 %OS-nrs-3-MEMORY EM-1250 %OS-nrs-3-NULLARG EM-1250 %OS-nrs-3-REGCOMP EM-1251 %OS-nrs-3-REGISTER_EXTERNAL_PUBLISH_DIFF_ID EM- 1251 %OS-nrs-3-REPLY EM-1251 %OS-nrs-3-SHUTDOWN EM-1251 %OS-nrs-7-EDM_INTERNAL EM-1252 %OS-nrs-7-LTRACE_INIT EM-1252 %OS-NRSUTILS-3-INTERNAL EM-1252 %OS-NRSUTILS-3-MEMORY EM-1252 %OS-NRSUTILS-3-NULLARG EM-1253 %OS-OBFLINFRA_CLI-3-NO_MEMORY EM-1253 %OS-OBFLINFRA_CLI-7-FAIL_TO_GET_SDD EM-1253 %OS-OBFLINFRA_CLI-7-FILE_GARBAGE EM-1253 %OS-OBFLINFRA_CLI-7-invalid_historical_file_format EM-12 53 %OS-OBFLINFRA_CLI-7-INVALID_RECORD_TYPE EM-12 54 %OS-OBFLINFRA_CLI-7-JID_GET_ERROR EM-1254 %OS-OBFLINFRA_CLI-7-STRING_LENGTH_TOO_LONG E M-1254 %OS-OBFLINFRA_CLI-7-SYMBOL_NOT_FOUND EM-1254 %OS-OBFLINFRA_CLI-7-UNABLE_TO_GET_NODENAME EM-1254 %OS-OBFLINFRA_CLIENT-7-APPLICATION_ERROR EM-1 255 %OS-OBFLINFRA_CLIENT-7-APPLICATION_REGIST_ERRO R EM-1255 %OS-OBFLINFRA_CLIENT-7-ID_INVALID EM-1255 %OS-OBFLINFRA_CLIENT-7-JID_GET_ERROR EM-1255 %OS-OBFLINFRA_CLIENT-7-NO_MEMORY EM-1256 %OS-OBFLINFRA_CLIENT-7-NODEID_FAILURE EM-1256 %OS-OBFLINFRA_CLIENT-7-NUM_OF_SENSORS_OVERFL OW EM-1256 %OS-OBFLINFRA_CLIENT-7-SENSOR_NOT_FOUND EM-1 256 %OS-OBFLINFRA_CLIENT-7-TOO_LONG_FEATURE_NAME EM-1256 %OS-OBFLINFRA_DRIVER-3-JID_GET_ERROR EM-1257 %OS-OBFLINFRA_DRIVER-7-NODEID_FAILURE EM-1257Index EM-2671 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-OBFLINFRA_DRIVER-7-TOO_LONG_DEVICE_NAME EM-1257 %OS-OBFLINFRA_INT-3-EVM_ERROR EM-1257 %OS-OBFLINFRA_INT-3-INVALID_RECORD_MAGIC_NUM EM-1258 %OS-OBFLINFRA_INT-3-MSG_ERROR EM-1258 %OS-OBFLINFRA_INT-3-NO_MEMORY EM-1258 %OS-OBFLINFRA_INT-3-NO_PLATFORM_DATA_FILE EM -1258 %OS-OBFLINFRA_INT-3-NO_SERVER_FOUND EM-1258 %OS-OBFLINFRA_INT-3-NODEID_FAILURE EM-1259 %OS-OBFLINFRA_INT-3-NODEID_GET_FAILURE EM-1259 %OS-OBFLINFRA_INT-3-PLATFORM_DATA_FILE_ERROR EM-1259 %OS-OBFLINFRA_INT-3-PTHREAD_ERROR EM-1259 %OS-OBFLINFRA_INT-3-RECORD_TOO_SHORT EM-1259 %OS-OBFLINFRA_INT-3-RECORD_TYPE_MISMATCH EM- 1260 %OS-OBFLINFRA_INT-3-RECORD_VERSION_MISMATCH EM-1260 %OS-OBFLINFRA_INT-3-SYSCALL EM-1260 %OS-OBFLINFRA_INT-4-JID_GET_ERROR EM-1260 %OS-OBFLINFRA_INT-4-MSG_RESEND_ERROR EM-1260 %OS-OBFLINFRA_INT-4-UNSUPPORTED_API EM-1261 %OS-OBFLINFRA_INT-5-MSG_CKSUM_DATA_ERROR E M-1261 %OS-OBFLINFRA_INT-5-MSG_CKSUM_HDR_ERROR EM- 1261 %OS-OBFLINFRA_INT-5-MSG_REPLY_ERROR EM-1261 %OS-OBFLINFRA_INT-6-EXIT EM-1262 %OS-OBFLINFRA_INT-7-BUFFER_GARBAGE EM-1262 %OS-OBFLINFRA_INT-7-DEBUG_CONNECT EM-1262 %OS-OBFLINFRA_INT-7-DEBUG_QSM EM-1262 %OS-OBFLINFRA_INT-7-DEBUG_SENDV EM-1262 %OS-OBFLINFRA_INT-7-FILE_ERROR EM-1263 %OS-OBFLINFRA_INT-7-RECORD_TOO_LONG EM-1263 %OS-OBFLINFRA_INT-7-SLOT_DECODE_FAILURE EM-12 63 %OS-OBFLINFRA_INT-7-TOO_LONG_NAME EM-1263 %OS-OBFLMGR-3-CHECKSUM_ERROR EM-1264 %OS-OBFLMGR-3-ENV_STATIC_DATA_ERROR EM-1264 %OS-OBFLMGR-3-EVENT_CONN_CREATION_ERROR EM -1264 %OS-OBFLMGR-3-EVENT_CONN_NOTIFY_ERROR EM-12 64 %OS-OBFLMGR-3-EVENT_CONN_OPEN_ERROR EM-1265 %OS-OBFLMGR-3-EVM_ERROR EM-1265 %OS-OBFLMGR-3-FILE_SIZE_GET_FAILURE EM-1265 %OS-OBFLMGR-3-FILELIMIT_TOO_SMALL EM-1265 %OS-OBFLMGR-3-HISTGROUP_TOO_LARGE EM-1265 %OS-OBFLMGR-3-LWM_ERROR EM-1266 %OS-OBFLMGR-3-MSG_VER_MISMATCH EM-1266 %OS-OBFLMGR-3-MUTEX_RESET_ERROR EM-1266 %OS-OBFLMGR-3-NO_FINAL_CLEAR_RECORD EM-1266 %OS-OBFLMGR-3-RECORD_LENGTH_UNMATCH EM-126 6 %OS-OBFLMGR-3-RECORD_TOO_SHORT EM-1267 %OS-OBFLMGR-3-RECORD_VERSION_MISMATCH EM-12 67 %OS-OBFLMGR-3-REDUNDANCY_INIT_ERROR EM-1267 %OS-OBFLMGR-3-SM_CALLBACK_ERROR EM-1267 %OS-OBFLMGR-3-SYMBOL_NOT_FOUND EM-1267 %OS-OBFLMGR-3-SYSDB_BIND_ERROR EM-1268 %OS-OBFLMGR-3-SYSDB_EDM_INIT_ERROR EM-1268 %OS-OBFLMGR-3-SYSDB_REG_EDM_ERROR EM-1268 %OS-OBFLMGR-3-SYSDB_REG_NOTIFY_ERROR EM-1268 %OS-OBFLMGR-3-SYSDB_REG_VERIFY_ERROR EM-1268 %OS-OBFLMGR-3-UNLOAD_DLL_FAILED EM-1269 %OS-OBFLMGR-4-CLI_MSG_ERROR EM-1269 %OS-OBFLMGR-4-CLIENTID_ERROR EM-1269 %OS-OBFLMGR-4-DEVCTL_ERROR EM-1269 %OS-OBFLMGR-4-DEVICE_CREATED_AND_DISABLED E M-1269 %OS-OBFLMGR-4-DEVICE_DEACTIVATED EM-1270 %OS-OBFLMGR-4-DEVICE_DISABLED EM-1270 %OS-OBFLMGR-4-FEATURE_DEACTIVATED EM-1270 %OS-OBFLMGR-4-FILE_ERROR EM-1270 %OS-OBFLMGR-4-FILE_OPEN_ERROR EM-1270 %OS-OBFLMGR-4-FILE_WRITE_ERROR EM-1271 %OS-OBFLMGR-4-QUEUE_CLEAR_ERROR EM-1271 %OS-OBFLMGR-4-UNSUPPORTED_FEATURE EM-1271 %OS-OBFLMGR-4-UPTIME_RR_NOT_SET EM-1271 %OS-OBFLMGR-5-CORRUPTED_MSG EM-1271 %OS-OBFLMGR-5-MSG_CKSUM_ERROR EM-1272 %OS-OBFLMGR-6-DEVICE_ACTIVATED EM-1272 %OS-OBFLMGR-6-DEVICE_ENABLED EM-1272 %OS-OBFLMGR-6-FEATURE_ACTIVATED EM-1272 %OS-OBFLMGR-7-COALESCE_ERROR EM-1272 %OS-OBFLMGR-7-COALESCER_NOT_FOUND EM-1273 %OS-OBFLMGR-7-DEVICE_INACTIVE EM-1273 %OS-OBFLMGR-7-DEVICE_NOT_READY EM-1273 %OS-OBFLMGR-7-DEVICE_NOT_REGISTERED EM-1273 %OS-OBFLMGR-7-DEVICE_UNAVAILABLE EM-1273 %OS-OBFLMGR-7-ENV_STATE_UNKNOWN EM-1274 %OS-OBFLMGR-7-ERRMSG_HIST_FULL EM-1274 %OS-OBFLMGR-7-JID_GET_ERROR EM-1274 %OS-OBFLMGR-7-MAGIC_NUM_INVALID EM-1274 %OS-OBFLMGR-7-META_OPER_WRITE_ERROR EM-1274 %OS-OBFLMGR-7-MSG_ERROR EM-1275 %OS-OBFLMGR-7-NO_MEMORY EM-1275 %OS-OBFLMGR-7-NODEID_DECODE_FAILURE EM-1275 %OS-OBFLMGR-7-NODEID_FAILURE EM-1275 %OS-OBFLMGR-7-QUEUE_LIMIT_OVER EM-1275 %OS-OBFLMGR-7-RACK_DECODE_FAILURE EM-1276 %OS-OBFLMGR-7-RECORD_TOO_LONG EM-1276 %OS-OBFLMGR-7-RECORD_TYPE_UNKNOWN EM-1276 %OS-OBFLMGR-7-REDUNDANCY_STANDBY EM-1276 %OS-OBFLMGR-7-SLOT_DECODE_FAILURE EM-1276 %OS-OBFLMGR-7-SYSDB_TUPLE_ERROR EM-1277 %OS-OBFLMGR-7-UNREGISTERED_FEATURE EM-1277 %OS-OBFLMGR-7-UPTIME_CONT_TOO_LARGE EM-1277 %OS-OBFLMGR-7-UPTIME_HIST_INVALID_TASKID EM-1 277 %OS-OBFLMGR-7-UPTIME_HIST_TOO_LARGE EM-1277 %OS-OBFLMGR-7-UPTIME_RECORD_NOT_FOUND EM-12 78Index EM-2672 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-PA-2-CTX_CREATE EM-1278 %OS-PA-2-IFIB_LIMIT EM-1278 %OS-PA-2-INFRA_FAIL EM-1278 %OS-PA-2-RSI_ERROR EM-1278 %OS-PA-2-RSI_UNKNOWN_EVENT EM-1279 %OS-PA-3-ECM_SETRETRY_FAIL EM-1279 %OS-PA-3-ERR_ADD_SLICE EM-1279 %OS-PA-3-ERR_BACKEND EM-1279 %OS-PA-3-ERR_BAG EM-1279 %OS-PA-3-ERR_FM_MSG_TIMEOUT EM-1280 %OS-PA-3-ERR_LOCK EM-1280 %OS-PA-3-ERR_PIFIB_MSG_TIMEOUT EM-1280 %OS-PA-3-ERR_SYSDB EM-1280 %OS-PA-3-ERR_UNLOCK EM-1280 %OS-PA-3-EVENT_REGISTRATION_FAILED EM-1281 %OS-PA-6-INFO_GENERAL EM-1281 %OS-PCDS-3-ERROR EM-1281 %OS-PCDS-7-DEBUG EM-1281 %OS-PLACED_LIB-7-STARTUP_POLICY EM-1282 %OS-PLACED_LIB-7-VECTOR_OVERFLOW EM-1282 %OS-PLACED_MAIN-3-EVENT_CONN_CREATE EM-1282 %OS-PLACED_MAIN-3-EVENT_CREATE EM-1282 %OS-PLACED_MAIN-3-EVENT_HANDLER EM-1283 %OS-PLACED_MAIN-3-EVENT_NOTIFY EM-1283 %OS-PLACED_MAIN-3-EVENT_OPEN EM-1283 %OS-PLACED_MAIN-3-EVENT_SETRETRY EM-1283 %OS-PLACED_MAIN-3-PTHREAD_CREATE EM-1283 %OS-PLACED_MAIN-3-PTHREAD_DETACH EM-1283 %OS-PLACED_MAIN-3-REGISTER_BLOCK EM-1284 %OS-PLACED_MAIN-3-REOPTIMIZE EM-1284 %OS-PLACED_MAIN-3-SYSDB_BIND EM-1284 %OS-PLACED_MAIN-3-SYSDB_ITEM_SET EM-1284 %OS-PLACED_MAIN-3-SYSDB_NOTIFICATION EM-1284 %OS-PLACED_MAIN-3-SYSDB_UNBIND EM-1284 %OS-PLACED_MAIN-6-DUMP_CORE EM-1285 %OS-PLACED_MAIN-7-BACKUP_DLRSC EM-1285 %OS-PLACED_MAIN-7-BACKUP_DLRSC_REG EM-1285 %OS-PLACED_MAIN-7-CHKPT EM-1285 %OS-PLACED_MAIN-7-CHKPT_TARGET EM-1286 %OS-PLACED_MAIN-7-CLASSES EM-1286 %OS-PLACED_MAIN-7-DBG_ON EM-1286 %OS-PLACED_MAIN-7-DBG_REG EM-1286 %OS-PLACED_MAIN-7-DLRSC EM-1287 %OS-PLACED_MAIN-7-DLRSC_CHANGED EM-1287 %OS-PLACED_MAIN-7-DLRSC_NOT EM-1287 %OS-PLACED_MAIN-7-DLRSC_REG EM-1287 %OS-PLACED_MAIN-7-EVENT_BLOCK EM-1288 %OS-PLACED_MAIN-7-INIT_COMPLETE EM-1288 %OS-PLACED_MAIN-7-PROC_READY EM-1288 %OS-PLACED_MAIN-7-QSM_CHAN EM-1288 %OS-PLACED_MAIN-7-QSM_RENDEZ EM-1289 %OS-PLACED_MAIN-7-SIGNALS EM-1289 %OS-PLACED_MAIN-7-SYSDB EM-1289 %OS-PLACED_MAIN-7-SYSDB_VRFN_INIT EM-1289 %OS-PLACED_MAIN-7-TRACE_BUFFERS EM-1290 %OS-PLACED_MAIN-7-UNEXPECTED_REQ EM-1290 %OS-PLACED_MAIN-7-UNKNOWN_MSG EM-1290 %OS-PLACED_MAIN-7-UNKNOWN_REQ EM-1290 %OS-PLACED_NODES-3-NO_NODES EM-1291 %OS-PLACED_NODES-7-DOWNGRADING_NODE EM-1291 %OS-PLACED_NODES-7-LR_INVEN EM-1291 %OS-PLACED_NODES-7-LR_INVEN_ENTRY EM-1291 %OS-PLACED_NODES-7-LR_INVEN_NODETYPE EM-1292 %OS-PLACED_NODES-7-LR_NOT EM-1292 %OS-PLACED_NODES-7-LR_REG EM-1292 %OS-PLACED_NODES-7-MEMORY EM-1292 %OS-PLACED_NODES-7-NO_INVENTORY EM-1293 %OS-PLACED_NODES-7-NODEID EM-1293 %OS-PLACED_NODES-7-NOT_RUNNING EM-1293 %OS-PLACED_PLACE-3-ALGO EM-1294 %OS-PLACED_PLACE-3-ALGO_RERUN EM-1294 %OS-PLACED_PLACE-4-CANT_START EM-1294 %OS-PLACED_PLACE-4-KILLING EM-1294 %OS-PLACED_PLACE-4-LISTEN EM-1295 %OS-PLACED_PLACE-4-REOP_ABORTED EM-1295 %OS-PLACED_PLACE-5-RESTARTING EM-1295 %OS-PLACED_PLACE-5-WRITE_PERSIST EM-1296 %OS-PLACED_PLACE-6-REOP_COMPLETE EM-1296 %OS-PLACED_PLACE-6-REOP_START EM-1296 %OS-PLACED_PLACE-7-AFFINITY_ITERATOR EM-1296 %OS-PLACED_PLACE-7-ALGO_INIT EM-1297 %OS-PLACED_PLACE-7-CHKPT_INIT EM-1297 %OS-PLACED_PLACE-7-CHKPT_UPDATE EM-1297 %OS-PLACED_PLACE-7-LOOKUP_PERSIST EM-1297 %OS-PLACED_PLACE-7-SYSDB EM-1298 %OS-PLACED_PLACE-7-TIMER EM-1298 %OS-PLACED_PROGS-3-KILL_MAN EM-1298 %OS-PLACED_PROGS-3-KILL_PROC EM-1298 %OS-PLACED_PROGS-3-KILL_UNKNOWN EM-1299 %OS-PLACED_PROGS-3-PROC_STATE EM-1299 %OS-PLACED_PROGS-3-START_PROC EM-1299 %OS-PLACED_PROGS-4-CANT_SUSPEND EM-1299 %OS-PLACED_PROGS-4-CHKPT_DELETE EM-1300 %OS-PLACED_PROGS-4-CHKPT_MIGRATE EM-1300 %OS-PLACED_PROGS-4-CHKPT_WRITE EM-1300 %OS-PLACED_PROGS-4-RMPROC_INCORRECT_NODE E M-1300 %OS-PLACED_PROGS-4-START_PROC_MIGRATE EM-130 1 %OS-PLACED_PROGS-4-SYSTEM_POLICY EM-1301 %OS-PLACED_PROGS-4-UNKNOWN_PROC EM-1301 %OS-PLACED_PROGS-4-UNREC_PROG EM-1301 %OS-PLACED_PROGS-6-COLD_START EM-1302 %OS-PLACED_PROGS-6-REMOVING_ENTITY EM-1302 %OS-PLACED_PROGS-6-START_PROC_NODE EM-1302 %OS-PLACED_PROGS-6-START_PROC_TIMEOUT EM-1302 %OS-PLACED_PROGS-7-CHKPT_REG EM-1303 %OS-PLACED_PROGS-7-CLASS_INFO EM-1303 %OS-PLACED_PROGS-7-IPPH EM-1303 %OS-PLACED_PROGS-7-JID EM-1303 %OS-PLACED_PROGS-7-NOT_PLACEABLE EM-1304 %OS-PLACED_PROGS-7-PARSE EM-1304 %OS-PLACED_PROGS-7-PLPROC EM-1304 %OS-PLACED_PROGS-7-PROG_TYPE EM-1304 %OS-PLACED_PROGS-7-RECOVER_STATE EM-1305 %OS-PLACED_PROGS-7-SYSMGR_TARGET EM-1305Index EM-2673 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-PLACED_PROGS-7-TIMEOUT EM-1305 %OS-PLACED_PROGS-7-TIMERS EM-1305 %OS-PLACED_PROGS-7-UNEXPECTED_NODE EM-1306 %OS-PLACED_PROGS-7-UPDATE_CLASS EM-1306 %OS-PLACED_PROPS-4-MAX_AFF EM-1306 %OS-PLACED_PROPS-5-BAD_CONFIG EM-1306 %OS-PLACED_PROPS-5-REV_AFF EM-1307 %OS-PLACED_PROPS-5-SUSPECT_NODE EM-1307 %OS-PLACED_PROPS-7-INIT EM-1307 %OS-PLACED_PROPS-7-NODETYPE EM-1307 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_FL OW EM-1308 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_FL OW EM-1308 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_PA RAMETER EM-1308 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_MISSING_PA RAMETER EM-1308 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_ KEYWORD EM-1309 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_ KEYWORD EM-1309 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_ PARAMETER EM-1309 %OS-PLATFORM_LPTS_COM_IFIB-3-CONFIG_UNKNOWN_ PARAMETER EM-1309 %OS-PLATFORM_LPTS_COM_IFIB-3-ERR_MEM_ALLOC EM-1310 %OS-PLATFORM_LPTS_COM_IFIB-3-ERR_MEM_ALLOC EM-1310 %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG EM-131 0 %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG EM-131 0 %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG_MEMOR Y EM-1311 %OS-PLATFORM_LPTS_COM_IFIB-3-NO_CONFIG_MEMOR Y EM-1311 %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_CLEANUP EM-1311 %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_CLEANUP EM-1311 %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_INIT_EVENT EM-1312 %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_INIT_EVENT EM-1312 %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_REGISTER EM-1312 %OS-PLATFORM_LPTS_COM_IFIB-7-DEBUG_REGISTER EM-1312 %OS-PLATFORM_LPTS_COM_IFIB-7-ERR_DEBUG_INIT E M-1312 %OS-PLATFORM_LPTS_COM_IFIB-7-ERR_DEBUG_INIT E M-1313 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP EM-1313 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP EM-1313 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP EM-1313 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_CLEANUP EM-1314 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVEN T EM-1314 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVEN T EM-1314 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVEN T EM-1314 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_INIT_EVEN T EM-1314 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER EM-1315 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER EM-1315 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER EM-1315 %OS-PLATFORM_LPTS_COM_NETIO-7-DEBUG_REGISTER EM-1315 %OS-PLATFORM_LPTS_LIB-7-ERR_DEBUG_INIT EM-1316 %OS-PLATFORM_LPTS_LIB-7-ERR_DEBUG_INIT EM-1316 %OS-PLATFORM_LPTS_LIB-7-ERR_DEBUG_INIT EM-1316 %OS-PLATFORM_LPTS_PIFIB-3-BACKEND_EDM EM-1316 %OS-PLATFORM_LPTS_PIFIB-3-BAG EM-1317 %OS-PLATFORM_LPTS_PIFIB-3-CHKPT_INIT EM-1317 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_FLOW_MEMORY EM-1317 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_MISSING_FLOW EM-1317 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_MISSING_PARAM ETER EM-1318 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_MEMO RY EM-1318 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_PARAM ETER_INVALID EM-1318 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_PARAM ETER_MISSING EM-1318 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_POLICER_UNKNO WN_KEYWORD EM-1319 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_UNDEFINED_POL ICER EM-1319 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_UNKNOWN_KEY WORD EM-1319 %OS-PLATFORM_LPTS_PIFIB-3-CONFIG_UNKNOWN_PAR AMETER EM-1319 %OS-PLATFORM_LPTS_PIFIB-3-ERR_IFH_UIDB_INDEX E M-1320 %OS-PLATFORM_LPTS_PIFIB-3-ERR_IFH_UIDB_INDEX E M-1320 %OS-PLATFORM_LPTS_PIFIB-3-ERR_IFH_UIDB_INDEX E M-1320 %OS-PLATFORM_LPTS_PIFIB-3-ERR_IPV6_COMPRESS E M-1320 %OS-PLATFORM_LPTS_PIFIB-3-ERR_MEM_ALLOC EM-13 21 %OS-PLATFORM_LPTS_PIFIB-3-ERR_MEM_ALLOC EM-13 21Index EM-2674 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-PLATFORM_LPTS_PIFIB-3-ERR_MEM_ALLOC EM-13 21 %OS-PLATFORM_LPTS_PIFIB-3-ERR_NOTIF_Q_FULL EM -1321 %OS-PLATFORM_LPTS_PIFIB-3-ERR_NOTIF_Q_FULL EM -1322 %OS-PLATFORM_LPTS_PIFIB-3-ERR_NOTIF_Q_FULL EM -1322 %OS-PLATFORM_LPTS_PIFIB-3-EVENT_CONN_CREATE EM-1322 %OS-PLATFORM_LPTS_PIFIB-3-EVENT_CONN_OPEN EM -1322 %OS-PLATFORM_LPTS_PIFIB-3-FM_ADD_FEAT2GRP EM- 1323 %OS-PLATFORM_LPTS_PIFIB-3-FM_ADD_IFH2GRP EM-13 23 %OS-PLATFORM_LPTS_PIFIB-3-FM_CREATE_GROUP EM -1323 %OS-PLATFORM_LPTS_PIFIB-3-FM_FEAT_PROCESSING EM-1323 %OS-PLATFORM_LPTS_PIFIB-3-FM_REGISTER EM-1323 %OS-PLATFORM_LPTS_PIFIB-3-HFA_REGISTER EM-1324 %OS-PLATFORM_LPTS_PIFIB-3-LTRACE_INIT EM-1324 %OS-PLATFORM_LPTS_PIFIB-3-MSG_ATTACH EM-1324 %OS-PLATFORM_LPTS_PIFIB-3-NO_CONFIG EM-1324 %OS-PLATFORM_LPTS_PIFIB-3-SHOW_EDM_CLOSE EM- 1324 %OS-PLATFORM_LPTS_PIFIB-3-SHOW_EDM_INIT EM-132 5 %OS-PLATFORM_LPTS_PIFIB-3-SYSDB EM-1325 %OS-PLATFORM_LPTS_PIFIB-3-TCAM_FMT_TO_HFA_MAP EM-1325 %OS-PLATFORM_LPTS_PIFIB-5-ERR_MSTATS_ALLOC E M-1325 %OS-PLATFORM_LPTS_PIFIB-5-ERR_MSTATS_ALLOC E M-1325 %OS-PLATFORM_LPTS_PIFIB-5-ERR_PRM_STATS_ALLOC EM-1326 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_INVALID_REG _NAME EM-1326 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_INVALID_REG _NAME EM-1326 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_INVALID_REG _NAME EM-1326 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_OVERFLOW EM-1327 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_OVERFLOW EM-1327 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_OVERFLOW EM-1327 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_PREFIX_COM PRESS EM-1327 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_PREFIX_COM PRESS EM-1328 %OS-PLATFORM_LPTS_PIFIB-5-ERR_TCAM_PREFIX_COM PRESS EM-1328 %OS-PLATFORM_LPTS_PIFIB-7-DEBUG_CLEANUP EM-13 28 %OS-PLATFORM_LPTS_PIFIB-7-DEBUG_INIT_EVENT EM -1328 %OS-PLATFORM_LPTS_PIFIB-7-DEBUG_REGISTER EM-1 329 %OS-PLATFORM_LPTS_PIFIB-7-ERR_CONN_INIT EM-1329 %OS-PLATFORM_LPTS_PIFIB-7-ERR_CONN_INIT EM-1329 %OS-PLATFORM_LPTS_PIFIB-7-ERR_CONN_INIT EM-1329 %OS-PLATFORM_LPTS_PIFIB-7-ERR_DEBUG_INIT EM-13 29 %OS-PLATFORM_LPTS_PIFIB-7-ERR_DEBUG_INIT EM-13 30 %OS-PLATFORM_LPTS_PIFIB-7-ERR_DEBUG_INIT EM-13 30 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_INIT EM-1330 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_INIT EM-1330 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_INIT EM-1330 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_ATTACH EM-1331 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_ATTACH EM-1331 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_ATTACH EM-1331 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_LEAF_NEW EM-1331 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_LEAF_NEW EM-1331 %OS-PLATFORM_LPTS_PIFIB-7-ERR_EVM_TM_LEAF_NEW EM-1332 %OS-PLATFORM_LPTS_PIFIB-7-ERR_INIT_POLICERS EM -1332 %OS-PLATFORM_LPTS_PIFIB-7-ERR_INIT_POLICERS EM -1332 %OS-PLATFORM_LPTS_PIFIB-7-ERR_INIT_POLICERS EM -1332 %OS-PLATFORM_LPTS_PIFIB-7-ERR_LTRACE_INIT EM-1 333 %OS-PLATFORM_LPTS_PIFIB-7-ERR_LTRACE_INIT EM-1 333 %OS-PLATFORM_LPTS_PIFIB-7-ERR_LTRACE_INIT EM-1 333 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_INIT EM-1333 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_INIT EM-1334 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_INIT EM-1334 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_NOTIF_ACK EM-1334 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_NOTIF_ACK EM-1334 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MIPC_NOTIF_ACK EM-1335 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MSTATS_INIT EM-1 335 %OS-PLATFORM_LPTS_PIFIB-7-ERR_MSTATS_INIT EM-1 335 %OS-PLATFORM_LPTS_PIFIB-7-ERR_NOTIF_HANDLE E M-1335 %OS-PLATFORM_LPTS_PIFIB-7-ERR_NOTIF_HANDLE E M-1336 %OS-PLATFORM_LPTS_PIFIB-7-ERR_NOTIF_HANDLE EIndex EM-2675 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 M-1336 %OS-PLATFORM_LPTS_PIFIB-7-ERR_PRM_STATS_INIT E M-1336 %OS-PLATFORM_LPTS_PIFIB-7-ERR_PROGRAM_ERRORE D_POLICER EM-1336 %OS-PLATFORM_LPTS_PIFIB-7-ERR_PROGRAM_ERRORE D_POLICER EM-1337 %OS-PLATFORM_LPTS_PIFIB-7-ERR_PROGRAM_ERRORE D_POLICER EM-1337 %OS-PLATFORM_LPTS_PIFIB-7-ERR_REPROGRAM_POLIC ERS EM-1337 %OS-PLATFORM_LPTS_PIFIB-7-ERR_REPROGRAM_POLIC ERS EM-1337 %OS-PLATFORM_LPTS_PIFIB-7-ERR_REPROGRAM_POLIC ERS EM-1338 %OS-PLATFORM_LPTS_PIFIB-7-ERR_SYSDB_DATALIST_C REATE EM-1338 %OS-PLATFORM_LPTS_PIFIB-7-ERR_SYSDB_DATALIST_C REATE EM-1338 %OS-PLATFORM_LPTS_PIFIB-7-ERR_SYSDB_DATALIST_C REATE EM-1338 %OS-PLATFORM_LPTS_PIFIB-7-ERR_TCAM_INIT EM-133 9 %OS-PLATFORM_LPTS_PIFIB-7-ERR_TCAM_INIT EM-133 9 %OS-PLATFORM_LPTS_PIFIB-7-ERR_TCAM_INIT EM-133 9 %OS-PMHAC-7-ERR_DLL_INIT EM-1339 %OS-PMHAD-3-ERR_NOMEM EM-1340 %OS-PMHAD-4-ERR_NOMEM_WARNING EM-1340 %OS-PMHAD-7-ERR_DLL_INIT EM-1340 %OS-PMHAD-7-ERR_INIT EM-1340 %OS-PROCFIND-4-NODETYPE EM-1341 %OS-PROCFIND-6-EVENT_BLOCK EM-1341 %OS-PROCFIND-6-PROC_INFO EM-1341 %OS-PROCFIND-6-PROC_OPEN EM-1341 %OS-PROCFIND-6-READY EM-1342 %OS-PROCFIND-7-EVENT_MGR EM-1342 %OS-PROCFIND-7-MEMORY EM-1342 %OS-PROCFIND-7-NODEID EM-1342 %OS-PROCFIND-7-SYSDB_BIND EM-1342 %OS-PROCFIND-7-SYSDB_EDM_INIT EM-1343 %OS-PROCFIND-7-SYSDB_EDM_REG EM-1343 %OS-PUF-4-MCAST_MSG EM-1343 %OS-QAD_LIB-3-ERROR EM-1343 %OS-QAD_LIB-6-INFO EM-1344 %OS-QAD_QUEUE_MODEL-3-ERROR EM-1344 %OS-QAD_SERVER-3-ERROR EM-1344 %OS-QNET_LC-7-BASE_BAD_CHAIN_TYPE EM-1344 %OS-QNET_LC-7-BASE_CONTROL_FUNC_ERR EM-1345 %OS-QNET_LC-7-CAPS_BAD_CHAIN_TYPE EM-1345 %OS-QNET_LC-7-CAPS_CONTROL_FUNC_ERR EM-1345 %OS-QNET_LC-7-DUPLICATE_BMA_PAK EM-1345 %OS-QNET_LC-7-ENCAPS_FUNC_ERR EM-1345 %OS-QNET_LC-7-LOST_QNET_CONN EM-1346 %OS-QNET_LC-7-PAK_INPUT_FAIL EM-1346 %OS-QNET_LC-7-UINT32_GET EM-1346 %OS-QNET-0-EMG EM-1346 %OS-QNET-1-ALT EM-1347 %OS-QNET-2-CRT EM-1347 %OS-QNET-2-FATAL EM-1347 %OS-QNET-3-ERR EM-1347 %OS-QNET-4-DUMPER_SNAP_DUMP EM-1347 %OS-QNET-4-DUMPER_SNAP_NODUMP EM-1348 %OS-QNET-4-WRN EM-1348 %OS-QNET-5-NOT EM-1348 %OS-QNET-6-DUMPER_SNAP_DUMP_OK EM-1348 %OS-QNET-6-INF EM-1348 %OS-QNET-7-DEB EM-1349 %OS-QNET-7-SIO_Q_PROD EM-1349 %OS-QSM-3-ADD_SYMLINKS_DIR EM-1349 %OS-QSM-3-ADD_SYMLINKS_FILE EM-1349 %OS-QSM-3-BAD_DBDUMP_MESSAGE EM-1350 %OS-QSM-3-BAD_MESSAGE EM-1350 %OS-QSM-3-BAD_UPDATE_MESSAGE EM-1350 %OS-QSM-3-CERR_REGISTER EM-1350 %OS-QSM-3-CHECKPOINT_CANT_OPEN EM-1351 %OS-QSM-3-CHECKPOINT_CANT_RELOAD EM-1351 %OS-QSM-3-CHECKPOINT_CANT_RELOAD_NOTIFY EM- 1351 %OS-QSM-3-CHECKPOINT_CANT_RENAME EM-1351 %OS-QSM-3-CHECKPOINT_CANT_SEEK EM-1352 %OS-QSM-3-CHECKPOINT_CANT_TRUNCATE EM-1352 %OS-QSM-3-CHECKPOINT_CANT_WRITE EM-1352 %OS-QSM-3-CHECKPOINT_FORMAT EM-1352 %OS-QSM-3-CHECKPOINT_LOCK_FAILURE EM-1353 %OS-QSM-3-CHECKPOINT_NOSPACE EM-1353 %OS-QSM-3-INITIALIZATION_FAILURE EM-1353 %OS-QSM-3-INVALID_PLATFORM_TYPE EM-1353 %OS-QSM-3-INVALID_SYMLINKS_FILE EM-1354 %OS-QSM-3-LINK_BAD_MODE EM-1354 %OS-QSM-3-LINK_CREATE_FAILURE EM-1354 %OS-QSM-3-LINK_DELETE_FAILURE_INUM EM-1354 %OS-QSM-3-LINK_DELETE_FAILURE_PATH EM-1355 %OS-QSM-3-LINK_FREE_ZERO_INUM EM-1355 %OS-QSM-3-LINK_INVALID_CUR_INDEX EM-1355 %OS-QSM-3-LINK_LOCK_FAILURE EM-1355 %OS-QSM-3-LINK_WRONG_RESULT EM-1356 %OS-QSM-3-LOCATE_SYMLINKS_FILE EM-1356 %OS-QSM-3-LOCK_FAILURE EM-1356 %OS-QSM-3-LOCK_FAILURE_LOCKTEST EM-1356 %OS-QSM-3-NO_MEMORY EM-1356 %OS-QSM-3-NON_ADMIN_ADD EM-1357 %OS-QSM-3-NOTIFY_LOCK_FAILURE EM-1357 %OS-QSM-3-NOTIFY_WRITE_FAILED EM-1357 %OS-QSM-3-OPEN_SYMLINKS_FILE EM-1357 %OS-QSM-3-SEND_DATABASE_MESSAGE EM-1358 %OS-QSM-7-ADMIN_ADD EM-1358 %OS-QSM-7-BAD_LWM_MSG EM-1358 %OS-QSM-7-BAD_LWM_VERSION EM-1358 %OS-QSM-7-DEBUG_KEY_CREATE EM-1358 %OS-QSM-7-DEBUG_SPECIFIC_ALLOC EM-1359 %OS-QSM-7-DEBUG_SPECIFIC_SET EM-1359 %OS-QSM-7-LINK_BAD_THREAD_INUM EM-1359 %OS-QSM-7-LINK_BAD_THREAD_PATH EM-1359 %OS-QSM-7-LINK_LOST_EMPTY_DIRECTORY EM-1359Index EM-2676 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-QSM-7-LOCK_HELD EM-1359 %OS-QSM-7-LOCK_NOTFOUND EM-1360 %OS-QSM-7-LOCK_WRONG_COUNT EM-1360 %OS-QSM-7-LOCKORDER_FAILURE EM-1360 %OS-QSM-7-LOCKORDER_UPGRADE EM-1360 %OS-QSM-7-NODE_DELETE_FAILURE EM-1360 %OS-QSM-7-NODE_LOOKUP_FAILURE EM-1361 %OS-QSM-7-NON_LOCAL EM-1361 %OS-QSM-7-NOTIFY_REGISTER_FAILED EM-1361 %OS-QSM-7-NOTIFY_UNREGISTER_FAILED EM-1361 %OS-QUEUE-7-LINKED EM-1362 %OS-QUEUE-7-NOTQ EM-1362 %OS-QUEUE-7-QCOUNT EM-1362 %OS-RDS-2-IDT_FAILED EM-1362 %OS-RDS-3-ALLOC_FAILURE_MSG EM-1362 %OS-RDS-3-ASSERT_MSG EM-1363 %OS-RDS-3-BAD_READ EM-1363 %OS-RDS-3-BAD_SEQNUM EM-1363 %OS-RDS-3-ENS_BULK_REGISTER EM-1363 %OS-RDS-3-ENS_PRODUCER_RELEASE EM-1363 %OS-RDS-3-ENS_PUBLISH EM-1363 %OS-RDS-3-ENS_REGISTER_CLASS EM-1364 %OS-RDS-3-GROUP_CREATE EM-1364 %OS-RDS-3-LOCK_FAILURE EM-1364 %OS-RDS-3-NRS_CREATE_CLASS EM-1364 %OS-RDS-3-NRS_REGISTER_BULK EM-1364 %OS-RDS-3-PENDING_MSG EM-1364 %OS-RDS-3-SEARCH_HDLS_FAILED EM-1365 %OS-RDS-3-SNAP_DUMP EM-1365 %OS-RDS-3-SYNC_CREATE EM-1365 %OS-RDS-3-SYNC_RELEASE_FAILED EM-1365 %OS-RDS-3-SYNC_REQUEST EM-1365 %OS-RDS-3-SYNC_REQUEST_TIMED_OUT EM-1366 %OS-RDS-3-SYNC_REQUEST_UNEXPECTED EM-1366 %OS-RDS-3-WRITE_TIMEDOUT EM-1366 %OS-RDS-4-COND_TIMED_WAIT EM-1366 %OS-RDS-4-RING_LOOKUP EM-1366 %OS-RDS-7-BAD_RDSTYPE EM-1367 %OS-RDS-7-DUPLICATE_TICKET_NOTIF EM-1367 %OS-RDS-7-GENERIC_FAILURE_MSG EM-1367 %OS-RDS-7-GET_DH_ENTRY EM-1367 %OS-RDS-7-GET_REPLICA EM-1367 %OS-RDS-7-GROUP_SEND_RINFO EM-1368 %OS-RDS-7-GSM_FAIL EM-1368 %OS-RDS-7-INVALID_ARGS EM-1368 %OS-RDS-7-INVALID_RHDR EM-1368 %OS-RDS-7-NO_PREQ_ENTRY EM-1368 %OS-RDS-7-NRS_DECODE EM-1368 %OS-RDS-7-NRS_SEARCH EM-1369 %OS-RDS-7-QUERY_PEERS_TIMED_OUT EM-1369 %OS-RDS-7-READ_FAILED EM-1369 %OS-RDS-7-WRONG_PLANE EM-1369 %OS-RDSFS-4-BAD_REPLICA EM-1369 %OS-RDSFS-7-DEBUG EM-1370 %OS-RDSFS-7-EDM_INTERNAL EM-1370 %OS-RDSFS-7-FAILURE EM-1370 %OS-RDSFS-7-INIT_FAILED EM-1370 %OS-REDFS-4-MIRROR_DISABLED EM-1370 %OS-REDFS-5-INIT_FAILED EM-1370 %OS-REDFS-5-MIRROR_ERROR EM-1371 %OS-REDFS-5-MIRROR_NOT_REDUNDANT EM-1371 %OS-REDFS-5-MIRROR_NOT_START EM-1371 %OS-REDFS-5-MIRROR_PAUSED EM-1371 %OS-REDFS-5-MIRROR_SYNC_FAILED EM-1371 %OS-REDFS-6-MIRROR_ENABLED EM-1372 %OS-REDFS-6-MIRROR_REDUNDANT EM-1372 %OS-REDFS-6-MIRROR_RESUMED EM-1372 %OS-REDFS-6-MIRROR_UPGRADE EM-1372 %OS-REGEXP-6-ENOMEM EM-1372 %OS-REGEXP-6-INTERNAL EM-1373 %OS-REGEXP-6-INVALID EM-1373 %OS-REGEXP-6-REGERROR EM-1373 %OS-RSI_AGENT-2-OBJ_CREATE EM-1373 %OS-RSI_AGENT-2-RESOURCE_DOWN EM-1373 %OS-RSI_AGENT-3-CONSISTENCY_CHECK EM-1374 %OS-RSI_AGENT-3-ERR_GENERAL EM-1374 %OS-RSI_AGENT-3-ERR_INIT EM-1374 %OS-RSI_AGENT-3-INTF_MAPPING_CHANGE EM-1374 %OS-RSI_AGENT-3-NONRESPONSIVE_CLIENT EM-1375 %OS-RSI_MASTER-2-ERR_INVALID_THREAD EM-1375 %OS-RSI_MASTER-2-ERR_MEM_ALLOC EM-1375 %OS-RSI_MASTER-3-ERR_GENERAL EM-1375 %OS-RSI_MASTER-3-ERR_GENERAL_NO_RC EM-1376 %OS-RSVDPMEM-3-BAD_DATAFILE_VALUES EM-1376 %OS-RSVDPMEM-3-BAD_RETURN_VALUES EM-1376 %OS-RSVDPMEM-3-INVALID_PARAMS EM-1376 %OS-RSVDPMEM-3-MEMUTIL_FIND_FAIL EM-1377 %OS-RSVDPMEM-3-NO_MATCHING_STRING EM-1377 %OS-RSVDPMEM-3-OPEN_FAIL EM-1377 %OS-RSVDPMEM-3-SSCANF_FAIL EM-1377 %OS-RT_CHECK_LIB-3-CERR_REGISTER_DLL EM-1378 %OS-RT_CHECK_LIB-3-DEBUG_SERVICES EM-1378 %OS-RT_CHECK_LIB-3-EVENT_MANAGER EM-1378 %OS-RT_CHECK_LIB-3-GSP_CONN EM-1378 %OS-RT_CHECK_LIB-3-GSP_LOOKUP EM-1378 %OS-RT_CHECK_LIB-3-GSP_NOTIFY EM-1379 %OS-RT_CHECK_LIB-3-GSP_SEND EM-1379 %OS-RT_CHECK_LIB-3-MGD_TIMER EM-1379 %OS-RT_CHECK_LIB-3-PTHREAD EM-1379 %OS-RT_CHECK-3-BCDL_REQ EM-1379 %OS-RT_CHECK-3-CHAN_CONN EM-1379 %OS-RT_CHECK-3-DEBUG_SERVICES EM-1380 %OS-RT_CHECK-3-EDM_DATALIST_ADD_FAILED EM-13 80 %OS-RT_CHECK-3-EDM_DATALIST_CREATE_FAILED E M-1380 %OS-RT_CHECK-3-EDM_ENCODE_FAILED EM-1380 %OS-RT_CHECK-3-EDM_LIST_ADD_FAILED EM-1381 %OS-RT_CHECK-3-EDM_LIST_CREATE_FAILED EM-1381 %OS-RT_CHECK-3-EDM_REGISTER_FAILED EM-1381 %OS-RT_CHECK-3-EVENT_MANAGER EM-1381 %OS-RT_CHECK-3-GROUP EM-1381 %OS-RT_CHECK-3-MEMORY EM-1382 %OS-RT_CHECK-3-MGD_TIMER EM-1382 %OS-RT_CHECK-3-PTHREAD EM-1382 %OS-RT_CHECK-3-PTHREAD_MUTEX EM-1382Index EM-2677 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-RT_CHECK-3-RSI_INIT EM-1382 %OS-RT_CHECK-3-RSI_TBL_ID EM-1382 %OS-RT_CHECK-3-RSI_VRF_NAME EM-1383 %OS-RT_CHECK-3-SYSDB EM-1383 %OS-RT_CHECK-3-TIMER_INIT EM-1383 %OS-RT_CHECK-3-USAGE EM-1383 %OS-RT_CHECK-6-EDM_BAG_REGISTRATION_FAILED E M-1383 %OS-SEIPC-3-DEBUG_ERROR EM-1384 %OS-SEIPC-3-INIT_CRITICAL_ERROR EM-1384 %OS-SEIPC-3-LTRACE_ERROR EM-1384 %OS-SHMWIN_SVR-3-EVM_ERROR EM-1384 %OS-SHMWIN_SVR-3-GLOBAL_MUTEX_ERR EM-1385 %OS-SHMWIN_SVR-3-INVALID_ID EM-1385 %OS-SHMWIN_SVR-3-LWM_ERROR EM-1385 %OS-SHMWIN_SVR-3-MAIN_INIT EM-1385 %OS-SHMWIN_SVR-3-MMAP_FAIL EM-1385 %OS-SHMWIN_SVR-3-MSG_ERROR EM-1386 %OS-SHMWIN_SVR-3-NO_MEMORY EM-1386 %OS-SHMWIN_SVR-3-PLATFORM_FILE EM-1386 %OS-SHMWIN_SVR-3-QSM_ERROR EM-1386 %OS-SHMWIN_SVR-3-SHM_ERROR EM-1386 %OS-SHMWIN_SVR-3-SHMWIN_SIZE EM-1387 %OS-SHMWIN_SVR-3-SVR_ERR EM-1387 %OS-SHMWIN_SVR-3-WINDOW_MUTEX_ERR EM-1387 %OS-SHMWIN_SVR-6-SHARED_MUTEX_REVIVED EM-13 87 %OS-SHMWIN-2-ERROR_ENCOUNTERED EM-1388 %OS-SHMWIN-2-SHARED_PAGE_ERROR EM-1388 %OS-SHMWIN-3-ALLOC_ARENA_FAILED EM-1388 %OS-SHMWIN-3-FREE_ARENA_FAILED EM-1388 %OS-SHMWIN-3-FSTAT_FAILED EM-1389 %OS-SHMWIN-3-FTRUNCATE_FAILED EM-1389 %OS-SHMWIN-3-LIST_NODE_INCONSISTENCY EM-1389 %OS-SHMWIN-3-MMAP_FAILED EM-1389 %OS-SHMWIN-3-MUNMAP_FAILED EM-1390 %OS-SHMWIN-3-MUTEXOP_FAILED EM-1390 %OS-SHMWIN-3-OPEN_FAILED EM-1390 %OS-SHMWIN-3-UNLINK_FAILED EM-1390 %OS-SHMWIN-6-FILE_EXISTS EM-1390 %OS-SPAIPC_NETIO-7-BASE_BAD_CHAIN_TYPE EM-1391 %OS-SPAIPC_NETIO-7-BASE_CONTROL_FUNC_ERR EM- 1391 %OS-SPAIPC_NETIO-7-CAPS_BAD_CHAIN_TYPE EM-1391 %OS-SPAIPC_NETIO-7-DEBUG_INIT_FAILED EM-1391 %OS-SPAIPC_NETIO-7-ENCAPS_FUNC_ERR EM-1392 %OS-SPAIPC_NETIO-7-PAK_INPUT_FAIL EM-1392 %OS-SPAIPC_NETIO-7-UINT32_GET EM-1392 %OS-SS_LIB-3-BLOCKED EM-1392 %OS-SS_LIB-3-ERROR EM-1393 %OS-SS_LIB-3-MUTEX_REVIVAL EM-1393 %OS-SS_LIB-3-SERVICE_ENTRY_NOT_AVAILABLE EM-1 393 %OS-SS_LIB-3-STRING_LENGTH EM-1393 %OS-SS_LIB-6-INVALID_REQUEST EM-1393 %OS-SS_LIB-6-INVALID_REQUEST_ID EM-1394 %OS-SS_LIB-6-OTHER_LIBRARY_ERROR EM-1394 %OS-SS_LIB-6-WAITING EM-1394 %OS-SS_LIB-7-DEBUG EM-1394 %OS-SSM-2-CFG_FAILED EM-1394 %OS-SSM-3-CONNECT_ATTACH EM-1395 %OS-SSM-3-CONNECT_DETACH EM-1395 %OS-SSM-3-EVM_CREATE EM-1395 %OS-SSM-3-MALLOC_FAILED EM-1395 %OS-SSM-3-MDR_RECOVERY EM-1395 %OS-SSM-3-MSG_SEND_PULSE EM-1396 %OS-SSM-3-PULSE_FAILED EM-1396 %OS-SSM-3-RESTART_FAIL EM-1396 %OS-SSM-3-SHM_OPEN_FAIL EM-1396 %OS-SSM-3-SYSDB_BLOCK_DETECT EM-1396 %OS-SSM-4-MDR_RECOVERY_UNSUPPORTED EM-1397 %OS-SSM-5-CARD_RELOAD EM-1397 %OS-SSM-6-ALARM_CHANGE EM-1397 %OS-SSM-6-NODAL_SERVICE_STATE_CHANGE EM-1397 %OS-SSM-6-RECOVER_FAIL EM-1397 %OS-SSM-6-SERVICE_UNAVAIL EM-1398 %OS-SSM-6-STATE_CHANGE EM-1398 %OS-SSM-6-SYSDB_BLOCK_RECOVER EM-1398 %OS-SSM-6-SYSDB_BLOCK_RECOVER_WAIT EM-1398 %OS-SSM-6-SYSDB_BLOCK_SERVICE EM-1398 %OS-SSM-7-SYSCALL EM-1399 %OS-SSM-7-UNEXPECTED EM-1399 %OS-SYSLOG-7-EVM_CREATE EM-1399 %OS-SYSLOG-7-EVM_EVENT_BLOCK EM-1399 %OS-SYSLOG-7-MISC_ERR EM-1399 %OS-SYSLOG-7-RM_ATTACH EM-1400 %OS-SYSLOG-7-THREAD_CREATE EM-1400 %OS-SYSMGR-0-EMERGENCY EM-1400 %OS-SYSMGR-1-ABORT_WARM_RELOAD EM-1400 %OS-SYSMGR-1-ALERT EM-1400 %OS-SYSMGR-2-CRITICAL EM-1401 %OS-SYSMGR-2-MANAGED_REBOOT EM-1401 %OS-SYSMGR-2-REBOOT EM-1401 %OS-SYSMGR-3-ERROR EM-1401 %OS-SYSMGR-3-FUNCTION EM-1401 %OS-SYSMGR-3-GET_PLACEMENT_LIST EM-1401 %OS-SYSMGR-3-UNEXPECTED EM-1402 %OS-SYSMGR-4-MANDATORY_OFF EM-1402 %OS-SYSMGR-4-MANDATORY_ON EM-1402 %OS-SYSMGR-4-MANDATORY_REBOOT_ABORTED EM- 1402 %OS-SYSMGR-4-MANDATORY_REBOOT_ENABLE EM-14 02 %OS-SYSMGR-4-MANDATORY_REBOOT_OVERRIDE EM- 1402 %OS-SYSMGR-4-PROC_CRASH_JID EM-1403 %OS-SYSMGR-4-PROC_CRASH_NAME EM-1403 %OS-SYSMGR-4-PROC_RESTART_JID EM-1403 %OS-SYSMGR-4-PROC_RESTART_NAME EM-1403 %OS-SYSMGR-4-PROC_SHUTDOWN_JID EM-1403 %OS-SYSMGR-4-PROC_SHUTDOWN_NAME EM-1403 %OS-SYSMGR-4-PROC_START_JID EM-1404 %OS-SYSMGR-4-PROC_START_NAME EM-1404 %OS-SYSMGR-4-UNLINK_NVLOG EM-1404 %OS-SYSMGR-4-WARNING EM-1404 %OS-SYSMGR-5-NOTICE EM-1404Index EM-2678 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %OS-SYSMGR-6-INFO EM-1404 %OS-SYSMGR-7-CHECK_LOG EM-1405 %OS-SYSMGR-7-DEBUG EM-1405 %OS-SYSMGR-7-FUNCTION_PATH EM-1405 %OS-SYSMGR-7-INSTALL_FINISHED EM-1405 %OS-SYSMGR-7-INSTALL_NOTIFICATION EM-1405 %OS-TIMER-3-MGDTIMER EM-1405 %OS-TIMER-3-NO_CHILD EM-1406 %OS-TIMER-3-TIMERNEG EM-1406 %OS-TIMER-3-TW_CREATE_TIMESLICE_TOO_SMALL E M-1406 %OS-TIMER-3-TWCHUNKALLOC EM-1406 %OS-TIMER-3-TWCHUNKFREE EM-1406 %OS-TIMER-3-TWEVMERROR EM-1407 %OS-TIMER-3-TWMUTEXLOCKERROR EM-1407 %OS-TIMER-3-TWMUTEXUNLOCKERROR EM-1407 %OS-TIMER-3-TWNOMEM EM-1407 %OS-TIMER-3-TWOSERROR EM-1407 %OS-TIMER-3-TWTIMERALLOC EM-1408 %OS-TIMER-3-TWTIMERERROR EM-1408 %OS-TZ-3-INTERNAL EM-1408 %OS-TZ-3-LRD EM-1408 %OS-TZ-3-SYSDB EM-1408 %PKT_INFRA-BFM_API-3-FATAL EM-1409 %PKT_INFRA-BFM_API-3-FATAL_2 EM-1409 %PKT_INFRA-BFM_API-3-GEN_INFO EM-1409 %PKT_INFRA-BFM_API-3-INFO EM-1410 %PKT_INFRA-BFM_API-3-MALLOC_FAILED EM-1410 %PKT_INFRA-BFM_API-3-NOT_YET_IMPLEMENTED EM- 1410 %PKT_INFRA-BFM_API-3-USAGE EM-1410 %PKT_INFRA-BFM_API-4-PTCL_TYPE_WRONG EM-1410 %PKT_INFRA-BFM_API-7-DEBUG EM-1411 %PKT_INFRA-BFM-2-UNKNOWN_PLATFORM EM-1411 %PKT_INFRA-BFM-3-BCAST_FAILED EM-1411 %PKT_INFRA-BFM-3-DEGRAD_INFO EM-1411 %PKT_INFRA-BFM-3-EDM EM-1411 %PKT_INFRA-BFM-3-FATAL EM-1412 %PKT_INFRA-BFM-3-FATAL_2 EM-1412 %PKT_INFRA-BFM-3-FATAL_3 EM-1412 %PKT_INFRA-BFM-3-GEN_INFO EM-1412 %PKT_INFRA-BFM-3-MALLOC_FAILED EM-1412 %PKT_INFRA-BFM-3-MSGRPLY_FAILED EM-1413 %PKT_INFRA-BFM-3-NOT_YET_IMPLEMENTED EM-1413 %PKT_INFRA-BFM-3-POOL_STATUS_UNKNOWN EM-1413 %PKT_INFRA-BFM-3-USAGE EM-1413 %PKT_INFRA-BFM-3-WARNING EM-1414 %PKT_INFRA-BFM-4-INIT_ERROR EM-1414 %PKT_INFRA-C12000_FWD_CLIENT_DLL-3-ERR EM-1414 %PKT_INFRA-DM-7-INFO EM-1414 %PKT_INFRA-ENCAP_RM-3-FATAL_ERR EM-1415 %PKT_INFRA-ENCAP_RM-3-MSG_SEND_FAILED EM-1415 %PKT_INFRA-ENCAP_RM-3-NONFATAL_ERR EM-1415 %PKT_INFRA-ENCAP_RM-3-OOR EM-1415 %PKT_INFRA-ENCAP_RM-6-INFO_MSG EM-1416 %PKT_INFRA-ERRDIS-3-AUTO_RECOVERY_RETRY_DISAB LED EM-1416 %PKT_INFRA-ERRDIS-3-AUTO_RECOVERY_RETRY_FAILE D EM-1416 %PKT_INFRA-ERRDIS-3-DEBUG_INIT_FAILED EM-1416 %PKT_INFRA-ERRDIS-3-EVENT_BLOCK EM-1417 %PKT_INFRA-ERRDIS-3-MISCONFIGURED EM-1417 %PKT_INFRA-ERRDIS-3-SYSMGR_FAIL EM-1417 %PKT_INFRA-ERRDIS-4-CFG_CLEANUP_FAILED EM-1417 %PKT_INFRA-ERRDIS-4-CFG_INIT_FAILED EM-1417 %PKT_INFRA-ERRDIS-4-COULD_NOT_GET_NODEID EM- 1418 %PKT_INFRA-ERRDIS-4-DEBUG_CLEANUP_FAILED EM- 1418 %PKT_INFRA-ERRDIS-4-DEBUG_CLEANUP_FAILED EM- 1418 %PKT_INFRA-ERRDIS-4-EVM_CLEANUP_FAILED EM-141 8 %PKT_INFRA-ERRDIS-4-EVM_INIT_FAILED EM-1418 %PKT_INFRA-ERRDIS-4-PROC_READY_FAILED EM-1419 %PKT_INFRA-ERRDIS-6-ERROR_DISABLE EM-1419 %PKT_INFRA-FEA_DLL-2-PRM_SSH_ERR EM-1419 %PKT_INFRA-FEA_DLL-3-CHKPT_ERR EM-1419 %PKT_INFRA-FEA_DLL-3-MSTATS_ALLOC_ERR EM-1420 %PKT_INFRA-FEA_DLL-3-MSTATS_ALLOC_ERR EM-1420 %PKT_INFRA-FEA_DLL-3-MSTATS_ERR EM-1420 %PKT_INFRA-FEA_DLL-3-MSTATS_ERR EM-1420 %PKT_INFRA-FEA_DLL-3-PRM_INIT_ERR EM-1421 %PKT_INFRA-FEA_DLL-3-REPRGM_ERROR EM-1421 %PKT_INFRA-FEA_DLL-3-REPRGM_ERROR EM-1421 %PKT_INFRA-FEA_DLL-3-REPRGM_ERROR EM-1421 %PKT_INFRA-FEA_DLL-3-STATS_ALLOC_ERR EM-1422 %PKT_INFRA-FEA_DLL-3-STATS_ERR EM-1422 %PKT_INFRA-FEA_DLL-3-TCAM_ERR EM-1422 %PKT_INFRA-FEA_DLL-3-TCAM_ERR EM-1422 %PKT_INFRA-FEA_DLL-3-TCAM_LIMIT EM-1422 %PKT_INFRA-FEA_DLL-3-TCAM_LIMIT EM-1423 %PKT_INFRA-FEA_DLL-3-UIDB_ERR EM-1423 %PKT_INFRA-FEA_DLL-3-UIDB_ERR EM-1423 %PKT_INFRA-FEA_DLL-3-UIDB_ERR EM-1424 %PKT_INFRA-FEA_DLL-4-TCAM_ERR EM-1424 %PKT_INFRA-FINT_N2N_NETIO-3-SET_MAPPING_FAILED EM-1424 %PKT_INFRA-FM-2-INFRA_FAIL EM-1425 %PKT_INFRA-FM-3-BACKEND_EDM_DATALIST EM-1425 %PKT_INFRA-FM-3-BACKEND_EDM_GET EM-1425 %PKT_INFRA-FM-3-DATAPATH_CONTROL_FAILED EM-1 425 %PKT_INFRA-FM-3-EDM_REGISTER_FAILED EM-1426 %PKT_INFRA-FM-3-ERR_BAG EM-1426 %PKT_INFRA-FM-3-ERR_INVALID_ARGS EM-1426 %PKT_INFRA-FM-3-ERR_MALLOC EM-1426 %PKT_INFRA-FM-3-ERR_SYSDB EM-1426 %PKT_INFRA-FM-3-EVENT_CONN_CREATE EM-1427 %PKT_INFRA-FM-3-EVENT_CONN_NOTIFY EM-1427 %PKT_INFRA-FM-3-EVENT_CONN_OPEN_ALL EM-1427 %PKT_INFRA-FM-3-IM_API_FAILED EM-1427 %PKT_INFRA-FM-3-INIT_ERROR EM-1428 %PKT_INFRA-FM-6-INFO_GENERAL EM-1428 %PKT_INFRA-FMGR-3-MATCH_TYPE_IN_ACL_NOT_SUPP ORTED EM-1428Index EM-2679 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PKT_INFRA-FMGR-3-MATCH_TYPE_IN_ACL_NOT_SUPP ORTED EM-1429 %PKT_INFRA-FMGR-3-SUB_ID_MSG_TOO_LARGE EM-14 29 %PKT_INFRA-FMGR-3-SUB_ID_MSG_TOO_LARGE EM-14 29 %PKT_INFRA-FMGR-3-TCAM_MGR_ERROR EM-1430 %PKT_INFRA-FMGR-3-TCAM_MGR_ERROR EM-1430 %PKT_INFRA-FMGR-3-TCAM_MGR_QOSID_ALLOC_ERRO R EM-1430 %PKT_INFRA-FMGR-4-UIDB_SET_WARNING EM-1430 %PKT_INFRA-FMGR-4-UIDB_SET_WARNING EM-1431 %PKT_INFRA-FMGR-7-INIT_ERROR EM-1431 %PKT_INFRA-FMGR-7-INIT_ERROR EM-1432 %PKT_INFRA-FWD_BASE_NETIO-3-ERR_MEM_ALLOC E M-1432 %PKT_INFRA-FWD_BASE_NETIO-5-INCORRECT_SAVE_DA TA_LEN EM-1432 %PKT_INFRA-FWD_BASE_NETIO-5-UNSUP_MAJOR_VERSI ON EM-1432 %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED EM- 1433 %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED EM- 1433 %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED EM- 1433 %PKT_INFRA-FWD_NETIO_DLL-3-ATTACH_FAILED EM- 1433 %PKT_INFRA-FWD_NETIO_DLL-3-BAD_COMMAND_RESU LT EM-1433 %PKT_INFRA-FWD_NETIO_DLL-3-BAD_COMMAND_RESU LT EM-1434 %PKT_INFRA-FWD_NETIO_DLL-3-BMA_OUT_OF_SEQUEN CE EM-1434 %PKT_INFRA-FWD_NETIO_DLL-3-BMA_OUT_OF_SEQUEN CE EM-1434 %PKT_INFRA-FWD_NETIO_DLL-3-EGRESSQ_CREATE_FAI LED EM-1434 %PKT_INFRA-FWD_NETIO_DLL-3-EGRESSQ_CREATE_FAI LED EM-1434 %PKT_INFRA-FWD_NETIO_DLL-3-ERR_MEM_ALLOC EM -1435 %PKT_INFRA-FWD_NETIO_DLL-3-ERROR EM-1435 %PKT_INFRA-FWD_NETIO_DLL-3-FABRICQ_CREATE_FAI LED EM-1435 %PKT_INFRA-FWD_NETIO_DLL-3-FABRICQ_CREATE_FAI LED EM-1435 %PKT_INFRA-FWD_NETIO_DLL-3-FATAL EM-1435 %PKT_INFRA-FWD_NETIO_DLL-3-FATAL EM-1436 %PKT_INFRA-FWD_NETIO_DLL-3-FATAL EM-1436 %PKT_INFRA-FWD_NETIO_DLL-3-FATAL_2 EM-1436 %PKT_INFRA-FWD_NETIO_DLL-3-FATAL_2 EM-1436 %PKT_INFRA-FWD_NETIO_DLL-3-FATAL_2 EM-1437 %PKT_INFRA-FWD_NETIO_DLL-3-GET_CTX_ERR EM-143 7 %PKT_INFRA-FWD_NETIO_DLL-3-GET_CTX_ERR EM-143 7 %PKT_INFRA-FWD_NETIO_DLL-3-HSRMODE EM-1437 %PKT_INFRA-FWD_NETIO_DLL-3-HSRMODE EM-1438 %PKT_INFRA-FWD_NETIO_DLL-3-IDB_CTX_NULL EM-14 38 %PKT_INFRA-FWD_NETIO_DLL-3-IDB_CTX_NULL EM-14 38 %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB EM-1 438 %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB EM-1 438 %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB EM-1 439 %PKT_INFRA-FWD_NETIO_DLL-3-INCORRECT_IDB EM-1 439 %PKT_INFRA-FWD_NETIO_DLL-3-INFO EM-1439 %PKT_INFRA-FWD_NETIO_DLL-3-INFO EM-1439 %PKT_INFRA-FWD_NETIO_DLL-3-INGRESSQ_CREATE_FA ILED EM-1439 %PKT_INFRA-FWD_NETIO_DLL-3-INGRESSQ_CREATE_FA ILED EM-1440 %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PLIM_PORT EM-1440 %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PLIM_PORT EM-1440 %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PORT EM-14 40 %PKT_INFRA-FWD_NETIO_DLL-3-INVALID_PORT EM-14 40 %PKT_INFRA-FWD_NETIO_DLL-3-MALLOC_FAILED EM- 1441 %PKT_INFRA-FWD_NETIO_DLL-3-MALLOC_FAILED EM- 1441 %PKT_INFRA-FWD_NETIO_DLL-3-MALLOC_FAILED EM- 1441 %PKT_INFRA-FWD_NETIO_DLL-3-MISSING_IDB EM-1441 %PKT_INFRA-FWD_NETIO_DLL-3-MISSING_IDB EM-1441 %PKT_INFRA-FWD_NETIO_DLL-3-MUTEXOPFAIL EM-144 2 %PKT_INFRA-FWD_NETIO_DLL-3-MUTEXOPFAIL EM-144 2 %PKT_INFRA-FWD_NETIO_DLL-3-NETIO_IDB_UNAVAILA BLE EM-1442 %PKT_INFRA-FWD_NETIO_DLL-3-NETIO_IDB_UNAVAILA BLE EM-1442 %PKT_INFRA-FWD_NETIO_DLL-3-NO_OUTSTANDING_BM A_REQ EM-1442 %PKT_INFRA-FWD_NETIO_DLL-3-NO_OUTSTANDING_BM A_REQ EM-1443 %PKT_INFRA-FWD_NETIO_DLL-3-NOT_YET_IMPLEMENT ED EM-1443 %PKT_INFRA-FWD_NETIO_DLL-3-NOT_YET_IMPLEMENT ED EM-1443 %PKT_INFRA-FWD_NETIO_DLL-3-NOT_YET_IMPLEMENT ED EM-1443 %PKT_INFRA-FWD_NETIO_DLL-3-PAK_PROC_ERR EM-1 444 %PKT_INFRA-FWD_NETIO_DLL-3-PAK_PROC_ERR EM-1 444 %PKT_INFRA-FWD_NETIO_DLL-3-QAD_EGRESS_Q_LOOKIndex EM-2680 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 UP_ERR EM-1444 %PKT_INFRA-FWD_NETIO_DLL-3-QAD_EGRESS_Q_LOOK UP_ERR EM-1444 %PKT_INFRA-FWD_NETIO_DLL-3-QAD_Q_PRODUCE_FAIL ED EM-1444 %PKT_INFRA-FWD_NETIO_DLL-3-QAD_Q_PRODUCE_FAIL ED EM-1445 %PKT_INFRA-FWD_NETIO_DLL-3-QAD_RX_THREAD_ERR EM-1445 %PKT_INFRA-FWD_NETIO_DLL-3-QAD_RX_THREAD_ERR EM-1445 %PKT_INFRA-FWD_NETIO_DLL-3-SET_INPUT_IF_ERR E M-1445 %PKT_INFRA-FWD_NETIO_DLL-3-SET_INPUT_IF_ERR E M-1445 %PKT_INFRA-FWD_NETIO_DLL-4-MISSING_IDB EM-1446 %PKT_INFRA-FWD_NETIO_DLL-5-UNEXPECTED_PKT E M-1446 %PKT_INFRA-FWD_NETIO_DLL-6-INFO EM-1446 %PKT_INFRA-FWD_TP_NETIO-3-DEBUG_FAIL EM-1446 %PKT_INFRA-FWD_TP_NETIO-3-DEBUG_GET_EVM_FAIL EM-1447 %PKT_INFRA-FWD_TP_NETIO-5-DEBUG_CLEANUP_FAIL EM-1447 %PKT_INFRA-FWD-3-CAPS_ADD_FAIL EM-1447 %PKT_INFRA-FWD-3-CHKPT_SAVE_ERR EM-1448 %PKT_INFRA-FWD-3-FATAL EM-1448 %PKT_INFRA-FWD-3-USAGE EM-1448 %PKT_INFRA-FWD-4-NOT_YET_IMPLEMENTED EM-1448 %PKT_INFRA-FWD-6-IFMGR_REPLY_FAIL EM-1449 %PKT_INFRA-FWD-7-SPECIFY_PLIM_INTERFACE_RETRIE S_COMPLETE EM-1449 %PKT_INFRA-FWD-7-SPECIFY_PLIM_INTERFACE_RETRY_ QUEUED EM-1449 %PKT_INFRA-HFR_FWD-3-FATAL EM-1449 %PKT_INFRA-HFR_FWD-3-FATAL_2 EM-1450 %PKT_INFRA-HFR_FWD-3-GEN_INFO EM-1450 %PKT_INFRA-HFR_FWD-3-INFO EM-1450 %PKT_INFRA-HFR_FWD-3-MALLOC_FAILED EM-1450 %PKT_INFRA-HFR_FWD-3-NOT_YET_IMPLEMENTED EM -1450 %PKT_INFRA-HFR_FWD-3-USAGE EM-1451 %PKT_INFRA-HFR_PFI-3-SET_GLOBALS_FAILED EM-145 1 %PKT_INFRA-HFR_PFI-3-SET_GLOBALS_FAILED EM-145 1 %PKT_INFRA-IFMGR_ENCAP-3-BC_ERR EM-1451 %PKT_INFRA-IFMGR_ENCAP-3-INIT_ERR EM-1452 %PKT_INFRA-IFMGR_ENCAP-3-SYSDB_ERR EM-1452 %PKT_INFRA-IFMGR-3-CAPS_DELETE EM-1452 %PKT_INFRA-IFMGR-3-GSP_SEND_FAILED EM-1452 %PKT_INFRA-IFMGR-3-INIT EM-1453 %PKT_INFRA-IFMGR-3-MISSING_RULES EM-1453 %PKT_INFRA-IFMGR-3-RDQ_CLIENT_SEND_FAILED EM- 1453 %PKT_INFRA-IFMGR-3-RDQ_SERVER_SEND_FAILED EM -1453 %PKT_INFRA-IFMGR-3-RULES_DUPLICATE_ID EM-1454 %PKT_INFRA-IFMGR-3-RULES_NO_ID EM-1454 %PKT_INFRA-IFMGR-4-CAPS_NOT_ALLOWED EM-1454 %PKT_INFRA-IFMGR-4-CLIENT_API_ABUSE EM-1454 %PKT_INFRA-IFMGR-4-IIR_ID_CONFLICT EM-1455 %PKT_INFRA-IFMGR-4-LWM_UNEXPECTED_ERROR EM- 1455 %PKT_INFRA-IFMGR-4-MTU_RANGE EM-1455 %PKT_INFRA-IFMGR-4-NB_DPC_DOWNLOAD_ERROR E M-1455 %PKT_INFRA-IFMGR-6-GSP_SEND_RETRY EM-1456 %PKT_INFRA-IFMGR-6-IMPLICIT_DOWNLOAD_FAIL EM -1456 %PKT_INFRA-IFMGR-6-LWM_UNEXPECTED_PULSE EM- 1456 %PKT_INFRA-IFMGR-6-MUTEX_MONITOR_EVENT_REGIS TER EM-1456 %PKT_INFRA-IFMGR-6-OUT_OF_MEMORY EM-1457 %PKT_INFRA-IFMGR-6-PREMATURE_OP EM-1457 %PKT_INFRA-IFMGR-6-SYSTEM_ERR EM-1457 %PKT_INFRA-IMAEDM-3-EVENT_CONN_CREATE_FAILED EM-1457 %PKT_INFRA-IMAEDM-3-EVENT_CONN_NOTIFY_FAILED EM-1458 %PKT_INFRA-IMAEDM-3-EVENT_CONN_OPEN_ALL_FAIL ED EM-1458 %PKT_INFRA-IMAEDM-3-INTERNAL_ERR EM-1458 %PKT_INFRA-IMAEDM-3-SYSMGR_PROC_READY_FAILED EM-1458 %PKT_INFRA-IMAEDM-3-TIMER_CREATE_FAILED EM-1 458 %PKT_INFRA-IMAEDM-7-BAG_REG_FAILED EM-1459 %PKT_INFRA-IMAEDM-7-DEBUG_INIT_EVENT EM-1459 %PKT_INFRA-IMAEDM-7-DEBUG_REGISTER EM-1459 %PKT_INFRA-IMAEDM-7-EDM_INIT_FAILED EM-1459 %PKT_INFRA-IMAEDM-7-EVM_CREATE_FAILED EM-146 0 %PKT_INFRA-IMATTR-3-DUPLICATE EM-1460 %PKT_INFRA-IMATTR-3-NOTIFY_FAILED EM-1460 %PKT_INFRA-IMATTR-3-SET_REPLY_FAILED EM-1460 %PKT_INFRA-IMATTR-3-UNKNOWN_PULSE EM-1461 %PKT_INFRA-INTERFACE_CONFIG-3-SET_DEFAULT_ERR EM-1461 %PKT_INFRA-INTERFACE_CONFIG-3-SET_ERR EM-1461 %PKT_INFRA-INTERFACE_CONFIG-4-EVENT_BLOCK_ERR OR EM-1462 %PKT_INFRA-INTERFACE_CONFIG-4-INIT_FAILURE EM- 1462 %PKT_INFRA-INTF_MGBL-7-INIT_FAILED EM-1462 %PKT_INFRA-LINEPROTO-5-UPDOWN EM-1462 %PKT_INFRA-LINK-3-UPDOWN EM-1463 %PKT_INFRA-LINK-4-BERTADMINDOWN EM-1463 %PKT_INFRA-LINK-4-BERTNOTRUNNING EM-1463 %PKT_INFRA-LINK-4-BERTRESTART EM-1463 %PKT_INFRA-LINK-4-BERTSTART EM-1463 %PKT_INFRA-LINK-4-BERTSTATUS EM-1463 %PKT_INFRA-LINK-5-CHANGED EM-1464 %PKT_INFRA-LPTS_PA_FGID_DB-3-INFRA_ERR EM-1464 %PKT_INFRA-LPTS_PA_FGID_DB-3-INFRA_ERR EM-1464Index EM-2681 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PKT_INFRA-netio_debug-3-INIT_FAILED EM-1464 %PKT_INFRA-netio_debug-4-ASYNC_HANDLER EM-1465 %PKT_INFRA-NETIO-3-ERR_ARP EM-1465 %PKT_INFRA-NETIO-3-ERR_INIT EM-1465 %PKT_INFRA-NETIO-3-ERR_MEDIA_REGISTER EM-1465 %PKT_INFRA-NETIO-3-ERR_PACKET_INPUT EM-1466 %PKT_INFRA-NETIO-3-ERR_RESYNC EM-1466 %PKT_INFRA-NETIO-3-LTRACE_INIT EM-1466 %PKT_INFRA-NETIO-3-PAK_NETIO_MUTEX_LOCK EM-1 466 %PKT_INFRA-NETIO-3-SCRIPT_ERR_MEM_ALLOC EM-14 67 %PKT_INFRA-NETIO-3-SCRIPT_FAIL EM-1467 %PKT_INFRA-NETIO-3-SELFMANAGE_FAILURE EM-1467 %PKT_INFRA-NETIO-4-BAD_PACKET EM-1467 %PKT_INFRA-NETIO-4-SCRIPT_WARNING EM-1468 %PKT_INFRA-NETIO-5-SELFMANAGE_UPGRADE_NOTICE EM-1468 %PKT_INFRA-NETIO-6-ERR_THREAD_MUTEX EM-1468 %PKT_INFRA-NETIO-6-SELFMANAGE_INFO EM-1468 %PKT_INFRA-NETIO-7-ERR_CREATE_IDB EM-1469 %PKT_INFRA-NETIO-7-ERR_DELETE_IDB_SUBBLOCK E M-1469 %PKT_INFRA-NETIO-7-ERR_DELETE_IDB_SUBINTF EM-1 469 %PKT_INFRA-NETIO-7-ERR_DELETE_IDB_SUBINTF_ASSO C EM-1470 %PKT_INFRA-NETIO-7-ERROR_INIT EM-1470 %PKT_INFRA-PAK_CAPTURE-4-ECC_ERROR EM-1470 %PKT_INFRA-PAK_CAPTURE-4-ECC_ERROR EM-1471 %PKT_INFRA-PAK-3-DEBUGINITFAIL EM-1471 %PKT_INFRA-PAK-3-PTCL_LIST_NOT_NULL EM-1471 %PKT_INFRA-PAK-7-EXCEPTION_LITE EM-1471 %PKT_INFRA-PAK-7-GETNODENAMEFAIL EM-1472 %PKT_INFRA-PAK-7-SPP_TRYMAP EM-1472 %PKT_INFRA-PAKPLATFORM-3-CONNECTFAIL EM-1472 %PKT_INFRA-PAKPLATFORM-6-REGION_TOO_BIG EM-1 472 %PKT_INFRA-PAKPLATFORM-6-SENDFAIL EM-1473 %PKT_INFRA-PAKSRV-2-ERR_MUTEX_REVIVAL EM-147 3 %PKT_INFRA-PAKSRV-2-MEMUTILMAPFAIL EM-1473 %PKT_INFRA-PAKSRV-3-BADPAK EM-1473 %PKT_INFRA-PAKSRV-3-DIAGFAIL EM-1474 %PKT_INFRA-PAKSRV-3-ERR_MEM_ALLOC EM-1474 %PKT_INFRA-PAKSRV-7-BADPTCL_DUMP EM-1474 %PKT_INFRA-PAKSRV-7-BCASTFAIL EM-1474 %PKT_INFRA-PAKSRV-7-CHANCREATEFAIL EM-1474 %PKT_INFRA-PAKSRV-7-CHUNKCREATEFAIL EM-1475 %PKT_INFRA-PAKSRV-7-CONDWAITFAIL EM-1475 %PKT_INFRA-PAKSRV-7-DEBUGINITFAIL EM-1475 %PKT_INFRA-PAKSRV-7-DEQUEUEFAIL EM-1475 %PKT_INFRA-PAKSRV-7-ENQUEUEFAIL EM-1475 %PKT_INFRA-PAKSRV-7-ERR_CHKPT_OP EM-1476 %PKT_INFRA-PAKSRV-7-ERR_EVM_ATTACH EM-1476 %PKT_INFRA-PAKSRV-7-ERR_MUTEX_INIT EM-1476 %PKT_INFRA-PAKSRV-7-ERR_MUTEX_MONREG EM-1476 %PKT_INFRA-PAKSRV-7-ERR_MUTEX_OP EM-1476 %PKT_INFRA-PAKSRV-7-ERR_THREAD_ATTR_SET EM-1 477 %PKT_INFRA-PAKSRV-7-ERR_THREAD_CREATE EM-147 7 %PKT_INFRA-PAKSRV-7-ERR_THREAD_DETACH EM-147 7 %PKT_INFRA-PAKSRV-7-FSVFAIL EM-1477 %PKT_INFRA-PAKSRV-7-GET_RENDEZVOUS EM-1477 %PKT_INFRA-PAKSRV-7-GETPIDFAIL EM-1478 %PKT_INFRA-PAKSRV-7-HSSDFAIL EM-1478 %PKT_INFRA-PAKSRV-7-INITFAIL EM-1478 %PKT_INFRA-PAKSRV-7-MSGREPLYFAIL EM-1478 %PKT_INFRA-PAKSRV-7-PAKBCASTFAIL EM-1478 %PKT_INFRA-PAKSRV-7-PARTICLEINITFAIL EM-1479 %PKT_INFRA-PAKSRV-7-QSM_ADD_SERVICE EM-1479 %PKT_INFRA-PAKSRV-7-SIGALRM EM-1479 %PKT_INFRA-PAKSRV-7-SIGNAL EM-1479 %PKT_INFRA-PAKSRV-7-SYSMGR_GET_NODE_STATE E M-1479 %PKT_INFRA-PAKSRV-7-TIMER EM-1479 %PKT_INFRA-PAKWATCH-6-DOUBLE_FREE EM-1480 %PKT_INFRA-PAKWATCH-6-HEADER_CORRUPTION EM -1480 %PKT_INFRA-PAKWATCH-6-INFO EM-1480 %PKT_INFRA-PAKWATCH-6-INFO_BODY EM-1480 %PKT_INFRA-PAKWATCH-6-INFO_HEAD EM-1481 %PKT_INFRA-PAKWATCH-6-TRACEBACK EM-1481 %PKT_INFRA-PAKWATCH-6-USER_INFO EM-1481 %PKT_INFRA-PAKWATCH-6-USER_INFO2 EM-1481 %PKT_INFRA-PFI_IFH-4-FAIL EM-1481 %PKT_INFRA-PFI-3-ASSERT EM-1482 %PKT_INFRA-PLATFORM_C12000_NETIO_LIB-4-FINT_IDB _NOT_FOUND EM-1482 %PKT_INFRA-PLATFORM_C12000_NETIO_LIB-4-GET_MYN ODEID_FAIL EM-1482 %PKT_INFRA-PLATFORM_C12000_NETIO_LIB-4-GET_PPIN DEX_INFO_FAIL EM-1482 %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-FINT_IDB_N OT_FOUND EM-1483 %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-FINT_IDB_N OT_FOUND EM-1483 %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-GET_MYNO DEID_FAIL EM-1483 %PKT_INFRA-PLATFORM_HFR_NETIO_LIB-4-GET_MYNO DEID_FAIL EM-1483 %PKT_INFRA-PLATFORM_PFI-4-IFHANDLE_DECODE EM -1484 %PKT_INFRA-PLATFORM_PFI-4-INIT EM-1484 %PKT_INFRA-PLATFORM_VKG_NETIO_LIB-4-FINT_IDB_N OT_FOUND EM-1484 %PKT_INFRA-PLATFORM_VKG_NETIO_LIB-4-GET_MYNO DEID_FAIL EM-1484 %PKT_INFRA-PLATFORM_VKG_PFI_LIB-3-SET_GLOBALS_ FAILED EM-1485 %PKT_INFRA-PQMON-6-QUEUE_DROP EM-1485 %PKT_INFRA-PQMON-6-QUEUE_HIGH_THRESH EM-1485 %PKT_INFRA-PQMON-6-QUEUE_LOW_THRESH EM-1485 %PKT_INFRA-spp-0-EMERG EM-1486Index EM-2682 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PKT_INFRA-spp-1-ALERT EM-1486 %PKT_INFRA-spp-2-CRIT EM-1486 %PKT_INFRA-spp-3-ERR EM-1486 %PKT_INFRA-spp-4-WARNING EM-1486 %PKT_INFRA-spp-5-NOTICE EM-1487 %PKT_INFRA-spp-6-INFO EM-1487 %PKT_INFRA-spp-6-INFO_TRACEBACK EM-1487 %PKT_INFRA-spp-7-DEBUG EM-1487 %PKT_INFRA-SVII_ADJ_LIB-3-ADJ_DATA_CORRUPT EM -1487 %PKT_INFRA-SVII_ADJ_LIB-3-FOLLOW_STANDBY_MISM ATCH EM-1488 %PKT_INFRA-SVII_ADJ_LIB-3-INIT_FAILED EM-1488 %PKT_INFRA-SVII_ADJ_LIB-3-SERVICE_FAILED EM-1488 %PKT_INFRA-SVII_ADJ_LIB-4-INTF_DB_INCONSISTENT EM-1489 %PKT_INFRA-SVII_ADJ_LIB-4-REFRESH_FAILED EM-148 9 %PKT_INFRA-SVII_ADJ_LIB-4-RESTART_FAILED EM-148 9 %PKT_INFRA-SVII_ADJ_LIB-4-SDIR_INVALID EM-1489 %PKT_INFRA-SVII_ADJ_LIB-4-SRV_CLEANUP_FAILED E M-1490 %PKT_INFRA-SVII_ADJ_MGR-3-ADJ_FAILED EM-1490 %PKT_INFRA-SVII_ADJ_MGR-3-ECM_ERROR_FAILED E M-1490 %PKT_INFRA-SVII_ADJ_MGR-3-INIT_FAILED EM-1491 %PKT_INFRA-SVII_ADJ_MGR-3-LOOP_FAILED EM-1491 %PKT_INFRA-SVII_ADJ_MGR-3-RECEIVE_MESSAGE EM- 1491 %PKT_INFRA-SVII_ADJ_MGR-3-SYSMGR EM-1491 %PKT_INFRA-SVII_ADJ_MGR-4-RESTART EM-1492 %PKT_INFRA-SVII_ADJ_MGR-6-CERRNO_FAILED EM-149 2 %PKT_INFRA-TCAM_MGR_LIB-3-INTERNAL_ERR EM-149 2 %PKT_INFRA-TCAM_MGR_LIB-3-INTERNAL_ERR EM-149 2 %PKT_INFRA-TCAM_MGR_LIB-3-V6_CMPR_FAILED EM- 1493 %PKT_INFRA-TCAM_MGR_LIB-6-V6_CMPR_FAILED EM- 1493 %PKT_INFRA-TCAM_MGR-3-INTERNAL_ERR EM-1493 %PKT_INFRA-TCAM_MGR-3-INTERNAL_ERR EM-1494 %PKT_INFRA-TCAM_MGR-6-V6_ANCHOR_PREFIX EM-14 94 %PKT_INFRA-tunnel_ea-3-DEBUG_INIT_FAILED EM-1494 %PKT_INFRA-tunnel_ea-3-DEBUG_INIT_FAILED EM-1494 %PKT_INFRA-tunnel_ea-3-DEBUG_INIT_FAILED EM-1495 %PKT_INFRA-tunnel_ea-3-EVENT_BLOCK_FAILED EM-149 5 %PKT_INFRA-tunnel_ea-3-EVENT_BLOCK_FAILED EM-149 5 %PKT_INFRA-tunnel_ea-3-EVENT_BLOCK_FAILED EM-149 5 %PKT_INFRA-tunnel_ea-3-EVM_CREATE_FAILED EM-1495 %PKT_INFRA-tunnel_ea-3-EVM_CREATE_FAILED EM-1496 %PKT_INFRA-tunnel_ea-3-EVM_CREATE_FAILED EM-1496 %PKT_INFRA-tunnel_ea-3-IMP_INIT_FAILED EM-1496 %PKT_INFRA-tunnel_ea-3-IMP_INIT_FAILED EM-1496 %PKT_INFRA-tunnel_ea-3-IMP_INIT_FAILED EM-1496 %PKT_INFRA-tunnel_ea-3-PLATFORM_MANAGER_ERROR EM-1497 %PKT_INFRA-tunnel_ea-3-PLATFORM_MANAGER_ERROR EM-1497 %PKT_INFRA-tunnel_ea-3-PLATFORM_MANAGER_ERROR EM-1497 %PKT_INFRA-tunnel_ea-3-PROC_READY_FAILED EM-1497 %PKT_INFRA-tunnel_ea-3-PROC_READY_FAILED EM-1497 %PKT_INFRA-tunnel_ea-3-PROC_READY_FAILED EM-1498 %PKT_INFRA-tunnel_ea-3-STATS_INIT_FAILED EM-1498 %PKT_INFRA-tunnel_ea-3-STATS_INIT_FAILED EM-1498 %PKT_INFRA-tunnel_ea-3-STATS_INIT_FAILED EM-1498 %PKT_INFRA-TUNNEL-1-RESOURCES EM-1498 %PKT_INFRA-TUNNEL-3-API_ERR EM-1499 %PKT_INFRA-TUNNEL-3-API_ERROR EM-1499 %PKT_INFRA-TUNNEL-3-API_ERROR_2 EM-1499 %PKT_INFRA-TUNNEL-3-BAD_CHAIN EM-1499 %PKT_INFRA-TUNNEL-3-BAD_CHECKSUM EM-1499 %PKT_INFRA-TUNNEL-3-BAD_KEY EM-1500 %PKT_INFRA-TUNNEL-3-CONFIG_SCAN_FAILED EM-150 0 %PKT_INFRA-TUNNEL-3-CURRENT_MAXIMUM_HIGH E M-1500 %PKT_INFRA-TUNNEL-3-CURRENT_MAXIMUM_LOW E M-1500 %PKT_INFRA-TUNNEL-3-CURRENT_MAXIMUM_REACHE D EM-1500 %PKT_INFRA-TUNNEL-3-GENERIC EM-1501 %PKT_INFRA-TUNNEL-3-IM_ERR EM-1501 %PKT_INFRA-TUNNEL-3-IMP_ERROR EM-1501 %PKT_INFRA-TUNNEL-3-INIT_FAIL EM-1501 %PKT_INFRA-TUNNEL-3-INVALID_IDB EM-1501 %PKT_INFRA-TUNNEL-3-LOOPING EM-1502 %PKT_INFRA-TUNNEL-3-NEGATIVE_CURRENT_COUNT EM-1502 %PKT_INFRA-TUNNEL-3-NO_IDB EM-1502 %PKT_INFRA-TUNNEL-3-NO_INTERFACE EM-1502 %PKT_INFRA-TUNNEL-3-NULL_DPC EM-1502 %PKT_INFRA-TUNNEL-3-NULL_NEXT EM-1503 %PKT_INFRA-TUNNEL-3-ROUTING EM-1503 %PKT_INFRA-TUNNEL-3-SEQUENCE EM-1503 %PKT_INFRA-TUNNEL-3-SOCKET EM-1503 %PKT_INFRA-TUNNEL-3-UNKNOWN_GRE_TUNNEL EM- 1503 %PKT_INFRA-TUNNEL-3-UNKNOWN_HANDLE EM-1504 %PKT_INFRA-TUNNEL-3-UNKNOWN_IPIP_TUNNEL EM-1 504 %PKT_INFRA-TUNNEL-3-UNKNOWN_MSG EM-1504 %PKT_INFRA-TUNNEL-3-UNKNOWN_PROTOCOL EM-150 4 %PKT_INFRA-TUNNEL-3-UNSUPPORTED_CODE_RCVD E M-1504 %PKT_INFRA-TUNNEL-3-UNSUPPORTED_PROTOCOL E M-1505 %PKT_INFRA-TUNNEL-3-VERSION EM-1505Index EM-2683 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PKT_INFRA-TUNNEL-3-ZERO_HEADER EM-1505 %PKT_INFRA-TUNNEL-6-DEBUG_ERROR EM-1505 %PKT_INFRA-TUNNEL-7-IFACE_NOT_UP EM-1505 %PKT_INFRA-VI_REPL-3-ISSU EM-1506 %PKT_INFRA-VI_REPL-3-NAMESTRING EM-1506 %PKT_INFRA-VI_REPL-3-REPLICATE EM-1506 %PKT_INFRA-VI_REPL-7-EVENT EM-1506 %PKT_INFRA-VI_REPL-7-INIT EM-1507 %PKT_INFRA-vkg_FWD_CLIENT_DLL-3-ERR EM-1507 %PLATFORM-ALPHA_DISPLAY-3-INIT_ERROR EM-1509 %PLATFORM-ALPHA_DISPLAY-6-CHANGE EM-1509 %PLATFORM-ALPHA_DISPLAY-6-CHANGE EM-1510 %PLATFORM-ALPHA_DISPLAY-6-CHANGE EM-1510 %PLATFORM-ALPHA_DISPLAY-6-CHANGE EM-1510 %PLATFORM-ALPHA_DISPLAY-7-EVENT_ERROR EM-151 0 %PLATFORM-ASM-0-FAULT_RECOVERY_ERR EM-1511 %PLATFORM-ASM-0-SW_INIT_ERR EM-1511 %PLATFORM-ASM-3-BADDESC_ERR EM-1512 %PLATFORM-ASM-3-CRC_ERR EM-1512 %PLATFORM-ASM-3-DEVICE_HALT EM-1512 %PLATFORM-ASM-3-FATAL EM-1512 %PLATFORM-ASM-3-FATAL_2 EM-1513 %PLATFORM-ASM-3-FIA_INTFERR EM-1513 %PLATFORM-ASM-3-FIA_PARITYERR EM-1513 %PLATFORM-ASM-3-FQEMPTY_ERR EM-1513 %PLATFORM-ASM-3-FQEMPTY_ERR EM-1514 %PLATFORM-ASM-3-GEN_INFO EM-1514 %PLATFORM-ASM-3-HWINIT_INCOMPLETE EM-1514 %PLATFORM-ASM-3-INFO EM-1514 %PLATFORM-ASM-3-INTR_ENABLE_FAIL EM-1514 %PLATFORM-ASM-3-INTR_STATUS_GET_ERR EM-1515 %PLATFORM-ASM-3-MALLOC_FAILED EM-1515 %PLATFORM-ASM-3-NOT_AVAILABLE EM-1515 %PLATFORM-ASM-3-NOT_OPERATIONAL EM-1515 %PLATFORM-ASM-3-NOT_YET_IMPLEMENTED EM-1515 %PLATFORM-ASM-3-RESET_ERR EM-1516 %PLATFORM-ASM-4-BADDESC_ERR EM-1516 %PLATFORM-ASM-6-UNHANDLED_HALT EM-1516 %PLATFORM-ASM-6-UNHANDLED_INTR EM-1516 %PLATFORM-BCM_SWITCH-2-LINK_SHUT_DOWN EM-15 17 %PLATFORM-BCM_SWITCH-2-LINK_STATE_CHANGE E M-1517 %PLATFORM-BCM_SWITCH-2-PCI_ERR EM-1517 %PLATFORM-BCM_SWITCH-6-LINK_STATE_CHANGE E M-1517 %PLATFORM-BCM_SWITCH-7-PCI_ERR EM-1517 %PLATFORM-BE2-3-ERR_INIT EM-1518 %PLATFORM-BE2-3-ERR_MEM_ALLOC EM-1518 %PLATFORM-BE2-5-ERR_CONT EM-1518 %PLATFORM-BE2-7-ERR_EVM_CREATE EM-1518 %PLATFORM-BE2-7-ERR_EVM_NOTIFY EM-1519 %PLATFORM-BE2-7-ERR_EXIT EM-1519 %PLATFORM-BE2-7-ERR_LWM_EVENT_BLOCK EM-1519 %PLATFORM-BE2-7-ERR_LWM_REPLY EM-1519 %PLATFORM-BP_SERVER-3-ERR_DSC_ELECTION EM-15 20 %PLATFORM-BP_SERVER-3-ERR_INIT_DSC EM-1520 %PLATFORM-BP_SERVER-3-ERR_MAC_BLK_SIZE EM-15 20 %PLATFORM-BP_SERVER-3-INVALID_BP_VERSION EM- 1521 %PLATFORM-BP_SERVER-3-INVALID_CHASSIS_MODEL EM-1521 %PLATFORM-BPE-3-ERR_INIT EM-1521 %PLATFORM-BPE-3-ERR_MEM_ALLOC EM-1522 %PLATFORM-BPE-5-ERR_CONT EM-1522 %PLATFORM-BPE-7-ERR_EVM_CREATE EM-1522 %PLATFORM-BPE-7-ERR_EVM_NOTIFY EM-1522 %PLATFORM-BPE-7-ERR_EXIT EM-1522 %PLATFORM-BPE-7-ERR_LWM_EVENT_BLOCK EM-1523 %PLATFORM-BPE-7-ERR_LWM_REPLY EM-1523 %PLATFORM-BRIDGE3-2-DDR_BUS_BIT_STUCK_0 EM-15 23 %PLATFORM-BRIDGE3-2-DDR_BUS_BIT_STUCK_1 EM-15 23 %PLATFORM-BRIDGE3-2-DDR_LOSS_OF_SYNC_0 EM-152 4 %PLATFORM-BRIDGE3-2-DDR_LOSS_OF_SYNC_1 EM-152 4 %PLATFORM-BRIDGE3-2-MAC_0_RX_FRAME_ERR_1 EM -1524 %PLATFORM-BRIDGE3-2-NPU_0_LOSS_OF_SYNC_0 EM-1 524 %PLATFORM-BRIDGE3-2-NPU_0_LOSS_OF_SYNC_1 EM-1 524 %PLATFORM-BRIDGE3-2-NPU_1_LOSS_OF_SYNC_0 EM-1 525 %PLATFORM-BRIDGE3-2-NPU_1_LOSS_OF_SYNC_1 EM-1 525 %PLATFORM-BRIDGE3-2-QDR_DATABIT_STUCK_0 EM-1 525 %PLATFORM-BRIDGE3-2-QDR_DATABIT_STUCK_1 EM-1 525 %PLATFORM-BRIDGE3-2-QDR_MEM_SELFTEST_FAIL_0 EM-1525 %PLATFORM-BRIDGE3-2-QDR_MEM_SELFTEST_FAIL_1 EM-1526 %PLATFORM-BRIDGE3-2-REG_ACCESS_FAIL_0 EM-1526 %PLATFORM-BRIDGE3-2-REG_ACCESS_FAIL_1 EM-1526 %PLATFORM-BRIDGE3-2-XAUI_0_CHAN_SYNC_0 EM-152 6 %PLATFORM-BRIDGE3-2-XAUI_0_CHAN_SYNC_1 EM-152 6 %PLATFORM-BRIDGE3-2-XAUI_0_CHAR_ALIGN_0 EM-15 27 %PLATFORM-BRIDGE3-2-XAUI_0_CHAR_ALIGN_1 EM-15 27 %PLATFORM-BRIDGE3-2-XAUI_0_MGT_CV_0 EM-1527 %PLATFORM-BRIDGE3-2-XAUI_0_MGT_CV_1 EM-1527 %PLATFORM-BRIDGE3-2-XAUI_0_RX_ALIGN_LOSS_0 E M-1528 %PLATFORM-BRIDGE3-2-XAUI_0_RX_ALIGN_LOSS_1 E M-1528 %PLATFORM-BRIDGE3-2-XAUI_0_STAT_VEC_0 EM-1528Index EM-2684 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-BRIDGE3-2-XAUI_0_STAT_VEC_1 EM-1528 %PLATFORM-BRIDGE3-2-XAUI_1_CHAN_SYNC_0 EM-152 8 %PLATFORM-BRIDGE3-2-XAUI_1_CHAN_SYNC_1 EM-152 9 %PLATFORM-BRIDGE3-2-XAUI_1_CHAR_ALIGN_0 EM-15 29 %PLATFORM-BRIDGE3-2-XAUI_1_CHAR_ALIGN_1 EM-15 29 %PLATFORM-BRIDGE3-2-XAUI_1_MGT_CV_0 EM-1529 %PLATFORM-BRIDGE3-2-XAUI_1_MGT_CV_1 EM-1530 %PLATFORM-BRIDGE3-2-XAUI_1_RX_ALIGN_LOSS_0 E M-1530 %PLATFORM-BRIDGE3-2-XAUI_1_RX_ALIGN_LOSS_1 E M-1530 %PLATFORM-BRIDGE3-2-XAUI_1_STAT_VEC_0 EM-1530 %PLATFORM-BRIDGE3-2-XAUI_1_STAT_VEC_1 EM-1530 %PLATFORM-BRIDGE3-2-XAUI_A_DATABUS_STUCK_0 EM-1531 %PLATFORM-BRIDGE3-2-XAUI_A_DATABUS_STUCK_1 EM-1531 %PLATFORM-BRIDGE3-3-CHKSUM_ERR_0_FIA_0 EM-153 1 %PLATFORM-BRIDGE3-3-CHKSUM_ERR_0_FIA_1 EM-153 1 %PLATFORM-BRIDGE3-3-CHKSUM_ERR_1_FIA_0 EM-153 1 %PLATFORM-BRIDGE3-3-CHKSUM_ERR_1_FIA_1 EM-153 2 %PLATFORM-BRIDGE3-3-CRC_ERR_0_FIA_0 EM-1532 %PLATFORM-BRIDGE3-3-CRC_ERR_0_FIA_1 EM-1532 %PLATFORM-BRIDGE3-3-CRC_ERR_0_NPU_0 EM-1532 %PLATFORM-BRIDGE3-3-CRC_ERR_0_NPU_1 EM-1532 %PLATFORM-BRIDGE3-3-CRC_ERR_1_FIA_0 EM-1533 %PLATFORM-BRIDGE3-3-CRC_ERR_1_FIA_1 EM-1533 %PLATFORM-BRIDGE3-3-CRC_ERR_1_NPU_0 EM-1533 %PLATFORM-BRIDGE3-3-CRC_ERR_1_NPU_1 EM-1533 %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MAXLEN_ERR_ 0 EM-1534 %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MAXLEN_ERR_ 1 EM-1534 %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MINLEN_ERR_0 EM-1534 %PLATFORM-BRIDGE3-3-FIA2NPU_0_PKT_MINLEN_ERR_1 EM-1534 %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MAXLEN_ERR_ 0 EM-1535 %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MAXLEN_ERR_ 1 EM-1535 %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MINLEN_ERR_0 EM-1535 %PLATFORM-BRIDGE3-3-FIA2NPU_1_PKT_MINLEN_ERR_1 EM-1535 %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_FIA2BR_0 EM- 1536 %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_FIA2BR_1 EM- 1536 %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_NPU2BR_0 EM -1536 %PLATFORM-BRIDGE3-3-FIFO_0_OFLOW_NPU2BR_1 EM -1536 %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_FIA2BR_0 EM- 1536 %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_FIA2BR_1 EM- 1537 %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_NPU2BR_0 EM -1537 %PLATFORM-BRIDGE3-3-FIFO_1_OFLOW_NPU2BR_1 EM -1537 %PLATFORM-BRIDGE3-3-MAC_0_RX_FRAME_ERR_0 EM -1537 %PLATFORM-BRIDGE3-3-MAC_0_TX_FIFO_OFLOW_0 E M-1537 %PLATFORM-BRIDGE3-3-MAC_0_TX_FIFO_OFLOW_1 E M-1538 %PLATFORM-BRIDGE3-3-MAC_1_RX_FRAME_ERR_0 EM -1538 %PLATFORM-BRIDGE3-3-MAC_1_RX_FRAME_ERR_1 EM -1538 %PLATFORM-BRIDGE3-3-MAC_1_TX_FIFO_OFLOW_0 E M-1538 %PLATFORM-BRIDGE3-3-MAC_1_TX_FIFO_OFLOW_1 E M-1538 %PLATFORM-BRIDGE3-3-MISS_EOP_0_FIADDR_0 EM-153 9 %PLATFORM-BRIDGE3-3-MISS_EOP_0_FIADDR_1 EM-153 9 %PLATFORM-BRIDGE3-3-MISS_EOP_0_XAUI_0 EM-1539 %PLATFORM-BRIDGE3-3-MISS_EOP_0_XAUI_1 EM-1539 %PLATFORM-BRIDGE3-3-MISS_EOP_1_FIADDR_0 EM-153 9 %PLATFORM-BRIDGE3-3-MISS_EOP_1_FIADDR_1 EM-154 0 %PLATFORM-BRIDGE3-3-MISS_EOP_1_XAUI_0 EM-1540 %PLATFORM-BRIDGE3-3-MISS_EOP_1_XAUI_1 EM-1540 %PLATFORM-BRIDGE3-3-NPU_0_EGR_Q_ERR_0 EM-1540 %PLATFORM-BRIDGE3-3-NPU_0_EGR_Q_ERR_1 EM-1540 %PLATFORM-BRIDGE3-3-NPU_0_FC_DIP2_ERR_0 EM-154 1 %PLATFORM-BRIDGE3-3-NPU_0_FC_DIP2_ERR_1 EM-154 1 %PLATFORM-BRIDGE3-3-NPU_0_FC_OOS_0 EM-1541 %PLATFORM-BRIDGE3-3-NPU_0_FC_OOS_1 EM-1541 %PLATFORM-BRIDGE3-3-NPU_0_PKT_MAXLEN_ERR_0 EM-1542 %PLATFORM-BRIDGE3-3-NPU_0_PKT_MAXLEN_ERR_1 EM-1542 %PLATFORM-BRIDGE3-3-NPU_0_PKT_MINLEN_ERR_0 E M-1542 %PLATFORM-BRIDGE3-3-NPU_0_PKT_MINLEN_ERR_1 E M-1542 %PLATFORM-BRIDGE3-3-NPU_0_SCH_MEMP_ERR_0 EM- 1543 %PLATFORM-BRIDGE3-3-NPU_0_SCH_MEMP_ERR_1 EM- 1543 %PLATFORM-BRIDGE3-3-NPU_1_EGR_Q_ERR_0 EM-1543Index EM-2685 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-BRIDGE3-3-NPU_1_EGR_Q_ERR_1 EM-1543 %PLATFORM-BRIDGE3-3-NPU_1_FC_DIP2_ERR_0 EM-154 4 %PLATFORM-BRIDGE3-3-NPU_1_FC_DIP2_ERR_1 EM-154 4 %PLATFORM-BRIDGE3-3-NPU_1_FC_OOS_0 EM-1544 %PLATFORM-BRIDGE3-3-NPU_1_FC_OOS_1 EM-1544 %PLATFORM-BRIDGE3-3-NPU_1_PKT_MAXLEN_ERR_0 EM-1545 %PLATFORM-BRIDGE3-3-NPU_1_PKT_MAXLEN_ERR_1 EM-1545 %PLATFORM-BRIDGE3-3-NPU_1_PKT_MINLEN_ERR_0 E M-1545 %PLATFORM-BRIDGE3-3-NPU_1_PKT_MINLEN_ERR_1 E M-1545 %PLATFORM-BRIDGE3-3-NPU_1_SCH_MEMP_ERR_0 EM- 1546 %PLATFORM-BRIDGE3-3-NPU_1_SCH_MEMP_ERR_1 EM- 1546 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_FIA_0 EM-154 6 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_FIA_1 EM-154 6 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_XAUI_0 EM-1 547 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_0_XAUI_1 EM-1 547 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_FIA_0 EM-154 7 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_FIA_1 EM-154 7 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_XAUI_0 EM-1 548 %PLATFORM-BRIDGE3-3-PKT_LEN_ERR_1_XAUI_1 EM-1 548 %PLATFORM-BRIDGE3-3-QDR_MEM_ECC_FAIL_0 EM-15 48 %PLATFORM-BRIDGE3-3-QDR_MEM_ECC_FAIL_1 EM-15 48 %PLATFORM-BRIDGE3-3-STATEMC_0_ERR1_0 EM-1549 %PLATFORM-BRIDGE3-3-STATEMC_0_ERR1_1 EM-1549 %PLATFORM-BRIDGE3-3-STATEMC_0_ERR2_0 EM-1549 %PLATFORM-BRIDGE3-3-STATEMC_0_ERR2_1 EM-1549 %PLATFORM-BRIDGE3-3-STATEMC_0_ERR3_0 EM-1549 %PLATFORM-BRIDGE3-3-STATEMC_0_ERR3_1 EM-1550 %PLATFORM-BRIDGE3-3-STATEMC_1_ERR1_0 EM-1550 %PLATFORM-BRIDGE3-3-STATEMC_1_ERR1_1 EM-1550 %PLATFORM-BRIDGE3-3-STATEMC_1_ERR2_0 EM-1550 %PLATFORM-BRIDGE3-3-STATEMC_1_ERR2_1 EM-1550 %PLATFORM-BRIDGE3-3-STATEMC_1_ERR3_0 EM-1551 %PLATFORM-BRIDGE3-3-STATEMC_1_ERR3_1 EM-1551 %PLATFORM-BRIDGE3-3-XAUI_0_FRAG_ERR_0 EM-1551 %PLATFORM-BRIDGE3-3-XAUI_0_FRAG_ERR_1 EM-1551 %PLATFORM-BRIDGE3-3-XAUI_0_TX_FIFO_OFLOW_0 E M-1552 %PLATFORM-BRIDGE3-3-XAUI_0_TX_FIFO_OFLOW_1 E M-1552 %PLATFORM-BRIDGE3-3-XAUI_1_FRAG_ERR_0 EM-1552 %PLATFORM-BRIDGE3-3-XAUI_1_FRAG_ERR_1 EM-1552 %PLATFORM-BRIDGE3-3-XAUI_1_TX_FIFO_OFLOW_0 E M-1553 %PLATFORM-BRIDGE3-3-XAUI_1_TX_FIFO_OFLOW_1 E M-1553 %PLATFORM-CANB_SERVER-3-ALARM_CLEARED EM-1 553 %PLATFORM-CANB_SERVER-3-ALARM_INDICATION E M-1553 %PLATFORM-CANB_SERVER-3-ERROR_EXIT EM-1554 %PLATFORM-CANB_SERVER-3-OPERATION_FAIL EM-15 54 %PLATFORM-CANB_SERVER-6-OPERATION_INFO EM-15 54 %PLATFORM-CANB_SERVER-7-OPERATION_DEBUG EM -1554 %PLATFORM-CARD-0-OVERCURRENT EM-1555 %PLATFORM-CARDMGR-3-BAD_CS_INFO EM-1555 %PLATFORM-CARDMGR-3-CHDIR_FAILED EM-1555 %PLATFORM-CARDMGR-3-MODULE_UNAVAILABLE E M-1555 %PLATFORM-CARDMGR-3-NO_CARDS_DEFINED EM-155 6 %PLATFORM-CARDMGR-3-NO_DRIVERS_FOUND EM-155 6 %PLATFORM-CARDMGR-3-NO_SOCKETS EM-1556 %PLATFORM-CARDMGR-3-PCMCIA_INIT_ERROR EM-155 6 %PLATFORM-CARDMGR-3-SELECT_FAILURE EM-1556 %PLATFORM-CARDMGR-3-UNSUPPORTED_CARD EM-15 57 %PLATFORM-CARDMGR-6-PRODUCT_INFO EM-1557 %PLATFORM-CARDMGR-6-SOCKET_INFO EM-1557 %PLATFORM-CARDMGR-7-ADJ_RES_FAILED EM-1557 %PLATFORM-CARDMGR-7-BAD_OPEN EM-1557 %PLATFORM-CARDMGR-7-BIND_FAILED EM-1558 %PLATFORM-CARDMGR-7-BIND_MTD_REGION_FAILED EM-1558 %PLATFORM-CARDMGR-7-BIND_MTD_SOCKET_FAILED EM-1558 %PLATFORM-CARDMGR-7-CIS_DATA_PARSING_ERROR EM-1558 %PLATFORM-CARDMGR-7-CIS_DATA_READ_ERROR EM -1558 %PLATFORM-CARDMGR-7-CIS_REPLACE_ERROR EM-15 59 %PLATFORM-CARDMGR-7-CS_REL_MISMATCH EM-1559 %PLATFORM-CARDMGR-7-GET_DEV_INFO_FAILED EM- 1559 %PLATFORM-CARDMGR-7-NO_MEM EM-1559 %PLATFORM-CARDMGR-7-OPEN_SOCK_FAILED EM-155 9 %PLATFORM-CARDMGR-7-READ_FAILED EM-1560 %PLATFORM-CARDMGR-7-THREAD_CREATE_FAILED E M-1560 %PLATFORM-CARDMGR-7-UNBIND_FAILED EM-1560 %PLATFORM-CARDMGR-7-UNBIND_MTD_FAILED EM-15 60Index EM-2686 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-CCTL_ENS-3-ERROR_EXIT EM-1561 %PLATFORM-CCTL_ENS-3-ERROR_EXIT EM-1561 %PLATFORM-CCTL_ENS-7-OPERATION_FAIL EM-1561 %PLATFORM-CCTL_ENS-7-OPERATION_FAIL EM-1561 %PLATFORM-CCTL-2-CARD_POWERUP_FAIL EM-1562 %PLATFORM-CCTL-2-CARD_SHUTDOWN_FAIL EM-1562 %PLATFORM-CCTL-2-CHASSIS_SHUTDOWN_FAIL EM-15 62 %PLATFORM-CCTL-2-CHASSIS_SHUTDOWN_FAIL EM-15 63 %PLATFORM-CCTL-2-RESET_SP_FAIL EM-1563 %PLATFORM-CCTL-2-STANDBY_SHUTDOWN_FAILED E M-1563 %PLATFORM-CCTL-2-STANDBY_SHUTDOWN_FAILED E M-1563 %PLATFORM-CCTL-3-ERROR_EXIT EM-1563 %PLATFORM-CCTL-3-ERROR_EXIT EM-1564 %PLATFORM-CCTL-3-MASTERSHIP_EXIT EM-1564 %PLATFORM-CCTL-3-READ_POWER_SHELF_TYPE_FAILU RE EM-1564 %PLATFORM-CCTL-3-READ_POWER_SHELF_TYPE_FAILU RE EM-1565 %PLATFORM-CCTL-4-UNKNOWN_SHELF_ID EM-1565 %PLATFORM-CCTL-4-UNKNOWN_SHELF_ID EM-1565 %PLATFORM-CCTL-6-TEMP_ALARM EM-1565 %PLATFORM-CCTL-6-TEMP_ALARM EM-1566 %PLATFORM-CCTL-7-OPERATION_FAIL EM-1566 %PLATFORM-CCTL-7-OPERATION_FAIL EM-1566 %PLATFORM-CEMGBL-7-ERROR EM-1566 %PLATFORM-CETHHA-2-CRITICAL EM-1566 %PLATFORM-CETHHA-2-CRITICAL EM-1567 %PLATFORM-CETHHA-2-PORT_FAULT EM-1567 %PLATFORM-CETHHA-4-NOGE EM-1567 %PLATFORM-CETHHA-4-NOGE EM-1567 %PLATFORM-CHP-0-FAULT_RECOVERY_ERR EM-1567 %PLATFORM-CHP-3-CRC_ERR EM-1568 %PLATFORM-CHP-3-DEVICE_HALT EM-1568 %PLATFORM-CHP-3-DMA_ERR EM-1568 %PLATFORM-CHP-3-FATAL EM-1568 %PLATFORM-CHP-3-FATAL_2 EM-1569 %PLATFORM-CHP-3-FUSILLI_PARITY_ERR EM-1569 %PLATFORM-CHP-3-GEN_INFO EM-1569 %PLATFORM-CHP-3-HWINIT_INCOMPLETE EM-1569 %PLATFORM-CHP-3-INFO EM-1569 %PLATFORM-CHP-3-INTR_ENABLE_FAIL EM-1570 %PLATFORM-CHP-3-INTR_STATUS_GET_ERR EM-1570 %PLATFORM-CHP-3-MALLOC_FAILED EM-1570 %PLATFORM-CHP-3-NOT_AVAILABLE EM-1570 %PLATFORM-CHP-3-NOT_OPERATIONAL EM-1570 %PLATFORM-CHP-3-NOT_YET_IMPLEMENTED EM-1571 %PLATFORM-CHP-3-PCI_ERR EM-1571 %PLATFORM-CHP-3-SRAM_PARITY_ERR EM-1571 %PLATFORM-CHP-6-UNHANDLED_HALT EM-1571 %PLATFORM-CHP-6-UNHANDLED_INTR EM-1571 %PLATFORM-CLKCTRL_T-2-DEV_VERSION_ERROR EM- 1572 %PLATFORM-CLKCTRL_T-2-EEPROM_OVERCURRENT E M-1572 %PLATFORM-CLKCTRL_T-2-PARITY_ERROR EM-1572 %PLATFORM-COMMON-0-LC_HEADLESS_ACT_RSP_HB_R EQ_FAILURE EM-1573 %PLATFORM-COMMON-0-RSP_HEADLESS_ACT_RSP_HB_ REQ_FAILURE EM-1573 %PLATFORM-CONCERTO-3-ERR_INIT EM-1573 %PLATFORM-CONCERTO-3-ERR_MEM_ALLOC EM-1573 %PLATFORM-CONCERTO-5-ERR_CONT EM-1574 %PLATFORM-CONCERTO-7-ERR_EVM_CREATE EM-1574 %PLATFORM-CONCERTO-7-ERR_EVM_NOTIFY EM-1574 %PLATFORM-CONCERTO-7-ERR_EXIT EM-1574 %PLATFORM-CONCERTO-7-ERR_LWM_EVENT_BLOCK EM-1575 %PLATFORM-CONCERTO-7-ERR_LWM_REPLY EM-1575 %PLATFORM-CPUCTRL_PCI-3-FAILED_S EM-1575 %PLATFORM-CPUCTRL_PCI-3-FAILED_S EM-1575 %PLATFORM-CPUCTRL_PCI-3-FAILED_SD EM-1576 %PLATFORM-CPUCTRL_PCI-3-FAILED_SD EM-1576 %PLATFORM-CPUCTRL_PCI-6-LOG_S EM-1576 %PLATFORM-CPUCTRL_PCI-6-LOG_S EM-1576 %PLATFORM-CPUCTRL_PCI-6-LOG_SD EM-1576 %PLATFORM-CPUCTRL_PCI-6-LOG_SD EM-1576 %PLATFORM-CPUCTRL_PCI-6-LOG_SS EM-1577 %PLATFORM-CPUCTRL_PCI-6-LOG_SS EM-1577 %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_1 EM-1577 %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_1 EM-1577 %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_8 EM-1577 %PLATFORM-CPUCTRL_PCI-6-LOG_SXX_8 EM-1577 %PLATFORM-CPUCTRL-3-ASIC_NOT_FOUND EM-1578 %PLATFORM-CPUCTRL-3-ASIC_RESET_FAILURE EM-157 8 %PLATFORM-CPUCTRL-3-CDMA_RAM_CORRECTABLE_E RROR EM-1578 %PLATFORM-CPUCTRL-3-CDMA_RAM_CORRECTABLE_E RROR EM-1578 %PLATFORM-CPUCTRL-3-CDMA_RAM_PARITY_ERROR EM-1579 %PLATFORM-CPUCTRL-3-CDMA_RAM_PARITY_ERROR EM-1579 %PLATFORM-CPUCTRL-3-CDMA_RAM_UNCORRECTABLE _ERROR EM-1579 %PLATFORM-CPUCTRL-3-CDMA_RAM_UNCORRECTABLE _ERROR EM-1579 %PLATFORM-CPUCTRL-3-DETECTED_TX_PDMA_STALL EM-1580 %PLATFORM-CPUCTRL-3-ERR_INIT EM-1580 %PLATFORM-CPUCTRL-3-ERR_INIT EM-1580 %PLATFORM-CPUCTRL-3-FAULT_REPORT_FAILURE EM -1580 %PLATFORM-CPUCTRL-3-FAULT_REPORT_FAILURE EM -1581 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_ISN E M-1581 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_ISN E M-1581 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_LINK EM-1581 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_LINK Index EM-2687 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 EM-1582 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_P M EM-1582 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_P M EM-1582 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_SN EM-1582 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCI_SN EM-1583 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCIX EM-1583 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PCIX EM-1583 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PORT EM-1583 %PLATFORM-CPUCTRL-3-HW_DETECTED_ERROR_PORT EM-1584 %PLATFORM-CPUCTRL-3-HW_GASPP_READ_BUS_ERROR EM-1584 %PLATFORM-CPUCTRL-3-HW_GASPP_READ_BUS_ERROR EM-1584 %PLATFORM-CPUCTRL-3-HW_GASPP_WRITE_ERROR E M-1584 %PLATFORM-CPUCTRL-3-HW_GASPP_WRITE_ERROR E M-1585 %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERR OR_MASK EM-1585 %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERR OR_MASK EM-1585 %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERR OR_OTHER EM-1585 %PLATFORM-CPUCTRL-3-PCI_RAM_CORRECTABLE_ERR OR_OTHER EM-1586 %PLATFORM-CPUCTRL-3-PCI_RAM_UNCORRECTABLE_E RROR EM-1586 %PLATFORM-CPUCTRL-3-PCI_RAM_UNCORRECTABLE_E RROR EM-1586 %PLATFORM-CPUCTRL-3-PDMA_RAM_CORRECTABLE_E RROR EM-1586 %PLATFORM-CPUCTRL-3-PDMA_RAM_CORRECTABLE_E RROR EM-1587 %PLATFORM-CPUCTRL-3-PDMA_RAM_PARITY_ERROR EM-1587 %PLATFORM-CPUCTRL-3-PDMA_RAM_PARITY_ERROR EM-1587 %PLATFORM-CPUCTRL-3-PDMA_RAM_UNCORRECTABLE _ERROR EM-1587 %PLATFORM-CPUCTRL-3-PDMA_RAM_UNCORRECTABLE _ERROR EM-1588 %PLATFORM-CPUCTRL-3-PERSISTENT_CRC_LINK_FAILU RE EM-1588 %PLATFORM-CPUCTRL-7-ERR_BAG_REG EM-1588 %PLATFORM-CPUCTRL-7-ERR_BAG_REG EM-1588 %PLATFORM-CPUCTRL-7-ERR_DLL_INIT EM-1589 %PLATFORM-CPUCTRL-7-ERR_DLL_INIT EM-1589 %PLATFORM-CPUCTRL-7-ERR_EVM_CREATE EM-1589 %PLATFORM-CPUCTRL-7-ERR_EVM_CREATE EM-1589 %PLATFORM-CPUCTRL-7-ERR_EVM_NOTIFY EM-1590 %PLATFORM-CPUCTRL-7-ERR_EVM_NOTIFY EM-1590 %PLATFORM-CPUCTRL-7-ERR_LWM_EVENT_BLOCK E M-1590 %PLATFORM-CPUCTRL-7-ERR_LWM_EVENT_BLOCK E M-1590 %PLATFORM-CPUCTRL-7-ERR_SYSDB_EDM_REG EM-15 90 %PLATFORM-CPUCTRL-7-ERR_SYSDB_EDM_REG EM-15 91 %PLATFORM-CPUCTRL-7-HW_DETECTED_SPURIOUS_ER ROR_PORT EM-1591 %PLATFORM-CPUCTRL-7-SPURIOUS_ECCPAR_INTS_THR OTTLED EM-1591 %PLATFORM-CPUCTRLLIB-3-DETECTED_CDMA_PORT0 EM-1591 %PLATFORM-CPUCTRLLIB-3-DETECTED_EGRESSQ_QUEU E0_PDMA EM-1592 %PLATFORM-CPUCTRLLIB-3-DETECTED_ERROR_PDMA EM-1592 %PLATFORM-CPUCTRLLIB-3-DETECTED_ERROR_PDMA EM-1592 %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_CD MA EM-1592 %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_CD MA EM-1593 %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_RX _PDMA EM-1593 %PLATFORM-CPUCTRLLIB-3-HW_DETECTED_ERROR_RX _PDMA EM-1593 %PLATFORM-CPUCTRLLIB-3-INT_WARNING EM-1593 %PLATFORM-CPUCTRLLIB-3-INT_WARNING EM-1594 %PLATFORM-CPUCTRLLIB-3-PCI_CONFIGURATION_ERRO R EM-1594 %PLATFORM-CPUCTRLLIB-3-PCI_CONFIGURATION_ERRO R EM-1594 %PLATFORM-CPUCTRLLIB-3-UNRECOVERED_PIO_ERROR EM-1594 %PLATFORM-CPUCTRLLIB-3-UNRECOVERED_PIO_ERROR EM-1595 %PLATFORM-CPUCTRLLIB-4-PORT_INIT_FAILURE EM-1 595 %PLATFORM-CPUCTRLLIB-4-PORT_INIT_FAILURE EM-1 595 %PLATFORM-CPUCTRLLIB-4-PORT_NOT_PRESENT EM-1 595 %PLATFORM-CPUCTRLLIB-4-PORT_REFRAME_SYNC_FAI LURE EM-1596 %PLATFORM-CPUCTRLLIB-4-PORT_REFRAME_SYNC_FAI LURE EM-1596 %PLATFORM-CPUCTRLLIB-4-PORT_REINIT_FAILURE E M-1596 %PLATFORM-CPUCTRLLIB-4-PORT_REINIT_FAILURE E M-1596 %PLATFORM-CPUCTRLLIB-6-NO_BUF_TO_REPLACE EM -1597 %PLATFORM-CPUCTRLLIB-6-NO_BUF_TO_REPLACE EM -1597 %PLATFORM-CROSSBAR-2-SERDES_ERROR EM-1597Index EM-2688 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-CROSSBAR-3-IN_MEM_ERROR EM-1597 %PLATFORM-CROSSBAR-3-OUT_MEM_ERROR EM-1598 %PLATFORM-CROSSBAR-3-XBAR_TIMEOUT_ERROR EM -1598 %PLATFORM-CSAR-3-ERROR EM-1598 %PLATFORM-CSAR-3-SLOT_SHUTDOWN EM-1598 %PLATFORM-CSAR-3-UCAST_STUCK EM-1599 %PLATFORM-CSAR-4-DEBUG_FAIL EM-1599 %PLATFORM-CSAR-4-MCAST_STUCK EM-1599 %PLATFORM-CSAR-4-UNKNOWN_INTF EM-1599 %PLATFORM-DIAGS-3-BOOTFLASH_CORRUPTED EM-16 00 %PLATFORM-DIAGS-3-EXCESSIVE_ECC_SBE_ERROR E M-1600 %PLATFORM-DIAGS-3-FAB_MCAST_SC0_FAILED EM-160 0 %PLATFORM-DIAGS-3-FAB_MCAST_SC1_FAILED EM-160 0 %PLATFORM-DIAGS-3-FAB_UNICAST_FAILED EM-1601 %PLATFORM-DIAGS-3-INVALID_DEVICE_ID EM-1601 %PLATFORM-DIAGS-3-LC_EOBC_FAILED_BOTH_RSP E M-1601 %PLATFORM-DIAGS-3-LC_EOBC_FAILED_RSP0 EM-1601 %PLATFORM-DIAGS-3-LC_EOBC_FAILED_RSP1 EM-1601 %PLATFORM-DIAGS-3-LC_EOBC_FAILED_STBY_RSP EM -1602 %PLATFORM-DIAGS-3-LC_EOBC_NO_RSP_UP EM-1602 %PLATFORM-DIAGS-3-LC_EOBC_SEND_FAILED EM-1602 %PLATFORM-DIAGS-3-LC_NP_LOOPBACK_FAILED EM-1 602 %PLATFORM-DIAGS-3-PUNT_FABRIC_DATA_PATH_FAILE D EM-1603 %PLATFORM-DIAGS-3-SCRATCH_TEST_ERROR EM-1603 %PLATFORM-DIAGS-3-SRSP_ACTIVE_EOBC_FAILED EM -1603 %PLATFORM-DIAGS-3-SRSP_ACTIVE_EOBC_MCAST_FAIL ED EM-1603 %PLATFORM-DIAGS-3-SRSP_STANDBY_EOBC_FAILED EM-1604 %PLATFORM-DIAGS-3-SRSP_STANDBY_EOBC_MCAST_FA ILED EM-1604 %PLATFORM-DISCOVERY-0-ERR EM-1604 %PLATFORM-DISCOVERY-0-ERR EM-1604 %PLATFORM-DISCOVERY-3-ERR_KD_MMAP EM-1605 %PLATFORM-DISCOVERY-3-ERR_SET_REBOOT_CAUSE EM-1605 %PLATFORM-DISCOVERY-3-RAM_ECC_2BIT EM-1605 %PLATFORM-DISCOVERY-3-RAM_ECC_2BIT EM-1605 %PLATFORM-DISCOVERY-4-CPU_LATCH EM-1606 %PLATFORM-DISCOVERY-4-CPU_LATCH EM-1606 %PLATFORM-DISCOVERY-4-CPU_NOLATCH EM-1606 %PLATFORM-DISCOVERY-4-CPU_NOLATCH EM-1606 %PLATFORM-DISCOVERY-4-DEV_LATCH EM-1607 %PLATFORM-DISCOVERY-4-DEV_LATCH EM-1607 %PLATFORM-DISCOVERY-4-DEV_NOLATCH EM-1607 %PLATFORM-DISCOVERY-4-DEV_NOLATCH EM-1607 %PLATFORM-DISCOVERY-4-PCI_LATCH EM-1608 %PLATFORM-DISCOVERY-4-PCI_LATCH EM-1608 %PLATFORM-DISCOVERY-4-PCI_NOLATCH EM-1608 %PLATFORM-DISCOVERY-4-PCI_NOLATCH EM-1608 %PLATFORM-DISCOVERY-4-RAM_ECC_1BIT_THRESH E M-1609 %PLATFORM-DISCOVERY-4-RAM_ECC_1BIT_THRESH E M-1609 %PLATFORM-DISCOVERY-4-SRAM_PARITY EM-1609 %PLATFORM-DISCOVERY-4-SRAM_PARITY EM-1609 %PLATFORM-DISCOVERY-7-ASMP_ERR_REGS EM-1609 %PLATFORM-DISCOVERY-7-ASMP_ERR_REGS EM-1610 %PLATFORM-DISCOVERY-7-ASMP_PCI_DETAILS EM-161 0 %PLATFORM-DISCOVERY-7-ASMP_PCI_DETAILS EM-161 0 %PLATFORM-DISCOVERY-7-CPU_DETAILS EM-1610 %PLATFORM-DISCOVERY-7-CPU_DETAILS EM-1610 %PLATFORM-DISCOVERY-7-DEV_DETAILS EM-1610 %PLATFORM-DISCOVERY-7-DEV_DETAILS EM-1611 %PLATFORM-DISCOVERY-7-INFO EM-1611 %PLATFORM-DISCOVERY-7-INFO EM-1611 %PLATFORM-DISCOVERY-7-PCI_DETAILS EM-1611 %PLATFORM-DISCOVERY-7-PCI_DETAILS EM-1611 %PLATFORM-DISCOVERY-7-RAM_DETAILS EM-1612 %PLATFORM-DISCOVERY-7-RAM_DETAILS EM-1612 %PLATFORM-DISCOVERY-7-SRAM_DETAILS EM-1612 %PLATFORM-DISCOVERY-7-SRAM_DETAILS EM-1612 %PLATFORM-DRP_PAIRING_CLIENT-7-ERR_DLL_INIT E M-1612 %PLATFORM-DRP_PAIRING_CLIENT-7-ERR_DLL_INIT E M-1613 %PLATFORM-DRP_PAIRING_CLIENT-7-ERR_DLL_INIT E M-1613 %PLATFORM-DRP_PAIRING-6-NON_DRP_NODE EM-1613 %PLATFORM-DRP_PAIRING-6-NON_DRP_NODE EM-1613 %PLATFORM-DRP_PAIRING-6-NON_DRP_NODE EM-1613 %PLATFORM-DRP_PAIRING-6-NOT_SUPPORTED EM-1614 %PLATFORM-DRP_PAIRING-6-NOT_SUPPORTED EM-1614 %PLATFORM-DRP_PAIRING-6-NOT_SUPPORTED EM-1614 %PLATFORM-DRP_PAIRING-7-ERR_CERR_REG EM-1614 %PLATFORM-DRP_PAIRING-7-ERR_DSC_NODEID EM-161 4 %PLATFORM-DRP_PAIRING-7-ERR_EVM_CREATE EM-16 14 %PLATFORM-DRP_PAIRING-7-ERR_GET_MY_NODEID E M-1615 %PLATFORM-DRP_PAIRING-7-ERR_PROC_BLOCK EM-16 15 %PLATFORM-DRP_PAIRING-7-ERR_SERVER_INIT EM-161 5 %PLATFORM-DRP_PAIRING-7-ERR_SYSDB_ACCESS EM- 1615 %PLATFORM-DRP_PAIRING-7-ERR_THREAD_CREATE E M-1615 %PLATFORM-DSC-1-ERR_LOST_ALL_FABRIC_RACKS E M-1616 %PLATFORM-DSC-3-ERR_DSC_INIT EM-1616 %PLATFORM-DSC-3-ERR_DSC_INIT EM-1616 %PLATFORM-DSC-3-ERR_INPUT_PRIORITY EM-1616Index EM-2689 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-DSC-3-ERR_INTERNAL_SW EM-1617 %PLATFORM-DSC-3-ERR_LTRACE_INIT EM-1617 %PLATFORM-DSC-3-ERR_MEM_ALLOC EM-1617 %PLATFORM-DSC-3-ERR_MEM_ALLOC EM-1617 %PLATFORM-DSC-3-ERR_NULL_SERIAL_ID EM-1618 %PLATFORM-DSC-3-ERR_RACK_DOWN EM-1618 %PLATFORM-DSC-3-ERR_SYSDB_CONNECT EM-1618 %PLATFORM-DSC-3-ERR_TRANSPORT EM-1618 %PLATFORM-DSC-4-WARNING_RACK_NUM EM-1619 %PLATFORM-DSC-5-NOTICE_RACK_NUM EM-1619 %PLATFORM-DSC-6-INFO_I_AM_DSC EM-1619 %PLATFORM-DSC-7-ERR_RACK_DELETE EM-1619 %PLATFORM-DSC-7-ERR_RACK_OIR EM-1619 %PLATFORM-DSC-7-ERR_RACK_OIR_TIMEOUT EM-1619 %PLATFORM-DSC-7-ERR_STORE_REBOOT_INFO EM-162 0 %PLATFORM-DSCMEDIA-2-ERR_WAIT_REDUNDANCY E M-1620 %PLATFORM-DSCMEDIA-2-FATAL EM-1620 %PLATFORM-DSCMEDIA-3-ERR_CCTL EM-1620 %PLATFORM-DSCMEDIA-3-ERR_CCTL EM-1621 %PLATFORM-DSCMEDIA-3-ERR_EVM EM-1621 %PLATFORM-DSCMEDIA-3-ERR_EVM EM-1621 %PLATFORM-DSCMEDIA-3-ERR_NODEID EM-1621 %PLATFORM-DSCMEDIA-3-ERR_NODEID EM-1622 %PLATFORM-DSCMEDIA-3-ERR_TRANSPORT EM-1622 %PLATFORM-DSCMEDIA-3-ERR_TRANSPORT EM-1622 %PLATFORM-DSCMEDIA-3-ERROR EM-1622 %PLATFORM-DSCMEDIA-3-ERROR2 EM-1623 %PLATFORM-DSCMEDIA-3-READ_PERSIST EM-1623 %PLATFORM-DSCMEDIA-3-WRITE_PERSIST EM-1623 %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_LOCK EM-1623 %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_LOCK EM-1624 %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_UNLO CK EM-1624 %PLATFORM-DSCMEDIA-4-ERR_THREAD_MUTEX_UNLO CK EM-1624 %PLATFORM-DSCMEDIA-4-FETCH EM-1624 %PLATFORM-DSCMEDIA-4-LISTEN EM-1625 %PLATFORM-DSCMEDIA-4-NO_CSC_SN EM-1625 %PLATFORM-DSCMEDIA-4-WARNING EM-1625 %PLATFORM-DSCMEDIA-4-WARNING2 EM-1625 %PLATFORM-DSCMEDIA-6-DSC_ELECTED EM-1626 %PLATFORM-EIO-4-ERR_LWM_SEND EM-1626 %PLATFORM-EIO-7-ERR_ECM EM-1626 %PLATFORM-EIO-7-ERR_ECM EM-1626 %PLATFORM-EIO-7-ERR_EDM_INIT EM-1627 %PLATFORM-EIO-7-ERR_EDM_INIT EM-1627 %PLATFORM-EIO-7-ERR_LINK_TRAINING EM-1627 %PLATFORM-EIO-7-ERR_LINK_TRAINING EM-1627 %PLATFORM-EIO-7-ERR_LWM_SEND EM-1628 %PLATFORM-EIO-7-ERR_MEM_ALLOC EM-1628 %PLATFORM-EIO-7-ERR_MEM_ALLOC EM-1628 %PLATFORM-EIO-7-ERR_REGISTER_GET EM-1628 %PLATFORM-EIO-7-ERR_REGISTER_GET EM-1629 %PLATFORM-EIO-7-ERR_REGISTER_SET EM-1629 %PLATFORM-EIO-7-ERR_REGISTER_SET EM-1629 %PLATFORM-ENVMON_MON-4-CLEAR_TEMPERATURE_R EAD_FAIL EM-1629 %PLATFORM-ENVMON_MON-4-SET_TEMPERATURE_REA D_FAIL EM-1630 %PLATFORM-ENVMON_MON-4-TEMPERATURE_READ_FA IL EM-1630 %PLATFORM-ENVMON-0-CARD_OVERTEMP_SHUTDOWN EM-1631 %PLATFORM-ENVMON-0-CHASSIS_OVERTEMP_SHUTDO WN EM-1631 %PLATFORM-ENVMON-1-CANTSHUT EM-1631 %PLATFORM-ENVMON-1-SHUTDOWN EM-1631 %PLATFORM-ENVMON-1-SPA_CANTSHUT EM-1632 %PLATFORM-ENVMON-1-SPA_SHUTDOWN EM-1632 %PLATFORM-ENVMON-2-ADDITIVE_POWER_OVERBUDG ET EM-1632 %PLATFORM-ENVMON-2-CARD_OVERTEMP EM-1632 %PLATFORM-ENVMON-2-CARD_OVERTEMP_CLEAR EM -1633 %PLATFORM-ENVMON-2-CHASSIS_OVERTEMP EM-1633 %PLATFORM-ENVMON-2-CHASSIS_OVERTEMP_CLEAR EM-1633 %PLATFORM-ENVMON-2-ENV_CONDITION EM-1633 %PLATFORM-ENVMON-2-ENV_CONDITION EM-1633 %PLATFORM-ENVMON-2-ENV_POWER_FAILURE EM-163 4 %PLATFORM-ENVMON-2-ENV_POWER_FAILURE_CLEAR EM-1634 %PLATFORM-ENVMON-2-ENV_POWER_FAULT EM-1634 %PLATFORM-ENVMON-2-ENV_POWER_FAULT_CLEAR EM-1634 %PLATFORM-ENVMON-2-ENV_SLOT_FORCE_CLEAR EM -1634 %PLATFORM-ENVMON-2-ENV_SPA_FORCE_CLEAR EM- 1635 %PLATFORM-ENVMON-2-FAN EM-1635 %PLATFORM-ENVMON-2-FAN_CLEAR EM-1635 %PLATFORM-ENVMON-2-FAN_CLEAR EM-1635 %PLATFORM-ENVMON-2-FAN_FAIL EM-1635 %PLATFORM-ENVMON-2-FANTRAY_CLEAR EM-1635 %PLATFORM-ENVMON-2-FANTRAY_FAIL EM-1636 %PLATFORM-ENVMON-2-OVERTEMP EM-1636 %PLATFORM-ENVMON-2-OVERTEMP_CLEAR EM-1636 %PLATFORM-ENVMON-2-POWER_BUDGET_OK EM-1636 %PLATFORM-ENVMON-2-POWERSUPPLY_CURRENT EM -1636 %PLATFORM-ENVMON-2-POWERSUPPLY_CURRENT_CLE AR EM-1637 %PLATFORM-ENVMON-2-POWERSUPPLY_NONOP EM-16 37 %PLATFORM-ENVMON-2-POWERSUPPLY_NONOP_CLEAR EM-1637 %PLATFORM-ENVMON-2-POWERSUPPLY_VOLTAGE EM -1637 %PLATFORM-ENVMON-2-POWERSUPPLY_VOLTAGE_CLE AR EM-1637 %PLATFORM-ENVMON-2-REDUNDANT_POWER_OVERBUIndex EM-2690 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 DGET EM-1638 %PLATFORM-ENVMON-2-TEMP EM-1638 %PLATFORM-ENVMON-2-TEMP_CLEAR EM-1638 %PLATFORM-ENVMON-2-VOLT_ALARM_SHUTDOWN E M-1638 %PLATFORM-ENVMON-2-VOLTAGE EM-1638 %PLATFORM-ENVMON-2-VOLTAGE_CLEAR EM-1639 %PLATFORM-ENVMON-2-VOLTAGE_SUPPLY_FAILED E M-1639 %PLATFORM-ENVMON-3-ASSUME_OLD_E5 EM-1639 %PLATFORM-ENVMON-3-ERR_CARD_UNSUPPORTED E M-1639 %PLATFORM-ENVMON-3-ERR_E5_NOSUPPORT EM-1639 %PLATFORM-ENVMON-3-ERR_MARGIN_MODE_UNKNOW N EM-1640 %PLATFORM-ENVMON-3-ERR_SLOT_INVALID EM-1640 %PLATFORM-ENVMON-3-ERROR_EXIT EM-1640 %PLATFORM-ENVMON-3-ERROR_READ_AC EM-1640 %PLATFORM-ENVMON-3-FANTRAY_ALARM EM-1641 %PLATFORM-ENVMON-3-FANTRAY_ALARM_CLEAR E M-1641 %PLATFORM-ENVMON-3-NON_COMPLIANT_PS EM-1641 %PLATFORM-ENVMON-3-NON_COMPLIANT_PS EM-1641 %PLATFORM-ENVMON-3-OPERATION_FAIL EM-1641 %PLATFORM-ENVMON-3-UNEXPECTED_PRP_TYPE EM- 1642 %PLATFORM-ENVMON-3-UNKNOWN_E5_FW EM-1642 %PLATFORM-ENVMON-3-UNKNOWN_E5_HW_TYPE EM- 1642 %PLATFORM-ENVMON-3-UNKNOWN_PEM EM-1642 %PLATFORM-ENVMON-3-UNKNOWN_PRP_TYPE EM-164 2 %PLATFORM-ENVMON-4-ALARM EM-1643 %PLATFORM-ENVMON-4-CLEAR_ALARM EM-1643 %PLATFORM-ENVMON-4-OLD_E5_FW EM-1643 %PLATFORM-ENVMON-4-SET_ALARM EM-1643 %PLATFORM-ENVMON-5-ERR_MBUS_EEPROM EM-1643 %PLATFORM-ENVMON-6-BLWR_LIFECYCLE_RESET EM -1644 %PLATFORM-ENVMON-6-FAN_INSERT EM-1644 %PLATFORM-ENVMON-6-FAN_REMOVE EM-1644 %PLATFORM-ENVMON-6-LOW_FAN_SPEED_WARNING EM-1644 %PLATFORM-ENVMON-6-LOW_FAN_SPEED_WARNING EM-1644 %PLATFORM-ENVMON-6-PEM_INSERT EM-1644 %PLATFORM-ENVMON-6-PEM_REMOVE EM-1645 %PLATFORM-ENVMON-6-PS_SHUTDOWN_ERROR EM-16 45 %PLATFORM-ENVMON-6-PS_SHUTDOWN_ERROR EM-16 45 %PLATFORM-ENVMON-6-SEND_PULSE_FAIL EM-1645 %PLATFORM-ENVMON-6-SEND_PULSE_FAIL EM-1645 %PLATFORM-ENVMON-7-BAG_DECODE_FAILED EM-164 5 %PLATFORM-ENVMON-7-CACHE_TOO_SMALL EM-1646 %PLATFORM-ENVMON-7-ERR_ASSERT EM-1646 %PLATFORM-ENVMON-7-ERR_CHKPT EM-1646 %PLATFORM-ENVMON-7-ERR_CHKPT_CREATE EM-1646 %PLATFORM-ENVMON-7-ERR_CHKPT_DELETE EM-1646 %PLATFORM-ENVMON-7-ERR_CHKPT_ITERATE EM-1646 %PLATFORM-ENVMON-7-ERR_CHKPT_RESTORE EM-164 7 %PLATFORM-ENVMON-7-ERR_CHKPT_SAVE EM-1647 %PLATFORM-ENVMON-7-ERR_DEBUG_REG EM-1647 %PLATFORM-ENVMON-7-ERR_DSC_CONNECT EM-1647 %PLATFORM-ENVMON-7-ERR_DSC_GET EM-1647 %PLATFORM-ENVMON-7-ERR_EDM_INIT EM-1647 %PLATFORM-ENVMON-7-ERR_EDM_MISSING EM-1648 %PLATFORM-ENVMON-7-ERR_EVM_ASYNC_ATTACH E M-1648 %PLATFORM-ENVMON-7-ERR_EVM_CREATE EM-1648 %PLATFORM-ENVMON-7-ERR_INTERNAL EM-1648 %PLATFORM-ENVMON-7-ERR_LWM_RECEIVE EM-1648 %PLATFORM-ENVMON-7-ERR_LWM_REPLY EM-1648 %PLATFORM-ENVMON-7-ERR_MBUS_CEC EM-1649 %PLATFORM-ENVMON-7-ERR_MBUS_READREG EM-164 9 %PLATFORM-ENVMON-7-ERR_MBUS_RECEIVE EM-1649 %PLATFORM-ENVMON-7-ERR_NODEID_CREATE EM-164 9 %PLATFORM-ENVMON-7-ERR_PTHREAD EM-1649 %PLATFORM-ENVMON-7-ERR_SLOT_EXTRACT EM-1649 %PLATFORM-ENVMON-7-ERR_SYSDB_BIND EM-1650 %PLATFORM-ENVMON-7-ERR_SYSDB_REG_NOTIFY EM -1650 %PLATFORM-ENVMON-7-ERR_SYSDB_REG_VERIF EM-1 650 %PLATFORM-ENVMON-7-ERR_THREAD_CREATE EM-165 0 %PLATFORM-ENVMON-7-ERR_TRAP_SEND EM-1650 %PLATFORM-ENVMON-7-ERROR EM-1650 %PLATFORM-ENVMON-7-EVENT_BLOCK_FAILED EM-16 51 %PLATFORM-ENVMON-7-NOT_ON_DSC EM-1651 %PLATFORM-ENVMON-7-OP_DBG EM-1651 %PLATFORM-ENVMON-7-OPERATION_DEBUG EM-1651 %PLATFORM-ENVMON-7-SYSMGR_PROC_READY_FAILE D EM-1651 %PLATFORM-ETH_SRVR-3-TX_STALLED EM-1652 %PLATFORM-ETH_SRVR-3-TX_STALLED EM-1652 %PLATFORM-ETH_SRVR-3-TX_STALLED EM-1652 %PLATFORM-ETH_SRVR-3-UNKNOWN_FORUS_PAK EM- 1653 %PLATFORM-ETH_SRVR-3-UNKNOWN_FORUS_PAK EM- 1653 %PLATFORM-ETH_SRVR-3-UNKNOWN_FORUS_PAK EM- 1653 %PLATFORM-ETH_SRVR-4-INIT_ERR EM-1653 %PLATFORM-ETH_SRVR-4-INIT_ERR EM-1654 %PLATFORM-ETH_SRVR-4-INIT_ERR EM-1654 %PLATFORM-ETH_SRVR-4-POISON_PILL_FORUS_PAK E M-1654 %PLATFORM-ETH_SRVR-4-queue_err EM-1655 %PLATFORM-ETH_SRVR-7-ERR_FSM EM-1655 %PLATFORM-ETH_SRVR-7-ERR_FSM EM-1655Index EM-2691 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-ETH_SRVR-7-ERR_FSM EM-1656 %PLATFORM-ETH_SRVR-7-INCORRECT_PAK EM-1656 %PLATFORM-ETHER_CTRL_DLL-3-CONNECTION_OPERA TION_FAIL EM-1656 %PLATFORM-ETHER_CTRL_DLL-3-MSG_OPERATION_FAI L EM-1657 %PLATFORM-ETHER_CTRL-3-ERROR_EXIT EM-1657 %PLATFORM-ETHER_CTRL-3-IF_OPERATION_FAIL EM-1 657 %PLATFORM-ETHER_CTRL-3-MGMT_IF_FAIL EM-1657 %PLATFORM-ETHER_CTRL-3-MUTEX_OPERATION_FAIL EM-1658 %PLATFORM-ETHER_CTRL-3-OPERATION_FAIL EM-1658 %PLATFORM-ETHER_CTRL-3-PORT_INDEX_FAIL EM-165 8 %PLATFORM-ETHER_CTRL-3-UNKNOWN_CODE EM-1658 %PLATFORM-ETHER_CTRL-4-COUNTER_OVFL EM-1658 %PLATFORM-ETHER_CTRL-4-XCVR_WARNING EM-1659 %PLATFORM-ETHER_CTRL-7-INFO EM-1659 %PLATFORM-FABARBITER-2-BKR_ERROR EM-1659 %PLATFORM-FABARBITER-2-BKT_ERROR EM-1659 %PLATFORM-FABARBITER-2-CARB_CRM_ERROR EM-16 60 %PLATFORM-FABARBITER-2-CARB_ENQDEQ_ERROR E M-1660 %PLATFORM-FABARBITER-2-CARB_FIL_ERROR EM-1660 %PLATFORM-FABARBITER-2-CPU_ACCESS_ERROR EM- 1660 %PLATFORM-FABARBITER-2-CPU_PERR_ERROR EM-166 0 %PLATFORM-FABARBITER-2-CPU_PROTOCOL_ERROR E M-1661 %PLATFORM-FABARBITER-2-SERDES_ERROR EM-1661 %PLATFORM-FABIO-3-ERR_INGQ_CREATE EM-1661 %PLATFORM-FABIO-3-ERR_INGRESS EM-1661 %PLATFORM-FABIO-3-ERR_INIT EM-1662 %PLATFORM-FABIO-3-ERR_MEM_ALLOC EM-1662 %PLATFORM-FABIO-3-ERR_Q_LOOKUP EM-1662 %PLATFORM-FABIO-3-ERR_QUEUE_FOUND EM-1662 %PLATFORM-FABIO-7-ERR_DUPLICATE_STREAMID EM- 1662 %PLATFORM-FABIO-7-ERR_SEND_PKT EM-1663 %PLATFORM-FABRIC_CTRL-2-ACTIVE_RP EM-1663 %PLATFORM-FABRIC_CTRL-2-CARD_STATE EM-1663 %PLATFORM-FABRIC_CTRL-2-CHKPT_INIT_FAILED EM- 1664 %PLATFORM-FABRIC_CTRL-2-CHKPT_REGISTRATION_FA ILED EM-1664 %PLATFORM-FABRIC_CTRL-2-ERR_MEM_ALLOC EM-16 64 %PLATFORM-FABRIC_CTRL-2-ERR_MEM_ALLOC EM-16 65 %PLATFORM-FABRIC_CTRL-2-ERR_MEM_ALLOC EM-16 65 %PLATFORM-FABRIC_CTRL-2-ERR_REPORT EM-1665 %PLATFORM-FABRIC_CTRL-2-EVENT_LOOP EM-1666 %PLATFORM-FABRIC_CTRL-2-FAILED_SYNCH EM-1666 %PLATFORM-FABRIC_CTRL-2-FAILED_TO_RESET_FC E M-1666 %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SEND_CONFIG EM-1667 %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SEND_SLOT_B W EM-1667 %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SYNC_RP EM -1667 %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SYNC_RP_TO_ CSCS EM-1667 %PLATFORM-FABRIC_CTRL-2-FAILED_TO_SYNC_TO_SEL F EM-1668 %PLATFORM-FABRIC_CTRL-2-MBUS_ERROR EM-1668 %PLATFORM-FABRIC_CTRL-2-NOTIFY_BW_CHG_ERROR EM-1668 %PLATFORM-FABRIC_CTRL-2-PROCESS_INIT EM-1669 %PLATFORM-FABRIC_CTRL-3-CARD_ID_FPGA_VERSION_ MISMATCH EM-1669 %PLATFORM-FABRIC_CTRL-3-MBUS EM-1669 %PLATFORM-FABRIC_CTRL-3-MIB_INIT_ERROR EM-167 0 %PLATFORM-FABRIC_CTRL-3-RESTORE_DATA EM-1670 %PLATFORM-FABRIC_CTRL-3-THREAD_CREATE EM-167 0 %PLATFORM-FABRIC_CTRL-3-UNKNOWN_CHASSIS EM- 1671 %PLATFORM-FABRIC_CTRL-3-UNKNOWN_MSG EM-1671 %PLATFORM-FABRIC_CTRL-3-UNSUPPORTED_CHASSIS EM-1672 %PLATFORM-FABRIC_CTRL-4-MCAST_PRI_CFG EM-1672 %PLATFORM-FABRIC_CTRL-5-FABRIC_CARD_OIR_INSER TED EM-1672 %PLATFORM-FABRIC_CTRL-5-FABRIC_CARD_OIR_REMO VED EM-1672 %PLATFORM-FAN-0-OVERCURRENT EM-1673 %PLATFORM-FAULT_MGR-3-INIT_ERROR EM-1673 %PLATFORM-FAULT_MGR-3-MSG_ERROR EM-1673 %PLATFORM-FAULT-2-LC_RESET EM-1674 %PLATFORM-FAULT-3-LC_DEVICE EM-1674 %PLATFORM-FCA-2-CPT_DEV_VERSION_ERROR EM-167 4 %PLATFORM-FCA-2-CPT_PAR_ERROR EM-1675 %PLATFORM-FCA-2-CRRS_DEV_VERSION_ERROR EM-16 75 %PLATFORM-FCA-2-CRRS_PAR_ERROR EM-1675 %PLATFORM-FCA-2-CT2_DEV_VERSION_ERROR EM-167 5 %PLATFORM-FCA-2-CT2_PAR_ERROR EM-1676 %PLATFORM-FCA-2-LB_DEV_VERSION_ERROR EM-1676 %PLATFORM-FCA-2-LBO_PAR_ERROR EM-1676 %PLATFORM-FCA-2-SFP_I2C_PHY_ACK_ERROR EM-1676 %PLATFORM-FCA-2-SFP_I2C_PHY_TM_ERROR EM-1677 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_0 EM-1677 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_1 EM-1677 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_10 EM-167 7 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_11 EM-167 8 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_12 EM-167Index EM-2692 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 8 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_13 EM-167 8 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_14 EM-167 8 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_15 EM-167 9 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_16 EM-167 9 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_17 EM-167 9 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_18 EM-167 9 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_19 EM-168 0 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_2 EM-1680 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_20 EM-168 0 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_21 EM-168 0 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_22 EM-168 1 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_23 EM-168 1 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_24 EM-168 1 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_25 EM-168 1 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_26 EM-168 2 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_27 EM-168 2 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_28 EM-168 2 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_29 EM-168 2 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_3 EM-1683 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_30 EM-168 3 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_31 EM-168 3 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_32 EM-168 3 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_33 EM-168 4 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_34 EM-168 4 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_35 EM-168 4 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_36 EM-168 4 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_37 EM-168 5 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_38 EM-168 5 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_39 EM-168 5 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_4 EM-1685 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_5 EM-1686 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_6 EM-1686 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_7 EM-1686 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_8 EM-1686 %PLATFORM-FCA-2-SFP_LNK_FAULT_ERROR_9 EM-1687 %PLATFORM-FCA-2-XFP_I2C_ERROR EM-1687 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_0 EM-168 7 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_1 EM-168 7 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_2 EM-168 8 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_3 EM-168 8 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_4 EM-168 8 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_5 EM-168 8 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_6 EM-168 8 %PLATFORM-FCA-2-XFP_LNK_FAULT_ERROR_7 EM-168 9 %PLATFORM-FCA-3-SFP_I2C_ACK_ERROR EM-1689 %PLATFORM-FCA-3-SFP_I2C_TM_ERROR EM-1689 %PLATFORM-FDIAGS-3-BAD_EE_READ EM-1689 %PLATFORM-FDIAGS-3-BAD_EE_WRITE EM-1690 %PLATFORM-FDIAGS-3-BAD_F_DIAG_KILL EM-1690 %PLATFORM-FDIAGS-3-BUFFER_TOO_SMALL EM-1690 %PLATFORM-FDIAGS-3-CANNOT_GET_JID EM-1690 %PLATFORM-FDIAGS-3-CANT_SEND_MBUS_MSG_F EM- 1691 %PLATFORM-FDIAGS-3-FAB_MBUS_NOT_READY EM-16 91 %PLATFORM-FDIAGS-3-FABRIC_NOT_DISCONNECTED EM-1691 %PLATFORM-FDIAGS-3-FABRIC_NOT_RESTORED EM-16 91 %PLATFORM-FDIAGS-3-FAILED_SYSMGR_FORK EM-169 2 %PLATFORM-FDIAGS-3-FILE_READ_JID_BAD EM-1692 %PLATFORM-FDIAGS-3-IDLE_CELL_GEN_ADDR EM-1692 %PLATFORM-FDIAGS-3-IF_BAD_HALT_OPEN EM-1692 %PLATFORM-FDIAGS-3-IF_BAD_HALT_WRITE EM-1693 %PLATFORM-FDIAGS-3-IF_BAD_JID_OPEN EM-1693 %PLATFORM-FDIAGS-3-IF_BAD_JID_READ EM-1693 %PLATFORM-FDIAGS-3-IF_BAD_JID_WRITE EM-1693 %PLATFORM-FDIAGS-3-IF_FAIL_CONN_SYSLDR_F EM-1 694 %PLATFORM-FDIAGS-3-IF_FAIL_SEND_SYSLDR_F EM-16 94 %PLATFORM-FDIAGS-3-IF_FAIL_SYSLDR_DISCONNECT_F EM-1694 %PLATFORM-FDIAGS-3-IF_FAIL_UUT_LAUNCH EM-1694 %PLATFORM-FDIAGS-3-IF_INACTIVITY_TIMEOUT EM-1 695 %PLATFORM-FDIAGS-3-IF_NON_EXISTANT_JID_OPEN E M-1695 %PLATFORM-FDIAGS-3-ILLEGAL_FSM_STATE EM-1695Index EM-2693 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-FDIAGS-3-INVALID_FABRIC EM-1695 %PLATFORM-FDIAGS-3-INVALID_SLOT EM-1696 %PLATFORM-FDIAGS-3-MALFORMED_INSTALL_PATH E M-1696 %PLATFORM-FDIAGS-3-MS_NODE_ID_CREATE_FAIL_F EM-1696 %PLATFORM-FDIAGS-3-MS_PRI_CLK_READ EM-1696 %PLATFORM-FDIAGS-3-MS_READ_REG_FAIL EM-1697 %PLATFORM-FDIAGS-3-MS_UNDEF_MS_MSG EM-1697 %PLATFORM-FDIAGS-3-MS_WRITE_REG_FAIL EM-1697 %PLATFORM-FDIAGS-3-MS_XBAR_MAP EM-1697 %PLATFORM-FDIAGS-3-NO_PRIMARY_CSC EM-1698 %PLATFORM-FDIAGS-3-NO_TIME_OF_DAY EM-1698 %PLATFORM-FDIAGS-3-NODE_ID_EXTRACTION_FAILED EM-1698 %PLATFORM-FDIAGS-3-NON_UUT_IN_STATE EM-1698 %PLATFORM-FDIAGS-3-PROBLEM_WITH_FDIAG_REQUES T EM-1699 %PLATFORM-FDIAGS-3-PROG_REG_FAIL EM-1699 %PLATFORM-FDIAGS-3-RESTORE_DEFAULT_RAM_AGEN T EM-1699 %PLATFORM-FDIAGS-3-RP_FILE_PATH EM-1699 %PLATFORM-FDIAGS-3-RP_INSTALL_PATH EM-1700 %PLATFORM-FDIAGS-3-SPA_ID_FAIL EM-1700 %PLATFORM-FDIAGS-3-SPA_UNSUPPORTED_INSTANCE EM-1700 %PLATFORM-FDIAGS-3-SPCL_RAM_AGENTDL_FAILED EM-1700 %PLATFORM-FDIAGS-3-SYSDB_BIND_FAILURE EM-1701 %PLATFORM-FDIAGS-3-SYSLDR_RESULT_CODE_OUT_OF _BOUNDS EM-1701 %PLATFORM-FDIAGS-3-SYSTEM_ERR_NO_CONTINUE E M-1701 %PLATFORM-FDIAGS-3-T_O_D_CONVERT_ERR EM-1701 %PLATFORM-FDIAGS-3-UNRECOGNIZED_CARD EM-1702 %PLATFORM-FDIAGS-3-UNSUPP_CARD EM-1702 %PLATFORM-FDIAGS-3-VARIABLE_GET EM-1702 %PLATFORM-FDIAGS-3-VARIABLE_SET EM-1702 %PLATFORM-FDIAGS-4-BOOT_ALREADY_SET EM-1702 %PLATFORM-FDIAGS-4-ERROR_AFTER_RESULTS_REPOR T EM-1703 %PLATFORM-FDIAGS-4-SYSDB_ITEM_GET_FAILURE EM -1703 %PLATFORM-FDIAGS-4-UNEXP_MSV_SUB_MSG EM-1703 %PLATFORM-FDIAGS-4-UNEXP_SUB_MSG EM-1703 %PLATFORM-FDIAGS-4-UNSUPPORTED_RP_HW_CONFIG EM-1704 %PLATFORM-FDIAGS-4-WRONG_CONFIG_REG_VAL EM -1704 %PLATFORM-FDIAGS-5-CLEANED_DANGLING_JID_FILE EM-1704 %PLATFORM-FDIAGS-5-DIAG_ONLY_SUPPORT_IN_IOX_R UNNING_STATE EM-1704 %PLATFORM-FDIAGS-5-DL_DONE EM-1704 %PLATFORM-FDIAGS-5-DL_START EM-1705 %PLATFORM-FDIAGS-5-DONE EM-1705 %PLATFORM-FDIAGS-5-HALT_REQUESTED EM-1705 %PLATFORM-FDIAGS-5-IF_LONGEST_TIME_MSG EM-170 5 %PLATFORM-FDIAGS-5-IF_NO_CONSOLE EM-1705 %PLATFORM-FDIAGS-5-IF_TERMINATED_F_DIAGS_OK EM-1706 %PLATFORM-FDIAGS-5-IF_TOTAL_TEST_TIME EM-1706 %PLATFORM-FDIAGS-5-LC_TYPE_DEFAULT_RAM_AGEN T EM-1706 %PLATFORM-FDIAGS-5-LC_TYPE_REQUIRES_SPCL_RAM_ AGENT EM-1706 %PLATFORM-FDIAGS-5-START EM-1706 %PLATFORM-FDIAGS-5-SYSLDR_FINISH_HANDOFF EM- 1707 %PLATFORM-FDIAGS-6-COMPLETE EM-1707 %PLATFORM-FDIAGS-6-OUT EM-1707 %PLATFORM-FDIAGS-6-RESULT EM-1707 %PLATFORM-FDIAGS-6-UUT_OUT EM-1707 %PLATFORM-FDIAGS-6-UUT_OUT_I EM-1708 %PLATFORM-FDIAGS-7-FORCE_INTO_FSM EM-1708 %PLATFORM-FDIAGS-7-NON_HELLO_MSG EM-1708 %PLATFORM-FFQ-0-SW_INIT_ERR EM-1708 %PLATFORM-FFQ-3-CORRUPT_PKT EM-1709 %PLATFORM-FFQ-3-CORRUPT_PTR EM-1709 %PLATFORM-FFQ-3-FATAL EM-1709 %PLATFORM-FFQ-3-FATAL_2 EM-1709 %PLATFORM-FFQ-3-GEN_INFO EM-1710 %PLATFORM-FFQ-3-INFO EM-1710 %PLATFORM-FFQ-3-MALLOC_FAILED EM-1710 %PLATFORM-FFQ-3-MEM_ERR EM-1710 %PLATFORM-FFQ-3-NOBUF EM-1710 %PLATFORM-FFQ-3-NOT_YET_IMPLEMENTED EM-1711 %PLATFORM-FFQ-3-PAK_FREE_ERR EM-1711 %PLATFORM-FFQ-3-PAK_INVALID EM-1711 %PLATFORM-FFQ-3-RATEI EM-1711 %PLATFORM-FFQ-3-RATEW EM-1711 %PLATFORM-FFQ-3-TMR EM-1712 %PLATFORM-FFQ-3-USAGE EM-1712 %PLATFORM-FFQ-4-PAK_INVALID EM-1712 %PLATFORM-FIB_DBG-3-ERR_INFO_VERBOSE EM-1712 %PLATFORM-FIB_DBG-3-ERR_INFO_VERBOSE EM-1712 %PLATFORM-FIB_DBG-3-ERR_INFO_VERBOSE EM-1713 %PLATFORM-FIB_IDB_LIB-3-ERR_STR EM-1713 %PLATFORM-FIB_IDB_LIB-3-ERR_STR EM-1713 %PLATFORM-FIB_IDB_LIB-3-ERR_STR EM-1713 %PLATFORM-FIB_IDB_LIB-3-ERROR EM-1713 %PLATFORM-FIB_IDB_LIB-3-ERROR EM-1714 %PLATFORM-FIB_IDB_LIB-3-ERROR EM-1714 %PLATFORM-FIB_LTRACE-3-ERR_INFO_VERBOSE EM-1 714 %PLATFORM-FIB_LTRACE-3-ERR_INFO_VERBOSE EM-1 714 %PLATFORM-FIB_LTRACE-3-ERR_INFO_VERBOSE EM-1 714 %PLATFORM-FPD_BURNER-3-BAD_ARG EM-1715 %PLATFORM-FPD_BURNER-3-FILE_OP_ERR EM-1715 %PLATFORM-FPD_BURNER-3-NO_MEM EM-1715 %PLATFORM-FPD_BURNER-5-progress EM-1715 %PLATFORM-FPD_BURNER-5-version EM-1715 %PLATFORM-G_PLIM_QOS-2-EVENT_BLOCK EM-1716Index EM-2694 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-G_PLIM_QOS-2-THREAD_CREATE_FAILED EM-1716 %PLATFORM-G_PLIM_QOS-3-ERROR EM-1716 %PLATFORM-G_PLIM_QOS-3-MALLOC_FAILED EM-1716 %PLATFORM-GSR_FIB_STATS_API-3-ERROR EM-1717 %PLATFORM-GSR_IPV4_EA-3-ERROR EM-1717 %PLATFORM-GSR_IPv6_EA-3-ERROR EM-1717 %PLATFORM-GSR_lc_exmem-1-RES_ERROR EM-1718 %PLATFORM-GSR_lc_exmem-3-ERROR EM-1718 %PLATFORM-GSR_lc_exmem-3-FATAL EM-1718 %PLATFORM-GSR_lc_exmem-4-exception EM-1718 %PLATFORM-GSR_LC_PM-2-FAULT_LC EM-1719 %PLATFORM-GSR_LC_PM-2-FAULT_LC EM-1719 %PLATFORM-GSR_LC_PM-3-CONN_ERR EM-1719 %PLATFORM-GSR_LC_PM-3-ENGINE_PORT EM-1720 %PLATFORM-GSR_LC_PM-3-FATAL EM-1720 %PLATFORM-GSR_LC_PM-3-FATAL_2 EM-1720 %PLATFORM-GSR_LC_PM-3-INIT_ERR EM-1720 %PLATFORM-GSR_LIB-3-CONN_ERR EM-1721 %PLATFORM-GSR_LIB-3-ERROR EM-1721 %PLATFORM-GSR_LIB-3-LR_ERR EM-1721 %PLATFORM-GSR_MPLS_EA-3-ERROR EM-1721 %PLATFORM-GSR_PRP_PM-2-CRIT_DEVICE EM-1722 %PLATFORM-GSR_PRP_PM-3-HIGH_DEVICE EM-1722 %PLATFORM-GSR_PRP_PM-3-INIT_ERR EM-1722 %PLATFORM-GSR_PRP_PM-3-LOW_DEVICE EM-1723 %PLATFORM-GSR_TUNNEL_EA-3-ERROR EM-1723 %PLATFORM-GSR_TUNNEL_EA-3-ERROR_PARAM EM-17 23 %PLATFORM-GSR_TUNNEL_EA-3-ERROR2 EM-1723 %PLATFORM-GT_I2C-3-BACKPLANE EM-1724 %PLATFORM-GT_I2C-3-DRV_ERR EM-1724 %PLATFORM-GT_I2C-3-LOWER_FANTRAY EM-1724 %PLATFORM-GT_I2C-3-ONBOARD EM-1724 %PLATFORM-GT_I2C-3-REWORK_AND_UPGRADE_REQUI RED EM-1724 %PLATFORM-GT_I2C-3-UNRECOVERABLE_BUS_HANG EM-1725 %PLATFORM-GT_I2C-3-UPPER_FANTRAY EM-1725 %PLATFORM-GT_I2C-7-BUS_HANG EM-1725 %PLATFORM-GT_I2C-7-BUS_UNHANG_SUCCESS EM-172 5 %PLATFORM-HBAGENT-2-FATAL EM-1725 %PLATFORM-HBAGENT-2-FATAL EM-1726 %PLATFORM-HBAGENT-2-NODE_RELOAD EM-1726 %PLATFORM-HBAGENT-2-NODE_RELOAD EM-1726 %PLATFORM-HBAGENT-3-API_FAILURE EM-1726 %PLATFORM-HBAGENT-3-API_FAILURE EM-1727 %PLATFORM-HBAGENT-3-THREAD_CREATE EM-1727 %PLATFORM-HBAGENT-3-THREAD_CREATE EM-1727 %PLATFORM-HBAGENT-4-ATTACH_RECONNECT_HANDL ER EM-1727 %PLATFORM-HBAGENT-4-ATTACH_RECONNECT_HANDL ER EM-1728 %PLATFORM-HBAGENT-4-INIT_LTRACE EM-1728 %PLATFORM-HBAGENT-4-INIT_LTRACE EM-1728 %PLATFORM-HBAGENT-4-SET_HEARTBEAT_PRIORITY EM-1728 %PLATFORM-HBAGENT-4-SET_HEARTBEAT_PRIORITY EM-1729 %PLATFORM-HBAGENT-4-SET_THREAD_PRIORITY EM- 1729 %PLATFORM-HBAGENT-4-SET_THREAD_PRIORITY EM- 1729 %PLATFORM-HBAGENT-7-RELOAD_NOTIFICATION_TEST EM-1729 %PLATFORM-HBAGENT-7-RELOAD_NOTIFICATION_TEST EM-1730 %PLATFORM-HD-2-DEV_HARDDISK_DEVICE_ERR EM-1 730 %PLATFORM-HD-3-DEV_HARDDISK_RESTART EM-1730 %PLATFORM-HFR_IP_EA-3-CRITICAL EM-1730 %PLATFORM-HFR_IP_EA-3-CRITICAL EM-1731 %PLATFORM-HFR_IP_EA-3-ERROR1 EM-1731 %PLATFORM-HFR_IP_EA-3-ERROR1 EM-1731 %PLATFORM-HFR_IP_EA-3-ERROR2 EM-1731 %PLATFORM-HFR_IP_EA-3-ERROR2 EM-1731 %PLATFORM-HFR_IP_EA-5-DEBUG EM-1731 %PLATFORM-HFR_IP_EA-5-DEBUG EM-1732 %PLATFORM-HFR_IPV6_EA-3-CRITICAL EM-1732 %PLATFORM-HFR_IPV6_EA-3-CRITICAL EM-1732 %PLATFORM-HFR_IPV6_EA-3-CRITICAL EM-1732 %PLATFORM-HFR_IPV6_EA-3-ERROR1 EM-1732 %PLATFORM-HFR_IPV6_EA-3-ERROR1 EM-1732 %PLATFORM-HFR_IPV6_EA-3-ERROR1 EM-1733 %PLATFORM-HFR_IPV6_EA-3-ERROR2 EM-1733 %PLATFORM-HFR_IPV6_EA-3-ERROR2 EM-1733 %PLATFORM-HFR_IPV6_EA-3-ERROR2 EM-1733 %PLATFORM-HFR_IPV6_EA-5-DEBUG EM-1733 %PLATFORM-HFR_IPV6_EA-5-DEBUG EM-1733 %PLATFORM-HFR_IPV6_EA-5-DEBUG EM-1734 %PLATFORM-HFR_L2FIB_METRO_SHOW-3-ERROR EM-1 734 %PLATFORM-HFR_L2FIB_METRO_SHOW-7-USAGE EM-1 734 %PLATFORM-HFR_LCPM_SHOW-3-ERROR EM-1734 %PLATFORM-HFR_LCPM_SHOW-3-ERROR EM-1734 %PLATFORM-HFR_LCPM_SHOW-7-USAGE EM-1735 %PLATFORM-HFR_LCPM_SHOW-7-USAGE EM-1735 %PLATFORM-HFR_MPLS_EA-3-ERR EM-1735 %PLATFORM-HFR_MPLS_EA-3-ERR EM-1735 %PLATFORM-HFR_MPLS_EA-3-ERRSTR EM-1735 %PLATFORM-HFR_MPLS_EA-3-ERRSTR EM-1736 %PLATFORM-HFR_MPLS_EA-6-INFO EM-1736 %PLATFORM-HFR_MPLS_EA-6-INFO EM-1736 %PLATFORM-HFR_PM_TEST-3-ERROR EM-1736 %PLATFORM-HFR_PM_TEST-3-ERROR EM-1736 %PLATFORM-HFR_PM_TEST-3-ERROR_2 EM-1737 %PLATFORM-HFR_PM_TEST-3-ERROR_2 EM-1737 %PLATFORM-HFR_PM-3-BAD_PMLIB_SERVER_CONTEXT EM-1737 %PLATFORM-HFR_PM-3-ERR_FAULT_FROM_DEVICE E M-1737 %PLATFORM-HFR_PM-3-ERR_FAULT_SENT EM-1738 %PLATFORM-HFR_PM-3-ERROR EM-1738 %PLATFORM-HFR_PM-3-ERROR EM-1738Index EM-2695 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-HFR_PM-3-ERROR_INIT EM-1738 %PLATFORM-HFR_PM-3-ERROR_INIT EM-1739 %PLATFORM-HFR_PM-3-MALLOC_FAILED EM-1739 %PLATFORM-HFR_PM-3-MALLOC_FAILED EM-1739 %PLATFORM-HFR_PM-4-WARNING EM-1739 %PLATFORM-HFR_PM-4-WARNING EM-1739 %PLATFORM-HFR_PM-4-WARNING EM-1740 %PLATFORM-HFR_PM-4-WARNING EM-1740 %PLATFORM-HFR_PM-7-ERROR EM-1740 %PLATFORM-HFR_PM-7-ERROR EM-1740 %PLATFORM-HFR_PM-7-ERROR_INIT EM-1740 %PLATFORM-HFR_PM-7-ERROR_INIT EM-1741 %PLATFORM-HSR_ES_CLI-3-CAPS_LOAD_FAILED EM-17 41 %PLATFORM-HSR_ES_CLI-3-ERR EM-1741 %PLATFORM-HSR_ES_CLI-3-FATAL EM-1741 %PLATFORM-HSR_ES_CLI-3-FATAL_2 EM-1742 %PLATFORM-HSR_ES_CLI-3-FATAL_3 EM-1742 %PLATFORM-HSR_ES_CLI-3-UNK_MSG_CODE EM-1742 %PLATFORM-HSR_ES_CLI-6-INFO EM-1742 %PLATFORM-I2C-2-VOLT_ALARM_SHUTDOWN EM-1743 %PLATFORM-I2C-2-VOLTAGE_SUPPLY_FAILED EM-1743 %PLATFORM-I2C-3-BP_EN_ERROR EM-1743 %PLATFORM-I2C-3-EMPTY_BIT_NOT_CLEARED_ERROR EM-1743 %PLATFORM-I2C-3-ERR_INIT EM-1743 %PLATFORM-I2C-3-LC_BAD_VRM_INFO EM-1744 %PLATFORM-I2C-3-LC_POWER_FAIL EM-1744 %PLATFORM-I2C-6-LC_POWER_FAIL EM-1744 %PLATFORM-I2C-6-VOLTAGE_VALIDATED EM-1744 %PLATFORM-I2C-7-BOARD_POWERUP_FAIL EM-1744 %PLATFORM-I2C-7-BOARD_POWERUP_FAIL EM-1744 %PLATFORM-I2C-7-BOARD_POWERUP_NOT_HAPPENED EM-1745 %PLATFORM-I2C-7-BOARD_POWERUP_NOT_HAPPENED EM-1745 %PLATFORM-I2C-7-LC_BAD_VRM_INFO EM-1745 %PLATFORM-I2C-7-LC_POWERUP_CHECK_FAIL EM-1745 %PLATFORM-I2C-7-LC_POWERUP_CHECK_FAIL EM-1745 %PLATFORM-I2C-7-SEND_PULSE_FAIL EM-1745 %PLATFORM-I2C-7-SEND_PULSE_FAIL EM-1746 %PLATFORM-INTCTRL-2-BLG_RDY_ERROR EM-1746 %PLATFORM-INTCTRL-2-BLG_RX_PAR_ERROR EM-1746 %PLATFORM-INTCTRL-2-BLG_TX_PAR_ERROR EM-1746 %PLATFORM-INTCTRL-2-CLKCTRL_DACK_ERROR EM-1 747 %PLATFORM-INTCTRL-2-CLKCTRL_RX_PAR_ERROR EM -1747 %PLATFORM-INTCTRL-2-CLKCTRL_TX_PAR_ERROR EM -1747 %PLATFORM-INTCTRL-2-CPU_PRT_A_ERROR EM-1747 %PLATFORM-INTCTRL-2-CPU_PRT_D_ERROR EM-1748 %PLATFORM-INTCTRL-2-DEV_VERSION_ERROR EM-174 8 %PLATFORM-INTCTRL-2-OCT_RDY_ERROR EM-1748 %PLATFORM-INTCTRL-2-OCT_RX_PAR_ERROR EM-1748 %PLATFORM-INTCTRL-2-OCT_TX_PAR_ERROR EM-1749 %PLATFORM-INTCTRL-2-PUNT_RDY_ERROR EM-1749 %PLATFORM-INTCTRL-2-PUNT_RX_PAR_ERROR EM-174 9 %PLATFORM-INTCTRL-2-PUNT_TX_PAR_ERROR EM-174 9 %PLATFORM-INTCTRL-2-THERM_ALARM_ERROR EM-17 50 %PLATFORM-INTCTRL-2-THERM_OVERT_ERROR EM-17 50 %PLATFORM-INTEG_SWITCH-2-LINK_SHUT_DOWN EM- 1750 %PLATFORM-INTEG_SWITCH-2-STACKING_LINK_DOWN EM-1750 %PLATFORM-INV_AGENT-3-ERROR_EXIT EM-1751 %PLATFORM-INV_AGENT-3-OPT_FAIL EM-1751 %PLATFORM-INV_AGENT-6-IF_OIRIN EM-1751 %PLATFORM-INV_AGENT-6-IF_OIROUT EM-1751 %PLATFORM-INV_AGENT-7-INFO EM-1751 %PLATFORM-INV-6- EM-1752 %PLATFORM-INV-6-CF_OIRIN EM-1752 %PLATFORM-INV-6-CF_OIROUT EM-1752 %PLATFORM-INV-6-NODE_STATE_CHANGE EM-1752 %PLATFORM-INV-6-NODE_STATE_CHANGE EM-1752 %PLATFORM-INV-6-NODE_STATE_CHANGE EM-1753 %PLATFORM-INV-6-OIRIN EM-1753 %PLATFORM-INV-6-OIRIN EM-1753 %PLATFORM-INV-6-OIRIN EM-1753 %PLATFORM-INV-7-ERR EM-1754 %PLATFORM-INV-7-ERR EM-1754 %PLATFORM-INV-7-ERR EM-1754 %PLATFORM-INV-7-ERR_DLL EM-1754 %PLATFORM-INV-7-ERR_DLL EM-1754 %PLATFORM-INV-7-ERR_DLL EM-1754 %PLATFORM-INV-7-ERR_EDM_CREATE EM-1755 %PLATFORM-INV-7-ERR_EDM_CREATE EM-1755 %PLATFORM-INV-7-ERR_EDM_CREATE EM-1755 %PLATFORM-INV-7-ERR_EDM_OPEN EM-1755 %PLATFORM-INV-7-ERR_EDM_OPEN EM-1755 %PLATFORM-INV-7-ERR_EDM_OPEN EM-1755 %PLATFORM-INV-7-ERR_MEM_ALLOC EM-1756 %PLATFORM-INV-7-ERR_MEM_ALLOC EM-1756 %PLATFORM-INV-7-ERR_MEM_ALLOC EM-1756 %PLATFORM-INV-7-ERR_RACK_CREATE EM-1756 %PLATFORM-INV-7-ERR_RACK_CREATE EM-1756 %PLATFORM-INV-7-ERR_RACK_CREATE EM-1756 %PLATFORM-INV-7-SYSDB_ERR EM-1757 %PLATFORM-INV-7-SYSDB_ERR EM-1757 %PLATFORM-INV-7-SYSDB_ERR EM-1757 %PLATFORM-INVMGR-2-ERR_SYSDB_REG_NOTIFY EM- 1757 %PLATFORM-INVMGR-3-ERR_EEPROM_READ EM-1757 %PLATFORM-INVMGR-3-ERR_INIT EM-1758 %PLATFORM-INVMGR-3-ERR_MEM_ALLOC EM-1758 %PLATFORM-INVMGR-3-ERR_NODEID_CREATE EM-1758 %PLATFORM-INVMGR-3-ERR_OBJECT_CREATE EM-1759 %PLATFORM-INVMGR-3-ERR_SENSOR_CREATE EM-1759 %PLATFORM-INVMGR-3-ERR_SYSDB_BIND EM-1759 %PLATFORM-INVMGR-5-OIRIN EM-1759 %PLATFORM-INVMGR-5-OIROUT EM-1760Index EM-2696 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-INVMGR-6-NODE_STATE_CHANGE EM-176 0 %PLATFORM-INVMGR-7-ERR_API EM-1760 %PLATFORM-INVMGR-7-ERR_NODEID EM-1760 %PLATFORM-INVMGR-7-FAIL EM-1761 %PLATFORM-IPCLC-3-EVENT EM-1761 %PLATFORM-IPCLC-3-EVENTSYS EM-1761 %PLATFORM-IPCLC-3-INTRLVL EM-1761 %PLATFORM-IPCLC-3-MSGERR EM-1761 %PLATFORM-IPCLC-3-OP EM-1762 %PLATFORM-IPCLC-3-REPLY EM-1762 %PLATFORM-IPCLC-3-REPLYSYS EM-1762 %PLATFORM-IPCP_SRVR-3-SW_INIT_ERROR EM-1762 %PLATFORM-IPCP_SRVR-6-IPCP_SERVER_RESTARTED_N ODE_REBOOTING EM-1762 %PLATFORM-IPMCAST-5-ERR EM-1763 %PLATFORM-LAMPTEST-6-ABORTED EM-1763 %PLATFORM-LAMPTEST-6-COMPLETE EM-1763 %PLATFORM-LAMPTEST-6-INITIATED EM-1763 %PLATFORM-LAMPTEST-6-REJECTED EM-1763 %PLATFORM-LBJR-3-ERR_INIT EM-1764 %PLATFORM-LBJR-3-ERR_MEM_ALLOC EM-1764 %PLATFORM-LBJR-5-ERR_CONT EM-1764 %PLATFORM-LBJR-7-ERR_EVM_CREATE EM-1764 %PLATFORM-LBJR-7-ERR_EVM_NOTIFY EM-1765 %PLATFORM-LBJR-7-ERR_EXIT EM-1765 %PLATFORM-LBJR-7-ERR_LWM_EVENT_BLOCK EM-176 5 %PLATFORM-LBJR-7-ERR_LWM_REPLY EM-1765 %PLATFORM-LC_CPUCTRL-0-NO_RSP_ACT_ERROR EM- 1766 %PLATFORM-LC_CPUCTRL-0-NO_RSP_PRESENT_ERROR EM-1766 %PLATFORM-LC_CPUCTRL-2-ACT_ARB_ERROR EM-1766 %PLATFORM-LC_CPUCTRL-2-ACT_RSP_ERROR EM-1766 %PLATFORM-LC_CPUCTRL-2-BOARD_REV_ERROR EM-1 767 %PLATFORM-LC_CPUCTRL-2-BOARD_REV_PAR_ERROR EM-1767 %PLATFORM-LC_CPUCTRL-2-DEV_VERSION_ERROR E M-1767 %PLATFORM-LC_CPUCTRL-2-NO_ARB_ACT_ERROR EM- 1767 %PLATFORM-LC_CPUCTRL-2-NO_FAB_ACT_ERROR EM- 1768 %PLATFORM-LC_CPUCTRL-2-RSP_PAR_ERROR EM-1768 %PLATFORM-LC_CPUCTRL-2-TX_RX_PAR_ERROR EM-1 768 %PLATFORM-libpcmcia_ide-1-CARD_UNAVAILABLE EM-1 768 %PLATFORM-libpcmcia_ide-5-CARD_SWAPPED EM-1769 %PLATFORM-libpcmcia_ide-5-SYSCALL EM-1769 %PLATFORM-libpcmcia_linux-7-CHILD_SPAWN EM-1769 %PLATFORM-libpcmcia_linux-7-FUNCTION_FAILED EM-17 69 %PLATFORM-libpcmcia_linux-7-MALLOC_FAILED EM-1769 %PLATFORM-libpcmcia_linux-7-NO_SPAWN_PARAM EM-1 770 %PLATFORM-libpcmcia_linux-7-OPEN_FAILED EM-1770 %PLATFORM-libpcmcia_linux-7-SLEEPON_LOCK_FAILED EM-1770 %PLATFORM-libpcmcia_linux-7-SPAWN_FAILED EM-1770 %PLATFORM-LIC_UDI-3-ACQUIRE_FAILURE EM-1771 %PLATFORM-LIC_UDI-3-DATA_ACCURACY_UNKNOWN EM-1771 %PLATFORM-LIC_UDI-7-ERR_EVM_CREATE EM-1771 %PLATFORM-LIC_UDI-7-ERR_INTERNAL EM-1771 %PLATFORM-LIC_UDI-7-ERR_MALLOC EM-1772 %PLATFORM-LIC_UDI-7-ERR_SYSDB_REG_NOTIF EM-17 72 %PLATFORM-MACE-2-ERR EM-1772 %PLATFORM-MACE-2-ERR_RC EM-1772 %PLATFORM-MANSDORF-2-CRITICAL_ERROR EM-1772 %PLATFORM-MANSDORF-3-GENERIC_ERROR EM-1773 %PLATFORM-MANSDORF-6-GENERIC_INFO EM-1773 %PLATFORM-MBI_HELLO-2-ESERVER_DOWN EM-1773 %PLATFORM-MBI_HELLO-2-FATAL EM-1773 %PLATFORM-MBI_HELLO-2-FATAL EM-1773 %PLATFORM-MBI_HELLO-2-FATAL EM-1774 %PLATFORM-MBI_HELLO-2-HEADLESS_RSP_TIMER_INIT _FAILED EM-1774 %PLATFORM-MBI_HELLO-2-NODE_RELOAD EM-1774 %PLATFORM-MBI_HELLO-2-NODE_RELOAD EM-1774 %PLATFORM-MBI_HELLO-2-NODE_RELOAD EM-1775 %PLATFORM-MBI_HELLO-2-NODE_RELOAD EM-1775 %PLATFORM-MBI_HELLO-2-NODE_RELOAD_NOW EM-1 775 %PLATFORM-MBI_HELLO-3-API_FAILURE EM-1775 %PLATFORM-MBI_HELLO-3-API_FAILURE EM-1776 %PLATFORM-MBI_HELLO-3-API_FAILURE EM-1776 %PLATFORM-MBI_HELLO-3-CLOCK_FAIL EM-1776 %PLATFORM-MBI_HELLO-3-CLOCK_FAIL EM-1776 %PLATFORM-MBI_HELLO-3-CLOCK_FAIL EM-1776 %PLATFORM-MBI_HELLO-3-CORRUPTED_HB_REQ_MSG EM-1777 %PLATFORM-MBI_HELLO-3-ERR_SHMEM_ALLOC EM-17 77 %PLATFORM-MBI_HELLO-3-ERROR EM-1777 %PLATFORM-MBI_HELLO-3-ETHSERVER_CONNECT EM -1777 %PLATFORM-MBI_HELLO-3-ETHSERVER_CONNECT EM -1777 %PLATFORM-MBI_HELLO-3-ETHSERVER_CONNECT EM -1778 %PLATFORM-MBI_HELLO-3-ETHSERVER_WRITE EM-177 8 %PLATFORM-MBI_HELLO-3-ETHSERVER_WRITE EM-177 8 %PLATFORM-MBI_HELLO-3-ETHSERVER_WRITE EM-177 8 %PLATFORM-MBI_HELLO-3-INIT_ERR EM-1779 %PLATFORM-MBI_HELLO-3-MALLOC_FAIL EM-1779 %PLATFORM-MBI_HELLO-3-MALLOC_FAIL EM-1779 %PLATFORM-MBI_HELLO-3-MALLOC_FAIL EM-1779 %PLATFORM-MBI_HELLO-3-MSG_SEND_FAIL EM-1779 %PLATFORM-MBI_HELLO-3-MSG_SEND_FAIL EM-1780Index EM-2697 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-MBI_HELLO-3-MSG_SEND_FAIL EM-1780 %PLATFORM-MBI_HELLO-3-REQUEST_NETMGR_MOUNT POINT_FAIL EM-1780 %PLATFORM-MBI_HELLO-3-REQUEST_NETMGR_MOUNT POINT_FAIL EM-1780 %PLATFORM-MBI_HELLO-3-REQUEST_NETMGR_MOUNT POINT_FAIL EM-1781 %PLATFORM-MBI_HELLO-3-SERVER_CONNECT_FAIL E M-1781 %PLATFORM-MBI_HELLO-3-SERVER_CONNECT_FAIL E M-1781 %PLATFORM-MBI_HELLO-3-SERVER_CONNECT_FAIL E M-1781 %PLATFORM-MBI_HELLO-3-THREAD_CREATE EM-1782 %PLATFORM-MBI_HELLO-3-THREAD_CREATE EM-1782 %PLATFORM-MBI_HELLO-3-THREAD_CREATE EM-1782 %PLATFORM-MBI_HELLO-3-TIMER_TIMEOUT EM-1782 %PLATFORM-MBI_HELLO-3-TIMER_TIMEOUT EM-1783 %PLATFORM-MBI_HELLO-3-TIMER_TIMEOUT EM-1783 %PLATFORM-MBI_HELLO-4-ATTACH_RECONNECT_HAN DLER EM-1783 %PLATFORM-MBI_HELLO-4-ATTACH_RECONNECT_HAN DLER EM-1783 %PLATFORM-MBI_HELLO-4-ATTACH_RECONNECT_HAN DLER EM-1784 %PLATFORM-MBI_HELLO-4-INIT_LTRACE EM-1784 %PLATFORM-MBI_HELLO-4-INIT_LTRACE EM-1784 %PLATFORM-MBI_HELLO-4-INIT_LTRACE EM-1784 %PLATFORM-MBI_HELLO-4-SET_HEARTBEAT_PRIORITY EM-1785 %PLATFORM-MBI_HELLO-4-SET_HEARTBEAT_PRIORITY EM-1785 %PLATFORM-MBI_HELLO-4-SET_HEARTBEAT_PRIORITY EM-1785 %PLATFORM-MBI_HELLO-4-SET_THREAD_PRIORITY E M-1785 %PLATFORM-MBI_HELLO-4-SET_THREAD_PRIORITY E M-1786 %PLATFORM-MBI_HELLO-4-SET_THREAD_PRIORITY E M-1786 %PLATFORM-MBI_HELLO-6-LTRACE_INIT_ERR EM-1786 %PLATFORM-MBI_HELLO-7-ERR_MEM_ALLOC EM-1786 %PLATFORM-MBI_HELLO-7-ERR_MSG_SEND EM-1787 %PLATFORM-MBI_HELLO-7-ERR_NETMGR_MOUNTPOINT _REQUEST EM-1787 %PLATFORM-MBI_HELLO-7-ERR_SERVER_CONNECT E M-1787 %PLATFORM-MBI_HELLO-7-HBAGENT_EXISTS EM-1787 %PLATFORM-MBI_HELLO-7-HBAGENT_EXISTS EM-1787 %PLATFORM-MBI_HELLO-7-HBAGENT_EXISTS EM-1788 %PLATFORM-MBI_HELLO-7-INFO_CREATE_SUCCESS E M-1788 %PLATFORM-MBI_HELLO-7-RELOAD_NOTIFICATION_TES T EM-1788 %PLATFORM-MBI_HELLO-7-RELOAD_NOTIFICATION_TES T EM-1788 %PLATFORM-MBI_HELLO-7-RELOAD_NOTIFICATION_TES T EM-1788 %PLATFORM-MBI_HELLO-7-TIMER_TIMEOUT EM-1789 %PLATFORM-MBI_HELLO-7-WARNING EM-1789 %PLATFORM-MBI_LIB_ACCESS-3-MSG_SEND_FAIL EM- 1789 %PLATFORM-MBI_LIB_ACCESS-3-MSG_SEND_FAIL EM- 1789 %PLATFORM-MBI_LIB_ACCESS-3-MSG_SEND_FAIL EM- 1790 %PLATFORM-MBI_LIB_ACCESS-3-SERVER_CONNECT_FAI L EM-1790 %PLATFORM-MBI_LIB_ACCESS-3-SERVER_CONNECT_FAI L EM-1790 %PLATFORM-MBI_LIB_ACCESS-3-SERVER_CONNECT_FAI L EM-1790 %PLATFORM-MBI_LIB_ACCESS-7-ERR_MSG_SEND EM-1 791 %PLATFORM-MBI_LIB_ACCESS-7-ERR_SERVER_CONNEC T EM-1791 %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL EM-1791 %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL EM-1791 %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL EM-1792 %PLATFORM-MBI_LIB-3-MSG_SEND_FAIL EM-1792 %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL EM-1 792 %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL EM-1 792 %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL EM-1 793 %PLATFORM-MBI_LIB-3-SERVER_CONNECT_FAIL EM-1 793 %PLATFORM-MBI_LIB-4-CLOCK_FAIL EM-1793 %PLATFORM-MBI_LIB-4-CLOCK_FAIL EM-1793 %PLATFORM-MBI_LIB-4-CLOCK_FAIL EM-1794 %PLATFORM-MBIMGR-3-COPY_MBI_FILE_NAME_FAIL EM-1794 %PLATFORM-MBIMGR-3-COPY_MBI_FILE_NAME_FAIL EM-1794 %PLATFORM-MBIMGR-3-COPY_MBI_FILE_NAME_FAIL EM-1794 %PLATFORM-MBIMGR-3-DEFAULT_MBI_FAIL EM-1795 %PLATFORM-MBIMGR-3-DEFAULT_MBI_FAIL EM-1795 %PLATFORM-MBIMGR-3-DEFAULT_MBI_FAIL EM-1795 %PLATFORM-MBIMGR-3-FAILED_TO_CALCULATE_MD5 EM-1795 %PLATFORM-MBIMGR-3-FAILED_TO_CALCULATE_MD5 EM-1796 %PLATFORM-MBIMGR-3-FAILED_TO_CALCULATE_MD5 EM-1796 %PLATFORM-MBIMGR-3-FAILED_TO_COMPARE_MD5 E M-1796 %PLATFORM-MBIMGR-3-FAILED_TO_COMPARE_MD5 E M-1796 %PLATFORM-MBIMGR-3-FAILED_TO_COMPARE_MD5 E M-1797 %PLATFORM-MBIMGR-3-IGNORING_MBI EM-1797 %PLATFORM-MBIMGR-3-IGNORING_MBI EM-1797 %PLATFORM-MBIMGR-3-IGNORING_MBI EM-1797 %PLATFORM-MBIMGR-3-INVALID_ARG EM-1798Index EM-2698 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-MBIMGR-3-INVALID_ARG EM-1798 %PLATFORM-MBIMGR-3-INVALID_ARG EM-1798 %PLATFORM-MBIMGR-3-MALLOC_FAIL EM-1798 %PLATFORM-MBIMGR-3-MALLOC_FAIL EM-1799 %PLATFORM-MBIMGR-3-MALLOC_FAIL EM-1799 %PLATFORM-MBIMGR-3-NODEID_EXTRACT_FAIL EM-1 799 %PLATFORM-MBIMGR-3-NODEID_EXTRACT_FAIL EM-1 799 %PLATFORM-MBIMGR-3-NODEID_EXTRACT_FAIL EM-1 800 %PLATFORM-MBIMGR-3-NODEID_FAIL EM-1800 %PLATFORM-MBIMGR-3-NODEID_FAIL EM-1800 %PLATFORM-MBIMGR-3-NODEID_FAIL EM-1800 %PLATFORM-MBIMGR-3-NODEID_TO_IP_ADDR_FAIL E M-1801 %PLATFORM-MBIMGR-3-NODEID_TO_IP_ADDR_FAIL E M-1801 %PLATFORM-MBIMGR-3-NODEID_TO_IP_ADDR_FAIL E M-1801 %PLATFORM-MBIMGR-3-NODEID_TO_STR_EXTERNAL_F AIL EM-1801 %PLATFORM-MBIMGR-3-NODEID_TO_STR_EXTERNAL_F AIL EM-1802 %PLATFORM-MBIMGR-3-NODEID_TO_STR_EXTERNAL_F AIL EM-1802 %PLATFORM-MBIMGR-3-NULL_PTR EM-1802 %PLATFORM-MBIMGR-3-NULL_PTR EM-1802 %PLATFORM-MBIMGR-3-NULL_PTR EM-1803 %PLATFORM-MBIMGR-3-TFTP_INFO_FAIL EM-1803 %PLATFORM-MBIMGR-3-TFTP_INFO_FAIL EM-1803 %PLATFORM-MBIMGR-3-TFTP_INFO_FAIL EM-1803 %PLATFORM-MBIMGR-3-UNKNOWN_BOARDTYPE EM-1 804 %PLATFORM-MBIMGR-3-UNKNOWN_BOARDTYPE EM-1 804 %PLATFORM-MBIMGR-3-UNKNOWN_BOARDTYPE EM-1 804 %PLATFORM-MBIMGR-4-REMOTE_NODEID_MSG_STR_CR EATE_FAIL EM-1804 %PLATFORM-MBIMGR-4-REMOTE_NODEID_MSG_STR_CR EATE_FAIL EM-1805 %PLATFORM-MBIMGR-4-REMOTE_NODEID_MSG_STR_CR EATE_FAIL EM-1805 %PLATFORM-MBIMGR-6-MBIVSN_DIGIT_INFO EM-1805 %PLATFORM-MBIMGR-6-MBIVSN_DIGIT_INFO EM-1805 %PLATFORM-MBIMGR-6-MBIVSN_DIGIT_INFO EM-1805 %PLATFORM-MBIMGR-6-MBIVSN_STR_INFO EM-1806 %PLATFORM-MBIMGR-6-MBIVSN_STR_INFO EM-1806 %PLATFORM-MBIMGR-6-MBIVSN_STR_INFO EM-1806 %PLATFORM-MBIMGR-7-IMAGE_VALIDATED EM-1806 %PLATFORM-MBIMGR-7-IMAGE_VALIDATED EM-1806 %PLATFORM-MBIMGR-7-IMAGE_VALIDATED EM-1806 %PLATFORM-MBIMGR-7-INVALID_MBIVSN EM-1807 %PLATFORM-MBIMGR-7-INVALID_MBIVSN EM-1807 %PLATFORM-MBIMGR-7-INVALID_MBIVSN EM-1807 %PLATFORM-MBUS-4-SVC_AGENT_ROM_DOWN_REV E M-1807 %PLATFORM-MBUS-7-API_DEBUG EM-1808 %PLATFORM-MBUS-7-API_DOWNLOAD_FAIL_STATUS EM-1808 %PLATFORM-MBUS-7-API_FILE_OPERATION_FAILED E M-1808 %PLATFORM-MBUS-7-API_INFO EM-1808 %PLATFORM-MBUS-7-API_INFO_DUMP EM-1808 %PLATFORM-MBUS-7-API_INVALID_SLOT EM-1808 %PLATFORM-MBUS-7-API_NULL_PARAMETER EM-1809 %PLATFORM-MBUS-7-ATTACH_DEBUG EM-1809 %PLATFORM-MBUS-7-ATTACH_ERR EM-1809 %PLATFORM-MBUS-7-ATTACH_INFO_DUMP EM-1809 %PLATFORM-MBUS-7-CLIENT_FAILURE EM-1809 %PLATFORM-MBUS-7-MSG_INFO_DUMP EM-1809 %PLATFORM-MBUS-7-MSG_INFO_DUMP EM-1810 %PLATFORM-MBUS-7-SVC_AGENT_CHECK_FAILED EM- 1810 %PLATFORM-MBUS-7-SVC_DEBUG EM-1810 %PLATFORM-MBUS-7-SVC_EOF_UNEXPECTED EM-1810 %PLATFORM-MBUS-7-SVC_FILE_OPERATION_FAILED E M-1810 %PLATFORM-MBUS-7-SVC_INFO_DUMP EM-1810 %PLATFORM-MBUS-7-SVC_INVALID_STREAM EM-1811 %PLATFORM-MCE-2-L2CACHE_ERR EM-1811 %PLATFORM-MDIO-3-ERROR_EXIT EM-1811 %PLATFORM-MDIO-7-OPERATION_FAIL EM-1811 %PLATFORM-MLAN-3-DRIVER_ERROR EM-1812 %PLATFORM-MLAN-3-OPERATION_ERROR EM-1812 %PLATFORM-MLAN-6-DRIVER_INFO EM-1812 %PLATFORM-MLAN-6-OPERATION_INFO EM-1812 %PLATFORM-MLAN-7-OPERATION_TRACE EM-1812 %PLATFORM-MPC8641-3-PCI_ERROR EM-1813 %PLATFORM-MPC8641-3-PCI_FATAL EM-1813 %PLATFORM-MPC8641-3-PCI_SW_ERR EM-1813 %PLATFORM-MSM-3-ERR EM-1814 %PLATFORM-MSM-3-ERR EM-1814 %PLATFORM-NETIO_LC-3-FAB EM-1814 %PLATFORM-NETIO_LC-3-FAB_ERR EM-1814 %PLATFORM-NETIO_LC-7-FAB_SEND EM-1814 %PLATFORM-NFEA_HW_PROG-5-MAX_LIMIT EM-1815 %PLATFORM-NFEA_HW_PROG-6-INFO_MSG EM-1815 %PLATFORM-NFEA_HW_PROG-7-ERR_MSG EM-1815 %PLATFORM-NFEA_HW_PROG-7-ERR_MSG EM-1815 %PLATFORM-NP-0-CENTRAL_CLUSTER_PARITY EM-181 6 %PLATFORM-NP-0-FATAL_INT_CASE EM-1816 %PLATFORM-NP-0-HW_DOUBLE_ECC_ERROR EM-1816 %PLATFORM-NP-0-INIT_ERR EM-1816 %PLATFORM-NP-0-MATRIX_CLUSTER_PARITY EM-1817 %PLATFORM-NP-0-NP_INIT_FAILURE EM-1817 %PLATFORM-NP-0-PARSE_CLUSTER_PARITY EM-1817 %PLATFORM-NP-0-PEX_PARITY EM-1817 %PLATFORM-NP-0-RESOLVE_CLUSTER_PARITY EM-1818 %PLATFORM-NP-0-SEARCH_CLUSTER_PARITY EM-1818 %PLATFORM-NP-0-TCAM_FATAL_INT_CASE EM-1818 %PLATFORM-NP-0-TCAM_WRITE_PARITY_ERROR EM-1 818 %PLATFORM-NP-0-TM_CNTL_CLUSTER_PARITY EM-181Index EM-2699 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 9 %PLATFORM-NP-0-TMA_CLUSTER_PARITY EM-1819 %PLATFORM-NP-0-TMB_CLUSTER_PARITY EM-1819 %PLATFORM-NP-0-TMC_CLUSTER_PARITY EM-1819 %PLATFORM-NP-3-BIQ_EMPTY EM-1820 %PLATFORM-NP-3-EG_FBU_POOL_EMPTY EM-1820 %PLATFORM-NP-3-FBU3_LOW_RESOURCE EM-1820 %PLATFORM-NP-3-HOST_SLAVE_QUEUE_FULL EM-1820 %PLATFORM-NP-3-HW_OQ_FULL EM-1821 %PLATFORM-NP-3-HW_RX_RFD_EMPTY EM-1821 %PLATFORM-NP-3-HW_SINGLE_ECC_ERROR EM-1821 %PLATFORM-NP-3-HW_TFD_FULL EM-1821 %PLATFORM-NP-3-HW_TX_RFD_EMPTY EM-1822 %PLATFORM-NP-3-ING_FBU_POOL_EMPTY EM-1822 %PLATFORM-NP-3-OOR EM-1822 %PLATFORM-NP-3-TMA_FULL EM-1822 %PLATFORM-NP-3-TMB_FULL EM-1823 %PLATFORM-NP-4-FAULT EM-1823 %PLATFORM-NP-6-HOST_SLAVE_QUEUE_NOT_EMPTY EM-1823 %PLATFORM-OBFL-3-ERR EM-1823 %PLATFORM-obfl-3-ERR EM-1823 %PLATFORM-OBFL-3-ERR_CREATE EM-1824 %PLATFORM-obfl-3-ERR_CREATE EM-1824 %PLATFORM-OBFL-3-ERR_GET EM-1824 %PLATFORM-obfl-3-ERR_GET EM-1824 %PLATFORM-OBFL-3-ERR_INIT EM-1825 %PLATFORM-obfl-3-ERR_INIT EM-1825 %PLATFORM-OBFL-3-ERR_INIT_NO_EXIT EM-1825 %PLATFORM-OBFL-3-ERR_WRITE EM-1825 %PLATFORM-obfl-3-ERR_WRITE EM-1826 %PLATFORM-obfl-7-ERR_EVM_CREATE EM-1826 %PLATFORM-obfl-7-ERR_INTERNAL EM-1826 %PLATFORM-obfl-7-ERR_MALLOC EM-1826 %PLATFORM-obfl-7-ERR_SYSDB_REG_NOTIF EM-1826 %PLATFORM-obfl-7-ERR_THREAD_CREATE EM-1826 %PLATFORM-obfl-7-ERROR EM-1827 %PLATFORM-obfl-7-TRACE_INTERNAL EM-1827 %PLATFORM-OIRD-5-OIRIN EM-1827 %PLATFORM-OIRD-5-OIRIN EM-1827 %PLATFORM-OIRD-5-OIROUT EM-1827 %PLATFORM-OIRD-5-OIROUT EM-1828 %PLATFORM-OIRD-7-ASYNC_ATTACH_FAIL EM-1828 %PLATFORM-OIRD-7-ASYNC_ATTACH_FAIL EM-1828 %PLATFORM-OIRD-7-ASYNC_MSG_ERROR EM-1828 %PLATFORM-OIRD-7-ASYNC_MSG_ERROR EM-1828 %PLATFORM-OIRD-7-CHKPT_FAIL EM-1829 %PLATFORM-OIRD-7-CHKPT_FAIL EM-1829 %PLATFORM-OIRD-7-EVM_CREATE_FAIL EM-1829 %PLATFORM-OIRD-7-EVM_CREATE_FAIL EM-1829 %PLATFORM-OIRD-7-MMAP_FAIL EM-1829 %PLATFORM-OIRD-7-MMAP_FAIL EM-1830 %PLATFORM-OIRD-7-MSG_ATTACH_FAIL EM-1830 %PLATFORM-OIRD-7-MSG_ATTACH_FAIL EM-1830 %PLATFORM-OIRD-7-MSG_CHAN_CONN_FAIL EM-1830 %PLATFORM-OIRD-7-MSG_CHAN_CONN_FAIL EM-1830 %PLATFORM-OIRD-7-MSG_ERROR EM-1831 %PLATFORM-OIRD-7-MSG_ERROR EM-1831 %PLATFORM-OIRD-7-THREAD_CREATE_FAIL EM-1831 %PLATFORM-OIRD-7-THREAD_CREATE_FAIL EM-1831 %PLATFORM-OIRD-7-TIMER_CREATE_FAIL EM-1831 %PLATFORM-OIRD-7-TIMER_CREATE_FAIL EM-1832 %PLATFORM-OIRD-7-TIMER_INIT_FAIL EM-1832 %PLATFORM-OIRD-7-TIMER_INIT_FAIL EM-1832 %PLATFORM-OIRD-7-UNEXPECTED EM-1832 %PLATFORM-OIRD-7-UNEXPECTED EM-1832 %PLATFORM-PCIER-2-PCIE_1_ROOT_ERROR EM-1833 %PLATFORM-PCIER-2-PCIE_2_ROOT_ERROR EM-1833 %PLATFORM-PCIMGR-2-SW_FATAL_ERROR EM-1833 %PLATFORM-PCIMGR-3-MUTEX_LOCK_ERROR EM-1833 %PLATFORM-PCIMGR-3-MUTEX_UNLOCK_ERROR EM-1 834 %PLATFORM-PCIMGR-3-REG_PM_ERROR EM-1834 %PLATFORM-PCMCIA-3-PCI_DEV_ATTACH_ERROR EM- 1834 %PLATFORM-PCMCIA-3-PCI_SVR_ATTACH_ERROR EM- 1834 %PLATFORM-PCMCIA-7-MEM_MAP_ERROR EM-1834 %PLATFORM-PCMCIA-7-REG_PM_ERROR EM-1835 %PLATFORM-PCMCIAD-7-FUNCTION_FAILED EM-1835 %PLATFORM-PCMCIAD-7-KILL_FAILED EM-1835 %PLATFORM-PCMCIAD-7-MSGSEND_FAILED EM-1835 %PLATFORM-PCMCIAD-7-RESTART EM-1835 %PLATFORM-PCMCIAD-7-SIGNAL_OP_FAILED EM-1836 %PLATFORM-PCMCIAD-7-UNLINK_FAILED EM-1836 %PLATFORM-PCTL-3-gsp_msg_failed EM-1836 %PLATFORM-PCTL-3-gsp_msg_failed EM-1836 %PLATFORM-PCTL-3-gsp_msg_failed EM-1836 %PLATFORM-PEX8111-1-EXIT_INIT EM-1837 %PLATFORM-PEX8111-2-DEVICE_INTERNAL_ERROR EM -1837 %PLATFORM-PEX8111-2-TRANSACTION_TIMEOUT EM-1 837 %PLATFORM-PEX8111-2-UNSUPPORTED_REQUEST EM-1 837 %PLATFORM-PEX8111-2-WARN_INIT EM-1838 %PLATFORM-PEX8111-3-INTR_MASKED EM-1838 %PLATFORM-PEX8508-1-EXIT_INIT EM-1838 %PLATFORM-PEX8508-2-BIST_FAIL EM-1838 %PLATFORM-PEX8508-2-HW_STRAP_ERROR EM-1839 %PLATFORM-PEX8508-2-LINK_TRAIN_FAIL EM-1839 %PLATFORM-PEX8508-2-UNCORR_ECC_ERROR EM-1839 %PLATFORM-PEX8508-2-WARN_INIT EM-1839 %PLATFORM-PEX8508-3-CORR_ECC_ERROR EM-1839 %PLATFORM-PEX8508-3-INTR_MASKED EM-1840 %PLATFORM-PEXRC-1-EXIT_INIT EM-1840 %PLATFORM-PEXRC-2-WARN_INIT EM-1840 %PLATFORM-PFM-0-CARD_RESET_REQ EM-1840 %PLATFORM-PFM-0-GRACEFUL_CARD_RESET_TIMED_O UT EM-1841 %PLATFORM-PFM-2-LIB_LC_RESET EM-1841 %PLATFORM-PFM-3-APPL_COND_RESYNC_MISMATCH EM-1841 %PLATFORM-PFM-3-APPL_DEV_RESYNC_MISMATCH E M-1841 %PLATFORM-PFM-3-APPL_RESYNC_MISMATCH EM-1842Index EM-2700 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-PFM-3-CARD_RESET_NOT_ALLOWED EM- 1842 %PLATFORM-PFM-3-CHIP_RESET_NOT_ALLOWED EM-1 842 %PLATFORM-PFM-3-CHIP_RESET_NOT_SUPPORTED EM- 1842 %PLATFORM-PFM-3-DB_INT_ERR EM-1843 %PLATFORM-PFM-3-INV_FAULT_SEVERITY EM-1843 %PLATFORM-PFM-3-LIB_INT_ERR EM-1843 %PLATFORM-PFM-3-LIB_NOMEM_ERR EM-1843 %PLATFORM-PFM-3-LIB_SENT_FAIL EM-1844 %PLATFORM-PFM-3-NFM_INT_ERR EM-1844 %PLATFORM-PFM-3-NODE_INT_ERR EM-1844 %PLATFORM-PFM-3-NODE_INT_SLOW_REP_ERR EM-184 4 %PLATFORM-PFM-3-UNK_RECOVERY_ACTION EM-1845 %PLATFORM-PFM-6-FAULT_SUPPRESSED_EVT_INFO E M-1845 %PLATFORM-PFM-6-NODE_INFO EM-1845 %PLATFORM-PLAT_FIB_HAL-3-ERR_DETAIL EM-1845 %PLATFORM-PLAT_FIB_HAL-3-ERR_INFO EM-1846 %PLATFORM-PLAT_FIB_HAL-3-ERR_INFO_HEX EM-1846 %PLATFORM-PLAT_FIB_HAL-3-ERR_INFO_RT EM-1846 %PLATFORM-PLAT_FIB_HAL-3-ERR_STR EM-1846 %PLATFORM-PLAT_FIB_HAL-3-ERR_STR_RT EM-1846 %PLATFORM-PLAT_FIB_HAL-3-ERROR EM-1847 %PLATFORM-PLAT_FIB_HAL-3-ERROR_RT EM-1847 %PLATFORM-PLAT_FIB_HAL-6-INFO EM-1847 %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL EM-1847 %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL EM-1847 %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL EM-1848 %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL_INFO EM-184 8 %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL_INFO EM-184 8 %PLATFORM-PLAT_FIB_MPLS-2-CRITICAL_INFO EM-184 8 %PLATFORM-PLAT_FIB_MPLS-3-ERR_DETAIL EM-1848 %PLATFORM-PLAT_FIB_MPLS-3-ERR_DETAIL EM-1848 %PLATFORM-PLAT_FIB_MPLS-3-ERR_DETAIL EM-1849 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO EM-1849 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO EM-1849 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO EM-1849 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO EM-1849 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO EM-1850 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO EM-1850 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO_HEX EM-185 0 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO_HEX EM-185 0 %PLATFORM-PLAT_FIB_MPLS-3-ERR_INFO_HEX EM-185 0 %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR EM-1851 %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR EM-1851 %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR EM-1851 %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR EM-1851 %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR EM-1851 %PLATFORM-PLAT_FIB_MPLS-3-ERR_STR EM-1851 %PLATFORM-PLAT_FIB_MPLS-3-ERROR EM-1852 %PLATFORM-PLAT_FIB_MPLS-3-ERROR EM-1852 %PLATFORM-PLAT_FIB_MPLS-3-ERROR EM-1852 %PLATFORM-PLAT_FIB_MPLS-3-ERROR EM-1852 %PLATFORM-PLAT_FIB_MPLS-3-ERROR EM-1852 %PLATFORM-PLAT_FIB_MPLS-3-ERROR EM-1852 %PLATFORM-PLAT_FIB_MPLS-3-SHMEM EM-1853 %PLATFORM-PLAT_FIB_MPLS-3-SHMEM EM-1853 %PLATFORM-PLAT_FIB_MPLS-3-SHMEM EM-1853 %PLATFORM-PLAT_FIB_MPLS-4-WARNING EM-1853 %PLATFORM-PLAT_FIB_MPLS-4-WARNING EM-1853 %PLATFORM-PLAT_FIB_MPLS-4-WARNING EM-1853 %PLATFORM-PLAT_FIB_MPLS-4-WARNING_INFO EM-18 54 %PLATFORM-PLAT_FIB_MPLS-4-WARNING_INFO EM-18 54 %PLATFORM-PLAT_FIB_MPLS-4-WARNING_INFO EM-18 54 %PLATFORM-PLAT_FIB_MPLS-6-INFO EM-1854 %PLATFORM-PLAT_FIB_MPLS-6-INFO EM-1854 %PLATFORM-PLAT_FIB_MPLS-6-INFO EM-1854 %PLATFORM-PLAT_FIB_RP-3-ERR_INFO EM-1855 %PLATFORM-PLAT_FIB_RP-3-ERR_INFO EM-1855 %PLATFORM-PLAT_FIB_RP-3-ERR_INFO EM-1855 %PLATFORM-PLAT_FIB_RP-3-ERR_INFO_VERBOSE EM-1 855 %PLATFORM-PLAT_FIB_RP-3-ERR_INFO_VERBOSE EM-1 855 %PLATFORM-PLAT_FIB_RP-3-ERR_INFO_VERBOSE EM-1 855 %PLATFORM-PLAT_FIB_RP-3-ERROR EM-1856 %PLATFORM-PLAT_FIB_RP-3-ERROR EM-1856 %PLATFORM-PLAT_FIB_RP-3-ERROR EM-1856 %PLATFORM-PLAT_FIB-3-ERR_INFO EM-1856 %PLATFORM-PLAT_FIB-3-ERR_INFO EM-1856 %PLATFORM-PLAT_FIB-3-ERR_INFO EM-1857 %PLATFORM-PLAT_FIB-3-ERR_INFO_RT EM-1857 %PLATFORM-PLAT_FIB-3-ERR_INFO_RT EM-1857 %PLATFORM-PLAT_FIB-3-ERR_INFO_RT EM-1857 %PLATFORM-PLAT_FIB-3-ERR_STR EM-1857 %PLATFORM-PLAT_FIB-3-ERR_STR EM-1858 %PLATFORM-PLAT_FIB-3-ERR_STR EM-1858 %PLATFORM-PLAT_FIB-3-ERR_STR_RT EM-1858 %PLATFORM-PLAT_FIB-3-ERR_STR_RT EM-1858 %PLATFORM-PLAT_FIB-3-ERR_STR_RT EM-1858 %PLATFORM-PLAT_FIB-3-ERROR EM-1859 %PLATFORM-PLAT_FIB-3-ERROR EM-1859 %PLATFORM-PLAT_FIB-3-ERROR EM-1859 %PLATFORM-PLAT_FIB-3-ERROR_RT EM-1859 %PLATFORM-PLAT_FIB-3-ERROR_RT EM-1859 %PLATFORM-PLAT_FIB-3-ERROR_RT EM-1860 %PLATFORM-PLAT_FIB-4-WARNING_RT EM-1860 %PLATFORM-PLAT_FIB-6-COMM_INFO EM-1860 %PLATFORM-PLAT_FIB-6-FRR_INFO EM-1860 %PLATFORM-PLAT_FIB-6-FRR_INFO EM-1860 %PLATFORM-PLAT_FIB-6-FRR_INFO EM-1860 %PLATFORM-PLAT_FIB-6-INFO EM-1861 %PLATFORM-PLAT_FIB-6-INFO EM-1861Index EM-2701 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-PLAT_FIB-6-INFO EM-1861 %PLATFORM-PLAT_L2FIB_ATOM-3-DEBUG_ERROR EM- 1861 %PLATFORM-PLAT_L2FIB_ATOM-3-INIT_ERROR EM-186 1 %PLATFORM-PLAT_L2FIB_ATOM-3-LTRACE_ERROR EM -1861 %PLATFORM-PLAT_L2FIB_ATOM-7-DEBUG_ERROR EM- 1862 %PLATFORM-PLAT_L2FIB_ATOM-7-DEBUG_ERROR EM- 1862 %PLATFORM-PLAT_L2FIB_ATOM-7-INIT_ERROR EM-186 2 %PLATFORM-PLAT_L2FIB_ATOM-7-INIT_ERROR EM-186 2 %PLATFORM-PLAT_L2FIB_ATOM-7-LTRACE_ERROR EM -1862 %PLATFORM-PLAT_L2FIB_ATOM-7-LTRACE_ERROR EM -1862 %PLATFORM-PLAT_L2FIB_BRIDGING-7-BRIDGE_ERROR EM-1863 %PLATFORM-PLAT_L2FIB_BRIDGING-7-DEBUG_ERROR EM-1863 %PLATFORM-PLAT_L2FIB_BRIDGING-7-HW_INIT_ERROR EM-1863 %PLATFORM-PLAT_L2FIB_BRIDGING-7-INIT_ERROR EM -1863 %PLATFORM-PLAT_L2FIB_BRIDGING-7-LTRACE_ERROR EM-1863 %PLATFORM-PLAT_L2FIB_BRIDGING-7-PFI_ERROR EM- 1864 %PLATFORM-PLAT_L2FIB_BRIDGING-7-TCAM_ERROR E M-1864 %PLATFORM-PLAT_L2FIB_COMMON-7-HW_INIT_ERROR EM-1864 %PLATFORM-PLAT_L2FIB_DEBUG-3-REGISTER_FAILED EM-1864 %PLATFORM-PLAT_L2FIB_DEBUG-7-REGISTER_FAILED EM-1864 %PLATFORM-PLAT_L2FIB_DEBUG-7-REGISTER_FAILED EM-1865 %PLATFORM-PLAT_L2FIB_LOCSW-7-DEBUG_ERROR EM -1865 %PLATFORM-PLAT_L2FIB_LOCSW-7-DEBUG_ERROR EM -1865 %PLATFORM-PLAT_L2FIB_LOCSW-7-DEBUG_ERROR EM -1865 %PLATFORM-PLAT_L2FIB_LOCSW-7-INIT_ERROR EM-18 65 %PLATFORM-PLAT_L2FIB_LOCSW-7-INIT_ERROR EM-18 66 %PLATFORM-PLAT_L2FIB_LOCSW-7-INIT_ERROR EM-18 66 %PLATFORM-PLAT_L2FIB_LOCSW-7-LTRACE_ERROR E M-1866 %PLATFORM-PLAT_L2FIB_LOCSW-7-LTRACE_ERROR E M-1866 %PLATFORM-PLAT_L2FIB_LOCSW-7-LTRACE_ERROR E M-1866 %PLATFORM-PLAT_L2FIB_LOCSW-7-PFI_ERROR EM-186 6 %PLATFORM-PLAT_L2FIB_LOCSW-7-PFI_ERROR EM-186 7 %PLATFORM-PLAT_L2FIB_LOCSW-7-PFI_ERROR EM-186 7 %PLATFORM-PLAT_L2FIB_LTRACE-3-ERR_INFO_VERBOS E EM-1867 %PLATFORM-PLAT_L2FIB_LTRACE-7-ERR_INFO_VERBOS E EM-1867 %PLATFORM-PLAT_L2FIB_LTRACE-7-ERR_INFO_VERBOS E EM-1867 %PLATFORM-PLAT_L2FIB_METRO-2-QINQ_INIT_ERROR EM-1868 %PLATFORM-PLAT_L2FIB_METRO-3-BRIDGE_QINQ_ERRO R EM-1868 %PLATFORM-PLAT_L2FIB_METRO-3-QINQ_TCAM_WRITE _ERROR EM-1868 %PLATFORM-PLAT_L2FIB_METRO-7-HW_INIT_ERROR E M-1868 %PLATFORM-PLAT_L2FIB_RP-3-DEBUG_ERROR EM-1868 %PLATFORM-PLAT_L2FIB_RP-3-DEBUG_ERROR EM-1869 %PLATFORM-PLAT_L2FIB_RP-3-DEBUG_ERROR EM-1869 %PLATFORM-PLAT_L2FIB_RP-7-INIT_ERROR EM-1869 %PLATFORM-PLAT_L2FIB_RP-7-LTRACE_ERROR EM-186 9 %PLATFORM-PLAT_L2FIB-3-CERR_ERROR EM-1869 %PLATFORM-PLAT_L2FIB-3-DEBUG_ERROR EM-1870 %PLATFORM-PLAT_L2FIB-3-HW_INIT_ERROR EM-1870 %PLATFORM-PLAT_L2FIB-3-LTRACE_ERROR EM-1870 %PLATFORM-PLAT_L2FIB-7-CERR_ERROR EM-1870 %PLATFORM-PLAT_L2FIB-7-CERR_ERROR EM-1870 %PLATFORM-PLAT_L2FIB-7-DEBUG_ERROR EM-1870 %PLATFORM-PLAT_L2FIB-7-DEBUG_ERROR EM-1871 %PLATFORM-PLAT_L2FIB-7-HW_INIT_ERROR EM-1871 %PLATFORM-PLAT_L2FIB-7-HW_INIT_ERROR EM-1871 %PLATFORM-PLAT_L2FIB-7-LTRACE_ERROR EM-1871 %PLATFORM-PLAT_L2FIB-7-LTRACE_ERROR EM-1871 %PLATFORM-PLAT_L2FIB-7-NHOP_ERROR EM-1871 %PLATFORM-PLAT_L2FIB-7-PFI_ERROR EM-1872 %PLATFORM-PLAT_L2VPN_DEBUG-7-REGISTER_FAILED EM-1872 %PLATFORM-PLAT_L2VPN_FGID-3-ALLOC_ERROR EM-1 872 %PLATFORM-PLAT_L2VPN_FGID-3-DEBUG_ERROR EM- 1872 %PLATFORM-PLAT_L2VPN_FGID-3-DEBUG_ERROR EM- 1872 %PLATFORM-PLAT_L2VPN_FGID-3-MEM_ERROR EM-187 3 %PLATFORM-PLAT_L2VPN_FGID-3-MEM_ERROR EM-187 3 %PLATFORM-PLAT_L2VPN_FGID-3-REMARK_ERROR E M-1873 %PLATFORM-PLAT_L2VPN_FGID-3-TIMER_ERROR EM-1 873 %PLATFORM-PLAT_L2VPN_FGID-3-TIMER_ERROR EM-1Index EM-2702 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 873 %PLATFORM-PLAT_L2VPN_FGID-7-INIT_ERROR EM-1873 %PLATFORM-PLAT_L2VPN_FGID-7-INIT_ERROR EM-1874 %PLATFORM-PLAT_L2VPN_FGID-7-LTRACE_ERROR EM -1874 %PLATFORM-PLAT_L2VPN_FGID-7-LTRACE_ERROR EM -1874 %PLATFORM-PLAT_L2VPN_LTRACE-7-ERR_INFO_VERBO SE EM-1874 %PLATFORM-PLAT_L2VPN-3-RSI_ERROR EM-1874 %PLATFORM-PLAT_L2VPN-3-RSI_ERROR EM-1875 %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO EM-1875 %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO EM-1875 %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO EM-1875 %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO_VERBOSE E M-1875 %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO_VERBOSE E M-1875 %PLATFORM-PLAT_V6FIB_RP-3-ERR_INFO_VERBOSE E M-1876 %PLATFORM-PLAT_V6FIB_RP-3-ERROR EM-1876 %PLATFORM-PLAT_V6FIB_RP-3-ERROR EM-1876 %PLATFORM-PLAT_V6FIB_RP-3-ERROR EM-1876 %PLATFORM-PLATFORM_HFR_LIB-7-AM_I_SC_ERROR EM-1876 %PLATFORM-PLATFORM_HFR_LIB-7-AM_I_SC_ERROR EM-1877 %PLATFORM-PLATFORM_HFR_LIB-7-ERR_GET_BOARD_T YPE EM-1877 %PLATFORM-PLATFORM_HFR_LIB-7-ERR_GET_CARD_TY PE EM-1877 %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_CLEAR E M-1877 %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_CLEAR E M-1878 %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_DISABLE EM-1878 %PLATFORM-PLIM_16P_OC48-3-DEVICE_INTR_DISABLE EM-1878 %PLATFORM-PLIM_16P_OC48-3-GENERIC_ERROR EM-18 78 %PLATFORM-PLIM_16P_OC48-6-GENERIC_INFO EM-1878 %PLATFORM-PLIM_16P_OC48-6-OIM_OIR EM-1879 %PLATFORM-PLIM_16P_OC48-6-OIM_OIR EM-1879 %PLATFORM-PLIM_IPC-3-API_ERROR EM-1879 %PLATFORM-PLIM_IPC-3-ERROR EM-1879 %PLATFORM-PLIM_IPC-3-INIT_ERROR EM-1880 %PLATFORM-PLIM_IPC-6-INFO EM-1880 %PLATFORM-PLIM_SERVICES-2-BPARAMS_ERROR EM- 1880 %PLATFORM-PLIM_SERVICES-2-CRITICAL_TILE_ERROR EM-1880 %PLATFORM-PLIM_SERVICES-2-ERR_EVM_EVENT_BLOC K EM-1881 %PLATFORM-PLIM_SERVICES-2-ERR_MEM_ALLOC EM- 1881 %PLATFORM-PLIM_SERVICES-2-ERR_PLIM_SERVICES_INI T EM-1881 %PLATFORM-PLIM_SERVICES-2-FLASH_ERROR EM-1881 %PLATFORM-PLIM_SERVICES-2-HEARTBEAT_ERROR E M-1881 %PLATFORM-PLIM_SERVICES-2-IMG_DLOAD_ERROR E M-1882 %PLATFORM-PLIM_SERVICES-2-IMG_LAUNCH_ERROR EM-1882 %PLATFORM-PLIM_SERVICES-2-MANS_FPGA_ERROR E M-1882 %PLATFORM-PLIM_SERVICES-2-MANS_INIT_ERROR EM -1882 %PLATFORM-PLIM_SERVICES-2-UART_ERROR EM-1883 %PLATFORM-PLIM_SERVICES-3-ERR_EDM_INIT EM-1883 %PLATFORM-PLIM_SERVICES-3-ERR_UBOOT_UPGRADE EM-1883 %PLATFORM-PLIM_SERVICES-3-GENERIC_ERROR EM-1 883 %PLATFORM-PLIM_SERVICES-3-GENERIC_TILE_ERROR EM-1883 %PLATFORM-PLIM_SERVICES-3-MANS_GASPP_ERROR EM-1884 %PLATFORM-PLIM_SERVICES-6-COLD_RESTART EM-188 4 %PLATFORM-PLIM_SERVICES-6-GENERIC_INFO EM-1884 %PLATFORM-PLIM_SERVICES-6-GENERIC_TILE_INFO E M-1884 %PLATFORM-PLIM_SERVICES-7-GENERIC_ERROR EM-1 884 %PLATFORM-PLIM_SERVICES-7-GENERIC_INFO EM-1884 %PLATFORM-PLIM_SERVICES-7-GENERIC_TILE_ERROR EM-1885 %PLATFORM-PLIM_SERVICES-7-GENERIC_TILE_INFO E M-1885 %PLATFORM-PLIM_SERVICES-7-MANS_GASPP_INFO EM -1885 %PLATFORM-PLU-4-ERR_CORRECTED EM-1885 %PLATFORM-PLU-4-ERR_CORRECTED EM-1885 %PLATFORM-PLU-4-ERR_NOTIFY EM-1886 %PLATFORM-PLU-4-ERR_NOTIFY EM-1886 %PLATFORM-PLU-6-BKT_COMPACTED EM-1886 %PLATFORM-PLU-6-BKT_COMPACTED EM-1886 %PLATFORM-PLUTLU-3-INIT_FAILED EM-1887 %PLATFORM-PLUTLU-3-INIT_FAILED_PROC EM-1887 %PLATFORM-PLUTLU-4-ERR_RESTART_FAILED EM-1887 %PLATFORM-PLUTLU-4-ERR_RESTART_FAILED EM-1887 %PLATFORM-PLUTLU-4-LTRACE_INIT_FAILED EM-1887 %PLATFORM-PLUTLU-4-LTRACE_INIT_FAILED EM-1888 %PLATFORM-PLUTLU-4-REPL_MODE_FAILED EM-1888 %PLATFORM-PLUTLU-4-REPL_MODE_FAILED EM-1888 %PLATFORM-PM_OS-2-SHM_OPEN EM-1888 %PLATFORM-PM_OS-2-SHM_PLATFORM_INFO EM-1889 %PLATFORM-PM_OS-2-SHM_READY_WORD EM-1889 %PLATFORM-PM_OS-2-UIDB_SHM_OPEN EM-1889 %PLATFORM-PM_OS-3-ALLOC_DEFAULT_TBL EM-1889 %PLATFORM-PM_OS-3-ALLOC_LBL_TBL EM-1890 %PLATFORM-PM_OS-3-PIC_ARRAY EM-1890 %PLATFORM-PORT_CFG-3-INIT EM-1890 %PLATFORM-PORT_CFG-3-INIT EM-1890Index EM-2703 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-POWERMGR-0-ENQUEUE EM-1891 %PLATFORM-POWERMGR-0-ENQUEUE_ZONE EM-1891 %PLATFORM-POWERMGR-2-AC_DC_FAILURE EM-1891 %PLATFORM-POWERMGR-2-CANNOT_TALK EM-1891 %PLATFORM-POWERMGR-2-INITFAIL EM-1892 %PLATFORM-POWERMGR-2-INITMEMFAIL EM-1892 %PLATFORM-POWERMGR-2-INVALID_COND EM-1892 %PLATFORM-POWERMGR-2-LOW_POWER EM-1892 %PLATFORM-POWERMGR-2-NO_PATH EM-1892 %PLATFORM-POWERMGR-2-OVERBUDGET EM-1893 %PLATFORM-POWERMGR-2-POWER_INSUFFICIENT EM- 1893 %PLATFORM-POWERMGR-2-TIMEOUT EM-1893 %PLATFORM-POWERMGR-3-BAD_DATA EM-1893 %PLATFORM-POWERMGR-3-BAD_PEC EM-1893 %PLATFORM-POWERMGR-3-CANNOT_RESERVE EM-189 4 %PLATFORM-POWERMGR-3-ERROR EM-1894 %PLATFORM-POWERMGR-3-IMPRECISE EM-1894 %PLATFORM-POWERMGR-3-INTERIM EM-1894 %PLATFORM-POWERMGR-3-INVALID_COMBINATION E M-1894 %PLATFORM-POWERMGR-3-NODEID_CREATE_ERROR EM-1895 %PLATFORM-POWERMGR-3-NOTFOUND EM-1895 %PLATFORM-POWERMGR-3-ROM_ERROR_STATUS EM-1 895 %PLATFORM-POWERMGR-3-STILL_POWERED EM-1895 %PLATFORM-POWERMGR-3-SYSDB_BIND_ERROR EM-1 895 %PLATFORM-POWERMGR-3-SYSDB_SET_ERROR EM-189 6 %PLATFORM-POWERMGR-3-UNKNOWN_PEM EM-1896 %PLATFORM-POWERMGR-3-UNKNOWN_PEMS EM-1896 %PLATFORM-POWERMGR-3-UNKNOWN_SHELF EM-1896 %PLATFORM-POWERMGR-4-INVALID_SCALE EM-1896 %PLATFORM-POWERMGR-4-PEM_DOWN EM-1897 %PLATFORM-POWERMGR-4-PRIO_SLOT_EMPTY EM-189 7 %PLATFORM-POWERMGR-4-TEST_CHASSIS EM-1897 %PLATFORM-POWERMGR-4-UNPOWERED EM-1897 %PLATFORM-POWERMGR-5-EVENT_ERROR EM-1897 %PLATFORM-POWERMGR-5-INVALID_EVENT EM-1898 %PLATFORM-POWERMGR-5-MIXED_PEMS EM-1898 %PLATFORM-POWERMGR-5-PEM_UP EM-1898 %PLATFORM-POWERMGR-5-REMOVED EM-1898 %PLATFORM-POWERMGR-5-UNKNOWN_TYPE EM-1898 %PLATFORM-POWERMGR-6-BUDGET_OK EM-1899 %PLATFORM-POWERMGR-6-CARD_OVERRIDE EM-1899 %PLATFORM-POWERMGR-6-DEBUG EM-1899 %PLATFORM-POWERMGR-6-INFO EM-1899 %PLATFORM-POWERMGR-6-INSERTED EM-1899 %PLATFORM-POWERMGR-6-PEM_OVERRIDE EM-1899 %PLATFORM-POWERMGR-6-ZONE_OVERRIDE EM-1900 %PLATFORM-PRP_HW-3-INIT_ERROR EM-1900 %PLATFORM-PRP3_FABIO-3-ERR_INGRESS EM-1900 %PLATFORM-PRP3_FABIO-3-ERR_INIT EM-1900 %PLATFORM-PRP3_FABIO-3-ERR_MEM_ALLOC EM-1901 %PLATFORM-PRP3_FABIO-7-ERR_DUPLICATE_STREAMID EM-1901 %PLATFORM-PRP3_FABIO-7-ERR_SEND_PKT EM-1901 %PLATFORM-PRP3_SLR_FABIO-3-ERR_INGRESS EM-1901 %PLATFORM-PRP3_SLR_FABIO-3-ERR_INIT EM-1901 %PLATFORM-PRP3_SLR_FABIO-3-ERR_MEM_ALLOC EM -1902 %PLATFORM-PRP3_SLR_FABIO-7-ERR_DUPLICATE_STRE AMID EM-1902 %PLATFORM-PRP3_SLR_FABIO-7-ERR_SEND_PKT EM-19 02 %PLATFORM-PSARB-1-WRONG_SLOT EM-1902 %PLATFORM-PSARB-2-MSG_HEARTBEAT_LOST EM-1903 %PLATFORM-PSARB-3-INIT_ERR EM-1903 %PLATFORM-PSARB-3-LR_INFO_FAILURE EM-1903 %PLATFORM-PSARB-3-STANDBY_READY_QUERY_FAILU RE EM-1903 %PLATFORM-PSARB-3-TWO_PRIMARY_DETECTED EM-1 904 %PLATFORM-PSARB-4-CONFLICT_WITH_DSC EM-1904 %PLATFORM-PSARB-4-PARTNER_NOT_IN_LR EM-1904 %PLATFORM-PSARB-4-SPURIOUS_COUNTDOWN EM-190 5 %PLATFORM-PSARB-5-IOS_RP_DETECTED EM-1905 %PLATFORM-PSARB-6-DEBUG_REMINDER EM-1905 %PLATFORM-PSARB-6-FORCE_DOWN EM-1905 %PLATFORM-PSARB-6-GO_ACTIVE EM-1905 %PLATFORM-PSARB-6-GO_STANDBY EM-1906 %PLATFORM-PSARB-6-IGNORE_TO EM-1906 %PLATFORM-PSARB-6-IGNORING_ACTIVE_TIMEOUT E M-1906 %PLATFORM-PSARB-6-IGNORING_CARD_TIMEOUT EM- 1906 %PLATFORM-PSARB-6-MBUS_RX_FAILURE EM-1906 %PLATFORM-PSARB-6-NOISY EM-1907 %PLATFORM-PSARB-6-NORMAL_TO EM-1907 %PLATFORM-PSARB-6-PARTNER_TAKEOVER EM-1907 %PLATFORM-PSARB-6-QUIET EM-1907 %PLATFORM-PSARB-6-REDCON_NOT_REGISTERED EM- 1907 %PLATFORM-PSARB-6-RESUME EM-1907 %PLATFORM-PSARB-6-ROLE_LOCKED EM-1908 %PLATFORM-PSARB-6-RX_FROM_PARTNER_FAILURE E M-1908 %PLATFORM-PSARB-6-SELF_SEND_FAILURE EM-1908 %PLATFORM-PSARB-6-STANDBY_NOT_READY EM-1908 %PLATFORM-PSARB-6-SUSPEND EM-1908 %PLATFORM-PSARB-6-TAKE_OVER EM-1909 %PLATFORM-PSARBLC-3-INIT_ERR EM-1909 %PLATFORM-PSARBLC-3-SELF_RESET_DLRSC_DOWN E M-1909 %PLATFORM-PUNT_SWITCH-2-REG_ACCESS_FAIL EM-1 909 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_0 EM-1910 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_1 EM-1910 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_2 EM-1910 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_3 EM-1910 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_4 EM-1910Index EM-2704 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_5 EM-1911 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_6 EM-1911 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_7 EM-1911 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_8 EM-1911 %PLATFORM-PUNT_SWITCH-3-LINK_FAIL_9 EM-1911 %PLATFORM-PUNT-2-CPU_RGMII_RX_LINK_FAIL_0 EM- 1912 %PLATFORM-PUNT-2-CPU_RGMII_RX_LINK_FAIL_1 EM- 1912 %PLATFORM-PUNT-2-DDR_IF_FAIL EM-1912 %PLATFORM-PUNT-2-DRIVER_FATAL EM-1912 %PLATFORM-PUNT-2-OPERATION_FATAL EM-1913 %PLATFORM-PUNT-2-REG_ACCESS_FAIL EM-1913 %PLATFORM-PUNT-3-DRIVER_ERROR EM-1913 %PLATFORM-PUNT-3-OPERATION_ERROR EM-1913 %PLATFORM-PUNT-3-PLL_NOT_LOCKED EM-1913 %PLATFORM-PUNT-6-DRIVER_INFO EM-1914 %PLATFORM-PUNT-6-OPERATION_INFO EM-1914 %PLATFORM-PWR_SUPPLY-0-FAULT EM-1914 %PLATFORM-REDDRV-0-ARBITRATION_LOCK_UNAVAIL ABLE EM-1914 %PLATFORM-REDDRV-2-MSG_LOCAL_NODE_DEAD_REL OAD_MYSELF EM-1915 %PLATFORM-REDDRV-2-MSG_PRIMARY_GLARE EM-191 5 %PLATFORM-REDDRV-2-MSG_PRIMARY_GLARE EM-191 5 %PLATFORM-REDDRV-3-ERR_INTERNAL_SW EM-1915 %PLATFORM-REDDRV-3-ERR_PEER_NOT_ISOLATED EM -1915 %PLATFORM-REDDRV-3-ERR_SET_REBOOT_CAUSE EM- 1916 %PLATFORM-REDDRV-3-ERROR_EXIT EM-1916 %PLATFORM-REDDRV-3-ERROR_EXIT EM-1916 %PLATFORM-REDDRV-3-ROLE_LOCKED EM-1916 %PLATFORM-REDDRV-3-ROLE_LOCKED EM-1917 %PLATFORM-REDDRV-3-SWITCHOVER_SUPPORT_FAIL EM-1917 %PLATFORM-REDDRV-4-CRITERIA_CONFLICT EM-1917 %PLATFORM-REDDRV-4-CRITERIA_CONFLICT EM-1917 %PLATFORM-REDDRV-4-CRITERIA_CONFLICT EM-1917 %PLATFORM-REDDRV-4-FILE_OPEN EM-1918 %PLATFORM-REDDRV-4-FILE_OPEN EM-1918 %PLATFORM-REDDRV-4-FILE_OPEN EM-1918 %PLATFORM-REDDRV-4-HARDWARE_ERROR EM-1918 %PLATFORM-REDDRV-4-HARDWARE_ERROR EM-1918 %PLATFORM-REDDRV-4-HARDWARE_ERROR EM-1919 %PLATFORM-REDDRV-4-WD_EXPIRED EM-1919 %PLATFORM-REDDRV-4-WD_EXPIRED EM-1919 %PLATFORM-REDDRV-4-WD_EXPIRED EM-1919 %PLATFORM-REDDRV-5-GO_ACTIVE EM-1919 %PLATFORM-REDDRV-5-GO_ACTIVE EM-1920 %PLATFORM-REDDRV-5-GO_BID EM-1920 %PLATFORM-REDDRV-5-GO_BID EM-1920 %PLATFORM-REDDRV-5-GO_STANDBY EM-1920 %PLATFORM-REDDRV-5-GO_STANDBY EM-1920 %PLATFORM-REDDRV-5-MSG_PARTNER_NODE_DEAD_ST ART_FAILOVER EM-1920 %PLATFORM-REDDRV-6-DELIVER_POISON_PILL EM-192 1 %PLATFORM-REDDRV-6-DELIVER_POISON_PILL EM-192 1 %PLATFORM-REDDRV-6-RESET_SELF EM-1921 %PLATFORM-REDDRV-6-RESET_SELF EM-1921 %PLATFORM-REDDRV-6-RESET_STANDBY EM-1921 %PLATFORM-REDDRV-6-RESET_STANDBY EM-1922 %PLATFORM-REDDRV-6-RESET_STANDBY EM-1922 %PLATFORM-REDDRV-7-ASYNC_SEND EM-1922 %PLATFORM-REDDRV-7-ASYNC_SEND EM-1922 %PLATFORM-REDDRV-7-ASYNC_SEND EM-1922 %PLATFORM-REDDRV-7-ERROR EM-1923 %PLATFORM-REDDRV-7-ERROR EM-1923 %PLATFORM-REDDRV-7-ERROR EM-1923 %PLATFORM-REDDRV-7-KDUMPER_MESSAGE EM-1923 %PLATFORM-REDDRV-7-KDUMPER_MESSAGE EM-1923 %PLATFORM-REDDRV-7-KDUMPER_MESSAGE EM-1924 %PLATFORM-REDDRV-7-MESSAGE_RETRY_ERROR EM- 1924 %PLATFORM-REDDRV-7-MESSAGE_RETRY_ERROR EM- 1924 %PLATFORM-REDDRV-7-MESSAGE_RETRY_ERROR EM- 1924 %PLATFORM-REDDRV-7-MISS_ACK_COUNT EM-1924 %PLATFORM-REDDRV-7-MISS_ACK_COUNT EM-1925 %PLATFORM-REDDRV-7-MISS_ACK_COUNT EM-1925 %PLATFORM-REDDRV-7-MSG_ERROR EM-1925 %PLATFORM-REDDRV-7-MSG_ERROR EM-1925 %PLATFORM-REDDRV-7-MSG_ERROR EM-1925 %PLATFORM-REDDRV-7-MSG_INVALID_MSGLEN EM-19 26 %PLATFORM-REDDRV-7-MSG_INVALID_MSGLEN EM-19 26 %PLATFORM-REDDRV-7-NODE_ERROR EM-1926 %PLATFORM-REDDRV-7-NODE_ERROR EM-1926 %PLATFORM-REDDRV-7-NODE_ERROR EM-1926 %PLATFORM-REDDRV-7-NODE_RESET EM-1927 %PLATFORM-REDDRV-7-NODE_RESET EM-1927 %PLATFORM-REDDRV-7-NODE_RESET_FAILED EM-1927 %PLATFORM-REDDRV-7-NODE_RESET_FAILED EM-1927 %PLATFORM-REDDRV-7-OPERATION_FAIL EM-1928 %PLATFORM-REDDRV-7-OPERATION_FAIL EM-1928 %PLATFORM-REDDRV-7-REDCON_REREGISTER EM-1928 %PLATFORM-REDDRV-7-REDCON_REREGISTER EM-1928 %PLATFORM-REDDRV-7-ROLE_CHANGE EM-1928 %PLATFORM-REDDRV-7-ROLE_CHANGE EM-1929 %PLATFORM-REDDRV-7-ROLE_CHANGE EM-1929 %PLATFORM-REDDRV-7-SHMEM EM-1929 %PLATFORM-REDDRV-7-SHMEM EM-1929 %PLATFORM-REDDRV-7-SHMEM EM-1929 %PLATFORM-REDDRV-7-SW_ROLE_ERROR EM-1930 %PLATFORM-REDDRV-7-SW_ROLE_ERROR EM-1930 %PLATFORM-REDDRV-7-SW_ROLE_ERROR EM-1930 %PLATFORM-REDDRV-7-UNEXPECTED EM-1930 %PLATFORM-REDDRV-7-UNEXPECTED EM-1930 %PLATFORM-REDDRV-7-UNEXPECTED EM-1931 %PLATFORM-REEP-3-ERROR_OPENING_ETHERNET_CONIndex EM-2705 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 NECTION EM-1931 %PLATFORM-REEP-3-ERROR_OPENING_ETHERNET_CON NECTION EM-1931 %PLATFORM-REEP-3-GET_BOARD_TYPE_FAILED EM-19 31 %PLATFORM-REEP-3-GET_BOARD_TYPE_FAILED EM-19 31 %PLATFORM-REEP-3-I2C_BKPLANE_READ_FAILED EM- 1932 %PLATFORM-REEP-3-I2C_BKPLANE_READ_FAILED EM- 1932 %PLATFORM-REEP-3-I2C_SERVER_CONNECT_FAILED E M-1932 %PLATFORM-REEP-3-I2C_SERVER_CONNECT_FAILED E M-1932 %PLATFORM-REEP-7-REPLY_SEND_FAILED EM-1932 %PLATFORM-REEP-7-REPLY_SEND_FAILED EM-1933 %PLATFORM-ROM_UPGRADE_LIB-7-ERROR EM-1933 %PLATFORM-ROM_UPGRADE_LIB-7-ERROR EM-1933 %PLATFORM-ROMMON_BURNER-3-BAD_ARG EM-1933 %PLATFORM-ROMMON_BURNER-3-BAD_ARG EM-1933 %PLATFORM-ROMMON_BURNER-3-FILE_OP_ERR EM-19 34 %PLATFORM-ROMMON_BURNER-3-FILE_OP_ERR EM-19 34 %PLATFORM-ROMMON_BURNER-3-NO_MEM EM-1934 %PLATFORM-ROMMON_BURNER-3-NO_MEM EM-1934 %PLATFORM-ROMMON_BURNER-5-progress EM-1934 %PLATFORM-ROMMON_BURNER-5-progress EM-1934 %PLATFORM-ROMMON_BURNER-5-version EM-1935 %PLATFORM-ROMMON_BURNER-5-version EM-1935 %PLATFORM-RSP_CPUCTRL-0-BOARD_SEATING_ERROR EM-1935 %PLATFORM-RSP_CPUCTRL-2-DEV_VERSION_ERROR E M-1935 %PLATFORM-RSP_CPUCTRL-2-PCB_VERSION_ERROR E M-1936 %PLATFORM-RSP_CPUCTRL-2-PEER_PAR_ERROR EM-19 36 %PLATFORM-RSP_CPUCTRL-2-SLOTID_PAR_ERROR EM- 1936 %PLATFORM-RWMGR-0-INIT_RETRY_SUCCEEDED EM-1 936 %PLATFORM-RWMGR-2-INIT_FAILURE EM-1937 %PLATFORM-RWMGR-2-MALLOC_FAILURE EM-1937 %PLATFORM-RWMGR-4-INIT_ERROR EM-1937 %PLATFORM-RWMGR-4-TRACE EM-1937 %PLATFORM-RWMGR-7-INTERNAL EM-1937 %PLATFORM-SC-3-ERR_INIT EM-1938 %PLATFORM-SC-3-ERR_MEM_ALLOC EM-1938 %PLATFORM-SC-5-ERR_CONT EM-1938 %PLATFORM-SC-7-ERR_EVM_CREATE EM-1938 %PLATFORM-SC-7-ERR_EVM_NOTIFY EM-1939 %PLATFORM-SC-7-ERR_EXIT EM-1939 %PLATFORM-SC-7-ERR_LWM_EVENT_BLOCK EM-1939 %PLATFORM-SC-7-ERR_LWM_REPLY EM-1939 %PLATFORM-SCC-2-BAD_ID_HW EM-1939 %PLATFORM-SCC-2-FAILED_ID_HW EM-1940 %PLATFORM-SCC-2-PROTO_HW EM-1940 %PLATFORM-SERVICE_AGENT-2-ERR_EVM_EVENT_BLO CK EM-1940 %PLATFORM-SERVICE_AGENT-3-DEBUG_ERROR EM-19 40 %PLATFORM-SERVICE_AGENT-3-DLL_ERROR EM-1941 %PLATFORM-SERVICE_AGENT-3-INIT_CRITICAL_ERROR EM-1941 %PLATFORM-SERVICE_AGENT-3-LTRACE_ERROR EM-1 941 %PLATFORM-SFP-2-DEV_SFP_COMPLIANCE_ERROR EM -1941 %PLATFORM-SFP-2-DEV_SFP_SUPPORTED_ERROR EM-1 942 %PLATFORM-SFP-3-DEV_SFP_PID_NOT_SUPPORTED EM -1942 %PLATFORM-SHELFMGR_HAL-0-SHELF_SHUTDOWN E M-1942 %PLATFORM-SHELFMGR_HAL-2-CBC_OFFLINE EM-1942 %PLATFORM-SHELFMGR_HAL-2-CPI_NO_PEER_VALIDAT ION EM-1943 %PLATFORM-SHELFMGR_HAL-2-CPI_PEER_FAIL EM-194 3 %PLATFORM-SHELFMGR_HAL-2-CPI_SELF_FAIL EM-194 3 %PLATFORM-SHELFMGR_HAL-3-CANNOT_REARM_HB_R EQ_SEND_TIMER EM-1943 %PLATFORM-SHELFMGR_HAL-3-CHASSIS_TYPE_GET_ER R EM-1943 %PLATFORM-SHELFMGR_HAL-3-INV_MAX_SLOT_ERR EM-1943 %PLATFORM-SHELFMGR_HAL-3-INV_NODEID EM-1944 %PLATFORM-SHELFMGR_HAL-6-BOOT_REQ_RECEIVED EM-1944 %PLATFORM-SHELFMGR_HAL-6-CARD_POWERCYCLE EM-1944 %PLATFORM-SHELFMGR_HAL-6-CARD_POWERDOWN E M-1944 %PLATFORM-SHELFMGR_HAL-6-CARD_POWERUP EM-1 944 %PLATFORM-SHELFMGR_HAL-6-CARD_SHUTDOWN EM -1944 %PLATFORM-SHELFMGR_HAL-6-COLD_BOOT EM-1945 %PLATFORM-SHELFMGR_HAL-6-HEARTBEAT_ALERT E M-1945 %PLATFORM-SHELFMGR_HAL-6-HEARTBEAT_FAIL EM- 1945 %PLATFORM-SHELFMGR_HAL-7-BOOT_REQ_FAILED E M-1945 %PLATFORM-SHELFMGR_HAL-7-CAN_CARD_INVALID EM-1945 %PLATFORM-SHELFMGR_HAL-7-CAN_FAIL EM-1945 %PLATFORM-SHELFMGR_HAL-7-CAN_INFO EM-1946 %PLATFORM-SHELFMGR_HAL-7-CPI_GET_FAIL EM-1946 %PLATFORM-SHELFMGR_HAL-7-TEMPO_INIT_FAILED EM-1946 %PLATFORM-SHELFMGR-0-CD_IN_RESET_STATE EM-19 46Index EM-2706 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-SHELFMGR-0-CHASSIS_SHUTDOWN EM-19 46 %PLATFORM-SHELFMGR-0-CHASSIS_SHUTDOWN EM-19 47 %PLATFORM-SHELFMGR-0-CHASSIS_SHUTDOWN EM-19 47 %PLATFORM-SHELFMGR-0-MAX_RESET_BRINGDOWN EM-1947 %PLATFORM-SHELFMGR-1-ALL_FANTRAYS_REMOVED EM-1947 %PLATFORM-SHELFMGR-1-BOTH_FC_REMOVED EM-194 8 %PLATFORM-SHELFMGR-1-CLEAR_ALL_FANTRAYS_REM OVED EM-1948 %PLATFORM-SHELFMGR-1-CLEAR_ALL_FANTRAYS_REM OVED EM-1948 %PLATFORM-SHELFMGR-1-CLEAR_BOTH_FC_REMOVED EM-1948 %PLATFORM-SHELFMGR-1-PARTIAL_CHASSIS_SHUTDO WN_POWERUP EM-1949 %PLATFORM-SHELFMGR-1-SET_ALL_FANTRAYS_REMOV ED EM-1949 %PLATFORM-SHELFMGR-1-SET_ALL_FANTRAYS_REMOV ED EM-1949 %PLATFORM-SHELFMGR-1-SET_BOTH_FC_REMOVED E M-1949 %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED E M-1950 %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED E M-1950 %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED E M-1950 %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED_ON SLOT EM-1950 %PLATFORM-SHELFMGR-3-BOARD_NOT_SUPPORTED_ON SLOT EM-1950 %PLATFORM-SHELFMGR-3-CHECKPT_MEM_RESTORE_FA ILED EM-1951 %PLATFORM-SHELFMGR-3-CHKPT_MEM_OUT_OF_RANG E EM-1951 %PLATFORM-SHELFMGR-3-CHKPT_MEM_RESTORE_ERR EM-1951 %PLATFORM-SHELFMGR-3-EMPTY_SERIAL_FAIL_BOOT EM-1951 %PLATFORM-SHELFMGR-3-EMPTY_SERIAL_FAIL_BOOT EM-1951 %PLATFORM-SHELFMGR-3-EMPTY_SERIAL_FAIL_BOOT EM-1952 %PLATFORM-SHELFMGR-3-FAILED_LOAD EM-1952 %PLATFORM-SHELFMGR-3-FAILED_LOAD EM-1952 %PLATFORM-SHELFMGR-3-FAILED_LOAD EM-1952 %PLATFORM-SHELFMGR-3-FAILEDPOWERUP EM-1953 %PLATFORM-SHELFMGR-3-FAILEDPOWERUP EM-1953 %PLATFORM-SHELFMGR-3-FAILEDPOWERUP EM-1953 %PLATFORM-SHELFMGR-3-FSMTIMEOUT_RESET EM-19 53 %PLATFORM-SHELFMGR-3-FSMTIMEOUT_RESET EM-19 54 %PLATFORM-SHELFMGR-3-FSMTIMEOUTA_RESET EM-1 954 %PLATFORM-SHELFMGR-3-FSMTIMEOUTB_RESET EM-1 954 %PLATFORM-SHELFMGR-3-FSMTIMEOUTD_RESET EM-1 954 %PLATFORM-SHELFMGR-3-FSMTIMEOUTMDR_RESET E M-1955 %PLATFORM-SHELFMGR-3-INRESET_ALARM EM-1955 %PLATFORM-SHELFMGR-3-INRESET_ALARM EM-1955 %PLATFORM-SHELFMGR-3-INRESET_ALARM EM-1955 %PLATFORM-SHELFMGR-3-INRESET_BRINGDOWN EM-1 956 %PLATFORM-SHELFMGR-3-INRESET_BRINGDOWN EM-1 956 %PLATFORM-SHELFMGR-3-INRESET_INV_CARD_TYPE EM-1956 %PLATFORM-SHELFMGR-3-INV_NODEID_EVT_IGNORE EM-1956 %PLATFORM-SHELFMGR-3-INV_NODEID_IN_CHKPT_ME MORY EM-1956 %PLATFORM-SHELFMGR-3-NODE_CPU_RESET EM-1957 %PLATFORM-SHELFMGR-3-NODE_DB_CREATE_ERR EM -1957 %PLATFORM-SHELFMGR-3-NODE_KDUMP EM-1957 %PLATFORM-SHELFMGR-3-NODE_RESET_ALARM EM-1 957 %PLATFORM-SHELFMGR-3-NODE_RESET_ALARM EM-1 958 %PLATFORM-SHELFMGR-3-NODE_RESET_ALARM EM-1 958 %PLATFORM-SHELFMGR-3-NODE_RESET_BRINGDOWN EM-1958 %PLATFORM-SHELFMGR-3-NODE_RESET_BRINGDOWN EM-1958 %PLATFORM-SHELFMGR-3-NODE_RESET_BRINGDOWN EM-1959 %PLATFORM-SHELFMGR-3-PARTIAL_INSERTED_CARD EM-1959 %PLATFORM-SHELFMGR-3-POWERDOWN_RESET EM-19 59 %PLATFORM-SHELFMGR-3-POWERDOWN_RESET EM-19 59 %PLATFORM-SHELFMGR-3-POWERDOWN_RESET EM-19 59 %PLATFORM-SHELFMGR-3-POWERRELOAD_RESET EM- 1960 %PLATFORM-SHELFMGR-3-POWERRELOAD_RESET EM- 1960 %PLATFORM-SHELFMGR-3-POWERRELOAD_RESET EM- 1960 %PLATFORM-SHELFMGR-3-RP_SHUTDOWN EM-1960 %PLATFORM-SHELFMGR-3-RP_SHUTDOWN EM-1960 %PLATFORM-SHELFMGR-3-RP_SHUTDOWN EM-1961 %PLATFORM-SHELFMGR-3-SHUTDOWN EM-1961 %PLATFORM-SHELFMGR-3-SHUTDOWN EM-1961 %PLATFORM-SHELFMGR-3-SHUTDOWN EM-1961 %PLATFORM-SHELFMGR-3-SHUTDOWN_RESET EM-1961Index EM-2707 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-SHELFMGR-3-SHUTDOWN_RESET EM-1962 %PLATFORM-SHELFMGR-3-SHUTDOWN_RESET EM-1962 %PLATFORM-SHELFMGR-3-STATE_MSG_DELAY EM-196 2 %PLATFORM-SHELFMGR-3-UNEXPECTED_EXIT EM-1962 %PLATFORM-SHELFMGR-3-UNEXPECTED_EXIT EM-1963 %PLATFORM-SHELFMGR-3-UNKNOWN_BOARD EM-1963 %PLATFORM-SHELFMGR-3-UNKNOWN_BOARD EM-1963 %PLATFORM-SHELFMGR-3-UNKNOWN_BOARD EM-1963 %PLATFORM-SHELFMGR-3-UNKNOWN_SLOT EM-1964 %PLATFORM-SHELFMGR-4-CMDLINE_BOOT_OVERRIDE_ ENABLED EM-1964 %PLATFORM-SHELFMGR-4-CMDLINE_BOOT_OVERRIDE_ ENABLED EM-1964 %PLATFORM-SHELFMGR-4-CMDLINE_BOOT_OVERRIDE_ ENABLED EM-1964 %PLATFORM-SHELFMGR-4-EMPTY_SERIAL_BOOT_OVER RIDE EM-1964 %PLATFORM-SHELFMGR-4-EMPTY_SERIAL_BOOT_OVER RIDE EM-1965 %PLATFORM-SHELFMGR-4-EMPTY_SERIAL_BOOT_OVER RIDE EM-1965 %PLATFORM-SHELFMGR-4-SHUTDOWN_REQUEST EM-1 965 %PLATFORM-SHELFMGR-4-WARM_RLD_FAILED EM-196 5 %PLATFORM-SHELFMGR-4-WARM_RLD_FAILED EM-196 5 %PLATFORM-SHELFMGR-4-WARM_RLD_FAILED EM-196 6 %PLATFORM-SHELFMGR-6-ABORT EM-1966 %PLATFORM-SHELFMGR-6-BOOTREQ_MAX EM-1966 %PLATFORM-SHELFMGR-6-NO_PLIM EM-1966 %PLATFORM-SHELFMGR-6-NO_PLIM EM-1966 %PLATFORM-SHELFMGR-6-NO_PLIM EM-1966 %PLATFORM-SHELFMGR-6-NODE_DISCOVERY EM-1967 %PLATFORM-SHELFMGR-6-NODE_NORESET EM-1967 %PLATFORM-SHELFMGR-6-NODE_NORESET EM-1967 %PLATFORM-SHELFMGR-6-NODE_NORESET EM-1967 %PLATFORM-SHELFMGR-6-NODE_STATE_CHANGE EM- 1967 %PLATFORM-SHELFMGR-6-NOREASON_RESET EM-1968 %PLATFORM-SHELFMGR-6-NOREASON_RESET EM-1968 %PLATFORM-SHELFMGR-6-NOREASON_RESET EM-1968 %PLATFORM-SHELFMGR-6-SYSTEM_COLD_START EM-1 968 %PLATFORM-SHELFMGR-6-USER_RESET EM-1968 %PLATFORM-SHELFMGR-6-USER_RESET EM-1968 %PLATFORM-SHELFMGR-6-USER_RESET EM-1969 %PLATFORM-SHELFMGR-6-WARM_RLD_JUMP EM-1969 %PLATFORM-SHELFMGR-6-WARM_RLD_JUMP EM-1969 %PLATFORM-SHELFMGR-6-WARM_RLD_JUMP EM-1969 %PLATFORM-SHELFMGR-7-WARM_RLD_FO EM-1970 %PLATFORM-SHELFMGR-7-WARM_RLD_FO EM-1970 %PLATFORM-SHELFMGR-7-WARM_RLD_FO EM-1970 %PLATFORM-SHELFMGR-7-WARM_RLD_OK EM-1970 %PLATFORM-SHELFMGR-7-WARM_RLD_OK EM-1970 %PLATFORM-SHELFMGR-7-WARM_RLD_OK EM-1970 %PLATFORM-SHOW_VERSION_CMD-7-IFMGR_BIND EM -1971 %PLATFORM-SHOW_VERSION_CMD-7-SYSDB_BIND EM -1971 %PLATFORM-SIMMUX_QAD_SERVER-3-ERR_DLL_INIT EM-1971 %PLATFORM-SIMMUX_QAD_SERVER-3-ERR_INIT EM-19 71 %PLATFORM-SIMMUX_QAD_SERVER-3-ERR_INIT_QUEUE EM-1972 %PLATFORM-SIMMUX_QAD_SERVER-3-PCI_CONFIGURA TION EM-1972 %PLATFORM-SIMMUX_QAD_SERVER-4-ERR_PACKET_DR OP_BAD_PKT EM-1972 %PLATFORM-SIMMUX_QAD_SERVER-4-ERR_PACKET_DR OP_QAD EM-1972 %PLATFORM-SIMMUX_QAD_SERVER-4-ERR_PACKET_DR OP_SEND EM-1973 %PLATFORM-SIMMUX_QAD_SERVER-7-ERR_EVM_NOTIF Y EM-1973 %PLATFORM-SIMMUX_QAD_SERVER-7-ERR_PACKET_SE ND EM-1973 %PLATFORM-SIMMUX_SERVER-3-ERR_INIT EM-1973 %PLATFORM-SIMMUX_SERVER-3-ERR_SHM_SIZE EM-19 74 %PLATFORM-SIMMUX_SERVER-3-FAULT_REPORT_FAILU RE EM-1974 %PLATFORM-SIMMUX_SERVER-3-PCI_CONFIGURATION EM-1974 %PLATFORM-SIMMUX_SERVER-7-ERR_BAG_REG EM-19 74 %PLATFORM-SIMMUX_SERVER-7-ERR_DLL_INIT EM-19 75 %PLATFORM-SIMMUX_SERVER-7-ERR_EVM_CREATE E M-1975 %PLATFORM-SIMMUX_SERVER-7-ERR_EVM_NOTIFY E M-1975 %PLATFORM-SIMMUX_SERVER-7-ERR_LWM_EVENT_BL OCK EM-1975 %PLATFORM-SIMMUX_SERVER-7-ERR_SYSDB_EDM_REG EM-1976 %PLATFORM-SPA_JBI-3-ERROR EM-1976 %PLATFORM-SPA_JBI-6-INFO EM-1976 %PLATFORM-SPA_JBI-7-DEBUG EM-1976 %PLATFORM-SPENET-7-ERR_DEBUG EM-1976 %PLATFORM-SPENET-7-ERR_DEBUG EM-1977 %PLATFORM-SPMCE-0-ECC_REBOOT EM-1977 %PLATFORM-SPMCE-3-ERR_KD_MMAP EM-1977 %PLATFORM-SPMCE-3-ERR_SET_REBOOT_CAUSE EM-1 977 %PLATFORM-SPMCE-6-HOURLY_COUNTS EM-1978 %PLATFORM-SPWD-0-ECC_REBOOT EM-1978 %PLATFORM-SPWD-0-MACHINE_CHECK_REBOOT EM-1 978 %PLATFORM-SPWD-0-MISSED_WATCHDOG_REBOOT E M-1978 %PLATFORM-SPWD-4-MACHINE_CHECK EM-1979 %PLATFORM-SPWD-6-HOURLY_COUNTS EM-1979Index EM-2708 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-SQUID_LOADER-5-progress EM-1979 %PLATFORM-STP_SHIM-6-LINK_STATE_CHANGE EM-19 79 %PLATFORM-STP_SHIM-6-LINK_STATE_CHANGE EM-19 80 %PLATFORM-STP_SHIM-6-LOGGING_DEVICE EM-1980 %PLATFORM-STP_SHIM-6-LOGGING_DEVICE EM-1980 %PLATFORM-STP_SHIM-7-COPY_FAILED EM-1980 %PLATFORM-STP_SHIM-7-COPY_FAILED EM-1980 %PLATFORM-STP_SHIM-7-DRV_ERR EM-1981 %PLATFORM-STP_SHIM-7-DRV_ERR EM-1981 %PLATFORM-STP_SHIM-7-NO_STORAGE_DEVICE_FOUND EM-1981 %PLATFORM-STP_SHIM-7-NO_STORAGE_DEVICE_FOUND EM-1981 %PLATFORM-SYSLDR_LC-2-NODE_RELOAD EM-1982 %PLATFORM-SYSLDR_LC-2-NODE_RELOAD_NOW EM-1 982 %PLATFORM-SYSLDR_LC-3-FATAL EM-1982 %PLATFORM-SYSLDR_LC-6-LTRACE_INIT_ERR EM-1982 %PLATFORM-SYSLDR_LC-7-ERR_MSG_SEND EM-1982 %PLATFORM-SYSLDR_LC-7-ERR_SERVER_CONNECT E M-1983 %PLATFORM-SYSLDR_LC-7-TIMER_TIMEOUT EM-1983 %PLATFORM-SYSLDR_LC-7-TIMER_TIMEOUT_MDR EM- 1983 %PLATFORM-SYSLDR_LC-7-WARNING EM-1983 %PLATFORM-SYSLDR_RP-1-NODE_RELOAD_NOW EM-1 983 %PLATFORM-SYSLDR_RP-2-NODE_RELOAD EM-1984 %PLATFORM-SYSLDR_RP-6-LTRACE_INIT_ERR EM-1984 %PLATFORM-SYSLDR_RP-7-ERR_MSG_SEND EM-1984 %PLATFORM-SYSLDR_RP-7-ERR_SERVER_CONNECT E M-1984 %PLATFORM-SYSLDR_RP-7-FATAL EM-1984 %PLATFORM-SYSLDR_RP-7-TIMER_TIMEOUT EM-1985 %PLATFORM-SYSLDR_RP-7-WARNING EM-1985 %PLATFORM-SYSLDR-1-PING_FAILURE EM-1985 %PLATFORM-SYSLDR-1-PING_FAILURE_BOOT EM-1985 %PLATFORM-SYSLDR-1-SELF_PING_DISABLED EM-1985 %PLATFORM-SYSLDR-1-SELF_PING_FAILURE EM-1986 %PLATFORM-SYSLDR-1-SELF_PING_FAILURE_BOOT EM -1986 %PLATFORM-SYSLDR-2-CRITICAL EM-1986 %PLATFORM-SYSLDR-2-FABRIC_DOWN EM-1986 %PLATFORM-SYSLDR-2-MBI_FABRIC_DOWN EM-1986 %PLATFORM-SYSLDR-2-MBI_NOLOAD EM-1987 %PLATFORM-SYSLDR-3-BANDWIDTH_SHUTDOWN EM- 1987 %PLATFORM-SYSLDR-3-ENVMON_SHUTDOWN EM-1987 %PLATFORM-SYSLDR-3-ERROR EM-1987 %PLATFORM-SYSLDR-3-ERROR2 EM-1987 %PLATFORM-SYSLDR-3-FABRIC_DOWN_WARN EM-1988 %PLATFORM-SYSLDR-3-FIELD_DIAG_ERROR EM-1988 %PLATFORM-SYSLDR-3-FW_NOTFOUND EM-1988 %PLATFORM-SYSLDR-3-HARD_FAILURE EM-1988 %PLATFORM-SYSLDR-3-LOW_LC_MEM EM-1988 %PLATFORM-SYSLDR-3-MALFUNCTION_SHUTDOWN E M-1989 %PLATFORM-SYSLDR-3-MANY_RESTARTS EM-1989 %PLATFORM-SYSLDR-3-MBUS_PING_WARN EM-1989 %PLATFORM-SYSLDR-3-NOT_RESPONDING EM-1989 %PLATFORM-SYSLDR-3-SHUTDOWN EM-1989 %PLATFORM-SYSLDR-3-TOO_LARGE EM-1990 %PLATFORM-SYSLDR-3-UNKNOWN_MOD EM-1990 %PLATFORM-SYSLDR-3-UNPOWER EM-1990 %PLATFORM-SYSLDR-3-VOL_SHUTDOWN EM-1990 %PLATFORM-SYSLDR-3-WARM_RLD_NOT_INITIATED E M-1990 %PLATFORM-SYSLDR-4-DOWN_REV EM-1990 %PLATFORM-SYSLDR-4-ERR EM-1991 %PLATFORM-SYSLDR-4-MBUS_FW EM-1991 %PLATFORM-SYSLDR-4-MBUS_IN_ROM EM-1991 %PLATFORM-SYSLDR-4-NO_AUTO_RESET EM-1991 %PLATFORM-SYSLDR-4-NO_RELOAD_SIM_OIR EM-1991 %PLATFORM-SYSLDR-4-SPA_WARNING EM-1991 %PLATFORM-SYSLDR-4-UNSUPPORTED EM-1992 %PLATFORM-SYSLDR-4-WARM_RLD_FAILED EM-1992 %PLATFORM-SYSLDR-4-WARN_LC_MEM EM-1992 %PLATFORM-SYSLDR-4-WARN2 EM-1992 %PLATFORM-SYSLDR-5-BANDWIDTH EM-1992 %PLATFORM-SYSLDR-5-BANDWIDTH_RESTART EM-199 2 %PLATFORM-SYSLDR-5-DRP_DISABLED EM-1993 %PLATFORM-SYSLDR-5-JOIN EM-1993 %PLATFORM-SYSLDR-5-LC_ENABLED EM-1993 %PLATFORM-SYSLDR-5-MBUS_EEPROM EM-1993 %PLATFORM-SYSLDR-5-MON_DRP EM-1993 %PLATFORM-SYSLDR-5-MON_RP EM-1993 %PLATFORM-SYSLDR-5-OIRIN EM-1994 %PLATFORM-SYSLDR-5-OIROUT EM-1994 %PLATFORM-SYSLDR-5-RESTART EM-1994 %PLATFORM-SYSLDR-5-RESTART_REQ EM-1994 %PLATFORM-SYSLDR-5-RP_DISABLED EM-1994 %PLATFORM-SYSLDR-5-RP_ENABLED EM-1994 %PLATFORM-SYSLDR-6-AUX_CARDS_INFO EM-1995 %PLATFORM-SYSLDR-6-CANJAMRST EM-1995 %PLATFORM-SYSLDR-6-CARD_KDUMPER EM-1995 %PLATFORM-SYSLDR-6-CARD_REBOOT EM-1995 %PLATFORM-SYSLDR-6-DEBUG EM-1995 %PLATFORM-SYSLDR-6-INFO EM-1995 %PLATFORM-SYSLDR-6-LTRACE_INIT_ERR EM-1996 %PLATFORM-SYSLDR-6-WARM_RLD_REJECTED EM-199 6 %PLATFORM-SYSLDR-7-DEBUG_INIT_EVENT_FAILED E M-1996 %PLATFORM-SYSLDR-7-DEBUG_REGISTER_FAILED EM- 1996 %PLATFORM-SYSLDR-7-ERR_MEM_ALLOC EM-1996 %PLATFORM-SYSLDR-7-ERR_SYSDB_CONNECTION EM- 1996 %PLATFORM-SYSLDR-7-ERR_SYSDB_DELETE EM-1997 %PLATFORM-SYSLDR-7-ERR_SYSDB_GET EM-1997 %PLATFORM-SYSLDR-7-ERR_SYSDB_NOTIFY EM-1997 %PLATFORM-SYSLDR-7-ERR_SYSDB_SET EM-1997 %PLATFORM-SYSLDR-7-FATAL EM-1997Index EM-2709 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-SYSLDR-7-INTERNAL_ERROR EM-1997 %PLATFORM-SYSLDR-7-WARM_RLD_OK EM-1998 %PLATFORM-SYSLDR-7-WARNING EM-1998 %PLATFORM-TEMPO-3-ERR_INIT EM-1998 %PLATFORM-TEMPO-3-ERR_MEM_ALLOC EM-1998 %PLATFORM-TEMPO-5-ERR_CONT EM-1998 %PLATFORM-TEMPO-7-ERR_EVM_CREATE EM-1999 %PLATFORM-TEMPO-7-ERR_EVM_NOTIFY EM-1999 %PLATFORM-TEMPO-7-ERR_EXIT EM-1999 %PLATFORM-TEMPO-7-ERR_LWM_EVENT_BLOCK EM-1 999 %PLATFORM-TEMPO-7-ERR_LWM_REPLY EM-1999 %PLATFORM-TFQ-0-SW_INIT_ERR EM-2000 %PLATFORM-TFQ-3-BAD_ALIGN EM-2000 %PLATFORM-TFQ-3-BUFHDR_INVALID EM-2000 %PLATFORM-TFQ-3-DESCQ_FULL EM-2001 %PLATFORM-TFQ-3-ERR_MEM_ALLOC EM-2001 %PLATFORM-TFQ-3-FATAL EM-2001 %PLATFORM-TFQ-3-FATAL_2 EM-2001 %PLATFORM-TFQ-3-GEN_INFO EM-2002 %PLATFORM-TFQ-3-INFO EM-2002 %PLATFORM-TFQ-3-MALLOC_DESC_FAILED EM-2002 %PLATFORM-TFQ-3-MALLOC_FAILED EM-2002 %PLATFORM-TFQ-3-MEM_ERR EM-2002 %PLATFORM-TFQ-3-MSGTOOBIG EM-2003 %PLATFORM-TFQ-3-MSGTOOBIG EM-2003 %PLATFORM-TFQ-3-NODEID_INVALID EM-2003 %PLATFORM-TFQ-3-NOT_YET_IMPLEMENTED EM-2003 %PLATFORM-TFQ-3-PAK_DUPLICATE_ERR EM-2004 %PLATFORM-TFQ-3-PAK_FREE_ERR EM-2004 %PLATFORM-TFQ-3-PAK_INVALID EM-2004 %PLATFORM-TFQ-3-PAK_INVALID EM-2004 %PLATFORM-TFQ-3-PAK_LEGACY EM-2005 %PLATFORM-TFQ-3-QUEUE_BLOCKED EM-2005 %PLATFORM-TFQ-3-USAGE EM-2005 %PLATFORM-TFQ-4-NODEID_INVALID EM-2005 %PLATFORM-TFQ-5-UNEXPECTED_PKT EM-2006 %PLATFORM-TIMESYNC_CLIENT-4-ERR_CONNECT_ARB EM-2006 %PLATFORM-TIMESYNC_CLIENT-4-ERR_GET_ARB_STAT E EM-2007 %PLATFORM-TIMESYNC_CLIENT-4-ERR_GET_TIME EM- 2007 %PLATFORM-TIMESYNC_CLIENT-4-ERR_INIT_DSC EM-2 007 %PLATFORM-TIMESYNC_CLIENT-4-ERR_READ_MBUS E M-2008 %PLATFORM-TIMESYNC_CLIENT-4-ERR_SET_TIME EM- 2008 %PLATFORM-TIMESYNC_CLIENT-4-ERR_WRITE_MBUS EM-2008 %PLATFORM-TIMESYNC_CLIENT-6-TIME_SET EM-2008 %PLATFORM-TIMESYNC-4-ERR_CONNECT_ARB EM-2009 %PLATFORM-TIMESYNC-4-ERR_GET_ARB_STATE EM-20 09 %PLATFORM-TIMESYNC-4-ERR_GET_TIME EM-2009 %PLATFORM-TIMESYNC-4-ERR_WRITE_MBUS EM-2010 %PLATFORM-TIMESYNC-5-ERR_GET_LR_INFO EM-2010 %PLATFORM-TLU-4-ADDR_VALIDATE_FAILED EM-2010 %PLATFORM-TOPMGR-2-INIT_FAILURE EM-2011 %PLATFORM-TOPMGR-2-MALLOC_FAILURE EM-2011 %PLATFORM-TOPMGR-3-CHILD_NOTFOUND EM-2011 %PLATFORM-TSEC-2-DRIVER_FATAL EM-2011 %PLATFORM-TSEC-3-DRIVER_ERROR EM-2012 %PLATFORM-TSEC-3-DRIVER_ERROR_BUFALIGN EM-20 12 %PLATFORM-TSEC-3-OPERATION_ERROR EM-2012 %PLATFORM-TSEC-6-DRIVER_INFO EM-2012 %PLATFORM-TSEC-6-DRIVER_INFO_1REG EM-2012 %PLATFORM-TSEC-6-DRIVER_INFO_2REG EM-2013 %PLATFORM-TSEC-6-OPERATION_INFO EM-2013 %PLATFORM-UPGRADE_FPD-2-FATAL EM-2013 %PLATFORM-UPGRADE_FPD-3-ASYNC_ATTACH EM-201 3 %PLATFORM-UPGRADE_FPD-3-CHAN_CREATE EM-2014 %PLATFORM-UPGRADE_FPD-3-ERROR EM-2014 %PLATFORM-UPGRADE_FPD-3-EVT_BLOCK EM-2014 %PLATFORM-UPGRADE_FPD-3-FAILED EM-2014 %PLATFORM-UPGRADE_FPD-3-MSG_REPLY EM-2015 %PLATFORM-UPGRADE_FPD-3-SYNC_ATTACH EM-2015 %PLATFORM-UPGRADE_FPD-4-DOWN_REV EM-2015 %PLATFORM-UPGRADE_FPD-4-ROMMONA_DOWN_REV EM-2015 %PLATFORM-UPGRADE_FPD-4-UP_REV EM-2015 %PLATFORM-UPGRADE_FPD-4-WARNING EM-2016 %PLATFORM-UPGRADE_FPD-6-PASSED EM-2016 %PLATFORM-UPGRADE_FPD-6-START EM-2016 %PLATFORM-UPGRADE_FPD-6-STATUS EM-2016 %PLATFORM-UPGRADE_FPD-6-STATUS_LOC EM-2016 %PLATFORM-UPGRADE-3-FL_SIZE EM-2017 %PLATFORM-UPGRADE-3-IMAGE_UNAVAIL EM-2017 %PLATFORM-UPGRADE-3-INVALID_IMAGETYPE EM-201 7 %PLATFORM-UPGRADE-3-INVALID_MSGTYPE EM-2017 %PLATFORM-UPGRADE-3-NEW_ROM_SIZE EM-2017 %PLATFORM-UPGRADE-3-NEW_ROM_SIZE EM-2018 %PLATFORM-UPGRADE-3-RP_WARNING EM-2018 %PLATFORM-UPGRADE-3-SETUP_FAILURE EM-2018 %PLATFORM-UPGRADE-3-VERSION_MISSING EM-2018 %PLATFORM-UPGRADE-7-ERASE_SECTORS EM-2018 %PLATFORM-UPGRADE-7-ERASE_SECTORS EM-2019 %PLATFORM-UPGRADE-7-ERR_BUF_READ EM-2019 %PLATFORM-UPGRADE-7-ERR_BUF_READ EM-2019 %PLATFORM-UPGRADE-7-ERR_CHAN_CREATE EM-2019 %PLATFORM-UPGRADE-7-ERR_DEBUG_INIT EM-2019 %PLATFORM-UPGRADE-7-ERR_DEBUG_REG EM-2019 %PLATFORM-UPGRADE-7-ERR_EVENT_MGR EM-2020 %PLATFORM-UPGRADE-7-ERR_FILE_OPEN EM-2020 %PLATFORM-UPGRADE-7-ERR_FILE_OPEN EM-2020 %PLATFORM-UPGRADE-7-ERR_LWM_REPLY EM-2020 %PLATFORM-UPGRADE-7-ERR_MEM_ALLOC EM-2020 %PLATFORM-UPGRADE-7-ERR_MEM_ALLOC EM-2021 %PLATFORM-UPGRADE-7-FLASH_DEVICE EM-2021 %PLATFORM-UPGRADE-7-FLASH_DEVICE EM-2021 %PLATFORM-UPGRADE-7-GET_SLOT EM-2021 %PLATFORM-UPGRADE-7-MMAP EM-2021Index EM-2710 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %PLATFORM-UPGRADE-7-MMAP EM-2021 %PLATFORM-UPGRADE-7-MUNMAP EM-2022 %PLATFORM-UPGRADE-7-MUNMAP EM-2022 %PLATFORM-UPGRADE-7-PROGRAM_FLASH EM-2022 %PLATFORM-UPGRADE-7-PROGRAM_FLASH EM-2022 %PLATFORM-UPGRADE-7-PROGRAM_FLASH_HEADER EM-2022 %PLATFORM-UPGRADE-7-STAT EM-2022 %PLATFORM-UPGRADE-7-STAT EM-2023 %PLATFORM-UPGRADE-7-STATUS_SEND EM-2023 %PLATFORM-UPGRADE-7-VERIFY_FLASH EM-2023 %PLATFORM-UPGRADE-7-VERIFY_FLASH EM-2023 %PLATFORM-UPGRADE-7-VERIFY_FLASH_HEADER EM- 2023 %PLATFORM-USB-2-DEV_CTRL_TIMEOUT EM-2024 %PLATFORM-USB-2-DEV_EUSB0_TIMEOUT EM-2024 %PLATFORM-USB-2-DEV_EUSB1_TIMEOUT EM-2024 %PLATFORM-USB-2-DEV_HUB_TIMEOUT EM-2024 %PLATFORM-USB-2-DEVICE_TIMEOUT EM-2025 %PLATFORM-USB-3-DEV_COMPACTFLASH_TIMEOUT E M-2025 %PLATFORM-VCDMA-7-ERR_BAG_REG EM-2025 %PLATFORM-VCDMA-7-ERR_DLL_INIT EM-2025 %PLATFORM-VCDMA-7-ERR_EVM_CREATE EM-2026 %PLATFORM-VCDMA-7-ERR_EVM_NOTIFY EM-2026 %PLATFORM-VCDMA-7-ERR_SYSDB_EDM_REG EM-2026 %PLATFORM-VKG_AMCC2035-3-ERROR_EXIT EM-2026 %PLATFORM-VKG_AMCC2035-3-IF_OPERATION_FAIL E M-2027 %PLATFORM-VKG_AMCC2035-3-OPERATION_FAIL EM-2 027 %PLATFORM-VKG_AMCC2035-7-INFO EM-2027 %PLATFORM-VKG_BCM8705-3-ERROR_EXIT EM-2027 %PLATFORM-VKG_BCM8705-3-IF_OPERATION_FAIL EM -2028 %PLATFORM-VKG_BCM8705-3-OPERATION_FAIL EM-202 8 %PLATFORM-VKG_BCM8705-7-INFO EM-2028 %PLATFORM-VKG_IP_EA-3-CRITICAL EM-2028 %PLATFORM-VKG_IP_EA-3-ERROR1 EM-2028 %PLATFORM-VKG_IP_EA-3-ERROR2 EM-2029 %PLATFORM-VKG_IP_EA-5-DEBUG EM-2029 %PLATFORM-VKG_LCPM_SHOW-3-ERROR EM-2029 %PLATFORM-VKG_LCPM_SHOW-7-USAGE EM-2029 %PLATFORM-VKG_MPLS_EA-3-ERR EM-2029 %PLATFORM-VKG_MPLS_EA-3-ERRSTR EM-2030 %PLATFORM-VKG_MPLS_EA-6-INFO EM-2030 %PLATFORM-VKG_PM_TEST-3-ERROR EM-2030 %PLATFORM-VKG_PM_TEST-3-ERROR_2 EM-2030 %PLATFORM-VKG_PM-3-ERROR EM-2031 %PLATFORM-VKG_PM-3-ERROR_INIT EM-2031 %PLATFORM-VKG_PM-4-WARNING EM-2031 %PLATFORM-VKG_SERDES-3-ERROR_EXIT EM-2031 %PLATFORM-VKG_SERDES-3-IF_OPERATION_FAIL EM-2 032 %PLATFORM-VKG_SERDES-3-MUTEX_OPERATION_FAIL EM-2032 %PLATFORM-VKG_SERDES-3-OPERATION_FAIL EM-2032 %PLATFORM-VKG_SERDES-7-INFO EM-2032 %PLATFORM-WD_PLATFORM_SP-2-FAILED_TO_TICK E M-2032 %PLATFORM-WD_PLATFORM_SP-2-INTERNAL_ERROR EM-2033 %PLATFORM-WD_PLATFORM_SP-3-INVALID_TICK_CALL EM-2033 %PLATFORM-WD_PLATFORM_SP-3-SRP_STATE_CHANGE _REG_FAILED EM-2033 %PLATFORM-WD_PLATFORM_SP-4-INVALID_TICKER E M-2033 %PLATFORM-WD_PLATFORM_SP-4-WATCHDOG_STATE EM-2033 %PLATFORM-WD_PLATFORM_SP-6-SRP_READY_STATE EM-2033 %PLATFORM-WD_PLATFORM-2-FAILED_TO_TICK EM-20 34 %PLATFORM-WD_PLATFORM-2-FAILED_TO_TICK EM-20 34 %PLATFORM-WD_PLATFORM-2-INTERNAL_ERROR EM- 2034 %PLATFORM-WD_PLATFORM-2-INTERNAL_ERROR EM- 2034 %PLATFORM-WD_PLATFORM-3-INVALID_TICK_CALL E M-2034 %PLATFORM-WD_PLATFORM-3-INVALID_TICK_CALL E M-2035 %PLATFORM-WD_PLATFORM-3-SRP_STATE_CHANGE_RE G_FAILED EM-2035 %PLATFORM-WD_PLATFORM-3-SRP_STATE_CHANGE_RE G_FAILED EM-2035 %PLATFORM-WD_PLATFORM-4-INVALID_TICKER EM-2 035 %PLATFORM-WD_PLATFORM-4-INVALID_TICKER EM-2 035 %PLATFORM-WD_PLATFORM-4-WATCHDOG_STATE EM -2036 %PLATFORM-WD_PLATFORM-4-WATCHDOG_STATE EM -2036 %PLATFORM-WD_PLATFORM-6-SRP_READY_STATE EM -2036 %PLATFORM-XCVR-3-ERROR EM-2036 %PLATFORM-XCVR-3-FAILURE EM-2036 %PLATFORM-XCVR-6-ENABLE EM-2037 %PLATFORM-XCVR-6-INFO EM-2037 %PLATFORM-XCVR-6-OIR EM-2037 %PLATFORM-XCVR-6-REMOVAL EM-2037 %PLATFORM-XCVR-7-TRACE EM-2037 %PLATFORM-XFP-2-DEV_XFP_COMPLIANCE_ERROR E M-2038 %PLATFORM-XFP-2-DEV_XFP_SUPPORTED_ERROR EM- 2038 %PLATFORM-XFP-3-DEV_XFP_PID_NOT_SUPPORTED E M-2038 %QOS-EFCM-3-ERROR EM-2039 %QOS-EFCM-6-INFO EM-2039 %QOS-EFCM-7-DEBUG EM-2039 %QOS-QOS_EA_TEST-3-ERROR EM-2040Index EM-2711 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %QOS-QOS_EA_TEST-3-ERROR EM-2040 %QOS-QOS_EA_VERIFY-6-ERROR EM-2040 %QOS-QOS_FIFO-7-DEBUG_INIT_ERROR EM-2040 %QOS-QOS_MA-3-CAPS_INFO_ADD EM-2041 %QOS-QOS_MA-3-CAPS_REMOVE EM-2041 %QOS-QOS_MA-3-DPC_REM EM-2041 %QOS-QOS_MA-3-OP_FAIL EM-2041 %QOS-QOS_MA-7-FABQOS_SEND_FAILED EM-2041 %QOS-QOS_MA-7-INIT EM-2042 %QOS-QOS_MA-7-INVALID_CAPS_STATUS EM-2042 %QOS-QOS_MA-7-INVALID_ERROR_ARRAY_STATUS E M-2042 %QOS-QOS_TXM-7-DEBUG_INIT_ERROR EM-2042 %QOS-QOS_TXM-7-UNINITIALISE_ERROR EM-2043 %QOS-QOS-2-MALLOC_FAIL EM-2043 %QOS-QOS-3-BW_BUNDLE_ABSOLUTE EM-2043 %QOS-QOS-3-BW_SUM_EXCEEDS_100_PC EM-2043 %QOS-QOS-3-CONNECT_FAIL EM-2043 %QOS-QOS-3-DEBUG_FAIL EM-2044 %QOS-QOS-3-DEF_CLASS_BW_EXCEED_99_PC EM-2044 %QOS-QOS-3-EA_IIR_ATTACH_FAILURE EM-2044 %QOS-QOS-3-EA_IM_CAPS_RESYNC_FAILURE EM-2044 %QOS-QOS-3-EA_ROLLBACK_FAILURE_DURING_MODIFY EM-2045 %QOS-QOS-3-EVM_CREATE_FAIL EM-2045 %QOS-QOS-3-FABQOS_BWR_UNSUPPORTED EM-2045 %QOS-QOS-3-MAX_CLASS_EXCEEDED_FOR_FABQOS E M-2045 %QOS-QOS-3-ONLY_PRI_OR_BW_REM_PERCENT_ALLOW ED EM-2045 %QOS-QOS-3-OVER_SUBSCRIPTION_OF_MIN_BW_GAURA NTEES EM-2046 %QOS-QOS-3-QFIFO_DEBUG_NETIO_INIT_FAIL EM-2046 %QOS-QOS-3-UNSUPPORTED_CONFIG_ON_PARENT_CLAS S EM-2046 %QOS-QOS-3-UNSUPPORTED_IP_OR_MPLS_MATCH_CONF IG EM-2046 %QOS-QOS-3-UNSUPPORTED_L2_MATCH_CONFIG EM-2 046 %QOS-QOS-3-UNSUPPORTED_MAC_ADDR_MATCH_CONFI G EM-2047 %QOS-QOS-3-UNSUPPORTED_MARKING_CONFIG EM-20 47 %QOS-QOS-3-UNSUPPORTED_MATCH_COS_CONFIG EM- 2047 %QOS-QOS-3-UNSUPPORTED_MIN_BW_CONFIG EM-2047 %QOS-QOS-3-UNSUPPORTED_MULTIPLE_POLICER_ACTIO NS EM-2047 %QOS-QOS-3-UNSUPPORTED_POLICER_MARKING_CONFI G EM-2048 %QOS-QOS-3-UNSUPPORTED_POLICER_MARKING_L2_CO S_CONFIG EM-2048 %QOS-QOS-3-UNSUPPORTED_POLICER_RATE EM-2048 %QOS-QOS-3-UNSUPPORTED_Q_LIMIT_CONFIG EM-2048 %QOS-QOS-3-UNSUPPORTED_WRED_CONFIG EM-2048 %QOS-QOS-3-WAIT_ERR EM-2049 %QOS-QOS-3-WRONG_QUANTAS_SPECIFIED EM-2049 %QOS-QOS-4-ERR_EVM_EVENT_BLOCK EM-2049 %QOS-QOS-4-ERR_EVM_EVENT_BLOCK EM-2049 %QOS-QOS-4-PARENT_HAS_NO_QUEUEING_CONFIG EM -2049 %QOS-QOS-4-Q_LIMIT_BELOW_MIN EM-2050 %QOS-QOS-4-Q_THRESHOLD_EXCEEDS_MAX EM-2050 %QOS-QOS-4-WRED_THRESH_MORE_THAN_QUEUE_LIMI T EM-2050 %QOS-QOS-5-PARENT_HAS_NO_BW_MIN_CONFIGURED EM-2050 %QOS-QOS-6-EA_DEBUG_INIT_FAIL EM-2050 %QOS-QOS-6-EA_LTRACE_INIT_FAIL EM-2051 %QOS-QOS-6-EA_MIPC_NTFN_ACK_FAILURE EM-2051 %QOS-QOS-6-EA_MIPC_NTFN_HNDLR_FAILURE EM-2051 %QOS-QOS-6-MIN_BW_IGNORED_ON_SUBIF EM-2051 %QOS-QOS-6-NETIO_SET_PAK_SHAPEQ_FAIL EM-2051 %QOS-QOS-6-QFIFO_DEBUG_NETIO_INIT_FAIL EM-2052 %QOS-QOS-7-CONNECT_FAIL EM-2052 %QOS-QOS-7-CONNECT_FAIL EM-2052 %QOS-QOS-7-ERR_EVM_CREATE EM-2052 %QOS-QOS-7-ERR_EVM_CREATE EM-2053 %QOS-QOS-7-NETIO_SET_PAK_SHAPEQ_FAIL EM-2053 %QOS-QOSEA-3-BWCHG_ERROR EM-2053 %QOS-QOSEA-3-ERROR EM-2053 %QOS-QOSEA-3-EXIT_ERROR EM-2053 %QOS-QOSEA-3-IMATTR_ERROR EM-2054 %QOS-QOSEA-3-MSG_CHAN EM-2054 %QOS-QOSEA-3-MSG_HANDLER_ERR EM-2054 %QOS-QOSEA-3-POLICY_ERROR EM-2054 %QOS-QOSEA-3-ROLLBACK_ERROR EM-2054 %QOS-QOSEA-3-UNHANDLED_MSG EM-2054 %QOS-QOSEA-3-UNKNOWN_MSG EM-2055 %QOS-QOSEA-4-WARN EM-2055 %QOS-QOSEA-5-NOTICE EM-2055 %QOS-QOSEA-6-BWCHG_LOG EM-2055 %QOS-QOSEA-6-INFO EM-2055 %QOS-QOSEA-6-MSG_ASYNC EM-2055 %QOS-QOSEA-6-POLICY_INFO EM-2056 %QOS-QOSEA-7-DEBUG EM-2056 %QOS-QOSRM_DLL-3-ERROR EM-2056 %QOS-QOSRM_DLL-3-MSG_CHAN EM-2056 %QOS-QOSRM_DLL-3-MSG_HANDLER_ERR EM-2056 %QOS-QOSRM_DLL-3-UNHANDLED_MSG EM-2056 %QOS-QOSRM_DLL-3-UNKNOWN_MSG EM-2057 %QOS-QOSRM_DLL-3-UNKNOWN_QTYPE EM-2057 %QOS-QOSRM_DLL-4-WARN EM-2057 %QOS-QOSRM_DLL-6-INFO EM-2057 %QOS-QOSRM_DLL-6-MSG_ASYNC EM-2057 %QOS-QOSRM_DLL-7-DEBUG EM-2057 %QOS-QOSRM-3-ERROR EM-2058 %QOS-QOSRM-3-MSG_CHAN EM-2058 %QOS-QOSRM-3-MSG_HANDLER_ERR EM-2058 %QOS-QOSRM-3-UNHANDLED_MSG EM-2058 %QOS-QOSRM-3-UNKNOWN_MSG EM-2058 %QOS-QOSRM-3-UNKNOWN_QTYPE EM-2059 %QOS-QOSRM-4-WARN EM-2059 %QOS-QOSRM-6-INFO EM-2059 %QOS-QOSRM-6-MSG_ASYNC EM-2059 %QOS-QOSRM-7-DEBUG EM-2059Index EM-2712 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-AIB-1-EVENTBLOCK EM-2061 %ROUTING-AIB-3-EXTRA_UNLOCK EM-2061 %ROUTING-AIB-4-INDEX_REG_FAIL EM-2062 %ROUTING-AIB-4-INDEX_VERSION_FAIL EM-2062 %ROUTING-AIB-4-LTRACE_ERROR EM-2062 %ROUTING-AIB-4-RADIXINIT_FAIL EM-2062 %ROUTING-AIB-4-SHM_FAIL EM-2063 %ROUTING-AIB-4-SYSTEM_FAIL EM-2063 %ROUTING-AUTORP_CRP-3-BAG_RELATED_ERROR EM- 2063 %ROUTING-AUTORP_CRP-3-EDM_ACCESS_ERROR EM-2 063 %ROUTING-AUTORP_CRP-3-EVENT_CONN_MGR_ERROR EM-2064 %ROUTING-AUTORP_CRP-3-EVENT_MGR_CREATE_FAILE D EM-2064 %ROUTING-AUTORP_CRP-3-GEN_ERROR EM-2064 %ROUTING-AUTORP_CRP-3-IM_RELATED_ERROR EM-20 64 %ROUTING-AUTORP_CRP-3-INIT_FAILED EM-2064 %ROUTING-AUTORP_CRP-3-IPARM_RELATED_FAILURE EM-2065 %ROUTING-AUTORP_CRP-3-MALLOC_FAILED EM-2065 %ROUTING-AUTORP_CRP-3-SOCKET_ERROR EM-2065 %ROUTING-AUTORP_CRP-3-SYSDB_ACCESS_ERROR EM -2065 %ROUTING-AUTORP_CRP-3-SYSDB_REGISTRATION_FAIL ED EM-2065 %ROUTING-AUTORP_CRP-3-TIMER_ERROR EM-2066 %ROUTING-AUTORP_CRP-3-TUPLE_ERROR EM-2066 %ROUTING-AUTORP_MAP-3-BAG_RELATED_ERROR EM -2066 %ROUTING-AUTORP_MAP-3-DEBUG_ERROR EM-2066 %ROUTING-AUTORP_MAP-3-EDM_ACCESS_ERROR EM-2 066 %ROUTING-AUTORP_MAP-3-EVENT_CONN_MGR_ERROR EM-2067 %ROUTING-AUTORP_MAP-3-EVENT_MGR_CREATE_FAIL ED EM-2067 %ROUTING-AUTORP_MAP-3-IM_RELATED_ERROR EM-2 067 %ROUTING-AUTORP_MAP-3-INIT_FAILED EM-2067 %ROUTING-AUTORP_MAP-3-INIT_FAILED_ERR EM-2067 %ROUTING-AUTORP_MAP-3-IPARM_RELATED_FAILURE EM-2068 %ROUTING-AUTORP_MAP-3-MALLOC_FAILED EM-2068 %ROUTING-AUTORP_MAP-3-OOR_LIMIT EM-2068 %ROUTING-AUTORP_MAP-3-RTREE_ERROR EM-2068 %ROUTING-AUTORP_MAP-3-SOCKET_ERROR EM-2068 %ROUTING-AUTORP_MAP-3-SYSDB_ACCESS_ERROR E M-2069 %ROUTING-AUTORP_MAP-3-SYSDB_REGISTRATION_FAIL ED EM-2069 %ROUTING-AUTORP_MAP-3-TIMER_ERROR EM-2069 %ROUTING-AUTORP_MAP-3-TUPLE_ERROR EM-2069 %ROUTING-BGP_VRF-3-DUPLICATE_ID EM-2070 %ROUTING-BGP_VRF-3-INIT EM-2070 %ROUTING-BGP_VRF-3-NOTIFY EM-2070 %ROUTING-BGP_VRF-3-RD_APPLY EM-2070 %ROUTING-BGP_VRF-3-RD_PUBLISH EM-2071 %ROUTING-BGP-2-ADDROUTE EM-2071 %ROUTING-BGP-2-BRIB_API_SYNC EM-2071 %ROUTING-BGP-2-ERR_EVM_EVENT_BLOCK EM-2071 %ROUTING-BGP-2-ERR_FILE_ATTACH EM-2072 %ROUTING-BGP-2-ERR_MEM_ALLOC EM-2072 %ROUTING-BGP-2-ERR_THREAD_DEADLOCK EM-2072 %ROUTING-BGP-2-FATAL_WRAPPER EM-2072 %ROUTING-BGP-2-TRIGGER_FO EM-2072 %ROUTING-BGP-3-AF_LIB_FILE_ERROR EM-2073 %ROUTING-BGP-3-AF_LIB_FILE_WRONG_INFO EM-2073 %ROUTING-BGP-3-ALREADY_DONE EM-2073 %ROUTING-BGP-3-ATTRKEY_BAD EM-2073 %ROUTING-BGP-3-ATTRKEY_CHKPT EM-2073 %ROUTING-BGP-3-ATTRKEY_OVERFLOW EM-2074 %ROUTING-BGP-3-BAD_REFCNT EM-2074 %ROUTING-BGP-3-BPM_AS_INIT EM-2074 %ROUTING-BGP-3-BPM_INIT EM-2074 %ROUTING-BGP-3-BPM_PROCESS_START EM-2074 %ROUTING-BGP-3-BPM_PROCESS_STOP EM-2075 %ROUTING-BGP-3-BPM_SWITCH_MODE EM-2075 %ROUTING-BGP-3-BRIB_INIT EM-2075 %ROUTING-BGP-3-BUF_TOO_SHORT EM-2075 %ROUTING-BGP-3-COMM_DECODE_RDINFO EM-2076 %ROUTING-BGP-3-CONFIG_DEL EM-2076 %ROUTING-BGP-3-CONFIG_FALLOVER EM-2076 %ROUTING-BGP-3-CONFIG_SET EM-2076 %ROUTING-BGP-3-CREATE_REGS EM-2076 %ROUTING-BGP-3-DEBUG_CONFIG EM-2077 %ROUTING-BGP-3-DELPATH EM-2077 %ROUTING-BGP-3-DLL_ERROR EM-2077 %ROUTING-BGP-3-EDM_INIT_FAILED EM-2077 %ROUTING-BGP-3-ERR_ALM_API EM-2077 %ROUTING-BGP-3-ERR_ALM_ONE_LABEL EM-2078 %ROUTING-BGP-3-ERR_GENERAL EM-2078 %ROUTING-BGP-3-EXTCOMM EM-2078 %ROUTING-BGP-3-EXTCOMM_ADD EM-2078 %ROUTING-BGP-3-GWCTX_CREATE EM-2079 %ROUTING-BGP-3-HA_INIT EM-2079 %ROUTING-BGP-3-IFACE_LOOKUP EM-2079 %ROUTING-BGP-3-IM_DMZLINK_BW EM-2079 %ROUTING-BGP-3-IMPORT_INIT EM-2079 %ROUTING-BGP-3-INIT_GET_VALUE EM-2080 %ROUTING-BGP-3-INITSYNC_FAILED EM-2080 %ROUTING-BGP-3-INITSYNC_PFX_MISMATCH EM-2080 %ROUTING-BGP-3-INSUFMEM EM-2080 %ROUTING-BGP-3-INTERNAL_ERROR EM-2080 %ROUTING-BGP-3-INVAL_REDUNDANCY_ROLE EM-2081 %ROUTING-BGP-3-IO_INIT EM-2081 %ROUTING-BGP-3-IO_INITSYNC_SESSION_FAILED EM-2 081 %ROUTING-BGP-3-LABEL_INIT EM-2081 %ROUTING-BGP-3-LOCK_RECURSIVE EM-2081 %ROUTING-BGP-3-MALFORM_UPDATE EM-2082 %ROUTING-BGP-3-MAX_IMPORT EM-2082 %ROUTING-BGP-3-MAX_VALUE_EXCEEDED EM-2082 %ROUTING-BGP-3-MIB_INIT EM-2082Index EM-2713 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-BGP-3-NBR_NSR_DISABLED EM-2083 %ROUTING-BGP-3-NEGCOUNTER EM-2083 %ROUTING-BGP-3-NH_LOCK_RECURSIVE EM-2083 %ROUTING-BGP-3-NH_UNLOCK_ERR EM-2083 %ROUTING-BGP-3-NOMEM_RESET EM-2083 %ROUTING-BGP-3-NOMSGCHUNK EM-2084 %ROUTING-BGP-3-NOPAK_CONN EM-2084 %ROUTING-BGP-3-ORA_INSTBUILD EM-2084 %ROUTING-BGP-3-ORA_ORABUILD EM-2084 %ROUTING-BGP-3-ORA_RUN EM-2084 %ROUTING-BGP-3-OVERCOUNTER EM-2085 %ROUTING-BGP-3-PENDING_MSG_ERR EM-2085 %ROUTING-BGP-3-QAD_FAILURE EM-2085 %ROUTING-BGP-3-QAD_SEND_ERR EM-2085 %ROUTING-BGP-3-QAD_TIMEOUT EM-2085 %ROUTING-BGP-3-RD_CREATE EM-2086 %ROUTING-BGP-3-RD_LOCK_RECURSIVE EM-2086 %ROUTING-BGP-3-RD_UNLOCK_ERR EM-2086 %ROUTING-BGP-3-REDIST_FAIL EM-2086 %ROUTING-BGP-3-RIB_CONN_FAIL EM-2087 %ROUTING-BGP-3-RIB_FAIL EM-2087 %ROUTING-BGP-3-RIB_INIT EM-2087 %ROUTING-BGP-3-RIB_INIT_FAIL EM-2087 %ROUTING-BGP-3-RIB_RETRY_FAIL EM-2087 %ROUTING-BGP-3-RIB_TABLE_FAIL EM-2088 %ROUTING-BGP-3-SCAN_INIT EM-2088 %ROUTING-BGP-3-SPKR_INIT EM-2088 %ROUTING-BGP-3-TABLE_CREATE EM-2088 %ROUTING-BGP-3-TBLATTR_VERSION EM-2088 %ROUTING-BGP-3-TIMER_PARENT_CHANGE EM-2089 %ROUTING-BGP-3-UNDERCOUNTER EM-2089 %ROUTING-BGP-3-UNKNOWN_MEMSTATE EM-2089 %ROUTING-BGP-3-UNLOCK_ERR EM-2089 %ROUTING-BGP-3-VRF_CREATE EM-2089 %ROUTING-BGP-3-VRF_DELETE EM-2090 %ROUTING-BGP-4-ATTRKEY_INCONSISTENT EM-2090 %ROUTING-BGP-4-BFD_INVALID_NBR EM-2090 %ROUTING-BGP-4-CAP_4BYTEAS EM-2090 %ROUTING-BGP-4-DESTROY_CHUNK EM-2091 %ROUTING-BGP-4-ENCODE_NET_OVERRUN EM-2091 %ROUTING-BGP-4-INCONSISTENT EM-2091 %ROUTING-BGP-4-LOCK_ORDER EM-2091 %ROUTING-BGP-4-LOCK_RELEASE EM-2091 %ROUTING-BGP-4-MAXPFXEXCEED EM-2092 %ROUTING-BGP-4-MISSING_SUBGRP EM-2092 %ROUTING-BGP-4-POLICY_COMMUNITY_OVERFLOW E M-2092 %ROUTING-BGP-4-POLICY_EBGP EM-2092 %ROUTING-BGP-4-POLICY_IBGP EM-2092 %ROUTING-BGP-4-POLICY_NHOP_WRONGAFI EM-2093 %ROUTING-BGP-4-POTENTIAL_DEADLOCK EM-2093 %ROUTING-BGP-4-RIB_REG_FAIL EM-2093 %ROUTING-BGP-4-SAME_RD_SET EM-2093 %ROUTING-BGP-4-SPKR_RUNNING EM-2094 %ROUTING-BGP-4-UNKNOWN_ACL EM-2094 %ROUTING-BGP-5-ADJCHANGE EM-2094 %ROUTING-BGP-5-BPM_ROUTER_ID EM-2094 %ROUTING-BGP-5-IO_INITSYNC_FAILED EM-2094 %ROUTING-BGP-5-LOWMEM_RESET EM-2095 %ROUTING-BGP-5-LOWMEM_SHUTDOWN EM-2095 %ROUTING-BGP-5-MAXPFX EM-2095 %ROUTING-BGP-5-NSR_STATE_CHANGE EM-2095 %ROUTING-BGP-5-POLICY_RESET EM-2096 %ROUTING-BGP-5-STANDBY EM-2096 %ROUTING-BGP-5-TBLATTR_UNLOCK_MISMATCH_TBLC TX EM-2096 %ROUTING-BGP-6-NBR_NOPOLICY EM-2096 %ROUTING-BGP-6-NSR_RESTART EM-2097 %ROUTING-BGP-6-WARNING_WRAPPER EM-2097 %ROUTING-BGP-7-BPM_CHKPT EM-2097 %ROUTING-C12000_IPV4_MRIB-3-INIT_ERROR EM-2097 %ROUTING-C12K_MCAST-3-CLEANUP_WARN EM-2098 %ROUTING-C12K_MCAST-3-ERROR EM-2098 %ROUTING-C12K_MCAST-3-INIT_WARN EM-2098 %ROUTING-C12K_MCAST-4-ANOMALY EM-2098 %ROUTING-CLNS-2-LC_INPUT EM-2098 %ROUTING-CLNS-3-ASYNC_ATTACH EM-2099 %ROUTING-CLNS-3-BUNDLE_FSV_REGISTER_FAIL EM-2 099 %ROUTING-CLNS-3-CONFIG_INIT EM-2099 %ROUTING-CLNS-3-CONN_OPEN EM-2099 %ROUTING-CLNS-3-DETACH EM-2100 %ROUTING-CLNS-3-DLL_REGISTER EM-2100 %ROUTING-CLNS-3-EDM_CLIENT EM-2100 %ROUTING-CLNS-3-EDM_ENCODE_FAILED EM-2100 %ROUTING-CLNS-3-EDM_INIT EM-2100 %ROUTING-CLNS-3-ERR_DEBUG_PACKET_INIT EM-2101 %ROUTING-CLNS-3-ERR_DEBUG_RETRIES_EXCEEDED EM-2101 %ROUTING-CLNS-3-ERR_DROP_PKT EM-2101 %ROUTING-CLNS-3-ERR_INTERFACE_DATA EM-2101 %ROUTING-CLNS-3-ERR_MEDIA_REGISTER EM-2102 %ROUTING-CLNS-3-ERR_NETIO_ENCAP_CALLBACK EM -2102 %ROUTING-CLNS-3-ERR_NETIO_SET_MAPPING EM-2102 %ROUTING-CLNS-3-ERR_PARTNER_LOOKUP EM-2102 %ROUTING-CLNS-3-ERROR_INIT EM-2103 %ROUTING-CLNS-3-ETHERENCAP EM-2103 %ROUTING-CLNS-3-EVENT_CONN_CREATE_FAIL EM-21 03 %ROUTING-CLNS-3-EVENT_CONN_NOTIFY_FAIL EM-210 3 %ROUTING-CLNS-3-EVM_INIT EM-2104 %ROUTING-CLNS-3-GET_TRAFFIC EM-2104 %ROUTING-CLNS-3-HSSD_REGISTER_FAIL EM-2104 %ROUTING-CLNS-3-INTERFACE EM-2104 %ROUTING-CLNS-3-L2INFO_LEN EM-2104 %ROUTING-CLNS-3-LPTS_ADD_BINDING EM-2105 %ROUTING-CLNS-3-LPTS_DELETE_BINDING EM-2105 %ROUTING-CLNS-3-LPTS_SETOPT EM-2105 %ROUTING-CLNS-3-PAK EM-2105 %ROUTING-CLNS-3-PAK_READ EM-2105 %ROUTING-CLNS-3-SEND_ASYNC EM-2106 %ROUTING-CLNS-3-SOCK_INIT EM-2106 %ROUTING-CLNS-3-SOCK_SET_NAME EM-2106 %ROUTING-CLNS-3-SOCKET_PARSE_PATH EM-2106Index EM-2714 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-CLNS-3-SOCKET_RESMGR_ATTACH EM-2106 %ROUTING-CLNS-3-STATSD_INIT EM-2107 %ROUTING-CLNS-3-STATSD_REGISTER EM-2107 %ROUTING-CLNS-3-THREAD_CREATE EM-2107 %ROUTING-CLNS-3-TIMESTAMP EM-2107 %ROUTING-CLNS-4-BASE_CAPS_LU_FAIL EM-2108 %ROUTING-CLNS-4-DEBUG_REGISTER_FAIL EM-2108 %ROUTING-CLNS-4-ERR_CONN_SETRETRY EM-2108 %ROUTING-CLNS-4-ERR_IDB_LOOKUP_DROP_PKT EM-2 108 %ROUTING-CLNS-4-GET_MCASTADDR_ERR EM-2109 %ROUTING-CLNS-4-IM_CRE_REG_FAIL EM-2109 %ROUTING-CLNS-4-IM_SERV_BIND_FAIL EM-2109 %ROUTING-CLNS-4-IM_SIGEVENT_FAIL EM-2109 %ROUTING-CLNS-4-MAC_SIZE_ERR EM-2110 %ROUTING-CLNS-4-NETIO_OUTPUT_FAIL EM-2110 %ROUTING-CLNS-4-PAK_FROM_ISIS_FAIL EM-2110 %ROUTING-CLNS-4-PAK_FROM_NETIO_FAIL EM-2110 %ROUTING-CLNS-4-SEND_HELLO_PDU_TO_ISIS_FAIL E M-2111 %ROUTING-CLNS-4-SEND_PDU_TO_ISIS_FAIL EM-2111 %ROUTING-CLNS-4-TRACE_INIT_FAIL EM-2111 %ROUTING-CLNS-4-UNKNOWN_MEDIA EM-2111 %ROUTING-CLNS-7-CAPS_ADD_FAIL EM-2112 %ROUTING-CLNS-7-CONN_PAK_AREA_FAIL EM-2112 %ROUTING-CLNS-7-DEBUG_THREAD_CREATE EM-2112 %ROUTING-CLNS-7-ERR_L2_HASH EM-2112 %ROUTING-CLNS-7-ERR_STACKMEM EM-2113 %ROUTING-CLNS-7-IM_ATTR_REG_FAIL EM-2113 %ROUTING-DAD-3-ERR_EVM_ASYNC_ATTACH EM-2113 %ROUTING-DAD-3-ERR_SYSDB_BIND EM-2113 %ROUTING-DAD-3-ERR_SYSDB_DELETE EM-2114 %ROUTING-DAD-3-ERR_SYSDB_SET EM-2114 %ROUTING-DAD-3-ERR_SYSMGR_PROC_AVAILABLE E M-2114 %ROUTING-DAD-3-ERR_SYSMGR_PROC_CLEANUP EM-2 114 %ROUTING-DAD-3-ERR_SYSMGR_PROC_READY EM-211 5 %ROUTING-DAD-7-SETUP EM-2115 %ROUTING-EIGRP_POLICY-3-ORA_INSTBUILD EM-2115 %ROUTING-EIGRP_POLICY-3-ORA_ORABUILD EM-2115 %ROUTING-EIGRP_POLICY-3-ORA_RUN EM-2116 %ROUTING-EIGRP-2-ERR_MEM_ALLOC EM-2116 %ROUTING-EIGRP-3-ANCHORCOUNT EM-2116 %ROUTING-EIGRP-3-BADCOUNT EM-2116 %ROUTING-EIGRP-3-INTERNAL EM-2117 %ROUTING-EIGRP-3-MULTIFLOW EM-2117 %ROUTING-EIGRP-3-NOBUFFER EM-2117 %ROUTING-EIGRP-3-PAK_WRITE EM-2117 %ROUTING-EIGRP-3-PEERSEXIST EM-2117 %ROUTING-EIGRP-3-PFXLIMIT EM-2118 %ROUTING-EIGRP-3-RDBLEFT EM-2118 %ROUTING-EIGRP-3-REFCOUNT EM-2118 %ROUTING-EIGRP-3-SIA EM-2118 %ROUTING-EIGRP-3-UNKTIMER EM-2118 %ROUTING-EIGRP-4-ERR_SOCKET EM-2119 %ROUTING-EIGRP-4-PFXLIMITTHR EM-2119 %ROUTING-EIGRP-4-WARNING EM-2119 %ROUTING-EIGRP-5-NBRCHANGE EM-2119 %ROUTING-EIGRP-6-EVENT EM-2119 %ROUTING-EIGRP-6-PAK_SEND EM-2120 %ROUTING-EVENT-3-ERR_MEM_ALLOC EM-2120 %ROUTING-FIB_ForUs-3-LIB_DEBUG_INIT EM-2120 %ROUTING-FIB-1-FIBALLOC EM-2120 %ROUTING-FIB-1-FIBTBLINIT EM-2121 %ROUTING-FIB-2-BGP_ATTR_INSERT_DROP EM-2121 %ROUTING-FIB-2-IFH_RECYCLE_CLEANUP_EXT_FAIL E M-2121 %ROUTING-FIB-2-INIT EM-2121 %ROUTING-FIB-2-INVALID_MSG EM-2122 %ROUTING-FIB-2-NOMEM_ROUTEDROP_ADDMODIFY E M-2122 %ROUTING-FIB-2-NOMEM_ROUTEDROP_DEL EM-2122 %ROUTING-FIB-2-NOMEMINFO_ROUTEDROP EM-2122 %ROUTING-FIB-2-NOMEMINFO_SHMERR EM-2122 %ROUTING-FIB-2-OOR EM-2123 %ROUTING-FIB-2-OOR_TBL EM-2123 %ROUTING-FIB-2-PROTO_INIT EM-2123 %ROUTING-FIB-2-ROUTEDROP_UPD EM-2123 %ROUTING-FIB-2-SHMRESET EM-2124 %ROUTING-FIB-2-STATE EM-2124 %ROUTING-FIB-2-THREAD_INIT EM-2124 %ROUTING-FIB-3-ADD EM-2124 %ROUTING-FIB-3-ADJ_INIT EM-2124 %ROUTING-FIB-3-ATTRIBUTE EM-2125 %ROUTING-FIB-3-BCDL EM-2125 %ROUTING-FIB-3-BCDL EM-2125 %ROUTING-FIB-3-CFGREG EM-2125 %ROUTING-FIB-3-CLIENT EM-2125 %ROUTING-FIB-3-CLIENT_ERROR EM-2126 %ROUTING-FIB-3-DEFAULT_ROUTE_CREATE_FAIL EM- 2126 %ROUTING-FIB-3-DELETE EM-2126 %ROUTING-FIB-3-DUMMY_ZERO_ERR EM-2126 %ROUTING-FIB-3-DUMMY_ZERO_REMOVE EM-2126 %ROUTING-FIB-3-FIBGTRIEINIT EM-2127 %ROUTING-FIB-3-GEN_ERR EM-2127 %ROUTING-FIB-3-GTRIE EM-2127 %ROUTING-FIB-3-GTRIE_DEL EM-2127 %ROUTING-FIB-3-IDB EM-2127 %ROUTING-FIB-3-INIT_GR_EXIT_TOUT EM-2128 %ROUTING-FIB-3-INTERNAL_ERR EM-2128 %ROUTING-FIB-3-LCL_ATTRIB_MAX_REACHED EM-2128 %ROUTING-FIB-3-LEAF_DEPEND_CLEANUP_ERR EM-212 8 %ROUTING-FIB-3-MALLOC_FAILED EM-2128 %ROUTING-FIB-3-NOMEM EM-2129 %ROUTING-FIB-3-NOTABLE EM-2129 %ROUTING-FIB-3-PD_FAIL EM-2129 %ROUTING-FIB-3-PFI_FIB_IFTYPE_MISMATCH EM-2129 %ROUTING-FIB-3-PFI_IFINFO EM-2129 %ROUTING-FIB-3-PLATF_UPD_FAIL EM-2130 %ROUTING-FIB-3-RCC EM-2130 %ROUTING-FIB-3-RCC_NO_TABLE EM-2130 %ROUTING-FIB-3-RCC_TABLE EM-2130Index EM-2715 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-FIB-3-RECURSIVE_LOOP EM-2130 %ROUTING-FIB-3-RETRY EM-2131 %ROUTING-FIB-3-ROUTE EM-2131 %ROUTING-FIB-3-ROUTE_GEN EM-2131 %ROUTING-FIB-3-RPCINIT EM-2131 %ROUTING-FIB-3-SERVER EM-2131 %ROUTING-FIB-3-SERVER_CERR EM-2132 %ROUTING-FIB-3-SHM EM-2132 %ROUTING-FIB-3-SHMEM EM-2132 %ROUTING-FIB-3-TABLE EM-2132 %ROUTING-FIB-3-TE_CREATE_ERR EM-2132 %ROUTING-FIB-3-TE_DESTROY_ERR EM-2133 %ROUTING-FIB-3-THREAD EM-2133 %ROUTING-FIB-3-TIMER EM-2133 %ROUTING-FIB-4-FIBIDB EM-2133 %ROUTING-FIB-4-FIBIDB_LOOKUP_FAIL EM-2133 %ROUTING-FIB-4-HA EM-2134 %ROUTING-FIB-4-IM_CONN EM-2134 %ROUTING-FIB-4-INIT EM-2134 %ROUTING-FIB-4-LTRACE_ERR EM-2134 %ROUTING-FIB-4-PFI_IFH_CONN EM-2134 %ROUTING-FIB-4-PFI_IFH_CONN EM-2135 %ROUTING-FIB-4-PFI_IFH_LOOKUP EM-2135 %ROUTING-FIB-4-PULSE_HNDLR EM-2135 %ROUTING-FIB-4-RADIXINIT EM-2135 %ROUTING-FIB-4-RSRC_LOW EM-2135 %ROUTING-FIB-4-WARNING EM-2136 %ROUTING-FIB-5-ROUTE_UPDATE_DROP EM-2136 %ROUTING-FIB-6-DEBUG_REG EM-2136 %ROUTING-FIB-6-DEPEND_UNBIND_FAILURE EM-2136 %ROUTING-FIB-6-HARD_RESET EM-2137 %ROUTING-FIB-6-RSRC_OK EM-2137 %ROUTING-FWD_HA-4-PROCESS_RESTART EM-2137 %ROUTING-HFR_IPV4_MRIB-3-CHKPT_ERR EM-2137 %ROUTING-HFR_IPV4_MRIB-3-CHKPT_ERR EM-2138 %ROUTING-HFR_IPV4_MRIB-3-FGID_ADD_ERR EM-2138 %ROUTING-HFR_IPV4_MRIB-3-FGID_ADD_ERR EM-2138 %ROUTING-HFR_IPV4_MRIB-3-FGID_BATCH_ADD_ERR EM-2138 %ROUTING-HFR_IPV4_MRIB-3-FGID_BATCH_REMOVE_ER R EM-2138 %ROUTING-HFR_IPV4_MRIB-3-FGID_ERR EM-2139 %ROUTING-HFR_IPV4_MRIB-3-FGID_ERR EM-2139 %ROUTING-HFR_IPV4_MRIB-3-FGID_REMOVE_ERR EM- 2139 %ROUTING-HFR_IPV4_MRIB-3-FGID_REMOVE_ERR EM- 2139 %ROUTING-HFR_IPV4_MRIB-3-FILE_OPEN_ERR EM-2139 %ROUTING-HFR_IPV4_MRIB-3-IFH_ERR EM-2140 %ROUTING-HFR_IPV4_MRIB-3-IFH_ERR EM-2140 %ROUTING-HFR_IPV4_MRIB-3-IM_NAME_ERR EM-2140 %ROUTING-HFR_IPV4_MRIB-3-IM_NAME_ERR EM-2140 %ROUTING-HFR_IPV4_MRIB-3-INIT_ERR EM-2140 %ROUTING-HFR_IPV4_MRIB-3-INTERNAL_ERR EM-2141 %ROUTING-HFR_IPV4_MRIB-3-INTERNAL_ERR EM-2141 %ROUTING-HFR_IPV4_MRIB-3-INVALID_FGID_ERR EM- 2141 %ROUTING-HFR_IPV4_MRIB-3-INVALID_FGID_ERR EM- 2141 %ROUTING-HFR_IPV4_MRIB-3-MEM_ERR EM-2141 %ROUTING-HFR_IPV4_MRIB-3-MEM_ERR EM-2142 %ROUTING-HFR_IPV4_MRIB-3-PERF_ERR EM-2142 %ROUTING-HFR_IPV4_MRIB-3-PERF_ERR EM-2142 %ROUTING-IGMP_MTRACE-3-EVENT_ERROR EM-2142 %ROUTING-IGMP_MTRACE-3-INIT_ERROR EM-2142 %ROUTING-IGMP_MTRACE-3-MEMORY_ERROR EM-2143 %ROUTING-IGMP_MTRACE-3-MSG_ERROR EM-2143 %ROUTING-IGMP_MTRACE-3-SOCKET_ERROR EM-2143 %ROUTING-IGPTE_LIB-3-ERR_BAG_REGISTER EM-2143 %ROUTING-IGPTE_LIB-3-ERR_DBG_REGISTER EM-2144 %ROUTING-IGPTE_LIB-3-ERR_SYSDB_BIND EM-2144 %ROUTING-IGPTE_LIB-3-ERR_SYSDB_REG_NOTIFY EM- 2144 %ROUTING-IGPTE_LIB-3-ERR_SYSDB_UNREG_NOTIFY EM-2144 %ROUTING-IGPTE_LIB-4-CLIENT_ERR_MEM_ALLOC EM -2144 %ROUTING-IGPTE_LIB-4-DATA_QUEUE_FULL EM-2145 %ROUTING-IGPTE_LIB-4-ERR_MEM_ALLOC EM-2145 %ROUTING-IGPTE_LIB-4-INVALID_TLV EM-2145 %ROUTING-IGPTE_LIB-4-SERVER_ERR_CLINFO_HOLD E M-2145 %ROUTING-IGPTE_LIB-4-SERVER_ERR_CLINFO_UNHOLD EM-2145 %ROUTING-IP_STATIC_BFD_SESSMGR-4-UNSUPPORTED_I NTERFACE EM-2146 %ROUTING-IP_STATIC-3-IDB_DELETE EM-2146 %ROUTING-IP_STATIC-3-INTERNAL EM-2146 %ROUTING-IP_STATIC-3-ITAL_EVENT EM-2146 %ROUTING-IP_STATIC-3-ITAL_INTERFACE_CREATE EM -2147 %ROUTING-IP_STATIC-3-ITAL_TDB_REGISTER_FAILED EM-2147 %ROUTING-IP_STATIC-3-NHDB_DELETE EM-2147 %ROUTING-IP_STATIC-3-PATH_BP_DELETE EM-2147 %ROUTING-IP_STATIC-3-RIB_BATCH EM-2147 %ROUTING-IP_STATIC-3-RIB_CLEAR_PREFIX EM-2148 %ROUTING-IP_STATIC-3-RIB_CLEAR_TABLE EM-2148 %ROUTING-IP_STATIC-3-RIB_CLEAR_UNKNOWN_PREFIX EM-2148 %ROUTING-IP_STATIC-3-RIB_CLEAR_UNKNOWN_TABLE EM-2148 %ROUTING-IP_STATIC-3-RIB_ECMP EM-2149 %ROUTING-IP_STATIC-3-RIB_FETCH EM-2149 %ROUTING-IP_STATIC-3-RIB_FULL EM-2149 %ROUTING-IP_STATIC-3-RIB_INTERFACE EM-2149 %ROUTING-IP_STATIC-3-RIB_NEXTHOP EM-2150 %ROUTING-IP_STATIC-3-RIB_NEXTHOP_REGISTER EM-2 150 %ROUTING-IP_STATIC-3-RIB_NEXTHOP_UNREGISTER E M-2150 %ROUTING-IP_STATIC-3-RIB_TOO_MANY_PATHS EM-21 50 %ROUTING-IP_STATIC-3-SHUTDOWN EM-2151 %ROUTING-IP_STATIC-3-TDB_DELETE EM-2151 %ROUTING-IP_STATIC-3-TDB_REGISTER_FAILED EM-21Index EM-2716 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 51 %ROUTING-IP_STATIC-3-UPDATE_COMPLETE EM-2151 %ROUTING-IP_STATIC-6-CONFIG_MAXIMUM_CHANGE EM-2151 %ROUTING-IP_STATIC-6-NHDB_LOCAL EM-2152 %ROUTING-IP_STATIC-7-ITAL_INTERFACE_EVENT EM-2 152 %ROUTING-IPMC_GTRIE_DEBUG-3-ERR EM-2152 %ROUTING-IPMC_GTRIE_DEBUG-3-INIT_ERR EM-2152 %ROUTING-IPMC_GTRIE_DEBUG-6-TERM_ERR EM-2153 %ROUTING-IPMC_GTRIE_DEFAULT-2-FATAL EM-2153 %ROUTING-IPMC_GTRIE_DEFAULT-3-INIT_ERR EM-2153 %ROUTING-IPMC_GTRIE_DEFAULT-4-INIT_WARN EM-21 53 %ROUTING-IPMC_GTRIE_DEFAULT-4-WARN EM-2153 %ROUTING-IPV4_ADJ-3-ADD_DB_MALLOC_FAIL EM-215 4 %ROUTING-IPV4_ADJ-3-ENT_UPDATE EM-2154 %ROUTING-IPV4_ADJ-3-L2_LOADHASH_FAIL EM-2154 %ROUTING-IPV4_ADJ-3-NO_FIBIDB EM-2154 %ROUTING-IPV4_ADJ-4-ADD_DB EM-2155 %ROUTING-IPV4_ADJ-4-LARGE_MAC EM-2155 %ROUTING-IPV4_ADJ-6-DEBUG_REG EM-2155 %ROUTING-IPV4_ADJ-7-INV_MSG_CODE EM-2155 %ROUTING-IPV4_IGMP-3-ARM_UPDATE_ERR EM-2155 %ROUTING-IPV4_IGMP-3-CHUNK_ERR EM-2156 %ROUTING-IPV4_IGMP-3-CONTEXT_REG_ERR EM-2156 %ROUTING-IPV4_IGMP-3-EDM_INIT EM-2156 %ROUTING-IPV4_IGMP-3-GROUP_ADD_ERR EM-2156 %ROUTING-IPV4_IGMP-3-GROUP_ERR EM-2156 %ROUTING-IPV4_IGMP-3-GROUP_FIND_ERR EM-2157 %ROUTING-IPV4_IGMP-3-IDB_ADD_ERR EM-2157 %ROUTING-IPV4_IGMP-3-IDB_FREE_ERR EM-2157 %ROUTING-IPV4_IGMP-3-IDB_HANDLE_MISMATCH_ERR EM-2157 %ROUTING-IPV4_IGMP-3-IDB_INIT_ERR EM-2157 %ROUTING-IPV4_IGMP-3-IDB_LOST_GROUPS_ERR EM-2 158 %ROUTING-IPV4_IGMP-3-IDB_PRESENT_ERR EM-2158 %ROUTING-IPV4_IGMP-3-IDB_STATE_MONITOR_ERR E M-2158 %ROUTING-IPV4_IGMP-3-IDB_VERIFY_ERR EM-2158 %ROUTING-IPV4_IGMP-3-IDB_VERIFY1_ERR EM-2158 %ROUTING-IPV4_IGMP-3-IM_BATCH_STATE_ERR EM-21 59 %ROUTING-IPV4_IGMP-3-IM_BULK_ERR EM-2159 %ROUTING-IPV4_IGMP-3-INIT_ERR EM-2159 %ROUTING-IPV4_IGMP-3-JOIN_IN_SSM_RANGE EM-2159 %ROUTING-IPV4_IGMP-3-LTRACE_ERR EM-2159 %ROUTING-IPV4_IGMP-3-MRIB_CONN_ERR EM-2160 %ROUTING-IPV4_IGMP-3-NET_ERR EM-2160 %ROUTING-IPV4_IGMP-3-SOCK_ERR EM-2160 %ROUTING-IPV4_IGMP-3-SYSDB_BIND_ERR EM-2160 %ROUTING-IPV4_IGMP-3-SYSDB_BSCAN_ERR EM-2160 %ROUTING-IPV4_IGMP-3-SYSDB_INIT EM-2161 %ROUTING-IPV4_IGMP-3-SYSDB_REG_ERR EM-2161 %ROUTING-IPV4_IGMP-3-WDSYSMON_EVENT_ERROR E M-2161 %ROUTING-IPV4_IGMP-3-WDSYSMON_REGISTER_ERROR EM-2161 %ROUTING-IPV4_IGMP-4-OOM_STATE_THROTTLE EM-2 161 %ROUTING-IPV4_IGMP-4-OOM_STATE_UNTHROTTLE E M-2162 %ROUTING-IPV4_IGMP-4-OOR_WARN EM-2162 %ROUTING-IPV4_IGMP-6-ACCESS_GROUP_INFO EM-2162 %ROUTING-IPV4_IGMP-6-IPARMS_UPDATE_ERR EM-216 2 %ROUTING-IPV4_MCAST_CHKPT-3-ERR EM-2163 %ROUTING-IPV4_MCAST_NETIO_DEBUG-3-INIT_ERR E M-2163 %ROUTING-IPV4_MCAST_NETIO_DEBUG-6-TERM_ERR EM-2163 %ROUTING-IPV4_MFWD_HFR-5-ERR_SYSDB_INIT EM-21 63 %ROUTING-IPV4_MFWD_HFR-5-ERR_SYSDB_INIT EM-21 64 %ROUTING-IPV4_MFWD_HFR-7-ERR_BAG_REGISTRY E M-2164 %ROUTING-IPV4_MFWD_HFR-7-ERR_BAG_REGISTRY E M-2164 %ROUTING-IPV4_MFWD_HFR-7-ERR_EDM_REGISTER E M-2164 %ROUTING-IPV4_MFWD_HFR-7-ERR_EDM_REGISTER E M-2164 %ROUTING-IPV4_MFWD_HFR-7-ERR_GEN EM-2165 %ROUTING-IPV4_MFWD_HFR-7-ERR_GEN EM-2165 %ROUTING-IPV4_MFWD_VKG-5-ERR_SYSDB_INIT EM-21 65 %ROUTING-IPV4_MFWD_VKG-7-ERR_BAG_REGISTRY E M-2165 %ROUTING-IPV4_MFWD_VKG-7-ERR_EDM_REGISTER E M-2166 %ROUTING-IPV4_MFWD_VKG-7-ERR_GEN EM-2166 %ROUTING-IPV4_MFWD-3-ADJ_CREATE EM-2166 %ROUTING-IPV4_MFWD-3-BOUNDARY_FAIL EM-2166 %ROUTING-IPV4_MFWD-3-ERR EM-2167 %ROUTING-IPV4_MFWD-3-ERR_AIB_FINT EM-2167 %ROUTING-IPV4_MFWD-3-ERR_AIB_MAP EM-2167 %ROUTING-IPV4_MFWD-3-ERR_AIB_ZERO_ALL EM-2167 %ROUTING-IPV4_MFWD-3-ERR_DEBUG_INIT_EVENT E M-2167 %ROUTING-IPV4_MFWD-3-ERR_DEBUG_REG EM-2168 %ROUTING-IPV4_MFWD-3-ERR_EVM_ASYNC_ATTACH EM-2168 %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_CREATE E M-2168 %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_NOTIFY E M-2168 %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_OPEN EM-2 168 %ROUTING-IPV4_MFWD-3-ERR_EVM_CONN_SETRETRY EM-2169 %ROUTING-IPV4_MFWD-3-ERR_EVM_CREATE EM-2169 %ROUTING-IPV4_MFWD-3-ERR_EVM_INIT_EVENT EM-2 169Index EM-2717 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-IPV4_MFWD-3-ERR_EVM_TIMER_ATTACH E M-2169 %ROUTING-IPV4_MFWD-3-ERR_EVM_TIMER_LEAF_NEW EM-2169 %ROUTING-IPV4_MFWD-3-ERR_IDB_INIT EM-2170 %ROUTING-IPV4_MFWD-3-ERR_IFH EM-2170 %ROUTING-IPV4_MFWD-3-ERR_IFH_BIND EM-2170 %ROUTING-IPV4_MFWD-3-ERR_IFH_INIT EM-2170 %ROUTING-IPV4_MFWD-3-ERR_IFH_UNBIND EM-2170 %ROUTING-IPV4_MFWD-3-ERR_IM_CNTL_SVR_BIND E M-2171 %ROUTING-IPV4_MFWD-3-ERR_IMC_CAPS_DATAPATH_C ONTROL EM-2171 %ROUTING-IPV4_MFWD-3-ERR_MEM_ALLOC EM-2171 %ROUTING-IPV4_MFWD-3-ERR_MEM_ALLOC_ARM_IDB EM-2171 %ROUTING-IPV4_MFWD-3-ERR_MLIB_INIT EM-2171 %ROUTING-IPV4_MFWD-3-ERR_MRIB_INIT EM-2172 %ROUTING-IPV4_MFWD-3-ERR_NSF_INIT EM-2172 %ROUTING-IPV4_MFWD-3-ERR_PAK_CLIENT_CONN EM -2172 %ROUTING-IPV4_MFWD-3-ERR_SHMWIN EM-2172 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BAG_DECODE E M-2172 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BAG_FREE_INDIR ECTIONS EM-2173 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BAG_REG EM-21 73 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_BSCAN EM-2173 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_DATALIST_FREE EM-2173 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_DATALIST_NEXT EM-2173 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_EDM_FNS_INIT EM-2174 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_EDM_REG EM-2 174 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_REG_NOTIFY E M-2174 %ROUTING-IPV4_MFWD-3-ERR_SYSDB_REG_VERIFY E M-2174 %ROUTING-IPV4_MFWD-3-EXIT EM-2174 %ROUTING-IPV4_MFWD-3-GEN_ERR EM-2175 %ROUTING-IPV4_MFWD-3-GROUP_ERR EM-2175 %ROUTING-IPV4_MFWD-3-HA EM-2175 %ROUTING-IPV4_MFWD-3-IARM_ERR EM-2175 %ROUTING-IPV4_MFWD-3-IDB_FAIL EM-2175 %ROUTING-IPV4_MFWD-3-IM_LOOKUP_FAILED EM-2176 %ROUTING-IPV4_MFWD-3-INSTALL EM-2176 %ROUTING-IPV4_MFWD-3-LRD_ERR EM-2176 %ROUTING-IPV4_MFWD-3-MAX_CONN_RETRY EM-2176 %ROUTING-IPV4_MFWD-3-MAX_DISABLE_RETRY EM-21 76 %ROUTING-IPV4_MFWD-3-MAX_ENABLE_RETRY EM-21 77 %ROUTING-IPV4_MFWD-3-TABLE_OPERATION_FAIL E M-2177 %ROUTING-IPV4_MFWD-3-TABLE_OPERATION_FAIL_GLA CIAL EM-2177 %ROUTING-IPV4_MFWD-3-TRANSACTION_PENDING_FLA G EM-2177 %ROUTING-IPV4_MFWD-3-TTL_CFG_FAIL EM-2177 %ROUTING-IPV4_MFWD-4-ADJ_CREATE_RETRY EM-217 8 %ROUTING-IPV4_MFWD-4-CLEAN_ALL_FAIL EM-2178 %ROUTING-IPV4_MFWD-4-ERR_AIB_UPDATE EM-2178 %ROUTING-IPV4_MFWD-4-ERR_LTRACE_INIT EM-2178 %ROUTING-IPV4_MFWD-4-ERR_MRIB_INIT_RETRY EM-2 178 %ROUTING-IPV4_MFWD-4-ERR_MRIB_SEND_RESPONSE_ RETRY EM-2179 %ROUTING-IPV4_MFWD-4-ERR_RETRY_INIT EM-2179 %ROUTING-IPV4_MFWD-4-ERR_RETRY_TRANS_INIT EM -2179 %ROUTING-IPV4_MFWD-4-ERR_RETRY_TRANS_REG EM -2179 %ROUTING-IPV4_MFWD-4-ERR_RETRY_TRANS_SPEC_INI T EM-2179 %ROUTING-IPV4_MFWD-4-FROM_MRIB_UPDATE EM-218 0 %ROUTING-IPV4_MFWD-4-FROM_MRIB_UPDATE_GLACIA L EM-2180 %ROUTING-IPV4_MFWD-4-SVD_ERR EM-2180 %ROUTING-IPV4_MFWD-4-TERMINATE EM-2180 %ROUTING-IPV4_MFWD-4-TO_MRIB_MDT_UPDATE EM- 2180 %ROUTING-IPV4_MFWD-4-TO_MRIB_UPDATE EM-2181 %ROUTING-IPV4_MFWD-5-CLEAN_ALL EM-2181 %ROUTING-IPV4_MFWD-5-ERR_SHMWIN_MUTEX EM-21 81 %ROUTING-IPV4_MFWD-5-IP_ADDR_RETRY EM-2181 %ROUTING-IPV4_MFWD-5-MCAST_DISABLED EM-2181 %ROUTING-IPV4_MFWD-5-MFIB_RESET EM-2182 %ROUTING-IPV4_MFWD-5-MRIB_UPDATE_RETRY EM-21 82 %ROUTING-IPV4_MFWD-5-PER_PREFIX EM-2182 %ROUTING-IPV4_MFWD-5-PER_PREFIX_GLACIAL EM-21 82 %ROUTING-IPV4_MFWD-5-ROUTE_UPDATE_FAIL EM-21 82 %ROUTING-IPV4_MFWD-5-TABLE_PER_PREFIX EM-2183 %ROUTING-IPV4_MFWD-5-TABLE_PER_PREFIX_GLACIAL EM-2183 %ROUTING-IPV4_MFWD-5-TABLE_ROUTE_RATE EM-218 3 %ROUTING-IPV4_MFWD-5-TABLE_ROUTE_RATE_GLACIA L EM-2183 %ROUTING-IPV4_MFWD-5-UPGRADE_AFFECT_TRAFFIC EM-2183 %ROUTING-IPV4_MLIB_DEBUG-3-ERR EM-2184 %ROUTING-IPV4_MLIB_DEBUG-3-INIT_ERR EM-2184 %ROUTING-IPV4_MLIB_DEBUG-6-TERM_ERR EM-2184 %ROUTING-IPV4_MLIB-3-DATAPATH_CONTROL EM-218 4 %ROUTING-IPV4_MLIB-3-DELETE_FAIL EM-2185 %ROUTING-IPV4_MLIB-3-EVENT_CONN_MGR EM-2185Index EM-2718 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-IPV4_MLIB-3-EVENT_MGR EM-2185 %ROUTING-IPV4_MLIB-3-SHMWIN_ERR EM-2185 %ROUTING-IPV4_MLIB-3-STATE_ERR EM-2185 %ROUTING-IPV4_MLIB-5-PER_PREFIX EM-2186 %ROUTING-IPV4_MLIB-5-PER_PREFIX_GLACIAL EM-218 6 %ROUTING-IPV4_MLIB-5-SVD EM-2186 %ROUTING-IPV4_MLIB-5-TABLE_PER_PREFIX EM-2186 %ROUTING-IPV4_PIM-3-ACL_APPLY_ERR EM-2186 %ROUTING-IPV4_PIM-3-ACL_GETLIST_ERR EM-2187 %ROUTING-IPV4_PIM-3-ACTIVE_GRANGE_ERR EM-2187 %ROUTING-IPV4_PIM-3-BGP_ENS_ERROR EM-2187 %ROUTING-IPV4_PIM-3-CONTEXT_CREATE EM-2187 %ROUTING-IPV4_PIM-3-CONTEXT_INIT EM-2187 %ROUTING-IPV4_PIM-3-CONTEXT_REGISTRATION EM-2 188 %ROUTING-IPV4_PIM-3-ERR_CHKPT_REGISTER EM-2188 %ROUTING-IPV4_PIM-3-ERR_CHUNK_CREATE EM-2188 %ROUTING-IPV4_PIM-3-ERR_DEBUG_REGISTER EM-2188 %ROUTING-IPV4_PIM-3-ERR_EVM_ASYNC_ATTACH EM -2188 %ROUTING-IPV4_PIM-3-ERR_EVM_ASYNC_SEND EM-218 9 %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_CREATE EM-2 189 %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_EVM_HANDLER EM-2189 %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_NOTIFY EM-21 89 %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_OPEN EM-2189 %ROUTING-IPV4_PIM-3-ERR_EVM_CONN_SETRETRY E M-2190 %ROUTING-IPV4_PIM-3-ERR_EVM_EVENT_INIT EM-2190 %ROUTING-IPV4_PIM-3-ERR_EVM_MESSAGE_ATTACH EM-2190 %ROUTING-IPV4_PIM-3-ERR_IM_BATCH_STATE EM-2190 %ROUTING-IPV4_PIM-3-ERR_IM_BULK EM-2190 %ROUTING-IPV4_PIM-3-ERR_IM_CAPS_ADD EM-2191 %ROUTING-IPV4_PIM-3-ERR_IM_CAPS_DATAPATH_CONT ROL EM-2191 %ROUTING-IPV4_PIM-3-ERR_IM_INTERFACE_CREATE E M-2191 %ROUTING-IPV4_PIM-3-ERR_IM_INTERFACE_DELETE E M-2191 %ROUTING-IPV4_PIM-3-ERR_INIT EM-2191 %ROUTING-IPV4_PIM-3-ERR_LIST EM-2192 %ROUTING-IPV4_PIM-3-ERR_LTRACE_INIT EM-2192 %ROUTING-IPV4_PIM-3-ERR_MAX_PATH EM-2192 %ROUTING-IPV4_PIM-3-ERR_MEM_ALLOC EM-2192 %ROUTING-IPV4_PIM-3-ERR_MGD_TIMER_GET_ROOT E M-2192 %ROUTING-IPV4_PIM-3-ERR_MGD_TIMER_NEW EM-2193 %ROUTING-IPV4_PIM-3-ERR_MRIB_BIND EM-2193 %ROUTING-IPV4_PIM-3-ERR_MRIB_CONN EM-2193 %ROUTING-IPV4_PIM-3-ERR_MRIB_UNBIND EM-2193 %ROUTING-IPV4_PIM-3-ERR_NSF_INIT EM-2193 %ROUTING-IPV4_PIM-3-ERR_PAK_CLIENT_CONN EM-21 94 %ROUTING-IPV4_PIM-3-ERR_SYSDB_BAG_DECODE EM- 2194 %ROUTING-IPV4_PIM-3-ERR_SYSDB_BAG_FREE_INDIREC TIONS EM-2194 %ROUTING-IPV4_PIM-3-ERR_SYSDB_DATALIST_FREE E M-2194 %ROUTING-IPV4_PIM-3-ERR_SYSDB_DATALIST_NEXT E M-2194 %ROUTING-IPV4_PIM-3-ERR_SYSMGR_READY EM-2195 %ROUTING-IPV4_PIM-3-ERR_SYSMGR_REGISTER EM-21 95 %ROUTING-IPV4_PIM-3-ERR_WDSYSMON_EVENT EM-21 95 %ROUTING-IPV4_PIM-3-ERR_WDSYSMON_REGISTER E M-2195 %ROUTING-IPV4_PIM-3-GEN_ERR EM-2195 %ROUTING-IPV4_PIM-3-IDB_HANDLE_MISMATCH_ERR EM-2196 %ROUTING-IPV4_PIM-3-IDB_INIT EM-2196 %ROUTING-IPV4_PIM-3-IDB_VRF_BIND EM-2196 %ROUTING-IPV4_PIM-3-INTF_FWD_REF_ERR EM-2196 %ROUTING-IPV4_PIM-3-INVALID_MHOST_DEFAULT EM -2196 %ROUTING-IPV4_PIM-3-MDR_INIT EM-2197 %ROUTING-IPV4_PIM-3-MULTICAST_IGP_MTR EM-2197 %ROUTING-IPV4_PIM-3-MULTICAST_INTACT EM-2197 %ROUTING-IPV4_PIM-3-NET_ERR EM-2197 %ROUTING-IPV4_PIM-3-OOR_COUNTER_ERR EM-2197 %ROUTING-IPV4_PIM-3-PROTOCOL_ERR EM-2198 %ROUTING-IPV4_PIM-3-RP_INIT EM-2198 %ROUTING-IPV4_PIM-3-SRC_UPDATE_ERR EM-2198 %ROUTING-IPV4_PIM-4-CFG_WARNING EM-2198 %ROUTING-IPV4_PIM-4-ITAL_CREATE_WARN EM-2198 %ROUTING-IPV4_PIM-4-MIB_GROUP_TREE_ERR EM-2199 %ROUTING-IPV4_PIM-4-MYADDR_DB_ERR EM-2199 %ROUTING-IPV4_PIM-4-OOM_STATE_THROTTLE EM-219 9 %ROUTING-IPV4_PIM-4-OOM_STATE_UNTHROTTLE EM- 2199 %ROUTING-IPV4_PIM-4-OOR_REGISTER_OK EM-2199 %ROUTING-IPV4_PIM-4-OOR_REGISTER_THRESHOLD_WA RN EM-2200 %ROUTING-IPV4_PIM-4-OOR_REGISTER_WARN EM-2200 %ROUTING-IPV4_PIM-4-OOR_ROUTES_OK EM-2200 %ROUTING-IPV4_PIM-4-OOR_ROUTES_THRESHOLD_WAR N EM-2200 %ROUTING-IPV4_PIM-4-OOR_ROUTES_WARN EM-2201 %ROUTING-IPV4_PIM-4-RANGE_INIT EM-2201 %ROUTING-IPV4_PIM-5-INTCHG EM-2201 %ROUTING-IPV4_PIM-5-INVALID_JP EM-2201 %ROUTING-IPV4_PIM-5-INVALID_REGISTER EM-2201 %ROUTING-IPV4_PIM-5-NBRCHG EM-2202 %ROUTING-IPV4_PIM-5-RP_MAPPING_CHG EM-2202 %ROUTING-IPV4MC_STATIC-7-ERR_CERR_V EM-2202 %ROUTING-IPV4MC_STATIC-7-ERR_CERR_V EM-2202 %ROUTING-IPV4MC_STATIC-7-ERR_DEBUG_INIT EM-220 2 %ROUTING-IPV4MC_STATIC-7-ERR_DEBUG_INIT EM-220Index EM-2719 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 3 %ROUTING-IPV4MC_STATIC-7-ERR_EVENT_INIT EM-220 3 %ROUTING-IPV4MC_STATIC-7-ERR_EVENT_INIT EM-220 3 %ROUTING-IPV4MC_STATIC-7-ERR_EVM_CREATE EM-2 203 %ROUTING-IPV4MC_STATIC-7-ERR_EVM_CREATE EM-2 203 %ROUTING-IPV4MC_STATIC-7-ERR_IDB_INIT EM-2204 %ROUTING-IPV4MC_STATIC-7-ERR_IDB_INIT EM-2204 %ROUTING-IPV4MC_STATIC-7-ERR_INTF EM-2204 %ROUTING-IPV4MC_STATIC-7-ERR_INTF EM-2204 %ROUTING-IPV4MC_STATIC-7-ERR_MRIB EM-2204 %ROUTING-IPV4MC_STATIC-7-ERR_MRIB EM-2205 %ROUTING-IPV4MC_STATIC-7-ERR_ROUTE EM-2205 %ROUTING-IPV4MC_STATIC-7-ERR_ROUTE EM-2205 %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_ASYNC_CODE EM-2205 %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_ASYNC_CODE EM-2205 %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_CREATE_LEA F EM-2206 %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_CREATE_LEA F EM-2206 %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_INIT EM-220 6 %ROUTING-IPV4MC_STATIC-7-ERR_TIMER_INIT EM-220 6 %ROUTING-IPV4MC_STATIC-7-ERR_TOPOLOGY_INIT E M-2206 %ROUTING-IPV4MC_STATIC-7-ERR_TOPOLOGY_INIT E M-2207 %ROUTING-IPV6_FIB-2-RIBREJECT EM-2207 %ROUTING-IPV6_FIB-7-PFIFAIL EM-2207 %ROUTING-ISIS_IP_ORA-3-INSTBUILD EM-2207 %ROUTING-ISIS-3-BFD_SESSION_CREATE_FAIL EM-2208 %ROUTING-ISIS-3-DBG_INIT_FAILED EM-2208 %ROUTING-ISIS-3-ERR_ATOMIC_RING_OP EM-2208 %ROUTING-ISIS-3-ERR_BAD_SOCKET_ADDR_LENGTH E M-2209 %ROUTING-ISIS-3-ERR_BAG_ENCODE EM-2209 %ROUTING-ISIS-3-ERR_BAG_REGISTER EM-2209 %ROUTING-ISIS-3-ERR_CLOCKTIME EM-2209 %ROUTING-ISIS-3-ERR_CONFIG_TO_TE EM-2210 %ROUTING-ISIS-3-ERR_DLIST_ADD EM-2210 %ROUTING-ISIS-3-ERR_DLIST_CREATE EM-2210 %ROUTING-ISIS-3-ERR_DLIST_SET_MORE_FLAG EM-221 0 %ROUTING-ISIS-3-ERR_EDM_FNS_INIT EM-2211 %ROUTING-ISIS-3-ERR_EDM_REGISTER EM-2211 %ROUTING-ISIS-3-ERR_GET_JOB_ID EM-2211 %ROUTING-ISIS-3-ERR_GET_NODE_STATE EM-2211 %ROUTING-ISIS-3-ERR_GET_TUPLE EM-2212 %ROUTING-ISIS-3-ERR_IFINDEX EM-2212 %ROUTING-ISIS-3-ERR_LIST_ADD EM-2212 %ROUTING-ISIS-3-ERR_LIST_CREATE EM-2212 %ROUTING-ISIS-3-ERR_LOCKING_FAIL EM-2213 %ROUTING-ISIS-3-ERR_LTRACE_BUFFER EM-2213 %ROUTING-ISIS-3-ERR_MEMPOOL_CREATE EM-2213 %ROUTING-ISIS-3-ERR_NODE_STATE_CHANGE EM-2213 %ROUTING-ISIS-3-ERR_PAK_CLIENT_ACCESS EM-2214 %ROUTING-ISIS-3-ERR_PAK_CLIENT_CONN EM-2214 %ROUTING-ISIS-3-ERR_PAK_CLIENT_GET_BUFFER EM-2 214 %ROUTING-ISIS-3-ERR_PROC_AVAILABLE EM-2214 %ROUTING-ISIS-3-ERR_PROC_READY EM-2215 %ROUTING-ISIS-3-ERR_RECV_BAD_TE_MSG EM-2215 %ROUTING-ISIS-3-ERR_RECV_PAK EM-2215 %ROUTING-ISIS-3-ERR_RIB_BATCH_BUFFER EM-2215 %ROUTING-ISIS-3-ERR_RIB_PATH EM-2216 %ROUTING-ISIS-3-ERR_SEND_PAK EM-2216 %ROUTING-ISIS-3-ERR_SYSDB_ACCESS EM-2216 %ROUTING-ISIS-3-ERR_SYSDB_APPLY_BATCH EM-2216 %ROUTING-ISIS-3-ERR_SYSDB_CONNECT EM-2217 %ROUTING-ISIS-3-ERR_SYSDB_DATALIST EM-2217 %ROUTING-ISIS-3-ERR_SYSDB_REG_NOTIFY EM-2217 %ROUTING-ISIS-3-ERR_SYSDB_REG_VERIFY EM-2217 %ROUTING-ISIS-3-ERR_SYSDB_STRING_CODING EM-221 8 %ROUTING-ISIS-3-ERR_TAG_NAME EM-2218 %ROUTING-ISIS-3-ERR_THREAD_CREATE EM-2218 %ROUTING-ISIS-3-ERR_THREAD_KEY_CREATE EM-2218 %ROUTING-ISIS-3-ERR_THREAD_ONCE EM-2219 %ROUTING-ISIS-3-ERR_THREAD_SET_SPECIFIC EM-2219 %ROUTING-ISIS-3-ERR_VRFN_FNS_INIT EM-2219 %ROUTING-ISIS-3-EVENT_CONN_CREATE_FAIL EM-2219 %ROUTING-ISIS-3-EVQ_DEQUEUE_FAIL EM-2220 %ROUTING-ISIS-3-EVQ_ENQUEUE_FAIL EM-2220 %ROUTING-ISIS-3-EVQ_SIZE_FAIL EM-2220 %ROUTING-ISIS-3-IM_CB_REG_FAIL EM-2220 %ROUTING-ISIS-3-IM_CONN_TO_COID_FAIL EM-2221 %ROUTING-ISIS-3-INTF_SET_ADD_FAIL EM-2221 %ROUTING-ISIS-3-IPV6_LAS EM-2221 %ROUTING-ISIS-3-PDU_INSUFFICIENT_SPACE EM-2221 %ROUTING-ISIS-3-RSI_C_API_FAIL EM-2221 %ROUTING-ISIS-3-RSI_C_LIB_INIT EM-2222 %ROUTING-ISIS-3-TIMESTAMP EM-2222 %ROUTING-ISIS-3-TRIGGER EM-2222 %ROUTING-ISIS-4-AREALOST EM-2222 %ROUTING-ISIS-4-BFD_BIND_FAIL EM-2222 %ROUTING-ISIS-4-BFD_CREATE_FAIL EM-2223 %ROUTING-ISIS-4-BFD_DELETE_FAIL EM-2223 %ROUTING-ISIS-4-BFD_DELETE_UNCONFIG_FAIL EM-22 23 %ROUTING-ISIS-4-BFD_SESSION_NOT_FOUND EM-2223 %ROUTING-ISIS-4-CERR_REG_FAIL EM-2224 %ROUTING-ISIS-4-DBG_REGISTER_FAILED EM-2224 %ROUTING-ISIS-4-DUPLICATE_MT_CAPABILITY EM-222 4 %ROUTING-ISIS-4-DUPSYSTEM EM-2224 %ROUTING-ISIS-4-ERR_ACL EM-2225 %ROUTING-ISIS-4-ERR_ADVMASK EM-2225 %ROUTING-ISIS-4-ERR_BAD_CIRC_TYPE EM-2225 %ROUTING-ISIS-4-ERR_BAD_HDR_LENGTH EM-2225 %ROUTING-ISIS-4-ERR_BAD_ID_LENGTH EM-2226Index EM-2720 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-ISIS-4-ERR_BAD_MAX_AREA_ADDR EM-222 6 %ROUTING-ISIS-4-ERR_BAD_PAK_LENGTH EM-2226 %ROUTING-ISIS-4-ERR_BAD_PDU_FORMAT EM-2226 %ROUTING-ISIS-4-ERR_BAD_PDU_LENGTH EM-2227 %ROUTING-ISIS-4-ERR_BAD_PDU_VERSION EM-2227 %ROUTING-ISIS-4-ERR_BAD_VERSION EM-2227 %ROUTING-ISIS-4-ERR_BGP_CONVERGE EM-2227 %ROUTING-ISIS-4-ERR_BGP_UNREG_NOTIFY EM-2228 %ROUTING-ISIS-4-ERR_EVM_ATT_FAIL EM-2228 %ROUTING-ISIS-4-ERR_EVM_CBACK_ATT_FAIL EM-2228 %ROUTING-ISIS-4-ERR_EVM_CRE_FAIL EM-2228 %ROUTING-ISIS-4-ERR_EVM_SEND_FAIL EM-2229 %ROUTING-ISIS-4-ERR_GET_RESPAWN_COUNT EM-2229 %ROUTING-ISIS-4-ERR_IPFRR_CONFIG_INCONSISTENT EM-2229 %ROUTING-ISIS-4-ERR_LSP_DB_CORRUPT EM-2229 %ROUTING-ISIS-4-ERR_LSP_INPUT_Q_OVERFLOW EM-2 229 %ROUTING-ISIS-4-ERR_MEMPOOL_NOMEM EM-2230 %ROUTING-ISIS-4-ERR_MIN_PDU_LENGTH EM-2230 %ROUTING-ISIS-4-ERR_MIN_PKT_LENGTH EM-2230 %ROUTING-ISIS-4-ERR_MSG_CHAN_GLOBAL EM-2230 %ROUTING-ISIS-4-ERR_MSG_GET_SCOID EM-2231 %ROUTING-ISIS-4-ERR_MSG_REPLY EM-2231 %ROUTING-ISIS-4-ERR_PCL EM-2231 %ROUTING-ISIS-4-ERR_REG_SHUTDOWN_NOTIFY EM-2 231 %ROUTING-ISIS-4-ERR_RIB EM-2231 %ROUTING-ISIS-4-ERR_RIB_BATCH_SEND EM-2232 %ROUTING-ISIS-4-ERR_RIB_CONN_SETRETRY EM-2232 %ROUTING-ISIS-4-ERR_RIB_LIB EM-2232 %ROUTING-ISIS-4-ERR_RIB_PATH_NOMEM EM-2232 %ROUTING-ISIS-4-ERR_SHOW_PROTO_REG EM-2233 %ROUTING-ISIS-4-ERR_SYSDB_DISCONNECT EM-2233 %ROUTING-ISIS-4-ERR_SYSDB_UNREG_NOTIFY EM-2233 %ROUTING-ISIS-4-ERR_THREAD_DESTROY EM-2233 %ROUTING-ISIS-4-ERR_THREAD_SET_NAME EM-2234 %ROUTING-ISIS-4-ERR_WDSYSMON_MEM_STATE EM-22 34 %ROUTING-ISIS-4-EVENT_BOOL_FAIL EM-2234 %ROUTING-ISIS-4-EVENT_CONN_ERROR_FAIL EM-2234 %ROUTING-ISIS-4-EVENT_CONN_EVM_HANDLER_FAIL EM-2235 %ROUTING-ISIS-4-EVENT_CONN_GET_FD_FAIL EM-2235 %ROUTING-ISIS-4-EVENT_CONN_NOTIFY_FAIL EM-2235 %ROUTING-ISIS-4-EVENT_CONN_OPEN_FAIL EM-2235 %ROUTING-ISIS-4-EVQ_CRE_FAIL EM-2236 %ROUTING-ISIS-4-EXTRA_AREA_ADDRESSES EM-2236 %ROUTING-ISIS-4-IDB_CHKPT_CLEANUP EM-2236 %ROUTING-ISIS-4-IIH_TOO_MANY_IF_ADDRESSES EM-2 236 %ROUTING-ISIS-4-IM_ATTR_INIT EM-2237 %ROUTING-ISIS-4-IM_CAPS_UNKNOWN EM-2237 %ROUTING-ISIS-4-IM_CB_NAME_TRUNC EM-2237 %ROUTING-ISIS-4-INTF_ADDR_CHG_REG EM-2237 %ROUTING-ISIS-4-INTF_ATTR_FAIL EM-2238 %ROUTING-ISIS-4-INTF_CKTNUM_ALLOC_FAIL EM-2238 %ROUTING-ISIS-4-INTF_CLNS_CLIENT_INIT EM-2238 %ROUTING-ISIS-4-INTF_CLNS_MAC_ADDR_NOTIFY EM- 2238 %ROUTING-ISIS-4-INTF_CLNS_NOTIFY EM-2239 %ROUTING-ISIS-4-INTF_CLNS_REMOVE_CAP EM-2239 %ROUTING-ISIS-4-INTF_CONFIG_ERROR EM-2239 %ROUTING-ISIS-4-INTF_FIND_FAIL EM-2239 %ROUTING-ISIS-4-INTF_FWS_INIT EM-2240 %ROUTING-ISIS-4-INTF_IM_REG_FAIL EM-2240 %ROUTING-ISIS-4-INTF_INACTIVE_AF EM-2240 %ROUTING-ISIS-4-INTF_IP_ARM_BATCH_UPDATE_FAIL EM-2240 %ROUTING-ISIS-4-INTF_LAS_FAIL EM-2241 %ROUTING-ISIS-4-INTF_MAC_SIZE_ERR EM-2241 %ROUTING-ISIS-4-INTF_MCAST_JOIN_FAIL EM-2241 %ROUTING-ISIS-4-INTF_MCAST_SIZE_ERR EM-2241 %ROUTING-ISIS-4-INTF_MTU_REDUCED EM-2242 %ROUTING-ISIS-4-INTF_MTU_TOO_SMALL EM-2242 %ROUTING-ISIS-4-INTF_NAME_FAIL EM-2242 %ROUTING-ISIS-4-INTF_NSF_MEDIA_MISMATCH EM-224 2 %ROUTING-ISIS-4-INTF_STORE_FAIL EM-2243 %ROUTING-ISIS-4-INTF_UNKNOWN_MEDIA EM-2243 %ROUTING-ISIS-4-INVALID_LSP_LIFETIME EM-2243 %ROUTING-ISIS-4-IP_ARM_ADDR_INFO_FAIL EM-2243 %ROUTING-ISIS-4-ITEMSIZE EM-2244 %ROUTING-ISIS-4-KEY_DEACTIVATE_FAIL EM-2244 %ROUTING-ISIS-4-LINK_TO_SELF EM-2244 %ROUTING-ISIS-4-LSPCKSUM EM-2244 %ROUTING-ISIS-4-LSPFULL EM-2245 %ROUTING-ISIS-4-LSPTOOBIG EM-2245 %ROUTING-ISIS-4-MARTIAN EM-2245 %ROUTING-ISIS-4-MAX_REDIST_PREFIXES EM-2245 %ROUTING-ISIS-4-MEM_ALLOC_FAIL EM-2246 %ROUTING-ISIS-4-MGD_TIMER_FAIL EM-2246 %ROUTING-ISIS-4-NSF_CHKPT_ACCESS_FAIL EM-2246 %ROUTING-ISIS-4-NSF_CHKPT_INIT EM-2246 %ROUTING-ISIS-4-NSF_CHKPT_TABLE_FAIL EM-2247 %ROUTING-ISIS-4-NSF_CREATE_FAIL EM-2247 %ROUTING-ISIS-4-NSF_TE_TUNNEL_RESTORE_FAIL EM -2247 %ROUTING-ISIS-4-OSI_SOKT_FAIL EM-2247 %ROUTING-ISIS-4-P2P_CONFIG_MISMATCH EM-2248 %ROUTING-ISIS-4-REDIST_FAIL EM-2248 %ROUTING-ISIS-4-RSI_C_REGISTRATION_FAIL EM-2248 %ROUTING-ISIS-4-SEQNUM_WRAP EM-2248 %ROUTING-ISIS-4-SETSOCKOPT_FAIL EM-2249 %ROUTING-ISIS-4-SHOW_NOMEM EM-2249 %ROUTING-ISIS-4-SHUTDOWN EM-2249 %ROUTING-ISIS-4-SNPTOOBIG EM-2249 %ROUTING-ISIS-4-THREAD_SPURIOUS_PULSE EM-2250 %ROUTING-ISIS-4-TIMESTAMP_FAIL EM-2250 %ROUTING-ISIS-4-UNKNOWN_ADDRESS_FAMILY EM-22 50 %ROUTING-ISIS-4-WD_METRIC_NOT_CONF EM-2250 %ROUTING-ISIS-4-ZERO_COST_LINK EM-2251 %ROUTING-ISIS-4-ZEROHOLDTIME EM-2251 %ROUTING-ISIS-5-ADJCHANGE EM-2251Index EM-2721 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-ISIS-5-AUTH_COMPUTE_FAILED EM-2251 %ROUTING-ISIS-5-AUTH_FAILURE_DROP EM-2251 %ROUTING-ISIS-5-AUTH_VERIFY_FAILED EM-2252 %ROUTING-ISIS-6-ADJNSF EM-2252 %ROUTING-ISIS-6-ATOMIC_RING_FULL EM-2252 %ROUTING-ISIS-6-DBG_UNKNOWN_TRACEPOINT_NAME EM-2252 %ROUTING-ISIS-6-ERR_DUPID EM-2252 %ROUTING-ISIS-6-EVENT_CONN_DESTROY_FAIL EM-22 53 %ROUTING-ISIS-6-EVENT_ERR EM-2253 %ROUTING-ISIS-6-EVQ_DESTROY_FAIL EM-2253 %ROUTING-ISIS-6-FAIL_ADJADD EM-2253 %ROUTING-ISIS-6-IIH_IF_ADDRESS EM-2254 %ROUTING-ISIS-6-INFO_STARTUP_ABORTED EM-2254 %ROUTING-ISIS-6-INFO_STARTUP_FINISH EM-2254 %ROUTING-ISIS-6-INFO_STARTUP_FORCED_COLD EM-2 254 %ROUTING-ISIS-6-INFO_STARTUP_START EM-2254 %ROUTING-ISIS-6-INTF_MAC_ADDR_CHG_INVALID EM- 2255 %ROUTING-ISIS-6-NO_INPUTBUF EM-2255 %ROUTING-ISIS-7-ERR_CREATEMQ EM-2255 %ROUTING-ISIS-7-ERR_MSG EM-2255 %ROUTING-ISIS-7-ERR_MSGLEN EM-2255 %ROUTING-ISIS-7-ERR_RCV_PAKTYPE EM-2256 %ROUTING-ISIS-7-ERR_RECV_TE_MSG EM-2256 %ROUTING-ISIS-7-ERR_SEND_TE_MSG EM-2256 %ROUTING-ISIS-7-STALE_PNODE_PURGE EM-2256 %ROUTING-LDP-3-ERR_BACKEND EM-2257 %ROUTING-LDP-3-ERR_GENERAL EM-2257 %ROUTING-LDP-3-ERR_INIT_SYNC_MISSING_SOCK EM- 2257 %ROUTING-LDP-3-ERR_LSD_INTF EM-2257 %ROUTING-LDP-3-ERR_LSD_REG EM-2257 %ROUTING-LDP-3-ERR_TCP_ENQUEUE_MSG_INVALID_T X_CTX EM-2258 %ROUTING-LDP-3-ERR_TCP_ENQUEUE_MSG_NOT_ACTIV E EM-2258 %ROUTING-LDP-3-INCONSISTENCY EM-2258 %ROUTING-LDP-3-LOST_NSR_IPC_MSG EM-2258 %ROUTING-LDP-3-NSR_ACK_CHK_FAILED EM-2258 %ROUTING-LDP-3-NSR_IPC_TRANSPORT_FAILURE EM-2 259 %ROUTING-LDP-3-NSR_PEER_SYNC_RX_ERR EM-2259 %ROUTING-LDP-4-BAD_PDU_LENGTH EM-2259 %ROUTING-LDP-4-BAD_TLV EM-2259 %ROUTING-LDP-4-DEPRECATED_RTRID EM-2259 %ROUTING-LDP-4-DISCOVERY_SLIP EM-2260 %ROUTING-LDP-4-DUP_ADDR_RCVD EM-2260 %ROUTING-LDP-4-TX_KEEPALIVE_SLIP EM-2260 %ROUTING-LDP-5-GR EM-2260 %ROUTING-LDP-5-GR_RESTART_COMPLETE EM-2261 %ROUTING-LDP-5-NBR_CHANGE EM-2261 %ROUTING-LDP-5-NSR_SYNC_DONE EM-2261 %ROUTING-LDP-5-NSR_SYNC_LOST EM-2261 %ROUTING-LDP-5-NSR_SYNC_PEER_DONE EM-2261 %ROUTING-LDP-5-NSR_SYNC_PEER_LOST EM-2262 %ROUTING-LDP-5-NSR_SYNC_START EM-2262 %ROUTING-LDP-5-SESSION_PROTECTION EM-2262 %ROUTING-LDP-5-SHUTDOWN EM-2262 %ROUTING-LDP-6-ISYNC_CHKPT_LIMIT EM-2262 %ROUTING-LDP-7-ERR_INIT EM-2263 %ROUTING-LDP-7-ERR_INIT_FATAL EM-2263 %ROUTING-LMRIB_API-3-ASYNC_ERR EM-2263 %ROUTING-LMRIB_API-3-CORRPT EM-2263 %ROUTING-LMRIB_API-3-GEN_ERR EM-2263 %ROUTING-LMRIB_API-3-GENINITFAIL EM-2264 %ROUTING-LMRIB_API-3-RPC_FAIL EM-2264 %ROUTING-LMRIB_API-7-ASYNC_WAR EM-2264 %ROUTING-LSPV-3-BAG_REG_ERR EM-2264 %ROUTING-LSPV-3-SYSDB_BIND_ERR EM-2264 %ROUTING-LSPV-3-SYSDB_ERR EM-2265 %ROUTING-LSPV-4-show_timeout EM-2265 %ROUTING-LSPV-7-ERR_EVENT EM-2265 %ROUTING-LSPV-7-ERR_GENERAL EM-2265 %ROUTING-LSPV-7-ERR_INIT EM-2265 %ROUTING-LSPV-7-ERR_INIT_RC EM-2266 %ROUTING-LSPV-7-ERR_TIMER EM-2266 %ROUTING-MFWD_MA-3-CFG_ERR EM-2266 %ROUTING-MFWD_MA-3-ERR_DEBUG_INIT_EVENT EM- 2266 %ROUTING-MFWD_MA-3-ERR_DEBUG_REG EM-2267 %ROUTING-MFWD_MA-3-ERR_EVM_ASYNC_ATTACH E M-2267 %ROUTING-MFWD_MA-3-ERR_EVM_CONN_CREATE EM -2267 %ROUTING-MFWD_MA-3-ERR_EVM_CONN_NOTIFY EM- 2267 %ROUTING-MFWD_MA-3-ERR_EVM_CONN_OPEN EM-22 68 %ROUTING-MFWD_MA-3-ERR_EVM_CREATE EM-2268 %ROUTING-MFWD_MA-3-ERR_IMC_CONTROL_SERVER_B IND EM-2268 %ROUTING-MFWD_MA-3-ERR_LTRACE_INIT EM-2268 %ROUTING-MFWD_MA-3-ERR_MEM_ALLOC EM-2268 %ROUTING-MFWD_MA-3-ERR_MEM_FAIL EM-2269 %ROUTING-MFWD_MA-3-ERR_MEM_FAIL_1 EM-2269 %ROUTING-MFWD_MA-3-ERR_SYSDB_BAG_DECODE E M-2269 %ROUTING-MFWD_MA-3-ERR_SYSDB_BAG_FREE_INDIRE CTIONS EM-2269 %ROUTING-MFWD_MA-3-ERR_SYSDB_BAG_REG EM-226 9 %ROUTING-MFWD_MA-3-ERR_SYSDB_BIND EM-2270 %ROUTING-MFWD_MA-3-ERR_SYSDB_DATALIST_FREE EM-2270 %ROUTING-MFWD_MA-3-ERR_SYSDB_DATALIST_NEXT EM-2270 %ROUTING-MFWD_MA-3-ERR_SYSDB_EDM_FNS_INIT E M-2270 %ROUTING-MFWD_MA-3-ERR_SYSDB_EDM_REG EM-227 0 %ROUTING-MFWD_MA-3-ERR_SYSDB_REG_VERIFY EM -2271 %ROUTING-MFWD_MA-3-ERR_SYSDB_VRFN_FNS_INIT Index EM-2722 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 EM-2271 %ROUTING-MFWD_MA-3-GEN_ERR EM-2271 %ROUTING-MFWD_MA-3-GENINITFAIL EM-2271 %ROUTING-MFWD_MA-3-IDB_ERR EM-2271 %ROUTING-MFWD_MA-3-IM_UPDATE_IDB_HANDLE_MIS MATCH EM-2272 %ROUTING-MPLS_ALM-7-ERR_GENERAL EM-2272 %ROUTING-MPLS_FWD-2-NO_MEM EM-2272 %ROUTING-MPLS_FWD-3-BAG_REG_ERR EM-2272 %ROUTING-MPLS_FWD-3-ERR_GENERAL EM-2273 %ROUTING-MPLS_FWD-3-EVENT_ERR EM-2273 %ROUTING-MPLS_FWD-3-SYSDB_BIND_ERR EM-2273 %ROUTING-MPLS_FWD-3-SYSDB_ERR EM-2273 %ROUTING-MPLS_HW-2-ERROR EM-2274 %ROUTING-MPLS_HW-2-ERROR EM-2274 %ROUTING-MPLS_HW-2-ERROR_TLU_ALLOC EM-2274 %ROUTING-MPLS_HW-2-ERROR_TLU_ALLOC EM-2274 %ROUTING-MPLS_HW-2-ERROR_TLU_WRITE EM-2275 %ROUTING-MPLS_HW-2-ERROR_TLU_WRITE EM-2275 %ROUTING-MPLS_HW-2-ERROR_WITH_LABEL EM-2275 %ROUTING-MPLS_HW-2-ERROR_WITH_LABEL EM-2275 %ROUTING-MPLS_HW-6-INFO EM-2275 %ROUTING-MPLS_HW-6-INFO EM-2276 %ROUTING-MPLS_HW-6-INFO_WITH_LABEL EM-2276 %ROUTING-MPLS_HW-6-INFO_WITH_LABEL EM-2276 %ROUTING-MPLS_IMC_CLIENT-3-ERR_IMC EM-2276 %ROUTING-MPLS_IO-3-ERR_MEM_ALLOC EM-2277 %ROUTING-MPLS_IO-6-ERR_GENERAL EM-2277 %ROUTING-MPLS_IO-7-ERR_IM EM-2277 %ROUTING-MPLS_IO-7-ERR_PAK EM-2277 %ROUTING-MPLS_IO-7-ERR_TIMER EM-2278 %ROUTING-MPLS_IO-7-ERR_WAVL EM-2278 %ROUTING-MPLS_LCAC-4-SHOW_WARNING EM-2278 %ROUTING-MPLS_LCAC-7-ERR_INTERNAL EM-2278 %ROUTING-MPLS_LSD-2-ERR_MEM_ALLOC EM-2279 %ROUTING-MPLS_LSD-3-ERR_INVALID_THREAD EM-22 79 %ROUTING-MPLS_LSD-3-MULTI_IP_FPI_RW EM-2279 %ROUTING-MPLS_LSD-7-ERR_CLIENT_FAULT EM-2279 %ROUTING-MPLS_LSD-7-ERR_GENERAL EM-2279 %ROUTING-MPLS_LSD-7-ERR_INIT EM-2280 %ROUTING-MPLS_NETIO-5-CLEAR_MAPPING_FAILED E M-2280 %ROUTING-MPLS_NETIO-5-SET_MAPPING_FAILED EM-2 280 %ROUTING-MPLS_NETIO-7-BAD_ARP_DROP EM-2280 %ROUTING-MPLS_NETIO-7-ERR_GENERAL EM-2281 %ROUTING-MPLS_STATIC-4-ERR_MEM_ALLOC EM-2281 %ROUTING-MPLS_STATIC-6-ERR_CONN EM-2281 %ROUTING-MPLS_STATIC-7-ERR_INIT EM-2281 %ROUTING-MPLS_TE-3-CALLBACK_WRONG_THREAD E M-2282 %ROUTING-MPLS_TE-3-ERR_INTERNAL_CHECK EM-2282 %ROUTING-MPLS_TE-3-ERR_INTERNAL_CHECK_RC EM -2282 %ROUTING-MPLS_TE-3-ERR_MEM_ALLOC EM-2282 %ROUTING-MPLS_TE-3-ERR_SYSDB_BAG_DECODE EM- 2282 %ROUTING-MPLS_TE-3-ERR_SYSDB_DELETE EM-2283 %ROUTING-MPLS_TE-3-ERR_SYSDB_GET EM-2283 %ROUTING-MPLS_TE-3-ERR_TRACE_INIT EM-2283 %ROUTING-MPLS_TE-3-LSP_UPDOWN EM-2283 %ROUTING-MPLS_TE-4-SHOW_WARNING EM-2283 %ROUTING-MPLS_TE-4-SHUTDOWN EM-2284 %ROUTING-MPLS_TE-4-WARN EM-2284 %ROUTING-MPLS_TE-4-WARNING_FSM_EVENT_DROP E M-2284 %ROUTING-MPLS_TE-5-FRR EM-2284 %ROUTING-MPLS_TE-5-LSP_REOPT EM-2284 %ROUTING-MPLS_TE-5-LSP_REROUTE EM-2285 %ROUTING-MPLS_TE-5-LSP_REROUTE_PENDING EM-228 5 %ROUTING-MPLS_TE-5-LSP_REROUTE_PENDING_CLEAR EM-2285 %ROUTING-MPLS_TE-7-ERR_IM EM-2285 %ROUTING-MPLS_TE-7-ERR_INTERNAL EM-2285 %ROUTING-MRIB_API-3-ASYNC_ERR EM-2286 %ROUTING-MRIB_API-3-CORRPT EM-2286 %ROUTING-MRIB_API-3-GEN_ERR EM-2286 %ROUTING-MRIB_API-3-GENINITFAIL EM-2286 %ROUTING-MRIB_API-3-RPC_FAIL EM-2286 %ROUTING-MRIB_API-7-ASYNC_WAR EM-2287 %ROUTING-MRIB-2-NOMEMORY EM-2287 %ROUTING-MRIB-2-NORESOURCE EM-2287 %ROUTING-MRIB-2-RC_INIT_ERR EM-2287 %ROUTING-MRIB-3-EDM_INIT EM-2287 %ROUTING-MRIB-3-EXTRANET_ERR EM-2288 %ROUTING-MRIB-3-GEN_ERR EM-2288 %ROUTING-MRIB-3-GENCOMMERR EM-2288 %ROUTING-MRIB-3-GENINITFAIL EM-2288 %ROUTING-MRIB-3-IFCACHE_ERR EM-2288 %ROUTING-MRIB-3-INTERNALERR EM-2289 %ROUTING-MRIB-3-LRD_ERR EM-2289 %ROUTING-MRIB-3-LWM_ERR EM-2289 %ROUTING-MRIB-3-MOD_INTF_LIST EM-2289 %ROUTING-MRIB-3-NSF_ERR EM-2289 %ROUTING-MRIB-3-NSFSTATE EM-2290 %ROUTING-MRIB-3-RC_ERR EM-2290 %ROUTING-MRIB-3-REDUCEDFUNCT EM-2290 %ROUTING-MRIB-3-TLC_ERR EM-2290 %ROUTING-MRIB-3-TREE_OPER EM-2290 %ROUTING-MRIB-4-CLIENT_WRITE EM-2291 %ROUTING-MRIB-4-DEBUGERR EM-2291 %ROUTING-MRIB-4-FILTRVIOLERR EM-2291 %ROUTING-MRIB-4-GEN_WARN EM-2291 %ROUTING-MRIB-4-INCORRECTPARS EM-2292 %ROUTING-MRIB-4-NOMEMORYW EM-2292 %ROUTING-MRIB-4-STALE_HANDLE_ERR EM-2292 %ROUTING-MRIB-5-BCDL_ERR EM-2292 %ROUTING-MSDP-3-ACL_ERR EM-2292 %ROUTING-MSDP-3-BAD_STATE EM-2293 %ROUTING-MSDP-3-CACHE_ERR EM-2293 %ROUTING-MSDP-3-CONNECTION_ERR EM-2293 %ROUTING-MSDP-3-EDM_ERR EM-2293 %ROUTING-MSDP-3-EVENT_FAILED EM-2293 %ROUTING-MSDP-3-IARM_REG_ERR EM-2294Index EM-2723 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-MSDP-3-IARM_UPDATE_ERR EM-2294 %ROUTING-MSDP-3-INIT_FAILED EM-2294 %ROUTING-MSDP-3-INIT_FAILED2 EM-2294 %ROUTING-MSDP-3-INTERNAL_STATE_ERR EM-2294 %ROUTING-MSDP-3-IO_FAILED EM-2295 %ROUTING-MSDP-3-LPTS_POLICY_ERR EM-2295 %ROUTING-MSDP-3-LTRACE_INIT EM-2295 %ROUTING-MSDP-3-MRIB_ERR EM-2295 %ROUTING-MSDP-3-NOTIFY EM-2295 %ROUTING-MSDP-3-OUT_OF_MEMORY EM-2296 %ROUTING-MSDP-3-OUT_OF_RESOURCE EM-2296 %ROUTING-MSDP-3-SOCKET_ERR EM-2296 %ROUTING-MSDP-3-SYSDB_ERR EM-2296 %ROUTING-MSDP-3-WDSYSMON_EVENT_ERROR EM-22 96 %ROUTING-MSDP-3-WDSYSMON_REGISTER_ERROR EM -2297 %ROUTING-MSDP-4-BAD_MASKLEN EM-2297 %ROUTING-MSDP-4-BGP EM-2297 %ROUTING-MSDP-4-CONFIG_FAILED EM-2297 %ROUTING-MSDP-4-MRIB_WARN EM-2297 %ROUTING-MSDP-4-OOM_STATE_THROTTLE EM-2298 %ROUTING-MSDP-4-OOM_STATE_UNTHROTTLE EM-229 8 %ROUTING-MSDP-4-PEER_ERR EM-2298 %ROUTING-MSDP-4-RIB_ERR EM-2298 %ROUTING-MSDP-4-SA_MESSAGE EM-2298 %ROUTING-MSDP-4-TIMER EM-2299 %ROUTING-MSDP-5-INIT_PEER_UP_DOWN EM-2299 %ROUTING-MSDP-6-INIT_BASIC EM-2299 %ROUTING-MSDP-6-INIT_INFO EM-2299 %ROUTING-MULTIVER-3-ERR_DLL_OPEN EM-2299 %ROUTING-MULTIVER-4-DLL_SIGNATURE_MISMATCH EM-2300 %ROUTING-ORA_SHARED-4-ERR_DLL_REG EM-2300 %ROUTING-ORA-2-ERR_MEM_ALLOC EM-2300 %ROUTING-ORA-3-DUPLICATE_DOCKENTRY EM-2300 %ROUTING-ORA-3-INIT EM-2301 %ROUTING-ORA-3-MISSING_BASE_TYPE EM-2301 %ROUTING-ORA-3-MISSING_FUNCTION EM-2301 %ROUTING-ORA-3-MISSING_OPERATOR EM-2301 %ROUTING-ORA-3-THREADING EM-2302 %ROUTING-ORA-4-ERR_DLL_REG EM-2302 %ROUTING-ORA-4-MERGE_FAILED EM-2302 %ROUTING-ORA-4-MISSING_DOCK_INFO EM-2302 %ROUTING-ORA-7-DBGINIT EM-2303 %ROUTING-ORA-7-DBGSHUTDOWN EM-2303 %ROUTING-OSPF_EDM-3-DATALIST_ADD_FAILED EM-2 303 %ROUTING-OSPF_EDM-3-DATALIST_CREATE_FAILED E M-2303 %ROUTING-OSPF_EDM-3-DATALIST_SET_MORE_FLAG EM-2304 %ROUTING-OSPF_EDM-3-ENCODE_FAILED EM-2304 %ROUTING-OSPF_EDM-3-LIST_ADD_FAILED EM-2304 %ROUTING-OSPF_EDM-3-LIST_CREATE_FAILED EM-2304 %ROUTING-OSPF_EDM-3-SYSDB_BIND_FAILED EM-2305 %ROUTING-OSPF_POLICY-3-ORA_INSTBUILD EM-2305 %ROUTING-OSPF_POLICY-3-ORA_RUN EM-2305 %ROUTING-OSPF_RIB-3-ERR_PATH_ADD EM-2305 %ROUTING-OSPF_RIB-3-ERR_PATH_DELETE EM-2306 %ROUTING-OSPF_RIB-3-ERR_PROTO_MODIFY EM-2306 %ROUTING-OSPF_RIB-3-ERR_ROUTE_HDR EM-2306 %ROUTING-OSPF_RIB-3-ERR_UPDATE_DONE EM-2306 %ROUTING-OSPF_RIB-4-BATCH_LOG_PATH EM-2306 %ROUTING-OSPF_RIB-5-BATCH_ERROR EM-2307 %ROUTING-OSPF_RIB-5-BATCH_ERROR_CODE EM-2307 %ROUTING-OSPF_RIB-6-INFO_RT_HDR_NOTUSED EM-23 07 %ROUTING-OSPF_UV-3-CERR_REG_FAIL EM-2307 %ROUTING-OSPF_UV-3-ERR_DBG_REGISTER_FAILED E M-2308 %ROUTING-OSPF_UV-3-ERR_MEM_ALLOC_FAIL EM-230 8 %ROUTING-OSPF_UV-3-ERR_PROC_READY EM-2308 %ROUTING-OSPF_UV-3-ERR_SYSDB_CONNECT EM-2308 %ROUTING-OSPF_UV-3-ERR_SYSDB_DISCONNECT EM-2 308 %ROUTING-OSPF_UV-3-ERR_SYSDB_REG_VERIFY EM-2 309 %ROUTING-OSPF_UV-3-ERR_VRFN_FNS_INIT EM-2309 %ROUTING-OSPF_UV-3-EVENT_ERR EM-2309 %ROUTING-OSPF_UV-3-EVM_CRE_FAIL EM-2309 %ROUTING-OSPF_UV-3-INTF_FWS_INIT EM-2309 %ROUTING-OSPF_UV-6-PROCESS_NAME EM-2310 %ROUTING-OSPF-2-ERR_MEM_ALLOC EM-2310 %ROUTING-OSPF-3-ALLOC_ERR EM-2310 %ROUTING-OSPF-3-AREANULL EM-2310 %ROUTING-OSPF-3-BADMSG EM-2310 %ROUTING-OSPF-3-BADSHARE EM-2311 %ROUTING-OSPF-3-BADTIMER EM-2311 %ROUTING-OSPF-3-DBGINIT EM-2311 %ROUTING-OSPF-3-DUP_RTRID EM-2311 %ROUTING-OSPF-3-ERR_RESOURCE_ALLOC EM-2311 %ROUTING-OSPF-3-EVM EM-2312 %ROUTING-OSPF-3-EVM_CODE EM-2312 %ROUTING-OSPF-3-EVM_RL EM-2312 %ROUTING-OSPF-3-EXTERNALERR EM-2312 %ROUTING-OSPF-3-EXTERNALERR_RC EM-2312 %ROUTING-OSPF-3-FRIS EM-2313 %ROUTING-OSPF-3-IDBERR EM-2313 %ROUTING-OSPF-3-IFCHECK EM-2313 %ROUTING-OSPF-3-IFINIT EM-2313 %ROUTING-OSPF-3-IFMGR EM-2313 %ROUTING-OSPF-3-IGPTE EM-2314 %ROUTING-OSPF-3-INIT_ERR EM-2314 %ROUTING-OSPF-3-INIT_ERR_STR EM-2314 %ROUTING-OSPF-3-INTERNALERR EM-2314 %ROUTING-OSPF-3-INTERNALERR_RC EM-2314 %ROUTING-OSPF-3-IPARM EM-2315 %ROUTING-OSPF-3-LWM EM-2315 %ROUTING-OSPF-3-MCAST EM-2315 %ROUTING-OSPF-3-MEDIAERR EM-2315 %ROUTING-OSPF-3-MUTEX EM-2315 %ROUTING-OSPF-3-NOBACKBONE EM-2316 %ROUTING-OSPF-3-NOIPADDR EM-2316Index EM-2724 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-OSPF-3-NOSELF EM-2316 %ROUTING-OSPF-3-NOTNBRTYPE EM-2316 %ROUTING-OSPF-3-PKTDROP EM-2316 %ROUTING-OSPF-3-RDB_NO_LSA EM-2317 %ROUTING-OSPF-3-RECONF_VL EM-2317 %ROUTING-OSPF-3-RIB EM-2317 %ROUTING-OSPF-3-RIB_MSG EM-2317 %ROUTING-OSPF-3-RPC EM-2317 %ROUTING-OSPF-3-SOCKET EM-2318 %ROUTING-OSPF-3-SYSDB EM-2318 %ROUTING-OSPF-3-THREAD_CREATE EM-2318 %ROUTING-OSPF-3-UNKNOWNSTATE EM-2318 %ROUTING-OSPF-4-BADLENGTH EM-2319 %ROUTING-OSPF-4-BADLSATYPE EM-2319 %ROUTING-OSPF-4-CONFLICTING_LSAID EM-2319 %ROUTING-OSPF-4-DEPRECATED_RTRID EM-2319 %ROUTING-OSPF-4-DOMAIN_TAG_NEEDED EM-2320 %ROUTING-OSPF-4-ERR_MSG_GET_SCOID EM-2320 %ROUTING-OSPF-4-ERR_MSG_REPLY EM-2320 %ROUTING-OSPF-4-ERRRCV EM-2320 %ROUTING-OSPF-4-IFINDEX_GET EM-2321 %ROUTING-OSPF-4-KEYCFG EM-2321 %ROUTING-OSPF-4-MAX_INTF_APPLY EM-2321 %ROUTING-OSPF-4-MAX_LSA EM-2321 %ROUTING-OSPF-4-MAX_LSA_THR EM-2321 %ROUTING-OSPF-4-MUTEX_ERR EM-2322 %ROUTING-OSPF-4-NBREXIST EM-2322 %ROUTING-OSPF-4-NETWORK_TYPE_MISMATCH EM-23 22 %ROUTING-OSPF-4-NONEIGHBOR EM-2322 %ROUTING-OSPF-4-NORTRID EM-2323 %ROUTING-OSPF-4-OLD_CMD EM-2323 %ROUTING-OSPF-4-PAKMAN_EVENT EM-2323 %ROUTING-OSPF-4-POLICYCONFIG EM-2323 %ROUTING-OSPF-4-RAW_OUTPUT_ERR EM-2324 %ROUTING-OSPF-4-REDIST_FAILED EM-2324 %ROUTING-OSPF-4-REDIST_MAX_PFX EM-2324 %ROUTING-OSPF-4-REDIST_THR_PFX EM-2324 %ROUTING-OSPF-4-STUB_ASBR EM-2324 %ROUTING-OSPF-4-USING_OLD_RTRID EM-2325 %ROUTING-OSPF-4-VIRTUAL_IN_NON_BACKBONE EM-2 325 %ROUTING-OSPF-5-ADJCHG EM-2325 %ROUTING-OSPF-5-HA_NOTICE EM-2325 %ROUTING-OSPF-5-HA_NOTICE_START EM-2325 %ROUTING-OSPF-6-BADCHKSUM EM-2326 %ROUTING-OSPF-6-DBEXIST EM-2326 %ROUTING-OSPF-6-GRACEFUL_SHUTDOWN EM-2326 %ROUTING-OSPF-6-HA_INFO EM-2326 %ROUTING-OSPF-6-LSAREFRESH EM-2326 %ROUTING-OSPF-6-MAXMETRIC_RUNNING EM-2327 %ROUTING-OSPF-6-MEM_NOTIF EM-2327 %ROUTING-OSPF-6-MGDTIMER EM-2327 %ROUTING-OSPF-6-NEWLIMIT EM-2327 %ROUTING-OSPF-6-NOTREDIST3 EM-2327 %ROUTING-OSPF-6-REFBW_CHG EM-2328 %ROUTING-OSPF-6-USING_MSGDGST EM-2328 %ROUTING-OSPF-7-DB_EX_DQUEUE EM-2328 %ROUTING-OSPF-7-DB_READY_Q EM-2328 %ROUTING-OSPF-7-DLINK EM-2328 %ROUTING-OSPF-7-DQUEUE EM-2329 %ROUTING-OSPF-7-ERR_TUNNEL_INT EM-2329 %ROUTING-OSPF-7-INIT_FAIL EM-2329 %ROUTING-OSPF-7-VRF_DELETE EM-2329 %ROUTING-OSPFv3_EDM-3-DATALIST_ADD_FAILED EM -2330 %ROUTING-OSPFv3_EDM-3-DATALIST_CREATE_FAILED EM-2330 %ROUTING-OSPFv3_EDM-3-EDMINIT EM-2330 %ROUTING-OSPFv3_EDM-3-ENCODE_FAILED EM-2330 %ROUTING-OSPFv3_EDM-3-EVENT_REGISTRATION_FAIL ED EM-2331 %ROUTING-OSPFv3_EDM-3-LIST_ADD_FAILED EM-2331 %ROUTING-OSPFv3_EDM-3-LIST_CREATE_FAILED EM-2 331 %ROUTING-OSPFv3_EDM-3-NO_DATA EM-2331 %ROUTING-OSPFv3_EDM-3-PROTO_REG_FAILED EM-233 2 %ROUTING-OSPFv3_EDM-3-REGISTER_FAILED EM-2332 %ROUTING-OSPFv3_EDM-3-SYSDB_BIND_FAILED EM-23 32 %ROUTING-OSPFv3_EDM-3-SYSDB_COID_FAILED EM-23 32 %ROUTING-OSPFv3_EDM-6-BAGREG_FAILED EM-2333 %ROUTING-OSPFV3_POLICY-3-ORA_INSTBUILD EM-2333 %ROUTING-OSPFV3_POLICY-3-ORA_RUN EM-2333 %ROUTING-OSPFv3_RIB-2-NO_MEMORY EM-2333 %ROUTING-OSPFv3_RIB-3-BIND EM-2334 %ROUTING-OSPFv3_RIB-3-DEFAULT_REG EM-2334 %ROUTING-OSPFv3_RIB-3-DISCONNECT EM-2334 %ROUTING-OSPFv3_RIB-3-ERR_BATCH_COMPLETE EM- 2334 %ROUTING-OSPFv3_RIB-3-ERR_PATH_ADD EM-2334 %ROUTING-OSPFv3_RIB-3-ERR_PATH_DELETE EM-2335 %ROUTING-OSPFv3_RIB-3-ERR_ROUTE_HDR EM-2335 %ROUTING-OSPFv3_RIB-3-ERR_UPDATE_COMPLETE EM -2335 %ROUTING-OSPFv3_RIB-3-FINDPDB EM-2335 %ROUTING-OSPFv3_RIB-3-PURGE EM-2335 %ROUTING-OSPFv3_RIB-3-REDIST_REG EM-2336 %ROUTING-OSPFv3_RIB-3-REGISTER EM-2336 %ROUTING-OSPFv3_UV-3-CERR_REG_FAIL EM-2336 %ROUTING-OSPFv3_UV-3-ERR_DBG_REGISTER_FAILED EM-2336 %ROUTING-OSPFv3_UV-3-ERR_MEM_ALLOC_FAIL EM-2 337 %ROUTING-OSPFv3_UV-3-ERR_PROC_READY EM-2337 %ROUTING-OSPFv3_UV-3-ERR_SYSDB_CONNECT EM-23 37 %ROUTING-OSPFv3_UV-3-ERR_SYSDB_DISCONNECT E M-2337 %ROUTING-OSPFv3_UV-3-ERR_SYSDB_REG_VERIFY EM -2337 %ROUTING-OSPFv3_UV-3-ERR_VRFN_FNS_INIT EM-2338 %ROUTING-OSPFv3_UV-3-EVENT_ERR EM-2338 %ROUTING-OSPFv3_UV-3-EVM_CRE_FAIL EM-2338Index EM-2725 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-OSPFv3_UV-3-INTF_FWS_INIT EM-2338 %ROUTING-OSPFv3_UV-6-PROCESS_NAME EM-2338 %ROUTING-OSPFv3-2-NOMEMORY EM-2339 %ROUTING-OSPFv3-3-ACL_GET EM-2339 %ROUTING-OSPFv3-3-ACL_REG EM-2339 %ROUTING-OSPFv3-3-ALLOCFAIL EM-2339 %ROUTING-OSPFv3-3-APIERR EM-2339 %ROUTING-OSPFv3-3-BADMSG EM-2340 %ROUTING-OSPFv3-3-BADTIMER EM-2340 %ROUTING-OSPFv3-3-CERR_REGISTER EM-2340 %ROUTING-OSPFv3-3-CONN_FAIL EM-2340 %ROUTING-OSPFv3-3-DBGINIT EM-2340 %ROUTING-OSPFv3-3-DBGREG EM-2341 %ROUTING-OSPFv3-3-DELVLINK EM-2341 %ROUTING-OSPFv3-3-DLINK EM-2341 %ROUTING-OSPFv3-3-DUP_RTRID EM-2341 %ROUTING-OSPFv3-3-DUP_RTRID_AREA EM-2341 %ROUTING-OSPFv3-3-DUP_RTRID_AS EM-2342 %ROUTING-OSPFv3-3-EVENTBLOCK EM-2342 %ROUTING-OSPFv3-3-EVM_FD EM-2342 %ROUTING-OSPFv3-3-EVM_RETRY EM-2342 %ROUTING-OSPFv3-3-FRIS_INSERT EM-2342 %ROUTING-OSPFv3-3-HELLOINIT EM-2343 %ROUTING-OSPFv3-3-IFINDEX_GET EM-2343 %ROUTING-OSPFv3-3-IFINIT EM-2343 %ROUTING-OSPFv3-3-IFMGR EM-2343 %ROUTING-OSPFv3-3-IFMGR_IF EM-2343 %ROUTING-OSPFv3-3-INIT EM-2344 %ROUTING-OSPFv3-3-INSTALL_REG EM-2344 %ROUTING-OSPFv3-3-INSTALL_UNREG EM-2344 %ROUTING-OSPFv3-3-INTERNALERR EM-2344 %ROUTING-OSPFv3-3-IPARM EM-2344 %ROUTING-OSPFv3-3-IPARM_IF EM-2345 %ROUTING-OSPFv3-3-IPSEC_CLOSE EM-2345 %ROUTING-OSPFv3-3-IPSEC_DEBUG_INIT EM-2345 %ROUTING-OSPFv3-3-IPSEC_INIT EM-2345 %ROUTING-OSPFv3-3-IPSEC_OPEN EM-2345 %ROUTING-OSPFv3-3-LAS EM-2346 %ROUTING-OSPFv3-3-LAS_ADDR EM-2346 %ROUTING-OSPFv3-3-LAS_IF EM-2346 %ROUTING-OSPFv3-3-MCAST EM-2346 %ROUTING-OSPFv3-3-MEM_ALLOC_FAIL EM-2346 %ROUTING-OSPFv3-3-MUTEX_INIT EM-2347 %ROUTING-OSPFv3-3-NO_VL_ENDPOINT EM-2347 %ROUTING-OSPFv3-3-NOBACKBONE EM-2347 %ROUTING-OSPFv3-3-NOSELF EM-2347 %ROUTING-OSPFv3-3-NOTNBRTYPE EM-2347 %ROUTING-OSPFv3-3-PKTDROP EM-2348 %ROUTING-OSPFv3-3-PKTDROP_STR EM-2348 %ROUTING-OSPFv3-3-PROCINIT EM-2348 %ROUTING-OSPFv3-3-RIB EM-2348 %ROUTING-OSPFv3-3-RIB_ERR_PROTO_MODIFY EM-234 8 %ROUTING-OSPFv3-3-RTRINIT EM-2349 %ROUTING-OSPFv3-3-SOCKET EM-2349 %ROUTING-OSPFv3-3-SYSDB EM-2349 %ROUTING-OSPFv3-3-SYSMGR EM-2349 %ROUTING-OSPFv3-3-THREAD_CREATE EM-2349 %ROUTING-OSPFv3-3-UCAST EM-2350 %ROUTING-OSPFv3-3-UNKNOWNSTATE EM-2350 %ROUTING-OSPFv3-3-UNSUPPORTED_IFTYPE EM-2350 %ROUTING-OSPFv3-4-BADAREA EM-2350 %ROUTING-OSPFv3-4-BADLENGTH EM-2351 %ROUTING-OSPFv3-4-BADLSA EM-2351 %ROUTING-OSPFv3-4-BADVERS EM-2351 %ROUTING-OSPFv3-4-DEPRECATED_RTRID EM-2351 %ROUTING-OSPFv3-4-ERRRCV EM-2352 %ROUTING-OSPFv3-4-LSDB_ERROR EM-2352 %ROUTING-OSPFv3-4-LTRACE_INIT EM-2352 %ROUTING-OSPFv3-4-NONEIGHBOR EM-2352 %ROUTING-OSPFv3-4-NORTRID EM-2353 %ROUTING-OSPFv3-4-PKTDROP_WARN EM-2353 %ROUTING-OSPFv3-4-POLICYCONFIG EM-2353 %ROUTING-OSPFv3-4-REDIST_MAX_PFX EM-2353 %ROUTING-OSPFv3-4-REDIST_THR_PFX EM-2353 %ROUTING-OSPFv3-4-SOCKET_WARN EM-2354 %ROUTING-OSPFv3-4-STUB_ASBR EM-2354 %ROUTING-OSPFv3-4-USING_OLD_RTRID EM-2354 %ROUTING-OSPFv3-4-VIRTUAL_IN_NON_BACKBONE E M-2354 %ROUTING-OSPFv3-5-ADJCHG EM-2355 %ROUTING-OSPFv3-5-HA_NOTICE EM-2355 %ROUTING-OSPFv3-5-HA_NOTICE_START EM-2355 %ROUTING-OSPFv3-6-AREA_DELETE EM-2355 %ROUTING-OSPFv3-6-AREACREATE EM-2355 %ROUTING-OSPFv3-6-BADCHKSUM EM-2356 %ROUTING-OSPFv3-6-RECONF_VL EM-2356 %ROUTING-OSPFv3-6-REFBW_CHG EM-2356 %ROUTING-PIM_NETIO-3-DEBUG_ERR EM-2356 %ROUTING-PIM_POLICY-3-ORA_INSTBUILD EM-2357 %ROUTING-PIM_POLICY-3-ORA_ORABUILD EM-2357 %ROUTING-PIM_POLICY-3-ORA_RUN EM-2357 %ROUTING-POLICY_REPOSITORY_DYNREG-3-ADD EM- 2357 %ROUTING-POLICY_REPOSITORY_DYNREG-3-CREATE EM-2358 %ROUTING-POLICY_REPOSITORY_DYNREG-3-DATA EM -2358 %ROUTING-POLICY_REPOSITORY_DYNREG-3-DELETE EM-2358 %ROUTING-POLICY_REPOSITORY_DYNREG-3-DOCK EM -2358 %ROUTING-POLICY_REPOSITORY_DYNREG-3-FIND EM- 2359 %ROUTING-POLICY_REPOSITORY_DYNREG-3-INSTALL EM-2359 %ROUTING-POLICY_REPOSITORY_DYNREG-3-MODIFY EM-2359 %ROUTING-POLICY_REPOSITORY_DYNREG-3-REGISTER EM-2359 %ROUTING-POLICY_REPOSITORY_DYNREG-3-SWITCH EM-2360 %ROUTING-POLICY_REPOSITORY_DYNREG-3-UNDOCK EM-2360 %ROUTING-POLICY_REPOSITORY_DYNREG-3-UNLOAD EM-2360Index EM-2726 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-POLICY_REPOSITORY_DYNREG-3-UNREGIST ER EM-2360 %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_B AG_ENCODE EM-2361 %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_BI ND EM-2361 %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_E DM_DATA_GENERATE EM-2361 %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_E DM_LIST_ADD EM-2361 %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_E DM_LIST_CREATE EM-2362 %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_E DM_REG EM-2362 %ROUTING-POLICY_REPOSITORY_EDM-3-ERR_SYSDB_U NBIND EM-2362 %ROUTING-POLICY_REPOSITORY_EDM-6-ERR_SYSDB_B AG_REG EM-2362 %ROUTING-POLICY_REPOSITORY-3-ERR_MEM_ALLOC EM-2363 %ROUTING-POLICY_REPOSITORY-3-ERR_ORA_DOCK E M-2363 %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_BAG_DE CODE EM-2363 %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_CONNE CT EM-2364 %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_GET E M-2364 %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_REG_NO TIFY EM-2364 %ROUTING-POLICY_REPOSITORY-3-ERR_SYSDB_REG_VE RIFY EM-2364 %ROUTING-POLICY_REPOSITORY-3-INCONSISTENT EM- 2365 %ROUTING-POLICY_REPOSITORY-4-CLEANUP EM-2365 %ROUTING-POLICY_REPOSITORY-4-ERR_SYSDB_DELETE EM-2365 %ROUTING-POLICY_REPOSITORY-4-PARSER_DLL EM-23 65 %ROUTING-POLICY_REPOSITORY-4-RPL_EDIT EM-2366 %ROUTING-POLICY_REPOSITORY-4-SYSMGR_GET_NODE _STATE EM-2366 %ROUTING-POLICY_REPOSITORY-7-ARG_MISMATCH E M-2366 %ROUTING-POLICY_REPOSITORY-7-ATTACHPOINT_ADD EM-2366 %ROUTING-POLICY_REPOSITORY-7-ATTACHPOINT_MIS MATCH EM-2367 %ROUTING-POLICY_REPOSITORY-7-ITEM_UNSUPPORTED EM-2367 %ROUTING-POLICY_REPOSITORY-7-OBJECT_INIT EM-23 67 %ROUTING-POLICY_REPOSITORY-7-OBJECT_REBUILD EM-2367 %ROUTING-POLICY_REPOSITORY-7-POLICY_TOO_BIG EM-2368 %ROUTING-POLICY_REPOSITORY-7-SETS_REBUILD EM- 2368 %ROUTING-POLICY_REPOSITORY-7-VERIFY_APPLY EM -2368 %ROUTING-RASF-3-NO_BASE_COMPARE EM-2369 %ROUTING-RASF-3-NO_CMP_RETRIEVER EM-2369 %ROUTING-RASF-3-NO_COMPARE EM-2369 %ROUTING-RASF-3-NO_RETRIEVER EM-2369 %ROUTING-RASF-3-NO_SETTER EM-2370 %ROUTING-RASF-4-ERR_DLL_REG EM-2370 %ROUTING-RASF-7-DBGINIT EM-2370 %ROUTING-RASF-7-DBGSHUTDOWN EM-2370 %ROUTING-RETRY-4-DEBUG_INIT EM-2371 %ROUTING-RIB_LIB-3-ERR_LOCK_FATAL EM-2371 %ROUTING-RIB_LIB-3-FETCH_UPDATE EM-2371 %ROUTING-RIB_LIB-4-ERR_POSSIBLE_CONNECTION_LEA K EM-2371 %ROUTING-RIB_LIB-4-UNBIND EM-2372 %ROUTING-RIB_QUERY_ORA-3-CERRNO_REG EM-2372 %ROUTING-RIB_QUERY_ORA-3-INSTBUILD EM-2372 %ROUTING-RIB_QUERY_ORA-3-ORABUILD EM-2372 %ROUTING-RIB_QUERY_ORA-3-RUN EM-2373 %ROUTING-RIB-2-CHILD_PARENT_MISMATCH EM-2373 %ROUTING-RIB-2-PARENT_REREGISTER EM-2373 %ROUTING-RIB-2-PARENT_UNREGISTER EM-2373 %ROUTING-RIB-3-BATCH_PROTO_REG_FAILURE EM-237 4 %ROUTING-RIB-3-CONVERGE_VERSION_MISMATCH E M-2374 %ROUTING-RIB-3-ERR_CHILD_REDIST_REQUESTS EM-2 374 %ROUTING-RIB-3-ERR_DELETE EM-2374 %ROUTING-RIB-3-ERR_LOCK_FATAL EM-2374 %ROUTING-RIB-3-ERR_LOOKUP EM-2375 %ROUTING-RIB-3-ERR_MEM_ALLOC EM-2375 %ROUTING-RIB-3-ERR_MEM_NHPATH EM-2375 %ROUTING-RIB-3-ERR_MUTEX_FATAL EM-2375 %ROUTING-RIB-3-ERR_NH_ATTRIBUTE EM-2375 %ROUTING-RIB-3-ERR_NH_PACK EM-2375 %ROUTING-RIB-3-ERR_NH_PATH EM-2376 %ROUTING-RIB-3-ERR_REDIST_INFO_CLEAR EM-2376 %ROUTING-RIB-3-ERR_RIBIO EM-2376 %ROUTING-RIB-3-ERR_RSI EM-2376 %ROUTING-RIB-3-ERR_TABLE_OPERATION EM-2376 %ROUTING-RIB-3-ERR_THREAD_POOL EM-2377 %ROUTING-RIB-3-EVENT_BOOLEAN_SET EM-2377 %ROUTING-RIB-3-GO_ACTIVE EM-2377 %ROUTING-RIB-3-GO_STANDBY EM-2377 %ROUTING-RIB-3-IMPROPER_PREFIX_MASK_LEN EM-23 78 %ROUTING-RIB-3-INTERFACE_DB EM-2378 %ROUTING-RIB-3-INVALID_BATCH_OPERATION EM-237 8 %ROUTING-RIB-3-INVALID_BCDL_REGISTRATION EM-2 378 %ROUTING-RIB-3-INVALID_TABLE_ACCESS EM-2378 %ROUTING-RIB-3-LTRACE_INIT EM-2378 %ROUTING-RIB-3-LWM_REPLY EM-2379 %ROUTING-RIB-3-MAIN_INIT EM-2379 %ROUTING-RIB-3-MGMNT_INIT EM-2379Index EM-2727 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-RIB-3-NEXTHOPS_TRAVERSE EM-2379 %ROUTING-RIB-3-NH_CLIENT EM-2379 %ROUTING-RIB-3-NH_DB_ADD EM-2380 %ROUTING-RIB-3-NH_INSERT_HEAP EM-2380 %ROUTING-RIB-3-NSF_WARN EM-2380 %ROUTING-RIB-3-PREFIXES_FULL EM-2380 %ROUTING-RIB-3-PURGE_TIMER_ALLOC EM-2380 %ROUTING-RIB-3-QSM_ADD_SERVICE EM-2381 %ROUTING-RIB-3-RUMP_NOTIFY EM-2381 %ROUTING-RIB-3-SHUTDOWN EM-2381 %ROUTING-RIB-3-SYSDB_FD_CLOSED EM-2381 %ROUTING-RIB-3-TIME_ERR EM-2381 %ROUTING-RIB-3-UPDATE_TIMEOUT EM-2382 %ROUTING-RIB-4-INVALID_SYSDB_ERROR EM-2382 %ROUTING-RIB-4-OPAQUE_FLAG_MISMATCH EM-2382 %ROUTING-RIB-4-PREFIXES_BELOW_THRESHOLD EM-2 382 %ROUTING-RIB-4-PREFIXES_REACHED_LOW_THRESHOL D EM-2382 %ROUTING-RIB-4-RECURSION_DEPTH_CHANGED EM-23 83 %ROUTING-RIB-4-SELECT_IGNORED EM-2383 %ROUTING-RIB-4-SYSMGR_NODE_STATE EM-2383 %ROUTING-RIB-4-UNSUPPORTED_OOM_STATE EM-2383 %ROUTING-RIB-4-WARN_UNEXPECTED_EXT_COMM E M-2383 %ROUTING-RIB-5-TABLE_NH_DAMPED EM-2384 %ROUTING-RIB-6-INFO_LOCKING_CONTEXT_DISPLAY EM-2384 %ROUTING-RIB-7-INFO_LOCKING_OPERATION_DISPLAY EM-2384 %ROUTING-RIB-7-SERVER_ROUTING_DEPTH EM-2384 %ROUTING-RIP_POLICY-3-ORA_INSTBUILD EM-2384 %ROUTING-RIP_POLICY-3-ORA_ORABUILD EM-2385 %ROUTING-RIP_POLICY-3-ORA_RUN EM-2385 %ROUTING-RIP-2-ERR_MEM_ALLOC EM-2385 %ROUTING-RIP-3-ERR_AUTH EM-2385 %ROUTING-RIP-3-ERR_CFG EM-2386 %ROUTING-RIP-3-ERR_CLEAR EM-2386 %ROUTING-RIP-3-ERR_EVENT EM-2386 %ROUTING-RIP-3-ERR_IF EM-2386 %ROUTING-RIP-3-ERR_INIT EM-2386 %ROUTING-RIP-3-ERR_ITAL EM-2387 %ROUTING-RIP-3-ERR_OOM EM-2387 %ROUTING-RIP-3-ERR_PAK_AUTH EM-2387 %ROUTING-RIP-3-ERR_PAK_RECV EM-2387 %ROUTING-RIP-3-ERR_POLICY EM-2388 %ROUTING-RIP-3-ERR_RDB EM-2388 %ROUTING-RIP-3-ERR_REDIST EM-2388 %ROUTING-RIP-3-ERR_RIB EM-2388 %ROUTING-RIP-3-ERR_THREAD_MUTEX_LOCK EM-2388 %ROUTING-RIP-3-ERR_THREAD_MUTEX_UNLOCK EM-2 389 %ROUTING-RIP-3-ERR_TOPO EM-2389 %ROUTING-RIP-6-INFO_OOM EM-2389 %ROUTING-RPL_COORD-3-ERR_EVM_CREATE EM-2389 %ROUTING-RPL_COORD-3-ERR_EVM_EVENT_BLOCK E M-2390 %ROUTING-RPL_COORD-3-ERR_EVM_PROC_AVAILABLE EM-2390 %ROUTING-RPL_COORD-3-ERR_EVM_PROC_READY EM -2390 %ROUTING-RPL_COORD-3-ERR_GROUP_CREATE EM-239 0 %ROUTING-RPL_COORD-3-ERR_LWM_CHANNEL EM-239 1 %ROUTING-RPL_COORD-3-SW_CHANGE EM-2391 %ROUTING-RPL_COORD-4-DEFAULT_ACTION EM-2391 %ROUTING-RPL_COORD-4-DLL_MANAGER EM-2391 %ROUTING-RPL_COORD-4-ERR_DLL_CHECK EM-2392 %ROUTING-RPL_COORD-4-ERR_DLL_LIST EM-2392 %ROUTING-RPL_COORD-4-ERR_GROUP_COMPONENT E M-2392 %ROUTING-RPL_COORD-4-ERR_GROUP_MSG_BAD EM-2 392 %ROUTING-RPL_COORD-4-ERR_GROUP_MSG_LONG EM -2392 %ROUTING-RPL_COORD-4-ERR_GROUP_MSG_SHORT E M-2393 %ROUTING-RPL_COORD-4-ERR_MEM_ALLOC EM-2393 %ROUTING-RPL_COORD-4-FIND_FILE EM-2393 %ROUTING-RPL_COORD-4-INSTALL_READY EM-2393 %ROUTING-RPL_COORD-4-REBOOT EM-2394 %ROUTING-RPL_COORD-7-DBGINIT EM-2394 %ROUTING-RPL_COORD-7-ERR_GROUP_RESPONSE EM- 2394 %ROUTING-RPL_COORD-7-NO_TERM EM-2394 %ROUTING-RRR_PCALC-3-ERR_MEM_ALLOC EM-2395 %ROUTING-RSVP-3-CLIENT_QUEUE_OVERFLOW EM-239 5 %ROUTING-RSVP-3-RSVP_LSP_RESOURCE_EXHAUSTED EM-2395 %ROUTING-RSVP-3-RSVP_TRACE_INIT_FAILED EM-2395 %ROUTING-RSVP-4-SHUTDOWN EM-2396 %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_DIGES T EM-2396 %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_DUP EM-2396 %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_KEY EM-2397 %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_SEQ EM-2397 %ROUTING-RSVP-5-BAD_RSVP_MSG_RCVD_AUTH_TYPE_ MISMATCH EM-2397 %ROUTING-RSVP-5-RSVP_AUTH_NO_KEYS EM-2397 %ROUTING-RSVP-6-RSVP_HELLO_STATE_DOWN EM-239 8 %ROUTING-RSVP-6-RSVP_HELLO_STATE_UP EM-2398 %ROUTING-RUMP-2-ERR_MEM_ALLOC EM-2398 %ROUTING-RUMP-3-ERR_INIT EM-2398 %ROUTING-RUMP-3-ERR_SYSDB EM-2398 %ROUTING-RUMP-3-INTERNALERR EM-2399 %ROUTING-RUMP-3-RIB_FAIL EM-2399 %ROUTING-RUMP-6-GRACEFUL_RESTART EM-2399 %ROUTING-SAP_LISTEN-3-BAG_RELATED_ERROR EM-2 399Index EM-2728 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %ROUTING-SAP_LISTEN-3-DEBUG_INIT_FAILED EM-239 9 %ROUTING-SAP_LISTEN-3-EVENT_CONN_MGR_ERROR EM-2400 %ROUTING-SAP_LISTEN-3-EVENT_MGR_CREATE_FAILED EM-2400 %ROUTING-SAP_LISTEN-3-GEN_ERR EM-2400 %ROUTING-SAP_LISTEN-3-MALLOC_FAILED EM-2400 %ROUTING-SAP_LISTEN-3-SOCKET_ERROR EM-2400 %ROUTING-SAP_LISTEN-3-SYSDB_ACCESS_ERROR EM- 2401 %ROUTING-SAP_LISTEN-3-SYSDB_REGISTRATION_FAILE D EM-2401 %ROUTING-SAP_LISTEN-3-TIMER_ERROR EM-2401 %ROUTING-SAP_LISTEN-3-TUPLE_ERROR EM-2401 %ROUTING-TAGCON-3-BUFFERBIND EM-2401 %ROUTING-TAGCON-3-LABEL_OP EM-2402 %ROUTING-TAGCON-3-TDPID EM-2402 %ROUTING-TAGCON-4-BAD_ADDR_LEN EM-2402 %ROUTING-TAGCON-4-UNEXPECTED_ALIST_TYPE EM- 2402 %ROUTING-TAGCON-4-UNEXPECTED_MSG_TYPE EM-24 02 %ROUTING-TAGCON-4-UNSOL_OPEN_FAIL EM-2403 %ROUTING-TAGCON-5-SEND EM-2403 %ROUTING-TDP-3-BAD_PREFIX_LEN EM-2403 %ROUTING-TDP-3-ERR_GENERAL EM-2403 %ROUTING-TDP-3-LDP_OP EM-2403 %ROUTING-TDP-3-LIB_APP EM-2404 %ROUTING-TDP-3-SM EM-2404 %ROUTING-TDP-4-BAD_PDU EM-2404 %ROUTING-TDP-4-LDP_SESSION_PARAM EM-2404 %ROUTING-TIB-3-DB_OP EM-2405 %ROUTING-TIB-3-ERR_GENERAL EM-2405 %ROUTING-TIB-3-LCL_LABEL_STATE EM-2405 %ROUTING-TIB-3-REV_NUM_WRAP EM-2405 %ROUTING-UCP_LCTRL_LIB-3-ERR_LIB EM-2405 %ROUTING-UCP_LCTRL-7-ERR_INIT_SERVER EM-2406 %ROUTING-UCP_OLM-3-NOT_RUNNING EM-2406 %ROUTING-UCP_OLM-7-ACTIVE_IPCC_AVAIL EM-2406 %ROUTING-UCP_OLM-7-ERR_INTERNAL EM-2406 %ROUTING-UCP_OLM-7-MPLS_TE_LMP_ROUTER_ID_CHA NGE EM-2406 %ROUTING-UCP_OLM-7-MPLS_TE_LMP_ROUTER_ID_ZER O EM-2407 %ROUTING-UCP_OLM-7-NO_ACTIVE_IPCC EM-2407 %ROUTING-UCP_OLM-7-ROUTER_ID_CHANGE EM-2407 %ROUTING-UCP_OLM-7-ROUTER_ID_ZERO EM-2407 %ROUTING-UCP_OUNI-6-CONNECTION_DESTROYED E M-2408 %ROUTING-UCP_OUNI-6-CONNECTION_ESTABLISHED EM-2408 %ROUTING-UCP_OUNI-7-ERR_INTERNAL EM-2408 %ROUTING-VKG_IPV4_MRIB-3-INIT_ERROR EM-2408 %SECURITY-AAA_BASE-3-ERROR EM-2409 %SECURITY-AAA_BASE-4-WARNING EM-2409 %SECURITY-AAA_BASE-7-DEBUG EM-2409 %SECURITY-aaa_task-3-DEBUG_ERROR EM-2410 %SECURITY-aaa_task-3-DLLMAIN_ERROR EM-2410 %SECURITY-aaa_task-3-INVALID_AAA_TASK_DEBUG_FLA G EM-2410 %SECURITY-aaa_task-7-GENERIC_ERROR EM-2410 %SECURITY-AAA-3-DEBUG_ERROR EM-2411 %SECURITY-AAA-3-DEBUG_ERROR EM-2411 %SECURITY-AAA-3-DES_INIT_FAIL EM-2411 %SECURITY-AAA-3-DLL_INIT_ERROR EM-2411 %SECURITY-AAA-3-DLLMAIN_ERROR EM-2411 %SECURITY-AAA-3-ERR_SERVER_GROUP EM-2412 %SECURITY-AAA-3-ERROR_NO_MEM EM-2412 %SECURITY-AAA-3-INVALID_DEBUG_FLAG EM-2412 %SECURITY-AAA-3-LIB_UTIL_ERROR_NO_MEM EM-2412 %SECURITY-AAA-3-SYSDB_BIND_ERROR EM-2412 %SECURITY-AAA-4-WHITESPACE_TRUNCATED_IN_SERV ER_KEY EM-2413 %SECURITY-AAA-7-ERR_ECM EM-2413 %SECURITY-AAA-7-ERR_SYSDB EM-2413 %SECURITY-ACCTD-3-AMBIGUOUS_PASSWD EM-2413 %SECURITY-ACCTD-3-BAG_ENCODE_ERR EM-2414 %SECURITY-ACCTD-3-BAGS_UNREG_ERR EM-2414 %SECURITY-ACCTD-3-DB_CLEAR_FAILED EM-2414 %SECURITY-ACCTD-3-DEBUG_ERROR EM-2414 %SECURITY-ACCTD-3-EDM_INIT_ERR EM-2414 %SECURITY-ACCTD-3-ERR_INVALID_GROUP EM-2415 %SECURITY-ACCTD-3-ERR_THREAD_FN EM-2415 %SECURITY-ACCTD-3-ERR_UNSUPPORTED_GROUP EM- 2415 %SECURITY-ACCTD-3-INSUFFICIENT_BUFFER_SIZE EM- 2415 %SECURITY-ACCTD-3-LIST_UNDEFINED EM-2415 %SECURITY-ACCTD-3-LWA_ADD_DIR_FAIL EM-2416 %SECURITY-ACCTD-3-LWA_ADD_FAIL EM-2416 %SECURITY-ACCTD-3-LWA_REM_FAIL EM-2416 %SECURITY-ACCTD-3-MEMORY EM-2416 %SECURITY-ACCTD-3-MSG_ERROR EM-2416 %SECURITY-ACCTD-3-MSG_SIZE_ERR EM-2417 %SECURITY-ACCTD-3-PLANE_MISMATCH EM-2417 %SECURITY-ACCTD-3-RED_STATE_ERROR EM-2417 %SECURITY-ACCTD-3-ROOT_USERDB_INIT_FAIL EM-24 17 %SECURITY-ACCTD-3-ROOT_USERDB_LOCK_ERR EM-2 417 %SECURITY-ACCTD-3-SETPRIO_FAILED EM-2418 %SECURITY-ACCTD-3-SHMWIN_INIT_FAILURE EM-2418 %SECURITY-ACCTD-3-SHUTDOWN_ERROR EM-2418 %SECURITY-ACCTD-3-SIGEVENT_SEND_FAIL EM-2418 %SECURITY-ACCTD-3-STARTUP_ERROR EM-2418 %SECURITY-ACCTD-3-STBY_INIT_ERR EM-2419 %SECURITY-ACCTD-4-ACCT_FAILURE EM-2419 %SECURITY-ACCTD-4-ACCT_TIMEOUT_FAILURE EM-24 19 %SECURITY-ACCTD-4-CERR_REGISTER EM-2419 %SECURITY-ACCTD-4-CHKPT_REGISTER_FAILURE EM- 2419 %SECURITY-ACCTD-4-CHKPT_RESTORE_FAILURE EM-2 420 %SECURITY-ACCTD-4-CHKPT_SAVE_FAILURE EM-2420Index EM-2729 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SECURITY-ACCTD-4-PASSWD_ALREADY_EXISTS EM-2 420 %SECURITY-ACCTD-4-SECRET_ALREADY_EXISTS EM-2 420 %SECURITY-ACCTD-7-ERR_SYSDB_FD EM-2420 %SECURITY-ACCTD-7-ERR_TTYMGMT_FD EM-2421 %SECURITY-ACCTD-7-GENERIC_ERROR EM-2421 %SECURITY-ACE_GRP-3-ERROR EM-2421 %SECURITY-ACE_LC-0-ACE_SYSLOG_EMERG EM-2421 %SECURITY-ACE_LC-1-ACE_SYSLOG_ALERT EM-2422 %SECURITY-ACE_LC-2-ACE_SYSLOG_CRIT EM-2422 %SECURITY-ACE_LC-2-ACE_SYSLOG_ERR EM-2422 %SECURITY-ACE_LC-3-ERR EM-2422 %SECURITY-ACE_LC-4-ACE_SYSLOG_WARNING EM-242 2 %SECURITY-ACE_LC-4-WARNING EM-2423 %SECURITY-ACE_LC-5-ACE_SYSLOG_NOTICE EM-2423 %SECURITY-ACE_LC-6-ACE_SYSLOG_INFO EM-2423 %SECURITY-ACE_LC-6-INFO EM-2423 %SECURITY-ACE_QAD-3-ERR EM-2423 %SECURITY-ACE_TSB_LC-3-ERR EM-2424 %SECURITY-ACE_TSB_LC-6-INFO EM-2424 %SECURITY-ACE_TSB_LC-6-WARNING EM-2424 %SECURITY-ACE_TSB_LC-7-DEBUG EM-2424 %SECURITY-CEPKI-6-ERR EM-2425 %SECURITY-CEPKI-6-ERR_2 EM-2425 %SECURITY-CEPKI-6-INFO EM-2425 %SECURITY-CEPKI-6-WARNING EM-2425 %SECURITY-COND_DEB_RP-3-INSUFMEM EM-2426 %SECURITY-COND_DEB_RP-3-NOCONDDBG EM-2426 %SECURITY-COND_DEB_RP-3-NOIPCONDDBG EM-2426 %SECURITY-COND_DEB_RP-6-ILLIPVAL EM-2426 %SECURITY-IKE_CLIENT-3-MQ_SEND_FAIL EM-2427 %SECURITY-IKE_CLIENT-4-WARNING EM-2427 %SECURITY-IKE-2-ERR_NO_MEMORY EM-2427 %SECURITY-IKE-3-ACCT_MSG_TX_FAILURE EM-2427 %SECURITY-IKE-3-ADD_KEY_FAIL EM-2428 %SECURITY-IKE-3-AUTHENTICATION_FAILED EM-2428 %SECURITY-IKE-3-BAD_CERT_USE EM-2428 %SECURITY-IKE-3-BAD_DOI_NOTIFY EM-2428 %SECURITY-IKE-3-BADMAGIC EM-2428 %SECURITY-IKE-3-CRYPTO_FAILURE EM-2429 %SECURITY-IKE-3-ERR_2_PARAM EM-2429 %SECURITY-IKE-3-ERR_EMPTY_SESSION EM-2429 %SECURITY-IKE-3-ERROR EM-2429 %SECURITY-IKE-3-FAILED_TO_CREATE_SKEYID EM-242 9 %SECURITY-IKE-3-GROUP_AUTHOR_FAILED EM-2430 %SECURITY-IKE-3-GROUP_CONFIG_UPLOAD_LOCAL_AA A_FAILED EM-2430 %SECURITY-IKE-3-IKEINIT EM-2430 %SECURITY-IKE-3-INTF_PARAMS_FAILURE EM-2430 %SECURITY-IKE-3-INVALID_CERT EM-2431 %SECURITY-IKE-3-IP_AP_NOTIFY_INUSE_ADDRESS_FAIL ED EM-2431 %SECURITY-IKE-3-IP_POOL_FREE_FAILURE EM-2431 %SECURITY-IKE-3-KEY_NOT_FOUND_IN_PROFILE EM-2 431 %SECURITY-IKE-3-LOCAL_ADDRESS_FAILURE EM-2431 %SECURITY-IKE-3-MALFORMED_MESSAGE EM-2432 %SECURITY-IKE-3-MQ_FAIL EM-2432 %SECURITY-IKE-3-MQ_SEND_FAIL EM-2432 %SECURITY-IKE-3-NO_POLICY_FOUND EM-2432 %SECURITY-IKE-3-PACKET_PROCESS_FAILURE EM-2432 %SECURITY-IKE-3-PHASE2_PROPOSAL_NOT_CHOSEN E M-2433 %SECURITY-IKE-3-POLICY_MISMATCH EM-2433 %SECURITY-IKE-3-PRESHARED_KEY_NOT_FOUND EM-2 433 %SECURITY-IKE-3-PROFILE_NOT_FOUND EM-2433 %SECURITY-IKE-3-QUICK_MODE_TIMER_EXPIRED EM-2 433 %SECURITY-IKE-3-RADIUS_USER_AUTHEN_FAIL EM-24 34 %SECURITY-IKE-3-RETRANSMISSION_LIMIT EM-2434 %SECURITY-IKE-3-RSA_PUBLIC_KEY_NOT_FOUND EM- 2434 %SECURITY-IKE-3-SA_NOT_AUTH EM-2434 %SECURITY-IKE-3-SA_NOT_OFFERED EM-2434 %SECURITY-IKE-3-USER_AUTHEN_REJECTED EM-2435 %SECURITY-IKE-4-BAD_DOI_SA EM-2435 %SECURITY-IKE-4-CERT_DOESNT_MATCH_ID EM-2435 %SECURITY-IKE-4-CERT_ISNT_TRUSTED_ROOT EM-2435 %SECURITY-IKE-4-INCOMING_PKT_TOO_BIG EM-2435 %SECURITY-IKE-4-IPV4_ROUTES_TOO_MANY EM-2436 %SECURITY-IKE-4-MESSAGE_NOT_PROCESSED EM-2436 %SECURITY-IKE-4-NO_SA EM-2436 %SECURITY-IKE-4-OUTGOING_PKT_TOO_BIG EM-2436 %SECURITY-IKE-4-PACKET_NOT_ENCRYPTED EM-2436 %SECURITY-IKE-4-PACKET_OVERFLOW EM-2437 %SECURITY-IKE-4-UNKNOWN_EXCHANGE_TYPE EM-24 37 %SECURITY-IKE-4-UNRELIABLE_INFO_MSG EM-2437 %SECURITY-IKE-4-WARNING EM-2437 %SECURITY-IKE-4-WARNING2 EM-2437 %SECURITY-IKE-6-CAC_DROPS EM-2438 %SECURITY-IKE-6-CRYPTO_TUNNEL_STATUS EM-2438 %SECURITY-IKE-6-DEFAULT_POLICY_ACCEPTED EM-24 38 %SECURITY-IKE-6-IPSEC_REJECTED EM-2438 %SECURITY-IKE-6-MODE_FAILURE EM-2438 %SECURITY-IKEv2-3-ERROR EM-2439 %SECURITY-IKEv2-4-WARNING EM-2439 %SECURITY-IKEv2-4-WARNING2 EM-2439 %SECURITY-IMP-3-CONFIG_ERR EM-2439 %SECURITY-IMP-3-FATAL_ERR EM-2440 %SECURITY-IMP-3-MQ_FAIL EM-2440 %SECURITY-IMP-3-SVI_TUNNEL_TYPE_ERR EM-2440 %SECURITY-IMP-4-MSG_WARN EM-2440 %SECURITY-IMP-6-PROC_READY EM-2440 %SECURITY-IPP-3-ERR_GENERAL EM-2441 %SECURITY-IPP-3-ERR_MALLOC EM-2441 %SECURITY-IPP-6-INFO_GENERAL EM-2441 %SECURITY-IPSEC-3-ERR EM-2441 %SECURITY-IPSEC-4-WARNING EM-2442 %SECURITY-IPSEC-6-INFO EM-2442Index EM-2730 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SECURITY-KEYCHAIN-3-FATAL_ERR EM-2442 %SECURITY-KEYCHAIN-4-MSG_WARN EM-2442 %SECURITY-LOCALD-3-AMBIGUOUS_PASSWD EM-2443 %SECURITY-LOCALD-3-BAG_ENCODE_ERR EM-2443 %SECURITY-LOCALD-3-BAGS_UNREG_ERR EM-2443 %SECURITY-LOCALD-3-DB_CLEAR_FAILED EM-2443 %SECURITY-LOCALD-3-DEBUG_ERROR EM-2444 %SECURITY-LOCALD-3-EDM_INIT_ERR EM-2444 %SECURITY-LOCALD-3-ERR_FILE_OPEN EM-2444 %SECURITY-LOCALD-3-ERR_FILE_WRITE EM-2444 %SECURITY-LOCALD-3-ERR_INVALID_GROUP EM-2444 %SECURITY-LOCALD-3-ERR_THREAD_FN EM-2445 %SECURITY-LOCALD-3-ERR_UNSUPPORTED_GROUP E M-2445 %SECURITY-LOCALD-3-INSUFFICIENT_BUFFER_SIZE E M-2445 %SECURITY-LOCALD-3-LIST_UNDEFINED EM-2445 %SECURITY-LOCALD-3-LWA_ADD_DIR_FAIL EM-2445 %SECURITY-LOCALD-3-LWA_ADD_FAIL EM-2446 %SECURITY-LOCALD-3-LWA_REM_FAIL EM-2446 %SECURITY-LOCALD-3-MEMORY EM-2446 %SECURITY-LOCALD-3-MSG_ERROR EM-2446 %SECURITY-LOCALD-3-MSG_SIZE_ERR EM-2446 %SECURITY-LOCALD-3-PLANE_MISMATCH EM-2447 %SECURITY-LOCALD-3-RED_STATE_ERROR EM-2447 %SECURITY-LOCALD-3-ROOT_USERDB_INIT_FAIL EM-2 447 %SECURITY-LOCALD-3-ROOT_USERDB_LOCK_ERR EM- 2447 %SECURITY-LOCALD-3-SETPRIO_FAILED EM-2447 %SECURITY-LOCALD-3-SHMWIN_INIT_FAILURE EM-244 8 %SECURITY-LOCALD-3-SHUTDOWN_ERROR EM-2448 %SECURITY-LOCALD-3-SIGEVENT_SEND_FAIL EM-2448 %SECURITY-LOCALD-3-STARTUP_ERROR EM-2448 %SECURITY-LOCALD-3-STBY_INIT_ERR EM-2448 %SECURITY-LOCALD-4-ACCT_FAILURE EM-2449 %SECURITY-LOCALD-4-ACCT_TIMEOUT_FAILURE EM-2 449 %SECURITY-LOCALD-4-CERR_REGISTER EM-2449 %SECURITY-LOCALD-4-CHKPT_REGISTER_FAILURE EM -2449 %SECURITY-LOCALD-4-CHKPT_RESTORE_FAILURE EM- 2449 %SECURITY-LOCALD-4-CHKPT_SAVE_FAILURE EM-2450 %SECURITY-LOCALD-4-PASSWD_ALREADY_EXISTS EM -2450 %SECURITY-LOCALD-4-SECRET_ALREADY_EXISTS EM- 2450 %SECURITY-LOCALD-7-ERR_SYSDB_FD EM-2450 %SECURITY-LOCALD-7-ERR_TTYMGMT_FD EM-2450 %SECURITY-LOCALD-7-GENERIC_ERROR EM-2451 %SECURITY-login-2-AUTHEN_FAILED EM-2451 %SECURITY-login-2-AUTHEN_SUCCESS EM-2451 %SECURITY-login-3-DEBUG_ERROR EM-2451 %SECURITY-login-3-DLLMAIN_ERROR EM-2452 %SECURITY-login-3-INVALID_LOGIN_DEBUG_FLAG EM- 2452 %SECURITY-login-3-NO_MEMORY EM-2452 %SECURITY-MPP-3-FATAL_ERR EM-2452 %SECURITY-MPP-4-MSG_WARN EM-2453 %SECURITY-MPP-6-MSG_INFO EM-2453 %SECURITY-PKI-6-ERR_1_PARAM EM-2453 %SECURITY-PKI-6-ERR_2_PARAM EM-2453 %SECURITY-PKI-6-LOG_INFO EM-2453 %SECURITY-RADIUSD-3-ACCT_NOTIFY_FAIL EM-2454 %SECURITY-RADIUSD-3-ADD_SYS_IP_ADDR_ATTR_ERR EM-2454 %SECURITY-RADIUSD-3-ADD_VSA_FAIL EM-2454 %SECURITY-RADIUSD-3-BAD_AVPAIR EM-2454 %SECURITY-RADIUSD-3-BAD_MSG_TYPE EM-2455 %SECURITY-RADIUSD-3-BAD_VSA_FORMAT_BIT EM-24 55 %SECURITY-RADIUSD-3-BAD_VSA_LENGTH EM-2455 %SECURITY-RADIUSD-3-BAD_VSA_TYPE EM-2455 %SECURITY-RADIUSD-3-BAD_VSA_VENDOR EM-2455 %SECURITY-RADIUSD-3-BAG_ENCODE_ERR EM-2456 %SECURITY-RADIUSD-3-BAGS_UNREG_ERR EM-2456 %SECURITY-RADIUSD-3-CONFIG_ERR EM-2456 %SECURITY-RADIUSD-3-DEBUG_ERROR EM-2456 %SECURITY-RADIUSD-3-EDM_INIT_ERR EM-2456 %SECURITY-RADIUSD-3-ERR_CREATE_SERVER_ENTRY EM-2457 %SECURITY-RADIUSD-3-ERR_CREATESG EM-2457 %SECURITY-RADIUSD-3-ERR_SET_SERVER_ENTRY EM- 2457 %SECURITY-RADIUSD-3-ERR_SYSDBBIND EM-2457 %SECURITY-RADIUSD-3-ERR_TTY_IFH_PRESENT EM-24 57 %SECURITY-RADIUSD-3-EVENT_ASYNC_ATTACH_FAIL_E RR EM-2458 %SECURITY-RADIUSD-3-IP_ADDR_TOO_LONG_ERR EM- 2458 %SECURITY-RADIUSD-3-LOCKING EM-2458 %SECURITY-RADIUSD-3-MEMORY EM-2458 %SECURITY-RADIUSD-3-MSG_ERROR EM-2458 %SECURITY-RADIUSD-3-MSG_SIZE_ERR EM-2459 %SECURITY-RADIUSD-3-NOT_VSA EM-2459 %SECURITY-RADIUSD-3-PARAMETER EM-2459 %SECURITY-RADIUSD-3-RIB_BIND_ERR EM-2459 %SECURITY-RADIUSD-3-RIB_LOCAL_ADDRESS_ERR E M-2459 %SECURITY-RADIUSD-3-SERVER_MUTEX_INIT_FAILED EM-2460 %SECURITY-RADIUSD-3-SETPRIO_FAILED EM-2460 %SECURITY-RADIUSD-3-SHUTDOWN_ERROR EM-2460 %SECURITY-RADIUSD-3-STARTUP_ERROR EM-2460 %SECURITY-RADIUSD-3-VSA_FORMAT_ERR1 EM-2460 %SECURITY-RADIUSD-3-VSA_FORMAT_ERR2 EM-2461 %SECURITY-RADIUSD-3-VSA_FORMAT_ERR3 EM-2461 %SECURITY-RADIUSD-3-VSA_FORMAT_ERR4 EM-2461 %SECURITY-RADIUSD-3-VSA_FORMAT_ERR5 EM-2461 %SECURITY-RADIUSD-3-VSA_NOTFOUND EM-2461 %SECURITY-RADIUSD-3-VSA_TABLE_ERROR EM-2462 %SECURITY-RADIUSD-3-ZERO_TIMER_REPEATEDLY_EXP IRING_ERROR EM-2462Index EM-2731 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SECURITY-RADIUSD-4-CERR_REGISTER EM-2462 %SECURITY-RADIUSD-4-IFHANDLE_NULL EM-2462 %SECURITY-RADIUSD-4-IP_ADDRESS_NOT_FOUND EM- 2462 %SECURITY-RADIUSD-4-NO_IP_ADDRESS EM-2463 %SECURITY-RADIUSD-4-NOSUCH_INTF EM-2463 %SECURITY-RADIUSD-4-RADIUS_NOSERV EM-2463 %SECURITY-RADIUSD-4-SRCINTF_NOTUP EM-2463 %SECURITY-RADIUSD-6-BAD_ATTR_LENGTH EM-2463 %SECURITY-RADIUSD-6-BAD_ATTR_TYPE EM-2464 %SECURITY-RADIUSD-6-ERR_ACCT_ID EM-2464 %SECURITY-RADIUSD-6-ERR_BAD_REPLY_ATTR EM-24 64 %SECURITY-RADIUSD-6-ERR_BAD_SESSID_ATTR EM-24 64 %SECURITY-RADIUSD-6-ERR_LEAFTIMER EM-2464 %SECURITY-RADIUSD-6-ERR_SOCKET_BIND_FAIL EM-2 465 %SECURITY-RADIUSD-6-ERR_SOCKETFAIL EM-2465 %SECURITY-RADIUSD-6-EVENT_CONN_DESTROY_FAILE D EM-2465 %SECURITY-RADIUSD-6-EVENT_CONN_INIT_FAILED E M-2465 %SECURITY-RADIUSD-6-GOT_CISCO_VSA EM-2465 %SECURITY-RADIUSD-6-INTRFC_STATE_QUERY_FAILED EM-2466 %SECURITY-RADIUSD-6-INVALID_AUTHOR_TYPE EM-2 466 %SECURITY-RADIUSD-6-INVALID_VSA EM-2466 %SECURITY-RADIUSD-6-LEN_TOO_LONG EM-2466 %SECURITY-RADIUSD-6-SNPRINTF_FAIL EM-2466 %SECURITY-RADIUSD-6-UNSUPPORTED_VENDOR EM-2 467 %SECURITY-RADIUSD-7-GENERIC_ERROR EM-2467 %SECURITY-SAM-3-ERR_COPY_CRL EM-2467 %SECURITY-SAM-3-ERR_DEL_CA_CERT EM-2467 %SECURITY-SAM-3-ERR_FILE_MD5 EM-2468 %SECURITY-SAM-3-ERR_INVALID_DEVICE EM-2468 %SECURITY-SAM-3-ERR_NO_DIGESTINDEX_VALUE EM -2468 %SECURITY-SAM-3-ERR_NO_MEMORY EM-2468 %SECURITY-SAM-3-ERR_OPEN_FILE EM-2468 %SECURITY-SAM-3-ERR_REG_MSGNO EM-2469 %SECURITY-SAM-3-ERR_RESTORE_LOG_ENCODE EM-24 69 %SECURITY-SAM-3-ERR_SYSDB_GET EM-2469 %SECURITY-SAM-3-ERR_SYSDB_SET EM-2469 %SECURITY-SAM-3-ERR_WR_FILE EM-2469 %SECURITY-SAM-3-WARN_NVRAM EM-2470 %SECURITY-SAM-3-WARN_SPM EM-2470 %SECURITY-SAM-4-CAUGHT_SIGNAL EM-2470 %SECURITY-SAM-4-NO_BK_LOG EM-2470 %SECURITY-SAM-4-SYSDB_INTEGRITY EM-2471 %SECURITY-SAM-4-WARN_CA_CERT_EXPIRED EM-2471 %SECURITY-SAM-4-WARN_CSS_CERT_EXPIRED EM-2471 %SECURITY-SAM-6-ERR_1_PARAM EM-2471 %SECURITY-SAM-6-ERR_2_PARAM EM-2472 %SECURITY-SAM-6-WARN_CHANGE_NOT_PERSISTENT EM-2472 %SECURITY-SAM-6-WARN_DIGEST_FILE_MISSING EM-2 472 %SECURITY-SAM-6-WARN_DIGEST_FILE_REINIT EM-247 2 %SECURITY-SAM-6-WARN_INIT_LOG_BACKUP_FILE E M-2472 %SECURITY-SAM-6-WARN_MEM_DIGEST EM-2473 %SECURITY-SAM-6-WARNING EM-2473 %SECURITY-SAM-6-WARNING_INSECURE_FLASH_FILE EM-2473 %SECURITY-SAM-6-WARNING_UNMATCH_DIGEST EM-2 473 %SECURITY-SANOS-0-FW_ADMIN_EMERG EM-2473 %SECURITY-SANOS-0-FW_APP_EMERG EM-2474 %SECURITY-SANOS-0-FW_KERNEL_EMERG EM-2474 %SECURITY-SANOS-1-FW_ADMIN_ALERT EM-2474 %SECURITY-SANOS-1-FW_APP_ALERT EM-2474 %SECURITY-SANOS-1-FW_KERNEL_ALERT EM-2474 %SECURITY-SANOS-2-FW_ADMIN_CRIT EM-2474 %SECURITY-SANOS-2-FW_APP_CRIT EM-2475 %SECURITY-SANOS-2-FW_KERNEL_CRIT EM-2475 %SECURITY-SANOS-3-BOOT_LOAD_ERR EM-2475 %SECURITY-SANOS-3-CLOCK_UPDATE_FAIL EM-2475 %SECURITY-SANOS-3-EVENT EM-2475 %SECURITY-SANOS-3-FW_ADMIN_ERR EM-2475 %SECURITY-SANOS-3-FW_APP_ERR EM-2476 %SECURITY-SANOS-3-FW_KERNEL_ERR EM-2476 %SECURITY-SANOS-3-INIT EM-2476 %SECURITY-SANOS-4-ATTACH_INIT EM-2476 %SECURITY-SANOS-4-BOOT_IMAGE_ERR EM-2476 %SECURITY-SANOS-4-CONNECT EM-2476 %SECURITY-SANOS-4-FW_ADMIN_WARNING EM-2477 %SECURITY-SANOS-4-FW_APP_WARNING EM-2477 %SECURITY-SANOS-4-FW_KERNEL_WARNING EM-2477 %SECURITY-SANOS-4-IPCP EM-2477 %SECURITY-SANOS-4-IPCP_INVALID_ATTACH_MSG EM -2477 %SECURITY-SANOS-4-IPCP_INVALID_SYSLOG_MSG EM -2477 %SECURITY-SANOS-5-FW_ADMIN_NOTICE EM-2478 %SECURITY-SANOS-5-FW_APP_NOTICE EM-2478 %SECURITY-SANOS-5-FW_KERNEL_NOTICE EM-2478 %SECURITY-SANOS-6-BOOT_IMAGE_STATUS EM-2478 %SECURITY-SANOS-6-BOOT_LOAD_STATUS EM-2478 %SECURITY-SANOS-6-FW_ADMIN_INFO EM-2478 %SECURITY-SANOS-6-FW_APP_INFO EM-2479 %SECURITY-SANOS-6-FW_KERNEL_INFO EM-2479 %SECURITY-SANOS-7-FW_ADMIN_DEBUG EM-2479 %SECURITY-SANOS-7-FW_APP_DEBUG EM-2479 %SECURITY-SANOS-7-FW_KERNEL_DEBUG EM-2479 %SECURITY-sIMP-3-FATAL_ERR EM-2479 %SECURITY-sIMP-4-ITI_WARN EM-2480 %SECURITY-sIMP-4-MSG_WARN EM-2480 %SECURITY-SPM-3-ERR_CHAN_CONNECT EM-2480 %SECURITY-SPM-3-ERR_ENTRY_FIND EM-2480 %SECURITY-SPM-3-ERR_INVALID_EVENT EM-2480 %SECURITY-SPM-3-ERR_MALLOC EM-2481Index EM-2732 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SECURITY-SPM-3-ERR_MSG_GEN EM-2481 %SECURITY-SPM-3-ERR_OPEN_SECURE EM-2481 %SECURITY-SPM-3-ERR_PTHREAD_CREATE EM-2481 %SECURITY-SPM-3-ERR_PTHREAD_INIT EM-2481 %SECURITY-SPM-3-ERR_PTHREAD_SET EM-2482 %SECURITY-SPM-3-ERR_PULSE_CODE EM-2482 %SECURITY-SPM-3-ERR_REG_HANDLER EM-2482 %SECURITY-SPM-3-ERR_REG_MSG EM-2482 %SECURITY-SPM-3-ERR_REPLY_FAIL EM-2482 %SECURITY-SPM-3-ERR_TOKEN_MISMATCH EM-2483 %SECURITY-SSHD-3-ERR_DETAILS EM-2483 %SECURITY-SSHD-3-ERR_ERRNO EM-2483 %SECURITY-SSHD-3-ERR_GENERAL EM-2483 %SECURITY-SSHD-3-ERR_MALLOC EM-2483 %SECURITY-SSHD-3-ERR_SYSDB_BIND EM-2484 %SECURITY-SSHD-3-ERR_SYSDB_DATALIST EM-2484 %SECURITY-SSHD-3-ERR_SYSDB_DELETE EM-2484 %SECURITY-SSHD-3-ERR_SYSDB_PACK EM-2484 %SECURITY-SSHD-3-ERR_SYSDB_SET EM-2484 %SECURITY-SSHD-6-INFO_GENERAL EM-2485 %SECURITY-TACACSD-2-SERVER_UP EM-2485 %SECURITY-TACACSD-3-BAG_ENCODE_ERR EM-2485 %SECURITY-TACACSD-3-BAGS_UNREG_ERR EM-2485 %SECURITY-TACACSD-3-DEBUG_ERROR EM-2485 %SECURITY-TACACSD-3-EDM_INIT_ERR EM-2486 %SECURITY-TACACSD-3-ERR_ATTACH_SOCK EM-2486 %SECURITY-TACACSD-3-ERR_CONFIG_GLOBAL EM-248 6 %SECURITY-TACACSD-3-ERR_CONFIG_SERVER EM-2486 %SECURITY-TACACSD-3-ERR_CREATE_SERVER_ENTRY EM-2486 %SECURITY-TACACSD-3-ERR_CREATE_SGSERVER EM-2 487 %SECURITY-TACACSD-3-ERR_CREATESG EM-2487 %SECURITY-TACACSD-3-ERR_DELETE_SGSERVER EM-2 487 %SECURITY-TACACSD-3-ERR_DELETESG EM-2487 %SECURITY-TACACSD-3-ERR_SYSDBBIND EM-2487 %SECURITY-TACACSD-3-MEMORY EM-2488 %SECURITY-TACACSD-3-MSG_ERROR EM-2488 %SECURITY-TACACSD-3-MSG_SIZE_ERR EM-2488 %SECURITY-TACACSD-3-PARAMETER EM-2488 %SECURITY-TACACSD-3-PROBE_THREAD_CREATE_FAIL ED EM-2488 %SECURITY-TACACSD-3-SETPRIO_FAILED EM-2489 %SECURITY-TACACSD-3-SHUTDOWN_ERROR EM-2489 %SECURITY-TACACSD-3-STARTUP_ERROR EM-2489 %SECURITY-TACACSD-4-CERR_REGISTER EM-2489 %SECURITY-TACACSD-4-IFHANDLE_NULL EM-2489 %SECURITY-TACACSD-4-NO_IP_ADDRESS EM-2490 %SECURITY-TACACSD-4-NOSUCH_INTF EM-2490 %SECURITY-TACACSD-4-SRCINTF_NOTUP EM-2490 %SECURITY-TACACSD-4-TACACS_NOSERV EM-2490 %SECURITY-TACACSD-6-NO_CMD EM-2490 %SECURITY-TACACSD-6-NULL_REQ EM-2491 %SECURITY-TACACSD-6-SERVER_DOWN EM-2491 %SECURITY-TACACSD-6-TIMEOUT_IGNORED EM-2491 %SECURITY-TACACSD-7-GENERIC_ERROR EM-2491 %SECURITY-VFW-3-FAA_FA_CB EM-2492 %SECURITY-VFW-3-FMI_NETIO_DROPPED_PACKETS E M-2492 %SECURITY-VFW-3-FWC_AVL_DELETE_FAILED EM-2492 %SECURITY-VFW-3-FWC_DB_CREATE_FAIL EM-2493 %SECURITY-VFW-3-FWC_FWS_CFG_UPDATE_FAIL EM-2 493 %SECURITY-VFW-3-FWC_FWS_FW_NOTFOUND EM-2493 %SECURITY-VFW-3-FWC_INIT EM-2493 %SECURITY-VFW-3-FWC_INTF_FW_NOTFOUND EM-2494 %SECURITY-VFW-3-FWC_SPU_CLEAR_FAIL EM-2494 %SECURITY-VFW-3-FWC_SSC_UPDATE_FAIL EM-2494 %SECURITY-VFW-3-FWC_WAVL_DELETE_FAILED EM-2 494 %SECURITY-VFW-3-FWM_INIT EM-2495 %SECURITY-VFW-4-EXITING EM-2495 %SECURITY-VFW-4-FWC_CONFIG_ERR EM-2495 %SECURITY-VFW-4-FWC_EVENT_CONN_ERROR_FAIL E M-2495 %SECURITY-VFW-4-FWC_FMI_IFH_MISMATCH EM-2496 %SECURITY-VFW-4-FWC_FMI_INFO_UPDATE EM-2496 %SECURITY-VFW-4-FWC_FW_APP_BAD_VERSION EM-24 96 %SECURITY-VFW-4-FWC_FW_APP_RECV_FAILED EM-24 96 %SECURITY-VFW-4-FWC_INTF_DB_INFO_ALREADY_SET EM-2497 %SECURITY-VFW-4-FWC_INTF_IFH_MISMATCH EM-2497 %SECURITY-VFW-4-FWC_REMOVE_ATTACHMENT EM-2 497 %SECURITY-VFW-4-LOST_EVENT EM-2497 %SECURITY-VFW-6-FMI_CONFLICTING_CONFIG EM-249 8 %SERVICES-IPSEC_SVI_EA-3-INITFAIL EM-2499 %SERVICES-IPSEC_SVI_EA-3-INTERNAL EM-2499 %SERVICES-IPSEC_SVI_EA-3-INTERNAL_ERR EM-2500 %SERVICES-IPSEC_SVI_EA-3-LINK_FAIL EM-2500 %SERVICES-IPSEC_SVI_EA-3-NOT_FOUND EM-2500 %SERVICES-IPSEC_SVI_EA-3-SSC_SEND EM-2500 %SERVICES-IPSEC_SVI_EA-3-SSC_SEND_SRV EM-2501 %SERVICES-IPSEC_SVI_EA-3-STATE_CHANGE EM-2501 %SERVICES-IPSEC_SVI_NETIO-3-INIT_DEBUG EM-2501 %SERVICES-IPSEC_SVI_NETIO-3-INIT_TRACE EM-2502 %SERVICES-IPSEC_SVIA-4-TUNNEL_SOURCE_CONFLICT EM-2502 %SERVICES-OT-3-ERROR EM-2502 %SERVICES-OT-4-WARNING EM-2502 %SERVICES-OT-6-TRACK_INFO EM-2503 %SERVICES-rspp_drop-3-DEBUG EM-2503 %SERVICES-rspp_drop-3-DIVERT EM-2503 %SERVICES-rspp_drop-3-INIT EM-2503 %SERVICES-rspp_drop-3-UNDIVERT EM-2504 %SERVICES-RSPP_MA-2-IMP_FAILED EM-2504 %SERVICES-RSPP_MA-3-EVENT EM-2504 %SERVICES-RSPP_MA-3-IMP_ERROR EM-2504 %SERVICES-RSPP_MA-3-INIT EM-2505 %SERVICES-RSPP_MA-3-INIT_NON_FATAL EM-2505 %SERVICES-RSPP_MA-3-LCFG_DELETE EM-2505Index EM-2733 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SERVICES-RSPP_MA-3-LCFG_UPDATE EM-2506 %SERVICES-RSPP_MA-3-NO_VFW EM-2506 %SERVICES-RSPP_MA-3-PUBLISH_DELETE EM-2506 %SERVICES-RSPP_MA-3-PUBLISH_UPDATE EM-2507 %SERVICES-RSPP_MA-3-RCFG EM-2507 %SERVICES-RSPP_MA-3-RCFG_REFRESH EM-2507 %SERVICES-RSPP_MA-4-DUP_CREATE EM-2508 %SERVICES-RSPP_MA-4-DUP_CREATE_ERR EM-2508 %SERVICES-RSPP_MA-4-DUP_REMOVE EM-2508 %SERVICES-RSPP_MA-4-DUP_REMOVE_ERR EM-2508 %SERVICES-RSPP_MA-4-FA_BATCH_ERR EM-2509 %SERVICES-RSPP_MA-4-RCFG_BATCH EM-2509 %SERVICES-RSPP_MA-4-RED_STATE_ERR EM-2509 %SERVICES-RSPP_MA-4-RED_STATE_UNK EM-2510 %SERVICES-RSPP_MA-4-RESYNC_FAILED EM-2510 %SERVICES-RSPP_MA-4-SD_BATCH_ERR EM-2510 %SERVICES-RSPP_MA-4-SD_ERR EM-2511 %SERVICES-RSPP_MA-6-IMP_ERROR_CLEARED EM-2511 %SERVICES-RSPP_MA-6-PROBLEM_EXITING EM-2511 %SERVICES-RSPP_REPO-3-DUAL_ERR EM-2512 %SERVICES-RSPP_REPO-3-INIT EM-2512 %SERVICES-RSPP_REPO-3-INIT_MSG EM-2512 %SERVICES-RSPP_REPO-3-TWEAK_ERR EM-2512 %SERVICES-RSPP_REPO-3-UPDATE_MSG EM-2513 %SERVICES-RSPP_REX-3-EDM EM-2513 %SERVICES-RSPP_REX-3-IMP_CONNECT EM-2513 %SERVICES-RSPP_REX-3-INIT EM-2513 %SERVICES-RSPP_REX-3-MEM EM-2514 %SERVICES-RSPP_REX-3-MSG_REPLY EM-2514 %SERVICES-RSPP_REX-3-SYSDB EM-2514 %SERVICES-RSPP_REX-6-CORE EM-2514 %SERVICES-RSPP_RIO_EA-3-DEBUG EM-2515 %SERVICES-RSPP_RIO_EA-3-DM_REMOVE EM-2515 %SERVICES-RSPP_RIO_EA-3-EDM EM-2515 %SERVICES-RSPP_RIO_EA-3-EVENT_BLOCK EM-2515 %SERVICES-RSPP_RIO_EA-3-EVM_CREATE_FAILED EM- 2516 %SERVICES-RSPP_RIO_EA-3-FM_INIT_REPLAY EM-2516 %SERVICES-RSPP_RIO_EA-3-IMP_INIT_ERR EM-2516 %SERVICES-RSPP_RIO_EA-3-INIT_FAILED EM-2516 %SERVICES-RSPP_RIO_EA-3-MEM EM-2517 %SERVICES-RSPP_RIO_EA-3-TRACE EM-2517 %SERVICES-RSPP_RIO_EA-6-CORE EM-2517 %SERVICES-rspp_rio_netio-3-CAPS_BUILDER_FAILED EM- 2517 %SERVICES-rspp_rio_netio-3-CAPS_CONTROL_FAILED E M-2518 %SERVICES-rspp_rio_netio-3-CAPS_UNBUILDER_FAILED EM-2518 %SERVICES-rspp_rio_netio-3-INIT_DEBUG EM-2518 %SERVICES-rspp_rio_netio-3-INIT_TRACE EM-2518 %SERVICES-rspp_rio_netio-3-SUBBLOCK_REG_FAILED E M-2518 %SERVICES-rspp_rio_netio-3-TERM_FAILED EM-2519 %SERVICES-RSPP_ROXI-3-IMP_CONNECT EM-2519 %SERVICES-RSPP_ROXI-3-INIT EM-2519 %SERVICES-RSPP_ROXI-3-MEM EM-2519 %SERVICES-RSPP_ROXI-3-REPLICATE EM-2520 %SERVICES-SBC_MPF-6-INFO EM-2520 %SERVICES-SBC_PROC-6-INFO EM-2520 %SERVICES-SBC_RSRCMON-1-ALERT EM-2521 %SERVICES-SBC_RSRCMON-2-WARNING EM-2521 %SERVICES-SBC_RSRCMON-6-INFO EM-2521 %SERVICES-SBC_RSRCMON-7-DEBUG EM-2521 %SERVICES-SBC-1-L1 EM-2522 %SERVICES-SBC-2-L2 EM-2522 %SERVICES-SBC-3-L3 EM-2522 %SERVICES-SBC-6-L6 EM-2522 %SERVICES-SBCSVI_BILLING-3-CONFERR EM-2523 %SERVICES-SBCSVI_BILLING-3-PATHERR EM-2523 %SERVICES-SBCSVI_BILLING-4-PATHWARN EM-2523 %SERVICES-SBCSVI_BILLING-5-PATHSTATUS EM-2523 %SERVICES-SBCSVI_EA-3-INITFAIL EM-2524 %SERVICES-SBCSVI_EA-3-INTERNAL EM-2524 %SERVICES-SBCSVI_EA-3-INTERNAL_ERR EM-2524 %SERVICES-SBCSVI_EA-3-LINK_FAIL EM-2524 %SERVICES-SBCSVI_EA-3-NOT_FOUND EM-2525 %SERVICES-SBCSVI_EA-3-SSC_SEND EM-2525 %SERVICES-SBCSVI_EA-3-SSC_SEND_SRV EM-2525 %SERVICES-SBCSVI_EA-3-STATE_CHANGE EM-2525 %SERVICES-SBCSVI_NETIO-3-INIT_DEBUG EM-2526 %SERVICES-SBCSVI_NETIO-3-INIT_TRACE EM-2526 %SERVICES-SD_COMMON-3-SEND_FAILED EM-2526 %SERVICES-SD-3-ASSERT EM-2527 %SERVICES-SD-3-INIT_FAILED EM-2527 %SERVICES-SD-3-LOOP_FAILED EM-2527 %SERVICES-SD-3-NOMEM EM-2527 %SERVICES-SD-3-SYSMGR_FAIL EM-2528 %SERVICES-SD-4-INVALID_FIND_SERVICE EM-2528 %SERVICES-SD-4-WRONG_SSC EM-2528 %SERVICES-SD-6-RESTART_SELF EM-2528 %SERVICES-SESVI_EA-3-INITFAIL EM-2529 %SERVICES-SESVI_EA-3-INTERNAL EM-2529 %SERVICES-SESVI_EA-3-INTERNAL_ERR EM-2529 %SERVICES-SESVI_EA-3-LINK_FAIL EM-2530 %SERVICES-SESVI_EA-3-NOT_FOUND EM-2530 %SERVICES-SESVI_EA-3-SSC_SEND EM-2530 %SERVICES-SESVI_EA-3-SSC_SEND_SRV EM-2530 %SERVICES-SESVI_EA-3-STATE_CHANGE EM-2531 %SERVICES-SESVI_NETIO-3-INIT_DEBUG EM-2531 %SERVICES-SESVI_NETIO-3-INIT_TRACE EM-2531 %SERVICES-SRD_AGENT-6-NODE_REBOOTING EM-2532 %SERVICES-SRD_LIB-4-NOTIFICATION_FAILED EM-2532 %SERVICES-SRD-3-ASSERT EM-2532 %SERVICES-SRD-3-INIT_FAILED EM-2533 %SERVICES-SRD-3-LOOP_FAILED EM-2533 %SERVICES-SRD-3-NOMEM EM-2533 %SERVICES-SRD-4-CARD_NOT_PRESENT EM-2533 %SERVICES-SRD-4-ERROR_PROCESSING_LRD_EVENT E M-2534 %SERVICES-SRD-4-ERROR_STARTING_AGENT EM-2534 %SERVICES-SRD-4-MISSING_TIMER_CONTEXT EM-2534 %SERVICES-SVII_EA_GSR-3-INTF_EXIST EM-2535 %SERVICES-SVII_EA_GSR-3-NOMEM EM-2535 %SERVICES-SVII_EA_STATS-3-CHKPT_GET_FAILURE E M-2535Index EM-2734 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SERVICES-SVII_EA-3-EVENT EM-2536 %SERVICES-SVII_EA-3-FORWARDER_CONNECTION EM- 2536 %SERVICES-SVII_EA-3-INIT EM-2536 %SERVICES-SVII_EA-3-SEND_FAILED EM-2536 %SERVICES-SVII_EA-3-SYSMGR EM-2537 %SERVICES-SVII_LRD_SPA-3-STATE_UPDATE EM-2537 %SERVICES-SVII_MGR-3-ACTIVATE EM-2537 %SERVICES-SVII_MGR-3-EVENT EM-2537 %SERVICES-SVII_MGR-3-EXITING EM-2538 %SERVICES-SVII_MGR-3-IM_STATE_SYNC_ERROR EM-2 538 %SERVICES-SVII_MGR-3-INIT EM-2538 %SERVICES-SVII_MGR-3-INIT_ENS EM-2538 %SERVICES-SVII_MGR-3-SEND_FAILED EM-2539 %SERVICES-SVII_MGR-3-SVIA_INTF_STATE_ERROR EM- 2539 %SERVICES-SVII_MGR-3-SYSMGR EM-2539 %SERVICES-VASI_EA-3-ADJACENCY EM-2540 %SERVICES-VASI_EA-3-INITFAIL EM-2540 %SERVICES-VASI_EA-3-INTERNAL EM-2540 %SERVICES-VASI_EA-3-INTERNAL_ERR EM-2540 %SERVICES-VASI_EA-3-LINK_FAIL EM-2541 %SERVICES-VASI_EA-3-NOMEM EM-2541 %SERVICES-VASI_EA-3-NOT_FOUND EM-2541 %SERVICES-VASI_EA-3-SSC_SEND EM-2541 %SERVICES-VASI_EA-3-SSC_SEND_SRV EM-2542 %SERVICES-VASI_EA-3-STATE_CHANGE EM-2542 %SERVICES-VASI_EA-3-SVI_HW_UPD_FAIL EM-2542 %SERVICES-VASI_MA-3-INIT EM-2542 %SERVICES-VASI_MA-3-INTF_CREATE_FAIL EM-2543 %SERVICES-VASI_NETIO-3-DROPPED_PACKETS EM-2543 %SERVICES-VASI_NETIO-3-INIT_DEBUG EM-2543 %SERVICES-VASI_NETIO-3-INIT_TRACE EM-2543 %SNMP-ATM_MIB-3-INIT_ERR EM-2545 %SNMP-ATMSNMP-3-IFMGR EM-2545 %SNMP-ATMSNMP-3-info EM-2546 %SNMP-ATMSNMP-3-SYSDB EM-2546 %SNMP-BULKFILEMIB-3-ERR_MEM_ALLOC EM-2546 %SNMP-BULKFILEMIB-3-ERR_THREAD_CREATE EM-254 6 %SNMP-CBQOSMIB-3-ERR_MEM_ALLOC EM-2547 %SNMP-CBQOSMIB-3-ERR_MUTEX EM-2547 %SNMP-CISCOBGPPAMIB-3-ERR_MEM_ALLOC EM-2547 %SNMP-CISCOPROCESSMIB-3-ERR_MEM_ALLOC EM-254 7 %SNMP-CISCOSYSTEMMIB-3-CLOCK EM-2548 %SNMP-CISCOSYSTEMMIB-3-EVENT_ASYNC_ALLOC E M-2548 %SNMP-CISCOSYSTEMMIB-3-SPAWN EM-2548 %SNMP-CISCOSYSTEMMIB-3-SYSDB_ACCESS EM-2548 %SNMP-CISCOSYSTEMMIB-3-TARGET_CFG_PROBLEM E M-2549 %SNMP-CISCOSYSTEMMIB-3-TIMER EM-2549 %SNMP-CISCOSYSTEMMIB-7-CREATE_EVM EM-2549 %SNMP-COPYMIB-3-ENTRYNONE EM-2549 %SNMP-COPYMIB-3-ERR_MEM_ALLOC EM-2549 %SNMP-CSCMIB-7-CSC_ASSERT EM-2550 %SNMP-CSCMIB-7-CSC_BAG EM-2550 %SNMP-CSCMIB-7-CSC_OCTETSTRING EM-2550 %SNMP-CSCMIB-7-CSC_SNMP EM-2550 %SNMP-CSCMIB-7-INVALID_ARG EM-2551 %SNMP-CSCMIB-7-NOMEM EM-2551 %SNMP-CSCMIB-7-SYSDB_ACCESS EM-2551 %SNMP-CSCMIB-7-SYSDB_BIND EM-2551 %SNMP-FTPCLIENTMIB-3-NOMEM EM-2552 %SNMP-FTPCLIENTMIB-3-NOTHREADCREATE EM-2552 %SNMP-HSRPMIB-3-ERR_CONN EM-2552 %SNMP-HSRPMIB-4-WARN_DEBUG EM-2552 %SNMP-HSRPMIB-4-WARN_NOTIFY EM-2553 %SNMP-HSRPMIB-4-WARN_OID EM-2553 %SNMP-IFINDEX_PROVIDER-3-IFNAME_TO_INDEX EM-2 553 %SNMP-IFINDEX_PROVIDER-3-SERVER_ERROR EM-2553 %SNMP-IFINDEX_PROVIDER-7-INTERNAL EM-2554 %SNMP-IFINDEX_PROVIDER-7-LTRACE_INIT_ERROR E M-2554 %SNMP-IFMIB-3-ERR_MEM_ALLOC EM-2554 %SNMP-IFMIB-3-ERR_REGEXP_COMP EM-2554 %SNMP-IFMIB-3-ERR_SYSDB EM-2554 %SNMP-IFMIB-3-GEN_ERROR EM-2555 %SNMP-IFMIB-4-ERR_SYSDB_APPLY EM-2555 %SNMP-IFMIB-4-ERR_SYSDB_REGISTER EM-2555 %SNMP-IPMIB-3-BAG EM-2555 %SNMP-IPMIB-3-SYSDB_ACCESS EM-2556 %SNMP-LIBSNMP-3-NOMEM_FOR_INIT EM-2556 %SNMP-MIB-3-BADTRANSPORT EM-2556 %SNMP-MIB-3-CHKPT EM-2556 %SNMP-MIB-3-NOINIT EM-2557 %SNMP-MIB-3-SYSUPTIME EM-2557 %SNMP-NLMMIB-3-ERR_MEM_ALLOC EM-2557 %SNMP-PINGMIB-3-BADID EM-2557 %SNMP-PINGMIB-3-BAG EM-2558 %SNMP-PINGMIB-3-ENTRYNONE EM-2558 %SNMP-PINGMIB-3-EVENT_BLOCK EM-2558 %SNMP-PINGMIB-3-INIT EM-2558 %SNMP-PINGMIB-3-MSGFAIL EM-2558 %SNMP-PINGMIB-3-MUTEX_INIT EM-2559 %SNMP-PINGMIB-3-NOMEM EM-2559 %SNMP-PINGMIB-3-NOTHREADCREATE EM-2559 %SNMP-PINGMIB-3-PTHREAD_COND_INIT EM-2559 %SNMP-PINGMIB-3-SYSDB_ACCESS EM-2559 %SNMP-PINGMIB-3-SYSMGR_PROC_READY EM-2560 %SNMP-PINGMIB-3-TIMER EM-2560 %SNMP-PINGMIB-3-TIMERNOMEM EM-2560 %SNMP-PINGMIB-3-TIMERNONE EM-2560 %SNMP-PINGMIB-3-TRAPOID EM-2560 %SNMP-PINGMIB-3-UNKNOWNMSG EM-2561 %SNMP-PINGMIB-7-DEBUG_REGISTER EM-2561 %SNMP-QOSMIB-3-ERR_MEM_ALLOC EM-2561 %SNMP-QOSMIB-3-ERR_NO_ENT EM-2561 %SNMP-SNMP_IPC-4-ERR_MEM EM-2562 %SNMP-SNMP_IPC-4-INTERNAL EM-2562 %SNMP-SNMP-3-CONFIGFAIL EM-2562 %SNMP-SNMP-3-DATASIZE EM-2562 %SNMP-SNMP-3-ERR_DLL_LOAD EM-2563Index EM-2735 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SNMP-SNMP-3-ERR_DLL_UNKNOWN EM-2563 %SNMP-SNMP-3-ERR_EVM_EVENT_BLOCK EM-2563 %SNMP-SNMP-3-ERR_MEM_ALLOC EM-2563 %SNMP-SNMP-3-ERR_SYSDB_BIND EM-2564 %SNMP-SNMP-3-ERR_SYSDB_GET EM-2564 %SNMP-SNMP-3-ERR_SYSDB_LIST EM-2564 %SNMP-SNMP-3-INIT EM-2564 %SNMP-SNMP-3-INTERNAL EM-2565 %SNMP-SNMP-3-INTERNAL_TUPLE_ERROR EM-2565 %SNMP-SNMP-3-MIBCFGERR EM-2565 %SNMP-SNMP-3-NOTIFOID_FAILED EM-2565 %SNMP-SNMP-3-PERSISTENCE_FILE_LOCATION_GET_ER R EM-2566 %SNMP-SNMP-3-SUBAGT EM-2566 %SNMP-SNMP-3-TARGETNONE EM-2566 %SNMP-SNMP-3-TRANSPORTIO EM-2566 %SNMP-SNMP-3-TRAPSEND EM-2567 %SNMP-SNMP-3-TUPLEVALUE EM-2567 %SNMP-SNMP-4-CONFIGOPEN EM-2567 %SNMP-SNMP-4-DEBUGDUP EM-2567 %SNMP-SNMP-4-DEBUGFAIL EM-2567 %SNMP-SNMP-4-ENABLEFAILED EM-2568 %SNMP-SNMP-4-ENABLENOTSUPPORTED EM-2568 %SNMP-SNMP-4-ENABLETRAPSTWICE EM-2568 %SNMP-SNMP-4-EXCEEDEDSIZE EM-2568 %SNMP-SNMP-4-INCOMING_QUEUE_FULL EM-2569 %SNMP-SNMP-4-INIT_WARN EM-2569 %SNMP-SNMP-4-NOTIFYTWICE EM-2569 %SNMP-SNMP-4-RESPONSE EM-2569 %SNMP-SNMP-4-TARGETINUSE EM-2569 %SNMP-SNMP-4-TIMER EM-2570 %SNMP-SNMP-4-TRAPEMPTY EM-2570 %SNMP-SNMP-4-VIEWFAIL EM-2570 %SNMP-SNMP-4-VIEWOID_NOT_FOUND EM-2570 %SNMP-SNMP-4-WARN_BAG_REG EM-2571 %SNMP-SNMP-4-WARN_MEM_ALLOC EM-2571 %SNMP-SNMP-4-WARN_SYSDB_BAG_ENCODE EM-2571 %SNMP-SNMP-4-WARN_SYSDB_EDM_REG EM-2571 %SNMP-SNMP-4-WARN_SYSDB_NOTIFY EM-2572 %SNMP-SNMP-7-DEBUGINIT EM-2572 %SNMP-SNMP-7-ERR_NOTFOUND EM-2572 %SNMP-SNMP-7-MIBINSTALL EM-2572 %SNMP-SNMP-7-PERSISTENCE_FILE_MISSING EM-2572 %SNMP-SONETMIB-3-BAG EM-2573 %SNMP-SONETMIB-3-BAG EM-2573 %SNMP-SONETMIB-3-NOMEM_ERROR EM-2573 %SNMP-SONETMIB-3-NOMEM_ERROR EM-2573 %SNMP-SONETMIB-3-SYSDB_ACCESS EM-2573 %SNMP-SONETMIB-3-SYSDB_ACCESS EM-2574 %SNMP-SONETMIBAPI-2-THREAD_CREATE EM-2574 %SNMP-SONETMIBAPI-3-BAG EM-2574 %SNMP-SONETMIBAPI-3-EVM_CREATE_ERR EM-2574 %SNMP-SONETMIBAPI-3-NOMEM_ERROR EM-2574 %SNMP-SONETMIBAPI-3-SYSDB_ACCESS EM-2575 %SNMP-SONETMIBCORE-2-THREAD_CREATE EM-2575 %SNMP-SONETMIBCORE-3-BAG EM-2575 %SNMP-SONETMIBCORE-3-EVM_CREATE_ERR EM-2575 %SNMP-SONETMIBCORE-3-NOMEM_ERROR EM-2575 %SNMP-SONETMIBCORE-3-SYSDB_ACCESS EM-2576 %SNMP-SONETMIBCORE-7-DEBUG EM-2576 %SNMP-SONETMIBCORE-7-DEBUG2 EM-2576 %SNMP-SONETMIBCORE-7-ERROR EM-2576 %SNMP-SONETMIBCORE-7-STATUS EM-2576 %SNMP-SYSLOGMIB-3-NOMEM EM-2577 %SNMP-SYSLOGMIB-3-PARSEERROR EM-2577 %SNMP-SYSLOGMIB-3-SYSDBERROR EM-2577 %SNMP-SYSLOGMIB-3-TARGET_CFG_PROBLEM EM-2577 %SNMP-UDPSNMP-3-ERR_MEM_ALLOC EM-2578 %SNMP-UDPSNMP-3-ERR_SYSDB_ACCESS EM-2578 %SNMP-UDPSNMP-3-ERR_SYSDB_BIND EM-2578 %SNMP-UDPSNMP-3-ERR_SYSDB_REG EM-2578 %SNMP-UDPSNMP-3-INIT EM-2579 %SNMP-UDPSNMP-3-SYSTEM EM-2579 %SNMP-UDPSNMP-4-AGENTIO_WARN EM-2579 %SNMP-UDPSNMP-4-NOVRF EM-2579 %SNMP-UDPSNMP-4-SYSMGR_INFORM EM-2580 %SNMP-UDPSNMP-7-INTERNAL_ERROR EM-2580 %SNMP-UTIL-3-NOINIT EM-2580 %SNMP-VLANIFMIB-4-BAG EM-2581 %SNMP-VLANIFMIB-4-GEN EM-2581 %SNMP-VLANIFMIB-4-MEMORY EM-2581 %SNMP-VLANIFMIB-4-MIBLIB EM-2581 %SNMP-VLANIFMIB-4-SYSDB_ACCESS EM-2582 %SYSDB-BACKEND-7-INTERNAL EM-2583 %SYSDB-BACKEND-7-INTERNAL_PATH EM-2583 %SYSDB-BACKEND-7-INVALIDARG EM-2583 %SYSDB-BACKEND-7-INVALIDARG_PATH EM-2584 %SYSDB-BACKEND-7-MISMATCH EM-2584 %SYSDB-BACKUPDB-7-INTERNAL EM-2584 %SYSDB-BAG-7-INTERNAL EM-2584 %SYSDB-IXDB-3-GC_ERROR EM-2585 %SYSDB-LIBSYSDB-4-CFG_SIZE_CRIT EM-2585 %SYSDB-LIBSYSDB-6-CFG_SIZE_HIGH EM-2585 %SYSDB-LIBSYSDB-7-APPLY EM-2585 %SYSDB-LIBSYSDB-7-CERRNO_REG EM-2586 %SYSDB-LIBSYSDB-7-CFG_SIZE_LOW EM-2586 %SYSDB-LIBSYSDB-7-EDM_BIND EM-2586 %SYSDB-LIBSYSDB-7-INTERNAL EM-2586 %SYSDB-LIBSYSDB-7-LOCKING EM-2587 %SYSDB-LIBSYSDB-7-MULT_DEFAULTIFIERS EM-2587 %SYSDB-LIBSYSDB-7-PICKUP_FAILED EM-2587 %SYSDB-LIBSYSDB-7-RECONNECTION EM-2587 %SYSDB-LIBSYSDB-7-REFERRAL_COUNT EM-2588 %SYSDB-LIBSYSDB-7-RESTORE EM-2588 %SYSDB-LIBSYSDB-7-UNEXPECTED_SEND_ERROR EM- 2588 %SYSDB-REPLICATOR-3-BAD_HANDLENAME EM-2588 %SYSDB-REPLICATOR-3-IDT_FAIL EM-2589 %SYSDB-REPLICATOR-3-LARGE_HANDLE EM-2589 %SYSDB-REPLICATOR-3-WRITE_OWNERSHIP_FAIL EM- 2589 %SYSDB-REPLICATOR-7-BAD_MAGIC EM-2589 %SYSDB-REPLICATOR-7-CTX_NOT_FOUND EM-2590 %SYSDB-REPLICATOR-7-INTERNAL EM-2590 %SYSDB-REPLICATOR-7-LOCKING EM-2590 %SYSDB-REPLICATOR-7-MEMORY EM-2590Index EM-2736 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SYSDB-REPLICATOR-7-NO_CB EM-2590 %SYSDB-REPLICATOR-7-SEND_FAILED EM-2591 %SYSDB-REPLICATOR-7-UPDATE_FAILED EM-2591 %SYSDB-REPLICATOR-7-WRITE_OWNERSHIP EM-2591 %SYSDB-SMC-7-DEPRECATED_PATH EM-2591 %SYSDB-SMC-7-INTERNAL EM-2592 %SYSDB-SMC-7-INTERNAL_STATE EM-2592 %SYSDB-SMC-7-INVALID_PATH EM-2592 %SYSDB-SMC-7-MISSING_NODE_NFN EM-2592 %SYSDB-SMC-7-MULTI_NODE_TRANS EM-2592 %SYSDB-SMC-7-PARSE_FAILED EM-2593 %SYSDB-SMC-7-PROTOCOL EM-2593 %SYSDB-SMC-7-RESTARTING EM-2593 %SYSDB-SMC-7-TIMEOUT EM-2593 %SYSDB-SMC-7-TRANS EM-2594 %SYSDB-SMC-7-UNEXPECTED_MSG_TYPE EM-2594 %SYSDB-SMC-7-UNEXPECTED_MULTIPLE_RESPONSES EM-2594 %SYSDB-SMC-7-UNEXPECTED_VALUE EM-2594 %SYSDB-SMC-7-WRONG_PLANE EM-2594 %SYSDB-SMS-6-EDM_RESPONSE_TOO_BIG EM-2595 %SYSDB-SMS-7-INTERNAL EM-2595 %SYSDB-SMS-7-LOCKING EM-2595 %SYSDB-SMS-7-MISSING_NODE_NFN EM-2595 %SYSDB-SMS-7-PROTOCOL EM-2595 %SYSDB-SMS-7-REG_CONTEXT_EXISTS EM-2596 %SYSDB-SMS-7-REG_SEC_CONTEXT_EXISTS EM-2596 %SYSDB-SMS-7-REG_SEC_DEL_FAIL EM-2596 %SYSDB-SMS-7-REQUEST_REG_SEND_ERR EM-2596 %SYSDB-SMS-7-RESTARTING EM-2597 %SYSDB-SMS-7-SEND_RESPONSE EM-2597 %SYSDB-SMS-7-UNEXPECTED_MSG_TYPE EM-2597 %SYSDB-SMS-7-UNEXPECTED_VALUE EM-2597 %SYSDB-SYSDB-3-SC_BIND EM-2598 %SYSDB-SYSDB-3-SC_DATATYPERET EM-2598 %SYSDB-SYSDB-3-SC_EXTFMTSTR EM-2598 %SYSDB-SYSDB-3-SC_FILEREAD EM-2598 %SYSDB-SYSDB-3-SC_INTERR EM-2599 %SYSDB-SYSDB-3-SC_NOFILE EM-2599 %SYSDB-SYSDB-3-SC_PKDREAD EM-2599 %SYSDB-SYSDB-3-SC_PKDTUPLECRE EM-2599 %SYSDB-SYSDB-3-SC_PKDTUPLEFILE EM-2599 %SYSDB-SYSDB-3-SC_READERINIT EM-2600 %SYSDB-SYSDB-3-SC_UNPACKTUP EM-2600 %SYSDB-SYSDB-3-THREAD_EXIT EM-2600 %SYSDB-SYSDB-4-REPLICATOR_OOS EM-2600 %SYSDB-SYSDB-4-SC_ABORTBULK EM-2601 %SYSDB-SYSDB-4-SC_ABORTTRANS EM-2601 %SYSDB-SYSDB-4-SC_BAD_INTEGER EM-2601 %SYSDB-SYSDB-4-SC_BADFORMAT EM-2601 %SYSDB-SYSDB-4-SC_BIND_NOTFOUND EM-2601 %SYSDB-SYSDB-4-SC_BULK_NUM_OPS EM-2602 %SYSDB-SYSDB-4-SC_CFGMGR_ADD_DELETES EM-2602 %SYSDB-SYSDB-4-SC_CFGMGR_ADDDIFFS EM-2602 %SYSDB-SYSDB-4-SC_CFGMGR_DELETE EM-2602 %SYSDB-SYSDB-4-SC_CFGMGR_MERGE EM-2603 %SYSDB-SYSDB-4-SC_CFGMGR_REMOVE_DELETES EM- 2603 %SYSDB-SYSDB-4-SC_COMMITTRANS EM-2603 %SYSDB-SYSDB-4-SC_COPY EM-2603 %SYSDB-SYSDB-4-SC_CREATE EM-2604 %SYSDB-SYSDB-4-SC_DATAFIND EM-2604 %SYSDB-SYSDB-4-SC_DATALIST EM-2604 %SYSDB-SYSDB-4-SC_DATATYPE EM-2604 %SYSDB-SYSDB-4-SC_DELETE EM-2605 %SYSDB-SYSDB-4-SC_EDM_NOT EM-2605 %SYSDB-SYSDB-4-SC_ENDBULK EM-2605 %SYSDB-SYSDB-4-SC_ERRORSLIST EM-2605 %SYSDB-SYSDB-4-SC_EVENT EM-2606 %SYSDB-SYSDB-4-SC_EVENTFIND EM-2606 %SYSDB-SYSDB-4-SC_EXCESS EM-2606 %SYSDB-SYSDB-4-SC_FILERESTORE EM-2606 %SYSDB-SYSDB-4-SC_FILESAVE EM-2607 %SYSDB-SYSDB-4-SC_FIND EM-2607 %SYSDB-SYSDB-4-SC_GENERIC EM-2607 %SYSDB-SYSDB-4-SC_GET EM-2607 %SYSDB-SYSDB-4-SC_GET_ITEMS EM-2608 %SYSDB-SYSDB-4-SC_ITERATE EM-2608 %SYSDB-SYSDB-4-SC_LIST EM-2608 %SYSDB-SYSDB-4-SC_MISMATCH EM-2608 %SYSDB-SYSDB-4-SC_MISSEVENT EM-2609 %SYSDB-SYSDB-4-SC_MISSFILENAME EM-2609 %SYSDB-SYSDB-4-SC_MISSNAME EM-2609 %SYSDB-SYSDB-4-SC_MISSTYPE EM-2609 %SYSDB-SYSDB-4-SC_MISSVALUE EM-2609 %SYSDB-SYSDB-4-SC_PATHCREATE EM-2610 %SYSDB-SYSDB-4-SC_PKDFMTSTR EM-2610 %SYSDB-SYSDB-4-SC_RDLOCK EM-2610 %SYSDB-SYSDB-4-SC_REBIND EM-2610 %SYSDB-SYSDB-4-SC_REMOVE_BULK_OP EM-2611 %SYSDB-SYSDB-4-SC_SET EM-2611 %SYSDB-SYSDB-4-SC_STARTBULK EM-2611 %SYSDB-SYSDB-4-SC_STARTTRANS EM-2611 %SYSDB-SYSDB-4-SC_UNKCMD EM-2612 %SYSDB-SYSDB-4-SC_UNLOCK EM-2612 %SYSDB-SYSDB-4-SC_VERIFY EM-2612 %SYSDB-SYSDB-4-SC_VRFNRES EM-2612 %SYSDB-SYSDB-4-SC_VRFNSUSP EM-2613 %SYSDB-SYSDB-4-SC_WRLOCK EM-2613 %SYSDB-SYSDB-4-TIMEOUT_NFN EM-2613 %SYSDB-SYSDB-6-TIMEOUT_EDM EM-2613 %SYSDB-SYSDB-7-CFG_WRITE EM-2614 %SYSDB-SYSDB-7-CLIENT_STATS EM-2614 %SYSDB-SYSDB-7-CLIENT_STATS_MISMATCH EM-2614 %SYSDB-SYSDB-7-INFO EM-2614 %SYSDB-SYSDB-7-INTERNAL EM-2615 %SYSDB-SYSDB-7-INVALID_PATHNAME EM-2615 %SYSDB-SYSDB-7-LOCKING EM-2615 %SYSDB-SYSDB-7-LTRACE_INIT EM-2615 %SYSDB-SYSDB-7-REPLICATOR_NO_CB EM-2615 %SYSDB-SYSDB-7-REPLY EM-2616 %SYSDB-SYSDB-7-RPL_INIT EM-2616 %SYSDB-SYSDB-7-SEND EM-2616 %SYSDB-SYSDB-7-SHUTDOWN EM-2616 %SYSDB-SYSDB-7-STARTUP EM-2617 %SYSDB-SYSDB-7-USAGE EM-2617Index EM-2737 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01 %SYSDB-SYSDBHELPER-7-INTERNAL EM-2617 %SYSDB-SYSDBHELPER-7-LOCKING EM-2617 %SYSDB-SYSDBUTILS-7-INTERNAL EM-2618 %SYSDB-SYSDBUTILS-7-INTERNAL_NODEID_STR EM-26 18 %SYSDB-SYSDBUTILS-7-LOCKING EM-2618Index EM-2738 Cisco IOS XR System Error Message Reference Guide, Release 3.8.2 OL-20896-01